last executing test programs:

12m7.596872775s ago: executing program 1 (id=113):
syz_usbip_server_init(0x1) (async)
syz_usbip_server_init(0x1) (async)
syz_usbip_server_init(0x2)
syz_usbip_server_init(0x5) (async)
syz_usbip_server_init(0x0)
syz_usbip_server_init(0x4)
syz_usbip_server_init(0x3) (async)
syz_usbip_server_init(0x0) (async)
syz_usbip_server_init(0x3)

12m6.433036404s ago: executing program 1 (id=115):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x6, &(0x7f00000000c0)=@raw=[@generic={0x3, 0xe, 0xc, 0x1a93, 0x7}, @call={0x85, 0x0, 0x0, 0x50}, @generic={0x8, 0xa, 0x4, 0x7, 0x10000}, @generic={0xd, 0xb, 0x2, 0xfffb, 0x200}, @ldst={0x2, 0x0, 0x2, 0x8, 0x2, 0x6, 0x10}, @ldst={0x2, 0x2, 0x6, 0x8, 0x1, 0xffffffffffffffff, 0xfffffffffffffff0}], &(0x7f0000000080)='syzkaller\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x2000000}, 0x10}, 0x94)
r0 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000100)=[@cpuid={0x2, 0x18, {0x9, 0xb659}}, @cpuid={0x2, 0x18, {0x2, 0x8000}}, @code={0x1, 0x53, {"650f09460f01c20f20d835080000000f22d8420f20e3c42179f637c401a5e4d80f463866ba410066b8f6ff66efb9b9030000b8bc000000ba000000000f30360f01cb"}}, @uexit={0x0, 0x18, 0x8000}, @uexit={0x0, 0x18, 0x7fffffffffffffff}, @uexit={0x0, 0x18, 0xff}, @code={0x1, 0x74, {"f2f20f35660f3a0f5b078a48b86576e437000000000f23c00f21f83501000c000f23f80f20e035000200000f22e02e670fc76e8d470fc7bcc10080000066baf80cb8303c788eef66bafc0ced66baf80cb86ec34b86ef66bafc0cb005ee0f01caf247ab"}}, @code={0x1, 0x6e, {"b8010000000f01c16564d02d0000000066bad104b024ee36f0819ca101daca2906000000b805000000b9032300000f01d93666420ffdb6e1000000c4a115d086d924000066baa00066b80f0066efc423f90ac215f3440fc7b787863635"}}, @code={0x1, 0x4c, {"0f01ca66b8ef008ed8c4028bf73c59c482358c6d3d66baa000ec0f7991f69f0000b805000000b9000000800f01d9c441fe7fdfc4017e16f0260f30"}}, @code={0x1, 0x72, {"660f3815a322570000b92d0200000f3266baf80cb80c99218fef66bafc0cedb9d30800000f320fc73494c4c35d06710b3c48b88000c0fe000000000f23d00f21f8353000000e0f23f8b8010000000f01d966660f38801553ad0000c4c1b573d300"}}, @uexit={0x0, 0x18, 0x1}, @uexit={0x0, 0x18, 0x6d}, @cpuid={0x2, 0x18, {0x7, 0x7}}, @code={0x1, 0x92, {"66baf80cb8ac902e8aef66bafc0c66b8b55066ef66410f388187003000003666400f3a611c2b0066640f06b90d0a0000b800000000ba008000000f3066b84e000f00d048b800100000000000000f23c00f21f835030001000f23f80f20c035000001000f22c00f00d848b8c0797f1bd5a05f100f23c00f21f835020009000f23f8"}}, @cpuid={0x2, 0x18, {0x1, 0x5}}, @code={0x1, 0x66, {"66ba2000b006eec402fd9e8900000000f0010a6467f3a40faa66baf80cb8c5576282ef66bafc0cec0f080f9cbefb0000008fe8588e445c22c6c744240008000000c7442402630a0000c7442406000000000f011424"}}, @uexit={0x0, 0x18, 0x9}, @code={0x1, 0x73, {"0f20e035000001000f22e0c74424008a7c3598c744240268000000c7442406000000000f011c2466400fae7e00b97d080000b800000000ba010000000f300f01c8b9800000c00f3235000400000f30c4c1792827660f16280f205d0f7983b18a0000"}}, @code={0x1, 0x57, {"b9800000c00f3235000800000f30660fdb45000f01cb2e0f7871053edb7b00b9be0300000f3266ba400066b8d59366ef66b824010f00d8c4e112592366ba6100b8660ae105ef"}}, @uexit={0x0, 0x18, 0x1ff}], 0x4bd})
ioctl$KVM_GET_REGS(r0, 0x8090ae81, &(0x7f0000000640))
r1 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r1, 0x8)
r2 = accept4(r1, 0x0, 0x0, 0x80000)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x18)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f0000000080), 0x10)
sendmsg$can_bcm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0)
sendmsg$can_bcm(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="0500000000e0ffffffffffff", @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000008001"], 0x48}}, 0x0)
sendmsg$can_bcm(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYRES32=r4], 0x48}}, 0x0)
setsockopt(r2, 0x84, 0x81, &(0x7f00000001c0)="020000000980ffff", 0x8)
ioctl$KVM_SET_CPUID2(r0, 0x4008ae90, &(0x7f0000000780)={0x4, 0x0, [{0x80000012, 0x9, 0x2, 0x80000001, 0x0, 0xc, 0x6}, {0xb, 0x4, 0x1, 0x3, 0x2ac03c35, 0x8, 0x9}, {0xa, 0xf, 0x5, 0x0, 0x7fff, 0x6, 0x8001}, {0x2, 0xfffffffd, 0x3, 0x3, 0x6, 0x4, 0x4}]})
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000700)={0x0, @multicast2}, &(0x7f0000000740)=0xc)

12m4.883848937s ago: executing program 1 (id=120):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)

12m4.221043203s ago: executing program 1 (id=122):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@window, @window={0x3, 0x2, 0x1}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @sack_perm, @timestamp, @mss={0x2, 0x1}, @sack_perm], 0x8)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd03b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x805, 0x0, 0x6)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x80000006}]}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x4)
write(r2, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r3, 0xc02c564a, &(0x7f0000000a00)={0xc, 0x6b17110b, 0x3, @stepwise={0x2, 0xffc, 0x0, 0x6, 0x7, 0xfffffffb}})
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
syz_usb_connect(0x2, 0x2d, 0x0, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f0000000100)={0x1d, r5}, 0x18)
connect$can_j1939(r4, &(0x7f0000000080)={0x1d, r5, 0x0, {0x0, 0xf0, 0x2}, 0x1}, 0x18)
sendmsg$can_j1939(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)='.', 0x1a000}}, 0x0)
r6 = fcntl$dupfd(r4, 0x406, r4)
sendmsg$xdp(r6, &(0x7f0000000140)={&(0x7f00000000c0)={0x2c, 0x0, r5, 0x26}, 0x10, 0x0}, 0x8000)
syz_usb_connect(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="120100006325a640402000494d4d000000010902240001003a15000904000002214c6a0009050708000000da00090589"], 0x0)
read(0xffffffffffffffff, &(0x7f0000000780)=""/255, 0xff)

11m58.182178331s ago: executing program 1 (id=133):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
setresgid(0xee00, 0xee01, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8000, 0x0, 0x4, 0x2)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

11m53.407402087s ago: executing program 1 (id=145):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c)
recvmmsg$unix(r1, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000340)="eecc873464eca06f7684326298fc2b8511bb4898d69a4be23539", 0x1a}], 0x1, 0x0, 0x45}}], 0x1, 0x9200000000000000)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0xa0, r2, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffff7}, @IPVS_CMD_ATTR_DAEMON={0x84, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x9}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xf7}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'geneve1\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'pimreg1\x00'}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000300), 0x2)
r4 = dup2(r0, r3)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f00000002c0)={0x1})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r5=>0xffffffffffffffff})
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r6)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x30, r7, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x30}, 0x4, 0x700000000000000}, 0x8850)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x305)
r8 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r8, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
syz_usb_connect(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0x43, 0x92, 0xd5, 0x20, 0x54c, 0x6c3, 0xeb7a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x8, 0x87, 0x70, 0x7, [{{0x9, 0x4, 0xcb, 0x1, 0x2, 0x4f, 0x3e, 0xaf, 0xb5, [], [{{0x9, 0x5, 0xe81eb71784d4b393, 0x2, 0x400, 0x9, 0x5, 0x2e}}, {{0x9, 0x5, 0xb, 0x2, 0x3ff, 0x7, 0x9, 0x5}}]}}]}}]}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r9 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r9, &(0x7f0000002700)=""/102392, 0x18ff8)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r10 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read(r10, &(0x7f0000000040)=""/148, 0xffffff96)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000240)={'bridge_slave_1\x00', <r11=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c0000001000014400"/20, @ANYRES32=r11, @ANYBLOB="000000000000000024001280110001006272696467655f736c617665000000000c000580050019"], 0x4c}}, 0x0)

11m37.998899699s ago: executing program 32 (id=145):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c)
recvmmsg$unix(r1, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000340)="eecc873464eca06f7684326298fc2b8511bb4898d69a4be23539", 0x1a}], 0x1, 0x0, 0x45}}], 0x1, 0x9200000000000000)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0xa0, r2, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffff7}, @IPVS_CMD_ATTR_DAEMON={0x84, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x9}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xf7}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'geneve1\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'pimreg1\x00'}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000300), 0x2)
r4 = dup2(r0, r3)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f00000002c0)={0x1})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r5=>0xffffffffffffffff})
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r6)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x30, r7, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x30}, 0x4, 0x700000000000000}, 0x8850)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x305)
r8 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r8, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
syz_usb_connect(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0x43, 0x92, 0xd5, 0x20, 0x54c, 0x6c3, 0xeb7a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x8, 0x87, 0x70, 0x7, [{{0x9, 0x4, 0xcb, 0x1, 0x2, 0x4f, 0x3e, 0xaf, 0xb5, [], [{{0x9, 0x5, 0xe81eb71784d4b393, 0x2, 0x400, 0x9, 0x5, 0x2e}}, {{0x9, 0x5, 0xb, 0x2, 0x3ff, 0x7, 0x9, 0x5}}]}}]}}]}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r9 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r9, &(0x7f0000002700)=""/102392, 0x18ff8)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r10 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read(r10, &(0x7f0000000040)=""/148, 0xffffff96)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000240)={'bridge_slave_1\x00', <r11=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c0000001000014400"/20, @ANYRES32=r11, @ANYBLOB="000000000000000024001280110001006272696467655f736c617665000000000c000580050019"], 0x4c}}, 0x0)

9.678982357s ago: executing program 2 (id=2031):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000d40)=ANY=[@ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
r1 = syz_open_dev$video(&(0x7f0000000000), 0x8000, 0x0)
ioctl$VIDIOC_G_PARM(r1, 0xc0cc5615, &(0x7f0000000040)={0x2, @raw_data="e0dedf80a73f33e753dc5db16acd2fa0bdba8cc86c59f74e813b9ace83b8dadfa2f1fdcd3bcc0a1e58a78e8f8d97b5de16c01fd37f1d680dfccea1092e6c70fa43ed53e66726f0f5b29049241262dffd377642d1c7710356670a74687bdc38d15a58fe11a7f464381a8b65b451e9088dc49070bae5538d2e3cf5055dfbae9eddb93380e625bdf5ab31a2715ad66c44220d59891803fdbdf23eedd3d690b68d577d396446a6421ec8d89313ffa97de93eb9a706c63acea509b05710b63afc863ea36017ac4b9c3509"})

9.591676606s ago: executing program 5 (id=2033):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000002000010000000000000000000a000080ffffffffffff0000140011"], 0x30}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="940000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000640012800b0001006970366772650000540002800800150061db0a0008000100", @ANYRES32, @ANYBLOB="14000700fe8000000000000000000000000000aa08000d005fe1ffff060010004e22000008000500200c000014000600fc"], 0x94}}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x4e21, @remote}, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_open_dev$sg(0x0, 0x0, 0x0)
socket$inet(0x2, 0x1, 0x100)
r2 = inotify_init1(0x0)
r3 = getpid()
r4 = epoll_create1(0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000000240)={0x20000006})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000100))
kcmp$KCMP_EPOLL_TFD(r3, r3, 0x7, r5, &(0x7f0000000280)={r4, r2, 0x5})

9.58232335s ago: executing program 2 (id=2034):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000080)="c744240000180000c7442402c7665dd0c7442406000000000f011c24f30fae639e6526660f383cc1f30f090f01c926660fd07e0066b83a010f00d8c4c12171e6000fc7b05626c27f3e0f72f699", 0x4d}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x38)

8.875660953s ago: executing program 5 (id=2036):
socket$phonet_pipe(0x23, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x400000bce)
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000200)={0x6, 0x8, 0x3, {0x1, @pix_mp={0x1ff, 0xffffff93, 0x384c4150, 0x7, 0x4, [{0xc, 0x400}, {0x8001, 0x5}, {0x7, 0x3}, {0x4d, 0xc1d}, {0x8001, 0x3}, {0xd90, 0xb}, {0x4, 0xa}, {0xc0, 0x2}], 0xa, 0x4, 0x4, 0x1, 0x2}}, 0x9})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x4080)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$BLKRAGET(r1, 0x1263, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000500)={0x0, <r3=>0x0})
sched_setaffinity(r3, 0x8, &(0x7f0000000180)=0x86)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, 0xffffffffffffffff, 0xb8825000)
socketpair(0x29, 0x1, 0x7fffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r5=>0x0})
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCADDRT(r6, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x21, @dev={0xac, 0x14, 0x14, 0xff}}, {0x2, 0x0, @local}, {0x2, 0x4e20, @broadcast}, 0x19b, 0x0, 0x0, 0x0, 0xfffd})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x1ff, {0x0, 0x0, 0x0, r5, {0xfff2}, {}, {0x8, 0x10}}}, 0x24}}, 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000480)={'\x00', 0xf16b, 0x80, 0x5, 0x9, 0x8eb})
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1}, 0x48)
r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r7, 0x4068aea3, &(0x7f0000000200))

8.632896538s ago: executing program 2 (id=2038):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$vimc1(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001c00)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$PTP_PIN_SETFUNC(r1, 0x40603d07, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'hsr0\x00', <r3=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000000)={r3, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x10)

7.652236648s ago: executing program 5 (id=2040):
socket$key(0xf, 0x3, 0x2)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2b, 0x4, {{@in6=@loopback, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x200000, 0x20000000, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x820000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@empty, 0x0, 0x3c}, 0x2, @in=@multicast1, 0x6, 0x4, 0x3}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, 0x0)
r3 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, '\x00', 0x18}}, 0x1c, 0x0}}], 0x1, 0x0)
r4 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x242800, 0x0)
sendmsg$key(r4, &(0x7f0000000480)={0x400000000000000, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x0, 0x2, 0x0, 0x70bd28}, 0x10}}, 0x0)

7.606177321s ago: executing program 3 (id=2041):
socket$phonet_pipe(0x23, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x400000bce)
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000200)={0x6, 0x8, 0x3, {0x1, @pix_mp={0x1ff, 0xffffff93, 0x384c4150, 0x7, 0x4, [{0xc, 0x400}, {0x8001, 0x5}, {0x7, 0x3}, {0x4d, 0xc1d}, {0x8001, 0x3}, {0xd90, 0xb}, {0x4, 0xa}, {0xc0, 0x2}], 0xa, 0x4, 0x4, 0x1, 0x2}}, 0x9})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x4080)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$BLKRAGET(r1, 0x1263, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000500)={0x0, <r3=>0x0})
sched_setaffinity(r3, 0x8, &(0x7f0000000180)=0x86)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, 0xffffffffffffffff, 0xb8825000)
socketpair(0x29, 0x1, 0x7fffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r5=>0x0})
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x21, @dev={0xac, 0x14, 0x14, 0xff}}, {0x2, 0x0, @local}, {0x2, 0x4e20, @broadcast}, 0x19b, 0x0, 0x0, 0x0, 0xfffd})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x1ff, {0x0, 0x0, 0x0, r5, {0xfff2}, {}, {0x8, 0x10}}}, 0x24}}, 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000480)={'\x00', 0xf16b, 0x80, 0x5, 0x9, 0x8eb})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1}, 0x48)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r8, 0x4068aea3, &(0x7f0000000200))
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000400)={r6, 0x0, 0x20000000}, 0x20)

7.511877427s ago: executing program 5 (id=2042):
socket$alg(0x26, 0x5, 0x0) (async)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
sendmsg$DEVLINK_CMD_PORT_GET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x84, 0x0, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}}, {{@pci={{0x8}, {0x11}}, {0x8}}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000001}, 0x20000003)
ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f0000000180)={0x1, 0x283, 0x0, &(0x7f0000000340)})
ioctl$KVM_SET_CLOCK(r2, 0x4188aec6, &(0x7f0000000040)={0x1, 0x8, 0x0, 0x20000000000000}) (async)
ioctl$KVM_SET_CLOCK(r2, 0x4188aec6, &(0x7f0000000040)={0x1, 0x8, 0x0, 0x20000000000000})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
setrlimit(0x6, 0x0) (async)
setrlimit(0x6, 0x0)
getpid() (async)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000000c0)='htcp\x00', 0x5)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) (async)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
mq_open(&(0x7f0000000100)='&\x00', 0x40, 0x100, 0x0)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r5, &(0x7f0000002680)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="18", 0x1}], 0x1}}], 0x1, 0x0)
shutdown(r5, 0x1)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) (async)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r6 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r6, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) (async)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e) (async)
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0) (async)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

6.527576111s ago: executing program 2 (id=2044):
syz_open_procfs(0x0, &(0x7f0000000080)='net/igmp\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x10, 0x2, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_io_uring_setup(0x19f2, &(0x7f0000000300)={0x0, 0x0, 0x10100, 0x8000000}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, 0x24}, 0x94)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[@ANYRES64=r4], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, r5, 0x0})
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

6.087261336s ago: executing program 4 (id=2046):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000002000010000000000000000000a000080ffffffffffff0000140011"], 0x30}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="940000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000640012800b0001006970366772650000540002800800150061db0a0008000100", @ANYRES32, @ANYBLOB="14000700fe8000000000000000000000000000aa08000d005fe1ffff060010004e22000008000500200c000014000600fc"], 0x94}}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x4e21, @remote}, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_open_dev$sg(0x0, 0x0, 0x0)
socket$inet(0x2, 0x1, 0x100)
r2 = inotify_init1(0x0)
r3 = getpid()
r4 = epoll_create1(0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000000240)={0x20000006})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000100))
kcmp$KCMP_EPOLL_TFD(r3, r3, 0x7, r5, &(0x7f0000000280)={r4, r2, 0x5})

6.018958288s ago: executing program 0 (id=2047):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x2000007, 0x12, r0, 0x12574000)
ioctl$BTRFS_IOC_BALANCE_CTL(r0, 0x40049421, 0x1)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000040), 0x4)
r2 = socket$rds(0x15, 0x5, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0xf, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000055090100000000009500000000000000bf98000000000000b5080000000000005c00000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r4, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000001200)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, 0x8, 0x0, 0x0}}, 0x10)
bind$rds(r2, &(0x7f0000000080)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendmsg$rds(r2, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1, 0x1000000000000}}], 0x48}, 0x0)

6.018504023s ago: executing program 3 (id=2048):
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x10, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000480)=ANY=[@ANYRES8, @ANYBLOB="1000000000006536009eb86a60c709d6b6cac4c2a01a50b07800b705000008000022f0cdddfcc01d16bb487550749a9ed6d31bb0ee310b47c89df970f511a3f4de21ae6f2cdc5b1cc7dc8b7b512942c56fc9ab47414ca3affd994818e3accfd2c67fca94156fa673f7cda52c5ba70c6f50f975cf77dd86300c2ee338d3600cc6853e1dbd5a5ddc1ef9444d36639fe4"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
acct(&(0x7f00000001c0)='./file0\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x40f00, 0x67, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_setup(0x8, &(0x7f0000004200))
open(&(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x80)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00'}, 0x10)
r0 = creat(0x0, 0x0)
fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_default\x00', 0x0, 0xfe44, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000080)=0x40000)
ppoll(&(0x7f00000000c0)=[{r1, 0x4}], 0x1, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f00000034c0)=0x9)
io_pgetevents(0x0, 0x6, 0x1, &(0x7f0000000340)=[{}], &(0x7f0000000380), &(0x7f0000000600)={&(0x7f00000005c0)={[0x9]}, 0x8})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r2, 0x5607, 0x2c)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
ioctl$TIOCL_SETVESABLANK(r4, 0x560e, &(0x7f0000000140))
r5 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$VT_ACTIVATE(r5, 0x5606, 0x4)

5.987574456s ago: executing program 2 (id=2049):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000180)=0x8, 0x4)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3}, 0x1c)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x71)
read$FUSE(0xffffffffffffffff, &(0x7f0000000280)={0x2020}, 0x2020)
getresuid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080))
r1 = syz_io_uring_setup(0x9e, &(0x7f0000000000)={0x0, 0xec25, 0x0, 0x2, 0x40000333}, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
io_uring_setup(0x1b7b, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6007, @fd_index=0x4, 0x0, &(0x7f00000002c0)})
io_uring_enter(r1, 0x47ba, 0x2000000, 0x0, 0x0, 0x0)

5.847880802s ago: executing program 4 (id=2050):
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x3, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000140), 0x3ffffffffffffffd, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000300)={0x6, 0x8000, 0x9})
r4 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000e80)={'filter\x00', 0x7, 0x4, 0x3c8, 0x1f8, 0x110, 0x0, 0x2e0, 0x110, 0x2e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @multicast1, @local, 0x8}}}, {{@arp={@remote, @multicast2, 0xffffff00, 0xff, 0x9, 0x9, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, {[0xff, 0x0, 0xff, 0xff, 0xff]}}, {@empty, {[0xff, 0xff, 0x0, 0xff, 0xff, 0xff]}}, 0x7, 0xe, 0x40, 0xfffd, 0x0, 0x5, 'syz_tun\x00', 'gre0\x00', {0xff}, {0xff}, 0x0, 0x4}, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x78, 0x8, 0x3}}}, {{@arp={@empty, @dev={0xac, 0x14, 0x14, 0x1a}, 0xffffff00, 0x0, 0x2, 0x0, {@empty, {[0xff, 0x0, 0xff, 0x0, 0x0, 0xff]}}, {@mac=@random="290c176c978f", {[0x7f, 0xff, 0xff, 0x0, 0x0, 0xff]}}, 0xb7, 0x5, 0x0, 0xa7fb, 0x7, 0x800, 'veth1_to_batadv\x00', 'dvmrp1\x00', {}, {0xff}, 0x0, 0x2f2c2646b822bef8}, 0xc0, 0xe8}, @unspec=@AUDIT={0x28, 'AUDIT\x00', 0x0, {0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000200)={0x0, 0x0, r6, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000440)={r7, 0x0, 0x0, 0x0, 0x0, [<r8=>0x0], [0x0, 0x1, 0x0, 0x1], [0x0, 0x20, 0x0, 0x80000000], [0x0, 0x0, 0x4]})
ioctl$DRM_IOCTL_GEM_FLINK(r3, 0xc008640a, &(0x7f0000000100)={r8})
ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, &(0x7f0000000000)={r8})
ioctl$DRM_IOCTL_GEM_FLINK(r2, 0xc008640a, &(0x7f0000000040)={r8})
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r9, @ANYBLOB="010025bdf000ffffffff03000000b00001800d0001007564703a73797a32000000002c0004001400010002004e20ac14142400000000000000001400020002004e22ac14141c00000000000000002c000280080001001300006f"], 0xc4}, 0x1, 0x0, 0x0, 0x40810}, 0x40)
ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000100)={@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x63, 0xffffffffffff0001, 0x0, [@default, @null, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @default]})

5.266576725s ago: executing program 2 (id=2051):
socket$phonet_pipe(0x23, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x400000bce)
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000200)={0x6, 0x8, 0x3, {0x1, @pix_mp={0x1ff, 0xffffff93, 0x384c4150, 0x7, 0x4, [{0xc, 0x400}, {0x8001, 0x5}, {0x7, 0x3}, {0x4d, 0xc1d}, {0x8001, 0x3}, {0xd90, 0xb}, {0x4, 0xa}, {0xc0, 0x2}], 0xa, 0x4, 0x4, 0x1, 0x2}}, 0x9})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x4080)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$BLKRAGET(r1, 0x1263, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000500)={0x0, <r3=>0x0})
sched_setaffinity(r3, 0x8, &(0x7f0000000180)=0x86)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, 0xffffffffffffffff, 0xb8825000)
socketpair(0x29, 0x1, 0x7fffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r5=>0x0})
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCADDRT(r6, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x21, @dev={0xac, 0x14, 0x14, 0xff}}, {0x2, 0x0, @local}, {0x2, 0x4e20, @broadcast}, 0x19b, 0x0, 0x0, 0x0, 0xfffd})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x1ff, {0x0, 0x0, 0x0, r5, {0xfff2}, {}, {0x8, 0x10}}}, 0x24}}, 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000480)={'\x00', 0xf16b, 0x80, 0x5, 0x9, 0x8eb})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r8, 0x4068aea3, &(0x7f0000000200))

