last executing test programs:

13.397444921s ago: executing program 2 (id=597):
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
syz_emit_ethernet(0x32, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbb00000000000008004500002400000000002f9078ac141400e01200010000e5580401907800d8621b002c17a9"], 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
prctl$PR_SET_MM(0x41555856, 0xf7354000, &(0x7f0000ffa000/0x3000)=nil)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
landlock_create_ruleset(&(0x7f0000000040)={0x1000}, 0x10, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket(0x22, 0x80805, 0x5)
r3 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_S_CROP(r3, 0x4014563c, &(0x7f000001f9c0)={0xa, {0x0, 0x200}})
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000300)={{0x0, 0x2, 0xfffffffe, 0x0, 0x1ff}})
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f0000000440))
close_range(r0, 0xffffffffffffffff, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
timer_create(0xfffffffd, 0x0, &(0x7f00000011c0))
timer_create(0xfffffffd, 0x0, &(0x7f0000000040))
timer_delete(0x0)

13.22675981s ago: executing program 2 (id=599):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000140), 0x208e24b)
r1 = io_uring_setup(0x3eae, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) (fail_nth: 2)

12.469811273s ago: executing program 2 (id=600):
socket$nl_route(0x10, 0x3, 0x0)
io_uring_setup(0x2e34, &(0x7f0000000180))
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000000)=[0x0], &(0x7f0000000340), 0x0, 0x0, 0x1})
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_DROP_MASTER(r2, 0x641f)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
close(r3)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x4000041)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x982, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-avx\x00'}, 0x58)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r7, 0xae9a)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x0, 0x0, 0x0, 0xfffffffffffffffe]})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB="40000000100039040000000000000000000003e4", @ANYBLOB="e9ff"], 0x40}}, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000002c0))
ioctl$KVM_RUN(r7, 0xae80, 0x0)

11.843941375s ago: executing program 2 (id=605):
openat$capi20(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={0x0})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000003bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000001640)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000003d40), 0x2, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x12, 0x80a01)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105500, &(0x7f0000000180)=@usbdevfs_driver={0x0, 0x0, 0x0})
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000), 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000000c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes192\x00'}, 0x58)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040), 0x10)
sendmsg$nl_route(r4, 0x0, 0x0)
r5 = accept4(r3, 0x0, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000100)={0x2}, 0x10)
sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="240000000a0000000000000000000000af00fcc5dee65867000000000003000000000000"], 0x24}}, 0x0)
mkdir(&(0x7f00000022c0)='./file0\x00', 0x0)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB='/'], 0x2)
mount$fuse(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0xaaba8c, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x24000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x1, 0x0, 0x0, 0x0, 0x0)
recvmsg$can_j1939(r5, &(0x7f0000000240)={&(0x7f0000000040)=@pppol2tpin6={0x18, 0x1, {0x0, <r7=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, 0x0}, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
write$binfmt_misc(r8, &(0x7f0000000280)=ANY=[@ANYRES16=r1, @ANYRES32, @ANYRES8=r7, @ANYRES32=r2], 0xfffffecc)

10.904033201s ago: executing program 2 (id=612):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_vhci(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r2 = landlock_create_ruleset(&(0x7f0000000040)={0x80}, 0x10, 0x0)
r3 = fcntl$dupfd(r1, 0x0, r2)
landlock_restrict_self(r3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r4, 0x3)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
r6 = accept4(r4, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r6)
recvmmsg(r5, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000440)=""/117, 0x75}], 0x1}}], 0x1, 0x20, 0x0)
r7 = syz_pidfd_open(r0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100006ceb85409c240290ad06ba153fde0000000109021200010000000009040000009604c34422b71d2484deddef958a307fc3dfb51aa3356ff39043ea0bd7fa701afaa8061cd6904b546ef8871a88b358a00d43f4be64f9bddc423ef30bc91e431e5a9daf456eb4e7446fa1ea5c7f80df9566e348f480647c6f807a31151f1eb69c1f89a24cfe342bee23392af23bf4994452e62dba6883afd45498d5d6acb4fcf99560477a727e74cbf4868fd19709cc919aeb0dd0ed6ffc607e3c0121b9b1c2f468c4957ab1202c9d132327c6e1716db46fbb10dff1405231d6bc80c22399a74f8cef85f10d52a6e8d3516ec4"], 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)={0x34, r9, 0x301, 0x0, 0x0, {0x34}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0)
process_mrelease(r7, 0x0)

10.627974177s ago: executing program 2 (id=615):
socket$nl_route(0x10, 0x3, 0x0)
io_uring_setup(0x2e34, &(0x7f0000000180))
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000000)=[0x0], &(0x7f0000000340), 0x0, 0x0, 0x1})
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_DROP_MASTER(r2, 0x641f)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
close(r3)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x4000041)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x982, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-avx\x00'}, 0x58)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r7, 0xae9a)
preadv2(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000001740)=""/4096, 0x1000}, {&(0x7f0000000440)=""/237, 0xed}], 0x2, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB="40000000100039040000000000000000000003e4", @ANYBLOB="e9ff"], 0x40}}, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000002c0))
ioctl$KVM_RUN(r7, 0xae80, 0x0)

7.625974182s ago: executing program 3 (id=628):
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = memfd_create(&(0x7f00000001c0)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x84\xcdN\xf7\xf6\b~\xed_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xadNaC\xa6\xf9\xa7>c\x84\xd8\xfa\xf1\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8g8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\xea\x82\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\x0f\x8eS\xaeX\x93\x7f\xd3\xb9a\xe4\xe0\xbd\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x84\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1#\xe7N\x89\xf8\xe8+\xa1\x82\x13\xb2\xa9\xef\xa5\xf8\x8b \x00\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)2\xe2\xd6\x81\x00b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|&k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc2Ru2Ht\re\xa1\xf6\xbd\xaa\xb0\x83}i\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xed\xc8\xccH\xd1=\x81\x00\x00\x00\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xd6\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\x86C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17U\xf0\x16K\xf9&@\xb1[\xe2j$F1n@\xde\n%t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5#\x7f\xa8\x1f\x14\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebk\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x850\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96\x87\xc0e\xab\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!\xec\xf7$\xc2\xbaU \x98\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\"k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xec\x01\'\t\x89(\xf9\x98B\xaf\xde*\x91\xd5k\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\xdfC\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xc9\xcfw\xf3\x02\x1b\xde\xc3\x86\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x13\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcdQ\xdf\x83\xbdjp,\xe8\xbb\xe6\xc6Db\xb8\xd6\xcd\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd4k7L\x8a\xa3Z\xf9%{\xfax\x9a\x04\'/\x90\xe6\xe2\xe9\xf1@o\x0ez\xb8\xce\xbeF\x0fkE\xf4ry\x92n\xff\xcb\xf8e\xf3j\xc5[wK\x91\xdb\xf7-r\xd3\x1bx\x9b$\x91\x03q\x9e@\xd8R\x11\x05|\x8f\xb4\xc9\x16\x87C\xab\x96\xc4\xef\xea\xb9\r\xf5\xf3\xbe\x8a\t\xc7\x88\xc0sL;.\xcf\x1d\xc4^\xb0l\xbb\x97\xc5\xf6n\xca\x18M\xb8\x81\xff\xa9~\xf7\xa3\xa6\xd3\x15I\xecXG\x89\xa8\b\x8b\xcc\xe8\x88\xa07Z\x03\xa8.\x7f\x16qlk\xf1\xf1y\x8c\xde\xd6|\xa1(\xf4\x12O\xca3\xf8%1\x8d\xd7\a\xfeJ\xe6\x8bc\xb3\x1bKC.\xafB\x8d\xdd\xf9\x1e\x9d\xa7\x13\x00\x14\xc7\xa1\xf3\x1e\xcb\x19\x13z`\xac\xf3\xd1x\x1b#}\xfaYR\xc5#Zoag@\x18\xfa*\xb4\xc4\x04\x03V\x87\xc5\xe7\xb5\x9bJ\x85-\x7f\xfe\xc0\xb7g\xe8\'`\x96q\x88[\xf8\xe8L\x12\x85\xf5t\x99\x0e}\xd3H\xed\xda\xf3>\xd8\x12\x8cXc5%\x03\x8d`\xdayC\x9b\x9a\xd9c\xe9\xb4\v\x99\x87\xe4\x00\x8a\x8eS\x8e\f\x05ZH\xa2\x0e\xbc\x9c\x95\b2Cf6\x9a\xe7\xb9\x86\xbe\xd0\xda\x91\xc1sl\x11PA\x93\xa5\x93\xc8\xf1w\x7fp6z\xbf\xe8[\'u\xb8\xd2$K\x12\rt\x87\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00r\xe2`\xdf\xd2\xb3\xaf\xe9\xc4!Z\xb4&\xa2\x12\xe2i\x91kC$A\xafR\xb3\xff\x1d=\xec\x10\xb4+\x13\'\x92>\x14\x00\a\xb6R\x8b\xdcz\xc3\xd1Y\xd6\xd9;s \xb0\x938\xb7D9\xdcN\xbd\xdbn\xe35\xa7\x02\x9c\xc1\xd9\x13?\xc9\xd7\xab\x9c\xf3\x82\xd1\xee^kk\xce\xdbn\x02\x1f\x80\t\xdbr\xa9\xcc\xf1\xcb\x9f@\x8c\xfc\x02W/p\x97\xb0\xbd\x8f\xdb|n2a\xee\x95u\x83\xca\x8a>}\xd3\xd0\xff6.pa\x17\xe3e\xd2\x7f\xf6\xbc\x9d\x112\x1b\x14<B\x91\xc0{{\x9d@\xb3a\xad\x14\xe9\xcc|\xd7\xa1\xc6\xb9F\x04\xce]\xb9Y\xbd\xbd\f\xa4F;q\xec\x83\x9bM\x93\xa4\x9c\xdd\x93\xa0\x82E\x02d\xd4RAI\xd9O\x17\xa6P#\xa35\a\xf6\xbb\t>p\xa1\xd6u\xefn\xb4\xa3\x05D\x8c\xc5l\xcc\b\xeb\xf42\xe9\xf15\xf3\xf2\xee\xd6\xed\t\xb3\xf7\x1a\x7f\xe6\xb4z\x19\xe1\xb4w\xf7\xa6\xd7\\\xfa\x96\xe2\xf9\xb1\x81\xba\xdfg\xadI\x1c\xde*_\xd5\xdf\xeeA\xcd \x91\xc9\xd4\xd1\xcd*.t\x80]', 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000002c0)=ANY=[], 0x118)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x5, 0x810, r1, 0xf78e6000)
r3 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r3, 0x11b, 0x1, 0x0, &(0x7f0000000000))
creat(&(0x7f0000000280)='./file0\x00', 0x0)
syz_clone3(&(0x7f00000012c0)={0x280000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, &(0x7f0000000280)=""/4096, 0x0}, 0x58)
pipe(&(0x7f0000000100)={<r4=>0xffffffffffffffff})
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
flock(r5, 0x2)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x200)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0xffffffff)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r8 = open(&(0x7f0000000180)='.\x00', 0x0, 0x8)
flock(r8, 0x2)
open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r8, 0x4)
r9 = open(&(0x7f0000000300)='.\x00', 0x240200, 0x0)
flock(r9, 0x1)
r10 = open(&(0x7f0000001280)='./file0\x00', 0x0, 0x0)
flock(r10, 0x1)
close_range(r4, 0xffffffffffffffff, 0x0)
r11 = socket$packet(0x11, 0x3, 0x300)
sendto(r11, &(0x7f0000000040)="60dcb8c0ccf9d1f13e280365babe32aa1a812817f784366dc8aa2b433c492102968db0ee93ddb6f5", 0x28, 0x0, &(0x7f0000000080)=@l2={0x1f, 0x9, @any, 0x10, 0x2}, 0x80)
setsockopt$inet6_buf(r0, 0x29, 0x2a, &(0x7f0000000140)="4345be9d", 0x4)

7.235519283s ago: executing program 3 (id=629):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="4800000010000305000005000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d616373656300001800028005000300100000000c0004000400000100c280"], 0x48}}, 0x0)

5.883421488s ago: executing program 4 (id=633):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xf, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0x2, 0x10, 0x1b, 0x200, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x0, 0x4}, 0x48)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000140)="3751f02b82f73ccfc7c431617753f5732f", 0x11}], 0x1)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040))
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

5.708049873s ago: executing program 3 (id=634):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = memfd_secret(0x0)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0xd8, r2, 0x100, 0x70bd28, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0xe0b56de6982e9daa}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x2}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}}]}, 0xd8}, 0x1, 0x0, 0x0, 0x40}, 0x10)
sendmsg$key(r0, &(0x7f0000000000)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYRESDEC=r0], 0x78}, 0x1, 0x7}, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x400000000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x5, 0x0, 0x9, 0x2, 0x0, 0x0, 0x25dfdbff}, 0x10}}, 0x0)

