last executing test programs:

8.761702117s ago: executing program 3 (id=619):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, &(0x7f0000003580)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1f}}, 0x10)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x9})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x0, 0x0)
r2 = fanotify_init(0x200, 0x0)
fanotify_mark(r2, 0x1, 0x4800003e, r1, 0x0)
readv(r2, &(0x7f0000000180)=[{&(0x7f00000025c0)=""/4096, 0x1000}], 0x1)
open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10)

7.452548221s ago: executing program 3 (id=621):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100), 0x28200, 0x0)
vmsplice(r0, &(0x7f0000000440), 0x0, 0x2)

7.432090724s ago: executing program 3 (id=623):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x2, 0x2, &(0x7f0000000080)=@raw=[@call={0x85, 0x0, 0x0, 0xae}, @exit], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000014935d1071042c03e9ba0102cc3c0902120001000000000904"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x2, 0x2, &(0x7f0000000080)=@raw=[@call={0x85, 0x0, 0x0, 0xae}, @exit], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000014935d1071042c03e9ba0102cc3c0902120001000000000904"], 0x0) (async)

5.383565187s ago: executing program 3 (id=631):
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a01"], 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="40000000100003040000000000000000", @ANYRES32=0x0, @ANYBLOB="e5fda988000000001800128008000100767469000c000280080004"], 0x40}}, 0x0)
r0 = add_key$user(&(0x7f00000001c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000080)="bc5d", 0x2, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x10000000000)

5.086775741s ago: executing program 2 (id=634):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x140e, 0x500, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_RES_PDN={0x8, 0x3c, 0x4}, @RDMA_NLDEV_ATTR_RES_PDN={0x8, 0x3c, 0x5}, @RDMA_NLDEV_ATTR_RES_PDN={0x8, 0x3c, 0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x4000800) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000200)={'syztnl1\x00', &(0x7f0000000180)={'syztnl1\x00', <r3=>0x0, 0x29, 0x4, 0x7, 0x9, 0x2, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7800, 0x8, 0x52, 0x4}}) (async, rerun: 32)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000240)={@empty, @initdev, <r4=>0x0}, &(0x7f0000000280)=0xc) (async, rerun: 32)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000003c0)={'tunl0\x00', &(0x7f00000002c0)={'tunl0\x00', <r5=>0x0, 0x1, 0x40, 0x3, 0x401, {{0x37, 0x4, 0x2, 0x5, 0xdc, 0x67, 0x0, 0x6, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010102, {[@cipso={0x86, 0x45, 0x3, [{0x5, 0xb, "ff5e40c257295e2b40"}, {0x2, 0x2}, {0x4, 0x3, 'l'}, {0x7, 0x12, "a9890caa5fc778b983441adb27cb119b"}, {0x0, 0xe, "e68427d7f4b8b730c17cc0d1"}, {0x6, 0x2}, {0x0, 0xd, "cd5e1f00585b6d29d0c85d"}]}, @timestamp={0x44, 0x1c, 0xea, 0x0, 0x8, [0x4, 0x2, 0x3, 0x5, 0x81, 0x4]}, @ra={0x94, 0x4}, @generic={0x44, 0x2}, @timestamp={0x44, 0xc, 0x7c, 0x0, 0x4, [0xf136, 0xeea]}, @noop, @timestamp_addr={0x44, 0x1c, 0x99, 0x1, 0x2, [{@dev={0xac, 0x14, 0x14, 0x9}, 0xe6fb}, {@empty, 0x6}, {@rand_addr=0x64010100, 0xab5}]}, @timestamp={0x44, 0x20, 0x62, 0x0, 0x4, [0x757b, 0x8, 0xb15c, 0x6, 0x78f1, 0xa9, 0x7]}, @lsrr={0x83, 0x17, 0x75, [@multicast1, @empty, @local, @local, @multicast2]}]}}}}})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000004c0)={&(0x7f0000000400)={0xa8, 0x0, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x14, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x2c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xc}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}, @MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @remote}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x70}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x39}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)
write(r1, &(0x7f0000000540)="59fee90e1cad90a398771826f2b5464ed5265562cadc5e1a018ea8dca42036472972edaecb7598b5c207fdabcb2286fc75d584a2f05603477fde5211a8", 0x3d) (async)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000580)={0x300000000000000, <r6=>r1, 0x1})
ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, &(0x7f00000005c0)={0x4, r6}) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000740)={r6, <r7=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000800)=@bpf_tracing={0x1a, 0x9, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, [@map_idx_val={0x18, 0x4, 0x6, 0x0, 0xb, 0x0, 0x0, 0x0, 0x1ff}, @call={0x85, 0x0, 0x0, 0xb}, @generic={0x3, 0xd, 0xd, 0x7fff, 0xffffffff}, @map_fd={0x18, 0x3, 0x1, 0x0, r6}]}, &(0x7f0000000680)='GPL\x00', 0x94, 0x0, 0x0, 0x41000, 0x2e9e51d4fa4b606c, '\x00', r5, 0x17, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000700)={0x4, 0x1, 0xfffffbff, 0xbd}, 0x10, 0x1c506, r6, 0x1, &(0x7f0000000780)=[r7, r6], &(0x7f00000007c0)=[{0x0, 0x3, 0x5}], 0x10, 0xba, @value=r6}, 0x94)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async, rerun: 32)
ioctl$TIOCGSID(r6, 0x5429, &(0x7f00000008c0)=<r8=>0x0) (rerun: 32)
r9 = syz_open_procfs(r8, &(0x7f0000000900)='coredump_filter\x00') (async)
syz_open_dev$MSR(&(0x7f0000000940), 0x400, 0x0) (async)
r10 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000980), 0x0, 0x0)
ioctl$TIOCGPGRP(r10, 0x540f, &(0x7f00000009c0))
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r9, 0xc0845657, &(0x7f0000000a00)={0x0, @bt={0x6, 0x4296, 0x0, 0x3, 0x2fc, 0x81, 0x2, 0x0, 0x0, 0x5, 0xffffff66, 0x6, 0x0, 0xf, 0x1, 0x22, {0xeda, 0x3}, 0x71, 0x8}})
ioctl$SCSI_IOCTL_SEND_COMMAND(r9, 0x1, &(0x7f0000000ac0)={0x1000, 0x0, 0x4, "f35639e6b63ab89d8465007680d1374e78391c5dcfb255b8202dca3ba64458857f37c0b83edc47f690c9aedd3f478586d03b0b6067522f87c1f9219bc2718f46036fc950979c9696d0e8bbca6451b051ec6c997fc9fbf6498442173cf069c51e3a183de2561abe036eeeee81b23427efbe3763c455447eb320a473867cc59b7ba6e956443d5fbf943da0e525713bf836692e4c2db434f5645a57893685157b1fd641d3a7a679f383a9734e6de06a0f0db80514459b28a899292be18338a905f7fd4514c8ac7028176fc3a7bf375251d123f891fb2055f69f1b42f3124abb295cb22909eb24d286824b814ff10996bdbe93fc98f02a83ced1427a721e35c9b2607580f3375b91b8b87575cc302b6c33d2c7d19c7da148e02b2a22d30ea51c7802aebee12a8be7233588564a17b1e973747e5c19e6301b9a7a7b255f814a05830df5270e162940459571251f31b2d3cd6d67c4334ec2e64bd540e49eb0a499c85bc56d962b9e3af1b026111ee6fcc026f5e2468cf7a45035b22ca83ddf03f28685a90df6840bb372b09efc07b95624880db626daf026f57a105a872c2e541f6f96308d325fab54bff7fc9aec79b9d0afd4ae96728f13776e2ccc2682ec6cdf5a3a8660d1f462ba3900aa32775d66755234069ae7a62e2d1dc7e9d79cab52d4e2b18b3085b1bf95297e202abf698e95f630b143c009859d74d86a2bf0fa5408e2ae3b504aebf24789425d51a7e4ecd89adbe76da8dd5a4d3408b5ec484a905dd093a85738728544816dbddcc77007b274f8b63cfeddaacced2717101f556b530a71e90ce05689df6b91219b54a28eb1f4416a9c6b1061495792fa459761ef5a88c1c3a0abea887b83d03a415a1f82dbe84095e2ca66ddf4f311def04cc42b5445a52ca3ffcad3eb47c57cdb857c26897957c1b46d5dd73b3b33aac097c92be56b8c7d8077728dbc8b4af91551917f05715b03ca0cfb5aa19d443913d7dce37fefe9edeb79c9aad17bdd1abba8352094cf1971ea252739e16e59a51db8f32202f0f91e5ddf2405eec15b68cffd0de64a0b4bdfd85e3ae6b4fa83d5aa61457e09b4cc7284ea678278211e4bb999d06563159ab45095e6139be0b36e3ed5df8df2cf9721fc35554d8265a4cb5cab7f9ce22ef48c3a5358c87be39cafb0ee112c300f2722c02722af314e38a9670229eb28129d6d82fd0ada57b0ad0b93ba8a6b401169c15dd4c7a11901cc07c676c2ce232c5092601e4c3369a7aef20e4fff3bfadd96ff770c554e00297b682807feae9ec8c40246892fe66e65c2ebdb5cd082a9976e7ecfca969e1dd1ad58c9f2499df952d250b1ce3958d992cc2e97c6f52a486137c899f5aa364c52c45557fad39d0974d13079e21e19df84a885589aac27a6197827676f31daab920d55acd70e18aa10a71ff84d051a80ff1be294fd522d56e13cd81237098ea5abf71ec2231b152ede6263e414fddff1a5ed44cda505b0bf9e9cfa8645f8a14c9b8ae5e59b3c54df27d63208a263826b494f7b6807fe547e93ba2512ec12eef1f904c76f197da62261c06ae3caacc02409b9649a615731cdd74eedb86df051639a0effb277a762061cf9d6693b2f14d622b6b94f11071f9eb7d5a7cbd3a390b4d6648ab97e56b2aff394d3fe54b7223b28418b877d7352b910b2d1e29c120e52ff875e407dea8177eb010beae02cdff5afcbf2f02be2a426ba1672fb9b57b5dba9cd0d89b749d11288f6199300d39e295d30b4a21c2628