5.237085092s ago: executing program 5 (id=2052):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
dup(r0)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000004}, 0x94)
poll(&(0x7f0000002a40), 0x0, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x1e8629867d7bdaee, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)

4.931763304s ago: executing program 4 (id=2053):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') (async)
readlinkat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000012c0)=""/168, 0xa8)
syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) (async, rerun: 32)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (rerun: 32)
r3 = syz_open_dev$vbi(0x0, 0x1, 0x2)
ioctl$VIDIOC_S_OUTPUT(r3, 0xc004562f, &(0x7f00000000c0)=0x1)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) (async)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000b40)=@filter={'filter\x00', 0x4, 0x4, 0x4a0, 0xffffffff, 0xe8, 0x0, 0xe8, 0xfeffffff, 0xffffffff, 0x3d0, 0x3d0, 0x3d0, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xff000000, 0xffffffff, 0xffffffff, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0x138, 0x160, 0x0, {}, [@common=@srh1={{0x90}, {0x21, 0x12, 0xbe, 0x7, 0x5aa9, @ipv4={'\x00', '\xff\xff', @empty}, @private1, @local, [0xff000000, 0xff000000], [0xffffff00, 0xff000000, 0xff], [0x0, 0xffffff, 0xffffff00, 0x7fffff7f], 0x4000}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@uncond, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x1d0, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x3, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, @private1, [0x0, 0x0, 0xff, 0xff], [0x0, 0xffffff00], [0x0, 0xff000000], 0x843, 0x1400}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x500) (async)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-sse2\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0) (async)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)=0x800000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x16, 0x0, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff430500001100", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r6, 0x400452c8, &(0x7f0000000100)) (async, rerun: 64)
r7 = accept4(r5, 0x0, 0x0, 0x0) (rerun: 64)
syz_genetlink_get_family_id$devlink(&(0x7f0000000440), r7) (async, rerun: 32)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x1e, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x65, 0x0, 0x0, 0x0, 0x80000001}, [@btf_id={0x18, 0x9, 0x3, 0x0, 0x2}, @cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffff8}, @tail_call, @jmp={0x5, 0x1, 0xd, 0x7, 0x5, 0x40, 0x10}, @call={0x85, 0x0, 0x0, 0x46}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @exit, @map_val={0x18, 0x4, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}]}, &(0x7f00000003c0)='GPL\x00', 0xc, 0x32, &(0x7f0000000400)=""/50, 0x41000, 0x27, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x7, 0x2}, 0x8, 0x10, &(0x7f00000004c0)={0x3, 0xb, 0x2, 0x6}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000500)=[{0x1, 0x2, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x7}], 0x10, 0x5}, 0x94) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000280)='fscache_invalidate\x00', r8, 0x0, 0x7ff}, 0x18)

4.931223843s ago: executing program 0 (id=2054):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$vimc1(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001c00)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$PTP_PIN_SETFUNC(r1, 0x40603d07, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'hsr0\x00', <r3=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000000)={r3, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x10)

4.12683994s ago: executing program 5 (id=2055):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', <r1=>0x0})
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="b402000008000000591100000000000085000000a4000000950000e1ffffff00359bb9f43d86b136000000008762000000f3"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0xc5, &(0x7f0000000300)=""/197, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x4}, 0x8, 0x10, &(0x7f00000002c0), 0x10}, 0x94)
connect$can_bcm(r2, &(0x7f0000000080)={0x1d, r1}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r1, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
timer_create(0x8, 0x0, &(0x7f0000bbdffc))
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=0000'])
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000018dfde1035121000822953050a01090212000100000000090400"], 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$IEEE802154_LIST_PHY(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)={0x14, r5, 0x30b, 0x0, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x44}, 0x20000004)
prctl$PR_MCE_KILL(0x23, 0x9, 0x7fffffffeffe)
recvmsg$can_bcm(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000980)}, 0x2200)

3.478598462s ago: executing program 4 (id=2056):
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
ioctl$SIOCAX25CTLCON(r0, 0x8917, &(0x7f0000000100)={@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x63, 0xffffffffffff0001, 0x0, [@default, @null, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @default]})

3.461720151s ago: executing program 3 (id=2057):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x6, 0x40982)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x3, 0x1, 0xa})
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setreuid(0xee01, 0x0)
ioprio_get$uid(0x3, 0xee01)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x7, 0x161416c23e3bb4c5)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000001a40)={0x1f, 0xffff, 0x3}, 0x6)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)}, &(0x7f0000000080)=0x10)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
syz_emit_ethernet(0x75, &(0x7f0000000300)=ANY=[], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
r3 = socket(0x10, 0x5, 0x3ff)
getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
sendmsg$SEG6_CMD_SET_TUNSRC(r3, 0x0, 0x240048d5)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x169a82, 0x18c)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
syslog(0x2, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000001080)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000300)={r5, 0x10, "a5e49c655b78596116de78f9bc1fb4a7"}, &(0x7f0000000340)=0x18)

2.035906608s ago: executing program 3 (id=2058):
socket$phonet_pipe(0x23, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x400000bce)
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000200)={0x6, 0x8, 0x3, {0x1, @pix_mp={0x1ff, 0xffffff93, 0x384c4150, 0x7, 0x4, [{0xc, 0x400}, {0x8001, 0x5}, {0x7, 0x3}, {0x4d, 0xc1d}, {0x8001, 0x3}, {0xd90, 0xb}, {0x4, 0xa}, {0xc0, 0x2}], 0xa, 0x4, 0x4, 0x1, 0x2}}, 0x9})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x4080)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$BLKRAGET(r1, 0x1263, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000500)={0x0, <r3=>0x0})
sched_setaffinity(r3, 0x8, &(0x7f0000000180)=0x86)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, 0xffffffffffffffff, 0xb8825000)
socketpair(0x29, 0x1, 0x7fffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r5=>0x0})
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x21, @dev={0xac, 0x14, 0x14, 0xff}}, {0x2, 0x0, @local}, {0x2, 0x4e20, @broadcast}, 0x19b, 0x0, 0x0, 0x0, 0xfffd})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x1ff, {0x0, 0x0, 0x0, r5, {0xfff2}, {}, {0x8, 0x10}}}, 0x24}}, 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000480)={'\x00', 0xf16b, 0x80, 0x5, 0x9, 0x8eb})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1}, 0x48)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r8, 0x4068aea3, &(0x7f0000000200))
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000400)={r6, 0x0, 0x20000000}, 0x20)

1.92912655s ago: executing program 4 (id=2059):
syz_open_procfs(0x0, &(0x7f0000000080)='net/igmp\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x10, 0x2, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_io_uring_setup(0x19f2, &(0x7f0000000300)={0x0, 0x0, 0x10100, 0x8000000}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, 0x24}, 0x94)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[@ANYRES64=r4], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, r5, 0x0})
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

1.375948279s ago: executing program 0 (id=2060):
socket$xdp(0x2c, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000495"], &(0x7f00000003c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
mknod$loop(&(0x7f00000190c0)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000019100)='./file0\x00', 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00')
syz_open_procfs(0xffffffffffffffff, &(0x7f0000002f00)='fdinfo\x00') (fail_nth: 5)

813.281909ms ago: executing program 0 (id=2061):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x88)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[], 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1, 0x5d032, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x80)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB, @ANYRESHEX=r1, @ANYBLOB, @ANYRESDEC=0x0, @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
mknod$loop(&(0x7f00000002c0)='./file0/../file0/file0\x00', 0xffffc000, 0x0)
write$FUSE_INIT(r1, &(0x7f0000000380)={0x50, 0xffffffffffffffda, r2, {0x7, 0x28, 0x0, 0x40689ce0, 0x0, 0x4, 0x0, 0xfffffffd, 0x0, 0x0, 0x8, 0xfffffffc}}, 0x50)
r3 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r3, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000700)={0xe0, 0x10, 0x50b, 0x0, 0x0, "", [@generic="6f6d8864d22a3f2ffaa46c88bc", @typed={0xa9, 0x0, 0x0, 0x0, @binary="2b0e13e735a3184f1b3d6da2f1acfac0ee50d2b184b27db1f302de337c0004060000000000bf852c89867f6691b01b2d44e4ff2d5f28732c5f289423debbb86f9dba4a2dba4dbe076c02262600c446a567de243ab0d67683f7bb11c9cab3b3eed8a8bef4ff1631aa78acefca03c1a66db4424a8ba100022db228bb7b5eb5100100000000000000a0912086d9f4606d2e4cc898739222c5d3a83cb6b707f3336336ebb7d681"}, @nested={0x11, 0x0, 0x0, 0x1, [@generic="a64a6f8911da357ba323a96d75"]}]}, 0xe0}], 0x1}, 0x0)
syz_fuse_handle_req(r1, 0x0, 0x0, 0x0)
syz_fuse_handle_req(r1, &(0x7f0000006680)="8e503ba12553ae35664093744598ff2ed98313cfeff69bbb1f3ba451bc98d27cf439225d75522ac543a153ac5284bf131a87e53d0b20f8dddcb2af841def3e560070344be18fcee4983553ba856738012b512e3dc760fb581a17e5622e0e22e22546476d6cc6d6d94d828a2fa22ec77a1cf082f5ca88f1f8976e8b6c3a7a537f8f50b432bf4df69c912bfcc539a65851f86b23f24e714e0643429ec1198ea1647316538a3ce23fad21e19e087c0dedc7aa6d5e4b0dcbfcbe22c857f5a848aef15126b9ecc810249cbbc82c8b6ba49e46b71cb79f6ef9449d0838b9130946398941a4c64f6e2d84118b60ed4ccfed8a26446032fecf87434e71b7989253f64feb6d2e1013673a9600b1915174e55ad78d1d666fb75c24142e44ceca89a18ca66b4b5e66ba953ca42fb6a36d4a3612a2948393f67a7d1d0957a8553c73855fd007abbb6c3d4bbc943f3b102bb2ea6f40e714516a3de91acc6e1468e9e7b66ee57815da23054153d9d5fca6bdb26ed8f7754d88154d46df2f2e4964ee5d7f47e9218d6877c3b232c945cddeef70b24e5c6c434fa30fd0a2ad1c348c3658494f7cfdfb6bb56b43f1d9b2d049c1166161c3232ada01f3c789b2d6958cdd9f044a654f8397d64cb928f4d57f0c4e9739afbf3afbf0e9f84d56a1aba6db7538d98404b7cdfa97f8770a6df4a13145c1d0cfb7ec0349b5639d9180eada54b2f8c12472fb379901e6d514fbfd6d41d2dd77eb42608a784fc016ae48fb126776b10be5c03f62ec90987e766d20d821a17c03e0d867f4aa3f4902fb803e8261833aa9397e107e6c100daa3d8b792bf4b5081ef56670762b5ae3f528836029ca332f44fcc5cf3750f39091985032afa8dd2e80b69cbffc29aa13fcdc0ff811a108794b4154ecaf70e58a9f70a573cf9d1040e23f5a04a873a583e4ab0fa5f77d620c60f0a45cdc789b849e9e8746528846bbbf8251a84f2aa97ccc3e49f4c9b6abf0248344e86a71486eba9e62ff5920bb80ceccc5813f068da0d5aa208c440b7889118d2f4e8baf22a84544f232d6a3a1aedf31d5fc22f0ece56ac611b1363ff35e5071342a0257d3f146dc3ea1cc795d2f06afeb1d6995e50eb2d2d21dc6c4377a2626dd9486446517d03a4a03c43ef2e255a92b775c198bfe92c21375599235aac33c69190bbbfaad76860d0c9e70ad53273460c370b06bdf94ee8bfc31c48609ff6de0d39f873ec11e8c2835f17b3f18891c8ae335a7074fb5a5c794007a327fbb2622e71d62e43f50a00cc59b7eeb3f8ceed5d87fa5eb62a7a8c74ec90b1096a0b24606bf14b1f13f78ea4ab522304c7ca1d7b8ae47b5859f6a0d9baf3b6ffd29a4fb6782732febcfa51446aa87691ac81bf891717fbf8e4deaccac63477d3bc7b8ed52e9b6ca3fd39eefee6a337c2ad76df9739e2fbff34bf36027be0cfbebfe5b2fd168d75b2fd64479e2faf85654c013955e04044a9b7bf8b3d42da91962796bfe6eb53fe29e36a7a7512a155c712ae561d885703cb26d72e6f1df3976cc665960f871f3110309ffb6b5a79e54057a7a286c62c11e973ef671e86051686f77992f985d729740f38fecf83e03a1fef542cd6b4cee48546f67873a9c682c4afe4a5beccfc64085c622c5a0b5a1f6355f938d16925cabe61426a837c48fd6ad790afe54448fb296a03322f3427e132e8c0623bd311af8a619c2d91415e851744941700f09a2d8471def9dbc448c6aefb4c664f8902c872cc7de9d26e8b300b55b1d08a80257095efef35d9b497487607a22bc95c68f39aeeae243e76ccd40dd1b7ccad6eb39b35d91d239b2b005c8bb6e50037ffb1253276e20384398a5e97ad705fcffd04c720539ddf80cf4e929e82e3fec3d7542e0b7495733eb5da29f6dff5a34ec88a71881f660a5bc9481e755fd3c5683e95ed97cc91ab0edf49afda477aea42bc436b364747d973d61be806e1e63b6982e42814a13c5adb3bd767ec724d2d654afb106198fba6b4c798f4b82f329c2b8055ac4d247da971e32eb4cb971c9ac99d18c0a216d48dd7dffd372e0cad9ce6f05b06e47842c2f53b7c987139c6ddac3446fdb163342f8ca8f5401db91d324a6b710f28dece5839d37760c2515d6ad815a746cd7ccd3a438a5d3f28ca331f6874dedbab107c64127a7590a2813c1287ca977807827d52df80a9c19bc7ef335791da1be53c89f6de8ee1f02f26069b786f22bfd23cd8366e3ca02c0b296d0966d7f8fdbc0ef06895c547224f1a01c92d5f43f81b35539469d1fd9cd76dbf8cdd21b479a6474578863c9906ce6b12d0dbf5a458dafc042fcabe64aeebeb70c0da9300ed22e5d2851c5e77b20f9da1cd26cd810e0b8f1ba17d7c819e8a8ad86aa5bc4eb64748b75ab4a85f05bb1dc542234ac175eced1fe8f3fbd86f1c7349a360f5af0244818df303dce6842ea7afa722be19cf162d671256e5659c77c5569d827b28dc44b7dbb7d9433bc9eff26edbff36cf796b8afb285393f2dab6bb9a3ed40dd065ba8a8ab62cb575e696b97a2853b1700835ae429b983a5bb88972e367f5996a21e9a3b00e943e15c1163fdee023e1cf6e8dc42655cb175590fb6b8c46148b37957c5026aa94e96cbb71bcf9e7899c489edd9b34ca2d3d0dbd29f135cb158652ded6c959820b26a5fb6e8f3a6cfb80bcfa52c36ae0a3868914bda36b5ac09d2ae6cfccff9859550cfc5c6c3b30cddf6a2130c0c563445ae10634f38c65a47aeb8c72a0f25a6747a6787e703e1723303dd6d5bd4303240cb6d4659ee32d80b92859327e882ec84d9bb2a6976d9c6fa450d5598c6af1c92fc4ed7614e3192a06e62e704278424e2e5d521ec4f2cbd87d9b8a65405e807f6247e3f9228e8a5c44e31c9de9247d1b8248ce71d34663cbfcce728c9f08628629fca3f334566118aeb86470886147d714d2dce240408fac3c971b851dd33cb7997e238a2362195ba4f0e83d5c1c5039328817f258d6645bcbc20512398a7a34e2288585b4dc626c6867f3af5a0f573492cdb04e5613bd95bcfe6a61541c3912b4e841b34db2820ed5aca226dcba496f9586b83ab44ed3b9f34cfd2397f36dc4f9811815b975a208b6cd163031296b289b7d202036bca9c4e862f6b1d6356c3c54d47de63e0d0b38e7b9e41e1b25d94fbd03853f786fcf2325020355469e52dd2cfc879e2758382f609173cb2c01775030d1d536af97f5bd0a4b71ad9bf3e5becfccd7dce72fa8882733d2c32cab1338ce67f301be74b1c51dbacff9bdc22868f3f16531cb86b7597aff03040a821c4f7cae2b5b92db792f327dce81e79ac83d4ca15aa248ddc2fad518ebd360c5ac8ff3636e15e8ff61501b1e5c6338847ff43c0d3ed38c87aa623c318c8facffb72fbad8bf4effdd2013dc60ad91f1f5a791905b572321ce0956ffded80e2152b0672875fe71923de673ce343a665d327560c5267223b6fa636ef188b94d4a42884721b4f2d51f90ff3e5145aab164fb56982648a7215601d23017b749c01b684082e250330d109af89bf5d20ca788fbd95fd8d1c128aad3306c4e1bd1c054def7b7ea1948e3c95826078991d234808f55c2314706c8177d7674b2378792afe66b2d65484b481b0e52d8b60e0980163fcf2fffa2cd81f4dbf57afd76fd4e71ec8a6604a697fcaf57e65bba50489f6f0c5b4c046a14303eac05700550ee10fa29d8f68a9eb02fa504b640865f7e2c21f1451ed7d75c90a4734ba64327bc3597b5aff23d0a8f1229f0539720bece2b980f85e11c5ecbf3a560e5dedc40e1260349ccbc647d4d9763b17a45fe1b63e5d16e1a49d55c0011e3ab898b64a6618682bd7bb7e8ed18dafa1b462f20f6aaf2d7c4777a6fb73aa7a1720d67a644f4f4b0bc3ff965e696fd3513979f2e72289dec447af56b240380cfa2a9ce38a808e961d26b6ee6810c75778e9d23a93b3f79b3b293f138f23ef2596b60ecd4afc2036debb7e14f61774d84c1325ee7b8f95dc80c12b001e32e894516473a82aa2c24b5ff7f8c3374e245f1b3ff2a8cf0cc33ecd4b9b7528c34cf54d77756ed3e1b74a0e66c9c1dd8e53c123872c084f70e8a04efe8a8c3527ba75f4d9ced8469229ad7453a1376cae90b155638696103216a07b02e93e3924c4a98d159ce8633b2c8bda44ef28f37ba5edf1e80184c9ac2c8b0db77096dbf2f866536ac4f5ee9eed4bb8dfe0dad4361e901450ba499c119aa1af2a1a7c527b09562a47d8260bd7647e29ee422432f063a84d195e9c843e6f6fa684dd044bd09b8cb3e7a976df68049f09caba37b69a595cea61667f2631e561be743309568b4c37fdaed8ebc628889bc3bf9c5a63bc74e9358a9c2228f51370eb483ee39e682cd4f56f15a16217904c6189ef50044e04f244da23d1c9f41a5209f4f485df4ad8d1922203d365eb11102d48c93c09b700e177aef00f8bf729c0406b89de32490fca998bd34f80c99be60601d4de10e9a86a5a22652eb9df948daa66529b6445cdde70ad125d06e41a3469216233a8b9eeb928f2d041eded321d518f0435ca377e90ae49e95793aabccf299c1f1a82ddec49b2b8732aecd1610d5f09cc5e509d4065c5cfb4edc55f6a15fbaf4dea24439ea95b63bae312ed90e47787000810f22ab9b6aa0622ab969fa30b724b24d82447d6a357468b2d1ec61a80ae680ff7b8b894158218b0e63f99103879f3c1dae33aedec60a1e755755604e33a6698cd0e378b0a0b04017278411f33eade9c4c0e3b7d0d6e62fdc3ebf5559310e0a2913d5aff1ce1bead51578b3879c0e25d96a7a150ba655c97875d864c3a6d5b595ff9dd9698857b3b0bab2d087bbf7f80f5a7225cdebf794ede16a61ca73201f311f87ef9cececb8fd07b2bf384a22a8ae988a5e91e6355e26ac923e78004968bf7f4ae3b319e61a422a43841831a51e2c41df8a118da5239c87b4b0aceb32854413d53e0228090babc167ed6600041390ce04e96c94c65c51fdc00e617e4ed870fe9ed2bbef84c1e1f3f796b2867b0f383b6e01ba2b82ecfced722ac5a7c092716d18b9b41674c342a1a6a7ef961893d451648cce5d0ccb4c180e0493a53f5453de43a6535c486acbfb9f480f3255f998831b684a468a88840e1e7e8a310ef296ce89bef65b7e54265c88bff204e48963cea9945608260e5de37b949acacc938e8e2de9fff925022c010f94a0cd6c7bf16d4e3132034a8a3301f1c1950b9a31ee8227b17cbf460db666f6207a59783064115eac2d4f29f9483ebcd34e8792809d5c25a380b2137bbcd7cda502f4a41a043f7d626e922adec9b4c6478ac0df9842bd4e8912deb2ad2026461510ca392383ee9a7ad0388ae499951a4283db39ca57ed9bebf43dcaa6caa391169077a189641fda3151d8e3a3a0b525dcafa2d9d7b2a01468e658c10c27a8ba74b487a968b05031a3d53b59139068b28ca87c5bfd9db867c0e9b9abd91142c96dbf8883e1a89db8d96c9f0a8999a4f9d6b07f32d6f8bb2ea6d2eaa8a531edf85f25aef35c84eb4bf3f46ab4213602be20cad885d404ef47fafc7793247247848f1c3a06ea31c23d0cbffa07aa5981714dc85736e95cd4d60ed1f25351b1c723e4f042f55f02d24a089862df124c75cc4f618853914439c1406a393a0f1ec0f2346f4cbd6beb17713149d67b9bf1854c814bd8ba3a199218e6eac655db998c955df382c8dee2b4d30c750a63a08e9a88009840e96a331bde3767bce177fc5c44528cb673e862e24c2dc2399be1435cd20916e9e060f8bef39d4b47f335dde4493e0e44b0f619822a35e69b7c5d93dc69575ff71ced7c858e43dbee46f4e50846288cbc8fecbb9291d455a015fdd6e1412aec0e6104d0377074b8e160ec7d813bbc6d3b8e6b0256bce8d255d7a592b408cdf6e63164c99d94f00a693e06c2ecba9dc6d36c6a35697c1647f942df4c805c18344b8e5ac885689068f864c395e8c970702e40cf6c683d10455c7ad75fc035ae260f359c2d8c91305406c6f56ec535be445601c75ffdde1758904787f29a558d0f3bd04bfa08f1612a7ee8a7acf129ed5eb854bba757d34afa354098ed8b4e3a599db4b7611a665fcbbb182a0774cb026a00714d8b91c7fb8691b629b6a93f92da2f3701348885dcefe5a548c90101e50dbaf3f4907611623f7616bcea943bd3feedecf3b3681b4d04a938ac83d9f18a21991a90dc17005e7c56d2e09a0f4ad9f3c676e7da478e96122046d0a167f7e1a28d97d514aa68d24dac8501a1a35ddb6f3703311b26bfa3319361ff5e4d38cd55a04ef1b4fb417a3b638cde7f8569531a22c0fa12ad3a55dfe3c2642205fe1ba0c82d36f8815ec52f6381fe789fcf89efb305498a9b1f0ffafe01bcc5581f5b5d195bba77797085ab1837fd081cf5f086da2a16b6a7f8ca9efbc4c9cf771961b70626120e3715b16b222932291e4ee2449591b1807d56a53d4d86f25011704e7d5efcb799ab130ec2aacd54afd3c43c8acda1c5874ce23234b090c4eaa8ddaedf979b1218a5b9dfb36b8196ce05924dcdc7f50d96b95d0c288551a0498ff23f56c7ccdfb8966480477849c7471bea99cb0af35dbcaa5e781b5ddecf3cde51d78067aed9ca267550dfae119a3d83710ecb92fe80841837b41a40d262f5fad16c20203d1cc3455ca63ebdf0f5dbb7a498b4629dcb87333f2d58726871e6b5adf60faa0f8c9cb4718005e5e199457330da1a11cd0d7e78f617b6805fff8fa45c2cb56e1e17904773e165d2a39470ce1616418e7e15481c798afed92efad9c2babcc3e3346f8022ce30b3e1db015a2b9f5dbd4560ee9776c77eb9cff5cf2af28ebf1085650e29bd8dac01b814e6c285bf964da2eb1a442aeb671589a02c29d58208829c9501c355644ac28c38835f4025dcdabfd3852b1a16e45e9c032e97f7f2f0f612739c6569f44731692e3f3b97ba5bcd0b7f2dea1ee6303b5f92514c022e54aa4c587eff74a5d509c17785686c613bf6b778e3624ff3653674e6daab3f788ec9cf879f06957a673a20fdccf721ced05a0d23e074de82614f775a84dfcd31c621cf0369e28791ab742b62f271218fa1bc8681e9d41b4a93b05cc693013d54d367b1e6e1a7e74b43b44b920192ed8fbb63b89f393e5ffab584d7c201d1b99b7bc6907033109986a4fe7bb79e803315c4df94ed471cba889e148645fd1748374015ea8c696ff64bf6d23bce7e5efa7c7e6215ceefa938cd88aa0374da4ee1e10cbfa96d5283b4a0867f4d76b8492fc618e2bca34ba9bc2ff3368756080a78a1ece2f0d1d1cc30cb721677de3c4cd6da378697c40419bc1f2184b86b8e40abd627aab9c308d8fd2db8daf8b43225003ea9124c11dfcbd1b6ea959a86623e360b40c381d991892c1fa6c0c81bb4d03d8d3656cedd1e48539192fc8bd1474ce961159816dcdc76e95ed9d9893e91a0ca670cd1152cb014310facf952fa9fd0d30900196b604c10596c1a31c1e70416824c207656426b09ef9b558496ae87fc7449bfdba0d5628e9af6397385ddadc986424fde545c07664fb6ef2756ed9e443e39257eef2179fb9e4a9e84062f9b6048125151e2e7fad2560df277323b5e22ab2731dc802d6f372d2a335b5da7e5a86508329b3dceb56f0d4f9f6f9e48507af3ec99fc172c237e67ece3d51198a033a9c66f3243ef694893af85421ff6f93ecb95eacceba5fdc1a76810e999a40733b46433328b24ee17b718b135b74dd535202c7966de2de5a26412e600971704bb90007e42d3e6a3acd33e7358da6b32883c9ad30c2abb1cdef7452e211734c6fb6d199a397bea8aa3cf1f014929941c34ba06096e70d852fc420effc7924ec29c03bea29f289c82338f0115e00de549007456d5867253a5b9bb4493bcff815a3100fc45a0de0aad7b0b5c641ed1be3e8f07fb3b1a8a496ecfd3dff5abf0d8f5854621faeb4a9920d8c52b7a0338d49fd21d99c24e1943de3ba2668aea7bc95bcf21e2bf0b2d5f899f33d0cec31b60df4ef5a23e1b173cc89390c8bc3ee96e38de06f6016a2b0eafe86af9dc59bead4f5f948a81b1008a95e3ab39f8009bdb4f268f3002245e73ee2ff50cf1cd37e867cbe44ad370b9336e0dddcffb6dd8f2f79155235300bce6385e544105e6d278d345870216e61100337a871ab51b2cde74fe976e1f8b77a90bb8b51eefe7e4201db41915f482edbe1f8ae268314d5af95ffdeb94aba3f4e316990792d281a123d7febbba7f6abaed7ccfc0c567d4bd1c2d9ca217535167c9a09f1ad0ecaa99cc08338fead5deef7fab77d2082d893b91c27f8ea4e48e052a2a31c8e3f9510c4ce94ef16053bcc25eafa324e5a1d045a3de8f7d731e58ec9130427552323bcfde47f6b55b5634e8cb190fe183af132f12d72ef5e4d98508b57106ccb647ab505369c728958a0789c67ee80acc4bbf41b97fa56d8701c3ec5ead411aed16882dfb026c50c28b5fcc442c432837a82f8bfd47650b83aa71b909be61ea77cc029a0c615f8e390874995d19e224c38349c64bc166f50c54332d1a3eff0071d7a0b11a901c56a847b93ab5bd0bfad8f965cbfb53c2184c588fb7dbc5c693a3ade89b303e801a650b79c1ea957aabed937998b5df77ff29fd43515e8a5ffe441e323fefa45a2775237e1c749897d448f1f3ef60c7755d1a1441b96a136a86d341471d57c68c859813656658266c40b8bb8bafded8ed0d940f8c5954923eb43ad5afb58eb452d6430990bc924afb97191f31cd1a1f58e30b0c243f9636245c459280d16da1df1a30ff63de677554d6b252487455e8aff91370c4a0ba9f341384cf8483d18b9d3f2fc51b07ba8a5fa795d7925189ca344f0fddb8bf55e35013f6fab3806b3c4d17499ec1ae819d4f3aa6b6a570c2ea68558fa33373394584dbf11d41f7059b55f186bd54bdc30dea390872737bf0312f4c68dc963d28d5b218eca6314e23b7381cfbcd01c325d9a3869f1176eb82c183b37d65c8500a48e9bbb1c465e27bfb668a16100e5384d9116aa35f3b00b4ee3bc84700ab17283d4db6b420e6140d14d09b51ad020fc8e505d2c820ac307d45b211213c18487ce12dff233a5caf87cd94a77d0eba69d61452f41c1f82cbe32b567a39a4615a6d2155cc73c3b90dc55daf33c8d9eba3eb0e182c79dede1293dd30840ebf048df8a93e38d0136e856d94ea105cd04323406dc429b5551538625109105d88b1ac480d0fb1e9d1977099707f9f9534b683d855c4d3c30a29c6678a3221e0dea7772f8859f572420708da9a030ddf973cf9f221404117b05efb76bb08ecf34aa9b36b0418c74f90a07e8e5c91e1d7c8a8ea596c0de9b10c222e9588c2bbc77d860b7197b42b42a1ab834ce24fccbbe20f2579ec6dbd4efb9aa1a3d2e062de594d289273e98342440045a0c134e400003b50d4243826b029ecd177cf3d2cf3d164ddc58f88a970a0bbdc7f0d60271cab0df2dde79d1b929cd3028effccbe94c05008f4261297024e4f72604d52db9da7b0e5f2f4f59ebe77b319c54aaab9581a8355b75594eb6dc0fc25e91052c89764256ca464f9f6e45bc34d6e5aa28e1fd93997b58f21feff551aa3ecb5375c19ee4543f7339418c11b9ea18fe2637a9bc9744cc9fcb21a7643eb87683694732154bd1eec746f1c57bac65cf18a83267ea437f7993644c510ac44307703ea28b20e52644dbaabbe9ee1e23a38b29b91cf9077fecdb98ff4e4749c9d6ad2901c5a891c07a8b0c26ad1f8126e6db537df7fff65486afeb85eda80e2a04d09d46720330700267cbcf205b5c00076c01d9db0a64d5426864d14cce1781098afdc28f9f5948ab7791627baf78c3e9df2c0ed9ce50b083bc7a34ee0087f4efde579e2dea313e4e20580c5e63d5ef4509c05a9dc38ced91340bbb9cf948bb03ea5e60c666a1a5c4acd385d0c1a01797b9b3183f4afbc925dd2641d21410b4b1af2f21f8cca330fbc08834e1e8210fdcf332f70f08b48a2655cf017ec8a19640f2f263c54876d6f4ad2193be944667f6498baa32225d2b5b82abd3f2fc64033f1db9adff6b1c788555d5ffa1a35d4a691802447b163ba9a615d6c958036528bbab84230d676145054828d530f0e3af417ad0480eaf2004b9002b644bcd8f0ecf860c31766ace95769ab4fd01f297c595b45e6c7b1c9f662044f43fc82b6244e5d08b1e556599096c034600e20ff000d996b6ba3a6700116127b9468c9567ad920ddcf7ccf9c0a74f49984e24a7aaa2321ee58583c1bdba668cb98c319f682ffc5957015ba1799930d4b676bd3bc76037f6bc2d9ddcb47efebd366a90dc7e67076ebc25e2ef2929a89faee06aa04538a3ae7b196dfecd33725ce9f859c5df4713b220ecd18b1613ba76aebbe8f9f93eeaea9e88e46e7ed24c4efbd86fcd57a4f9fc76152175782871ab211a18ae303be8e9459aab930597d17875c5f5f24d9b16bd8dc4e25f6a7a1de05763da11ee7e26e1e32ee0a5ab2de5d069d03a6ea95a33abc1025d59800fccfff1f0e0f7335e2778b8731cbae94828dbe70507c5369f36d457e98d6042e342cbffde2ee74e05cf0f8aa7185de485e5050294472cd8c7ae03977b62cb287a9d6e4d66650dbc4d89e58ad4f7c24d46573acf85f633d1af73cf655788b431bf22315bdae78d9f6f9cfe32330cbf77bb0195a60244d4bcd0ea35b94bcdf7255ff58f1fb11a09a06747337c95f332a0ade622d49ce0f2943517fb4da8049f3c1b53cb68475c2eb52551d40cbeaf5e79a748c5314bb531b4fc28494b65ee8513427e1fd3cc990fe4ef5ead14b65f1c3e9e0598edf42e2862e2eb180b3e674fc3005859ac56ad17022a8f48b49dcc97e991cfece1d52b7ca82e711944a877567ca0da0663276480d69fa4be56f425bb84dc9177d3e3ed45fb737ce026b8df38336f9efedb89a8650f9fb73918d300c909e9f9189458e1930f09b05433980e79a2eacd0dda32852bdb1a417e4ba62b83d0e17ac8d39834f41c8cd49517013ec658c4e10b38d0788df96764d13ce074271b51041671240549d18540271c8898a5c9e4be4895881235d59666a1f0f3b3cd098786afd6ab4781b73275232b488fb3d9eff77e71f8448a95c653fc80d069c15aa2a80d5799e6c45eb27ea8d6675f28f7aa7cfe3cef877c91ecf3e576e942a20312ffb48a64a91876ec5d1ad2f6a68946e73db4785894736106906731793c3482365d4151051c8d5f16dcb0348628e3aba4087ea8c9ce24bb93190fa12916f529c8eed6dfd3f5bc24d09b1ad377699de3f687b392ec921d81e35dc27bd14be4d004e713c3d07cf600255d45fdfb326b4327c9507c6f69d01236eb9383133dbaa787ba37de14a12e850ec60381a9ffab939ce16cb9b490685343048c0933bc280e809fc8114096ae2d303bbcbbc941b70b5d1d03f59f0b534fa195cbcf34e57d2aaee9c1dcddb5eafd8399fd1d53bfdb48a6f6d3153bb903ce411800f7220bdcfa312ac603672c163a0896b85409859b817cd304e73f278634fab0b1dbe226d7e4f93f220180c3434c7c22ac3143e06702f9a21e66a46d4980bd20d9b0c62846362d0a1151584a28a87902dd0f35187850d501c68900", 0x2000, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={0x0})
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x0, 0x15})