5.456922994s ago: executing program 3 (id=637):
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r0, &(0x7f0000004140)="a1af56567af19ce4706948d30f35abf6494690656d554e6190797369db23a30bf328aa47a2e54509379ba2e477e6e0461d2e45920d509fa49de04732cd2f4a4e34d73eb464d09605a698ad2219a2175ebcc560f740fe531ba46ded4232d273d1865282844f5a3b54d7f154c21a8a82228e27b2c1af662a92e53d81cae3ea68707ce43f89c3321797039a0a39e24b83035dbfb1ac9668b5f87c4ae50250e92c8b113ed58f60015d9c1990253e6646c02901b08a2ec0acceb7ac1e28f59b1e22663432bd5435083b604934bda5f4897467677ac5609bb6e1d1f938a1a8238d2df6db69fcffa48a08ef9231830ceb045a999a9ba43b4d605ce7bb4736ee8bdaac3399576ad3d434c12f1ae8fc5e06dbbfac985d7105c3b7f431854465b6f732e1397e4647e88e86b0a3b01c1ef689a4bd3963deb3b06190576c690ab257b9845b4d412f248184e124b5228f4236d020d4b80ff0772d9515685918c41cad06498a6833d591c191916067759bfeceec176d582621bf23b8d827e2c8977822d64ca19c168fa8a4ea90a60ed60854342e7c42ce11f414dcff1fff715d10ed263d305e5c563ee13a1527795b012e01b8442026032a761cf5104f00dc28a761596d8393e3750be1a8788fa7152a3cd8e051a963120467df86251e7adff7b95b6d17af9bd3e659bbaac6406a70ba347641aeffac9436fc2352bf7822dabd7a4911a5b947f9c07f805e67ec8c7d787ff358b426494b87aaac46c2d4061ccf3d19201d8d099dddf2b257cacbba656cb7626b0d3fa11881e99799b92f0a07813eac359a64a61a03d6527a24a4fee8e6cbd74932adba5ad3a865788e874b796cc8555522b19f76676646f21f31fad8c360982ce2b23fd4aec43bff16e0f3f1e1e804daf28f236081d0686108fde25f7e6a7bef08b793beca5b21b5f4893543ef1e3a216378cb76a54fa879ad9624a60a0b3306c8548e1a22b735213969421dc9ef70338bb7f2ad55adfb6b4f4ca3d8ce7c697ce3f0a6210a27cc900ea2218c52ac06bbcbb91adff643f1a3b93db67d7902f23eb89ab2f892970551127b39e7bb9f37c62adb8abed20c8c84531d143c6be2b8b05766e248a94aae400b36a3399ba1748f77d68d7d7e44ffe14ffd354f508ce30ea991f57018a3534e0eac9cb49d0e6085f93b367d817ee83b24c11f9d38044a9739f4fd41b6a8129fda808bb9301cba6223dfe154b23d7c39ac4fb6656169275c31e15d37d3d96b0aaa13637f1c28178f5fc4ebbe1af6acc985c783a30dffde8d7eb0c8863e3481caf2606a4b6930c234736404d4eeefdda697193f57d332540a423831db671d7d3e8e15ef3d6a26b83a5053bdc2f0b378c6b39ad0b8b9c7bd5c4bf81018ce15d0b344772f6c6f469e40c9848cbcb1b3ccb721b4b1f895a6e034380d882bd30a20f1c2b8ae138e6728306e16f6093774d21b798cd73a16bc577be751deb434ef019dd454fa3ce3cc3b2634ea4957548bf226d0b24bce757382c639dae891e55dcb24ffc9dc2c08acfafabd4565dbcad34e1a8e781c56e9144f0e85a5cf6c79a5d1a8b3479cdc178215f05081eebdc03607798c66fd043824756e896c2b69fe5e843e0eb26c86a37a8944e93a7f3b2a863136d56579d0377f9424cf00dd6da7b19066f990ce05e1b93479f125cbcc5c91aea56ef04950164079f5e22ebfd77d54676b2de392ab20298876bce1ae9941ae109d7088edb29d02539aec8f276b862bb28fa6a68bb1a0bda1b0ec6e5891e93777d9b126d6add7eb36a7f75c435618d368c04156f8a116d0c843ad04842d7b7c84cd87e75fb81ec16ef184fd3119c16c950b84bca9a12a86f0e333d9fe34622f5a51e9772dc8b94c491e16db0c537e211b01c9f13f9e7a7b2f4d8053baded5d6018561b547562efbeac75fd7f520da7aea0f63a278052925c6c88307bed0336c5632ca98086e7712af309f99a6adb3ec4417eaa9aefe3fd43c4402bc13868832d6dfaa97de7ed43fe3711917de97058d60067d5eeb90ecb428182d07092c516e6eef6781756e308926faa9796dd1a29dd4c3827115fa8e14bbe449f4144785b9581a198273adb8bab0d4080adbb592b25fd74d426233f537562a4a98b07f4b2060b4f496c66a0169391b713fdd991fa90cfc313245f57900d980adcbd46ada0a7bdfdfec4bf8ba12e37724c9dfd7fbbe4541bf21cc393249a555746268e7e33bdb43f2cd4932e39fc818e49d0e588d12a3a297be074ad83db57be9d4455ab0685b087e8ee9f5c7c33e10c9d6be572b58c88b79756c45eb9eed6d0275944d9cc1cbc8c498917aa2fd79c00567d4f9f768579f891e23fa9548c5fbff150d2873ecc72da8d0077a223f9d18700b690d8046783bba756a2c9863b7ffc7022b2da68a332f72f704bc38a0fcc4f445891f1ca1ef5dad28b87ce8bdef23ffe29ee23f2c0a002c80cf99399dc7276aec6f9d8b6ff3d7554409a4e38d2029a43f8a70da62b33c44f5f4f299eec825302c52e5f83d462b81512775107059826c8880578f01d8cbd3af86ad61a7e36c2ccdf55ce197ec2a78219a5b952a9bd12ac2cc3271e84e6dad464c7ec9d9f0310614200a98cfa933d5db05c00c95c59fc5bb8844ff856ee7f9b091700b1a93ae1c00a40d9e5e6ce036f90a6dc34faa9dc8e8972c49b055f9a43ae10251705a960f2cfc8430cf9bcafc26c8eccc8b75a788beb41d180d4364f3083f3ffb5e39049979903c76f440810b7ea608ff84f5e56f9e0653bf15b6b6332d458f8d2e2b17d7bd2305a8909996d2ebfc2ee2ff697fccb215bd8c73d4b9f5b597308f98ed8fbda58f52cf8443f5a9db7f0f6e75e1c9e47d73f8d0624e9e6f33c2dee3c6ff394082d78ffd3a68309b3085e1a7c106f62c3959a353672cadadf6c058fe366b03fcd95a23f564c55a3ce9a914c11c8b2d6040147a1539b106adecce531646fea4db06775fe5d1bf9cb0107941b620043ac9b7936b2af9849eca9c46062945b137dfa355a7ee0c81a0193fa60a70e59b407af06a7f181a3e4ccc81f2c580a6c6cf67a8bf93eb8ff2151b7074144bf7c5cff97814e0c00c138d984559ac8b95a45a4497174130bbb0db22fa53187db1d923d9ded441a4d2fcbe0ff5736ecc3d94bfbb2df632ac88a02f2c9f73312e7a9c2d8d6c0bbfc774595e2e63669f2b5bbf6ee6a1ab0c25e3135ed819b02c785494eda4cace033e96b1ecc5b155a14e0c8d51d54d8bf33e499d0913d9605a419bc6c73c6bb07d1a306adb279fedbe81a386fb3bb659764442c4d9d66673a916ee5a6ae59abc994fff64f2db0c83e2b18944f619cfdea0ea0911064ab690b2e03670a3e3667651c1980d0491a40312307e4534671c9c8ca8712506eff211577783c81dc05ffae4a9c6d7554f9fec07b25451c70e6f4d4b160544b66d66dd88ef1c77f09133db317c39fca05b68ef3eee3c28cbe31982adb0693fe9699d06654150346915ccdb17c69ea3aa8bb36b5f321060f6237dec73a011b233b81a6337bd77da5da753593fe30282456a0da2c4a18911ab5a8af13c8f623e5684f74f322ba103482d9abec31a684707671759ac8bb2592d66350745f77f18bd6a6cba542644f1fdf0dca14a08f4ffd1365969ee896cb39e845f71590eb4c73cc624cdcfbdea2352ad5173e5e919fcb98f6d960341047d181075ec8b1e92f40ecd5a1bf157925329748cc7af0239a7803a0c947479e070b026baf6738c29c9a8351685abd43775726ec0bfeff4d51fd3fcb04b108de286c5f61a82ef496e20133ef8b4ae243e81b20822ea6285c70bf1a33cb9f4ceeec053f60992c0023bd5acb0d4a9a55ef377f2837784ada634070a85b0a42fabf288130d6b74ca23473fbce932bedb44cd51dae78efd058dde5d7eb4aadfe3dd8346420567e745ced5189db6df22edbc66580a236f6ab148a3efd69bdea3dac7cffb47df44dbef7fcb436902bb30d65d65d5320c3b76ac17f43d27b2deda8692ba03ac2ae60e4ed2a9232c71a98b9869259a410b901f38cd6712f69f2dc3f92b7c5909f3595e99c9fc77d4d33f9a0e57d5f121e2de782b22cf7fb9bf22fc6afde5e42876ff8005f8a042bb5a9b67d60f40a7ad1cd73810a4f704f14823d4074e5a32b028c8360432b8aff539705961fee84d6c60b2b4d2efad60fb20c1da653869349b81e6c3d56c96ce56a833ee9a2b3e92a4b96c5a545910406751b4e7da24a328de0e20042d1ecc3bf7fd97071bb2740f497307501d90fa9c8e5cd63a703096955f4934d9140ad295cae59232cf005574d875e098637ecb757305a51d102ae5323b23a61c1a1b888c5974a243e42bfc391114ba5ba28e2375cf1d6d1a63e6bd5cf9aff9af16bdc927f642151597fe6d18ab008426f25054ee8e39136e2c217ad1f4cbfccdaf9a0cbd97edef5fef9b2ec486a4b21d79021103deec2ceb26c0b0035856ea2370aa3a8de925797722aeeee2d504184988f9f8727915c389f043c3de2b0d8e3046c46b33cb1615f291f272ade0029cad1f1d2e723e62cf739b667b005de14c3ed265e3bc2d553bb232f88b92a8284996c50e141608623ca7677a9cefb85fb0e0e77e23b9767dd65fbc119a15969ecd10f8033d9f37a748a895fd39390563f577998bb10eda8610855eaeb2499d8234975edb16c438069e8701bec0a86ae108a19b9f54782648af4b7b04a1d7b6b3a853c24f2393120918d1eed7b40f467c88857ee9cddf5f01db495f3138984387adfe3cf51a47dca021f9f31b44af1d12e7c9f4c768f2a46d5c012a937985f56436ae15528ae3597590c927be9676a4ca80a19d44457b06991c02488c96e31094cd963b64e8623fc7000009ddb29b0dbb13671c321d24e322a05cf215dd04eabc2cc6fdaed762d3f9da0f1e0e4b7ba13a6036771c9403457dfddecb71579de33c597860a2e49d7b5052a6b018ddb409a7a84f8f6651d070a4c913b7a721490c8f97c085de8315019952deae16434a3e5fd5d242b1b333d8a801aaa67e4aa599b818c8e747ecac2e9c6176bec7e34ecb84450903f5aa6c6c6bf539b240506562d73c5dfbacdfbcc9db3089701f2c7fe6d6b8d6728f8a1b90a911338463e6fd824ecda51578865b3c363b4b79f6c698e27760c1090f8ae52d6fd3f0f9488f1c25feab4b48c03ddcf74a8b6d2b0fc6b5a89b8051c99edee357fcb875f523f7a88a5f25222fc0ba159873b47fe906e88f920943e453048cdea455dd98fe77f55d9c92e205b87120ac5ef791cd7d6ce7d2cfe689db61096c6e4fc359c9aa4dd3d1205358da38882073ef7268239f7c74b0f3cd60ca239b2fcdc3f5c774559ffbb2b821f1314987d8cbe5342db9567a864d569abfde85f1124e2b178be4d020c4244ddb0cf4ef7124f295a81b9c10227ea886e6f6ea2dca031a026a4f946f49598b76141a0b18170bb3cfa9135db44f2f09c412b823db1e65553aa03bec9b0a35c31eb4e6b0dab02ec2c2d851a731be9cec6078456631c68761e14dbc9afa2c3f631a160ebf9d1fd3c2ecccf6d4aebaf0fafe2e9f47ea9d386425a7950671cde77c6951ef43a1ed32f0ed6fcda74ca9333d2513e4a40cfca01a1773bc13b0229e2b16400880d96e4c687fc54ed0b34326126f845bd7cd2063c51abbf8bb61f6f1dc3606959f2dececc6e3e08d808841c4779ca0f5f51e7e03260d0b75b1b0355f8544c1639b2f0bfd6f95c4f6d151073a086ecc890d6366acbcee869020cf347e700a8361bd8d5c53e6480526aaf31c9c655eae11831184746a709387e60d68c062e5e05e578d11687f6a5411ffac4cfd62331f63a9726ae77c5799bcca05d6983c985cd23d025e3367ef8c7ee903de557322f38629628ee3076ac483f8257c6335a478412cad1d73b6fd43c37a62dd7a0ae7601f12b4478c3f2ee105a915ff2052d23a8b9af3ca59013f553006259d4cce52212862d22c08c29affa3520b33a6b68cf2b9f91d9258dc5052bf360977ba81a37701118f635379d852b6481843604c111bcfa4970afd5a0fa52824cb27ac9a77b7575e3e0cd043c29c5682a47fe94fd6c2c225b6d9939b99c18b5fb898c5f28e87a5b6a0bbeaa2c4725cf5494765d79a50d2417e84130bb37f540e8db7064e57935ec3c6f9caa2a9a1ced0f8c6eebcb9b688490b31f864dcd9b726628218b42f45aa82f2bcdf2c7532c9669ea7ffb6842451ac314a35cdb0855312448c24efd6583a582e15ad5e7f7b714f0ac703a24e2ee8769a868079af8660931ba325ea1c9b636ef7b13776204dd733c3bc69f11e026c382ac0fa5ce8413fb9f84408e4648a5e66b8592093a17a42cb105b616b8239d2031200eecb9beca6d411a71f072fd159eac0a4f4392a0cedb96248dad497b2379f3162254045ce276503093e5e7ab062b942cf6f2302a5ab9af1b3a315ec67faf84b70fdbdb39044a22cd7bd0f62ba66ce2257f3aa0f56d53c8157c4db3297087e25ec24696813430f386f5ad55bf6289f62e1492dc6ac3bb5047e933d54ec338cafb3bfae8336215611bc3e8a5cafaca7c70f580570518a675cc2075c7593e1d98ef02b74f06b041b6ed9b06e820d32b413de06235441a52346c3fd2e723816c7b481fbf564a525646ba62c615060b2f9fb0ff0f00c376c6dfcdb060aca7af2f07f6030a2ca324c8380c11f9c1182acdea2123c52f5a40b44909180a14037c760c4ecc10f20206445aa65cf835f09633491f608598f1fe5cb5175ddc48070fe0608335af27ded864f97dd52c235b7c4ece6bda153224b773c64235c1099054a55849cd1af7832abd1383e82f63715c9cc24543397bd56e34fd5d28e49021bb483617a3444fdcf8cdeb33bd8675334a897e17966fcbc1e5c5c5399bb6bf02a9bbfaa5f3c58d2efd007dcb1190af4ab4b71987ff7824bd9b9c6d6fb0b144c1fd462805aabf2c7fbb043ff22b496e41a4a81957892efe74d614d62d4b04bbf544fb03826e9baa2a84f32da4d1154c1d0fbdcc17f24a49633761d2b5962e618d8a9be2bf373cdc9c45ecff0148f355075fde5ad5e8da5d59498eb2b7f77a4c0622edd29d7dfedd748b750d0b48057fa7b8ff575714a408a926f6e0cad081eb24780fdbb116fb8dfefb2006f765ff95fe4def6b83fa97b3f54204a0c00cf71c4a1efeface1198a94610570816d08c19af76b03afa42f722abbfebb2c99a905300918dbcd131fce84632bf4f7f5dabd1b5b05742755b45e50eb89ee278e0f6f1a8ad3d9f907b9accbe4845f6591f8361b52e4dd8f19823efd7e89c2ba80c70671eea397e1953daa12907ce59d940a6dcfb3eef7ba7405bb489c38319ac4fee62dec986f6eb9e2fb032b5c99bdbca90c42e7f3b1928154af66de5e54b16d8b6541f55daa90812ea7dab78a87d969e4bf95c47f70ce84f9e41e542bbb91f77105c8314e8bd5d8d37e11d9af07c5dcedfab1f21642bb30fb332f7c6bfe13cde2f28f104344777066afe5b0f6db14390f587e64417b0dab027cef4c5daedc75812a7452d45e57e8e274ad8cd8a10b2b9ce0f371809101e9340f2fa0a59501020e48f862572fef70b350938e00a921fb1c080e933eaad2d56daeed692e7d69d4b95a2d1a620da88247314bd73a20cc7a504427df77ba969b5adbf74321e982c2a1913b66a8687960c8fb71a850c1003c76fe1c3bbbc8eb142dfa01f5df52b72bde0c8884374f72eeb8038ad57beb6c732c511bd5847ae8d4b69e195f87b03379279936dda69e11cfda279f37e53a05cb787f118d66f62a87037981937d6083e47e31de6a2700cb7976c0dfcf972bdd458e561f13b3e30368c8bacb722611db7627ad4e00a34f69a5eb9edc7eae464b2422a4c38bed04c49b15fce25ccd22347720273127236d6e8178cb414d1b4dc36cabd19f713782bde48db7094577042083cf5d42224eaa69e0d70b57e6f1764a825909c48858cda13ab13ee203fd0d57291acf508f91f9bc428d4c9ea06a9df3c9ce183e0c101a4d52fd87866c2146219beb15e616ce239cb025ef3dfdb3a2568a833c88a66a580ca9d3f2b770647d5baa42a707351688dc0be3b15d2cead64792e9f9688ef95ea5274c08ee13c4a3797ce346dceeaf7d81a18181839ebeed412baf43ec1abb35b7930ed7a528f9a0bbccd1ea6eb525488c6731150afe791bf58e524de4cc62e174d134bf5d170132efdb2cbb42b882219de563cbe6280ce4cd8482699442b236d1bd54517c3ad25fb3d68a649920357d85f343f0b46ce4a78b1836b6ecb198f1f1686597206c09ad4534717402eefc0d5a90639f91b84d3de00e7d815059640ada64140687c3e404432c74e91907cdcf3e07e997eed9de114767829833920a9fa5bebf7d99fc4f461375f3426b136b680230c7aa135f0d2d72be7bdf8667a8cf0dd0bf5490e393b5a465d37b9ee0d659c8c0f96681b71a867978b3d11b8ca953ab01ec1714ca9ca1e1ed5998e02934901dcac10a2553a94618db7d79c4a48741afe3bceaa994833595808f8080f6eafadd31caee252a7d115db962320be9503147d39adbd11b1cd4cf2cd4bf94d9036ea61b2d4791c6326af653847d2b6dd83f5df51eb9473ae0c305abe5f3896175d82a2b569bf100166004886dc58432cd678c0a4a152013b2646a68284567b898e6f3d38a9187b6d10075234b2e11b7c929b308bbcb82f4a8ceafc503f18536092f2965d13875060c926b5404ccf3bcfb1389688fb4bf57ff79201d8a00cbb54a12b3be4693b4a295284c90e7d0f08b632eb0411bbd01d51112afe5db173a8159dd38fe6e9804f6ae779479ffdc697ec572b0934704dfcc3e9b2bec95587285299d1d79192b2324e4eaf4de74df050170562c08e0a821f47745f63ecbbb767846ddcc331f459013ec90de697346f1e57345a51fd9d2233cb3591c406bc05ff5c098c331cd026aca7ac1fb1c35c3d3597c7deb89620a364044b30c77d5071bea5b196a0c380ad40370985713838b1c830130a5fc15c5501748a2c8369e77c3fd4ec2f5de572ee183f526359f28865d68eb87c21f8fcd4a09d76ee6d9ef31561d9c97ae3672500e342a798b04177f2c5896bd06b4c96a58aa839185ae44b838d763872bbf1e7b665848f1e186b5ab6cd4628f4725324981b0aff0b9af2f78883dc8433d2dc26c1766e0ec77c4eb63da1f859c09ace8889fd2c5ec7f7e11eeb547900dd9332b7b96ea6be35aea692e54c1cc3d1211bc843f8e8ce71abb88873e132fe214a7e7670fcac38516b6935b9e0a2eeb43a0aebd25676db551d8cff4fe0b6cecbd59701317022511a2d612864c09496c99af48e1cd066c5bae55b415ec08e99947ac94885ddf875d8f8af199aba32c0bfc27f6e19e57380618e7940481077edf6270ea3befce28a55c2a68a961142e959690ba294afd57c5530a5fbd5f60d791a3f06720947c74cec26a571a9f2e5cf98cccefba8beff72f2570f8a0e1a130c0e85d4fbb6a6f0b881af274c9eb063ef09176d43f8f18bdb35a0acb1c6305ba5563d1b6baff53b1251305de413052667c4cf9f94460bf348fb27ab5719ae44faf02dae55d8eab643040834b04aab15a197568e8ebd296638b01e5ea34e39ed47ffb58a47027d4b7d978028b7812a141df233065e93c20dc736af1cdcedcf7e766eab238b3b4d3df022f50b43973c47d1c80055e4fdf569e50fd382e840b76a666e5b3db6c06b1f0603a2234b9175c5e15a22855b57cd5257d9b5a456712f281f83e1c6c87f58be8166f8b2e85e9f54d24fe3b420d77a22745e6c7ebc89e21acf1c6649324f4c5bf53e188ce3216dbdec21a06fa9e61d830814697727305fb48c705c4d6c4bdfb874e43a8fb1423e2d2d6bdfe22a0d2b211d3beb86937c639c934cfe9a4b6c2853ff353829028854e8d7d75f29f01c4d7c297fe0236345ecce914b3be4907788a39c093c9f9e2c930a15563cc453d08123deadf853c83db0e3986d993e44e441a874411b7905708462e1ba42ea22521d7c57089a77b14b6dbe57f0ce69c7c4f1c0d53385655a8ed6294f113d33ad8867ac05e80403e6a8103d1574fab80f43a4a3af93a67678346d7b3b977a1381afb93990b1cc3aa73cc463f72bd898f647f3f5a3b342fb5e37140ddc499edda92ee624039ef3f802c9055e20b7d6e4f5a109cb4ca1bf84d37d1e78d45a10f45602b61216ea8969eba3a0075256faf8e577de835bf0b37311d16310645effca6751cf502a035d7ac7d1ca2c23547a739116efb586dfe2762ca4bf5ce5fc48913efb41a4a93fdb240f0895cdf306ddd13337d38a58402561dd663bbc675e1a378d4f770ba5e308c6ada84faf18ab2b387b0ac139a57dc534e278a1afecafcaed3746701cee14edcd3f35cc39c91ed5be8a178d2fcd97567e8ab661d573278062bfc3c83acbfcdeec7f08d3c1197ccf830c883eaaa01e2cc44e91cdc1c47c03797528a9dd63cde259b4b211b57af121b125fefb26c110da83bbc150e2663a22273cc855cb3c52d02fd92db59a7c876d1a18e66cd64708aa478f3f10e726210dbbe2fb1afedb2034a7d59ad774e73f97d7b4b121cc25b90dd4fb5179816174dc4650b2da366d11a519f4310972944625c839b01040c712c635d967269c6c07189b5b1b496403e35e9ef01ecf7e795c357ae08b4736d2c1bcbe556cc671ffa37677b740baebaeb1b74c922d1ac83cb3ab86735d07ebffe072ca08ebd56d0ae89d5535a63bee75810468b1560534ecdb4a16495f9a7f42164df055942e94011848c5dac783a69fbdcac9c477850320af0c10da48775434088c7d090202f927463123639dbc1d48a871e4f20f75563f6dba586db6d12e2e7f36e7da4915037fcddb4413336b423f6b888bcf297fb8d33493e9fc2e992afeb1b83aaeaf46f4aba9bb0aa2708272ce5b0c90ef9f6c366c20e90d0f87aeba828196acdc4306131c515319776dfab27de1e3a501cfc560bd3a1dd29e54b87de9a01d0351184ed5cc3323cef72fd423dfbb0ac90eeec5474432ec1e4c64d68605c378320c0e97a3d89a409b7d969d6e116c2ba861f57418d8eaac5bff85c416ec5224d92df53d8f272c7e02e832bd21ef4d6b4a9bd307f8c1756c3e6c155bb2ce5807311d60b2fb31357c89119af443af2d3a4d08fb6221aaeee97bfdae51ebf6c51f98300033ec513ad6996041441d474ccf3a2548a11b94527ebc2e24d7519b1ded645da3af62060a4ae19eddc3bf331c4c762d9672de22558c655ba05338d985da134230fef2d0639743bdb4695517dd9e3733827050617b3cc792d12b3280eb1f5b22ad5130b27f9a5e25b965028874db5b5efdf881043e1279187294bbc35865af7662b23b9adf614a9af41fe4d0c9cfe62106a2bb6d294d3ca554062b2c7a0299f82fd5eb6841fedf096753b1a63a6b4dcce3837ee36062055c9f52b3272f411709db86d59db530fd1ed9cc2138817c290a2777d1d54cf4b7b2f8737444b58334a1c26f63ffda10b749b5796fa61ce6f74fecef2c4766a05d0468c1d7056beb8fa9cf7d51d5115690bcb889f09dbe01b1c55ac860a00cc159f6683d33fdca16d815fab5bbf00", 0x2000, &(0x7f0000000600)={&(0x7f00000002c0)={0x50, 0x0, 0x0, {0x7, 0x28, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000061c0)="e0332f8f5747b9f778142cc174a9b5f0244b78bb6346cb5fc9135b8220090ee698fddc241870359d32327f299718466d88c89e68097036bb35abfe03e3c02234dcdb2c7d1209c657485ca1aa3f2fb80e71397b80fca6f3cf2367fb19eb95e5b4a0170063374645d9e020099ffd7def3d94cd29412b3d7b7a47bc70121be848cfcecea78d41a93622b134bd06e84dec07a9e5abc29cb02d5b9091e748cffacf48352628822bab7b24a17bdf4b3f3bd9fb17793496aa6490da3f58039ce5b40745dd63f82d93bed80b50ca5742d67d39029a98db95c9392e2d5fd9a35bad30cfe98682b5a069738a12c3cfd25949106cfc839202fd21c2b28e44be73280d5037351ead2dd1c277d9cc9088c6b14365eb0937ea9685f6b26232293803260f2c84fe176b55df304bc2865b8f52581afc4beed445ae8cc405cb7bcc51103aef812c41437c5b070a3591ad0964677f4f9017bb300727dfab009056bee3671a9694be2e2f2173fcc06ceba5aed0d9da697cd88365c5c354788efcc705e90d572e34e9e566fc206a8167970ecb9cbc43f4d9de4d43688582b6600dfcfc7379c831e756a45835647bd87879a3e3942c61b9ea2c2af35d49a4caa9a109b0beb972996ff8924ea371e15dc48efd12b1203a7f1fe354977fcf9e4ee2c8f210387e551ddb55e5f67ee6bb9bc8772649693b0adf24606e8ccc59f020834d8cbfcadfa1770549fe464dfc412308fbaee8d30bd20c002794bfb923bac6b490841248d12ad9a0e54d1d96e3aff5dc4930a6c8b7c75264a46af7a6339725fb84e0363463ebaaaf58d6b9309ae7c87a8df8c68d2487d684011de1fa7645f3f48cf3bb61bee8bcace2f8ef5f967f2765f8086aeaa5dcc34c84e379a7ddd6438cccb5b80952fae37863708041eadbc4ad2b2ef98412a46f74a171ad056429dbb723cdb9ca9f9f03170dba2870e5988b7cb755599d1eb8f7eaf5c8ded4b56022cb479d0bdfae18f69f9ecc42f4c181ea10838229ba5db7f088ad8d5f77e49c1fd93ed6b983c43b23c7eeb1233f0c114885057a27cd3f67a309e3fecba241836bc92308b830b10b04af6c9595b44e859b9ca7ef079e151fdd500060787be3a7a5b3e23b06ec70f087134504f8b8e7b6799ebfe14f698ba7a813a380e6f92cace9230aa8094a2465f7224e2becad469d0aaf0e48b0098eacfb17abdb69bb2ebba97a09d2b739b532d70db91fcb0fcb38bccdc01d7c8113024ea8b619e385e58d31899721416e10b408504a9c4fcf870d21051227440a616cf62f6637b62eceaee09029f88009be02269cb5e5ed090c6f5e6c652c31214aef301bd23ec2504f90991cd27539c1b8b54db51825e951d076cd0e70f56de4b91894ce22049205483a0fe7d7886b36118bebd96d138980e26604b6e70a7275c6b81501143119a8c2c271558202eda196704ef9ae3c33301e1afbe56d069ce4926bf531d960f3df58192f3da558adc111ae8ed6e24e04e95c406b34b1f4ed2726ef0f6a67dd84c75636984191d019cebfa883fdf99affcdb4c874614a5312455403895891daf7469d6721583ccd1290ab05b14516f22965fc52c4a528f1a5c20cc133fea279d9efc991ec4d51d2654daceda234f6d3b0c635db697aba3eeaf8356319adba42428266ac09a6e6495ca8f60c1c4e052068511696296e88ef86a591948627ba97df634e0063eb5f208df00a069b1213c29e58cf76f591253d60de9d7c01d29992ccc728140299c429fec0df9d90f83fa2467ce00de83b16d10c7edb80ff8d4b1b19eea9bd1e2783a0d41215c9cf23bc3ca1ff414e3f29aadba00c5a8d5b44c28c10e99140e5428278e54bfd880a93fd1b54b560422ab2bfcf120a7902373b6442c6e9867b19aa0a6b77b1634ab6fd1c8a1d90d99ebb9ebcb89d593562b266fbc53c40501f9298690283c45059b3f6ee278e46cb3904c947446c28af8855b2a68e6e0c0da205a6e12fdd15b393d579039b31c1a54230ac2ea13cf1f5540046b4dcccdd731fff7323c4880e5d2d8668d8a7f08920715c17ef9652eb55f224c82a6fdb970dbf1032403f283bd868a23f4785a6ab9c0bcd2308dba1a1f258ae512cf64784e501008db366ab7093a6cc4b6ee86154d44a1a15c10834602dd5ccf730f6d1142ac19d113496dbcb80021cb5733924265d082a8453b5c21e0245e4a2627e8df090da6a129ee49c58c1a7437369acdee15f5e4e5638f05d9f6391572d9890219def702a013a2b05239664dba44feec2a9508a3200b47de03e6a784bca2f3633df534af33da0a95a34ca845b61a22ff55a5a4c04ff9e06e7162f458a8c56e106e75ffb76a921f4057dd73d5f3801aa78ca4c78d6b79bce560404c2fe3d57876287f73e84c27c486ffb997951f9e0b3aa81a5e7804ac7360add11e7851842d0ed8df041c999e50226fef006373bbb53d5d8e9d1653924e60234fd0b6645b821746f3d88591ff66e294e8e958ca425ddbc7d604f7cbbcb9d5fe0d4ad53878eb16bc801def1005e1eb12a6d4924d2179948e7aa542f2600ba3c6c600629d64c529c7326c1f38aa4e1a6cc259e58f86400d65d67856c8f4fffc33ad4c279dc05367307f562f8127f37b03c3cf38a97cfde0c02aad8ac40d347a9e0a496f227c068dc6c666fb2b6a18990f607399b0707d135752d93739e1840b5b4c125c81eeeb318869b408f87778451e49f3ad988a8aa97672989ad367833ff7e7f0e79c37ac794fe466623e122127fb94ebbc01bc775183b26b2dc407b1aa1a55d4ce04dbe1df4fba0377fea4c4bfa5a37c4dd733fd116b9c7f50b11dd512ad68646b9ddca295fe27bee78476901fbb5c8d2856ae0e9e21ab26e3587c1325f1fa28edb4081f2ba309d5fc39f7f54abbd0d5a152c2f7e3a8b3a5ef6e097b109061c91124f41f33055a7bb86706629f614d40346715cf2fe387ef4e4fc6646839824d3ef85eeac85bc5e681320f6fa7057e0a10de8c4678b48510f77b91bb397dd1209eaba8ea1f237c348e9e0d7af1229e2c04b6560e48e3a7491f3066b63a8923becdcfd8594c1c55098a51283b599765b049831cacd9478e5e996c778d524b476f6677218c94886d7548be7617e5796e35bb3c9b13d70e4897867d85f0350e9329985f051fb556b861aef7dead54e6b29b9ad837cb4774f47a5371ef034612aa0c151345546b876b53e9f2c06e3ce0113e67eba8842f4ac5b51a61315bf050078c710dcf14371d9593730b1d0302ef999f488bbf42b7360171da98ad68932bda4937358fd1d0c2bcd04f7dbe2beaffa0d53cccda316cb19270cf4aa56695ef3203b49fe92d1623cc1d714da6b8f94112db1781562ab2ae50bda23debd55da440434299c992f2f8c264310d6d8ccdd042737db0253d6889d8bf36fe99a131b73300c9798b8fd58b5fc681b97e71230cd3094e441fe5cf1294bbc28f41146f06e39d5e19e673dd489dbddfc16fe281160a8008e375025cbf25e84945f2f0a5ffb2cd58273328ea9d7533b2f0861eff95823cea18dc1877183fefab808bda0890f91f1d79b36953b138fd62caea3411900647a4afadfecade2ff6274175f06614d108daaf9821c413a137e33c826957953bb39e2d852097f978c3577abcb71d68b45794247d8e82614979708f6d6d0e469828206b22913d6d320d815d42c0d943640c63196f703f946089f535eac511e26c6a5a529e875eb15aaf65fd50dcbaf37a009f2f9081cdbc744cf7aa2336913e89f1961581ad4bb6aeb1d23a787e2d3f99639871df5842c30581263d5139128f076767ef48bb636d7aae06581de6baa55a12019d3ed831950915fdc1eee819dd01047bda606f2852699529718c99606246a92bb1dd9435d8f3a48646c0e423441bc783be358c0c91e6846419b6c0a81354500cb2721834dc11ba40c3bbe5717e5142922a168ca0e20fc269ea584c7f68ff7cced62c4277385368b4ad596b79c45a9c4575c37f300cab37a5693cb777fabed412934d3a77505b17cb2628119ddff45f3fcbffb50386eb9cfb6f82b37fa852ad4b65bf8e2898b11bf051cb7fb0fa81cbf81b9d9ebb05498aeb2691eb15297edd682976d5a4f444cdaa82f063bc4482c28c4e6257c7cf3e5ee5a502c6527b77b12725e7526ff896ee2f8066536dce04d63072a34c19d533d4dbdb93e7185482cbf7510c5eef2f8aebebad011727cd8061a367b7e1868252bb43d9a74c9c6a10539e357d5367fac69a9296fe5a79a2e5b45950ff462e0e882aa32ff7f29b5644e5311f3e0b076c58683de29ad9dd8b2c92a41ca8313ac997e44981e82aec550bbf6c88adf3d54e9fdf93d9dce95289e9086043d888f19d209cbea79e0f5b2c81b2c3889eae1cb5305e282b883c4cfa3798eceeabb442a74ff6a8470020a296ef01d8e32553663c844e67e5a3a44375f0074ce9547a6c489ee86d7652219491f35c6b904d51a26c3d2cc77d8ff97050dd0d0aed4a1ecf1db7ac48673a1dcc70ac16f709dcf4b90148aede5302111ceaa3a81c49b724cfa206283b62513f96c1da77efafe2d2d08a5f391ab690b5d974ceed2e95e85b1039def0e94c79cc0aa1de1f8133e985adfadf4a657710487b265bb6692fd2b91a06ac98d50b052b8a13168e2638b93209238fbe67f4590a81a2cdbcc479ca9178720a6ec05bc9457f27ad2e2fd2f4e9c643ef85b6287a01f7fd597799cce7d6464ed3c95110733d4ba92314ba3dd81e51f541a6e37f8bb14376e41560f9049b4ff349a467defc205f915a345b5f06d090645180ca642c719f03e9813bff7fd635660efe38b022130d42f2cedd792bcba2bfb14385c6d1cbe5ff2e38c22f1f8d5e4d93d296042507e43f24ff904827b16f2a3572d26078d7fdb0cfdbe2e6bee07b94ae441e510681c96f97ef0ddbd7efbd80ce0689f6e2022a189dd2937d3eadd82a154a5fac91b5ef48523706957b8d5f55077973e9a036009d745a6df39ba154dc59c4ef784d62b3f2d782dc508242a1b0e4cc294b6e62e98ef946f0d984c3174cf86b8a0beb615f046ec50dd0c8a9c0f36df60bd162f1130f894085e7c47b6c28ff336f5d75166c1840e7ad07204fc10ce976505f6aece0316d8c65b973f61cea2fe4c6db722717985c25249f041c07a86b878702a8c9ab7c33fe41039041aa38489b02a28f18d69ab34619e9e35514c54592c8059984ace64b5302b5f22d68c35c7ffb23c63ce877a1e1b160dd2c329eabcc0e1e3072021bd811de3c0c7a68af20ddb9e2912b7eecc2a8cf083a252d0fe31629b20559f00006e4d8625644385c692b8cdc2886a42d750962d0dee10a1546ecb7ef961216cc456d2450a44aab07014fe0be076ca6bcb46b644af844b2ad8b3817f1895a5d579af3dc937541f4b7e9203e7a7af534b406d8f6e3bc555d767603122ab1c4e62de19d6af63be8e39fe45732859d6d92e11f1a847f7d62764b6364aa7f95f03cc7deba178fb03a467da5be71657ae50ff6bf93c51efb7d19ac9887e92fe5f3c9d545209eff307c9e02073bd3404827e148aa63c135ed668589bdfec38cb4771620124d02f1b03993f89e96b33b32e52ddffb0580dac45422ba7a3fef76e519a3dc8d12eac60c2d2f8c4303aafa3e80135c403360d51c9cdeba3ffb31e664302f587e0e983ede7f9b2bfe2bc64bd5029cfa88445e043e08f3e9affee25e980e75d2664738726e3d2eade7dce0ece78a514bbbe5a54c121374d079e3b05996052d66889742232b73e950e1a9892e7352c9e546a8cfb48332d2b2be6327208ca51dc2869a562581947f62b0d5bfb3e0911d4854f822d6738b4deb195840d2bbae0b074b8d1e1010c24ec00052dce7d259e3044aab1a99d261fb3b49cf09dfc85473f94db06d49e202ca12182283d48144f8389a5301679901600bf8130d36315b277a99204b85a1598f84bd2d4c4893108f6717bf44234181467d6eeee61e1823268b5c60bf04d0e13e429f411b51adfca20ff1a1b1eee203d59b03da1643c3e9fc474a91470116c6c5275542adb10f3adae2ae87e88b93f334e0cebb22b89b807627b427a815aea0dbca69e5fb215ee996395d8a21a1c67ac295be33c6517504e1f00f579f8c484873cc670b5b9e787b1c30ca1f0b25f8bb8f4bde3b3f4fa730c292cbf97b25068ba9c65f78c555d5f75d52a57958d7111e824f3afa16484f625abf62afc80654c36fd9f8284466422fb18e08274e8febc719d45b784974d50d187ad2349429af3f7930252a4d45997762e9d5f5493d408ca144532aa89aa3d43c46951dafb8f81794e2e9679ce238cfe86e112f4f046d87feec3be04461032819d62f217faa71fa9dc6da8861015567d1f7309090e25b7015dcc6d72a5e7ba53296ab1bc72467ac50831628cf5238155aed3fb189a8b527ebd38771e16454fe51e3edde55cea454414690491207c23f6cf33aaeeda432de2d1ede04e039a16245e66cce6f4e4ea534f290f02a2a81a46d6ffea7967dfbe37461f83d472091156594852823392efc953f4ac099d74e2d0328d9f47bd952352981a34055acd0273309484ab56afa85ff0c22fb53ac5d7cc8e346b4c2f38a4e2451738146b7b90c14f826c7dbc1b2be79d83772a8d629f2dfaf15286a15be1ea22a05d4ee3de6a6bfb7e208dbbcc88e77baac940d6438aeeb77c3a32db08b46e79545b65f7f3c1bd433092bc9116668c338ab35c01cb5871167868c6b61bd4c0ca5f96e5ce2465da06c4a320839f3bb7c0dffd40d5bb9a32fcbc6f691787de7211da062616272c77c62ac83e4cb29fb954ab27d9009877b79be54acd336bfe2a6e087abaab004743f5ea4ec8ddfb8086920e8e458a413adb98077a3cf860513cc8a453eb129556c871be7e7232a6130c4332819ad17b289fdb31f8f8854dffb4cfeca6d792567b444c750820a2a8a2e0f93779e61a4966650909369fc8bd5bd2bad4ff95cc8a14f6cd83ae6411b4bfe1a9b5cdf1fcf32c54cef1731edc47d41fa581376b25006fc859b98805d70a157e501a2cb2ab425340965213adfecdb5addb2b4b2ec5cc6935e4e279bb98283fb20dfcd8a2c91aefda9dc5a57bba4d8803d1eb0f4ba9529de01e39c2aa60a91267c31d036a3f669b9377661837f58c6950fdf38986ea13ff5e9c4d966bf999002da1a854d54aa225b259d91eb88425328e7d13b06dea321a151a8dfc44755214da97168e8acf027d66b7fff45ded94fcde53ff80342d4595644549c4ed827225596e2b30480e94eb049b6cd718fe8424d044bb5098e0206047ddb81755e3cb92131dd47ec754b64c4b78f663e364cf8a74cdd9857c81316dc4ccd5f02a84b310abfbc9d6a23ee6d1eaf6b8fc1544cfeb06002c8a40fb0e49859d2073a7b1cb112713518ad5e007d0a256f901469bfa5cae98841f877faeb584d41bfe695da72ca5700ae085f39c99f769502ea9f43c0b84ca4611441d5adb3e5d0a426297e535258748169cad487f97d171c0630642943508206ce648aad2971297f3d4037d73e5fbc73460ca7401b7dbd7807273ae077a81fd0d4bc90b6068e3ec95afcfeab16619306fb23942a4308e8253b35f4912df392dfc5daf35dd842a5a1f78fc294cbdbd504056f0c7779121b5b3db7461e437347452476f3b0bb22e63aa23cb9d3e797c6c95513058d8fb2c27864ac0e1f5001c988e29c79bfa4236c7be41dee5561d825c1f0fbebc0c06cc4712e88ad5efd94f4eb4e93794af42a9752a2ebc57dc2f3881c75bbb23ad25b69619f9f5b07fe114ba291d2b5b4c1c175e1aa3ee3eda55e6126b3ad1e613bf8e0bbac727b879e7796fa0ad100893677a18b53f5eb31db43a97370d3749afa92fd0291fa96b05daa6beb43b9c1c11d9515976976d1cc1e44f35d317299ceb68ea2545f2a2b92b4e1046f6f92c33aae6995593189bb2611576599fd765b8e6fe2e88674ffd57ee8252287b1904d622c36a502db45c72b0d5fc3d983cc44bc955eb43911404667a4ab147d72b69ef2514dfb820ad75758e85df88499cea94ed658b4c1c2f49fe2bbb8d2dd97f844a6df289296cfb9cd5bc8d17aa235e2c4501b1422b25acd6dbc3a91d03904c545320524f9034955ab02f5d058097c37d23984baf808d28b3e12821eb8919a77c1b6a8bdeceecfcc487c39db592817dd378a7c5127b427e7279b2a82f6b8eec6b3fabe0947e353e7a386475b15011de93e2f2891f772ef90f4aba1ee1c4d7321c81ce4dcaa378daeabb93182c319494436dbe67d252a01291cacb59686ebd53c6df21c083e98fa299cf5e9b59f1ccea95c62b1437c8ff8754a6372b5b879ebc3241f6430871eafe35337d75cb68c42862846df4342ab434f7f0a7b9f66824e1e696e3dbecde179592774b7511e5a7a1a06ba601eb5f2a935c7cef0f83ecd412a84afdd05120fceb1afb6445ebfcdf12c2287bfb75dddccc45afb4f5bb1308d39309c92c0b61a322d5229881fa5d598113cce54107036ca9f63fe863d257c706fe89d5c7ae59a459c6f15ba48d80da4aff541797b26418acddb987df3544bc4918cdbbdd8dd1bc2163c89635044e7b4da878457727a667c0146a12b4c46639497243259bfe4aa5ea50eb79f39fa9209256c9a685e3e39d6d8b6a9ca7d3554fbff0908ad6c6ecf68e506c20b16cd4a98e3ada9eb0cb3eb0b75b13b6d80bf99eddf2282da52cec085d3a725b71c29395d605e1eb26143290946a3a0d24347fa46145735dbf4eabc12150b8d5f7eeca804d7ed1fecd0132d1b94ebec65cbc07dfd4d54a5140567e77c646bd92666922c43aca8e482c59b970fa43087eb76d6715e4e8e5ebe54ca391383ef685b133534fcc1e5c5eb56f9d76a888506c4ac8d289c37039e0c4f927b0e11e85c5c7ec1cf4b19bebee6014cb89ee57f2ade8d166005e956d46a0c01f60b58299479e8a59a2e88f1a7ffd08b27d92fc2772b338959bd0a1c9cb95075c3cc17043c818345b29b76c0b8ed41c8c7259cc780c657cb9509daec1558453cfe061f54e08523a55d3223897559d51096b680802144f1dfbc114cee5ba322e007c2af0c08867291dd732bfe4b24d1d5ae517a7f5903c369ac6b157d42eb6ca8c0d7b50fd533a56c814e7cf04db3012eebd53ec1b123d65ab1e462d9f9182b690d56a88ad5a1f4d89f1749b005e88085505cc6d7de8eeee08def67bc1d1519d44b7a62dc07e491f328f786956d9200f00d78829e6af7c1a5835366201374b9487330920d4c57e2f7073292e173acc2424bb0d5e0e9448b4c02f9cfc99bc408110b6a3e9bc3799e4b178c2871069bc7d9ceba564378f02b2932c36f159478b5facd452b595a86d119216af9d860bd3997305320159a69a70fc62284141d23d2dc1e5394b271d99e5570450f1c55807e96c7cbe1b7c2e3e96f69fecf0f375e36e0d2acf319e37199e98486a8d145ce2d996c1909402744cce63664a75e480b197c345360321e830e5572d1d7bfe5a129a67fa98e6eda5268fa588047859daa11d087d0dbf0ccc7e120e3a5820cb4f5dc06748317e3f866518eb66e39dc8a68a7411b3403fc8eeab8283dee4d767e8e5842ed922e03ae5b3c9c494d5ebc61527ccd1222740fedd9e469ba6b30761cf387d654081c7e63182860e4548748058914a9cea01caf074fe6a78fafa2b45c516f9f20af9ac6773a400fa9661a872f6b55f0ed52a9be9e9c35502604b924f0eb628d6545da322e0713f9a5587e87e4b04fa495423b7c72093b764adfd1430a2e608b7af3d2bf80fef00e5b69abe386618274921ff57621bb99739de2e066ff17e95eba027f6a35170af3a69e93359a9643e155832d45c1aa9a8f71ad35504b99d3d0a1c11ae108664ea36f4dcded083aee17ac9efe7ee3fdf7b63c7c09bcef62caa88708510d45cea79d323083ddbfe7e5d3d9138f206a7af82ef1d26c85015c3e55a285a35d0052546493536b9061db27291a9292033753b7bddac63dac6f6271689240e43523c434a65e1d35299e386c953d0c92f21057e0b7883e049d20961e75069587eb3df6206496f76bbfd96635bb19837ba2ab193d79072ffb8829306b63697ff104a65031b8a38c24cca9ba23d5cdf753169a00fe2b2c3849f234a7029b657b3324c10d553e601aa97d17024f7bf5a99f96392f4a079a83daa27f4e3b512ee8536e764ce4dc36fd0874dfa502a693e55bd9f116202c5e906703e2c43d84448598b7af78aa60a205c152841e75e23436738ccaa6bbcef87e6a237d86d1a5e38e56c162cd6d61a4fb8b410b1643ad557a22348edfa82c23db11c9abdd8141fce263a66537512e93a930a4801ad862a902c7c1e00eb7c7466b1351318b7196c2a9016c55a05e104e124bdb568132f9397e31b10d04e5284bd029ea2f6a3ed11854e09b5871d6a725c21a9ef5d7e729a90a8206d5f61e6e42e47dda3e31b9134d47872a0dd7a576b665ec6ceaa5fd7d85ed7feede9ac9fc23e40241c0318077edda75b62eb271e28fb3705f7b4950c14b721a3a74a7a4e4de02cef5de76a1602b906016c0892ef37db51b0a1dd53f28b3d896f20abbad1ad0e0220960423267fc6e1779d1150fd584dd184bb43278d2d68ff21ac0daeef5408348cb80f4a9e0e606f6048bbaa517289451f084fffb63c5d904788cfc310b5495528a58f4650dafc4e4675b99d35ebab710ac6fefcee6c51a2835510fb6d2dbd8f97c3e53fb7a23c3f3c0283eb2271504581b9c1fa31e35c117e56a5d668a9c57df3b4e1129ca019a8b877fa4a22768dfbdd9d2154e17f4a7755b065090d88982471bfb242d89af5c6782693a6ab1b1be74dfa5655ac3b5ef4ace8dc595803cf4025bdf5c0e9fbe7a12a3a313311809591da08a2cc6cd8480dc960e1f79fa208440a0e589be5756c36d5830a51c4bdc39c2a85c0431bae3a7331b2ffdf23623693d343a7938a8a8a4dd4d523c6450a705bccbb38427f06f4f84a18adf303c0ddecf4ce2b6cdde4e09a4c31816195f0fe9f05fcdc0609f8a75ad2f23d5c24faaf346c13ec0512a5c29477ac561c878085d1a323f6bab08e2fb9ee57d7bb621ef21caf3609d74036c6dc1d7be0b6058d89d2b8d9aa4462fa0a740be66e3fdaa957f27c5a26dc586ac8c927ab2d7cf1b761798ea4191be8f4423cf1a6727d0c5f27a9969a753573afa584dea82678f3471ba36d726c396d68c671e579120f1a11cd50fa66b26fc2d6cb74ba07edbd5d3a288cf58ed1255381df02b2fb8983b7cf833433d1ab8fdef12651c3507e4b69fbc4b234678cca36761e8da434e5f036f204a1400da15277ef27ac140e2d574b89c0fd617da27e6ce862883bbe81c288834b9477d0d440c15dad505b363fcc1cfef8e2e3a96438809505844196acd0af751dedfced67f209c2ffa9c6da842c93ff4b5fd54a67df904f2f31b4236728c99582a667a8461d397770a657ffa7d514b0f076d7f35e9704a836e7882a2acf0a0ec2158ac7234953c3696abdc791c0b163ee76fbcc5adc18b6fa0f51f76f3d313a0d891f1deb69f6e44289b1aa43a768b8d13270959763a2c45129daeea493a5b0d7b36753b223dca9a8037368653400", 0x2000, &(0x7f0000000a80)={&(0x7f0000000340)={0x50, 0xffffffffffffffaa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
lstat(&(0x7f0000000100)='./file0/file0\x00', 0x0)