e3afa0752f44b50a61a500830bd4c035a0feda2c94c5466c16df3cceed7602f483378d28966bdbc2a6caf83134257d579fb2e406e40e91ab2ceae50bf59e069a0418cb4edcaebecf5acec0a9ec02c69a7fd90f8620ad7eda0fa641a89ed9bd3e45d84533112da85144c7b11e7876ee485fca7392834cd2c6e874cfae28b498875beed345554a4c25e1425572fd6ac6bb47678c9f839e818b3217084cd4910499329d3df60bbf88b1797aee1264cfaee94d93430ffa249b1e7451861479cbab87c1d61555fa2103e97174d1a88db1699c65567e34ceec7669bf000a1a19cae92a93e0ac5fe0b28246e1c1b69269b2fa05d1764d779148cec05c899bdb5d89f243afa9876d26e94fd4c8a4c659bca1cbc5f1a7b1e7fe5e2a24702391dbdfdb576acc0f7caaf72b63643ec33706c13714fb4656873ef7d0c3b45472f990f82a50c5b8d77b7efc8e44ddfdf13f3d05c93c100fd6484430fbc89e5302541843982a6db4f70077f55188296c1dfcee7facf1684eedf83e81164728505faa461bcba4442a9ba286c98ddb7872df9391d143c9c765bd51b85953293ecacf872318031a8659e36213e47c3fce27bdfcede811e6e4c108d046986f41f4fbc8f6561a62232d7d07b855fb0d128c187818f52ef671cde88141f81fa7e128f32bd86b0ae5e23673b34437a2bf3eda03cdffbc92c02cef478db6169a0fc65869977a06a370d299bca61e184a34d98396c013555ab43ba236447c86c1de0c8afc09304ed62ff384d6a3799383116d7d23f782d159ca5dce55ce1a678a230b581309b62732a3db3ab65dc983da4e859f5e2180824741fb634daff10e7fcf2d6e3b2ea5e2592cf11fbfb04b7889e605294453865fed04cecb6b8f23953c3cbd9e08a9ebe96582a0759fdc158fa95cd9eef34991de6c982244f60ea286945b38086258ea8830d8decedf310b2e661822840d8a787325df9d9a60686a82c163564f7468659ac7a54f2cbd063be17341c185bbade66fcc08ab82f7f19a3ca2cdd3fa01e72741a9c77dccbcbcc696436ccdc36b489dd6d6d1a02a9e0053c7d6234a70f10c1ad44e975a5e8d8483c2d523c13fd357aadfd5515a202c00b5183ce6534dd41cd58d20053bfc794c9977a7c5c77dfeceb1beff3fcb58da55d84880fa7b2d7d2d119b9c43f5f1af022dfa190d6aec1aca9c1fda2ca8acb103d55acba80ee228f9fdde0c3984aa0dd51c18f7cea3f6130187618325f1e2c7719749d6b40a754cd52f653a446f9bdae8391bc09fa0fc6140b0ac20797ee7cb271b0c5f6d112d61edd98908bd5edb1b718d9f15d93936f9a295f0516ce9eda428763c292fb6768661a3bc0c504c529161e060d3498dc36c7156e447b80e9e19b545bcf8bb6a11e565f3023a704cd51e997763c97d4646da9478f884738ee38a0d7420e96cab9792f26bb6d9f158f90d0013384416f2722deef902e5347b1b665dca1c321617bc07caadc442f97fd727e455b0254e736bc5ed12048392d2237eba44b91f88edbaa9d73abba3e2763f0c1f8c7a07bfd47ffa7deaa45bc8323c7e6618c809e065d38495d0408facc56552cf1b208fa42ca5a33c4f579247dcbbee8a5bddf60358a0ff434f5e9077a9c88640041a5b44312d6ccfa788309813c569f450c43fcbf8b4051768e24ffcb4344594aaf55ae50c6f4fe27020ca0320ac8a0d800c6f434774659e84ef1d438ba89defa0ff232f58faca0cc190c1da1cb8e1b5f61c9c91e8966c585bbc67e82ead7b2e45ee19d1a95e5a7744609a5db443e4c11f0cbe0286a99ec41da8d163416e14963cdb380cf1b8220b659195778bb8627783d49b9a6567da9388c1a735603922a23f3e5ef39cd36aee397accee7c76c8c221f87ef9497453ec2ebccc015f8fe045508825ec4b580347ad118c430c153f5fe6629e5130c68b1452393bb627c0c00228edebca1f392a2e74a692e9ccf26508e85806e3f200c278ca705dcd445507880103a3be81576fb1024f9e5bcf841d5e888514d671ae5b7e6a43cb2589c2c797ef69d1a9b8127ea237420ff8a965381aee769d69c735694cc07c594fae2e82a72578db12395a76ec0008140e255219343976b32da4a5d0f972fcd53076f6a01bd0b7bc3d8d4ad71c057b35e5cff9d5963ba45c2aff0a4b33014c1df939d0b5726035e5f7397f4b33b56f15ba50e6968ad2660aee82771ac5c872e2e2c91d1942d7561e285ed2d83178d079b6d47aef675f38f9c80482395df074eb19c49a0f4025ea76c53f2309cbe5b3305be4e99d556539f4d084de4b6efd8702e43d1a1653972b7990c35db48516386db7d18e1e8b1e5a0403872704d8f2b79f11c0f4d7bbb90da7794eb8edd47d4d0230f1c30f4c41218b91782a2ea96ca531159bdca3a9d99044e9556b2c4622c60cfe610828df5ff94a377d3ca74ee2c6efd55efc34543a7e1bc90e6a71b8a452c4350b9db8de851b7b34b3389ec64b917fbed7ab931e4f94bbe45b10747782a294e8f6dfebf0df1083b4f193623fff5578e919158d7f8b968a68994eecbb54cc503da5c3dd357fcf782d6c9e1ed023d2b2a063eed53689f69563e94c84dc56894dfe9aabd2105f74e806bfcb2b33eddfb8a8644fa934567809a3275ffa7dbd8bd19f5ca95b2f4ce3ecfc6edde82774b71672c9f880d9309e46e589a7e9b10093ff8e9d9f91992833c6dff79ef13d46be6dcef0f4305ec97d4ea1d6f1163d53bfa51b8789b6f8b43707f0eea2a51c904a4f61bfd1085fd4660dd7ea7b71dcbaf9e93e2ada3b8a0c78e174afe1807e7f5d7c33bf210a51cd4ac46971a76a1cf475b0bbc7c4041dac41610dcad1e33c290120088b1226bae128d9fd8b22e9a015e9ec4e42f40