812.541861ms ago: executing program 4 (id=2062):
syz_open_dev$hiddev(0x0, 0x4, 0x40)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x4, 0x0, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0x2)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
shutdown(r0, 0x1)

508.007368ms ago: executing program 3 (id=2063):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000101a81, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000000))
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000180)=0xfffffffe)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_adj\x00')
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000680)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000a80)=@RTM_DELMDB={0x38, 0x55, 0x93d, 0x0, 0x0, {0x7, r6}, [@MDBA_SET_ENTRY={0x20, 0x1, {r6, 0x1, 0x0, 0x0, {@ip4=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x86dd}}}]}, 0x38}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@ipmr_delroute={0x1c, 0x18, 0x1, 0x70bd29, 0x0, {0x80, 0x10, 0x14, 0x7, 0x0, 0x10, 0x0, 0x5, 0x1800}}, 0x1c}}, 0x0)
readv(r2, &(0x7f0000000780)=[{0x0, 0x29}, {&(0x7f0000000300)=""/41, 0x29}], 0x2)
sendmsg$nl_route_sched(r1, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000a40)=@newtaction={0xf4, 0x30, 0x216822a75a8bdd29, 0xffe4, 0x0, {}, [{0xe0, 0x1, [@m_connmark={0x50, 0x2, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0xd, 0x5, 0x0, 0x3}, 0x8}}]}, {0x4}, {0xc}, {0xc}}}, @m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x3, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xb66, 0xb3, 0x20000001, 0x34e, 0xffff}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0xf4}}, 0x0)

150.035011ms ago: executing program 0 (id=2064):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffad, 0x0, 0x0, 0x0}, 0x90)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r2, &(0x7f0000000240), &(0x7f0000000140)=@tcp6=r0}, 0x20)
sendmmsg$inet6(r0, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}, {{0x0, 0x1, &(0x7f0000000480), 0x14}}], 0x400, 0x10) (fail_nth: 5)

101.134158ms ago: executing program 3 (id=2065):
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f0000000000)={0x6, 0xa, 0x3, "020000000000005525052e8bd9e6660201000000000000000000000200", 0x3132564e})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090f04000000000000000000850000000f000000850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r3, 0x0, 0xffffffffffffffff}, 0x18)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
creat(&(0x7f0000000240)='./file0/bus\x00', 0x82)
acct(0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x4d9, 0x800, 0x4, 0xb}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r0, 0x0, 0x0, 0x0, 0x4008001, 0x1})
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
io_uring_enter(r4, 0x1be8, 0x0, 0x40, 0x0, 0x3a)

0s ago: executing program 0 (id=2066):
socket$phonet_pipe(0x23, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x400000bce)
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000200)={0x6, 0x8, 0x3, {0x1, @pix_mp={0x1ff, 0xffffff93, 0x384c4150, 0x7, 0x4, [{0xc, 0x400}, {0x8001, 0x5}, {0x7, 0x3}, {0x4d, 0xc1d}, {0x8001, 0x3}, {0xd90, 0xb}, {0x4, 0xa}, {0xc0, 0x2}], 0xa, 0x4, 0x4, 0x1, 0x2}}, 0x9})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x4080)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$BLKRAGET(r1, 0x1263, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000500)={0x0, <r3=>0x0})
sched_setaffinity(r3, 0x8, &(0x7f0000000180)=0x86)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, 0xffffffffffffffff, 0xb8825000)
socketpair(0x29, 0x1, 0x7fffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r5=>0x0})
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCADDRT(r6, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x21, @dev={0xac, 0x14, 0x14, 0xff}}, {0x2, 0x0, @local}, {0x2, 0x4e20, @broadcast}, 0x19b, 0x0, 0x0, 0x0, 0xfffd})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x1ff, {0x0, 0x0, 0x0, r5, {0xfff2}, {}, {0x8, 0x10}}}, 0x24}}, 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000480)={'\x00', 0xf16b, 0x80, 0x5, 0x9, 0x8eb})
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1}, 0x48)
r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r7, 0x4068aea3, &(0x7f0000000200))

kernel console output (not intermixed with test programs):