5.364978817s ago: executing program 4 (id=639):
r0 = socket(0x1, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000c044}, 0x0)

5.124211447s ago: executing program 4 (id=640):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r2}, &(0x7f0000000300), &(0x7f0000000080)=r0}, 0x20)
recvmsg(r1, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)

4.834787756s ago: executing program 1 (id=643):
prlimit64(0xffffffffffffffff, 0xe, 0x0, 0x0)

4.663820691s ago: executing program 1 (id=645):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="070000000850fd9d7f00000000c8b476a9"], 0x0}, 0x80)
capset(0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffdfffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x15, 0xa, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0}, 0x90)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a)
ioctl$FS_IOC_RESVSP(r0, 0x40305839, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2})
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000080))
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$packet(0x11, 0x0, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x0, 0x0}, 0x10)
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f0000000200)='.\x00', 0x10000a0)
r3 = dup(r2)
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0x1e, 0x1, 0x8001, 0x3, 0x4, r3, 0x800, '\x00', 0x0, r3, 0x5, 0x2, 0x1}, 0xfffffc67)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x20, 0xff, 0xffffff5a, 0x200, 0x4a9, 0xffffffffffffffff, 0x6ab2, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x3}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x5, 0x8000, 0x3, 0x8, 0xffffffffffffffff, 0x9, '\x00', 0x0, r0, 0x1, 0x0, 0x2, 0xd}, 0x48)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r5 = fanotify_init(0x200, 0x0)
fanotify_mark(r5, 0x201, 0x4800003e, r4, 0x0)
open(&(0x7f0000000240)='./file0\x00', 0x80000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r6 = getpid()
sched_setscheduler(r6, 0x5, &(0x7f0000000580))

4.465098502s ago: executing program 3 (id=647):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x14, 0x1, 0x8, 0x5}, 0x14}}, 0x0)

4.21939785s ago: executing program 4 (id=650):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20000023896)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_GET_SECCOMP(0x15)
sendmsg$TIPC_CMD_GET_NETID(r3, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0xffffffff, @private2={0xfc, 0x2, '\x00', 0x1}, 0x20000004}, 0x1c)
socket$packet(0x11, 0x0, 0x300)
fsopen(&(0x7f0000000000)='rpc_pipefs\x00', 0x0)

4.086974766s ago: executing program 3 (id=651):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000140))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x3f, 0x0, &(0x7f0000000200)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040))
inotify_init()
open(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0xfffffdfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)

3.498638961s ago: executing program 1 (id=655):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r0}, &(0x7f0000000400), &(0x7f00000004c0)=r1}, 0x20)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setsockopt$IPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x61, 0x0, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001680)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@func={0x6}]}, {0x0, [0x0, 0x0, 0x0, 0x61, 0x2e]}}, 0x0, 0x2b}, 0x20)

3.14021836s ago: executing program 0 (id=657):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x6a, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffff12abaaaaaaaa0086dd602e5cea00343c00fc000000000000000000000000000000ff0200000000000000000000000000010003"], 0x0)