a1ca4646b2c93b78edfba4ec71eabbd77da5ab1ba3bc7703599820f4e214f522f7cf529ff519d039bad37ad1bfe6c276a02ad5ae2b187e28b1ed837e1d7f37d220fad3c233908b946f7d82bbac3f43ac6a3c71bb2755196e830af23c487a139e5e4d9b2a308ae7293fbcadb840a70121bbc6431db257bba119d96897167585f8352403b8dc85da36db123e275c8abb7e269f0475b24b1d0d0690dc0744248df5c8f96c3455223104f06b13ed969b597c9dbe22afc4614f86d8bcfc1a5334b5c276e99c93791b535ea6f63bdde2658402ed3b58509a5d2646697b6ed144ec1ddac29acd14d4b9175805dd3948671af9f80bd2a54bab0c5b8a561892c3112cc9a5f67db6dba5228bacc564647fe882be69ee3ace84dc198bffeb0a5c64d2826d39dd6d4a4e837786fbf185f71e4ac1d84a66afb11f30ebc0fbc3f00fbe3279c2505ef1e298f95ea25a9d6af57f5b883879b71a368217f4a7d30c99a6d13b0a3e02ba5b34bd0a308b3d5e785270dde9d2fb8717b631a3d579b2de7c71a192ace4d479b8bdd5e47c49a8a346f482ad5552e950c49d69f7615e27fc33b70e00f747ec741ddd84d1aefdd04be48c568d991f114b208a0666db21e8d0d9283de361311c616bfcf266b24fc1fe142e6336e2ccb36570ce0afc0399fe6ea02624c7cc6eada56067b650144c3a1ac5524bb0542f23b76a6fa72243da7b3d41d79af0dfa669734f53244a9526ad436abd88ef1e4d4fa34cee944a4ce9a9686502f8629626770ab5c8e5dfda2193e7d0e22fa0c4a30246a21980e5adfe28bb48d0f2cac7021a152ab5c1ebde0a04be54120046f39c2dfe718f7271ab8d3c6bfc09ca638ac8da340d60f95b537d85ceb18628bbe6d1abb85576d8698143e4c57f7d3495c30ccacae9a7ab5b840f2486595e31985513950f4f56d8ee62a4fb9636c50201e52773d43496c0fa72f5cda58eef534d54a3a218f5d8f4d9eb1d70db3e10c4d0a1277d6ed65aba814df461957e8168e4e482ecd2b489bf5a225359ab66bb44d8bcdaf1e769399a80d64a6510acc782bf833a853ca9d62a017d1152caf6dca6604e59e81d239ec4d96348cae6412f6e364a4c4427a5ef17959a2bff5a3f7500cd94d0b4294fd067bfadab90af9442e56de6a913a2631"}) (async)
r11 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDDELIO(r11, 0x4b35, 0x7) (async)
write$uinput_user_dev(r6, &(0x7f0000001b00)={'syz0\x00', {0x6, 0x101, 0x229, 0xc}, 0x21, [0x7, 0x5, 0x81, 0x0, 0x9, 0x6, 0xffffffff, 0x6, 0x5, 0x117, 0x101, 0x7ff, 0x8, 0x3, 0x5, 0x8001, 0xbc27, 0x2, 0x436, 0xc, 0x93b, 0x10, 0x2, 0x5, 0x0, 0x50, 0x39d5, 0x0, 0x3, 0x8, 0x875, 0x4, 0x5, 0xffffff01, 0x2, 0x2, 0xb6c, 0x8, 0x1, 0x7, 0x12eceead, 0x3, 0x7fffffff, 0xff, 0x67, 0x101, 0xffff322b, 0xbe9, 0x7, 0x9, 0x7, 0x5, 0x8, 0x7, 0x0, 0x7fff, 0x6, 0x3, 0x1, 0x40, 0x1ff, 0x17d2cd1c, 0xb, 0x3], [0x5, 0x6, 0x8, 0x8, 0xd, 0x95, 0x3, 0x7, 0xffff8001, 0x2, 0x8fc00000, 0x4, 0x5, 0x5, 0x9a, 0x2, 0xb, 0x81, 0x5, 0x4, 0xf, 0x50000, 0x7, 0x0, 0x5, 0x2, 0x10001, 0x3, 0x3, 0x7, 0xdde7, 0x1, 0x401, 0x7f, 0xe, 0x2, 0x1, 0x100, 0x5, 0x1, 0x2, 0x80000001, 0xfff, 0xfffff26f, 0x7, 0xfffff2dc, 0x81, 0x0, 0x9, 0x1, 0x2, 0x2, 0x3, 0x2, 0x6, 0xa7, 0x67abfb86, 0x800, 0x90cf, 0x3b6c, 0xff, 0x200, 0x2, 0x2], [0x10001, 0x5, 0x2, 0xf, 0x5, 0x7, 0x800, 0xf5, 0x5, 0xffff, 0x9, 0x10, 0x5, 0x1, 0xf, 0xfffffffb, 0x150, 0x9, 0x1, 0xe, 0x6, 0xd, 0x8, 0x9, 0x1, 0x6, 0x10, 0x5, 0xd4, 0x5, 0x4, 0x2, 0xa, 0x2, 0xf26, 0x5, 0x0, 0x10, 0x7ff, 0x4, 0x18a, 0x4, 0x7, 0x7ff, 0x9, 0x5, 0x7fff, 0x6, 0x2, 0xffff, 0x1, 0x8, 0x6, 0xd, 0x1, 0x800, 0x4, 0x7, 0x6, 0x1, 0x10000, 0x6, 0x10001, 0xbd0], [0x3, 0x0, 0xfff, 0x1c4, 0xfffffffb, 0x5, 0x531c, 0xfffffffc, 0x7, 0x10000, 0x10001, 0x2, 0x0, 0x5, 0x6, 0xc, 0xfffffffb, 0x3b6, 0x3, 0x8, 0x9, 0xe7cee14, 0x8f7e, 0x0, 0x2, 0x1, 0x152, 0x9c65, 0x7f6, 0x0, 0xffffffff, 0x10, 0x7, 0x3, 0xfda6, 0xb, 0x4, 0x8, 0x3, 0x6, 0x4, 0x0, 0x2, 0x7, 0x3493, 0xa, 0x101, 0xfffff001, 0xfffffffd, 0xbc99, 0x9, 0xffffffff, 0x200, 0x80, 0x4, 0x6, 0x3, 0xe, 0x9, 0x3, 0x4, 0x4, 0xffffffff, 0x1a5a]}, 0x45c) (async)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000020c0)={r9, &(0x7f0000001f80)="62624e44b693f83d01e5286e859c6a224da596573bf6121423bb9426db9d7d50d670417b412c345afd9bee5fe0eeed1176097ced5cc77acc9555db40134112e1abb070f4852bf63d5fe8a3905e586967e51f3ae3fe87a4c2b94caa7113ef265d5f8f8ecdfa500d9df7ecea9d3bfd3b13c565374b41cfd51108", &(0x7f0000002000)=""/175}, 0x20) (async, rerun: 64)