 do_syscall_64+0xfa/0x3b0
[  697.212209][T11864]  ? lockdep_hardirqs_on+0x9c/0x150
[  697.212233][T11864]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  697.212250][T11864]  ? clear_bhb_loop+0x60/0xb0
[  697.212272][T11864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  697.212288][T11864] RIP: 0033:0x7f0f0618e929
[  697.212309][T11864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  697.212324][T11864] RSP: 002b:00007f0f0702b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  697.212344][T11864] RAX: ffffffffffffffda RBX: 00007f0f063b5fa0 RCX: 00007f0f0618e929
[  697.212357][T11864] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  697.212368][T11864] RBP: 00007f0f0702b090 R08: 0000000000000000 R09: 0000000000000000
[  697.212378][T11864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  697.212389][T11864] R13: 0000000000000000 R14: 00007f0f063b5fa0 R15: 00007ffedba24018
[  697.212418][T11864]  </TASK>
[  697.392468][ T7081] usb 6-1: new full-speed USB device number 41 using dummy_hcd
[  697.542671][ T5909] usb 5-1: new full-speed USB device number 42 using dummy_hcd
[  697.694916][ T7081] usb 6-1: device descriptor read/8, error -71
[  697.934737][ T5909] usb 5-1: unable to get BOS descriptor or descriptor too short
[  697.945314][ T5909] usb 5-1: not running at top speed; connect to a high speed hub
[  697.967845][ T5909] usb 5-1: config 219 has 1 interface, different from the descriptor's value: 2
[  697.987807][ T5909] usb 5-1: config 219 interface 0 has no altsetting 0
[  698.002341][ T7081] usb 6-1: new full-speed USB device number 42 using dummy_hcd
[  698.007912][ T5909] usb 5-1: config 219 interface 0 has no altsetting 1
[  698.033769][ T5909] usb 5-1: New USB device found, idVendor=2b73, idProduct=0017, bcdDevice=a2.0e
[  698.044654][ T5909] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  698.052943][ T5909] usb 5-1: Product: syz
[  698.057174][ T5909] usb 5-1: Manufacturer: syz
[  698.066520][ T5909] usb 5-1: SerialNumber: syz
[  698.074504][ T7081] usb 6-1: device descriptor read/8, error -71
[  698.192792][ T7081] usb usb6-port1: unable to enumerate USB device
[  698.367143][ T5909] usb 5-1: selecting invalid altsetting 0
[  698.375028][ T5909] usb 5-1: selecting invalid altsetting 0
[  698.440989][ T5909] usb 5-1: USB disconnect, device number 42
[  699.709702][T11901] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  702.592028][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  702.770071][T11922] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  704.341758][T11928] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1567'.
[  705.151667][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  706.274997][ T7081] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  706.793630][ T7081] usb 6-1: Using ep0 maxpacket: 32
[  707.278560][ T7081] usb 6-1: unable to get BOS descriptor or descriptor too short
[  708.053495][ T7081] usb 6-1: config 12 has an invalid interface number: 184 but max is 0
[  708.274161][ T7081] usb 6-1: config 12 has an invalid descriptor of length 0, skipping remainder of the config
[  708.569972][ T7081] usb 6-1: config 12 has no interface number 0
[  708.590003][ T7081] usb 6-1: config 12 interface 184 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  708.606801][ T7081] usb 6-1: New USB device found, idVendor=0499, idProduct=100d, bcdDevice=84.a2
[  708.616054][ T7081] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  708.624088][ T7081] usb 6-1: Product: syz
[  708.628301][ T7081] usb 6-1: Manufacturer: syz
[  708.633000][ T7081] usb 6-1: SerialNumber: syz
[  708.672856][T11962] NILFS (nullb0): couldn't find nilfs on the device
[  710.364204][T11990] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  711.008558][ T7081] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  711.163619][ T7081] snd-usb-audio 6-1:12.184: probe with driver snd-usb-audio failed with error -2
[  711.226703][ T7081] usb 6-1: USB disconnect, device number 43
[  711.322698][T11935] delete_channel: no stack
[  712.673243][T12003] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  712.896847][T12006] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  712.904837][T12006] UDF-fs: Scanning with blocksize 512 failed
[  712.922297][T12006] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  712.929988][T12006] UDF-fs: Scanning with blocksize 1024 failed
[  712.939509][T12006] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  712.947609][T12006] UDF-fs: Scanning with blocksize 2048 failed
[  712.958163][T12006] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  712.966551][T12006] UDF-fs: Scanning with blocksize 4096 failed
[  713.486964][T12009] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1586'.
[  714.641820][T12021] hsr0: entered promiscuous mode
[  715.168813][T12012] hsr0: left promiscuous mode
[  715.412007][T12034] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  715.419770][T12034] UDF-fs: Scanning with blocksize 512 failed
[  715.438727][T12034] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  715.447344][T12034] UDF-fs: Scanning with blocksize 1024 failed
[  716.469288][T12034] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  716.477394][T12034] UDF-fs: Scanning with blocksize 2048 failed
[  716.492780][T12034] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  716.500799][T12034] UDF-fs: Scanning with blocksize 4096 failed
[  717.700092][ T5909] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[  717.960102][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  718.097392][ T5909] usb 6-1: Using ep0 maxpacket: 16
[  718.107146][ T5909] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  718.171694][T12053] fuse: Unknown parameter '0xffffffffffffffff0000000000000000000000000000000000000000'
[  718.431221][ T7180] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  718.454217][ T5909] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  718.486428][ T5909] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  718.505114][ T5909] usb 6-1: Product: syz
[  718.536620][ T5909] usb 6-1: Manufacturer: syz
[  718.541723][ T5909] usb 6-1: SerialNumber: syz
[  718.549745][ T5909] usb 6-1: config 0 descriptor??
[  718.602408][ T7180] usb 3-1: Using ep0 maxpacket: 16
[  718.675023][ T7180] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  718.685610][ T5909] usb 6-1: can't set config #0, error -71
[  718.695966][ T7180] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  718.706463][ T5909] usb 6-1: USB disconnect, device number 44
[  718.725458][ T7180] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  718.741791][ T7180] usb 3-1: Product: syz
[  718.748732][ T7180] usb 3-1: Manufacturer: syz
[  718.753851][ T7180] usb 3-1: SerialNumber: syz
[  718.763485][ T7180] usb 3-1: config 0 descriptor??
[  718.793138][ T7180] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  718.837736][ T7180] em28xx 3-1:0.0: DVB interface 0 found: bulk
[  719.511502][ T7180] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  719.600160][ T7180] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  719.619983][ T7180] em28xx 3-1:0.0: board has no eeprom
[  719.621815][T12063] sctp: [Deprecated]: syz.4.1602 (pid 12063) Use of struct sctp_assoc_value in delayed_ack socket option.
[  719.621815][T12063] Use struct sctp_sack_info instead
[  719.651784][ T5971] usb 4-1: new full-speed USB device number 36 using dummy_hcd
[  719.700058][ T7180] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  719.816229][ T7180] em28xx 3-1:0.0: dvb set to bulk mode.
[  719.831716][  T980] em28xx 3-1:0.0: Binding DVB extension
[  719.856059][ T7180] usb 3-1: USB disconnect, device number 44
[  719.881729][ T7180] em28xx 3-1:0.0: Disconnecting em28xx
[  719.960507][ T5971] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  719.979162][ T5971] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  719.990748][  T980] em28xx 3-1:0.0: Registering input extension
[  719.997379][ T5971] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  720.006042][ T7180] em28xx 3-1:0.0: Closing input extension
[  720.007868][ T5971] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  720.043393][ T5971] usb 4-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  720.069154][ T5971] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  720.074015][ T7180] em28xx 3-1:0.0: Freeing device
[  720.126880][ T5971] usb 4-1: config 0 descriptor??
[  720.910239][T12084] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1607'.
[  721.249627][ T7180] usb 4-1: USB disconnect, device number 36
[  721.612759][T12093] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  721.620677][T12093] UDF-fs: Scanning with blocksize 512 failed
[  721.648196][T12093] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  721.656145][T12093] UDF-fs: Scanning with blocksize 1024 failed
[  721.676267][T12093] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  721.684273][T12093] UDF-fs: Scanning with blocksize 2048 failed
[  721.695559][T12093] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  721.704521][T12093] UDF-fs: Scanning with blocksize 4096 failed
[  722.304492][T12097] fuse: Unknown parameter '0x00000000000000070000000000000000000000000000000000000000'
[  723.299912][ T7180] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  724.078472][T12109] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  724.169333][ T7180] usb 5-1: Using ep0 maxpacket: 16
[  724.198615][ T7180] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  724.224388][ T7180] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  724.243720][ T7180] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  724.253672][ T7180] usb 5-1: Product: syz
[  724.373795][ T7180] usb 5-1: Manufacturer: syz
[  724.379093][ T7180] usb 5-1: SerialNumber: syz
[  724.410174][ T7180] usb 5-1: config 0 descriptor??
[  725.158332][ T7180] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  725.168573][ T7180] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  725.261094][ T7180] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  725.366628][ T7180] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  725.862296][ T7180] em28xx 5-1:0.0: board has no eeprom
[  725.895539][T12118] sctp: [Deprecated]: syz.3.1616 (pid 12118) Use of struct sctp_assoc_value in delayed_ack socket option.
[  725.895539][T12118] Use struct sctp_sack_info instead
[  726.054581][ T7180] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  726.064161][ T7180] em28xx 5-1:0.0: dvb set to bulk mode.
[  726.070351][  T980] em28xx 5-1:0.0: Binding DVB extension
[  726.102851][ T7180] usb 5-1: USB disconnect, device number 43
[  726.111550][ T7180] em28xx 5-1:0.0: Disconnecting em28xx
[  727.224380][  T980] em28xx 5-1:0.0: Registering input extension
[  727.339051][ T7180] em28xx 5-1:0.0: Closing input extension
[  727.507354][T12147] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  727.515210][T12147] UDF-fs: Scanning with blocksize 512 failed
[  727.529111][T12147] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  727.536858][T12147] UDF-fs: Scanning with blocksize 1024 failed
[  727.546258][T12147] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  727.554227][T12147] UDF-fs: Scanning with blocksize 2048 failed
[  727.563031][T12147] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  727.570775][T12147] UDF-fs: Scanning with blocksize 4096 failed
[  727.935295][ T7180] em28xx 5-1:0.0: Freeing device
[  728.205618][  T980] usb 3-1: new full-speed USB device number 45 using dummy_hcd
[  728.317413][T12154] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  728.750438][  T980] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  728.802386][  T980] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  728.901630][  T980] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  729.812332][  T980] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  729.826088][  T980] usb 3-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  729.836453][  T980] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  730.049812][  T980] usb 3-1: config 0 descriptor??
[  730.376021][  T980] usb 3-1: USB disconnect, device number 45
[  731.779744][T12188] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  731.787516][T12188] UDF-fs: Scanning with blocksize 512 failed
[  731.807033][T12188] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  731.815153][T12188] UDF-fs: Scanning with blocksize 1024 failed
[  731.828529][T12188] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  731.836178][T12188] UDF-fs: Scanning with blocksize 2048 failed
[  731.850127][T12188] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  731.858092][T12188] UDF-fs: Scanning with blocksize 4096 failed
[  733.028399][  T980] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[  733.229215][  T980] usb 6-1: Using ep0 maxpacket: 16
[  733.332216][T12199] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  733.832853][  T980] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  733.868406][  T980] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  733.891938][  T980] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  734.328125][  T980] usb 6-1: Product: syz
[  734.332424][  T980] usb 6-1: Manufacturer: syz
[  734.337060][  T980] usb 6-1: SerialNumber: syz
[  734.373831][  T980] usb 6-1: config 0 descriptor??
[  734.390412][  T980] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  734.402165][  T980] em28xx 6-1:0.0: DVB interface 0 found: bulk
[  735.228229][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  735.608428][  T980] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  735.873030][  T980] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  735.898004][  T980] em28xx 6-1:0.0: board has no eeprom
[  736.777384][  T980] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  736.785750][  T980] em28xx 6-1:0.0: dvb set to bulk mode.
[  736.938391][ T7180] em28xx 6-1:0.0: Binding DVB extension
[  737.089954][  T980] usb 6-1: USB disconnect, device number 45
[  737.307151][  T980] em28xx 6-1:0.0: Disconnecting em28xx
[  737.471584][ T7180] em28xx 6-1:0.0: Registering input extension
[  737.480693][  T980] em28xx 6-1:0.0: Closing input extension
[  737.510643][  T980] em28xx 6-1:0.0: Freeing device
[  741.093773][T12255] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  741.527298][ T5982] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  741.688105][ T5982] usb 3-1: Using ep0 maxpacket: 16
[  741.709081][ T5982] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  741.832913][ T5982] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  741.842380][ T5982] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  741.868841][ T5982] usb 3-1: Product: syz
[  741.885662][ T5982] usb 3-1: Manufacturer: syz
[  741.956200][ T5982] usb 3-1: SerialNumber: syz
[  741.961339][T12263] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1660'.
[  742.020468][ T5982] usb 3-1: config 0 descriptor??
[  742.045734][ T5982] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  742.120877][ T5982] em28xx 3-1:0.0: DVB interface 0 found: bulk
[  742.265193][T12270] fuse: Unknown parameter '0x00000000000000070000000000000000000000000000000000000000'
[  742.557538][ T5982] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  742.630767][ T5875] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  742.765888][ T5982] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  742.774155][ T5982] em28xx 3-1:0.0: board has no eeprom
[  742.876012][ T5982] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  742.884364][ T5982] em28xx 3-1:0.0: dvb set to bulk mode.
[  742.895098][ T7180] em28xx 3-1:0.0: Binding DVB extension
[  743.070593][ T5875] usb 4-1: Using ep0 maxpacket: 32
[  743.072932][ T5982] usb 3-1: USB disconnect, device number 46
[  743.083924][ T5982] em28xx 3-1:0.0: Disconnecting em28xx
[  743.088807][ T5875] usb 4-1: unable to get BOS descriptor or descriptor too short
[  743.870136][ T5875] usb 4-1: config 12 has an invalid interface number: 184 but max is 0
[  743.907713][ T5875] usb 4-1: config 12 has an invalid descriptor of length 0, skipping remainder of the config
[  743.918211][ T5875] usb 4-1: config 12 has no interface number 0
[  743.924676][ T5875] usb 4-1: config 12 interface 184 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  743.942656][ T5875] usb 4-1: New USB device found, idVendor=0499, idProduct=100d, bcdDevice=84.a2
[  743.943626][ T7180] em28xx 3-1:0.0: Registering input extension
[  743.955400][ T5875] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  743.969699][ T5982] em28xx 3-1:0.0: Closing input extension
[  743.983742][ T5982] em28xx 3-1:0.0: Freeing device
[  743.996714][ T5875] usb 4-1: Product: syz
[  744.008222][ T5875] usb 4-1: Manufacturer: syz
[  744.018079][ T5875] usb 4-1: SerialNumber: syz
[  744.249301][ T7180] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  744.295399][T12286] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  745.130893][ T7180] usb 5-1: Using ep0 maxpacket: 32
[  745.162608][ T7180] usb 5-1: unable to get BOS descriptor or descriptor too short
[  745.206919][ T7180] usb 5-1: config 12 has an invalid interface number: 184 but max is 0
[  745.216244][ T7180] usb 5-1: config 12 has an invalid descriptor of length 0, skipping remainder of the config
[  745.283660][ T7180] usb 5-1: config 12 has no interface number 0
[  745.339503][ T7180] usb 5-1: config 12 interface 184 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  745.401588][ T5875] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  745.529824][ T7180] usb 5-1: New USB device found, idVendor=0499, idProduct=100d, bcdDevice=84.a2
[  745.549889][ T7180] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  745.558322][ T7180] usb 5-1: Product: syz
[  745.562656][ T7180] usb 5-1: Manufacturer: syz
[  745.567517][ T7180] usb 5-1: SerialNumber: syz
[  745.664150][ T5875] snd-usb-audio 4-1:12.184: probe with driver snd-usb-audio failed with error -2
[  745.856128][ T5875] usb 4-1: USB disconnect, device number 37
[  746.490625][T12304] fuse: Unknown parameter '0x00000000000000070000000000000000000000000000000000000000'
[  746.996065][T12306] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  747.446241][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  747.459704][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  747.735173][ T7180] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  748.099047][ T7180] snd-usb-audio 5-1:12.184: probe with driver snd-usb-audio failed with error -2
[  748.666723][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  748.910941][ T7180] usb 5-1: USB disconnect, device number 44
[  748.973357][T12322] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1680'.
[  749.337682][T12330] blktrace: Concurrent blktraces are not allowed on nbd5
[  750.184454][T12340] fuse: Unknown parameter '0xffffffffffffffff0000000000000000000000000000000000000000'
[  753.004069][T12359] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1692'.
[  753.349192][T12363] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1693'.
[  755.738676][T12355] 9pnet_fd: Insufficient options for proto=fd
[  755.894878][T12393] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1704'.
[  755.935146][   T49] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  755.976767][ T5875] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  755.991533][   T49] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  756.436253][ T5875] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  756.729758][ T5971] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  757.535459][   T10] usb 5-1: new full-speed USB device number 45 using dummy_hcd
[  757.698849][   T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  757.720977][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  757.745423][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  757.766949][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  757.790491][   T10] usb 5-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  757.812613][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  757.824259][   T10] usb 5-1: config 0 descriptor??
[  758.038745][   T10] usb 5-1: USB disconnect, device number 45
[  758.688848][T12428] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1715'.
[  758.923114][T12431] fuse: Unknown parameter '0x00000000000000070000000000000000000000000000000000000000'
[  759.769652][T12435] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  760.004058][T12438] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1718'.
[  760.025616][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  762.484916][ T7180] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  762.515231][   T10] usb 4-1: new full-speed USB device number 38 using dummy_hcd
[  762.655095][ T7180] usb 3-1: Using ep0 maxpacket: 16
[  762.674155][ T7180] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  762.691848][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  762.713968][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  762.731937][ T7180] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[  762.782624][ T7180] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  762.793093][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  762.818122][ T7180] usb 3-1: Product: syz
[  762.828115][   T10] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  762.844539][ T7180] usb 3-1: Manufacturer: syz
[  762.855917][ T7180] usb 3-1: SerialNumber: syz
[  762.870201][   T10] usb 4-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  762.879748][ T7180] usb 3-1: config 0 descriptor??
[  762.902433][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  762.923642][ T7180] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  762.940392][   T10] usb 4-1: config 0 descriptor??
[  763.099385][   T12] usb 3-1: Failed to submit usb control message: -71
[  763.114771][   T12] usb 3-1: unable to send the bmi data to the device: -71
[  763.117220][   T10] usb 3-1: USB disconnect, device number 47
[  763.132216][   T12] usb 3-1: unable to get target info from device
[  763.142351][   T12] usb 3-1: could not get target info (-71)
[  763.154967][   T12] usb 3-1: could not probe fw (-71)
[  763.165370][ T7180] usb 4-1: USB disconnect, device number 38
[  763.812175][T12477] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1729'.
[  763.878363][T12477] blktrace: Concurrent blktraces are not allowed on nbd4
[  764.663641][T12483] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  765.150818][T12484] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  767.474295][ T7180] usb 5-1: new full-speed USB device number 46 using dummy_hcd
[  767.657197][ T7180] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  767.667938][ T7180] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  767.684849][ T7180] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  767.705021][ T7180] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  767.760038][ T7180] usb 5-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  767.810046][ T7180] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  767.889002][ T7180] usb 5-1: config 0 descriptor??
[  768.163060][ T7180] usb 5-1: USB disconnect, device number 46
[  768.355864][T12519] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1741'.
[  768.504345][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  768.630357][T12521] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  768.903462][T12526] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  769.643210][T12530] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  770.285519][T12535] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  772.814049][T12556] hsr0: entered promiscuous mode
[  773.221509][T12557] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  773.240278][T10024] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  773.836311][T12553] hsr0: left promiscuous mode
[  773.879603][T12569] NILFS (nbd2): device size too small
[  773.901829][T12569] NILFS (nbd2): device size too small
[  773.912380][T12569] NILFS (nbd2): device size too small
[  773.919243][T12569] NILFS (nbd2): device size too small
[  773.931581][T12569] NILFS (nbd2): device size too small
[  773.952467][T12569] NILFS (nbd2): device size too small
[  773.961473][T12569] NILFS (nbd2): device size too small
[  773.972534][T12569] NILFS (nbd2): device size too small
[  773.980809][T12569] NILFS (nbd2): device size too small
[  774.001660][T12569] NILFS (nbd2): device size too small
[  774.009867][T12569] NILFS (nbd2): device size too small
[  774.025434][T12569] NILFS (nbd2): device size too small
[  774.034089][ T5909] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  774.038209][T12569] NILFS (nbd2): device size too small
[  774.067342][T12569] NILFS (nbd2): device size too small
[  774.089052][T12569] NILFS (nbd2): device size too small
[  774.124591][ T7081] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  774.127125][T12569] NILFS (nbd2): device size too small
[  774.176729][T12569] NILFS (nbd2): device size too small
[  774.196627][ T5909] usb 5-1: Using ep0 maxpacket: 16
[  774.253908][ T5909] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  774.268798][ T5909] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  774.280367][ T5909] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  774.289246][ T5909] usb 5-1: Product: syz
[  774.294134][ T5909] usb 5-1: Manufacturer: syz
[  774.298857][ T5909] usb 5-1: SerialNumber: syz
[  774.305463][T12569] NILFS (nbd2): device size too small
[  774.312473][T12569] NILFS (nbd2): device size too small
[  774.313241][ T5909] usb 5-1: config 0 descriptor??
[  774.324162][T12569] NILFS (nbd2): device size too small
[  774.353939][ T7081] usb 3-1: Using ep0 maxpacket: 8
[  774.445674][ T5909] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  774.472770][T12569] NILFS (nbd2): device size too small
[  774.478557][ T5909] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  774.486526][T12569] NILFS (nbd2): device size too small
[  774.504261][T12569] NILFS (nbd2): device size too small
[  774.511885][T12569] NILFS (nbd2): device size too small
[  774.554792][T12569] NILFS (nbd2): device size too small
[  774.562574][T12569] NILFS (nbd2): device size too small
[  774.570051][T12569] NILFS (nbd2): device size too small
[  774.577698][T12569] NILFS (nbd2): device size too small
[  774.585407][T12569] NILFS (nbd2): device size too small
[  774.593086][T12569] NILFS (nbd2): device size too small