2.984824893s ago: executing program 0 (id=658):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
request_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000140)='#$*\x00', r4)
keyctl$restrict_keyring(0xa, r4, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:cb2e')

2.091564131s ago: executing program 4 (id=659):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9, 0x84}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r0}, 0x38)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000031c0000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000680), 0x0, 0x6c, r0}, 0x38)

960.283782ms ago: executing program 1 (id=660):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000340)={'tunl0\x00', &(0x7f00000002c0)={'ip_vti0\x00', 0x0, 0x8, 0x20, 0x7, 0xc10d, {{0x5, 0x4, 0x2, 0x7, 0x14, 0x67, 0x0, 0x7, 0x4, 0x0, @multicast2, @rand_addr=0x64010102}}}})

781.61035ms ago: executing program 0 (id=661):
keyctl$search(0xa, 0x0, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)

644.558944ms ago: executing program 0 (id=662):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x0, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1, 0x40005}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

335.806225ms ago: executing program 0 (id=663):
r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0)
r1 = open(0x0, 0x16d43e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r1, 0x0)
ftruncate(r1, 0x7fff)
io_setup(0x27, &(0x7f0000000100)=<r2=>0x0)
io_submit(r2, 0x2, &(0x7f00000002c0)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}, &(0x7f0000000280)={0x0, 0x0, 0x2, 0x2, 0x0, r0, 0x0, 0x0, 0xfffffffffffffffd}])

335.283613ms ago: executing program 4 (id=664):
setpriority(0x0, 0xffffffffffffffff, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000140))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x3f, 0x0, &(0x7f0000000200)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040))
inotify_init()
open(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, 0x0, 0x0)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0xfffffdfd, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f00000002c0)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0})

256.392849ms ago: executing program 1 (id=665):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x9, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

52.291988ms ago: executing program 0 (id=666):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f000000c400)={0x2020, 0x0, <r0=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f00000002c0)={0x50, 0x0, r0, {0x7, 0x1f, 0x0, 0x401408}}, 0x50)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
socket$nl_generic(0x10, 0x3, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
socket$unix(0x1, 0x0, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000000000), 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')

0s ago: executing program 1 (id=667):
r0 = socket$inet(0xa, 0x1, 0x0)
socket$packet(0x11, 0x0, 0x300)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000440)={&(0x7f0000000280), 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@gettclass={0x24, 0x2a, 0x100, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x9, 0x5}, {0xfff3, 0xc}, {0xf, 0xffff}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000b00)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000480)=@mangle={'mangle\x00', 0x44, 0x6, 0x418, 0x2b0, 0x2b0, 0x2b0, 0x138, 0x98, 0x380, 0x380, 0x380, 0x380, 0x380, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11, 0x0, 0x44}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @ECN={0x28}}, {{@ip={@loopback, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@broadcast, @empty, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@unspec=@mac={{0x30}, {@multicast}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x478)

kernel console output (not intermixed with test programs):