sendmmsg$sock(r0, &(0x7f0000002600)=[{{&(0x7f0000002100)=@tipc=@id={0x1e, 0x3, 0x1, {0x4e23, 0x3}}, 0x80, &(0x7f0000002580)=[{&(0x7f0000002180)="fa3f26e516d8b6a65ce7481d4521d34d53165d", 0x13}, {&(0x7f00000021c0)="a64386c5b6cba19360f88168afb993a740c6559840368aab0efaf3a81df5630354afbf7d0aee4a5d50821f877618a15e35e2ef223cdbf8c8335f6cd1270f1aa952fb534a0f8e19a57272037019abfcf6caa7af7c907a4c276f9e82e599f06b24ece56410eedaec0f4e130ddc5349a1c5cec529691f41c0d7c51b0f64d61ec421500f08caf8fc52e61fd0172253eeef45142b0d4d377aefe2e51f72711e8755476f386f3ec6baa75dc4f723b8", 0xac}, {&(0x7f0000002280)="ac7ba3471ebe1ede9bcbcf169b1491f8aa", 0x11}, {&(0x7f00000022c0)="82af5f12ca2e0cafd430ae3ac63a6c645f740cecabadb3601035d001fef955d1be6e63134b7979a8cb863cc42a64b0de7d6e4d903cb04d6ffcfd3a5794337e7ba6f705aca8aeeee58e67068f7ed3e4ea8db1da44f903bc5829d01952bcb0988f1dd4b11ba1c98b4d81dd0a351974c1e35e0b", 0x72}, {&(0x7f0000002340)="9c65a943b46a48e94ea714a8388a9451784ff8aabb42d174ae2b32089886b3977e972e0a3b84afe6d0cf09e87b4bffe21b1cdf8e0b2cfe0c86b0b8dd423fff06654bdac1455aef815ba9edafcc90218addff991edb7c38caff4f029bedfd90c3512af3b57c4c685c51f6a56fb085bea576dd5d745646f5dbe3da5bbde45d11e354d70c4774e2e2ec49f9f41e8f009a20c80029143602f1d89867e8e88b2c4c6f92a9d8", 0xa3}, {&(0x7f0000002400)="ee4d074c4e100fe40072d7", 0xb}, {&(0x7f0000002440)="f8d9615f5763bdb6dda84611d21e3b611730aed8198b0d3e0dfd1b8a8cbdeb66e9e7d892926e91400c2e50ed778400ed4197b64c35432ee63c4814f3367facaff8969658281b9429ebae3cd9cd962470a22c533559f735afa8d5188fb796a5d029cb43fe90ab8e5dc67dac679fcc6556b037ef78b735f1e9d439191390ffffddc3ce2cefac2667491f05f60edd0ec4fc846e3053bb462dc3cb8c9d4f8884d350dae6b925644acb2a8ac55854e949d1c12ef5268bc5529a122a07a20235549a", 0xbf}, {&(0x7f0000002500)="433203007335e9fcad2e44f8c3f664c16be1c048ea4a97d06c60f661b35f9015a8b1b17263135f4fd75f3cd7640033fb2341e7a031e0e5de136b40aacb2c3219500279159a858bffc7e5914a150f474e20d198c7a2837085060a09f6d7891d29dc297b61aacc5ceb99e65aa359fff7e191516804f141a01f", 0x78}], 0x8}}], 0x1, 0x20000805) (rerun: 64)
read$FUSE(r9, &(0x7f0000002640)={0x2020, 0x0, <r12=>0x0}, 0x2020)
write$FUSE_POLL(r9, &(0x7f0000004680)={0x18, 0x0, r12}, 0x18) (async)
r13 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_ADD_MFC_PROXY(r13, 0x29, 0xd2, &(0x7f00000046c0)={{0xa, 0x4e23, 0x4, @ipv4={'\x00', '\xff\xff', @loopback}, 0x6}, {0xa, 0x4e23, 0x10000, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1, {[0x6, 0xeb, 0x0, 0x9, 0x8, 0xffffffb8, 0x8001, 0xfffffffe]}}, 0x5c)

4.234223184s ago: executing program 3 (id=637):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
socket$inet_sctp(0x2, 0x5, 0x84)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='nilfs2_mdt_submit_block\x00', r0, 0x0, 0x10000}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000001a80)=@filter={'filter\x00', 0x42, 0x4, 0x2d8, 0xffffffff, 0xf8, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x240, 0x240, 0x240, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr, @loopback, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x73}, 0x0, 0xd0, 0xf8, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x3, 0x0, 0x5}}, @common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ip={@private, @loopback, 0x0, 0x0, 'batadv_slave_0\x00', 'dvmrp0\x00'}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x338)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='squashfs\x00', 0x0, 0x0)
sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYRES32=r0], 0x34}, 0x1, 0x0, 0x0, 0x200040c1}, 0x8004)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r5 = socket(0x10, 0x3, 0x6)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x140, 0x0)
ioctl$IOMMU_IOAS_UNMAP$ALL(r7, 0x3b86, &(0x7f0000000800)={0x18})
sendmsg$nl_xfrm(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="f0000000160001000000000000000000ac1414aa00000000000000000000000000000000000000000000000000000000000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="200100000000000000000000000000010000000033000000ac1414aa00000000000000000000000001000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000a0001000000000000000000"], 0xf0}}, 0x0)