[  774.600179][T12569] NILFS (nbd2): device size too small
[  774.607544][T12569] NILFS (nbd2): device size too small
[  774.614428][T12569] NILFS (nbd2): device size too small
[  774.630790][ T7081] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  774.666847][ T7081] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83
[  774.715580][ T7081] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  774.765557][ T5909] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  774.766474][ T7081] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  774.882563][ T5909] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  774.890914][ T5909] em28xx 5-1:0.0: board has no eeprom
[  774.903881][ T7081] usb 3-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  774.915997][ T7081] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  774.924890][ T7081] usb 3-1: Product: syz
[  774.929202][ T7081] usb 3-1: Manufacturer: syz
[  774.935546][ T7081] usb 3-1: SerialNumber: syz
[  774.954985][ T5909] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  774.963276][ T5909] em28xx 5-1:0.0: dvb set to bulk mode.
[  774.965427][ T7081] usb 3-1: config 0 descriptor??
[  774.969121][ T7180] em28xx 5-1:0.0: Binding DVB extension
[  775.002315][ T7081] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input33
[  775.015659][ T5909] usb 5-1: USB disconnect, device number 47
[  775.037373][ T5909] em28xx 5-1:0.0: Disconnecting em28xx
[  775.183992][ T7081] imon:send_packet: packet tx failed (-71)
[  775.213580][ T7081] imon 3-1:0.0: panel buttons/knobs setup failed
[  775.923093][ T7180] em28xx 5-1:0.0: Registering input extension
[  776.083685][ T5909] em28xx 5-1:0.0: Closing input extension
[  776.985904][ T5909] em28xx 5-1:0.0: Freeing device
[  777.043280][ T7081] rc_core: IR keymap rc-imon-pad not found
[  777.064924][ T7081] Registered IR keymap rc-empty
[  777.087495][ T7081] imon 3-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  777.136158][ T7081] imon 3-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  777.184018][ T7081] imon:send_packet: packet tx failed (-71)
[  777.233551][ T7081] imon 3-1:0.0: remote input dev register failed
[  777.240281][ T7081] imon 3-1:0.0: imon_init_intf0: rc device setup failed
[  777.332923][ T7081] imon 3-1:0.0: unable to initialize intf0, err 0
[  777.356689][ T7081] imon:imon_probe: failed to initialize context!
[  777.386174][ T7081] imon 3-1:0.0: unable to register, err -19
[  777.417462][ T7081] usb 3-1: USB disconnect, device number 48
[  777.639059][T12606] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1768'.
[  777.693178][   T24] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  777.776411][   T13] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  777.788556][   T13] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  777.803361][ T7081] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  778.094454][   T24] usb 5-1: Using ep0 maxpacket: 32
[  778.256161][ T7081] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  778.640297][ T7081] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  778.648151][   T24] usb 5-1: config 8 has an invalid interface number: 203 but max is 0
[  778.666503][   T24] usb 5-1: config 8 has no interface number 0
[  778.676639][   T24] usb 5-1: config 8 interface 203 altsetting 1 has an endpoint descriptor with address 0x93, changing to 0x83
[  778.694304][   T24] usb 5-1: config 8 interface 203 altsetting 1 bulk endpoint 0x83 has invalid maxpacket 1024
[  778.709507][   T24] usb 5-1: config 8 interface 203 altsetting 1 bulk endpoint 0xB has invalid maxpacket 1023
[  778.736259][   T24] usb 5-1: config 8 interface 203 has no altsetting 0
[  778.754517][   T24] usb 5-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a
[  778.770804][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  778.779091][   T24] usb 5-1: Product: syz
[  778.787837][   T24] usb 5-1: Manufacturer: syz
[  778.792507][   T24] usb 5-1: SerialNumber: syz
[  778.821112][T12603] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  778.829040][T12603] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  779.801254][T12628] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1766'.
[  780.497498][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880585bf000: rx timeout, send abort
[  780.506250][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8880585bf000: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  780.552996][T12629] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[  781.015768][T12643] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1777'.
[  781.789294][T12629] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  781.886740][T12629] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  781.903919][    C1] port100 5-1:8.203: NFC: Urb failure (status -71)
[  781.910582][    C1] port100 5-1:8.203: NFC: Urb failure (status -71)
[  781.917302][ T5982] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  781.917557][   T24] port100 5-1:8.203: NFC: Could not get supported command types
[  781.937798][T12629] usb 6-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.4d
[  781.989550][T12629] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  782.029760][   T24] usb 5-1: USB disconnect, device number 48
[  782.035986][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  782.073742][T12629] usb 6-1: config 0 descriptor??
[  782.083200][ T5982] usb 3-1: Using ep0 maxpacket: 16
[  782.110358][ T5982] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  782.132403][T12650] FAULT_INJECTION: forcing a failure.
[  782.132403][T12650] name failslab, interval 1, probability 0, space 0, times 0
[  782.165743][T12629] usb 6-1: can't set config #0, error -71
[  782.169283][T12650] CPU: 0 UID: 0 PID: 12650 Comm: syz.4.1779 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  782.169310][T12650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  782.169321][T12650] Call Trace:
[  782.169328][T12650]  <TASK>
[  782.169336][T12650]  dump_stack_lvl+0x189/0x250
[  782.169361][T12650]  ? __pfx____ratelimit+0x10/0x10
[  782.169387][T12650]  ? __pfx_dump_stack_lvl+0x10/0x10
[  782.169411][T12650]  ? __pfx__printk+0x10/0x10
[  782.169440][T12650]  ? ref_tracker_alloc+0x318/0x460
[  782.169476][T12650]  should_fail_ex+0x414/0x560
[  782.169505][T12650]  should_failslab+0xa8/0x100
[  782.169532][T12650]  kmem_cache_alloc_noprof+0x73/0x3c0
[  782.169554][T12650]  ? skb_clone+0x212/0x3a0
[  782.169581][T12650]  skb_clone+0x212/0x3a0
[  782.169607][T12650]  __netlink_deliver_tap+0x404/0x850
[  782.169641][T12650]  ? netlink_deliver_tap+0x2e/0x1b0
[  782.169662][T12650]  netlink_deliver_tap+0x19c/0x1b0
[  782.169683][T12650]  netlink_unicast+0x730/0x8e0
[  782.169713][T12650]  netlink_sendmsg+0x805/0xb30
[  782.169743][T12650]  ? __pfx_netlink_sendmsg+0x10/0x10
[  782.169772][T12650]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  782.169794][T12650]  ? __pfx_netlink_sendmsg+0x10/0x10
[  782.169814][T12650]  __sock_sendmsg+0x219/0x270
[  782.169843][T12650]  ____sys_sendmsg+0x505/0x830
[  782.169878][T12650]  ? __pfx_____sys_sendmsg+0x10/0x10
[  782.169909][T12650]  ? import_iovec+0x74/0xa0
[  782.169933][T12650]  ___sys_sendmsg+0x21f/0x2a0
[  782.169956][T12650]  ? __pfx____sys_sendmsg+0x10/0x10
[  782.170016][T12650]  ? __fget_files+0x2a/0x420
[  782.170032][T12650]  ? __fget_files+0x3a0/0x420
[  782.170059][T12650]  __x64_sys_sendmsg+0x19b/0x260
[  782.170083][T12650]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  782.170114][T12650]  ? __pfx_ksys_write+0x10/0x10
[  782.170134][T12650]  ? rcu_is_watching+0x15/0xb0
[  782.170158][T12650]  ? do_syscall_64+0xbe/0x3b0
[  782.170178][T12650]  do_syscall_64+0xfa/0x3b0
[  782.170193][T12650]  ? lockdep_hardirqs_on+0x9c/0x150
[  782.170217][T12650]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  782.170233][T12650]  ? clear_bhb_loop+0x60/0xb0
[  782.170254][T12650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  782.170270][T12650] RIP: 0033:0x7f6e8278e929
[  782.170286][T12650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  782.170300][T12650] RSP: 002b:00007f6e83637038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  782.170319][T12650] RAX: ffffffffffffffda RBX: 00007f6e829b5fa0 RCX: 00007f6e8278e929
[  782.170332][T12650] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000000003
[  782.170342][T12650] RBP: 00007f6e83637090 R08: 0000000000000000 R09: 0000000000000000
[  782.170352][T12650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  782.170362][T12650] R13: 0000000000000000 R14: 00007f6e829b5fa0 R15: 00007ffda6ebe0f8
[  782.170391][T12650]  </TASK>
[  782.215000][ T5982] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  782.426273][T12629] usb 6-1: USB disconnect, device number 46
[  782.543196][T12656] binder: 12655:12656 ioctl c0306201 200000000540 returned -22
[  782.860199][ T5982] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  782.877187][ T5982] usb 3-1: Product: syz
[  782.881569][ T5982] usb 3-1: Manufacturer: syz
[  782.886818][ T5982] usb 3-1: SerialNumber: syz
[  782.897332][ T5982] usb 3-1: config 0 descriptor??
[  783.400225][ T5982] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  783.420168][ T5982] em28xx 3-1:0.0: DVB interface 0 found: bulk
[  783.435584][   T24] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  783.491951][   T24] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  783.561368][   T24] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  783.586209][   T24] hid-generic 0003:0004:0000.000A: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  783.742778][T12671] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  784.223040][ T5982] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  784.326787][ T5982] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  784.413811][ T5982] em28xx 3-1:0.0: board has no eeprom
[  784.483740][ T5982] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  784.502686][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  784.527308][ T5982] em28xx 3-1:0.0: dvb set to bulk mode.
[  784.544616][ T5909] em28xx 3-1:0.0: Binding DVB extension
[  784.572687][ T5982] usb 3-1: USB disconnect, device number 49
[  784.617484][ T5982] em28xx 3-1:0.0: Disconnecting em28xx
[  784.906425][ T5909] em28xx 3-1:0.0: Registering input extension
[  784.917866][ T5982] em28xx 3-1:0.0: Closing input extension
[  784.952918][T12682] hsr0: entered promiscuous mode
[  785.226873][ T5982] em28xx 3-1:0.0: Freeing device
[  785.333045][T12680] hsr0: left promiscuous mode
[  785.882509][ T5909] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[  786.247989][T12703] binder: 12702:12703 ioctl c0306201 200000000540 returned -22
[  786.274575][ T5909] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  786.295223][ T5909] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  786.328008][ T5909] usb 6-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.4d
[  786.348191][ T5909] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  786.378402][ T5909] usb 6-1: config 0 descriptor??
[  786.738714][    C1] vcan0: j1939_tp_rxtimer: 0xffff888059ebe400: rx timeout, send abort
[  786.747340][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888059ebe400: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  786.843898][T12706] sctp: [Deprecated]: syz.4.1797 (pid 12706) Use of struct sctp_assoc_value in delayed_ack socket option.
[  786.843898][T12706] Use struct sctp_sack_info instead
[  786.846487][ T5909] usb 6-1: string descriptor 0 read error: -71
[  787.175118][ T5909] hdpvr 6-1:0.0: Could not find bulk-in endpoint
[  787.197813][ T5909] hdpvr 6-1:0.0: probe with driver hdpvr failed with error -12
[  787.217748][ T5909] usb 6-1: USB disconnect, device number 47
[  787.346929][T12678] 9pnet_fd: Insufficient options for proto=fd
[  788.499030][T12719] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1799'.
[  788.552636][T12720] blktrace: Concurrent blktraces are not allowed on nbd4
[  789.071778][T12730] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1803'.
[  789.555952][T12737] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1804'.
[  789.630741][T12738] blktrace: Concurrent blktraces are not allowed on nbd3
[  790.262749][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  790.353165][T12746] binder: 12745:12746 ioctl c0306201 200000000540 returned -22
[  791.077868][T12751] sctp: [Deprecated]: syz.2.1809 (pid 12751) Use of struct sctp_assoc_value in delayed_ack socket option.
[  791.077868][T12751] Use struct sctp_sack_info instead
[  792.092615][   T10] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  792.761171][T12769] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1814'.
[  792.845886][    C1] vcan0: j1939_tp_rxtimer: 0xffff888029492000: rx timeout, send abort
[  792.854880][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888029492000: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  793.115468][T12776] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1813'.
[  793.205595][ T5982] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  793.232549][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  793.244431][T12773] blktrace: Concurrent blktraces are not allowed on nbd5
[  793.261935][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  793.282525][   T10] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.4d
[  793.291901][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  793.333685][   T10] usb 4-1: config 0 descriptor??
[  793.398937][ T5982] usb 5-1: Using ep0 maxpacket: 32
[  793.431673][ T5982] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  793.452586][ T5982] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  793.463039][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  793.475962][T12783] FAULT_INJECTION: forcing a failure.
[  793.475962][T12783] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  793.500526][ T5982] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83
[  794.004155][T12783] CPU: 1 UID: 0 PID: 12783 Comm: syz.0.1816 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  794.004186][T12783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  794.004196][T12783] Call Trace:
[  794.004204][T12783]  <TASK>
[  794.004213][T12783]  dump_stack_lvl+0x189/0x250
[  794.004239][T12783]  ? __pfx____ratelimit+0x10/0x10
[  794.004266][T12783]  ? __pfx_dump_stack_lvl+0x10/0x10
[  794.004287][T12783]  ? __pfx__printk+0x10/0x10
[  794.004324][T12783]  should_fail_ex+0x414/0x560
[  794.004356][T12783]  _copy_to_user+0x31/0xb0
[  794.004381][T12783]  simple_read_from_buffer+0xe1/0x170
[  794.004413][T12783]  proc_fail_nth_read+0x1df/0x250
[  794.004436][T12783]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  794.004459][T12783]  ? rw_verify_area+0x258/0x650
[  794.004482][T12783]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  794.004502][T12783]  vfs_read+0x200/0x980
[  794.004532][T12783]  ? __pfx___mutex_lock+0x10/0x10
[  794.004551][T12783]  ? __pfx_vfs_read+0x10/0x10
[  794.004576][T12783]  ? __fget_files+0x2a/0x420
[  794.004599][T12783]  ? __fget_files+0x3a0/0x420
[  794.004614][T12783]  ? __fget_files+0x2a/0x420
[  794.004641][T12783]  ksys_read+0x145/0x250
[  794.004662][T12783]  ? __fget_files+0x2a/0x420
[  794.004681][T12783]  ? __pfx_ksys_read+0x10/0x10
[  794.004719][T12783]  ? do_syscall_64+0xbe/0x3b0
[  794.004742][T12783]  do_syscall_64+0xfa/0x3b0
[  794.004757][T12783]  ? lockdep_hardirqs_on+0x9c/0x150
[  794.004783][T12783]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  794.004807][T12783]  ? clear_bhb_loop+0x60/0xb0
[  794.004829][T12783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  794.004846][T12783] RIP: 0033:0x7f034938d33c
[  794.004862][T12783] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  794.004878][T12783] RSP: 002b:00007f034a2a4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  794.004898][T12783] RAX: ffffffffffffffda RBX: 00007f03495b5fa0 RCX: 00007f034938d33c
[  794.004911][T12783] RDX: 000000000000000f RSI: 00007f034a2a40a0 RDI: 0000000000000004
[  794.004922][T12783] RBP: 00007f034a2a4090 R08: 0000000000000000 R09: 0000000000000000
[  794.004933][T12783] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[  794.004945][T12783] R13: 0000000000000000 R14: 00007f03495b5fa0 R15: 00007fffd7674dc8
[  794.004983][T12783]  </TASK>
[  794.012545][ T5982] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  794.265793][ T5982] usb 5-1: Product: syz
[  794.270075][ T5982] usb 5-1: Manufacturer: syz
[  794.274988][ T5982] usb 5-1: SerialNumber: syz
[  794.285116][ T5982] usb 5-1: config 0 descriptor??
[  794.536851][ T5982] snd-usb-6fire 5-1:0.0: unknown device firmware state received from device:
[  794.552488][ T5982] f6 f2 2c fa 89 99 d8 d7 
[  794.557167][ T5982] snd-usb-6fire 5-1:0.0: probe with driver snd-usb-6fire failed with error -5
[  794.655685][T12788] FAULT_INJECTION: forcing a failure.
[  794.655685][T12788] name failslab, interval 1, probability 0, space 0, times 0
[  794.668643][T12788] CPU: 0 UID: 0 PID: 12788 Comm: syz.0.1817 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  794.668670][T12788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  794.668681][T12788] Call Trace:
[  794.668690][T12788]  <TASK>
[  794.668704][T12788]  dump_stack_lvl+0x189/0x250
[  794.668732][T12788]  ? __pfx____ratelimit+0x10/0x10
[  794.668760][T12788]  ? __pfx_dump_stack_lvl+0x10/0x10
[  794.668782][T12788]  ? __pfx__printk+0x10/0x10
[  794.668813][T12788]  ? __pfx___might_resched+0x10/0x10
[  794.668840][T12788]  should_fail_ex+0x414/0x560
[  794.668874][T12788]  should_failslab+0xa8/0x100
[  794.668912][T12788]  __kmalloc_cache_node_noprof+0x73/0x3d0
[  794.668941][T12788]  ? __get_vm_area_node+0x13f/0x300
[  794.668974][T12788]  __get_vm_area_node+0x13f/0x300
[  794.669007][T12788]  __vmalloc_node_range_noprof+0x301/0x12f0
[  794.669036][T12788]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  794.669055][T12788]  ? finish_task_switch+0x266/0x950
[  794.669082][T12788]  ? lockdep_hardirqs_on+0x9c/0x150
[  794.669116][T12788]  ? rcu_is_watching+0x15/0xb0
[  794.669142][T12788]  ? __schedule+0x16c0/0x4cb0
[  794.669173][T12788]  ? bpf_trace_run4+0x322/0x4a0
[  794.669202][T12788]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  794.669244][T12788]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  794.669260][T12788]  __vmalloc_noprof+0xb1/0xf0
[  794.669287][T12788]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  794.669309][T12788]  bpf_prog_alloc_no_stats+0x4a/0x4e0
[  794.669333][T12788]  bpf_prog_alloc+0x3c/0x1a0
[  794.669355][T12788]  bpf_prog_load+0x735/0x1930
[  794.669398][T12788]  ? __pfx_bpf_prog_load+0x10/0x10
[  794.669426][T12788]  ? irqentry_exit+0x74/0x90
[  794.669474][T12788]  ? rep_movs_alternative+0x4c/0x90
[  794.669496][T12788]  ? bpf_lsm_bpf+0x9/0x20
[  794.669513][T12788]  ? security_bpf+0x7e/0x300
[  794.669536][T12788]  __sys_bpf+0x5f1/0x860
[  794.669566][T12788]  ? __pfx___sys_bpf+0x10/0x10
[  794.669627][T12788]  __x64_sys_bpf+0x7c/0x90
[  794.669653][T12788]  do_syscall_64+0xfa/0x3b0
[  794.669673][T12788]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  794.669691][T12788]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  794.669708][T12788]  ? clear_bhb_loop+0x60/0xb0
[  794.669731][T12788]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  794.669750][T12788] RIP: 0033:0x7f034938e929
[  794.669767][T12788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  794.669783][T12788] RSP: 002b:00007f034a262038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  794.669804][T12788] RAX: ffffffffffffffda RBX: 00007f03495b6160 RCX: 00007f034938e929
[  794.669818][T12788] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000005
[  794.669830][T12788] RBP: 00007f034a262090 R08: 0000000000000000 R09: 0000000000000000
[  794.669842][T12788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  794.669854][T12788] R13: 0000000000000000 R14: 00007f03495b6160 R15: 00007fffd7674dc8
[  794.669887][T12788]  </TASK>
[  794.669955][T12788] syz.0.1817: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  794.978670][   T10] usb 4-1: string descriptor 0 read error: -71
[  794.990857][T12788] CPU: 0 UID: 0 PID: 12788 Comm: syz.0.1817 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  794.990884][T12788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  794.990895][T12788] Call Trace:
[  794.990903][T12788]  <TASK>
[  794.990911][T12788]  dump_stack_lvl+0x189/0x250
[  794.990948][T12788]  ? __pfx_dump_stack_lvl+0x10/0x10
[  794.990969][T12788]  ? __pfx__printk+0x10/0x10
[  794.991027][T12788]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  794.991051][T12788]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  794.991075][T12788]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  794.991101][T12788]  warn_alloc+0x214/0x310
[  794.991125][T12788]  ? __pfx_warn_alloc+0x10/0x10
[  794.991145][T12788]  ? __get_vm_area_node+0x13f/0x300
[  794.991176][T12788]  ? __get_vm_area_node+0x2b5/0x300
[  794.991209][T12788]  __vmalloc_node_range_noprof+0x326/0x12f0
[  794.991237][T12788]  ? finish_task_switch+0x266/0x950
[  794.991263][T12788]  ? lockdep_hardirqs_on+0x9c/0x150
[  794.991296][T12788]  ? rcu_is_watching+0x15/0xb0
[  794.991320][T12788]  ? __schedule+0x16c0/0x4cb0
[  794.991348][T12788]  ? bpf_trace_run4+0x322/0x4a0
[  794.991375][T12788]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  794.991415][T12788]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  794.991430][T12788]  __vmalloc_noprof+0xb1/0xf0
[  794.991457][T12788]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  794.991477][T12788]  bpf_prog_alloc_no_stats+0x4a/0x4e0
[  794.991500][T12788]  bpf_prog_alloc+0x3c/0x1a0
[  794.991520][T12788]  bpf_prog_load+0x735/0x1930
[  794.991560][T12788]  ? __pfx_bpf_prog_load+0x10/0x10
[  794.991588][T12788]  ? irqentry_exit+0x74/0x90
[  794.991634][T12788]  ? rep_movs_alternative+0x4c/0x90
[  794.991655][T12788]  ? bpf_lsm_bpf+0x9/0x20
[  794.991671][T12788]  ? security_bpf+0x7e/0x300
[  794.991691][T12788]  __sys_bpf+0x5f1/0x860
[  794.991719][T12788]  ? __pfx___sys_bpf+0x10/0x10
[  794.991778][T12788]  __x64_sys_bpf+0x7c/0x90
[  794.991803][T12788]  do_syscall_64+0xfa/0x3b0
[  794.991821][T12788]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  794.991838][T12788]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  794.991856][T12788]  ? clear_bhb_loop+0x60/0xb0
[  794.991878][T12788]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  794.991911][T12788] RIP: 0033:0x7f034938e929
[  794.991937][T12788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  794.991953][T12788] RSP: 002b:00007f034a262038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  794.991973][T12788] RAX: ffffffffffffffda RBX: 00007f03495b6160 RCX: 00007f034938e929
[  794.991986][T12788] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000005
[  794.991997][T12788] RBP: 00007f034a262090 R08: 0000000000000000 R09: 0000000000000000
[  794.992008][T12788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  794.992018][T12788] R13: 0000000000000000 R14: 00007f03495b6160 R15: 00007fffd7674dc8
[  794.992049][T12788]  </TASK>
[  794.992057][T12788] Mem-Info:
[  795.288297][T12788] active_anon:3671 inactive_anon:9149 isolated_anon:0
[  795.288297][T12788]  active_file:20232 inactive_file:38129 isolated_file:0
[  795.288297][T12788]  unevictable:768 dirty:189 writeback:0
[  795.288297][T12788]  slab_reclaimable:10744 slab_unreclaimable:100047
[  795.288297][T12788]  mapped:35229 shmem:10519 pagetables:1051
[  795.288297][T12788]  sec_pagetables:0 bounce:0
[  795.288297][T12788]  kernel_misc_reclaimable:0
[  795.288297][T12788]  free:1303078 free_pcp:10064 free_cma:0
[  795.334402][T12788] Node 0 active_anon:14684kB inactive_anon:36596kB active_file:80648kB inactive_file:152516kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:140864kB dirty:756kB writeback:0kB shmem:40540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11480kB pagetables:4072kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  795.368635][T12788] Node 1 active_anon:0kB inactive_anon:0kB active_file:280kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:52kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  795.372218][   T10] hdpvr 4-1:0.0: Could not find bulk-in endpoint
[  795.407677][T12788] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  795.436561][T12788] lowmem_reserve[]: 0 2500 2502 2502 2502
[  795.442381][T12788] Node 0 DMA32 free:1288568kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:14680kB inactive_anon:36552kB active_file:78880kB inactive_file:152452kB unevictable:1536kB writepending:720kB present:3129332kB managed:2560896kB mlocked:0kB bounce:0kB free_pcp:32528kB local_pcp:18164kB free_cma:0kB
[  795.475179][T12788] lowmem_reserve[]: 0 0 1 1 1
[  795.479896][T12788] Node 0 Normal free:8kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:44kB active_file:1768kB inactive_file:64kB unevictable:0kB writepending:0kB present:1048580kB managed:1904kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  795.509094][T12788] lowmem_reserve[]: 0 0 0 0 0
[  795.513831][T12788] Node 1 Normal free:3908376kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:280kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:7712kB local_pcp:7712kB free_cma:0kB
[  795.545000][T12788] lowmem_reserve[]: 0 0 0 0 0
[  795.549757][T12788] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  795.562445][T12788] Node 0 DMA32: 1069*4kB (UE) 657*8kB (UE) 587*16kB (U) 722*32kB (UME) 616*64kB (UME) 326*128kB (UM) 142*256kB (UM) 55*512kB (UME) 31*1024kB (UM) 10*2048kB (UM) 256*4096kB (UM) = 1288492kB
[  795.581454][T12788] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  795.593628][T12788] Node 1 Normal: 200*4kB (UME) 55*8kB (UME) 50*16kB (UME) 253*32kB (UME) 108*64kB (UME) 15*128kB (UE) 5*256kB (UME) 4*512kB (UME) 1*1024kB (M) 1*2048kB (E) 948*4096kB (UM) = 3908376kB
[  795.611995][T12788] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  795.621568][T12788] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  795.630960][T12788] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  795.640648][T12788] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  795.649960][T12788] 68877 total pagecache pages
[  795.654666][T12788] 0 pages in swap cache
[  795.658841][T12788] Free swap  = 124996kB
[  795.663053][T12788] Total swap = 124996kB
[  795.667293][T12788] 2097051 pages RAM
[  795.671181][T12788] 0 pages HighMem/MovableOnly