 14 endpoint 0x5 has an invalid bInterval 36, changing to 9
[  193.815871][ T7428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.821987][ T5273] usb 2-1: config 4 interface 231 altsetting 14 endpoint 0x5 has invalid maxpacket 1543, setting to 1024
[  193.842410][ T7428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.842436][ T7428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.842452][ T7428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.842465][ T7428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.891614][   T25] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  193.963521][ T7428] batman_adv: batadv0: Interface activated: batadv_slave_0
[  193.970433][ T5273] usb 2-1: config 4 interface 231 altsetting 14 has 1 endpoint descriptor, different from the interface descriptor's value: 7
[  194.005028][ T5273] usb 2-1: config 4 interface 109 has no altsetting 0
[  194.017273][ T5273] usb 2-1: config 4 interface 231 has no altsetting 0
[  194.036254][ T7428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.059882][ T7428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.064356][ T5273] usb 2-1: New USB device found, idVendor=13d3, idProduct=3341, bcdDevice=8f.75
[  194.089878][ T5273] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.092163][ T7428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.108696][ T5273] usb 2-1: Product: syz
[  194.108722][ T5273] usb 2-1: Manufacturer: 졬详눦嵰椸㾺榘꾌਱䲔ࠊᯥみ₾熍㫷矌▧㨾롤恵굟⥎ྖ대﨩騚ゴ挧ऽ暄葰鉚꒎ʝꢸ┏䅪ࢼ₤泓鏄ཱ캩꘩癁庈쭊⩚條䛲뛔ϒﷰ瀌痏匔㝭毖ᰞﭒ땮⚩캿뫾촔碛탹ꬄ౦Вꥒ舦鹭ഌ⿾읎睾⦲蓡⭻픗ಥ嗸竸⟽띖徛芬붋烴딑鸷䌺蕴芐⚭뵣瑝뛞喙蜦뎂㆔〿
[  194.108753][ T5273] usb 2-1: SerialNumber: syz
[  194.122439][ T7632] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  194.147748][   T25] usb 3-1: Using ep0 maxpacket: 32
[  194.169672][ T7428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.180176][ T7632] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  194.188915][   T25] usb 3-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  194.205395][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.217000][ T7428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.229827][   T25] usb 3-1: config 0 descriptor??
[  194.238845][   T25] gspca_main: sunplus-2.14.0 probing 0458:7006
[  194.245459][ T7428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.255646][ T7428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.274793][ T7664] FAULT_INJECTION: forcing a failure.
[  194.274793][ T7664] name failslab, interval 1, probability 0, space 0, times 0
[  194.288159][ T7664] CPU: 1 UID: 0 PID: 7664 Comm: syz.0.397 Not tainted 6.11.0-rc2-syzkaller-00239-g34ac1e82e5a7 #0
[  194.298958][ T7664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  194.309015][ T7664] Call Trace:
[  194.312304][ T7664]  <TASK>
[  194.315228][ T7664]  dump_stack_lvl+0x241/0x360
[  194.319932][ T7664]  ? __pfx_dump_stack_lvl+0x10/0x10
[  194.325136][ T7664]  ? __pfx__printk+0x10/0x10
[  194.329728][ T7664]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  194.335267][ T7664]  ? __pfx___might_resched+0x10/0x10
[  194.340561][ T7664]  should_fail_ex+0x3b0/0x4e0
[  194.345243][ T7664]  ? getname_flags+0xb7/0x540
[  194.349914][ T7664]  should_failslab+0xac/0x100
[  194.354589][ T7664]  ? getname_flags+0xb7/0x540
[  194.359348][ T7664]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  194.364724][ T7664]  getname_flags+0xb7/0x540
[  194.369237][ T7664]  do_sys_openat2+0xd2/0x1d0
[  194.374015][ T7664]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  194.380002][ T7664]  ? __pfx_do_sys_openat2+0x10/0x10
[  194.385197][ T7664]  ? __fget_files+0x3f6/0x470
[  194.389891][ T7664]  __ia32_compat_sys_openat+0x23f/0x290
[  194.395434][ T7664]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  194.401503][ T7664]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  194.408176][ T7664]  ? lockdep_hardirqs_on+0x99/0x150
[  194.413373][ T7664]  __do_fast_syscall_32+0xb4/0x110
[  194.418488][ T7664]  ? exc_page_fault+0x590/0x8c0
[  194.423345][ T7664]  do_fast_syscall_32+0x34/0x80
[  194.428193][ T7664]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  194.434514][ T7664] RIP: 0023:0xf7fb3579
[  194.438580][ T7664] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  194.458188][ T7664] RSP: 002b:00000000f576656c EFLAGS: 00000206 ORIG_RAX: 0000000000000127
[  194.466602][ T7664] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000200003c0
[  194.474573][ T7664] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  194.482546][ T7664] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  194.490511][ T7664] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  194.498483][ T7664] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  194.506457][ T7664]  </TASK>
[  194.511441][ T7428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.522249][ T7428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.555903][ T7428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.564601][ T5226] Bluetooth: hci5: command tx timeout
[  194.595090][ T7428] batman_adv: batadv0: Interface activated: batadv_slave_1
[  194.615094][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  194.631201][ T7428] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  194.652514][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  194.670158][ T5273] r8712u: register rtl8712_netdev_ops to netdev_ops
[  194.685562][ T5273] usb 2-1: r8712u: USB_SPEED_HIGH with 6 endpoints
[  194.694345][ T7428] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  194.696811][ T5273] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed
[  194.735880][ T7428] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  194.737984][ T5273] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  194.744727][ T7428] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  194.764452][   T25] gspca_sunplus: reg_w_riv err -71
[  194.770693][   T25] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  194.772894][ T5273] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  194.817560][   T25] usb 3-1: USB disconnect, device number 25
[  194.871203][ T5273] r8712u: register rtl8712_netdev_ops to netdev_ops
[  194.883281][ T5273] usb 2-1: r8712u: USB_SPEED_HIGH with 1 endpoints
[  194.892942][ T5273] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed
[  194.906904][ T5273] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  194.914591][ T5273] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  194.999197][ T5273] usb 2-1: USB disconnect, device number 22
[  195.164582][   T63] hsr_slave_0: left promiscuous mode
[  195.207595][   T63] hsr_slave_1: left promiscuous mode
[  195.223171][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  195.243248][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[  195.260096][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  195.271158][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[  195.352667][   T63] veth1_macvtap: left promiscuous mode
[  195.367376][   T63] veth0_macvtap: left promiscuous mode
[  195.389042][   T63] veth1_vlan: left promiscuous mode
[  195.395402][   T63] veth0_vlan: left promiscuous mode
[  195.570522][   T25] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  195.788594][   T25] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  195.810980][   T25] usb 1-1: config 7 has 1 interface, different from the descriptor's value: 2
[  195.837621][   T25] usb 1-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 0.84
[  195.854747][   T25] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  195.869080][   T25] usb 1-1: Product: syz
[  195.873300][   T25] usb 1-1: SerialNumber: syz
[  195.900755][   T25] rndis_host 1-1:7.0: skipping garbage
[  195.909348][   T25] usb 1-1: bad CDC descriptors
[  195.925060][   T25] option 1-1:7.0: GSM modem (1-port) converter detected
[  196.050382][   T63] team0 (unregistering): Port device team_slave_1 removed
[  196.087172][   T63] team0 (unregistering): Port device team_slave_0 removed
[  196.202246][   T25] usb 1-1: USB disconnect, device number 25
[  196.214231][   T25] option 1-1:7.0: device disconnected
[  196.535082][ T7673] netlink: 24 bytes leftover after parsing attributes in process `syz.2.399'.
[  196.606009][ T5226] Bluetooth: hci5: command tx timeout
[  196.694881][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.703025][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.894047][ T2934] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.920727][ T7705] netlink: 20 bytes leftover after parsing attributes in process `syz.0.404'.
[  196.931754][ T2934] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.952272][ T7705] netlink: 12 bytes leftover after parsing attributes in process `syz.0.404'.
[  196.964859][ T7622] chnl_net:caif_netlink_parms(): no params data found
[  196.969999][ T7705] netlink: 16 bytes leftover after parsing attributes in process `syz.0.404'.
[  197.394593][ T7622] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.417274][ T7622] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.443802][ T7622] bridge_slave_0: entered allmulticast mode
[  197.464029][ T7622] bridge_slave_0: entered promiscuous mode
[  197.524113][ T7622] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.557844][ T7622] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.565298][ T7622] bridge_slave_1: entered allmulticast mode
[  197.604501][ T7622] bridge_slave_1: entered promiscuous mode
[  197.683113][ T7737] FAULT_INJECTION: forcing a failure.
[  197.683113][ T7737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  197.714517][ T7737] CPU: 0 UID: 0 PID: 7737 Comm: syz.4.409 Not tainted 6.11.0-rc2-syzkaller-00239-g34ac1e82e5a7 #0
[  197.714548][ T7737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  197.714560][ T7737] Call Trace:
[  197.714568][ T7737]  <TASK>
[  197.714577][ T7737]  dump_stack_lvl+0x241/0x360
[  197.714611][ T7737]  ? __pfx_dump_stack_lvl+0x10/0x10
[  197.714638][ T7737]  ? __pfx__printk+0x10/0x10
[  197.714668][ T7737]  ? snprintf+0xda/0x120
[  197.714691][ T7737]  should_fail_ex+0x3b0/0x4e0
[  197.714717][ T7737]  _copy_to_user+0x2f/0xb0
[  197.714741][ T7737]  simple_read_from_buffer+0xca/0x150
[  197.714770][ T7737]  proc_fail_nth_read+0x1e9/0x250
[  197.714794][ T7737]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  197.714814][ T7737]  ? rw_verify_area+0x520/0x6b0
[  197.714835][ T7737]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  197.714859][ T7737]  vfs_read+0x204/0xbc0
[  197.714880][ T7737]  ? __pfx_lock_release+0x10/0x10
[  197.714911][ T7737]  ? __pfx_vfs_read+0x10/0x10
[  197.714934][ T7737]  ? __fget_files+0x29/0x470
[  197.714960][ T7737]  ? __fget_files+0x3f6/0x470
[  197.714997][ T7737]  ksys_read+0x1a0/0x2c0
[  197.715025][ T7737]  ? __pfx_ksys_read+0x10/0x10
[  197.715051][ T7737]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  197.715074][ T7737]  ? lockdep_hardirqs_on+0x99/0x150
[  197.715097][ T7737]  __do_fast_syscall_32+0xb4/0x110
[  197.715117][ T7737]  ? exc_page_fault+0x590/0x8c0
[  197.715142][ T7737]  do_fast_syscall_32+0x34/0x80
[  197.715167][ T7737]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  197.715187][ T7737] RIP: 0023:0xf7fd6579
[  197.715205][ T7737] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  197.715220][ T7737] RSP: 002b:00000000f57865a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  197.715241][ T7737] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5786620
[  197.715254][ T7737] RDX: 000000000000000f RSI: 00000000f745cff4 RDI: 0000000000000000
[  197.715266][ T7737] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  197.715277][ T7737] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  197.715289][ T7737] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  197.715316][ T7737]  </TASK>
[  197.781785][ T7622] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  197.785048][ T7622] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  197.926188][    T9] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  198.169837][ T7622] team0: Port device team_slave_0 added
[  198.187716][ T7622] team0: Port device team_slave_1 added
[  198.227954][ T7744] netlink: 24 bytes leftover after parsing attributes in process `syz.4.411'.
[  198.240547][ T7622] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.252441][ T7622] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.280653][ T7622] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  198.295725][ T7622] batman_adv: batadv0: Adding interface: batadv_slave_1
[  198.302857][ T5234] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  198.311507][ T7622] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.315942][    T9] usb 1-1: Using ep0 maxpacket: 32
[  198.337488][    C1] vkms_vblank_simulate: vblank timer overrun
[  198.347078][ T7622] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  198.383229][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  198.399363][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  198.427132][    T9] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  198.442270][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.472644][    T9] usb 1-1: config 0 descriptor??
[  198.500849][    T9] hub 1-1:0.0: USB hub found
[  198.518071][ T5234] usb 2-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  198.536498][ T5234] usb 2-1: config 7 has 1 interface, different from the descriptor's value: 2
[  198.555738][ T5234] usb 2-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 0.84
[  198.565547][ T5234] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  198.581692][ T7622] hsr_slave_0: entered promiscuous mode
[  198.608720][ T5234] usb 2-1: Product: syz
[  198.612616][ T7622] hsr_slave_1: entered promiscuous mode
[  198.618494][ T5234] usb 2-1: SerialNumber: syz
[  198.632354][ T5234] rndis_host 2-1:7.0: skipping garbage
[  198.647538][ T5234] usb 2-1: bad CDC descriptors
[  198.655500][ T7622] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  198.658910][ T5234] option 2-1:7.0: GSM modem (1-port) converter detected
[  198.678467][ T7622] Cannot create hsr debugfs directory
[  198.686225][ T5226] Bluetooth: hci5: command tx timeout
[  198.716627][    T9] hub 1-1:0.0: 1 port detected
[  198.945899][   T25] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  199.024951][ T5234] usb 2-1: USB disconnect, device number 23
[  199.038406][ T5234] option 2-1:7.0: device disconnected
[  199.171505][   T25] usb 5-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  199.202353][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.212958][   T25] usb 5-1: Product: syz
[  199.217835][   T25] usb 5-1: Manufacturer: syz
[  199.222458][   T25] usb 5-1: SerialNumber: syz
[  199.239031][   T25] usb 5-1: config 0 descriptor??
[  199.256059][   T25] i2c-tiny-usb 5-1:0.0: version 6d.cc found at bus 005 address 015
[  199.389603][  T941] hub 1-1:0.0: activate --> -90
[  199.656929][   T25]  (null): failure reading functionality
[  199.668397][   T46] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  199.692978][   T25] i2c i2c-1: connected i2c-tiny-usb device
[  199.767389][ T7622] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  199.791985][ T7622] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  199.811472][  T941] usb 1-1-port1: config error
[  199.829606][  T941] usb 1-1-port1: cannot disable (err = -71)
[  199.836904][   T25] usb 1-1: USB disconnect, device number 26
[  199.851920][ T7622] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  199.896352][   T46] usb 3-1: Using ep0 maxpacket: 8
[  199.918754][   T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  199.921419][ T7622] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  199.975003][   T46] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  200.015428][   T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.038355][   T46] usb 3-1: config 0 descriptor??
[  200.080125][ T5234] usb 5-1: USB disconnect, device number 15
[  200.267792][   T46] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  200.362784][ T7622] 8021q: adding VLAN 0 to HW filter on device bond0
[  200.432585][ T7622] 8021q: adding VLAN 0 to HW filter on device team0
[  200.488376][ T7794] FAULT_INJECTION: forcing a failure.
[  200.488376][ T7794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  200.509533][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.516788][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.531748][ T7794] CPU: 0 UID: 0 PID: 7794 Comm: syz.0.421 Not tainted 6.11.0-rc2-syzkaller-00239-g34ac1e82e5a7 #0
[  200.542560][ T7794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  200.552643][ T7794] Call Trace:
[  200.555945][ T7794]  <TASK>
[  200.558893][ T7794]  dump_stack_lvl+0x241/0x360
[  200.563597][ T7794]  ? __pfx_dump_stack_lvl+0x10/0x10
[  200.568822][ T7794]  ? __pfx__printk+0x10/0x10
[  200.573529][ T7794]  ? __pfx_lock_release+0x10/0x10
[  200.578676][ T7794]  should_fail_ex+0x3b0/0x4e0
[  200.583464][ T7794]  _copy_from_user+0x2f/0xe0
[  200.588073][ T7794]  get_compat_msghdr+0xae/0x730
[  200.592927][ T7794]  ? __fget_files+0x29/0x470
[  200.597538][ T7794]  ? __pfx_get_compat_msghdr+0x10/0x10
[  200.603006][ T7794]  ? __fget_files+0x3f6/0x470
[  200.607704][ T7794]  __sys_sendmmsg+0x46e/0x740
[  200.612393][ T7794]  ? __pfx___sys_sendmmsg+0x10/0x10
[  200.617593][ T7794]  ? __pfx_lock_acquire+0x10/0x10
[  200.622713][ T7794]  ? get_pid_task+0x23/0x1f0
[  200.627325][ T7794]  ? __pfx_lock_release+0x10/0x10
[  200.632456][ T7794]  ? kstrtouint_from_user+0x128/0x190
[  200.637856][ T7794]  ? __pfx_lock_release+0x10/0x10
[  200.642892][ T7794]  ? __mutex_unlock_slowpath+0x21d/0x750
[  200.648530][ T7794]  ? __fget_files+0x3f6/0x470
[  200.653208][ T7794]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  200.659189][ T7794]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  200.665516][ T7794]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[  200.671144][ T7794]  __do_fast_syscall_32+0xb4/0x110
[  200.676258][ T7794]  ? exc_page_fault+0x590/0x8c0
[  200.681107][ T7794]  do_fast_syscall_32+0x34/0x80
[  200.685961][ T7794]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  200.692298][ T7794] RIP: 0023:0xf7fb3579
[  200.696365][ T7794] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  200.716052][ T7794] RSP: 002b:00000000f576656c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[  200.724478][ T7794] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020004600
[  200.732447][ T7794] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  200.740417][ T7794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  200.748387][ T7794] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  200.756352][ T7794] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  200.764357][ T7794]  </TASK>
[  200.797281][ T5226] Bluetooth: hci5: command tx timeout
[  200.818888][ T1114] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.826100][ T1114] bridge0: port 2(bridge_slave_1) entered forwarding state
[  201.035307][ T7797] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  201.083094][ T7797] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  201.172493][ T7622] 8021q: adding VLAN 0 to HW filter on device batadv0
[  201.400124][ T7622] veth0_vlan: entered promiscuous mode
[  201.434562][ T7622] veth1_vlan: entered promiscuous mode
[  201.561783][ T7622] veth0_macvtap: entered promiscuous mode
[  201.621904][ T7622] veth1_macvtap: entered promiscuous mode
[  201.694825][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.727703][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.762905][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.783875][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.805695][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.842931][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.876031][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.917989][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.950044][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.985829][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.018996][ T7622] batman_adv: batadv0: Interface activated: batadv_slave_0
[  202.071063][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.099402][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.140812][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.186113][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.238280][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.278895][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.319045][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.355180][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.388613][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.419356][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.455632][ T7622] batman_adv: batadv0: Interface activated: batadv_slave_1
[  202.529038][ T7622] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  202.560171][ T7622] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  202.592742][ T7622] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  202.623122][ T7622] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  202.854498][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  202.890412][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  202.954571][   T29] audit: type=1326 audit(1723342075.773:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7832 comm="syz.1.427" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ad579 code=0x0
[  202.997054][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  203.007664][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  203.242359][ T7837] netlink: 16 bytes leftover after parsing attributes in process `syz.3.385'.
[  203.526033][ T5272] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  203.686700][ T5234] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  203.728901][ T5272] usb 5-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  203.769795][ T5272] usb 5-1: config 7 has 1 interface, different from the descriptor's value: 2
[  203.800610][ T5272] usb 5-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 0.84
[  203.824894][ T5272] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  203.843507][ T5272] usb 5-1: Product: syz
[  203.851336][ T5272] usb 5-1: SerialNumber: syz
[  203.877426][ T5272] rndis_host 5-1:7.0: skipping garbage
[  203.896846][ T5272] usb 5-1: bad CDC descriptors
[  203.898799][ T5234] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  203.920015][ T5234] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  203.920950][ T5272] option 5-1:7.0: GSM modem (1-port) converter detected
[  203.941433][ T5234] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  203.971264][ T5234] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  204.039231][ T5234] usb 4-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=d1.41
[  204.054496][ T5234] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.075949][ T5234] usb 4-1: Product: syz
[  204.080254][ T5234] usb 4-1: Manufacturer: syz
[  204.095946][   T46] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  204.107092][ T5234] usb 4-1: SerialNumber: syz
[  204.126548][ T5234] usb 4-1: config 0 descriptor??
[  204.134000][ T5234] usb 4-1: ucan: probing device on interface #0
[  204.152057][ T5234] usb 4-1: ucan: invalid endpoint configuration
[  204.159149][ T5234] usb 4-1: ucan: probe failed; try to update the device firmware
[  204.272232][ T7864] netlink: 24 bytes leftover after parsing attributes in process `syz.0.433'.
[  204.312859][ T5281] usb 5-1: USB disconnect, device number 16
[  204.326767][ T5281] option 5-1:7.0: device disconnected
[  204.332856][   T46] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[  204.363869][   T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 45, changing to 9
[  204.386753][   T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24942, setting to 1024
[  204.386840][ T5273] usb 4-1: USB disconnect, device number 29
[  204.400714][   T46] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  204.437454][   T46] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  204.457442][   T46] usb 2-1: Manufacturer: syz
[  204.475147][   T46] usb 2-1: config 0 descriptor??
[  204.489315][   T46] igorplugusb 2-1:0.0: endpoint incorrect
[  204.863049][   T46] usb 3-1: USB disconnect, device number 26
[  204.898716][   T46] iowarrior 3-1:0.0: I/O-Warror #0 now disconnected
[  205.178561][ T7880] netlink: 4 bytes leftover after parsing attributes in process `syz.4.437'.
[  205.237504][ T2934] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.398544][ T2934] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.488525][ T2934] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.562536][ T5281] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  205.619365][ T2934] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.782676][ T5281] usb 4-1: Using ep0 maxpacket: 32
[  205.809922][ T5281] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  205.833680][ T5281] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.860083][ T5281] usb 4-1: Product: syz
[  205.863497][ T2934] bridge_slave_1: left allmulticast mode
[  205.865595][ T5281] usb 4-1: Manufacturer: syz
[  205.879671][ T5281] usb 4-1: SerialNumber: syz
[  205.894053][ T2934] bridge_slave_1: left promiscuous mode
[  205.906236][ T2934] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.908627][ T5281] usb 4-1: config 0 descriptor??
[  205.931882][ T2934] bridge_slave_0: left allmulticast mode
[  205.942392][ T2934] bridge_slave_0: left promiscuous mode
[  205.952965][ T2934] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.122447][ T7882] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.155672][ T7882] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.571222][ T5281] rtl8150 4-1:0.0: couldn't reset the device
[  206.593807][ T5281] rtl8150 4-1:0.0: probe with driver rtl8150 failed with error -5
[  206.640892][ T5281] usb 4-1: USB disconnect, device number 30
[  206.787907][ T5272] usb 2-1: USB disconnect, device number 24
[  206.892620][ T7907] FAULT_INJECTION: forcing a failure.
[  206.892620][ T7907] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.920150][   T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  206.934419][   T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  206.943801][   T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  206.961121][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  206.970316][   T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  206.972336][ T7907] CPU: 0 UID: 0 PID: 7907 Comm: syz.0.446 Not tainted 6.11.0-rc2-syzkaller-00239-g34ac1e82e5a7 #0
[  206.987879][ T7907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  206.990659][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  206.997930][ T7907] Call Trace:
[  206.997946][ T7907]  <TASK>
[  206.997955][ T7907]  dump_stack_lvl+0x241/0x360
[  206.997988][ T7907]  ? __pfx_dump_stack_lvl+0x10/0x10
[  206.998011][ T7907]  ? __pfx__printk+0x10/0x10
[  207.025632][ T7907]  ? __pfx_lock_release+0x10/0x10
[  207.030692][ T7907]  should_fail_ex+0x3b0/0x4e0
[  207.035407][ T7907]  _copy_from_iter+0x1f6/0x1960
[  207.040301][ T7907]  ? __virt_addr_valid+0x183/0x530
[  207.045453][ T7907]  ? __pfx_lock_release+0x10/0x10
[  207.050516][ T7907]  ? __alloc_skb+0x28f/0x440
[  207.055134][ T7907]  ? __pfx__copy_from_iter+0x10/0x10
[  207.060444][ T7907]  ? __virt_addr_valid+0x183/0x530
[  207.065568][ T7907]  ? __virt_addr_valid+0x183/0x530
[  207.070704][ T7907]  ? __virt_addr_valid+0x45f/0x530
[  207.075843][ T7907]  ? __check_object_size+0x49c/0x900
[  207.081158][ T7907]  netlink_sendmsg+0x73d/0xcb0
[  207.085952][ T7907]  ? __pfx_netlink_sendmsg+0x10/0x10
[  207.091244][ T7907]  ? aa_sock_msg_perm+0x91/0x160
[  207.096175][ T7907]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  207.101453][ T7907]  ? security_socket_sendmsg+0x87/0xb0
[  207.106901][ T7907]  ? __pfx_netlink_sendmsg+0x10/0x10
[  207.112169][ T7907]  __sock_sendmsg+0x221/0x270
[  207.116842][ T7907]  ____sys_sendmsg+0x525/0x7d0
[  207.121616][ T7907]  ? __pfx_____sys_sendmsg+0x10/0x10
[  207.126891][ T7907]  __sys_sendmsg+0x2b0/0x3a0
[  207.131646][ T7907]  ? __pfx___sys_sendmsg+0x10/0x10
[  207.136735][ T7907]  ? vfs_write+0x7c4/0xc90
[  207.141156][ T7907]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  207.147736][ T7907]  ? lockdep_hardirqs_on+0x99/0x150
[  207.152944][ T7907]  __do_fast_syscall_32+0xb4/0x110
[  207.158064][ T7907]  ? exc_page_fault+0x590/0x8c0
[  207.162918][ T7907]  do_fast_syscall_32+0x34/0x80
[  207.167767][ T7907]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  207.174093][ T7907] RIP: 0023:0xf7fb3579
[  207.178150][ T7907] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  207.197744][ T7907] RSP: 002b:00000000f572456c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  207.206142][ T7907] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000780
[  207.214096][ T7907] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  207.222053][ T7907] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  207.230017][ T7907] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  207.237971][ T7907] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  207.246020][ T7907]  </TASK>
[  207.390001][ T2934] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  207.404467][ T2934] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  207.444177][ T2934] bond0 (unregistering): Released all slaves
[  207.475679][ T7900] netlink: 24 bytes leftover after parsing attributes in process `syz.4.445'.