socket$inet6(0xa, 0x80000, 0x7f)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000540)={'syz1\x00', {0x4, 0x2, 0x64, 0x3}, 0x28, [0x6dc, 0xf3, 0x18b, 0x7, 0x7, 0x3, 0x88, 0x3, 0x0, 0xa21, 0x4, 0xff, 0x3, 0x5fbe, 0x2, 0x1, 0x1, 0xfffffc01, 0x7, 0x8, 0x0, 0x793, 0xa2, 0xfe, 0x293, 0x3, 0x6, 0xffff, 0x6, 0x1, 0x15f7, 0x7ff, 0x6, 0x6, 0x6c, 0x22d4, 0xfffffffa, 0x2, 0xfffffffe, 0x10001, 0x6, 0x9, 0x6b9, 0x1, 0x4f, 0x101, 0x9, 0x2, 0x7, 0x2, 0x2, 0x1ff, 0x4, 0x8, 0xfff, 0x80, 0x3, 0x1, 0x101, 0x8, 0x6, 0xddf, 0x8, 0x6], [0xffffffff, 0xfffffffb, 0xed49, 0x7, 0xfffeffff, 0x8, 0x8, 0x3, 0x2a0, 0x8, 0x7, 0x0, 0xe, 0x2, 0x3, 0x7cc5f7df, 0x8, 0x0, 0x1edcf298, 0xec000000, 0x6, 0xffffc4c8, 0xc5a3, 0x40000008, 0xffff0001, 0x2040b3, 0xb, 0x4, 0x3, 0xfffffe00, 0x3, 0xadc, 0x9, 0x6c, 0xffff, 0x10000, 0x9, 0x329ddfed, 0x2e, 0xc, 0x3, 0xfff, 0x2, 0x2, 0x80000000, 0xa11, 0x3, 0x0, 0x10, 0xa, 0x7, 0x8, 0x4, 0x2, 0x9, 0x9, 0x7, 0x2510, 0xfffffffc, 0x10001, 0x7, 0xffff8727, 0x400, 0x67], [0x4, 0x80, 0x9637, 0x8, 0xff, 0x400, 0x7ff, 0xcf5, 0x6, 0x2, 0x10001, 0xe4, 0x3, 0xfffffffa, 0x5, 0xe, 0x6, 0x3, 0x2, 0x3, 0xb, 0x9, 0x0, 0x81, 0x401, 0x9, 0x8086, 0x5, 0x5, 0xbd, 0x0, 0x8, 0x2, 0xe, 0x8, 0xc5, 0x6, 0xfffffff9, 0x6, 0x7, 0x0, 0x10001, 0x8, 0x1, 0x9, 0x3e, 0x7, 0x6, 0xffffffc0, 0x1, 0x400, 0x3, 0x1, 0x80000000, 0x0, 0x5, 0x2, 0x7, 0x402, 0x2, 0xfffffffa, 0x3, 0x7fffffff, 0x6], [0x3, 0x10001, 0xe, 0x8, 0xd085, 0x2, 0xfffffffd, 0x9, 0xe8, 0x1, 0x6, 0x7, 0x1a0, 0x2, 0x80000000, 0x3e, 0x3ff, 0x4, 0xb, 0x6cc4e686, 0x2000000b, 0x3, 0x9, 0xd5f, 0x80000001, 0x9, 0x0, 0x7, 0x6151, 0x4, 0xae9b, 0x61d5, 0xf, 0x3, 0x6, 0x6, 0x1, 0x5, 0x8, 0x8001, 0xffffc7c2, 0x7c, 0x80000000, 0x4, 0x0, 0x880c, 0xa, 0x100, 0x0, 0x2, 0x68, 0xc, 0x20000, 0x3, 0x8, 0x9, 0xc, 0x4, 0x6, 0x10, 0x3, 0x61, 0x74, 0xffffffff]}, 0x45c)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000040)={'team0\x00', <r8=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=@newqdisc={0x94, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0x7, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [0xa, 0x0, 0x1, 0xc, 0x1, 0x0, 0x0, 0x0, 0x0, 0xf, 0x8, 0x0, 0x0, 0x0, 0x4], 0x0, [0x4, 0x2, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffc, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0xf4, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}, @qdisc_kind_options=@q_ingress={0xc}]}, 0x94}}, 0x20000080)

4.066788522s ago: executing program 2 (id=640):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

4.008283712s ago: executing program 4 (id=641):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="200025bd7000fedbdf256c00000008000300", @ANYRES32=0x0, @ANYBLOB="0100000012cc62"], 0x24}, 0x1, 0x0, 0x0, 0x810}, 0x4000000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000007000000080001006e00000008000300", @ANYRES32=r6], 0x60}}, 0x0)
sendmsg$NL80211_CMD_STOP_NAN(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r4, 0xae1515781066264f, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x20008841}, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000006380)={0x2020}, 0x2020)
timer_settime(0x0, 0x1, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

3.948890937s ago: executing program 1 (id=643):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000300), 0x8000, 0x0)
read$FUSE(r0, &(0x7f0000000780)={0x2020}, 0x2020) (async)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_FLUSH(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r1, @ANYBLOB="01000000000000000000010000002c000280060002004e2000000800090010000000060002004e210000080007000101000006000f000700000008000400ff7fffff1400028008000600020000000800090008000000080004000200000060000180080009005600000007000600666f00000c0007002000000002000000080008000100000008000b00736970000600010002000000080005"], 0xc4}}, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) (async)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0) (async)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00')
pread64(r3, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000000)
sendmsg$IPVS_CMD_FLUSH(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="0100000000000000000011"], 0x14}}, 0x0)

3.911301166s ago: executing program 2 (id=644):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100), 0x28200, 0x0)