[  795.675933][T12788] 424720 pages reserved
[  795.680186][T12788] 0 pages cma reserved
[  795.756885][   T10] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -12
[  795.777798][   T10] usb 4-1: USB disconnect, device number 39
[  795.799539][T12782] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  796.009290][T12796] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1821'.
[  796.186957][   T10] usb 5-1: USB disconnect, device number 49
[  797.522269][T12808] sctp: [Deprecated]: syz.2.1824 (pid 12808) Use of struct sctp_assoc_value in delayed_ack socket option.
[  797.522269][T12808] Use struct sctp_sack_info instead
[  797.865168][ T5156] Bluetooth: hci1: command 0x0406 tx timeout
[  799.204358][T12836] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1831'.
[  799.220013][T12836] blktrace: Concurrent blktraces are not allowed on nbd0
[  799.491972][T12843] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1833'.
[  799.602707][ T5971] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  799.811813][ T5971] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  799.912119][ T5971] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  800.001698][ T5971] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.4d
[  800.091647][ T5971] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  800.253898][ T5971] usb 4-1: config 0 descriptor??
[  800.446368][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805886e000: rx timeout, send abort
[  800.455080][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805886e000: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  800.478350][T12868] sctp: [Deprecated]: syz.2.1838 (pid 12868) Use of struct sctp_assoc_value in delayed_ack socket option.
[  800.478350][T12868] Use struct sctp_sack_info instead
[  801.351485][ T5971] usb 4-1: string descriptor 0 read error: -71
[  801.385562][ T5971] hdpvr 4-1:0.0: Could not find bulk-in endpoint
[  801.403349][ T5971] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -12
[  801.438268][ T5971] usb 4-1: USB disconnect, device number 40
[  801.439326][T12876] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1843'.
[  801.769080][T12885] FAULT_INJECTION: forcing a failure.
[  801.769080][T12885] name failslab, interval 1, probability 0, space 0, times 0
[  801.807335][T12885] CPU: 1 UID: 0 PID: 12885 Comm: syz.5.1844 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  801.807367][T12885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  801.807378][T12885] Call Trace:
[  801.807387][T12885]  <TASK>
[  801.807396][T12885]  dump_stack_lvl+0x189/0x250
[  801.807424][T12885]  ? __pfx____ratelimit+0x10/0x10
[  801.807454][T12885]  ? __pfx_dump_stack_lvl+0x10/0x10
[  801.807476][T12885]  ? __pfx__printk+0x10/0x10
[  801.807508][T12885]  ? __pfx___might_resched+0x10/0x10
[  801.807528][T12885]  ? fs_reclaim_acquire+0x7d/0x100
[  801.807554][T12885]  should_fail_ex+0x414/0x560
[  801.807585][T12885]  should_failslab+0xa8/0x100
[  801.807614][T12885]  __kmalloc_noprof+0xcb/0x4f0
[  801.807640][T12885]  ? security_sk_alloc+0x52/0x390
[  801.807672][T12885]  security_sk_alloc+0x52/0x390
[  801.807700][T12885]  sk_prot_alloc+0x101/0x220
[  801.807723][T12885]  ? sk_alloc+0x24/0x370
[  801.807748][T12885]  sk_alloc+0x3a/0x370
[  801.807769][T12885]  ? bpf_ctx_init+0x167/0x1d0
[  801.807795][T12885]  bpf_prog_test_run_skb+0x2ed/0x1560
[  801.807815][T12885]  ? __fget_files+0x2a/0x420
[  801.807852][T12885]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  801.807875][T12885]  bpf_prog_test_run+0x2c7/0x340
[  801.807909][T12885]  __sys_bpf+0x4a4/0x860
[  801.807948][T12885]  ? __pfx___sys_bpf+0x10/0x10
[  801.807992][T12885]  ? ksys_write+0x22a/0x250
[  801.808021][T12885]  ? __pfx_ksys_write+0x10/0x10
[  801.808043][T12885]  ? rcu_is_watching+0x15/0xb0
[  801.808074][T12885]  __x64_sys_bpf+0x7c/0x90
[  801.808101][T12885]  do_syscall_64+0xfa/0x3b0
[  801.808119][T12885]  ? lockdep_hardirqs_on+0x9c/0x150
[  801.808146][T12885]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  801.808165][T12885]  ? clear_bhb_loop+0x60/0xb0
[  801.808189][T12885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  801.808208][T12885] RIP: 0033:0x7f6bf178e929
[  801.808226][T12885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  801.808242][T12885] RSP: 002b:00007f6bf25fc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  801.808265][T12885] RAX: ffffffffffffffda RBX: 00007f6bf19b5fa0 RCX: 00007f6bf178e929
[  801.808279][T12885] RDX: 000000000000004c RSI: 0000200000000240 RDI: 000000000000000a
[  801.808291][T12885] RBP: 00007f6bf25fc090 R08: 0000000000000000 R09: 0000000000000000
[  801.808303][T12885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  801.808314][T12885] R13: 0000000000000000 R14: 00007f6bf19b5fa0 R15: 00007ffc254ed998
[  801.808348][T12885]  </TASK>
[  802.187819][T12878] blktrace: Concurrent blktraces are not allowed on nbd2
[  802.716099][T12891] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1845'.
[  802.765711][T12894] blktrace: Concurrent blktraces are not allowed on nbd4
[  803.733622][T12901] sctp: [Deprecated]: syz.0.1852 (pid 12901) Use of struct sctp_assoc_value in delayed_ack socket option.
[  803.733622][T12901] Use struct sctp_sack_info instead
[  804.080050][T12912] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  804.357123][T12908] blktrace: Concurrent blktraces are not allowed on nbd3
[  804.388304][T12914] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1850'.
[  804.544188][T12922] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  804.552053][T12922] UDF-fs: Scanning with blocksize 512 failed
[  804.561865][T12922] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  804.569784][T12922] UDF-fs: Scanning with blocksize 1024 failed
[  804.577503][T12922] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  804.585445][T12922] UDF-fs: Scanning with blocksize 2048 failed
[  804.600368][T12922] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  804.608583][T12922] UDF-fs: Scanning with blocksize 4096 failed
[  806.208615][T12930] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  806.262647][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  806.702597][T12932] FAULT_INJECTION: forcing a failure.
[  806.702597][T12932] name failslab, interval 1, probability 0, space 0, times 0
[  806.729995][T12932] CPU: 1 UID: 0 PID: 12932 Comm: syz.0.1859 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  806.730028][T12932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  806.730039][T12932] Call Trace:
[  806.730047][T12932]  <TASK>
[  806.730055][T12932]  dump_stack_lvl+0x189/0x250
[  806.730081][T12932]  ? __pfx____ratelimit+0x10/0x10
[  806.730107][T12932]  ? __pfx_dump_stack_lvl+0x10/0x10
[  806.730126][T12932]  ? __pfx__printk+0x10/0x10
[  806.730154][T12932]  ? ref_tracker_alloc+0x318/0x460
[  806.730183][T12932]  should_fail_ex+0x414/0x560
[  806.730213][T12932]  should_failslab+0xa8/0x100
[  806.730240][T12932]  kmem_cache_alloc_noprof+0x73/0x3c0
[  806.730263][T12932]  ? skb_clone+0x212/0x3a0
[  806.730290][T12932]  skb_clone+0x212/0x3a0
[  806.730318][T12932]  __netlink_deliver_tap+0x404/0x850
[  806.730353][T12932]  ? netlink_deliver_tap+0x2e/0x1b0
[  806.730375][T12932]  netlink_deliver_tap+0x19c/0x1b0
[  806.730397][T12932]  netlink_unicast+0x730/0x8e0
[  806.730427][T12932]  netlink_sendmsg+0x805/0xb30
[  806.730459][T12932]  ? __pfx_netlink_sendmsg+0x10/0x10
[  806.730493][T12932]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  806.730519][T12932]  ? __pfx_netlink_sendmsg+0x10/0x10
[  806.730543][T12932]  __sock_sendmsg+0x219/0x270
[  806.730582][T12932]  ____sys_sendmsg+0x505/0x830
[  806.730609][T12932]  ? __pfx_____sys_sendmsg+0x10/0x10
[  806.730643][T12932]  ? import_iovec+0x74/0xa0
[  806.730670][T12932]  ___sys_sendmsg+0x21f/0x2a0
[  806.730697][T12932]  ? __pfx____sys_sendmsg+0x10/0x10
[  806.730772][T12932]  ? __fget_files+0x2a/0x420
[  806.730789][T12932]  ? __fget_files+0x3a0/0x420
[  806.730826][T12932]  __x64_sys_sendmsg+0x19b/0x260
[  806.730854][T12932]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  806.730891][T12932]  ? __pfx_ksys_write+0x10/0x10
[  806.730915][T12932]  ? rcu_is_watching+0x15/0xb0
[  806.730944][T12932]  ? do_syscall_64+0xbe/0x3b0
[  806.730969][T12932]  do_syscall_64+0xfa/0x3b0
[  806.730985][T12932]  ? lockdep_hardirqs_on+0x9c/0x150
[  806.731012][T12932]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.731031][T12932]  ? clear_bhb_loop+0x60/0xb0
[  806.731056][T12932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.731075][T12932] RIP: 0033:0x7f034938e929
[  806.731092][T12932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  806.731108][T12932] RSP: 002b:00007f034a2a4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  806.731129][T12932] RAX: ffffffffffffffda RBX: 00007f03495b5fa0 RCX: 00007f034938e929
[  806.731143][T12932] RDX: 0000000000004010 RSI: 0000200000000000 RDI: 0000000000000003
[  806.731155][T12932] RBP: 00007f034a2a4090 R08: 0000000000000000 R09: 0000000000000000
[  806.731168][T12932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  806.731179][T12932] R13: 0000000000000000 R14: 00007f03495b5fa0 R15: 00007fffd7674dc8
[  806.731211][T12932]  </TASK>
[  806.732189][T12932] netlink: del zone limit has 4 unknown bytes
[  807.158250][T12943] blktrace: Concurrent blktraces are not allowed on nbd4
[  807.212566][   T10] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  807.329252][T12947] netdevsim netdevsim0: Firmware load for '..' refused, path contains '..' component
[  807.372620][   T10] usb 3-1: Using ep0 maxpacket: 8
[  807.422710][   T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  807.456804][   T10] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  807.494812][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  807.584908][ T5971] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  807.863826][ T5971] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  807.981720][ T5971] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  808.137238][ T5971] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.4d
[  808.147725][   T10] usb 3-1: config 0 descriptor??
[  808.150814][ T5971] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  808.169120][ T5971] usb 4-1: config 0 descriptor??
[  808.176708][   T10] iowarrior 3-1:0.0: no interrupt-in endpoint found
[  808.275381][T12959] sctp: [Deprecated]: syz.0.1867 (pid 12959) Use of struct sctp_assoc_value in delayed_ack socket option.
[  808.275381][T12959] Use struct sctp_sack_info instead
[  808.363148][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058d4f000: rx timeout, send abort
[  808.373688][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888058d4f000: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  808.542145][T12935] No such timeout policy "syz1"
[  808.776679][T12935] overlayfs: failed to resolve './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  808.845590][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  808.952475][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  809.016426][   T24] usb 3-1: USB disconnect, device number 50
[  809.413572][T12968] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1870'.
[  809.429257][T12968] blktrace: Concurrent blktraces are not allowed on nbd0
[  810.205847][ T5971] usb 4-1: string descriptor 0 read error: -71
[  810.522041][ T5971] hdpvr 4-1:0.0: Could not find bulk-in endpoint
[  810.578767][ T5971] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -12
[  810.610540][ T5971] usb 4-1: USB disconnect, device number 41
[  811.220246][T12986] blktrace: Concurrent blktraces are not allowed on nbd4
[  812.268685][T13007] sctp: [Deprecated]: syz.3.1880 (pid 13007) Use of struct sctp_assoc_value in delayed_ack socket option.
[  812.268685][T13007] Use struct sctp_sack_info instead
[  813.630878][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805af5bc00: rx timeout, send abort
[  813.640186][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805af5bc00: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  813.942583][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  814.028333][   T10] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  814.114396][T13029] blktrace: Concurrent blktraces are not allowed on nbd4
[  814.309024][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  814.342917][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  814.375561][   T10] usb 3-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.4d
[  814.416799][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  814.458295][   T10] usb 3-1: config 0 descriptor??
[  815.086459][T13038] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1892'.
[  815.804793][T13043] FAULT_INJECTION: forcing a failure.
[  815.804793][T13043] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  815.819269][T13043] CPU: 0 UID: 0 PID: 13043 Comm: syz.0.1893 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  815.819299][T13043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  815.819311][T13043] Call Trace:
[  815.819320][T13043]  <TASK>
[  815.819329][T13043]  dump_stack_lvl+0x189/0x250
[  815.819358][T13043]  ? __pfx____ratelimit+0x10/0x10
[  815.819389][T13043]  ? __pfx_dump_stack_lvl+0x10/0x10
[  815.819411][T13043]  ? __pfx__printk+0x10/0x10
[  815.819440][T13043]  ? nmi_uaccess_okay+0x75/0xb0
[  815.819476][T13043]  ? bpf_send_signal_common+0x434/0x540
[  815.819511][T13043]  should_fail_ex+0x414/0x560
[  815.819544][T13043]  strncpy_from_user+0x36/0x290
[  815.819576][T13043]  strncpy_from_user_nofault+0x72/0x150
[  815.819608][T13043]  bpf_probe_read_user_str+0x2a/0x70
[  815.819632][T13043]  bpf_prog_9deb4dd9eeaa7b3b+0x46/0x4e
[  815.819653][T13043]  bpf_trace_run9+0x2db/0x500
[  815.819682][T13043]  ? bpf_trace_run9+0x1ec/0x500
[  815.819708][T13043]  ? __pfx_bpf_trace_run9+0x10/0x10
[  815.819732][T13043]  ? virtio_transport_alloc_skb+0x4c/0xe60
[  815.819759][T13043]  ? vsock_connect+0xb8d/0xe20
[  815.819785][T13043]  ? __sys_connect+0x313/0x440
[  815.819830][T13043]  __bpf_trace_virtio_transport_alloc_pkt+0x2d7/0x340
[  815.819875][T13043]  ? __pfx___bpf_trace_virtio_transport_alloc_pkt+0x10/0x10
[  815.819919][T13043]  ? remove_pfn_range_from_zone+0x341/0x950
[  815.819940][T13043]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  815.819975][T13043]  ? __build_skb_around+0x257/0x3e0
[  815.820008][T13043]  virtio_transport_alloc_skb+0xdce/0xe60
[  815.820048][T13043]  ? lockdep_hardirqs_on+0x9c/0x150
[  815.820083][T13043]  virtio_transport_send_pkt_info+0x617/0xf00
[  815.820136][T13043]  virtio_transport_connect+0xa7/0x100
[  815.820162][T13043]  ? __pfx_virtio_transport_connect+0x10/0x10
[  815.820192][T13043]  ? __pfx_vsock_auto_bind+0x10/0x10
[  815.820223][T13043]  ? vsock_assign_transport+0x5ed/0x770
[  815.820257][T13043]  vsock_connect+0xb8d/0xe20
[  815.820296][T13043]  ? __might_fault+0xb0/0x130
[  815.820323][T13043]  ? __pfx_vsock_connect+0x10/0x10
[  815.820355][T13043]  ? __pfx_autoremove_wake_function+0x10/0x10
[  815.820392][T13043]  ? bpf_lsm_socket_connect+0x9/0x20
[  815.820424][T13043]  __sys_connect+0x313/0x440
[  815.820454][T13043]  ? __fget_files+0x3a0/0x420
[  815.820474][T13043]  ? __pfx___sys_connect+0x10/0x10
[  815.820511][T13043]  ? __pfx_ksys_write+0x10/0x10
[  815.820535][T13043]  ? rcu_is_watching+0x15/0xb0
[  815.820565][T13043]  __x64_sys_connect+0x7a/0x90
[  815.820588][T13043]  do_syscall_64+0xfa/0x3b0
[  815.820606][T13043]  ? lockdep_hardirqs_on+0x9c/0x150
[  815.820633][T13043]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  815.820652][T13043]  ? clear_bhb_loop+0x60/0xb0
[  815.820677][T13043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  815.820696][T13043] RIP: 0033:0x7f034938e929
[  815.820714][T13043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  815.820730][T13043] RSP: 002b:00007f034a2a4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  815.820752][T13043] RAX: ffffffffffffffda RBX: 00007f03495b5fa0 RCX: 00007f034938e929
[  815.820767][T13043] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000006
[  815.820780][T13043] RBP: 00007f034a2a4090 R08: 0000000000000000 R09: 0000000000000000
[  815.820793][T13043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  815.820805][T13043] R13: 0000000000000000 R14: 00007f03495b5fa0 R15: 00007fffd7674dc8
[  815.820839][T13043]  </TASK>
[  815.882648][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  816.306941][   T10] usb 3-1: string descriptor 0 read error: -71
[  816.316563][   T10] hdpvr 3-1:0.0: Could not find bulk-in endpoint
[  816.332638][   T10] hdpvr 3-1:0.0: probe with driver hdpvr failed with error -12
[  816.387740][   T10] usb 3-1: USB disconnect, device number 51
[  817.779469][T13056] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  818.284976][T13059] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1899'.
[  818.628838][T13064] blktrace: Concurrent blktraces are not allowed on nbd4
[  819.043335][T13073] sctp: [Deprecated]: syz.2.1897 (pid 13073) Use of struct sctp_assoc_value in delayed_ack socket option.
[  819.043335][T13073] Use struct sctp_sack_info instead
[  819.316205][T13084] netlink: del zone limit has 4 unknown bytes
[  819.401336][T13087] FAULT_INJECTION: forcing a failure.
[  819.401336][T13087] name failslab, interval 1, probability 0, space 0, times 0
[  819.440699][T13087] CPU: 0 UID: 0 PID: 13087 Comm: syz.3.1907 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  819.440730][T13087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  819.440741][T13087] Call Trace:
[  819.440749][T13087]  <TASK>
[  819.440758][T13087]  dump_stack_lvl+0x189/0x250
[  819.440786][T13087]  ? __pfx____ratelimit+0x10/0x10
[  819.440816][T13087]  ? __pfx_dump_stack_lvl+0x10/0x10
[  819.440839][T13087]  ? __pfx__printk+0x10/0x10
[  819.440867][T13087]  ? __pfx___might_resched+0x10/0x10
[  819.440889][T13087]  ? fs_reclaim_acquire+0x7d/0x100
[  819.440915][T13087]  should_fail_ex+0x414/0x560
[  819.440949][T13087]  should_failslab+0xa8/0x100
[  819.440979][T13087]  __kmalloc_noprof+0xcb/0x4f0
[  819.441005][T13087]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  819.441037][T13087]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  819.441072][T13087]  genl_family_rcv_msg_doit+0xb8/0x300
[  819.441108][T13087]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  819.441138][T13087]  ? rcu_is_watching+0x15/0xb0
[  819.441160][T13087]  ? cap_capable+0x11f/0x460
[  819.441187][T13087]  ? safesetid_security_capable+0xa9/0x1a0
[  819.441216][T13087]  ? bpf_lsm_capable+0x9/0x20
[  819.441235][T13087]  ? security_capable+0x7e/0x2e0
[  819.441263][T13087]  genl_rcv_msg+0x60e/0x790
[  819.441297][T13087]  ? __pfx_genl_rcv_msg+0x10/0x10
[  819.441324][T13087]  ? __pfx_nfc_genl_fw_download+0x10/0x10
[  819.441369][T13087]  netlink_rcv_skb+0x208/0x470
[  819.441403][T13087]  ? __pfx_genl_rcv_msg+0x10/0x10
[  819.441431][T13087]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  819.441473][T13087]  ? down_read+0x1ad/0x2e0
[  819.441497][T13087]  genl_rcv+0x28/0x40
[  819.441522][T13087]  netlink_unicast+0x759/0x8e0
[  819.441557][T13087]  netlink_sendmsg+0x805/0xb30
[  819.441593][T13087]  ? __pfx_netlink_sendmsg+0x10/0x10
[  819.441626][T13087]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  819.441652][T13087]  ? __pfx_netlink_sendmsg+0x10/0x10
[  819.441677][T13087]  __sock_sendmsg+0x219/0x270
[  819.441710][T13087]  ____sys_sendmsg+0x505/0x830
[  819.441741][T13087]  ? __pfx_____sys_sendmsg+0x10/0x10
[  819.441778][T13087]  ? import_iovec+0x74/0xa0
[  819.441806][T13087]  ___sys_sendmsg+0x21f/0x2a0
[  819.441834][T13087]  ? __pfx____sys_sendmsg+0x10/0x10
[  819.441904][T13087]  ? __fget_files+0x2a/0x420
[  819.441923][T13087]  ? __fget_files+0x3a0/0x420
[  819.441954][T13087]  __x64_sys_sendmsg+0x19b/0x260
[  819.441982][T13087]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  819.442019][T13087]  ? __pfx_ksys_write+0x10/0x10
[  819.442053][T13087]  ? do_syscall_64+0xbe/0x3b0
[  819.442077][T13087]  do_syscall_64+0xfa/0x3b0
[  819.442094][T13087]  ? lockdep_hardirqs_on+0x9c/0x150
[  819.442122][T13087]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  819.442141][T13087]  ? clear_bhb_loop+0x60/0xb0
[  819.442166][T13087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  819.442185][T13087] RIP: 0033:0x7f0f0618e929
[  819.442204][T13087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  819.442221][T13087] RSP: 002b:00007f0f0702b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  819.442244][T13087] RAX: ffffffffffffffda RBX: 00007f0f063b5fa0 RCX: 00007f0f0618e929
[  819.442259][T13087] RDX: 0000000000000080 RSI: 0000200000002ec0 RDI: 0000000000000006
[  819.442272][T13087] RBP: 00007f0f0702b090 R08: 0000000000000000 R09: 0000000000000000
[  819.442285][T13087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  819.442297][T13087] R13: 0000000000000000 R14: 00007f0f063b5fa0 R15: 00007ffedba24018
[  819.442335][T13087]  </TASK>
[  820.811948][ T5848] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  821.782677][T13115] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1913'.
[  821.799678][T13115] blktrace: Concurrent blktraces are not allowed on nbd3
[  822.254181][   T10] usb 5-1: new full-speed USB device number 50 using dummy_hcd
[  822.778124][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  822.789613][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  823.131881][   T10] usb 5-1: New USB device found, idVendor=04fc, idProduct=05d8, bcdDevice= 0.00
[  823.172106][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  823.241024][   T10] usb 5-1: config 0 descriptor??
[  823.514503][T13123] syz.0.1915 (13123): drop_caches: 2
[  823.674817][   T10] sunplus 0003:04FC:05D8.000B: unknown main item tag 0x0
[  823.770476][   T10] sunplus 0003:04FC:05D8.000B: unknown main item tag 0x0
[  823.802437][   T10] sunplus 0003:04FC:05D8.000B: unknown main item tag 0x0
[  823.871954][   T10] sunplus 0003:04FC:05D8.000B: unknown main item tag 0x0
[  823.912429][   T10] sunplus 0003:04FC:05D8.000B: unknown main item tag 0x0
[  823.952959][   T10] sunplus 0003:04FC:05D8.000B: hidraw0: USB HID v0.79 Device [HID 04fc:05d8] on usb-dummy_hcd.4-1/input0
[  825.252978][ T7180] usb 5-1: USB disconnect, device number 50
[  825.738616][T13150] sctp: [Deprecated]: syz.3.1921 (pid 13150) Use of struct sctp_assoc_value in delayed_ack socket option.
[  825.738616][T13150] Use struct sctp_sack_info instead
[  826.243620][ T5848] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  827.585387][   T30] audit: type=1326 audit(1752473149.961:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13159 comm="syz.0.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034938e929 code=0x7ffc0000
[  827.607160][    C1] vkms_vblank_simulate: vblank timer overrun
[  827.678035][   T30] audit: type=1326 audit(1752473149.961:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13159 comm="syz.0.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=33 compat=0 ip=0x7f034938e929 code=0x7ffc0000
[  827.712757][   T10] usb 6-1: new high-speed USB device number 48 using dummy_hcd
[  827.733186][T13169] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1928'.
[  827.753242][   T30] audit: type=1326 audit(1752473149.961:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13159 comm="syz.0.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034938e929 code=0x7ffc0000
[  827.820867][   T30] audit: type=1326 audit(1752473149.961:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13159 comm="syz.0.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f034938e929 code=0x7ffc0000
[  827.902409][   T10] usb 6-1: Using ep0 maxpacket: 16
[  827.909984][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  827.923986][   T10] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  827.936182][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  827.965648][   T10] usb 6-1: Product: syz
[  827.973855][   T10] usb 6-1: Manufacturer: syz
[  827.982070][   T10] usb 6-1: SerialNumber: syz
[  827.990732][   T10] usb 6-1: config 0 descriptor??
[  828.015993][   T10] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  828.035661][   T10] em28xx 6-1:0.0: DVB interface 0 found: bulk
[  828.212502][   T30] audit: type=1326 audit(1752473150.581:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13159 comm="syz.0.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034938e929 code=0x7ffc0000
[  828.342790][   T10] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  828.589698][   T30] audit: type=1326 audit(1752473150.581:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13159 comm="syz.0.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034938e929 code=0x7ffc0000
[  828.724485][   T10] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  828.739495][   T10] em28xx 6-1:0.0: board has no eeprom
[  828.851080][T13160] input: syz0 as /devices/virtual/input/input37
[  828.860463][   T30] audit: type=1326 audit(1752473151.251:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13159 comm="syz.0.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f034938e929 code=0x7ffc0000
[  828.930663][   T30] audit: type=1326 audit(1752473151.251:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13159 comm="syz.0.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034938e929 code=0x7ffc0000
[  828.952528][    C1] vkms_vblank_simulate: vblank timer overrun
[  828.989902][   T30] audit: type=1326 audit(1752473151.251:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13159 comm="syz.0.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f034938e929 code=0x7ffc0000
[  829.028067][   T30] audit: type=1326 audit(1752473151.251:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13159 comm="syz.0.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f034938e929 code=0x7ffc0000
[  829.153410][   T10] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  829.186185][   T10] em28xx 6-1:0.0: dvb set to bulk mode.
[  829.194712][ T7180] em28xx 6-1:0.0: Binding DVB extension
[  829.207503][   T10] usb 6-1: USB disconnect, device number 48
[  829.244014][   T10] em28xx 6-1:0.0: Disconnecting em28xx
[  829.286562][T13184] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  831.006634][ T7180] em28xx 6-1:0.0: Registering input extension
[  831.025566][   T10] em28xx 6-1:0.0: Closing input extension
[  831.054449][   T10] em28xx 6-1:0.0: Freeing device
[  832.531811][T13211] FAULT_INJECTION: forcing a failure.
[  832.531811][T13211] name failslab, interval 1, probability 0, space 0, times 0