[  207.588461][ T5272] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  207.848493][ T5272] usb 2-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  207.888419][ T5272] usb 2-1: config 7 has 1 interface, different from the descriptor's value: 2
[  207.908830][ T5272] usb 2-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 0.84
[  207.921478][ T5272] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  207.930359][ T5272] usb 2-1: Product: syz
[  207.934640][ T5272] usb 2-1: SerialNumber: syz
[  207.953232][ T5272] rndis_host 2-1:7.0: skipping garbage
[  207.959010][ T5272] usb 2-1: bad CDC descriptors
[  207.966207][ T5272] option 2-1:7.0: GSM modem (1-port) converter detected
[  208.044531][   T25] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  208.266832][   T25] usb 5-1: Using ep0 maxpacket: 32
[  208.284149][ T2934] hsr_slave_0: left promiscuous mode
[  208.325686][   T25] usb 5-1: config 0 has an invalid interface number: 111 but max is 1
[  208.340602][ T2934] hsr_slave_1: left promiscuous mode
[  208.359539][ T2934] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  208.364579][   T25] usb 5-1: config 0 has no interface number 1
[  208.392435][ T2934] batman_adv: batadv0: Removing interface: batadv_slave_0
[  208.433465][   T25] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83
[  208.452222][ T2934] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  208.459059][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.473198][ T5272] usb 2-1: USB disconnect, device number 25
[  208.491259][ T5272] option 2-1:7.0: device disconnected
[  208.497786][   T25] usb 5-1: Product: syz
[  208.497812][   T25] usb 5-1: Manufacturer: syz
[  208.497828][   T25] usb 5-1: SerialNumber: syz
[  208.512551][ T2934] batman_adv: batadv0: Removing interface: batadv_slave_1
[  208.545326][   T25] usb 5-1: config 0 descriptor??
[  208.608993][ T2934] veth1_macvtap: left promiscuous mode
[  208.617098][ T2934] veth0_macvtap: left promiscuous mode
[  208.623237][ T2934] veth1_vlan: left promiscuous mode
[  208.629422][ T2934] veth0_vlan: left promiscuous mode
[  208.798772][   T25] snd-usb-6fire 5-1:0.111: unable to receive device firmware state.
[  208.820453][   T25] snd-usb-6fire 5-1:0.111: probe with driver snd-usb-6fire failed with error -71
[  208.837170][   T25] usb 5-1: USB disconnect, device number 17
[  209.008354][ T5226] Bluetooth: hci4: command tx timeout
[  209.473790][ T2934] team0 (unregistering): Port device team_slave_1 removed
[  209.587633][ T2934] team0 (unregistering): Port device team_slave_0 removed
[  209.947970][ T5281] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  210.141291][ T5281] usb 5-1: Using ep0 maxpacket: 32
[  210.154827][ T5281] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  210.173652][ T5281] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  210.193315][ T5281] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  210.211737][ T5281] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  210.227071][ T5281] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.256009][ T5281] usb 5-1: config 0 descriptor??
[  210.261852][ T7968] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  210.281834][ T5281] hub 5-1:0.0: USB hub found
[  210.363255][ T7940] netlink: 24 bytes leftover after parsing attributes in process `syz.0.452'.
[  210.465712][ T7909] chnl_net:caif_netlink_parms(): no params data found
[  210.602984][ T5281] hub 5-1:0.0: 2 ports detected
[  210.850991][ T7909] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.880379][ T7909] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.913828][ T7909] bridge_slave_0: entered allmulticast mode
[  210.922859][ T7909] bridge_slave_0: entered promiscuous mode
[  210.940241][ T7909] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.948873][ T7909] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.956660][ T7909] bridge_slave_1: entered allmulticast mode
[  210.965675][ T7909] bridge_slave_1: entered promiscuous mode
[  211.006025][   T25] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  211.046638][ T7909] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  211.069991][ T7909] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  211.086012][ T5226] Bluetooth: hci4: command tx timeout
[  211.186432][   T25] usb 2-1: Using ep0 maxpacket: 8
[  211.211399][   T25] usb 2-1: config 4 has an invalid interface number: 109 but max is 3
[  211.226176][ T7909] team0: Port device team_slave_0 added
[  211.234992][   T25] usb 2-1: config 4 has an invalid interface number: 231 but max is 3
[  211.249368][ T7909] team0: Port device team_slave_1 added
[  211.255416][   T25] usb 2-1: config 4 has an invalid interface descriptor of length 6, skipping
[  211.290045][   T25] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  211.300643][   T25] usb 2-1: config 4 has 2 interfaces, different from the descriptor's value: 4
[  211.310046][   T25] usb 2-1: config 4 has no interface number 0
[  211.316525][   T25] usb 2-1: config 4 has no interface number 1
[  211.322692][   T25] usb 2-1: config 4 interface 109 altsetting 7 endpoint 0xE has invalid maxpacket 959, setting to 64
[  211.345352][ T7909] batman_adv: batadv0: Adding interface: batadv_slave_0
[  211.353213][   T25] usb 2-1: config 4 interface 109 altsetting 7 endpoint 0x9 has invalid maxpacket 1023, setting to 64
[  211.374776][ T7909] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.420177][   T25] usb 2-1: config 4 interface 109 altsetting 7 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  211.432131][   T25] usb 2-1: config 4 interface 109 altsetting 7 has a duplicate endpoint with address 0xE, skipping
[  211.444154][ T7909] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  211.474246][   T25] usb 2-1: config 4 interface 109 altsetting 7 endpoint 0x7 has invalid maxpacket 1967, setting to 64
[  211.499915][ T7909] batman_adv: batadv0: Adding interface: batadv_slave_1
[  211.507465][   T25] usb 2-1: config 4 interface 109 altsetting 7 has a duplicate endpoint with address 0x1, skipping
[  211.518411][ T7909] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.544973][   T25] usb 2-1: config 4 interface 109 altsetting 7 has a duplicate endpoint with address 0x8E, skipping
[  211.562245][   T25] usb 2-1: config 4 interface 109 altsetting 7 has a duplicate endpoint with address 0x1, skipping
[  211.583408][ T7909] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  211.602779][   T25] usb 2-1: config 4 interface 109 altsetting 7 endpoint 0x6 has invalid maxpacket 1415, setting to 1024
[  211.622459][   T25] usb 2-1: config 4 interface 109 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 1024
[  211.645401][   T25] usb 2-1: config 4 interface 109 altsetting 7 has an endpoint descriptor with address 0x94, changing to 0x84
[  211.697044][   T25] usb 2-1: config 4 interface 109 altsetting 7 has a duplicate endpoint with address 0x9, skipping
[  211.715878][   T25] usb 2-1: config 4 interface 231 altsetting 14 endpoint 0x5 has an invalid bInterval 36, changing to 9
[  211.766657][   T25] usb 2-1: config 4 interface 231 altsetting 14 endpoint 0x5 has invalid maxpacket 1543, setting to 1024
[  211.795978][   T25] usb 2-1: config 4 interface 231 altsetting 14 has 1 endpoint descriptor, different from the interface descriptor's value: 7
[  211.819528][ T7909] hsr_slave_0: entered promiscuous mode
[  211.826295][   T25] usb 2-1: config 4 interface 109 has no altsetting 0
[  211.835991][ T7909] hsr_slave_1: entered promiscuous mode
[  211.842356][   T25] usb 2-1: config 4 interface 231 has no altsetting 0
[  211.856138][ T7909] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  211.863562][   T25] usb 2-1: New USB device found, idVendor=13d3, idProduct=3341, bcdDevice=8f.75
[  211.863721][ T7909] Cannot create hsr debugfs directory
[  211.885837][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.907190][   T25] usb 2-1: Product: syz
[  211.911520][   T25] usb 2-1: Manufacturer: 졬详눦嵰椸㾺榘꾌਱䲔ࠊᯥみ₾熍㫷矌▧㨾롤恵굟⥎ྖ대﨩騚ゴ挧ऽ暄葰鉚꒎ʝꢸ┏䅪ࢼ₤泓鏄ཱ캩꘩癁庈쭊⩚條䛲뛔ϒﷰ瀌痏匔㝭毖ᰞﭒ땮⚩캿뫾촔碛탹ꬄ౦Вꥒ舦鹭ഌ⿾읎睾⦲蓡⭻픗ಥ嗸竸⟽띖徛芬붋烴딑鸷䌺蕴芐⚭뵣瑝뛞喙蜦뎂㆔〿
[  211.946954][ T5281] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  212.014474][    C1] vxcan0: j1939_tp_rxtimer: 0xffff888024d73400: rx timeout, send abort
[  212.023539][    C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff888024d73400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  212.042167][   T25] usb 2-1: SerialNumber: syz
[  212.071507][ T7986] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  212.079417][ T7986] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  212.152731][ T5281] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  212.162228][ T5281] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.191141][ T7968] trusted_key: syz.4.457 sent an empty control message without MSG_MORE.
[  212.218045][ T5281] usb 4-1: config 0 descriptor??
[  212.358016][   T58] usb 5-1: USB disconnect, device number 18
[  212.408478][   T25] r8712u: register rtl8712_netdev_ops to netdev_ops
[  212.450768][   T25] usb 2-1: r8712u: USB_SPEED_HIGH with 6 endpoints
[  212.482386][   T25] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed
[  212.498441][   T25] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  212.524986][   T25] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  212.589004][   T25] r8712u: register rtl8712_netdev_ops to netdev_ops
[  212.616901][   T25] usb 2-1: r8712u: USB_SPEED_HIGH with 1 endpoints
[  212.633674][   T25] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed
[  212.641207][   T25] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  212.659325][   T25] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  212.706311][   T25] usb 2-1: USB disconnect, device number 26
[  212.714685][ T5281] usb 4-1: Cannot set MAC address
[  212.728571][ T5281] MOSCHIP usb-ethernet driver 4-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  212.809379][ T5281] usb 4-1: USB disconnect, device number 31
[  213.127480][ T8033] FAULT_INJECTION: forcing a failure.
[  213.127480][ T8033] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.164588][ T8033] CPU: 0 UID: 0 PID: 8033 Comm: syz.4.469 Not tainted 6.11.0-rc2-syzkaller-00239-g34ac1e82e5a7 #0
[  213.173002][ T7909] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  213.175203][ T8033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  213.175218][ T8033] Call Trace:
[  213.175227][ T8033]  <TASK>
[  213.175236][ T8033]  dump_stack_lvl+0x241/0x360
[  213.202846][ T8033]  ? __pfx_dump_stack_lvl+0x10/0x10
[  213.208083][ T8033]  ? __pfx__printk+0x10/0x10
[  213.212709][ T8033]  ? snprintf+0xda/0x120
[  213.216980][ T8033]  should_fail_ex+0x3b0/0x4e0
[  213.221688][ T8033]  _copy_to_user+0x2f/0xb0
[  213.226134][ T8033]  simple_read_from_buffer+0xca/0x150
[  213.231545][ T8033]  proc_fail_nth_read+0x1e9/0x250
[  213.236612][ T8033]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  213.242196][ T8033]  ? rw_verify_area+0x520/0x6b0
[  213.247077][ T8033]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  213.252642][ T8033]  vfs_read+0x204/0xbc0
[  213.256838][ T8033]  ? __pfx_vfs_read+0x10/0x10
[  213.261556][ T8033]  ? __ia32_compat_sys_newfstat+0x16a/0x1c0
[  213.267486][ T8033]  ? __pfx___ia32_compat_sys_newfstat+0x10/0x10
[  213.273773][ T8033]  ksys_read+0x1a0/0x2c0
[  213.278050][ T8033]  ? __pfx_ksys_read+0x10/0x10
[  213.282845][ T8033]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  213.289470][ T8033]  ? lockdep_hardirqs_on+0x99/0x150
[  213.294706][ T8033]  __do_fast_syscall_32+0xb4/0x110
[  213.299850][ T8033]  ? exc_page_fault+0x590/0x8c0
[  213.304734][ T8033]  do_fast_syscall_32+0x34/0x80
[  213.309628][ T8033]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  213.315981][ T8033] RIP: 0023:0xf7fd6579
[  213.320072][ T8033] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  213.339706][ T8033] RSP: 002b:00000000f57865a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  213.348322][ T8033] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5786620
[  213.356409][ T8033] RDX: 000000000000000f RSI: 00000000f745cff4 RDI: 0000000000000000
[  213.364403][ T8033] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  213.372402][ T8033] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  213.380399][ T8033] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  213.388500][ T8033]  </TASK>
[  213.401400][ T7909] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  213.416478][ T5226] Bluetooth: hci4: command tx timeout
[  213.500721][ T7909] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  213.539935][ T8038] netlink: 60 bytes leftover after parsing attributes in process `syz.1.471'.
[  213.569072][ T7909] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  213.694805][ T8046] netlink: 20 bytes leftover after parsing attributes in process `syz.3.473'.
[  213.871630][ T8047] netlink: 24 bytes leftover after parsing attributes in process `syz.0.472'.
[  213.902656][ T8050] FAULT_INJECTION: forcing a failure.
[  213.902656][ T8050] name failslab, interval 1, probability 0, space 0, times 0
[  213.920413][ T8048] hub 9-0:1.0: USB hub found
[  213.927113][ T8048] hub 9-0:1.0: 8 ports detected
[  213.927153][ T8050] CPU: 0 UID: 0 PID: 8050 Comm: syz.4.475 Not tainted 6.11.0-rc2-syzkaller-00239-g34ac1e82e5a7 #0
[  213.932013][ T8050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  213.932049][ T8050] Call Trace:
[  213.932058][ T8050]  <TASK>
[  213.932066][ T8050]  dump_stack_lvl+0x241/0x360
[  213.932101][ T8050]  ? __pfx_dump_stack_lvl+0x10/0x10
[  213.932125][ T8050]  ? __pfx__printk+0x10/0x10
[  213.932152][ T8050]  ? fs_reclaim_acquire+0x93/0x140
[  213.932177][ T8050]  ? __pfx___might_resched+0x10/0x10
[  213.932205][ T8050]  should_fail_ex+0x3b0/0x4e0
[  213.932229][ T8050]  ? tomoyo_encode+0x26f/0x540
[  213.932251][ T8050]  should_failslab+0xac/0x100
[  213.932278][ T8050]  ? tomoyo_encode+0x26f/0x540
[  213.932298][ T8050]  __kmalloc_noprof+0xd8/0x400
[  213.932323][ T8050]  tomoyo_encode+0x26f/0x540
[  213.932352][ T8050]  tomoyo_realpath_from_path+0x59e/0x5e0
[  213.932388][ T8050]  tomoyo_path_perm+0x2b7/0x740
[  213.932410][ T8050]  ? aa_get_newest_label+0xff/0x6f0
[  213.932432][ T8050]  ? tomoyo_path_perm+0x287/0x740
[  213.932450][ T8050]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  213.932478][ T8050]  ? from_kgid+0x1a7/0x730
[  213.932519][ T8050]  ? apparmor_capable+0x138/0x1b0
[  213.932545][ T8050]  ? security_capable+0x90/0xb0
[  213.932571][ T8050]  security_path_chroot+0x65/0x90
[  213.932599][ T8050]  __se_sys_chroot+0x1c5/0x2b0
[  213.932627][ T8050]  ? __pfx___se_sys_chroot+0x10/0x10
[  213.932656][ T8050]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  213.932681][ T8050]  ? lockdep_hardirqs_on+0x99/0x150
[  213.932709][ T8050]  __do_fast_syscall_32+0xb4/0x110
[  213.932736][ T8050]  ? exc_page_fault+0x590/0x8c0
[  213.932778][ T8050]  do_fast_syscall_32+0x34/0x80
[  213.932802][ T8050]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  213.932824][ T8050] RIP: 0023:0xf7fd6579
[  213.932842][ T8050] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  213.932858][ T8050] RSP: 002b:00000000f578656c EFLAGS: 00000206 ORIG_RAX: 000000000000003d
[  213.932880][ T8050] RAX: ffffffffffffffda RBX: 00000000200000c0 RCX: 0000000000000000
[  213.932894][ T8050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  213.932907][ T8050] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  213.932919][ T8050] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  213.932929][ T8050] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  213.932953][ T8050]  </TASK>
[  213.944160][ T8050] ERROR: Out of memory at tomoyo_realpath_from_path.
[  213.946126][ T5272] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  214.243801][ T7909] 8021q: adding VLAN 0 to HW filter on device bond0
[  214.331580][ T7909] 8021q: adding VLAN 0 to HW filter on device team0
[  214.378209][ T5272] usb 2-1: Using ep0 maxpacket: 8
[  214.388275][ T5272] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  214.398418][ T5272] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  214.413715][ T2531] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.421007][ T2531] bridge0: port 1(bridge_slave_0) entered forwarding state
[  214.436374][ T5272] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  214.465825][ T2531] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.473045][ T2531] bridge0: port 2(bridge_slave_1) entered forwarding state
[  214.479472][ T5272] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  214.517202][ T5272] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  214.554833][ T5272] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.737930][ T7909] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  214.776102][ T5275] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  214.808375][ T5272] usb 2-1: GET_CAPABILITIES returned 0
[  214.826269][ T5272] usbtmc 2-1:16.0: can't read capabilities
[  214.870113][ T7909] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.988100][ T5275] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  215.012288][ T7909] veth0_vlan: entered promiscuous mode
[  215.030066][ T5275] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  215.052857][ T7909] veth1_vlan: entered promiscuous mode
[  215.097885][ T5275] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  215.129607][ T5275] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  215.138136][   T25] usb 2-1: USB disconnect, device number 27
[  215.168599][ T5275] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  215.207340][ T7909] veth0_macvtap: entered promiscuous mode
[  215.213268][ T5275] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.229450][ T5275] usb 1-1: config 0 descriptor??
[  215.235107][ T7909] veth1_macvtap: entered promiscuous mode
[  215.244793][ T8059] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  215.305970][ T5281] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  215.322697][ T7909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.343727][ T7909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.354540][ T7909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.371711][ T7909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.382721][ T7909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.394163][ T7909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.410811][ T7909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.427108][ T7909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.439524][ T7909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.450353][ T7909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.481996][ T7909] batman_adv: batadv0: Interface activated: batadv_slave_0
[  215.490833][ T5226] Bluetooth: hci4: command tx timeout
[  215.511275][ T5281] usb 4-1: config 0 has an invalid interface number: 242 but max is 0
[  215.535900][ T5281] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  215.538175][ T7909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.565589][ T7909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.567563][ T5281] usb 4-1: config 0 has no interface number 0
[  215.594658][ T7909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.602316][ T5281] usb 4-1: config 0 interface 242 altsetting 1 endpoint 0xF has an invalid bInterval 0, changing to 7
[  215.605514][ T7909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.619650][ T5281] usb 4-1: config 0 interface 242 altsetting 1 endpoint 0xA has invalid maxpacket 512, setting to 64
[  215.637796][ T5281] usb 4-1: config 0 interface 242 altsetting 1 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  215.650474][ T7909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.661688][ T5281] usb 4-1: config 0 interface 242 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  215.674383][ T7909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.680476][ T5275] plantronics 0003:047F:FFFF.0013: No inputs registered, leaving
[  215.687498][ T5281] usb 4-1: config 0 interface 242 altsetting 1 has an endpoint descriptor with address 0x93, changing to 0x83
[  215.717172][ T7909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.721263][ T5275] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  215.757045][ T7909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.776385][ T5281] usb 4-1: config 0 interface 242 altsetting 1 bulk endpoint 0x83 has invalid maxpacket 16
[  215.795854][ T7909] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.808228][ T5281] usb 4-1: config 0 interface 242 altsetting 1 has 6 endpoint descriptors, different from the interface descriptor's value: 15
[  215.843116][ T7909] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.857783][ T5281] usb 4-1: config 0 interface 242 has no altsetting 0
[  215.880971][ T5281] usb 4-1: New USB device found, idVendor=8b63, idProduct=6fac, bcdDevice=80.95
[  215.893117][ T7909] batman_adv: batadv0: Interface activated: batadv_slave_1
[  215.905303][ T5281] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.932793][ T7909] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  215.942108][ T5281] usb 4-1: Product: syz
[  215.948144][ T5281] usb 4-1: Manufacturer: syz
[  215.952935][ T7909] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  215.977720][ T5281] usb 4-1: SerialNumber: syz
[  215.982662][ T7909] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.007235][ T5281] usb 4-1: config 0 descriptor??
[  216.012311][ T7909] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.022842][ T8066] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  216.072029][ T8059] netlink: 36 bytes leftover after parsing attributes in process `syz.0.478'.
[  216.095458][ T8088] netlink: 'syz.1.483': attribute type 3 has an invalid length.
[  216.110905][ T8088] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.483'.
[  216.111093][ T5275] usb 1-1: USB disconnect, device number 27
[  216.341710][ T2531] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.375921][ T2531] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.464643][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.498537][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.622271][ T8094] netlink: 4 bytes leftover after parsing attributes in process `syz.1.484'.
[  216.688104][ T5281] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  216.918158][ T5281] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  216.976298][ T5281] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  217.031737][ T5281] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  217.106638][ T5281] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.188376][ T8097] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  217.222807][ T5281] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  217.344379][ T8130] netlink: 4 bytes leftover after parsing attributes in process `syz.2.488'.
[  217.383837][ T8130] netlink: 48 bytes leftover after parsing attributes in process `syz.2.488'.
[  217.750614][ T5281] usb 5-1: USB disconnect, device number 19
[  217.880853][   T25] usb 4-1: USB disconnect, device number 32
[  218.075967][   T58] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  218.275952][   T58] usb 2-1: Using ep0 maxpacket: 16
[  218.345082][   T58] usb 2-1: unable to get BOS descriptor or descriptor too short
[  218.363167][   T58] usb 2-1: unable to read config index 0 descriptor/start: -71
[  218.384247][   T58] usb 2-1: can't read configurations, error -71
[  218.395909][ T5281] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  218.567299][ T5281] usb 3-1: device descriptor read/64, error -71
[  218.756106][ T5275] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  218.868219][ T5281] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  218.958480][ T5275] usb 5-1: Using ep0 maxpacket: 8
[  218.969221][ T5275] usb 5-1: config 4 has an invalid interface number: 109 but max is 3
[  218.995977][ T5275] usb 5-1: config 4 has an invalid interface number: 231 but max is 3
[  219.022345][ T5275] usb 5-1: config 4 has an invalid interface descriptor of length 6, skipping
[  219.045439][ T5275] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  219.055943][ T5281] usb 3-1: device descriptor read/64, error -71
[  219.076807][ T5275] usb 5-1: config 4 has 2 interfaces, different from the descriptor's value: 4
[  219.094657][ T5275] usb 5-1: config 4 has no interface number 0
[  219.101194][ T5275] usb 5-1: config 4 has no interface number 1
[  219.107932][ T5275] usb 5-1: config 4 interface 109 altsetting 7 endpoint 0xE has invalid maxpacket 959, setting to 64
[  219.120788][ T5275] usb 5-1: config 4 interface 109 altsetting 7 endpoint 0x9 has invalid maxpacket 1023, setting to 64
[  219.132280][ T5275] usb 5-1: config 4 interface 109 altsetting 7 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  219.141204][ T8191] netlink: 'syz.3.502': attribute type 12 has an invalid length.
[  219.144620][ T5275] usb 5-1: config 4 interface 109 altsetting 7 has a duplicate endpoint with address 0xE, skipping
[  219.159629][ T8191] netlink: 132 bytes leftover after parsing attributes in process `syz.3.502'.
[  219.164387][ T5275] usb 5-1: config 4 interface 109 altsetting 7 endpoint 0x7 has invalid maxpacket 1967, setting to 64
[  219.187026][ T5275] usb 5-1: config 4 interface 109 altsetting 7 has a duplicate endpoint with address 0x1, skipping
[  219.188906][ T5281] usb usb3-port1: attempt power cycle
[  219.198279][ T5275] usb 5-1: config 4 interface 109 altsetting 7 has a duplicate endpoint with address 0x8E, skipping
[  219.214837][ T5275] usb 5-1: config 4 interface 109 altsetting 7 has a duplicate endpoint with address 0x1, skipping
[  219.226140][ T5275] usb 5-1: config 4 interface 109 altsetting 7 endpoint 0x6 has invalid maxpacket 1415, setting to 1024
[  219.238037][ T5275] usb 5-1: config 4 interface 109 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 1024
[  219.271781][ T5275] usb 5-1: config 4 interface 109 altsetting 7 has an endpoint descriptor with address 0x94, changing to 0x84
[  219.300801][ T5275] usb 5-1: config 4 interface 109 altsetting 7 has a duplicate endpoint with address 0x9, skipping
[  219.324458][ T5275] usb 5-1: config 4 interface 231 altsetting 14 endpoint 0x5 has an invalid bInterval 36, changing to 9
[  219.348369][ T5275] usb 5-1: config 4 interface 231 altsetting 14 endpoint 0x5 has invalid maxpacket 1543, setting to 1024
[  219.369953][ T5275] usb 5-1: config 4 interface 231 altsetting 14 has 1 endpoint descriptor, different from the interface descriptor's value: 7
[  219.392486][ T5275] usb 5-1: config 4 interface 109 has no altsetting 0
[  219.402513][ T5275] usb 5-1: config 4 interface 231 has no altsetting 0
[  219.431652][ T5275] usb 5-1: New USB device found, idVendor=13d3, idProduct=3341, bcdDevice=8f.75
[  219.441853][ T5275] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.450399][ T5275] usb 5-1: Product: syz
[  219.454715][ T5275] usb 5-1: Manufacturer: 졬详눦嵰椸㾺榘꾌਱䲔ࠊᯥみ₾熍㫷矌▧㨾롤恵굟⥎ྖ대﨩騚ゴ挧ऽ暄葰鉚꒎ʝꢸ┏䅪ࢼ₤泓鏄ཱ캩꘩癁庈쭊⩚條䛲뛔ϒﷰ瀌痏匔㝭毖ᰞﭒ땮⚩캿뫾촔碛탹ꬄ౦Вꥒ舦鹭ഌ⿾읎睾⦲蓡⭻픗ಥ嗸竸⟽띖徛芬붋烴딑鸷䌺蕴芐⚭뵣瑝뛞喙蜦뎂㆔〿
[  219.454744][ T5275] usb 5-1: SerialNumber: syz
[  219.469601][ T8173] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  219.500447][    C0] vkms_vblank_simulate: vblank timer overrun
[  219.510076][ T8173] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  219.536989][   T58] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  219.609497][   T25] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  219.656007][ T5281] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  219.697559][ T5281] usb 3-1: device descriptor read/8, error -71
[  219.728852][   T58] usb 2-1: New USB device found, idVendor=0c45, idProduct=60aa, bcdDevice=43.d9
[  219.738272][   T58] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.747605][ T5275] r8712u: register rtl8712_netdev_ops to netdev_ops
[  219.754989][ T5275] usb 5-1: r8712u: USB_SPEED_HIGH with 6 endpoints
[  219.769481][   T58] usb 2-1: config 0 descriptor??
[  219.777200][ T5275] usb 5-1: r8712u: Boot from EFUSE: Autoload Failed
[  219.778824][   T58] gspca_main: sonixb-2.14.0 probing 0c45:60aa
[  219.783812][ T5275] usb 5-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  219.803641][ T5275] usb 5-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  219.805901][   T25] usb 4-1: Using ep0 maxpacket: 32
[  219.830033][   T25] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  219.833688][ T5275] r8712u: register rtl8712_netdev_ops to netdev_ops
[  219.845189][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  219.860564][ T5275] usb 5-1: r8712u: USB_SPEED_HIGH with 1 endpoints
[  219.870913][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  219.873699][ T5275] usb 5-1: r8712u: Boot from EFUSE: Autoload Failed
[  219.891764][ T5275] usb 5-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  219.899498][ T5275] usb 5-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  219.909804][   T25] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  219.926034][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.945425][   T25] usb 4-1: config 0 descriptor??
[  219.955182][ T8193] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  219.974431][ T5275] usb 5-1: USB disconnect, device number 20
[  219.987127][ T5281] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  220.006811][   T25] hub 4-1:0.0: USB hub found
[  220.055398][ T8188] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  220.066769][ T5281] usb 3-1: device descriptor read/8, error -71