vmsplice(r0, &(0x7f0000000440)=[{&(0x7f00000002c0)="ebf986a54b6bcabdaedcf3d526fd62f4142f42801a1370b4d36374061106eea201e07f92cbf75ace67312d6837ce53c6e9a6e17aedf3dcb2aac5c4631df2c201e76ca86d9575f6a5a5612961fdd68351f4760d6b4832a5593a0432c9e0912438830a2c411b600f0ecfbf40c0a3361428ad184cf559cb849c888fe61c2f64e5b25afa3149e6d51a7ca3c92da23aa265ba97b9ca57693b56405495b1ab7b343594cf04693ba138f6b96342f42a87bb86ca883253b8b1e723673cc743c4806ac49d801932eef042d475298dc8b40d5f413a818ec9f850d52d87057038977c1285dc9f567453686991889a95893c9e19cb745a", 0xf1}], 0x1, 0x2)

3.800152756s ago: executing program 0 (id=645):
r0 = gettid()
syz_clone(0x800, &(0x7f0000000340)="b17ba22b391911d7a43102d2216a71afbb036d550c3e350abcafa7f74c550c558c8a04d5074bbf4a09793818bfcbd51f1e344ea076c457bbc25ef314b3e8da1e", 0x40, &(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000400)="ec28613d24e1e6c2b80d0a8b04512eb6c4a7ae6b3ba3c2a1c60d1d8fbbb9945e66fee2f75c1d80080c03b38dfb20f973d5b41122e60903c98f838e8b4efdba17e7fa66b3295586728c4d99407a5f1559861d91bdf6bd3ae1c944a7fd02c1efe3b9c7105ac39672297dfab657d9c012c38e008810f2eb4031ad312eab12081822b721006ce74ff1f9ce71c4f2d725e3b765e544b5ebb038d38158ab2ff06251")
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000000)=<r1=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)="c6d045d70520549006e5239de3779bbe2520e25bd98e6611edcf3a33200e5bb9110116221db774978c203c0da95e8cfc82c256727309b01c79c2af283f697ef6acf7f18b5440bdbffabba3430ba1d1abf50e1194", 0x54}], 0x1}, 0x4008c)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x202)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r5=>0x0})
bind$can_raw(r4, &(0x7f0000008e00)={0x1d, r5}, 0x10)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r4, 0x65, 0x4, &(0x7f0000000580)=0x1, 0x4)
sendmsg$can_raw(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000140)=@can={{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "5b7ba3698f28aaf0"}, 0x10}}, 0x0)
ioctl$SIOCGSTAMP(r4, 0x8906, 0x0)
recvmmsg(r4, &(0x7f0000000800)=[{{0x0, 0x9, &(0x7f0000000b40)=[{&(0x7f00000006c0)=""/200}, {&(0x7f0000000840)=""/172}, {&(0x7f0000000100)=""/28}, {&(0x7f0000000900)=""/206}, {&(0x7f0000000540)=""/54}, {&(0x7f00000005c0)=""/45}, {&(0x7f0000000a80)=""/167}], 0x40}, 0x10000006}], 0x400000000000330, 0x141, 0x0)
r6 = signalfd(r3, &(0x7f0000000500), 0x8)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r6, 0x40bc5311, &(0x7f0000000600)={0x80, 0x2, 'client0\x00', 0xffffffff80000004, "001400", "e400", 0x800000})
r7 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000002c0), 0x80000, 0x0)
r8 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000a00)=ANY=[@ANYRESOCT=r1, @ANYRES32=r0, @ANYRESHEX=r5, @ANYRES64=0x0, @ANYRES16], 0x0)
syz_usb_control_io$hid(r8, &(0x7f00000000c0)={0x24, &(0x7f00000007c0)=ANY=[@ANYRES8=r2], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r8, 0x0, &(0x7f00000001c0)={0x2c, &(0x7f0000000100)=ANY=[], &(0x7f0000000a40)={0x0, 0xa, 0x1, 0x7}, 0x0, 0x0, 0x0})
mq_notify(r7, &(0x7f0000000bc0)={0x0, 0x806, 0x1, @tid=r0})
ioctl$VIDIOC_ENCODER_CMD(r7, 0xc028564d, &(0x7f00000004c0)={0x1, 0x1, [0x2, 0x3, 0xfffffff3, 0x40006, 0xfffff533, 0x2, 0x1ff, 0x8001]})
syz_open_dev$video4linux(&(0x7f0000000040), 0x4, 0x80)
syz_open_dev$vcsu(&(0x7f0000000180), 0x1, 0x105802)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0xa, 0x300)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/packet\x00')
preadv(r9, &(0x7f0000000000)=[{&(0x7f0000000480)=""/187, 0xbb}], 0x1, 0x4c, 0x0)
select(0x40, &(0x7f0000000200)={0x7, 0x9, 0xc12, 0x0, 0x8001, 0x80000000, 0x2, 0x6}, 0x0, 0x0, &(0x7f0000000340))

3.792452911s ago: executing program 4 (id=646):
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {<r1=>0xffffffffffffffff}}, './file0\x00'})
getsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f00000000c0)={@local, @remote, <r2=>0x0}, &(0x7f0000000300)=0xc)
r3 = syz_open_dev$midi(&(0x7f00000001c0), 0x2, 0x40c01)