[  832.547774][T13211] CPU: 0 UID: 0 PID: 13211 Comm: syz.2.1938 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  832.547805][T13211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  832.547817][T13211] Call Trace:
[  832.547826][T13211]  <TASK>
[  832.547835][T13211]  dump_stack_lvl+0x189/0x250
[  832.547865][T13211]  ? __pfx____ratelimit+0x10/0x10
[  832.547896][T13211]  ? __pfx_dump_stack_lvl+0x10/0x10
[  832.547919][T13211]  ? __pfx__printk+0x10/0x10
[  832.547953][T13211]  ? ref_tracker_alloc+0x318/0x460
[  832.547986][T13211]  should_fail_ex+0x414/0x560
[  832.548020][T13211]  should_failslab+0xa8/0x100
[  832.548051][T13211]  kmem_cache_alloc_noprof+0x73/0x3c0
[  832.548078][T13211]  ? skb_clone+0x212/0x3a0
[  832.548110][T13211]  skb_clone+0x212/0x3a0
[  832.548141][T13211]  __netlink_deliver_tap+0x404/0x850
[  832.548178][T13211]  ? netlink_deliver_tap+0x2e/0x1b0
[  832.548209][T13211]  netlink_deliver_tap+0x19c/0x1b0
[  832.548233][T13211]  netlink_unicast+0x730/0x8e0
[  832.548269][T13211]  netlink_sendmsg+0x805/0xb30
[  832.548304][T13211]  ? __pfx_netlink_sendmsg+0x10/0x10
[  832.548338][T13211]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  832.548364][T13211]  ? __pfx_netlink_sendmsg+0x10/0x10
[  832.548389][T13211]  __sock_sendmsg+0x219/0x270
[  832.548424][T13211]  ____sys_sendmsg+0x505/0x830
[  832.548457][T13211]  ? __pfx_____sys_sendmsg+0x10/0x10
[  832.548493][T13211]  ? import_iovec+0x74/0xa0
[  832.548521][T13211]  ___sys_sendmsg+0x21f/0x2a0
[  832.548549][T13211]  ? __pfx____sys_sendmsg+0x10/0x10
[  832.548627][T13211]  ? __fget_files+0x2a/0x420
[  832.548646][T13211]  ? __fget_files+0x3a0/0x420
[  832.548677][T13211]  __x64_sys_sendmsg+0x19b/0x260
[  832.548706][T13211]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  832.548744][T13211]  ? __pfx_ksys_write+0x10/0x10
[  832.548767][T13211]  ? rcu_is_watching+0x15/0xb0
[  832.548796][T13211]  ? do_syscall_64+0xbe/0x3b0
[  832.548820][T13211]  do_syscall_64+0xfa/0x3b0
[  832.548837][T13211]  ? lockdep_hardirqs_on+0x9c/0x150
[  832.548865][T13211]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  832.548885][T13211]  ? clear_bhb_loop+0x60/0xb0
[  832.548910][T13211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  832.548929][T13211] RIP: 0033:0x7f65ec38e929
[  832.548948][T13211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  832.548965][T13211] RSP: 002b:00007f65ed2b2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  832.548988][T13211] RAX: ffffffffffffffda RBX: 00007f65ec5b5fa0 RCX: 00007f65ec38e929
[  832.549003][T13211] RDX: 000000002000c000 RSI: 0000200000000000 RDI: 0000000000000003
[  832.549023][T13211] RBP: 00007f65ed2b2090 R08: 0000000000000000 R09: 0000000000000000
[  832.549036][T13211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  832.549048][T13211] R13: 0000000000000000 R14: 00007f65ec5b5fa0 R15: 00007fff3e4270c8
[  832.549082][T13211]  </TASK>
[  834.796936][   T10] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[  835.784466][T13241] fuse: Unknown parameter 'group_i00000000000000000000'
[  835.812610][   T10] usb 6-1: Using ep0 maxpacket: 16
[  835.963618][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  836.015984][   T10] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  836.065274][T13252] FAULT_INJECTION: forcing a failure.
[  836.065274][T13252] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  836.076586][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  836.079537][T13252] CPU: 1 UID: 0 PID: 13252 Comm: syz.4.1949 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  836.079573][T13252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  836.079584][T13252] Call Trace:
[  836.079593][T13252]  <TASK>
[  836.079601][T13252]  dump_stack_lvl+0x189/0x250
[  836.079627][T13252]  ? __pfx____ratelimit+0x10/0x10
[  836.079654][T13252]  ? __pfx_dump_stack_lvl+0x10/0x10
[  836.079674][T13252]  ? __pfx__printk+0x10/0x10
[  836.079699][T13252]  ? fs_reclaim_acquire+0x7d/0x100
[  836.079727][T13252]  should_fail_ex+0x414/0x560
[  836.079763][T13252]  prepare_alloc_pages+0x213/0x610
[  836.079796][T13252]  __alloc_frozen_pages_noprof+0x123/0x370
[  836.079820][T13252]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  836.079849][T13252]  ? policy_nodemask+0x27c/0x720
[  836.079871][T13252]  ? __lock_acquire+0xab9/0xd20
[  836.079901][T13252]  alloc_pages_mpol+0x232/0x4a0
[  836.079937][T13252]  vma_alloc_folio_noprof+0xe4/0x200
[  836.079966][T13252]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  836.080004][T13252]  folio_prealloc+0x30/0x180
[  836.080030][T13252]  __handle_mm_fault+0x2c88/0x5620
[  836.080074][T13252]  ? __pfx___handle_mm_fault+0x10/0x10
[  836.080113][T13252]  ? follow_page_pte+0x8d6/0x14b0
[  836.080145][T13252]  handle_mm_fault+0x2d5/0x7f0
[  836.080169][T13252]  ? vma_is_secretmem+0xd/0x50
[  836.080202][T13252]  __get_user_pages+0x1af4/0x30b0
[  836.080262][T13252]  ? __pfx___get_user_pages+0x10/0x10
[  836.080283][T13252]  ? __gup_longterm_locked+0xbf7/0x15b0
[  836.080305][T13252]  ? down_read_killable+0x1d1/0x350
[  836.080329][T13252]  __gup_longterm_locked+0xd66/0x15b0
[  836.080364][T13252]  ? sanity_check_pinned_pages+0x11cf/0x12c0
[  836.080388][T13252]  ? gup_fast_fallback+0x1afc/0x2260
[  836.080414][T13252]  gup_fast_fallback+0x1cd4/0x2260
[  836.080480][T13252]  ? __pfx_gup_fast_fallback+0x10/0x10
[  836.080513][T13252]  ? kasan_save_track+0x4f/0x80
[  836.080554][T13252]  ? pin_user_pages_fast+0x4d/0xb0
[  836.080579][T13252]  iov_iter_extract_pages+0x35a/0x5e0
[  836.080609][T13252]  bio_iov_iter_get_pages+0x49b/0x11c0
[  836.080661][T13252]  ? __pfx_bio_iov_iter_get_pages+0x10/0x10
[  836.080683][T13252]  ? bio_associate_blkg+0x6d/0x230
[  836.080722][T13252]  ? bio_init+0x11d/0x250
[  836.080746][T13252]  blkdev_direct_IO+0xfd7/0x16f0
[  836.080776][T13252]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  836.080820][T13252]  ? _parse_integer_limit+0x1ae/0x1f0
[  836.080854][T13252]  ? kiocb_write_and_wait+0x14d/0x1b0
[  836.080880][T13252]  blkdev_read_iter+0x23d/0x440
[  836.080909][T13252]  do_iter_readv_writev+0x56b/0x7f0
[  836.080937][T13252]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  836.080967][T13252]  ? bpf_lsm_file_permission+0x9/0x20
[  836.080983][T13252]  ? security_file_permission+0x75/0x290
[  836.081009][T13252]  ? rw_verify_area+0x258/0x650
[  836.081036][T13252]  vfs_readv+0x253/0x850
[  836.081059][T13252]  ? __pfx_vfs_readv+0x10/0x10
[  836.081093][T13252]  ? __fget_files+0x2a/0x420
[  836.081115][T13252]  ? __fget_files+0x3a0/0x420
[  836.081130][T13252]  ? __fget_files+0x2a/0x420
[  836.081156][T13252]  __se_sys_preadv2+0x179/0x290
[  836.081183][T13252]  ? __pfx___se_sys_preadv2+0x10/0x10
[  836.081205][T13252]  ? rcu_is_watching+0x15/0xb0
[  836.081229][T13252]  ? do_syscall_64+0xbe/0x3b0
[  836.081244][T13252]  ? __x64_sys_preadv2+0x20/0xc0
[  836.081270][T13252]  do_syscall_64+0xfa/0x3b0
[  836.081285][T13252]  ? lockdep_hardirqs_on+0x9c/0x150
[  836.081309][T13252]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  836.081325][T13252]  ? clear_bhb_loop+0x60/0xb0
[  836.081347][T13252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  836.081363][T13252] RIP: 0033:0x7f6e8278e929
[  836.081380][T13252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  836.081395][T13252] RSP: 002b:00007f6e83637038 EFLAGS: 00000246 ORIG_RAX: 0000000000000147
[  836.081416][T13252] RAX: ffffffffffffffda RBX: 00007f6e829b5fa0 RCX: 00007f6e8278e929
[  836.081429][T13252] RDX: 0000000000000005 RSI: 0000200000000080 RDI: 0000000000000003
[  836.081441][T13252] RBP: 00007f6e83637090 R08: 0000000000000000 R09: 000000000000001f
[  836.081452][T13252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  836.081463][T13252] R13: 0000000000000000 R14: 00007f6e829b5fa0 R15: 00007ffda6ebe0f8
[  836.081499][T13252]  </TASK>
[  836.658536][T13260] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1950'.
[  836.705976][T13260] blktrace: Concurrent blktraces are not allowed on nbd3
[  837.024739][   T10] usb 6-1: Product: syz
[  837.031417][   T10] usb 6-1: Manufacturer: syz
[  837.039243][   T10] usb 6-1: SerialNumber: syz
[  837.093626][   T10] usb 6-1: config 0 descriptor??
[  837.110797][   T10] usb 6-1: can't set config #0, error -71
[  837.622572][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  837.652732][   T10] usb 6-1: USB disconnect, device number 49
[  839.444676][T13280] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1957'.
[  839.830587][T13286] fuse: Unknown parameter 'group_i00000000000000000000'
[  840.916869][T13298] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  841.062497][ T5971] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  841.722550][ T5971] usb 5-1: Using ep0 maxpacket: 32
[  841.867072][ T5971] usb 5-1: config 8 has an invalid interface number: 203 but max is 0
[  841.901158][ T5971] usb 5-1: config 8 has no interface number 0
[  842.033277][T13314] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1967'.
[  842.052128][T13314] blktrace: Concurrent blktraces are not allowed on nbd5
[  842.217551][ T5971] usb 5-1: config 8 interface 203 altsetting 1 has an endpoint descriptor with address 0x93, changing to 0x83
[  842.246785][ T5971] usb 5-1: config 8 interface 203 altsetting 1 bulk endpoint 0x83 has invalid maxpacket 1024
[  842.274593][ T5971] usb 5-1: config 8 interface 203 altsetting 1 bulk endpoint 0xB has invalid maxpacket 1023
[  842.451137][ T5971] usb 5-1: config 8 interface 203 has no altsetting 0
[  842.469591][ T5971] usb 5-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a
[  842.479290][ T5971] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  843.262508][ T5971] usb 5-1: Product: syz
[  843.271251][ T5971] usb 5-1: Manufacturer: syz
[  843.302586][ T5971] usb 5-1: SerialNumber: syz
[  843.793821][ T5971] usb 5-1: can't set config #8, error -71
[  843.820879][ T5971] usb 5-1: USB disconnect, device number 51
[  844.319028][T13328] blktrace: Concurrent blktraces are not allowed on nbd3
[  844.420242][T13333] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1973'.
[  844.612362][T13333] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1973'.
[  845.520152][T13342] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  847.106794][T13357] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma?
[  848.128512][T13358] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  848.301560][T13362] input: syz1 as /devices/virtual/input/input39
[  849.513927][T13377] fuse: Unknown parameter 'ÿÿÿÿÿÿÿÿ0x000000000000000a'
[  850.164218][T13371] FAULT_INJECTION: forcing a failure.
[  850.164218][T13371] name failslab, interval 1, probability 0, space 0, times 0
[  850.256259][T13371] CPU: 0 UID: 0 PID: 13371 Comm: syz.5.1983 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  850.256293][T13371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  850.256305][T13371] Call Trace:
[  850.256314][T13371]  <TASK>
[  850.256323][T13371]  dump_stack_lvl+0x189/0x250
[  850.256352][T13371]  ? __pfx____ratelimit+0x10/0x10
[  850.256382][T13371]  ? __pfx_dump_stack_lvl+0x10/0x10
[  850.256404][T13371]  ? __pfx__printk+0x10/0x10
[  850.256439][T13371]  ? ref_tracker_alloc+0x318/0x460
[  850.256471][T13371]  should_fail_ex+0x414/0x560
[  850.256501][T13371]  should_failslab+0xa8/0x100
[  850.256531][T13371]  kmem_cache_alloc_noprof+0x73/0x3c0
[  850.256554][T13371]  ? skb_clone+0x212/0x3a0
[  850.256586][T13371]  skb_clone+0x212/0x3a0
[  850.256617][T13371]  __netlink_deliver_tap+0x404/0x850
[  850.256654][T13371]  ? netlink_deliver_tap+0x2e/0x1b0
[  850.256680][T13371]  netlink_deliver_tap+0x19c/0x1b0
[  850.256705][T13371]  netlink_unicast+0x730/0x8e0
[  850.256739][T13371]  netlink_sendmsg+0x805/0xb30
[  850.256773][T13371]  ? __pfx_netlink_sendmsg+0x10/0x10
[  850.256809][T13371]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  850.256836][T13371]  ? __pfx_netlink_sendmsg+0x10/0x10
[  850.256860][T13371]  __sock_sendmsg+0x219/0x270
[  850.256895][T13371]  ____sys_sendmsg+0x505/0x830
[  850.256928][T13371]  ? __pfx_____sys_sendmsg+0x10/0x10
[  850.256965][T13371]  ? import_iovec+0x74/0xa0
[  850.256993][T13371]  ___sys_sendmsg+0x21f/0x2a0
[  850.257021][T13371]  ? __pfx____sys_sendmsg+0x10/0x10
[  850.257090][T13371]  ? __fget_files+0x2a/0x420
[  850.257122][T13371]  ? __fget_files+0x3a0/0x420
[  850.257152][T13371]  __x64_sys_sendmsg+0x19b/0x260
[  850.257182][T13371]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  850.257219][T13371]  ? __pfx_ksys_write+0x10/0x10
[  850.257242][T13371]  ? rcu_is_watching+0x15/0xb0
[  850.257271][T13371]  ? do_syscall_64+0xbe/0x3b0
[  850.257296][T13371]  do_syscall_64+0xfa/0x3b0
[  850.257315][T13371]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  850.257332][T13371]  ? asm_sysvec_call_function_single+0x1a/0x20
[  850.257351][T13371]  ? clear_bhb_loop+0x60/0xb0
[  850.257373][T13371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  850.257391][T13371] RIP: 0033:0x7f6bf178e929
[  850.257410][T13371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  850.257426][T13371] RSP: 002b:00007f6bf25fc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  850.257449][T13371] RAX: ffffffffffffffda RBX: 00007f6bf19b5fa0 RCX: 00007f6bf178e929
[  850.257463][T13371] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000006
[  850.257474][T13371] RBP: 00007f6bf25fc090 R08: 0000000000000000 R09: 0000000000000000
[  850.257486][T13371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  850.257498][T13371] R13: 0000000000000000 R14: 00007f6bf19b5fa0 R15: 00007ffc254ed998
[  850.257531][T13371]  </TASK>
[  850.547635][    C0] vkms_vblank_simulate: vblank timer overrun
[  850.642864][T13372] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1984'.
[  850.654931][T13372] blktrace: Concurrent blktraces are not allowed on nbd2
[  850.803593][T13389] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  850.968231][T13396] blktrace: Concurrent blktraces are not allowed on nbd0
[  850.998221][T13397] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1986'.
[  851.935923][   T30] kauditd_printk_skb: 12 callbacks suppressed
[  851.935943][   T30] audit: type=1804 audit(1752473174.341:63): pid=13412 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.5.1994" name="file0" dev="ramfs" ino=44263 res=1 errno=0
[  852.307450][T13420] mac80211_hwsim hwsim3 wlan0: entered promiscuous mode
[  852.319581][T13420] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  852.467084][T13426] FAULT_INJECTION: forcing a failure.
[  852.467084][T13426] name failslab, interval 1, probability 0, space 0, times 0
[  852.485810][T13426] CPU: 0 UID: 0 PID: 13426 Comm: syz.2.1999 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  852.485833][T13426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  852.485841][T13426] Call Trace:
[  852.485847][T13426]  <TASK>
[  852.485853][T13426]  dump_stack_lvl+0x189/0x250
[  852.485872][T13426]  ? __pfx____ratelimit+0x10/0x10
[  852.485889][T13426]  ? __pfx_dump_stack_lvl+0x10/0x10
[  852.485902][T13426]  ? __pfx__printk+0x10/0x10
[  852.485920][T13426]  ? ref_tracker_alloc+0x318/0x460
[  852.485938][T13426]  should_fail_ex+0x414/0x560
[  852.485957][T13426]  should_failslab+0xa8/0x100
[  852.485974][T13426]  kmem_cache_alloc_noprof+0x73/0x3c0
[  852.485989][T13426]  ? skb_clone+0x212/0x3a0
[  852.486007][T13426]  skb_clone+0x212/0x3a0
[  852.486024][T13426]  __netlink_deliver_tap+0x404/0x850
[  852.486045][T13426]  ? netlink_deliver_tap+0x2e/0x1b0
[  852.486059][T13426]  netlink_deliver_tap+0x19c/0x1b0
[  852.486073][T13426]  netlink_unicast+0x730/0x8e0
[  852.486093][T13426]  netlink_sendmsg+0x805/0xb30
[  852.486129][T13426]  ? __pfx_netlink_sendmsg+0x10/0x10
[  852.486148][T13426]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  852.486163][T13426]  ? __pfx_netlink_sendmsg+0x10/0x10
[  852.486177][T13426]  __sock_sendmsg+0x219/0x270
[  852.486196][T13426]  ____sys_sendmsg+0x505/0x830
[  852.486215][T13426]  ? __pfx_____sys_sendmsg+0x10/0x10
[  852.486235][T13426]  ? import_iovec+0x74/0xa0
[  852.486251][T13426]  ___sys_sendmsg+0x21f/0x2a0
[  852.486267][T13426]  ? __pfx____sys_sendmsg+0x10/0x10
[  852.486304][T13426]  ? __fget_files+0x2a/0x420
[  852.486315][T13426]  ? __fget_files+0x3a0/0x420
[  852.486333][T13426]  __x64_sys_sendmsg+0x19b/0x260
[  852.486348][T13426]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  852.486374][T13426]  ? __pfx_ksys_write+0x10/0x10
[  852.486390][T13426]  ? rcu_is_watching+0x15/0xb0
[  852.486406][T13426]  ? do_syscall_64+0xbe/0x3b0
[  852.486420][T13426]  do_syscall_64+0xfa/0x3b0
[  852.486430][T13426]  ? lockdep_hardirqs_on+0x9c/0x150
[  852.486446][T13426]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.486458][T13426]  ? clear_bhb_loop+0x60/0xb0
[  852.486472][T13426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.486483][T13426] RIP: 0033:0x7f65ec38e929
[  852.486495][T13426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  852.486505][T13426] RSP: 002b:00007f65ed2b2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  852.486519][T13426] RAX: ffffffffffffffda RBX: 00007f65ec5b5fa0 RCX: 00007f65ec38e929
[  852.486529][T13426] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  852.486536][T13426] RBP: 00007f65ed2b2090 R08: 0000000000000000 R09: 0000000000000000
[  852.486544][T13426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  852.486551][T13426] R13: 0000000000000000 R14: 00007f65ec5b5fa0 R15: 00007fff3e4270c8
[  852.486570][T13426]  </TASK>
[  852.776685][    C0] vkms_vblank_simulate: vblank timer overrun
[  853.573662][T13449] FAULT_INJECTION: forcing a failure.
[  853.573662][T13449] name failslab, interval 1, probability 0, space 0, times 0
[  853.689275][T13449] CPU: 1 UID: 0 PID: 13449 Comm: syz.2.2007 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  853.689308][T13449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  853.689321][T13449] Call Trace:
[  853.689330][T13449]  <TASK>
[  853.689340][T13449]  dump_stack_lvl+0x189/0x250
[  853.689368][T13449]  ? __pfx____ratelimit+0x10/0x10
[  853.689399][T13449]  ? __pfx_dump_stack_lvl+0x10/0x10
[  853.689421][T13449]  ? __pfx__printk+0x10/0x10
[  853.689454][T13449]  ? __pfx___might_resched+0x10/0x10
[  853.689483][T13449]  should_fail_ex+0x414/0x560
[  853.689517][T13449]  should_failslab+0xa8/0x100
[  853.689549][T13449]  __kmalloc_noprof+0xcb/0x4f0
[  853.689576][T13449]  ? security_sk_alloc+0x52/0x390
[  853.689609][T13449]  security_sk_alloc+0x52/0x390
[  853.689640][T13449]  sk_prot_alloc+0x101/0x220
[  853.689669][T13449]  sk_alloc+0x3a/0x370
[  853.689697][T13449]  inet6_create+0x7fd/0x12a0
[  853.689717][T13449]  ? inet6_create+0x71/0x12a0
[  853.689743][T13449]  __sock_create+0x4b3/0x9f0
[  853.689774][T13449]  mptcp_subflow_create_socket+0xfd/0xb40
[  853.689810][T13449]  ? __pfx_mptcp_subflow_create_socket+0x10/0x10
[  853.689845][T13449]  __mptcp_nmpc_sk+0x148/0x750
[  853.689862][T13449]  ? __local_bh_enable_ip+0x12d/0x1c0
[  853.689879][T13449]  ? __pfx___mptcp_nmpc_sk+0x10/0x10
[  853.689898][T13449]  mptcp_bind+0xab/0x1d0
[  853.689913][T13449]  __sys_bind+0x2c3/0x3e0
[  853.689927][T13449]  ? __pfx___sys_bind+0x10/0x10
[  853.689947][T13449]  ? __pfx_ksys_write+0x10/0x10
[  853.689961][T13449]  ? rcu_is_watching+0x15/0xb0
[  853.689979][T13449]  __x64_sys_bind+0x7a/0x90
[  853.690000][T13449]  do_syscall_64+0xfa/0x3b0
[  853.690012][T13449]  ? lockdep_hardirqs_on+0x9c/0x150
[  853.690028][T13449]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.690040][T13449]  ? clear_bhb_loop+0x60/0xb0
[  853.690054][T13449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.690066][T13449] RIP: 0033:0x7f65ec38e929
[  853.690078][T13449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  853.690088][T13449] RSP: 002b:00007f65ed2b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  853.690102][T13449] RAX: ffffffffffffffda RBX: 00007f65ec5b5fa0 RCX: 00007f65ec38e929
[  853.690111][T13449] RDX: 000000000000001c RSI: 0000200000000040 RDI: 0000000000000004
[  853.690119][T13449] RBP: 00007f65ed2b2090 R08: 0000000000000000 R09: 0000000000000000
[  853.690126][T13449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  853.690134][T13449] R13: 0000000000000000 R14: 00007f65ec5b5fa0 R15: 00007fff3e4270c8
[  853.690153][T13449]  </TASK>
[  854.103482][T13457] FAULT_INJECTION: forcing a failure.
[  854.103482][T13457] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  854.116632][T13457] CPU: 1 UID: 0 PID: 13457 Comm: syz.3.2009 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  854.116651][T13457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  854.116658][T13457] Call Trace:
[  854.116663][T13457]  <TASK>
[  854.116669][T13457]  dump_stack_lvl+0x189/0x250
[  854.116688][T13457]  ? __pfx____ratelimit+0x10/0x10
[  854.116706][T13457]  ? __pfx_dump_stack_lvl+0x10/0x10
[  854.116719][T13457]  ? __pfx__printk+0x10/0x10
[  854.116733][T13457]  ? __might_fault+0xb0/0x130
[  854.116766][T13457]  should_fail_ex+0x414/0x560
[  854.116786][T13457]  _copy_from_user+0x2d/0xb0
[  854.116799][T13457]  do_sock_getsockopt+0x1cd/0x650
[  854.116816][T13457]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  854.116829][T13457]  ? do_syscall_64+0x20/0x3b0
[  854.116840][T13457]  ? __fget_files+0x3a0/0x420
[  854.116850][T13457]  ? __fget_files+0x2a/0x420
[  854.116866][T13457]  __x64_sys_getsockopt+0x1a5/0x250
[  854.116879][T13457]  ? do_syscall_64+0x20/0x3b0
[  854.116891][T13457]  ? do_syscall_64+0x20/0x3b0
[  854.116910][T13457]  do_syscall_64+0xfa/0x3b0
[  854.116920][T13457]  ? lockdep_hardirqs_on+0x9c/0x150
[  854.116936][T13457]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.116947][T13457]  ? clear_bhb_loop+0x60/0xb0
[  854.116961][T13457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.116973][T13457] RIP: 0033:0x7f0f0618e929
[  854.116987][T13457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  854.116998][T13457] RSP: 002b:00007f0f0700a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  854.117011][T13457] RAX: ffffffffffffffda RBX: 00007f0f063b6080 RCX: 00007f0f0618e929
[  854.117020][T13457] RDX: 0000000000000085 RSI: 0000000000000084 RDI: 0000000000000003
[  854.117028][T13457] RBP: 00007f0f0700a090 R08: 0000200000000080 R09: 0000000000000000
[  854.117035][T13457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  854.117043][T13457] R13: 0000000000000001 R14: 00007f0f063b6080 R15: 00007ffedba24018
[  854.117061][T13457]  </TASK>
[  854.123930][T13456] FAULT_INJECTION: forcing a failure.
[  854.123930][T13456] name failslab, interval 1, probability 0, space 0, times 0
[  854.209713][T13461] syz.2.2012 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  854.381756][T13456] CPU: 1 UID: 0 PID: 13456 Comm: syz.0.2010 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  854.381788][T13456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  854.381800][T13456] Call Trace:
[  854.381810][T13456]  <TASK>
[  854.381819][T13456]  dump_stack_lvl+0x189/0x250
[  854.381847][T13456]  ? __pfx____ratelimit+0x10/0x10
[  854.381878][T13456]  ? __pfx_dump_stack_lvl+0x10/0x10
[  854.381900][T13456]  ? __pfx__printk+0x10/0x10
[  854.381928][T13456]  ? __pfx___might_resched+0x10/0x10
[  854.381949][T13456]  ? fs_reclaim_acquire+0x7d/0x100
[  854.381975][T13456]  should_fail_ex+0x414/0x560
[  854.382007][T13456]  should_failslab+0xa8/0x100
[  854.382045][T13456]  __kmalloc_noprof+0xcb/0x4f0
[  854.382071][T13456]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  854.382107][T13456]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  854.382143][T13456]  genl_family_rcv_msg_doit+0xb8/0x300
[  854.382178][T13456]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  854.382209][T13456]  ? rcu_is_watching+0x15/0xb0
[  854.382231][T13456]  ? cap_capable+0x11f/0x460
[  854.382258][T13456]  ? safesetid_security_capable+0xa9/0x1a0
[  854.382292][T13456]  ? bpf_lsm_capable+0x9/0x20
[  854.382311][T13456]  ? security_capable+0x7e/0x2e0
[  854.382339][T13456]  genl_rcv_msg+0x60e/0x790
[  854.382373][T13456]  ? __pfx_genl_rcv_msg+0x10/0x10
[  854.382399][T13456]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  854.382448][T13456]  netlink_rcv_skb+0x208/0x470
[  854.382479][T13456]  ? __pfx_genl_rcv_msg+0x10/0x10
[  854.382509][T13456]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  854.382552][T13456]  ? down_read+0x1ad/0x2e0
[  854.382576][T13456]  genl_rcv+0x28/0x40
[  854.382599][T13456]  netlink_unicast+0x759/0x8e0
[  854.382633][T13456]  netlink_sendmsg+0x805/0xb30
[  854.382667][T13456]  ? __pfx_netlink_sendmsg+0x10/0x10
[  854.382701][T13456]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  854.382727][T13456]  ? __pfx_netlink_sendmsg+0x10/0x10
[  854.382751][T13456]  __sock_sendmsg+0x219/0x270
[  854.382784][T13456]  ____sys_sendmsg+0x505/0x830
[  854.382816][T13456]  ? __pfx_____sys_sendmsg+0x10/0x10
[  854.382851][T13456]  ? import_iovec+0x74/0xa0
[  854.382879][T13456]  ___sys_sendmsg+0x21f/0x2a0
[  854.382907][T13456]  ? __pfx____sys_sendmsg+0x10/0x10
[  854.382978][T13456]  ? __fget_files+0x2a/0x420
[  854.382996][T13456]  ? __fget_files+0x3a0/0x420
[  854.383028][T13456]  __x64_sys_sendmsg+0x19b/0x260
[  854.383065][T13456]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  854.383103][T13456]  ? __pfx_ksys_write+0x10/0x10
[  854.383127][T13456]  ? rcu_is_watching+0x15/0xb0
[  854.383154][T13456]  ? do_syscall_64+0xbe/0x3b0
[  854.383179][T13456]  do_syscall_64+0xfa/0x3b0
[  854.383196][T13456]  ? lockdep_hardirqs_on+0x9c/0x150
[  854.383224][T13456]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.383243][T13456]  ? clear_bhb_loop+0x60/0xb0
[  854.383269][T13456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.383287][T13456] RIP: 0033:0x7f034938e929
[  854.383307][T13456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  854.383323][T13456] RSP: 002b:00007f034a2a4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  854.383346][T13456] RAX: ffffffffffffffda RBX: 00007f03495b5fa0 RCX: 00007f034938e929
[  854.383359][T13456] RDX: 0000000020004000 RSI: 0000200000000040 RDI: 0000000000000004
[  854.383372][T13456] RBP: 00007f034a2a4090 R08: 0000000000000000 R09: 0000000000000000
[  854.383385][T13456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  854.383397][T13456] R13: 0000000000000000 R14: 00007f03495b5fa0 R15: 00007fffd7674dc8
[  854.383432][T13456]  </TASK>
[  854.947088][T13466] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2014'.
[  854.956637][T13466] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  855.138448][T13476] FAULT_INJECTION: forcing a failure.