[  220.068801][ T8188] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  220.101283][ T8188] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  220.220610][ T5281] usb usb3-port1: unable to enumerate USB device
[  220.229421][   T58] sonixb 2-1:0.0: Error reading register 00: -71
[  220.242623][   T25] hub 4-1:0.0: 2 ports detected
[  220.258799][   T58] usb 2-1: USB disconnect, device number 29
[  220.843945][    C1] vxcan0: j1939_tp_rxtimer: 0xffff888047e37800: rx timeout, send abort
[  220.854902][    C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff888047e37800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  221.770014][ T8246] netlink: 24 bytes leftover after parsing attributes in process `syz.1.513'.
[  222.127422][ T5273] usb 4-1: USB disconnect, device number 33
[  222.129235][   T58] usb 4-1: Failed to suspend device, error -71
[  222.226561][ T5275] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  222.252919][ T5226] Bluetooth: hci3: unexpected event 0x09 length: 17 > 3
[  222.338875][   T63] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.430136][ T5275] usb 3-1: Using ep0 maxpacket: 32
[  222.445157][ T5275] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  222.467951][ T5275] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  222.490339][ T5275] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  222.512100][ T5275] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.532972][   T63] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.555213][ T5275] usb 3-1: config 0 descriptor??
[  222.617405][ T5275] hub 3-1:0.0: USB hub found
[  222.675660][ T8262] FAULT_INJECTION: forcing a failure.
[  222.675660][ T8262] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  222.716005][ T8262] CPU: 0 UID: 0 PID: 8262 Comm: syz.1.520 Not tainted 6.11.0-rc2-syzkaller-00239-g34ac1e82e5a7 #0
[  222.722568][   T63] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.726631][ T8262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  222.726648][ T8262] Call Trace:
[  222.726658][ T8262]  <TASK>
[  222.726667][ T8262]  dump_stack_lvl+0x241/0x360
[  222.726701][ T8262]  ? __pfx_dump_stack_lvl+0x10/0x10
[  222.726725][ T8262]  ? __pfx__printk+0x10/0x10
[  222.726752][ T8262]  ? snprintf+0xda/0x120
[  222.726773][ T8262]  should_fail_ex+0x3b0/0x4e0
[  222.726799][ T8262]  _copy_to_user+0x2f/0xb0
[  222.726823][ T8262]  simple_read_from_buffer+0xca/0x150
[  222.726852][ T8262]  proc_fail_nth_read+0x1e9/0x250
[  222.726877][ T8262]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  222.726908][ T8262]  ? rw_verify_area+0x520/0x6b0
[  222.726930][ T8262]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  222.726953][ T8262]  vfs_read+0x204/0xbc0
[  222.726975][ T8262]  ? __pfx_lock_release+0x10/0x10
[  222.727006][ T8262]  ? __pfx_vfs_read+0x10/0x10
[  222.727029][ T8262]  ? __fget_files+0x29/0x470
[  222.727054][ T8262]  ? __fget_files+0x3f6/0x470
[  222.830630][ T8262]  ksys_read+0x1a0/0x2c0
[  222.834892][ T8262]  ? __pfx_ksys_read+0x10/0x10
[  222.839663][ T8262]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  222.846258][ T8262]  ? lockdep_hardirqs_on+0x99/0x150
[  222.851556][ T8262]  __do_fast_syscall_32+0xb4/0x110
[  222.856665][ T8262]  ? exc_page_fault+0x590/0x8c0
[  222.861510][ T8262]  do_fast_syscall_32+0x34/0x80
[  222.866354][ T8262]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  222.872672][ T8262] RIP: 0023:0xf73ad579
[  222.876735][ T8262] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  222.896368][ T8262] RSP: 002b:00000000f56c65a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  222.904777][ T8262] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f56c6620
[  222.912831][ T8262] RDX: 000000000000000f RSI: 00000000f739cff4 RDI: 0000000000000000
[  222.920791][ T8262] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  222.928762][ T8262] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  222.936728][ T8262] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  222.944706][ T8262]  </TASK>
[  222.947754][    C0] vkms_vblank_simulate: vblank timer overrun
[  223.031569][ T5275] hub 3-1:0.0: 1 port detected
[  223.099766][ T8266] netlink: 12 bytes leftover after parsing attributes in process `syz.3.522'.
[  223.174112][   T63] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.237490][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  223.251560][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  223.264470][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  223.273046][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  223.288235][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  223.295629][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  223.805071][ T8272] netlink: 24 bytes leftover after parsing attributes in process `syz.1.523'.
[  224.036840][   T63] bridge_slave_1: left allmulticast mode
[  224.042544][   T63] bridge_slave_1: left promiscuous mode
[  224.076286][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.120765][   T63] bridge_slave_0: left allmulticast mode
[  224.136779][   T63] bridge_slave_0: left promiscuous mode
[  224.142609][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.208282][ T5275] hub 3-1:0.0: activate --> -90
[  224.286996][   T54] Bluetooth: hci3: command tx timeout
[  224.311222][ T8292] =======================================================
[  224.311222][ T8292] WARNING: The mand mount option has been deprecated and
[  224.311222][ T8292]          and is ignored by this kernel. Remove the mand
[  224.311222][ T8292]          option from the mount to silence this warning.
[  224.311222][ T8292] =======================================================
[  224.647382][   T25] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  224.725873][ T5281] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  224.846059][   T25] usb 4-1: Using ep0 maxpacket: 8
[  224.877240][   T25] usb 4-1: config 4 has an invalid interface number: 109 but max is 3
[  224.903191][   T25] usb 4-1: config 4 has an invalid interface number: 231 but max is 3
[  224.930447][   T25] usb 4-1: config 4 has an invalid interface descriptor of length 6, skipping
[  224.949229][ T5281] usb 2-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[  224.975947][   T25] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  224.993978][ T5281] usb 2-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[  225.023504][   T25] usb 4-1: config 4 has 2 interfaces, different from the descriptor's value: 4
[  225.032898][ T5281] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  225.045835][   T25] usb 4-1: config 4 has no interface number 0
[  225.058051][ T5281] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.068169][   T25] usb 4-1: config 4 has no interface number 1
[  225.074343][   T25] usb 4-1: config 4 interface 109 altsetting 7 endpoint 0xE has invalid maxpacket 959, setting to 64
[  225.113099][   T25] usb 4-1: config 4 interface 109 altsetting 7 endpoint 0x9 has invalid maxpacket 1023, setting to 64
[  225.143969][   T25] usb 4-1: config 4 interface 109 altsetting 7 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  225.182720][   T25] usb 4-1: config 4 interface 109 altsetting 7 has a duplicate endpoint with address 0xE, skipping
[  225.212300][   T25] usb 4-1: config 4 interface 109 altsetting 7 endpoint 0x7 has invalid maxpacket 1967, setting to 64
[  225.241723][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  225.251706][   T25] usb 4-1: config 4 interface 109 altsetting 7 has a duplicate endpoint with address 0x1, skipping
[  225.262817][   T25] usb 4-1: config 4 interface 109 altsetting 7 has a duplicate endpoint with address 0x8E, skipping
[  225.283358][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  225.292401][   T25] usb 4-1: config 4 interface 109 altsetting 7 has a duplicate endpoint with address 0x1, skipping
[  225.315053][   T63] bond0 (unregistering): Released all slaves
[  225.328213][   T25] usb 4-1: config 4 interface 109 altsetting 7 endpoint 0x6 has invalid maxpacket 1415, setting to 1024
[  225.328846][  T941] hub 3-1:0.0: hub_ext_port_status failed (err = -32)
[  225.347256][   T54] Bluetooth: hci1: command tx timeout
[  225.361945][ T8271] chnl_net:caif_netlink_parms(): no params data found
[  225.374495][   T25] usb 4-1: config 4 interface 109 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 1024
[  225.393369][   T25] usb 4-1: config 4 interface 109 altsetting 7 has an endpoint descriptor with address 0x94, changing to 0x84
[  225.435412][   T25] usb 4-1: config 4 interface 109 altsetting 7 has a duplicate endpoint with address 0x9, skipping
[  225.452508][ T5272] usb 3-1: USB disconnect, device number 31
[  225.481167][   T25] usb 4-1: config 4 interface 231 altsetting 14 endpoint 0x5 has an invalid bInterval 36, changing to 9
[  225.496426][   T25] usb 4-1: config 4 interface 231 altsetting 14 endpoint 0x5 has invalid maxpacket 1543, setting to 1024
[  225.509506][   T25] usb 4-1: config 4 interface 231 altsetting 14 has 1 endpoint descriptor, different from the interface descriptor's value: 7
[  225.547005][   T25] usb 4-1: config 4 interface 109 has no altsetting 0
[  225.599481][   T25] usb 4-1: config 4 interface 231 has no altsetting 0
[  225.638666][   T25] usb 4-1: New USB device found, idVendor=13d3, idProduct=3341, bcdDevice=8f.75
[  225.661379][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.669645][   T25] usb 4-1: Product: syz
[  225.673869][   T25] usb 4-1: Manufacturer: 졬详눦嵰椸㾺榘꾌਱䲔ࠊᯥみ₾熍㫷矌▧㨾롤恵굟⥎ྖ대﨩騚ゴ挧ऽ暄葰鉚꒎ʝꢸ┏䅪ࢼ₤泓鏄ཱ캩꘩癁庈쭊⩚條䛲뛔ϒﷰ瀌痏匔㝭毖ᰞﭒ땮⚩캿뫾촔碛탹ꬄ౦Вꥒ舦鹭ഌ⿾읎睾⦲蓡⭻픗ಥ嗸竸⟽띖徛芬붋烴딑鸷䌺蕴芐⚭뵣瑝뛞喙蜦뎂㆔〿
[  225.709204][   T25] usb 4-1: SerialNumber: syz
[  225.756311][ T8297] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  225.764004][ T8297] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  225.827192][ T8271] bridge0: port 1(bridge_slave_0) entered blocking state
[  225.845309][ T8271] bridge0: port 1(bridge_slave_0) entered disabled state
[  225.853490][ T8271] bridge_slave_0: entered allmulticast mode
[  225.872779][ T8271] bridge_slave_0: entered promiscuous mode
[  225.919174][ T8271] bridge0: port 2(bridge_slave_1) entered blocking state
[  225.938281][ T8271] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.956847][ T8271] bridge_slave_1: entered allmulticast mode
[  225.961822][ T5281] usb 2-1: string descriptor 0 read error: -71
[  225.964468][ T8271] bridge_slave_1: entered promiscuous mode
[  225.994572][ T5281] usb 2-1: USB disconnect, device number 30
[  226.022524][   T25] r8712u: register rtl8712_netdev_ops to netdev_ops
[  226.039806][   T25] usb 4-1: r8712u: USB_SPEED_HIGH with 6 endpoints
[  226.062475][   T25] usb 4-1: r8712u: Boot from EFUSE: Autoload Failed
[  226.069436][   T25] usb 4-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  226.077035][   T25] usb 4-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  226.117955][   T25] r8712u: register rtl8712_netdev_ops to netdev_ops
[  226.124591][   T25] usb 4-1: r8712u: USB_SPEED_HIGH with 1 endpoints
[  226.150885][ T8271] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  226.163424][   T25] usb 4-1: r8712u: Boot from EFUSE: Autoload Failed
[  226.171672][   T25] usb 4-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  226.182653][ T8271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  226.199930][   T25] usb 4-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  226.232389][   T25] usb 4-1: USB disconnect, device number 34
[  226.309231][   T63] hsr_slave_0: left promiscuous mode
[  226.319920][   T63] hsr_slave_1: left promiscuous mode
[  226.330165][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  226.344642][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[  226.373058][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  226.373085][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[  226.411563][   T63] veth1_macvtap: left promiscuous mode
[  226.437115][   T63] veth0_macvtap: left promiscuous mode
[  226.465577][   T63] veth1_vlan: left promiscuous mode
[  226.472213][   T63] veth0_vlan: left promiscuous mode
[  226.834887][ T8332] ALSA: seq fatal error: cannot create timer (-22)
[  226.926105][   T58] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  227.146051][   T58] usb 2-1: Using ep0 maxpacket: 32
[  227.154399][   T58] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  227.174463][   T58] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  227.186226][   T58] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  227.205559][   T58] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  227.215739][   T58] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.235379][   T58] usb 2-1: config 0 descriptor??
[  227.245180][ T8330] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  227.265050][   T58] hub 2-1:0.0: USB hub found
[  227.415879][   T54] Bluetooth: hci1: command tx timeout
[  227.527422][   T58] hub 2-1:0.0: 2 ports detected
[  227.720465][   T63] team0 (unregistering): Port device team_slave_1 removed
[  227.790571][   T63] team0 (unregistering): Port device team_slave_0 removed
[  228.425886][ T5274] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  228.603875][ T8271] team0: Port device team_slave_0 added
[  228.658436][ T8271] team0: Port device team_slave_1 added
[  228.666390][ T5274] usb 3-1: Using ep0 maxpacket: 32
[  228.688929][ T5274] usb 3-1: config 0 has an invalid interface number: 111 but max is 1
[  228.726498][ T5274] usb 3-1: config 0 has no interface number 1
[  228.767315][ T5274] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83
[  228.779641][ T5274] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.788665][ T5274] usb 3-1: Product: syz
[  228.792918][ T5274] usb 3-1: Manufacturer: syz
[  228.798367][ T5274] usb 3-1: SerialNumber: syz
[  228.808017][ T5274] usb 3-1: config 0 descriptor??
[  228.963521][ T8271] batman_adv: batadv0: Adding interface: batadv_slave_0
[  228.982283][ T8271] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  229.111155][ T5274] snd-usb-6fire 3-1:0.111: unable to receive device firmware state.
[  229.139118][ T8271] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  229.146114][ T5274] snd-usb-6fire 3-1:0.111: probe with driver snd-usb-6fire failed with error -71
[  229.217109][ T5274] usb 3-1: USB disconnect, device number 32
[  229.265134][ T8271] batman_adv: batadv0: Adding interface: batadv_slave_1
[  229.284755][ T8271] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  229.311011][    C0] vkms_vblank_simulate: vblank timer overrun
[  229.416931][ T8271] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  229.451076][ T8361] tipc: Started in network mode
[  229.458859][ T5272] usb 2-1: USB disconnect, device number 31
[  229.464890][ T8361] tipc: Node identity 1, cluster identity 4711
[  229.472620][ T8361] tipc: Node number set to 1
[  229.480172][   T58] usb 2-1: Failed to suspend device, error -71
[  229.485919][   T54] Bluetooth: hci1: command tx timeout
[  229.687741][ T8271] hsr_slave_0: entered promiscuous mode
[  229.715490][ T8271] hsr_slave_1: entered promiscuous mode
[  229.735738][ T8271] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  229.743922][ T8271] Cannot create hsr debugfs directory
[  229.966176][   T58] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  230.079674][ T8385] netlink: 12 bytes leftover after parsing attributes in process `syz.2.540'.
[  230.137200][ T8389] fuse: Bad value for 'group_id'
[  230.166935][   T58] usb 5-1: Using ep0 maxpacket: 16
[  230.174844][   T29] audit: type=1326 audit(1723342102.993:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8386 comm="syz.3.542" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d579 code=0x7ffc0000
[  230.187677][ T8389] fuse: Bad value for 'group_id'
[  230.230675][   T58] usb 5-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=59.31
[  230.231960][   T29] audit: type=1326 audit(1723342102.993:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8386 comm="syz.3.542" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d579 code=0x7ffc0000
[  230.271728][   T29] audit: type=1326 audit(1723342102.993:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8386 comm="syz.3.542" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf747d579 code=0x7ffc0000
[  230.279471][   T58] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.349518][   T29] audit: type=1326 audit(1723342102.993:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8386 comm="syz.3.542" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d579 code=0x7ffc0000
[  230.371412][    C0] vkms_vblank_simulate: vblank timer overrun
[  230.390202][   T29] audit: type=1326 audit(1723342102.993:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8386 comm="syz.3.542" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d579 code=0x7ffc0000
[  230.430027][   T58] usb 5-1: Product: syz
[  230.460985][   T58] usb 5-1: Manufacturer: syz
[  230.506019][   T58] usb 5-1: SerialNumber: syz
[  230.536997][   T58] usb 5-1: config 0 descriptor??
[  230.568193][   T58] usb 5-1: no audio or video endpoints found
[  230.584493][   T58] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  231.000464][ T8403] netlink: 4 bytes leftover after parsing attributes in process `syz.3.544'.
[  231.026763][ T8409] netlink: 24 bytes leftover after parsing attributes in process `syz.1.545'.
[  231.174210][ T8271] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  231.219576][ T8271] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  231.253084][ T8271] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  231.285041][ T8271] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  231.409817][  T941] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  231.568880][   T54] Bluetooth: hci1: command tx timeout
[  231.637806][  T941] usb 3-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  231.652084][  T941] usb 3-1: config 7 has 1 interface, different from the descriptor's value: 2
[  231.686764][  T941] usb 3-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 0.84
[  231.698009][ T8271] 8021q: adding VLAN 0 to HW filter on device bond0
[  231.718444][  T941] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  231.741174][  T941] usb 3-1: Product: syz
[  231.754515][  T941] usb 3-1: SerialNumber: syz
[  231.773921][  T941] rndis_host 3-1:7.0: skipping garbage
[  231.796698][ T8271] 8021q: adding VLAN 0 to HW filter on device team0
[  231.814143][  T941] usb 3-1: bad CDC descriptors
[  231.826938][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.834119][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  231.856608][  T941] option 3-1:7.0: GSM modem (1-port) converter detected
[  231.863668][ T5275] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  231.918382][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  231.925618][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  231.987282][ T8445] tipc: Started in network mode
[  232.010662][ T8445] tipc: Node identity 1, cluster identity 4711
[  232.017811][ T8445] tipc: Node number set to 1
[  232.061783][ T5275] usb 4-1: Using ep0 maxpacket: 32
[  232.090403][ T5275] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  232.135886][ T5275] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  232.208534][ T5275] usb 4-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=9c.e2
[  232.245878][ T5275] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.253924][ T5275] usb 4-1: Product: syz
[  232.278649][ T5281] usb 3-1: USB disconnect, device number 33
[  232.298988][ T5275] usb 4-1: Manufacturer: syz
[  232.299094][ T5281] option 3-1:7.0: device disconnected
[  232.303613][ T5275] usb 4-1: SerialNumber: syz
[  232.324573][ T8271] 8021q: adding VLAN 0 to HW filter on device batadv0
[  232.333378][ T5275] usb 4-1: config 0 descriptor??
[  232.538126][ T8271] veth0_vlan: entered promiscuous mode
[  232.610245][ T8271] veth1_vlan: entered promiscuous mode
[  232.625951][ T8440] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  232.645506][ T8440] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  232.799868][  T941] usb 4-1: USB disconnect, device number 35
[  232.875010][ T8271] veth0_macvtap: entered promiscuous mode
[  232.938059][ T8271] veth1_macvtap: entered promiscuous mode
[  233.105555][ T8271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  233.162155][ T8271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.210319][ T8271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  233.227978][ T8271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.259900][ T8271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  233.275820][ T8271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.299991][ T8271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  233.335820][ T8271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.356000][ T8271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  233.375968][ T8271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.411768][ T8271] batman_adv: batadv0: Interface activated: batadv_slave_0
[  233.436256][ T5275] usb 3-1: new full-speed USB device number 34 using dummy_hcd
[  233.441604][ T8271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  233.506734][ T8271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.545942][ T8271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  233.552209][ T5272] usb 5-1: USB disconnect, device number 21
[  233.602616][ T8271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.640695][ T8271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  233.653720][ T8271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.664490][ T8271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  233.675947][ T8271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.695490][ T8271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  233.706984][ T8271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.749011][ T8271] batman_adv: batadv0: Interface activated: batadv_slave_1
[  233.787934][ T8499] netlink: 28 bytes leftover after parsing attributes in process `syz.2.552'.
[  233.824254][ T8271] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  233.863489][ T8271] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  233.875974][  T941] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  233.904896][ T8271] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  233.920561][ T8271] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.086058][  T941] usb 4-1: Using ep0 maxpacket: 16
[  234.100029][  T941] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  234.129962][  T941] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  234.151271][  T941] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  234.170864][  T941] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  234.196790][  T941] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.207458][  T941] usb 4-1: Product: syz
[  234.211691][  T941] usb 4-1: Manufacturer: syz
[  234.216790][  T941] usb 4-1: SerialNumber: syz
[  234.270535][ T5275] usb 3-1: unable to get BOS descriptor or descriptor too short
[  234.287528][ T5275] usb 3-1: unable to read config index 0 descriptor/start: -71
[  234.306945][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.325197][ T5275] usb 3-1: can't read configurations, error -71
[  234.352883][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.457068][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.491546][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.597010][ T8531] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  234.619983][ T8531] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  234.652754][ T8531] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.553'.
[  234.662483][ T8531] openvswitch: netlink: Unknown VXLAN extension attribute 0
[  234.827113][  T941] usb 4-1: 2:1 : format type 0 is detected, processed as PCM
[  234.852713][  T941] usb 4-1: 2:1 : sample bitwidth 254 in over sample bytes 0
[  234.882764][  T941] usb 4-1: 2:1 : unsupported sample bitwidth 254 in 0 bytes
[  235.075909][  T941] usb 4-1: USB disconnect, device number 36
[  235.381475][ T8550] tipc: Started in network mode
[  235.394564][ T8550] tipc: Node identity 1, cluster identity 4711
[  235.405234][ T5335] udevd[5335]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  235.455024][ T8550] tipc: Node number set to 1
[  235.661184][ T8555] netlink: 12 bytes leftover after parsing attributes in process `syz.4.556'.
[  235.676236][ T8555] netlink: 'syz.4.556': attribute type 30 has an invalid length.
[  235.835929][ T5274] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  235.887435][ T5275] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  236.035964][ T5274] usb 3-1: Using ep0 maxpacket: 32
[  236.044575][ T5274] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  236.062408][ T5274] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  236.099314][ T5274] usb 3-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=9c.e2
[  236.113113][ T5275] usb 4-1: config 9 has an invalid interface number: 123 but max is 0
[  236.116219][ T5274] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.135977][ T5275] usb 4-1: config 9 has an invalid interface number: 60 but max is 0
[  236.145955][ T5274] usb 3-1: Product: syz
[  236.151901][ T5274] usb 3-1: Manufacturer: syz
[  236.161477][ T5274] usb 3-1: SerialNumber: syz
[  236.173254][ T5275] usb 4-1: config 9 has 2 interfaces, different from the descriptor's value: 1
[  236.182545][  T941] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  236.189117][ T5274] usb 3-1: config 0 descriptor??
[  236.195652][ T5275] usb 4-1: config 9 has no interface number 0
[  236.212108][ T5275] usb 4-1: config 9 has no interface number 1
[  236.236005][ T5275] usb 4-1: config 9 interface 123 altsetting 4 has an endpoint descriptor with address 0x13, changing to 0x3
[  236.258878][ T5275] usb 4-1: config 9 interface 123 altsetting 4 bulk endpoint 0x3 has invalid maxpacket 1024
[  236.292668][ T5275] usb 4-1: config 9 interface 123 altsetting 4 endpoint 0xC has invalid maxpacket 1040, setting to 64
[  236.342725][ T5275] usb 4-1: config 9 interface 123 altsetting 4 has a duplicate endpoint with address 0xE, skipping
[  236.366184][  T941] usb 5-1: Using ep0 maxpacket: 16
[  236.377377][  T941] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  236.388661][ T5275] usb 4-1: config 9 interface 123 altsetting 4 has 4 endpoint descriptors, different from the interface descriptor's value: 13
[  236.412222][  T941] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  236.429852][ T8558] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  236.432526][ T5275] usb 4-1: too many endpoints for config 9 interface 60 altsetting 162: 35, using maximum allowed: 30
[  236.457540][  T941] usb 5-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[  236.466493][ T8558] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  236.481877][ T8558] FAULT_INJECTION: forcing a failure.
[  236.481877][ T8558] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  236.496868][  T941] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.527193][ T5275] usb 4-1: config 9 interface 60 altsetting 162 endpoint 0x1 has invalid wMaxPacketSize 0
[  236.537559][ T8558] CPU: 1 UID: 0 PID: 8558 Comm: syz.2.561 Not tainted 6.11.0-rc2-syzkaller-00239-g34ac1e82e5a7 #0
[  236.548180][ T8558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  236.555875][ T5275] usb 4-1: config 9 interface 60 altsetting 162 bulk endpoint 0xD has invalid maxpacket 64
[  236.558237][ T8558] Call Trace:
[  236.558277][ T8558]  <TASK>
[  236.558286][ T8558]  dump_stack_lvl+0x241/0x360
[  236.558321][ T8558]  ? __pfx_dump_stack_lvl+0x10/0x10
[  236.558345][ T8558]  ? __pfx__printk+0x10/0x10
[  236.558370][ T8558]  ? __pfx_lock_release+0x10/0x10
[  236.558403][ T8558]  should_fail_ex+0x3b0/0x4e0
[  236.558428][ T8558]  _copy_from_user+0x2f/0xe0
[  236.558452][ T8558]  pppoe_ioctl+0x375/0x5e0
[  236.558478][ T8558]  pppox_ioctl+0x1bb/0x300
[  236.558503][ T8558]  compat_sock_ioctl+0x18b/0xf20
[  236.558534][ T8558]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  236.558563][ T8558]  ? __fget_files+0x29/0x470
[  236.558590][ T8558]  ? __fget_files+0x3f6/0x470
[  236.558619][ T8558]  ? bpf_lsm_file_ioctl_compat+0x9/0x10
[  236.558645][ T8558]  ? security_file_ioctl_compat+0x87/0xb0
[  236.558669][ T8558]  __se_compat_sys_ioctl+0x51c/0xca0
[  236.558695][ T8558]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  236.558729][ T8558]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  236.558755][ T8558]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  236.558787][ T8558]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  236.558812][ T8558]  ? lockdep_hardirqs_on+0x99/0x150
[  236.558838][ T8558]  __do_fast_syscall_32+0xb4/0x110
[  236.558865][ T8558]  ? exc_page_fault+0x590/0x8c0
[  236.558892][ T8558]  do_fast_syscall_32+0x34/0x80
[  236.558918][ T8558]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  236.558941][ T8558] RIP: 0023:0xf7f57579
[  236.558959][ T8558] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  236.558976][ T8558] RSP: 002b:00000000f570656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  236.558998][ T8558] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000004008b100
[  236.559014][ T8558] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  236.559027][ T8558] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  236.559039][ T8558] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  236.559051][ T8558] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  236.559080][ T8558]  </TASK>
[  236.621339][ T5274] usb 3-1: USB disconnect, device number 36
[  236.626855][  T941] usb 5-1: config 0 descriptor??
[  236.685907][ T5281] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  236.702693][ T5275] usb 4-1: config 9 interface 60 altsetting 162 has a duplicate endpoint with address 0xE, skipping
[  236.832174][ T5275] usb 4-1: config 9 interface 60 altsetting 162 has a duplicate endpoint with address 0x1, skipping
[  236.843860][ T5275] usb 4-1: config 9 interface 60 altsetting 162 has a duplicate endpoint with address 0x2, skipping
[  236.857033][ T5275] usb 4-1: config 9 interface 60 altsetting 162 has an invalid descriptor for endpoint zero, skipping
[  236.871416][ T5275] usb 4-1: config 9 interface 60 altsetting 162 endpoint 0x8 has invalid maxpacket 1503, setting to 64
[  236.882840][ T5275] usb 4-1: config 9 interface 60 altsetting 162 has 9 endpoint descriptors, different from the interface descriptor's value: 35
[  236.901313][ T5275] usb 4-1: config 9 interface 123 has no altsetting 0
[  236.901367][ T5275] usb 4-1: config 9 interface 60 has no altsetting 0
[  236.904437][ T5275] usb 4-1: New USB device found, idVendor=04b4, idProduct=2102, bcdDevice=88.4e
[  236.904470][ T5275] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.904515][ T5275] usb 4-1: Product: syz
[  236.904532][ T5275] usb 4-1: Manufacturer: 䨹륢㧧Ϛ䍅郶礻䕎ꦪ왊霖଎㲜Ƃ폈굪뢚∗深ҥꊑ隬厍䃮뺬誁ܔ薾ၔ踘搊㋩뗿
[  236.904553][ T5275] usb 4-1: SerialNumber: syz
[  236.917512][ T8560] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  236.966859][ T5281] usb 1-1: Using ep0 maxpacket: 32
[  236.989185][ T5281] usb 1-1: unable to read config index 0 descriptor/start: -61
[  236.989226][ T5281] usb 1-1: can't read configurations, error -61
[  237.135975][ T5281] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  237.144306][ T8560] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  237.204804][ T8560] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  237.278878][ T5275] dvb-usb: found a 'DVBWorld DVB-S 2102 USB2.0' in cold state, will try to load a firmware
[  237.308904][ T5275] usb 4-1: Direct firmware load for dvb-usb-dw2102.fw failed with error -2
[  237.331302][ T5275] usb 4-1: Falling back to sysfs fallback for: dvb-usb-dw2102.fw
[  237.376535][ T5281] usb 1-1: Using ep0 maxpacket: 32
[  237.390456][ T5281] usb 1-1: unable to read config index 0 descriptor/start: -61
[  237.404009][ T5281] usb 1-1: can't read configurations, error -61
[  237.404422][ T8617] netlink: 20 bytes leftover after parsing attributes in process `syz.2.573'.
[  237.411366][ T5281] usb usb1-port1: attempt power cycle
[  237.437378][  T941] hid-led 0003:1294:1320.0014: hidraw0: USB HID v0.00 Device [HID 1294:1320] on usb-dummy_hcd.4-1/input0
[  237.454119][  T941] hid-led 0003:1294:1320.0014: Riso Kagaku Webmail Notifier initialized
[  237.709513][ T5274] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  237.860211][ T5281] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  237.899255][ T5281] usb 1-1: Using ep0 maxpacket: 32
[  237.914118][ T5281] usb 1-1: unable to read config index 0 descriptor/start: -61
[  237.925906][ T5274] usb 3-1: Using ep0 maxpacket: 32
[  237.943791][ T5281] usb 1-1: can't read configurations, error -61
[  237.963964][ T5274] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  237.993132][ T5274] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  238.020454][ T5274] usb 3-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=9c.e2
[  238.036072][ T5274] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  238.044721][ T5274] usb 3-1: Product: syz
[  238.066844][ T5274] usb 3-1: Manufacturer: syz
[  238.071730][ T5274] usb 3-1: SerialNumber: syz
[  238.083585][ T5274] usb 3-1: config 0 descriptor??
[  238.126737][ T5281] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  238.165406][ T5281] usb 1-1: Using ep0 maxpacket: 32
[  238.190927][ T5281] usb 1-1: unable to read config index 0 descriptor/start: -61
[  238.207872][ T5281] usb 1-1: can't read configurations, error -61
[  238.220348][ T5281] usb usb1-port1: unable to enumerate USB device
[  238.330329][ T8617] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  238.350174][ T8617] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  238.370000][ T8617] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  238.383547][ T8617] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  238.430204][    T9] usb 3-1: USB disconnect, device number 37
[  238.588503][ T8638] netlink: 24 bytes leftover after parsing attributes in process `syz.3.580'.
[  238.759253][    T9] usb 5-1: USB disconnect, device number 22
[  238.796129][  T944] leds riso_kagaku0:blue: Setting an LED's brightness failed (-38)
[  238.822236][  T944] leds riso_kagaku0:green: Setting an LED's brightness failed (-38)
[  238.853179][  T944] leds riso_kagaku0:red: Setting an LED's brightness failed (-38)
[  239.310181][ T8664] input: syz0 as /devices/virtual/input/input24
[  239.345965][    T9] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  239.546357][    T9] usb 5-1: Using ep0 maxpacket: 16
[  239.549412][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  239.549449][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  239.549471][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  239.549513][    T9] usb 5-1: New USB device found, idVendor=056a, idProduct=0022, bcdDevice= 0.00
[  239.549538][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.555025][    T9] usb 5-1: config 0 descriptor??
[  239.926130][  T944] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  239.990056][ T8686] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  239.996541][    T9] wacom 0003:056A:0022.0015: item 0 2 0 11 parsing failed
[  240.004438][ T8686] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  240.017007][    T9] wacom 0003:056A:0022.0015: parse failed
[  240.022936][    T9] wacom 0003:056A:0022.0015: probe with driver wacom failed with error -22
[  240.085662][ T8688] ALSA: seq fatal error: cannot create timer (-22)
[  240.115865][  T944] usb 1-1: Using ep0 maxpacket: 32
[  240.128291][  T944] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64
[  240.155947][  T944] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 959
[  240.188354][  T944] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  240.210136][ T5281] usb 5-1: USB disconnect, device number 23
[  240.210166][  T944] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.225535][  T944] usb 1-1: Product: syz
[  240.230159][  T944] usb 1-1: Manufacturer: syz
[  240.234787][  T944] usb 1-1: SerialNumber: syz
[  240.319644][ T8693] FAULT_INJECTION: forcing a failure.
[  240.319644][ T8693] name failslab, interval 1, probability 0, space 0, times 0
[  240.374597][ T8693] CPU: 1 UID: 0 PID: 8693 Comm: syz.2.599 Not tainted 6.11.0-rc2-syzkaller-00239-g34ac1e82e5a7 #0
[  240.385248][ T8693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  240.395334][ T8693] Call Trace:
[  240.398634][ T8693]  <TASK>
[  240.401580][ T8693]  dump_stack_lvl+0x241/0x360
[  240.406315][ T8693]  ? __pfx_dump_stack_lvl+0x10/0x10
[  240.411545][ T8693]  ? __pfx__printk+0x10/0x10
[  240.416169][ T8693]  ? __kmalloc_noprof+0xb0/0x400
[  240.421132][ T8693]  ? __pfx___might_resched+0x10/0x10
[  240.426446][ T8693]  should_fail_ex+0x3b0/0x4e0
[  240.431148][ T8693]  ? io_alloc_page_table+0x3b/0x120
[  240.436370][ T8693]  should_failslab+0xac/0x100
[  240.441083][ T8693]  ? io_alloc_page_table+0x3b/0x120
[  240.446313][ T8693]  __kmalloc_noprof+0xd8/0x400
[  240.451107][ T8693]  io_alloc_page_table+0x3b/0x120
[  240.456168][ T8693]  io_rsrc_data_alloc+0x9a/0x270
[  240.461146][ T8693]  io_sqe_buffers_register+0x1ca/0x700
[  240.461218][  T944] cdc_ncm 1-1:1.0: bind() failure
[  240.466704][ T8693]  ? __mutex_unlock_slowpath+0x21d/0x750
[  240.466770][ T8693]  ? __se_sys_io_uring_register+0x1b8/0x15d0
[  240.466794][ T8693]  ? __pfx_vfs_write+0x10/0x10
[  240.466821][ T8693]  ? __pfx_io_sqe_buffers_register+0x10/0x10
[  240.466846][ T8693]  ? __fget_files+0x29/0x470
[  240.466875][ T8693]  __se_sys_io_uring_register+0xb22/0x15d0
[  240.466907][ T8693]  ? __pfx___se_sys_io_uring_register+0x10/0x10
[  240.466933][ T8693]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  240.511343][  T944] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  240.517447][ T8693]  ? lockdep_hardirqs_on+0x99/0x150
[  240.517485][ T8693]  __do_fast_syscall_32+0xb4/0x110
[  240.517513][ T8693]  ? exc_page_fault+0x590/0x8c0
[  240.517539][ T8693]  do_fast_syscall_32+0x34/0x80
[  240.517561][ T8693]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  240.517583][ T8693] RIP: 0023:0xf7f57579
[  240.517599][ T8693] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  240.517615][ T8693] RSP: 002b:00000000f56e556c EFLAGS: 00000206 ORIG_RAX: 00000000000001ab
[  240.517636][ T8693] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000
[  240.517650][ T8693] RDX: 00000000200002c0 RSI: 000000000000011a RDI: 0000000000000000
[  240.517664][ T8693] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  240.517676][ T8693] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  240.517687][ T8693] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  240.517712][ T8693]  </TASK>
[  240.672962][  T944] cdc_ncm 1-1:1.1: bind() failure
[  240.752711][  T944] usb 1-1: USB disconnect, device number 32
[  240.802820][ T8694] netlink: 12 bytes leftover after parsing attributes in process `syz.1.598'.
[  240.813701][ T8694] netlink: 'syz.1.598': attribute type 30 has an invalid length.
[  241.038230][ T8698] netlink: 201400 bytes leftover after parsing attributes in process `syz.4.601'.
[  241.054794][ T8698] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  241.076572][ T8698] openvswitch: netlink: Message has 8446 unknown bytes.
[  241.120245][   T29] audit: type=1326 audit(1723342113.943:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  241.141981][    C0] vkms_vblank_simulate: vblank timer overrun
[  241.164771][   T29] audit: type=1326 audit(1723342113.943:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  241.194280][   T29] audit: type=1326 audit(1723342113.973:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=40000003 syscall=245 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  241.220797][   T29] audit: type=1326 audit(1723342113.973:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  241.253651][   T29] audit: type=1326 audit(1723342113.973:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  241.294886][   T29] audit: type=1326 audit(1723342113.983:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  241.317149][   T29] audit: type=1326 audit(1723342113.983:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  241.325974][   T25] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  241.338975][    C0] vkms_vblank_simulate: vblank timer overrun
[  241.340705][   T29] audit: type=1326 audit(1723342113.983:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  241.375274][    C0] vkms_vblank_simulate: vblank timer overrun
[  241.401821][   T29] audit: type=1326 audit(1723342113.983:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  241.505906][   T29] audit: type=1326 audit(1723342113.983:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.4.601" exe="/root/syz-executor" sig=0 arch=40000003 syscall=248 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[  241.536085][   T25] usb 2-1: Using ep0 maxpacket: 16
[  241.543851][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  241.572141][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  241.606106][   T25] usb 2-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[  241.615194][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.636393][   T25] usb 2-1: config 0 descriptor??
[  242.105084][   T25] hid-led 0003:1294:1320.0016: hidraw0: USB HID v0.00 Device [HID 1294:1320] on usb-dummy_hcd.1-1/input0
[  242.138734][   T25] hid-led 0003:1294:1320.0016: Riso Kagaku Webmail Notifier initialized
[  242.215287][ T8723] syz.0.609 uses obsolete (PF_INET,SOCK_PACKET)
[  242.674935][ T8733] netlink: 4 bytes leftover after parsing attributes in process `syz.0.613'.
[  242.777431][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.890651][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.019006][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.143560][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.235178][ T8742] veth0_vlan: entered allmulticast mode
[  243.289491][ T5226] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  243.299983][ T5226] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  243.309928][ T5226] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  243.322599][ T5226] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  243.331336][ T5226] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  243.340968][ T5226] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  243.514949][   T12] bridge_slave_1: left allmulticast mode
[  243.531311][   T12] bridge_slave_1: left promiscuous mode
[  243.538630][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.555642][   T12] bridge_slave_0: left allmulticast mode
[  243.563444][   T12] bridge_slave_0: left promiscuous mode
[  243.573535][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.647016][  T941] usb 2-1: USB disconnect, device number 32
[  243.679090][  T944] leds riso_kagaku0:blue: Setting an LED's brightness failed (-38)
[  243.700134][  T944] leds riso_kagaku0:green: Setting an LED's brightness failed (-38)
[  243.721188][  T944] leds riso_kagaku0:red: Setting an LED's brightness failed (-38)
[  243.885508][ T8759] FAULT_INJECTION: forcing a failure.
[  243.885508][ T8759] name failslab, interval 1, probability 0, space 0, times 0
[  243.948921][ T8759] CPU: 1 UID: 0 PID: 8759 Comm: syz.4.620 Not tainted 6.11.0-rc2-syzkaller-00239-g34ac1e82e5a7 #0
[  243.957196][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88802a235800: rx timeout, send abort
[  243.959548][ T8759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  243.959564][ T8759] Call Trace:
[  243.959573][ T8759]  <TASK>
[  243.959581][ T8759]  dump_stack_lvl+0x241/0x360
[  243.971910][    C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff88802a235800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  243.977864][ T8759]  ? __pfx_dump_stack_lvl+0x10/0x10
[  243.977903][ T8759]  ? __pfx__printk+0x10/0x10
[  243.977927][ T8759]  ? __kmalloc_node_noprof+0xb7/0x440
[  243.977947][ T8759]  ? __pfx___might_resched+0x10/0x10
[  243.977974][ T8759]  should_fail_ex+0x3b0/0x4e0
[  243.977996][ T8759]  should_failslab+0xac/0x100
[  244.032965][ T8759]  __kmalloc_node_noprof+0xdf/0x440
[  244.038176][ T8759]  ? __kvmalloc_node_noprof+0x72/0x190
[  244.043636][ T8759]  __kvmalloc_node_noprof+0x72/0x190
[  244.048913][ T8759]  xt_alloc_table_info+0x3d/0xa0
[  244.053843][ T8759]  do_ip6t_set_ctl+0x9ab/0x1270
[  244.058685][ T8759]  ? __pfx___might_resched+0x10/0x10
[  244.063957][ T8759]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  244.069230][ T8759]  ? __pfx_lock_release+0x10/0x10
[  244.074277][ T8759]  ? rcu_is_watching+0x15/0xb0
[  244.079029][ T8759]  ? trace_contention_end+0x3c/0x120
[  244.084295][ T8759]  ? __mutex_lock+0x2ef/0xd70
[  244.088980][ T8759]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  244.094970][ T8759]  ? __pfx_aa_sk_perm+0x10/0x10
[  244.099817][ T8759]  nf_setsockopt+0x295/0x2c0
[  244.104432][ T8759]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  244.110317][ T8759]  do_sock_setsockopt+0x3af/0x720
[  244.115348][ T8759]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  244.120889][ T8759]  ? __fget_files+0x3f6/0x470
[  244.125574][ T8759]  __sys_setsockopt+0x1ae/0x250
[  244.130654][ T8759]  __ia32_sys_setsockopt+0xb5/0xd0
[  244.135766][ T8759]  __do_fast_syscall_32+0xb4/0x110
[  244.140893][ T8759]  ? exc_page_fault+0x590/0x8c0
[  244.145736][ T8759]  do_fast_syscall_32+0x34/0x80
[  244.150588][ T8759]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  244.156905][ T8759] RIP: 0023:0xf7fd6579
[  244.160960][ T8759] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  244.180640][ T8759] RSP: 002b:00000000f578656c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[  244.189041][ T8759] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[  244.197000][ T8759] RDX: 0000000000000040 RSI: 0000000020000000 RDI: 0000000000000300
[  244.204956][ T8759] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  244.212912][ T8759] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  244.220894][ T8759] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  244.228948][ T8759]  </TASK>
[  244.586336][  T944] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  244.765935][  T944] usb 2-1: device descriptor read/64, error -71
[  244.963695][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  244.976037][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  244.991357][   T12] bond0 (unregistering): Released all slaves
[  245.015969][  T941] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  245.096231][  T944] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  245.217851][  T941] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  245.242086][  T941] usb 1-1: config 7 has 1 interface, different from the descriptor's value: 2
[  245.261204][  T941] usb 1-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 0.84
[  245.276436][  T944] usb 2-1: device descriptor read/64, error -71
[  245.291505][  T941] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  245.304504][  T941] usb 1-1: Product: syz
[  245.317528][  T941] usb 1-1: SerialNumber: syz
[  245.367520][  T941] rndis_host 1-1:7.0: skipping garbage
[  245.392379][  T941] usb 1-1: bad CDC descriptors
[  245.398104][  T944] usb usb2-port1: attempt power cycle
[  245.406168][   T54] Bluetooth: hci4: command tx timeout
[  245.429756][  T941] option 1-1:7.0: GSM modem (1-port) converter detected
[  245.637133][ T8746] chnl_net:caif_netlink_parms(): no params data found
[  245.792972][ T8803] netlink: 24 bytes leftover after parsing attributes in process `syz.4.626'.
[  245.812593][ T5274] usb 1-1: USB disconnect, device number 33
[  245.818459][  T944] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  245.828976][ T5274] option 1-1:7.0: device disconnected
[  245.896489][  T944] usb 2-1: device descriptor read/8, error -71
[  245.946199][   T12] hsr_slave_0: left promiscuous mode
[  245.975486][   T12] hsr_slave_1: left promiscuous mode
[  246.005197][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  246.012931][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  246.021206][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  246.029321][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  246.063828][   T12] veth1_macvtap: left promiscuous mode
[  246.076336][   T12] veth0_macvtap: left promiscuous mode
[  246.085184][   T12] veth1_vlan: left promiscuous mode
[  246.095050][   T12] veth0_vlan: left promiscuous mode
[  246.168867][  T944] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  246.216605][  T944] usb 2-1: device descriptor read/8, error -71
[  246.346645][  T944] usb usb2-port1: unable to enumerate USB device
[  246.743093][   T12] team0 (unregistering): Port device team_slave_1 removed
[  246.791030][   T12] team0 (unregistering): Port device team_slave_0 removed
[  247.192125][ T8825] netlink: 4 bytes leftover after parsing attributes in process `syz.1.631'.
[  247.486235][   T54] Bluetooth: hci4: command tx timeout
[  247.826335][ T8746] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.833546][ T8746] bridge0: port 1(bridge_slave_0) entered disabled state
[  247.858907][ T8746] bridge_slave_0: entered allmulticast mode
[  247.878107][ T8746] bridge_slave_0: entered promiscuous mode
[  247.914782][ T8746] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.946166][ T8746] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.953478][ T8746] bridge_slave_1: entered allmulticast mode
[  247.972286][ T8746] bridge_slave_1: entered promiscuous mode
[  248.240201][ T8746] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  248.281487][ T8746] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  248.393110][ T8865] netlink: 'syz.0.641': attribute type 33 has an invalid length.
[  248.402053][ T8865] netlink: 152 bytes leftover after parsing attributes in process `syz.0.641'.
[  248.429453][ T8746] team0: Port device team_slave_0 added
[  248.451321][ T8746] team0: Port device team_slave_1 added
[  248.456980][    C1] vxcan0: j1939_tp_rxtimer: 0xffff888072d0f000: rx timeout, send abort
[  248.465735][    C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff888072d0f000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  248.571905][ T8746] batman_adv: batadv0: Adding interface: batadv_slave_0
[  248.600857][ T8746] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.638449][ T8746] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  248.672926][ T8746] batman_adv: batadv0: Adding interface: batadv_slave_1
[  248.713960][ T8746] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.747690][ T8746] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  249.043843][ T8746] hsr_slave_0: entered promiscuous mode
[  249.062473][ T8746] hsr_slave_1: entered promiscuous mode
[  249.072305][ T8746] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  249.088275][ T8746] Cannot create hsr debugfs directory
[  249.565898][   T54] Bluetooth: hci4: command tx timeout
[  249.566917][   T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.912951][   T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.205392][   T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.481660][   T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.654906][ T5226] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  250.665364][ T5226] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  250.674655][ T5226] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  250.684654][ T5226] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  250.702086][ T5226] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  250.711687][ T5226] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  251.651739][   T54] Bluetooth: hci4: command tx timeout
[  251.697406][   T11] bridge_slave_1: left allmulticast mode
[  251.704969][   T11] bridge_slave_1: left promiscuous mode
[  251.722132][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.781847][   T11] bridge_slave_0: left allmulticast mode
[  251.794588][   T11] bridge_slave_0: left promiscuous mode
[  251.805567][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.771113][   T54] Bluetooth: hci5: command tx timeout
[  252.929840][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  252.954865][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  253.008192][   T11] bond0 (unregistering): Released all slaves
[  253.081033][ T8952] binder: 8951:8952 unknown command 0
[  253.093474][ T8952] binder: 8951:8952 ioctl c0306201 20000080 returned -22
[  253.192016][   T11] tipc: Left network mode
[  253.424615][ T8746] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  253.466820][ T8746] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  253.511048][ T8952] ------------[ cut here ]------------
[  253.517099][ T8952] kernel BUG at drivers/android/binder.c:1173!
[  253.523315][ T8952] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[  253.530274][ T8952] CPU: 1 UID: 0 PID: 8952 Comm: syz.4.664 Not tainted 6.11.0-rc2-syzkaller-00239-g34ac1e82e5a7 #0
[  253.540884][ T8952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  253.550954][ T8952] RIP: 0010:binder_inc_ref_for_node+0xdf7/0xe00
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  253.557231][ T8952] Code: c8 f8 e9 4e fd ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 59 fd ff ff 48 89 df e8 f4 c6 c8 f8 e9 4c fd ff ff e8 aa 80 61 f8 90 <0f> 0b 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90
[  253.576856][ T8952] RSP: 0018:ffffc90009077448 EFLAGS: 00010283
[  253.582951][ T8952] RAX: ffffffff8931f736 RBX: 0000000000000000 RCX: 0000000000040000
[  253.590942][ T8952] RDX: ffffc90009899000 RSI: 000000000000093d RDI: 000000000000093e
[  253.598928][ T8952] RBP: ffff88807f90d020 R08: ffffffff8931f26b R09: 0000000000000000
[  253.606931][ T8952] R10: ffff8880724dc130 R11: ffffed100e49b828 R12: 0000000000000000
[  253.614921][ T8952] R13: dffffc0000000000 R14: ffff88801f781b28 R15: ffff88801f781b10
[  253.622915][ T8952] FS:  0000000000000000(0000) GS:ffff8880b9300000(0063) knlGS:00000000f5786b40
[  253.631878][ T8952] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  253.638482][ T8952] CR2: 0000000000000007 CR3: 000000006ccf0000 CR4: 00000000003506f0
[  253.646480][ T8952] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  253.654474][ T8952] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  253.662469][ T8952] Call Trace:
[  253.665764][ T8952]  <TASK>
[  253.668708][ T8952]  ? __die_body+0x88/0xe0
[  253.673039][ T8952]  ? die+0xcf/0x110
[  253.676846][ T8952]  ? do_trap+0x15a/0x3a0
[  253.681079][ T8952]  ? binder_inc_ref_for_node+0xdf7/0xe00
[  253.686794][ T8952]  ? do_error_trap+0x1dc/0x2c0
[  253.691547][ T8952]  ? binder_inc_ref_for_node+0xdf7/0xe00
[  253.697179][ T8952]  ? __pfx_do_error_trap+0x10/0x10
[  253.702287][ T8952]  ? handle_invalid_op+0x34/0x40
[  253.707316][ T8952]  ? binder_inc_ref_for_node+0xdf7/0xe00
[  253.712943][ T8952]  ? exc_invalid_op+0x38/0x50
[  253.717781][ T8952]  ? asm_exc_invalid_op+0x1a/0x20
[  253.722797][ T8952]  ? binder_inc_ref_for_node+0x92b/0xe00
[  253.728424][ T8952]  ? binder_inc_ref_for_node+0xdf6/0xe00
[  253.734062][ T8952]  ? binder_inc_ref_for_node+0xdf7/0xe00
[  253.739778][ T8952]  ? binder_inc_ref_for_node+0xdf6/0xe00
[  253.745449][ T8952]  binder_ioctl_write_read+0xc7b/0x8d00
[  253.751006][ T8952]  ? __pfx_stack_trace_save+0x10/0x10
[  253.756460][ T8952]  ? __pfx_binder_ioctl_write_read+0x10/0x10
[  253.762526][ T8952]  ? __lock_acquire+0x137a/0x2040
[  253.767554][ T8952]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  253.774059][ T8952]  ? binder_get_thread+0x16e/0x6c0
[  253.779164][ T8952]  ? __pfx_lock_release+0x10/0x10
[  253.784183][ T8952]  ? do_raw_spin_unlock+0x13c/0x8b0
[  253.789374][ T8952]  ? _raw_spin_unlock+0x28/0x50
[  253.794303][ T8952]  ? binder_get_thread+0x178/0x6c0
[  253.799411][ T8952]  binder_ioctl+0x43d/0x1c70
[  253.803996][ T8952]  ? tomoyo_path_number_perm+0x71a/0x880
[  253.809619][ T8952]  ? __lock_acquire+0x137a/0x2040
[  253.814639][ T8952]  ? tomoyo_path_number_perm+0x208/0x880
[  253.820261][ T8952]  ? __pfx_binder_ioctl+0x10/0x10
[  253.825296][ T8952]  ? __fget_files+0x29/0x470
[  253.829973][ T8952]  ? __fget_files+0x3f6/0x470
[  253.834643][ T8952]  ? bpf_lsm_file_ioctl_compat+0x9/0x10
[  253.840188][ T8952]  ? security_file_ioctl_compat+0x87/0xb0
[  253.845898][ T8952]  __se_compat_sys_ioctl+0x51c/0xca0
[  253.851180][ T8952]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  253.856982][ T8952]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  253.862958][ T8952]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  253.869294][ T8952]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  253.875880][ T8952]  ? lockdep_hardirqs_on+0x99/0x150
[  253.881156][ T8952]  __do_fast_syscall_32+0xb4/0x110
[  253.886276][ T8952]  ? exc_page_fault+0x590/0x8c0
[  253.891117][ T8952]  do_fast_syscall_32+0x34/0x80
[  253.895962][ T8952]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  253.902279][ T8952] RIP: 0023:0xf7fd6579
[  253.906337][ T8952] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  253.925933][ T8952] RSP: 002b:00000000f578656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  253.934338][ T8952] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0306201
[  253.942297][ T8952] RDX: 00000000200003c0 RSI: 0000000000000000 RDI: 0000000000000000
[  253.950253][ T8952] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  253.958243][ T8952] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  253.966234][ T8952] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  253.974241][ T8952]  </TASK>
[  253.977255][ T8952] Modules linked in:
[  253.982989][ T8952] ---[ end trace 0000000000000000 ]---
[  253.990895][ T8952] RIP: 0010:binder_inc_ref_for_node+0xdf7/0xe00
[  253.997234][ T8952] Code: c8 f8 e9 4e fd ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 59 fd ff ff 48 89 df e8 f4 c6 c8 f8 e9 4c fd ff ff e8 aa 80 61 f8 90 <0f> 0b 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90
[  254.017042][ T8952] RSP: 0018:ffffc90009077448 EFLAGS: 00010283
[  254.023247][ T8952] RAX: ffffffff8931f736 RBX: 0000000000000000 RCX: 0000000000040000
[  254.031798][ T8952] RDX: ffffc90009899000 RSI: 000000000000093d RDI: 000000000000093e
[  254.040226][ T8952] RBP: ffff88807f90d020 R08: ffffffff8931f26b R09: 0000000000000000
[  254.048409][ T8952] R10: ffff8880724dc130 R11: ffffed100e49b828 R12: 0000000000000000
[  254.056621][ T8952] R13: dffffc0000000000 R14: ffff88801f781b28 R15: ffff88801f781b10
[  254.064625][ T8952] FS:  0000000000000000(0000) GS:ffff8880b9300000(0063) knlGS:00000000f5786b40
[  254.074114][ T8952] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  254.081181][ T8952] CR2: 0000000000000007 CR3: 000000006ccf0000 CR4: 00000000003506f0
[  254.089254][ T8952] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  254.097298][ T8952] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  254.105361][ T8952] Kernel panic - not syncing: Fatal exception
[  254.111685][ T8952] Kernel Offset: disabled
[  254.116002][ T8952] Rebooting in 86400 seconds..