[  855.138448][T13476] name failslab, interval 1, probability 0, space 0, times 0
[  855.151574][T13476] CPU: 1 UID: 0 PID: 13476 Comm: syz.2.2018 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  855.151603][T13476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  855.151615][T13476] Call Trace:
[  855.151624][T13476]  <TASK>
[  855.151633][T13476]  dump_stack_lvl+0x189/0x250
[  855.151663][T13476]  ? __pfx____ratelimit+0x10/0x10
[  855.151693][T13476]  ? __pfx_dump_stack_lvl+0x10/0x10
[  855.151716][T13476]  ? __pfx__printk+0x10/0x10
[  855.151745][T13476]  ? __pfx___might_resched+0x10/0x10
[  855.151767][T13476]  ? fs_reclaim_acquire+0x7d/0x100
[  855.151793][T13476]  should_fail_ex+0x414/0x560
[  855.151827][T13476]  should_failslab+0xa8/0x100
[  855.151858][T13476]  __kmalloc_noprof+0xcb/0x4f0
[  855.151885][T13476]  ? kobject_get_path+0xc5/0x2d0
[  855.151911][T13476]  kobject_get_path+0xc5/0x2d0
[  855.151938][T13476]  kobject_uevent_env+0x292/0x8c0
[  855.151973][T13476]  lo_ioctl+0x169c/0x2410
[  855.152015][T13476]  ? __pfx_lo_ioctl+0x10/0x10
[  855.152043][T13476]  ? ima_match_policy+0x10b/0x2150
[  855.152063][T13476]  ? look_up_lock_class+0x74/0x170
[  855.152095][T13476]  ? register_lock_class+0x51/0x320
[  855.152122][T13476]  ? __lock_acquire+0xab9/0xd20
[  855.152154][T13476]  ? process_measurement+0x3d8/0x1a40
[  855.152180][T13476]  ? __lock_acquire+0xab9/0xd20
[  855.152207][T13476]  ? __lock_acquire+0xab9/0xd20
[  855.152242][T13476]  ? __lock_acquire+0xab9/0xd20
[  855.152290][T13476]  ? __lock_acquire+0xab9/0xd20
[  855.152330][T13476]  ? is_bpf_text_address+0x26/0x2b0
[  855.152355][T13476]  ? is_bpf_text_address+0x292/0x2b0
[  855.152373][T13476]  ? is_bpf_text_address+0x26/0x2b0
[  855.152396][T13476]  ? kernel_text_address+0xa5/0xe0
[  855.152426][T13476]  ? __kernel_text_address+0xd/0x40
[  855.152452][T13476]  ? unwind_get_return_address+0x4d/0x90
[  855.152474][T13476]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  855.152498][T13476]  ? arch_stack_walk+0xfc/0x150
[  855.152536][T13476]  ? stack_trace_save+0x9c/0xe0
[  855.152564][T13476]  ? stack_depot_save_flags+0x40/0x900
[  855.152603][T13476]  ? kasan_save_track+0x4f/0x80
[  855.152627][T13476]  ? kasan_save_track+0x3e/0x80
[  855.152650][T13476]  ? kasan_save_free_info+0x46/0x50
[  855.152669][T13476]  ? __kasan_slab_free+0x62/0x70
[  855.152693][T13476]  ? kfree+0x18e/0x440
[  855.152715][T13476]  ? tomoyo_path_number_perm+0x47a/0x5a0
[  855.152740][T13476]  ? security_file_ioctl+0xcb/0x2d0
[  855.152767][T13476]  ? __se_sys_ioctl+0x47/0x170
[  855.152786][T13476]  ? do_syscall_64+0xfa/0x3b0
[  855.152803][T13476]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  855.152853][T13476]  ? do_vfs_ioctl+0xf37/0x1990
[  855.152881][T13476]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  855.152914][T13476]  ? kasan_quarantine_put+0xdd/0x220
[  855.152948][T13476]  ? blkdev_common_ioctl+0xfc3/0x2450
[  855.152968][T13476]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  855.152997][T13476]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  855.153023][T13476]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  855.153041][T13476]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[  855.153067][T13476]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  855.153096][T13476]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  855.153145][T13476]  ? __lock_acquire+0xab9/0xd20
[  855.153168][T13476]  ? __asan_memset+0x22/0x50
[  855.153192][T13476]  ? smack_file_ioctl+0x24a/0x340
[  855.153221][T13476]  ? __pfx_smack_file_ioctl+0x10/0x10
[  855.153258][T13476]  ? __pfx_lo_ioctl+0x10/0x10
[  855.153285][T13476]  blkdev_ioctl+0x5a8/0x6d0
[  855.153309][T13476]  ? __pfx_blkdev_ioctl+0x10/0x10
[  855.153325][T13476]  ? __fget_files+0x2a/0x420
[  855.153348][T13476]  ? bpf_lsm_file_ioctl+0x9/0x20
[  855.153368][T13476]  ? __pfx_blkdev_ioctl+0x10/0x10
[  855.153387][T13476]  __se_sys_ioctl+0xfc/0x170
[  855.153415][T13476]  do_syscall_64+0xfa/0x3b0
[  855.153432][T13476]  ? lockdep_hardirqs_on+0x9c/0x150
[  855.153460][T13476]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  855.153479][T13476]  ? clear_bhb_loop+0x60/0xb0
[  855.153504][T13476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  855.153523][T13476] RIP: 0033:0x7f65ec38e929
[  855.153542][T13476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  855.153559][T13476] RSP: 002b:00007f65ed2b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  855.153581][T13476] RAX: ffffffffffffffda RBX: 00007f65ec5b5fa0 RCX: 00007f65ec38e929
[  855.153596][T13476] RDX: 0000000000000005 RSI: 0000000000004c06 RDI: 0000000000000003
[  855.153608][T13476] RBP: 00007f65ed2b2090 R08: 0000000000000000 R09: 0000000000000000
[  855.153621][T13476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  855.153633][T13476] R13: 0000000000000000 R14: 00007f65ec5b5fa0 R15: 00007fff3e4270c8
[  855.153666][T13476]  </TASK>
[  855.816295][T13484] Can't find a SQUASHFS superblock on nullb0
[  856.903789][T13491] blktrace: Concurrent blktraces are not allowed on nbd3
[  857.363761][T13504] sctp: [Deprecated]: syz.4.2023 (pid 13504) Use of struct sctp_assoc_value in delayed_ack socket option.
[  857.363761][T13504] Use struct sctp_sack_info instead
[  858.692510][T13519] xt_TCPMSS: Only works on TCP SYN packets
[  859.121262][T13522] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2033'.
[  859.505309][T13532] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2036'.
[  859.567640][T13532] blktrace: Concurrent blktraces are not allowed on nbd5
[  860.099117][T13536] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  860.186993][T13543] hsr0: entered promiscuous mode
[  860.216990][T13544] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  860.226957][T13544] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  860.311816][T13541] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(17)
[  860.318597][T13541] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  860.326605][T13541] vhci_hcd vhci_hcd.0: Device attached
[  860.337616][T13536] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(14)
[  860.344257][T13536] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  860.351771][T13535] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  860.358306][T13535] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  860.365930][T13536] vhci_hcd vhci_hcd.0: Device attached
[  860.366160][T13535] vhci_hcd vhci_hcd.0: Device attached
[  860.380151][T13540] vhci_hcd: connection closed
[  860.381827][T13542] vhci_hcd: connection closed
[  860.382003][T13539] vhci_hcd: connection closed
[  860.395703][   T13] vhci_hcd: stop threads
[  860.411132][   T13] vhci_hcd: release socket
[  860.426925][T13534] hsr0: left promiscuous mode
[  860.441580][   T13] vhci_hcd: disconnect device
[  860.459356][   T13] vhci_hcd: stop threads
[  860.472841][   T13] vhci_hcd: release socket
[  860.481451][   T13] vhci_hcd: disconnect device
[  860.496660][   T13] vhci_hcd: stop threads
[  860.505395][   T13] vhci_hcd: release socket
[  860.515998][   T13] vhci_hcd: disconnect device
[  860.572549][  T980] vhci_hcd: vhci_device speed not set
[  861.146828][T13556] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2041'.
[  861.367948][T13567] blktrace: Concurrent blktraces are not allowed on nbd3
[  862.021380][T13571] binder: 13570:13571 ioctl c0306201 0 returned -14
[  862.105499][T13574] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2046'.
[  862.909862][T13586] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2050'.
[  863.002431][T13586] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2050'.
[  864.157252][T13601] hsr0: entered promiscuous mode
[  864.606697][T13603] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2051'.
[  864.626186][T13603] blktrace: Concurrent blktraces are not allowed on nbd2
[  864.645746][T13596] hsr0: left promiscuous mode
[  864.691503][T13608] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2055'.
[  866.182465][ T5909] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[  866.336947][T13621] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2058'.
[  866.351160][T13621] blktrace: Concurrent blktraces are not allowed on nbd3
[  866.813041][ T5909] usb 6-1: Using ep0 maxpacket: 16
[  866.827494][ T5909] usb 6-1: too many endpoints for config 0 interface 0 altsetting 61: 48, using maximum allowed: 30
[  866.865104][T13625] FAULT_INJECTION: forcing a failure.
[  866.865104][T13625] name failslab, interval 1, probability 0, space 0, times 0
[  866.892789][ T5909] usb 6-1: config 0 interface 0 altsetting 61 has 0 endpoint descriptors, different from the interface descriptor's value: 48
[  866.897846][T13625] CPU: 1 UID: 0 PID: 13625 Comm: syz.0.2060 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  866.897872][T13625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  866.897882][T13625] Call Trace:
[  866.897890][T13625]  <TASK>
[  866.897898][T13625]  dump_stack_lvl+0x189/0x250
[  866.897923][T13625]  ? __pfx____ratelimit+0x10/0x10
[  866.897949][T13625]  ? __pfx_dump_stack_lvl+0x10/0x10
[  866.897968][T13625]  ? __pfx__printk+0x10/0x10
[  866.897996][T13625]  ? __pfx___might_resched+0x10/0x10
[  866.898021][T13625]  should_fail_ex+0x414/0x560
[  866.898051][T13625]  should_failslab+0xa8/0x100
[  866.898078][T13625]  __kmalloc_cache_noprof+0x70/0x3d0
[  866.898102][T13625]  ? proc_thread_self_get_link+0xfd/0x1a0
[  866.898119][T13625]  ? __task_pid_nr_ns+0x398/0x470
[  866.898145][T13625]  proc_thread_self_get_link+0xfd/0x1a0
[  866.898165][T13625]  ? __pfx_proc_thread_self_get_link+0x10/0x10
[  866.898192][T13625]  pick_link+0x636/0xe80
[  866.898219][T13625]  step_into+0xc5d/0xf30
[  866.898240][T13625]  ? __d_lookup+0x66/0x780
[  866.898267][T13625]  ? __pfx_step_into+0x10/0x10
[  866.898284][T13625]  ? lookup_fast+0xc9/0x5b0
[  866.898310][T13625]  link_path_walk+0x77b/0xea0
[  866.898347][T13625]  path_openat+0x28c/0x3830
[  866.898366][T13625]  ? arch_stack_walk+0xfc/0x150
[  866.898422][T13625]  ? __pfx_path_openat+0x10/0x10
[  866.898441][T13625]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  866.898480][T13625]  do_filp_open+0x1fa/0x410
[  866.898499][T13625]  ? __lock_acquire+0xab9/0xd20
[  866.898518][T13625]  ? __pfx_do_filp_open+0x10/0x10
[  866.898561][T13625]  ? _raw_spin_unlock+0x28/0x50
[  866.898583][T13625]  ? alloc_fd+0x64c/0x6c0
[  866.898620][T13625]  do_sys_openat2+0x121/0x1c0
[  866.898643][T13625]  ? __pfx_do_sys_openat2+0x10/0x10
[  866.898662][T13625]  ? ksys_write+0x22a/0x250
[  866.898688][T13625]  ? __pfx_ksys_write+0x10/0x10
[  866.898707][T13625]  ? rcu_is_watching+0x15/0xb0
[  866.898730][T13625]  __x64_sys_openat+0x138/0x170
[  866.898755][T13625]  do_syscall_64+0xfa/0x3b0
[  866.898770][T13625]  ? lockdep_hardirqs_on+0x9c/0x150
[  866.898794][T13625]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  866.898810][T13625]  ? clear_bhb_loop+0x60/0xb0
[  866.898831][T13625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  866.898848][T13625] RIP: 0033:0x7f034938d290
[  866.898865][T13625] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  866.898879][T13625] RSP: 002b:00007f034a2a3f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  866.898900][T13625] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f034938d290
[  866.898913][T13625] RDX: 0000000000000002 RSI: 00007f034a2a3fa0 RDI: 00000000ffffff9c
[  866.898925][T13625] RBP: 00007f034a2a3fa0 R08: 0000000000000000 R09: 0000000000000000
[  866.898936][T13625] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  866.898946][T13625] R13: 0000000000000000 R14: 00007f03495b5fa0 R15: 00007fffd7674dc8
[  866.898977][T13625]  </TASK>
[  867.153381][    C0] vkms_vblank_simulate: vblank timer overrun
[  867.218283][ T5909] usb 6-1: config 0 interface 0 has no altsetting 0
[  867.239682][ T5909] usb 6-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82
[  867.253165][ T5909] usb 6-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10
[  867.287702][ T5909] usb 6-1: Product: syz
[  867.298925][ T5909] usb 6-1: Manufacturer: syz
[  867.307994][ T5909] usb 6-1: SerialNumber: syz
[  867.331459][ T5909] usb 6-1: config 0 descriptor??
[  867.555098][ T5909] usb 6-1: selecting invalid altsetting 1
[  867.579374][ T5909] snd-usb-audio 6-1:0.0: probe with driver snd-usb-audio failed with error -22
[  867.600037][T13632] fuse: Unknown parameter '0xffffffffffffffff0000000000000000000000000000000000000000'
[  868.142956][    C0] ------------[ cut here ]------------
[  868.148719][    C0] WARNING: CPU: 0 PID: 13634 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x623/0x730
[  868.158414][    C0] Modules linked in:
[  868.162498][    C0] CPU: 0 UID: 0 PID: 13634 Comm: syz.4.2062 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  868.175146][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  868.185491][    C0] RIP: 0010:inet_sock_destruct+0x623/0x730
[  868.191339][    C0] Code: 0f 0b 90 e9 62 fe ff ff e8 ba af cf f7 90 0f 0b 90 e9 95 fe ff ff e8 ac af cf f7 90 0f 0b 90 e9 bb fe ff ff e8 9e af cf f7 90 <0f> 0b 90 e9 e1 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 9f fc
[  868.212515][    C0] RSP: 0018:ffffc90000007be8 EFLAGS: 00010246
[  868.218856][    C0] RAX: ffffffff89f082b2 RBX: dffffc0000000000 RCX: ffff8880248ada00
[  868.226871][    C0] RDX: 0000000000000100 RSI: 0000000000000fff RDI: 0000000000000000
[  868.234993][    C0] RBP: 0000000000000fff R08: ffff88805788029f R09: 1ffff1100af10053
[  868.243169][    C0] R10: dffffc0000000000 R11: ffffed100af10054 R12: ffff888057880000
[  868.251235][    C0] R13: dffffc0000000000 R14: ffff888057880284 R15: 1ffff1100af10002
[  868.259259][    C0] FS:  00007f6e835b16c0(0000) GS:ffff888125c4f000(0000) knlGS:0000000000000000
[  868.268327][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  868.274938][    C0] CR2: 0000555591ce0808 CR3: 000000004d2f2000 CR4: 00000000003526f0
[  868.283127][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  868.291106][    C0] DR3: 3a810b1eb6134bdc DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  868.299455][    C0] Call Trace:
[  868.302764][    C0]  <IRQ>
[  868.305618][    C0]  ? inet6_cleanup_sock+0x197/0x230
[  868.310826][    C0]  ? __pfx_inet6_sock_destruct+0x10/0x10
[  868.316696][    C0]  __sk_destruct+0x86/0x660
[  868.321506][    C0]  ? __pfx___sk_destruct+0x10/0x10
[  868.326784][    C0]  ? rcu_core+0xc34/0x1710
[  868.331271][    C0]  rcu_core+0xca8/0x1710
[  868.335582][    C0]  ? __pfx_rcu_core+0x10/0x10
[  868.340466][    C0]  handle_softirqs+0x283/0x870
[  868.345748][    C0]  ? do_softirq+0xec/0x180
[  868.350265][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  868.355608][    C0]  ? __dev_queue_xmit+0x27e/0x3a70
[  868.360915][    C0]  do_softirq+0xec/0x180
[  868.365298][    C0]  </IRQ>
[  868.368239][    C0]  <TASK>
[  868.371184][    C0]  ? __pfx_do_softirq+0x10/0x10
[  868.376083][    C0]  ? lockdep_softirqs_on+0x13b/0x1c0
[  868.381403][    C0]  __local_bh_enable_ip+0x17d/0x1c0
[  868.386734][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  868.392513][    C0]  ? __dev_queue_xmit+0x27e/0x3a70
[  868.397655][    C0]  ? __dev_queue_xmit+0x27e/0x3a70
[  868.402912][    C0]  ? __dev_queue_xmit+0x27e/0x3a70
[  868.408038][    C0]  __dev_queue_xmit+0x1cd7/0x3a70
[  868.413099][    C0]  ? __dev_queue_xmit+0x27e/0x3a70
[  868.418220][    C0]  ? ipt_do_table+0x13dd/0x1630
[  868.423108][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[  868.428585][    C0]  ? __lock_acquire+0xab9/0xd20
[  868.433469][    C0]  ? __ip_queue_xmit+0x1101/0x1b00
[  868.438587][    C0]  ? ip_finish_output2+0xae7/0x1160
[  868.443818][    C0]  ip_finish_output2+0xd03/0x1160
[  868.448867][    C0]  ? ip_finish_output2+0x452/0x1160
[  868.454115][    C0]  ? __pfx_ip_finish_output2+0x10/0x10
[  868.459610][    C0]  ? ip_skb_dst_mtu+0x147/0xc50
[  868.464526][    C0]  ? __ip_finish_output+0x336/0x3f0
[  868.469933][    C0]  ? __ip_queue_xmit+0x63/0x1b00
[  868.474957][    C0]  __ip_queue_xmit+0x1101/0x1b00
[  868.479949][    C0]  ? __pfx___tcp_select_window+0x10/0x10
[  868.485643][    C0]  ? __ip_queue_xmit+0x63/0x1b00
[  868.490609][    C0]  ? __pfx_ip_queue_xmit+0x10/0x10
[  868.495760][    C0]  __tcp_transmit_skb+0x225c/0x36c0
[  868.500990][    C0]  ? __pfx___tcp_transmit_skb+0x10/0x10
[  868.506759][    C0]  ? tcp_small_queue_check+0x1c1/0x3b0
[  868.512380][    C0]  tcp_write_xmit+0x1862/0x67f0
[  868.517301][    C0]  __tcp_push_pending_frames+0x97/0x360
[  868.522986][    C0]  ? tcp_push+0x41d/0x660
[  868.527330][    C0]  __mptcp_push_pending+0x57b/0x860
[  868.532574][    C0]  ? __mptcp_push_pending+0x311/0x860
[  868.538137][    C0]  ? __pfx___mptcp_push_pending+0x10/0x10
[  868.544344][    C0]  ? set_page_refcounted+0xa0/0x1e0
[  868.549604][    C0]  mptcp_sendmsg+0x1051/0x1970
[  868.554525][    C0]  ? __pfx_mptcp_sendmsg+0x10/0x10
[  868.559645][    C0]  ? sock_rps_record_flow+0x19/0x410
[  868.564962][    C0]  ? inet_sendmsg+0x2f4/0x370
[  868.569708][    C0]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  868.575076][    C0]  __sock_sendmsg+0x19c/0x270
[  868.579765][    C0]  sock_write_iter+0x258/0x330
[  868.584564][    C0]  ? futex_unqueue+0x211/0x240
[  868.589360][    C0]  ? __pfx_sock_write_iter+0x10/0x10
[  868.594672][    C0]  ? __futex_wait+0x34f/0x3e0
[  868.599361][    C0]  ? __pfx___futex_wait+0x10/0x10
[  868.604418][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  868.610334][    C0]  do_iter_readv_writev+0x56b/0x7f0
[  868.615564][    C0]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  868.621295][    C0]  ? bpf_lsm_file_permission+0x9/0x20
[  868.626694][    C0]  ? security_file_permission+0x75/0x290
[  868.632360][    C0]  ? rw_verify_area+0x258/0x650
[  868.637230][    C0]  vfs_writev+0x31a/0x960
[  868.641593][    C0]  ? __lock_acquire+0xab9/0xd20
[  868.646535][    C0]  ? __pfx_vfs_writev+0x10/0x10
[  868.651664][    C0]  ? __fget_files+0x2a/0x420
[  868.656314][    C0]  ? __fget_files+0x3a0/0x420
[  868.661005][    C0]  ? __fget_files+0x2a/0x420
[  868.665630][    C0]  do_writev+0x14d/0x2d0
[  868.669878][    C0]  ? __pfx_do_writev+0x10/0x10
[  868.674671][    C0]  ? rcu_is_watching+0x15/0xb0
[  868.679453][    C0]  ? do_syscall_64+0xbe/0x3b0
[  868.684194][    C0]  do_syscall_64+0xfa/0x3b0
[  868.688714][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  868.693954][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  868.700027][    C0]  ? clear_bhb_loop+0x60/0xb0
[  868.704882][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  868.710781][    C0] RIP: 0033:0x7f6e8278e929
[  868.715226][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  868.735047][    C0] RSP: 002b:00007f6e835b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  868.743592][    C0] RAX: ffffffffffffffda RBX: 00007f6e829b6080 RCX: 00007f6e8278e929
[  868.751567][    C0] RDX: 0000000000000001 RSI: 0000200000000200 RDI: 0000000000000003
[  868.759607][    C0] RBP: 00007f6e82810b39 R08: 0000000000000000 R09: 0000000000000000
[  868.767638][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  868.775646][    C0] R13: 0000000000000000 R14: 00007f6e829b6080 R15: 00007ffda6ebe0f8
[  868.783671][    C0]  </TASK>
[  868.786695][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  868.793975][    C0] CPU: 0 UID: 0 PID: 13634 Comm: syz.4.2062 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  868.806120][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  868.816178][    C0] Call Trace:
[  868.819470][    C0]  <IRQ>
[  868.822325][    C0]  dump_stack_lvl+0x99/0x250
[  868.826927][    C0]  ? __asan_memcpy+0x40/0x70
[  868.831627][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  868.836854][    C0]  ? __pfx__printk+0x10/0x10
[  868.841501][    C0]  panic+0x2db/0x790
[  868.845410][    C0]  ? __pfx_panic+0x10/0x10
[  868.849870][    C0]  ? show_trace_log_lvl+0x4fb/0x550
[  868.855131][    C0]  __warn+0x31b/0x4b0
[  868.859308][    C0]  ? inet_sock_destruct+0x623/0x730
[  868.864537][    C0]  ? inet_sock_destruct+0x623/0x730
[  868.869745][    C0]  report_bug+0x2be/0x4f0
[  868.874102][    C0]  ? inet_sock_destruct+0x623/0x730
[  868.879314][    C0]  ? inet_sock_destruct+0x623/0x730
[  868.884518][    C0]  ? inet_sock_destruct+0x625/0x730
[  868.889725][    C0]  handle_bug+0x84/0x160
[  868.894071][    C0]  exc_invalid_op+0x1a/0x50
[  868.898612][    C0]  asm_exc_invalid_op+0x1a/0x20
[  868.903464][    C0] RIP: 0010:inet_sock_destruct+0x623/0x730
[  868.909363][    C0] Code: 0f 0b 90 e9 62 fe ff ff e8 ba af cf f7 90 0f 0b 90 e9 95 fe ff ff e8 ac af cf f7 90 0f 0b 90 e9 bb fe ff ff e8 9e af cf f7 90 <0f> 0b 90 e9 e1 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 9f fc
[  868.929792][    C0] RSP: 0018:ffffc90000007be8 EFLAGS: 00010246
[  868.936053][    C0] RAX: ffffffff89f082b2 RBX: dffffc0000000000 RCX: ffff8880248ada00
[  868.944029][    C0] RDX: 0000000000000100 RSI: 0000000000000fff RDI: 0000000000000000
[  868.952029][    C0] RBP: 0000000000000fff R08: ffff88805788029f R09: 1ffff1100af10053
[  868.960144][    C0] R10: dffffc0000000000 R11: ffffed100af10054 R12: ffff888057880000
[  868.968130][    C0] R13: dffffc0000000000 R14: ffff888057880284 R15: 1ffff1100af10002
[  868.976137][    C0]  ? inet_sock_destruct+0x622/0x730
[  868.981356][    C0]  ? inet_sock_destruct+0x622/0x730
[  868.986581][    C0]  ? inet6_cleanup_sock+0x197/0x230
[  868.991814][    C0]  ? __pfx_inet6_sock_destruct+0x10/0x10
[  868.997486][    C0]  __sk_destruct+0x86/0x660
[  869.002030][    C0]  ? __pfx___sk_destruct+0x10/0x10
[  869.007153][    C0]  ? rcu_core+0xc34/0x1710
[  869.011579][    C0]  rcu_core+0xca8/0x1710
[  869.015920][    C0]  ? __pfx_rcu_core+0x10/0x10
[  869.020631][    C0]  handle_softirqs+0x283/0x870
[  869.025495][    C0]  ? do_softirq+0xec/0x180
[  869.029958][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  869.035280][    C0]  ? __dev_queue_xmit+0x27e/0x3a70
[  869.040412][    C0]  do_softirq+0xec/0x180
[  869.044665][    C0]  </IRQ>
[  869.047596][    C0]  <TASK>
[  869.050524][    C0]  ? __pfx_do_softirq+0x10/0x10
[  869.055423][    C0]  ? lockdep_softirqs_on+0x13b/0x1c0
[  869.060740][    C0]  __local_bh_enable_ip+0x17d/0x1c0
[  869.065982][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  869.071727][    C0]  ? __dev_queue_xmit+0x27e/0x3a70
[  869.076860][    C0]  ? __dev_queue_xmit+0x27e/0x3a70
[  869.081978][    C0]  ? __dev_queue_xmit+0x27e/0x3a70
[  869.087089][    C0]  __dev_queue_xmit+0x1cd7/0x3a70
[  869.092132][    C0]  ? __dev_queue_xmit+0x27e/0x3a70
[  869.097258][    C0]  ? ipt_do_table+0x13dd/0x1630
[  869.102111][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[  869.107507][    C0]  ? __lock_acquire+0xab9/0xd20
[  869.112372][    C0]  ? __ip_queue_xmit+0x1101/0x1b00
[  869.117516][    C0]  ? ip_finish_output2+0xae7/0x1160
[  869.122719][    C0]  ip_finish_output2+0xd03/0x1160
[  869.127764][    C0]  ? ip_finish_output2+0x452/0x1160
[  869.132963][    C0]  ? __pfx_ip_finish_output2+0x10/0x10
[  869.138431][    C0]  ? ip_skb_dst_mtu+0x147/0xc50
[  869.143295][    C0]  ? __ip_finish_output+0x336/0x3f0
[  869.148525][    C0]  ? __ip_queue_xmit+0x63/0x1b00
[  869.153481][    C0]  __ip_queue_xmit+0x1101/0x1b00
[  869.158451][    C0]  ? __pfx___tcp_select_window+0x10/0x10
[  869.164124][    C0]  ? __ip_queue_xmit+0x63/0x1b00
[  869.169104][    C0]  ? __pfx_ip_queue_xmit+0x10/0x10
[  869.174277][    C0]  __tcp_transmit_skb+0x225c/0x36c0
[  869.179535][    C0]  ? __pfx___tcp_transmit_skb+0x10/0x10
[  869.185105][    C0]  ? tcp_small_queue_check+0x1c1/0x3b0
[  869.190677][    C0]  tcp_write_xmit+0x1862/0x67f0
[  869.195574][    C0]  __tcp_push_pending_frames+0x97/0x360
[  869.201126][    C0]  ? tcp_push+0x41d/0x660
[  869.205547][    C0]  __mptcp_push_pending+0x57b/0x860
[  869.210754][    C0]  ? __mptcp_push_pending+0x311/0x860
[  869.216139][    C0]  ? __pfx___mptcp_push_pending+0x10/0x10
[  869.221859][    C0]  ? set_page_refcounted+0xa0/0x1e0
[  869.227075][    C0]  mptcp_sendmsg+0x1051/0x1970
[  869.231854][    C0]  ? __pfx_mptcp_sendmsg+0x10/0x10
[  869.236985][    C0]  ? sock_rps_record_flow+0x19/0x410
[  869.242324][    C0]  ? inet_sendmsg+0x2f4/0x370
[  869.247060][    C0]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  869.252367][    C0]  __sock_sendmsg+0x19c/0x270
[  869.257065][    C0]  sock_write_iter+0x258/0x330
[  869.261833][    C0]  ? futex_unqueue+0x211/0x240
[  869.266619][    C0]  ? __pfx_sock_write_iter+0x10/0x10
[  869.271913][    C0]  ? __futex_wait+0x34f/0x3e0
[  869.276609][    C0]  ? __pfx___futex_wait+0x10/0x10
[  869.281743][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  869.287644][    C0]  do_iter_readv_writev+0x56b/0x7f0
[  869.292928][    C0]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  869.298646][    C0]  ? bpf_lsm_file_permission+0x9/0x20
[  869.304015][    C0]  ? security_file_permission+0x75/0x290
[  869.309665][    C0]  ? rw_verify_area+0x258/0x650
[  869.314538][    C0]  vfs_writev+0x31a/0x960
[  869.318912][    C0]  ? __lock_acquire+0xab9/0xd20
[  869.323944][    C0]  ? __pfx_vfs_writev+0x10/0x10
[  869.328819][    C0]  ? __fget_files+0x2a/0x420
[  869.333484][    C0]  ? __fget_files+0x3a0/0x420
[  869.338174][    C0]  ? __fget_files+0x2a/0x420
[  869.342791][    C0]  do_writev+0x14d/0x2d0
[  869.347037][    C0]  ? __pfx_do_writev+0x10/0x10
[  869.351815][    C0]  ? rcu_is_watching+0x15/0xb0
[  869.357473][    C0]  ? do_syscall_64+0xbe/0x3b0
[  869.362174][    C0]  do_syscall_64+0xfa/0x3b0
[  869.366679][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  869.371984][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  869.378143][    C0]  ? clear_bhb_loop+0x60/0xb0
[  869.382820][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  869.388707][    C0] RIP: 0033:0x7f6e8278e929
[  869.393138][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  869.413109][    C0] RSP: 002b:00007f6e835b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  869.421556][    C0] RAX: ffffffffffffffda RBX: 00007f6e829b6080 RCX: 00007f6e8278e929
[  869.429893][    C0] RDX: 0000000000000001 RSI: 0000200000000200 RDI: 0000000000000003
[  869.437881][    C0] RBP: 00007f6e82810b39 R08: 0000000000000000 R09: 0000000000000000
[  869.445963][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  869.453968][    C0] R13: 0000000000000000 R14: 00007f6e829b6080 R15: 00007ffda6ebe0f8
[  869.462078][    C0]  </TASK>
[  869.465400][    C0] Kernel Offset: disabled
[  869.469816][    C0] Rebooting in 86400 seconds..