writev(r3, &(0x7f0000000140)=[{&(0x7f0000000200)="720e08733a245d4d89a5c41888a6cdeb07316aa2c9c12e47f60e788da5638bf22207c42671fab2b6f17b7e187cb6aa02b05ad6d1fab5bd3589e6091fab3c3d7c86f8e3f2e618ff21d9a2e399df37abd9a6b1eb0bc6b01c63d8f31c87b2f8f08d5ea0ab80795043c222e7ec1ffdad384f11227446bbc2573a9371f273b3b5893e3b17e19510ebed3d75b6c01ab0358ac2f6f5c8c41ca2ad82bf21b4bd1a920017914db1de44b01ece759c7b0449b7ccd185ad9a3cad60b40ad1461deea4dda78e50ea0fd87bdb053e61d2215aa81d031d0de6b6deb86ab1b55bd95237c7902f71424f175bd99f6e68e7fe215f1800833de1057c0a2d9db0d056f59dc6dd2ecb75bf9190407e35734790a15839563f6e3a2fc10c8c0b7caa231f2cbf4544cb16e2813a7807a0e54b772652dc8e4ed41489f91e5d8ee740f11a8402bc15e8b6c85ce8c5f380604334d366012b5f68805e9e0fbdfecee5f89446744d11c5b05db112dce671817b9ea66dd28661c4ea2cf20ad7b59461574a4ddd503f81172c0c0f098d656e640e87c4c10f6a7388269a79bc8ccdc4bc6e5eda196b95bdf4209c039c53fdf91c1d507f0328528687dcfb0bc3aa548e9c4b3c10831f32fdc836421e6f3804d7f3455fc67ae4bda3c015a1404873d23701d19e28cefb7a2f1c3083045335b5c7d5f7e81ca38b27a8c9fc367ffab2fdc4c1edde8f0c86d3a0dfd44aa793f3a30a25bad5114828207d5e25d8a92e16dc989020c87718399704c362114165827b2cd87c5c035afa0943776b9d0167cbfa4c0c9d9956ed3ccd60d4e28dda00e4ae80c5e92e53bc31cb1f273a8aa8a22f1cf5fbcf41e97d35e215ef0ebe48d1ad173038f342461eec39669a6b7e49b84347893a43aae69c7c4a130728751f15119bdb055b0a003e59ce58feced60fc0646436691accbc4ea7198a1ec56417ffb46fbfaad56e80b3bb4f2f9d2bcb75a94e3e08c0cd3ab358f644d93980cd89696455d508ed8eff336a0c51fb756f913091ac4a92b69c995aecd63056769fe07b60556848edbedc9d85bb94df52bb45fb49fe7ae378a46bdbc53fe4c35cfc4d104863dc08720cad04a802d7ea96a01b2d418edfb7866ee0e28e450e223ccc67fa1825b4146b2607d9eb5bf1ace1652f4e4b395ae4422e125e334c410b079a0e43b6e25526ab0c013deb5d2c78d565cabc0560b9ae639affa9b2ce91fd5505006833c05d73314288791f8e1b6b2e7cf87893baa43cb49d66664aab7fab658160caf2bc4e291f8e210cee58d962dc3cff19346e2ac3464c24844015e341b59633f88657e496ad4fa0224fd378f39e240326bcb33ea4a36ab4f401cd15e0fadcdd5290bfc0845e73a785df5809c46572d7601ef9b62c523a6b4f73ec237d0785781f950011591a7a5da9c55f5f57f1ef5c6c482412d6a7c7d7483342afb47c565898f9421a9733f8a8932d4bc7c1be67c0f764d7002745828fcc37a6cb0e2cb50f5431198124174de9c4a0320524c37c15dacc502685b394f502531a77222fe6b96504120f51cd5ed19d85db163e418695c1407aa343043b1888108c3c00c37cf9be5f0f86738375e327ca302db6d5fe341644cc507d3ca85ac21023527d7c6fe27bf4bf922098b8f7616f8e22ea4866e92bc53fc8ecc3767b5ed94e2dbbefb63ce3c7b43413f29a095650603c1ecb5e3962147b52b3d896ccd50464c286b1e7f5b03dedec32e7e988a02e6867805e4394219919f9032e440f24d0f35f313a8588e8fcfafe12365278c41dcbeaf1541646dc83cc6a2c26d6c805c24f7d24bc08ef11dc08cfe744277b939763dfda80f2ffa6d70103e7d2e7519fd80784478e48d1254d39dfedb544b6fad988a1417ebde5a1007cac38c1b0a7d59bd1897cc3a3f8752f349914438f327abde7f9cadd75e202637ef587f6393a96dd6a9f723b8e96de251c83154fb140c18be876d3a1dea93b4c3fc70de26458726cd8526a833cf84d3bf8e1bca44381451d02cf33e3acbe2db44ea4d54eab162aaeb199298557aaa00e1b6574f8c4b367bc06c70221ba734244806298aef143bc25e15d9124cbc66d2271ef83f66010ec6320d0f103aa60896be129a0cf4e4fd24cad14cc02bf0e87dee84319915050fe7ca9553b6d399ebc5726bd445e5bd7b9da010ca088870ecd346862177bc6f918d83a431c48bf2facc41bad7251f91b7d60ad43dab75e4490659786615b796c30f7e1cbeaba66a8ef1e04663128219329e6fc06a8c7f6dd7ba212d6c6b31e5a6c35fa287b6b1f10409a420b40db1bd866bd6d9c7520360edb457e15297f9ecc68e2a42b5edafb86fbb52543c898df7e776756f7a388b132db54ce63df5acb28f8a472fd16e79917c59d627e94509945d45f9524ff1a9c12c240c49f723420499c06c4efdab01b18ea1bb15f69af114dc4f3f9068a7e1b78d251cbf4e60d91180eec5298339059e10a3973ef2b2c5122200fb59e4d60e5255448fe02c258c7afbf606e985d33ecebd4c7a6d4068f0daf2a4da96545f2aa1d65718b3aafde67b128191620d8fec1ea2349871c3aae489cfe7d9bc1f4043e706c99b04d955cd99a4ae6c82da21e4c80dea95e9ab5a56b9d3d235712056f424fa5ea1c169d84a0e5b1f5d1ee5abf0dd360470c3efc9d7c241dbcb31fe4845b30ed4869294f6757af70c99c481c6820dce5dd4866e810d03da56f67ebbaa6ab21d3359413f90d4ed95700089875616e5333570107258f02a1c4ca2eeec1b9df0e47fa3776c224821403bc595f0274fc9f7540364b96ab6eb72607a5372a6947f93e079ec7ae1bf0d2d8ac6acda8692856c51219d9d64a650385e73fbd1c7088a61c031a2f946fae964023dfe982f91e12daa3edd3516d6ff25e71fa981eb4dd8cf9ef2c1bcdca42746b3014ab87ff66ec62e6d424e8a12224d60977a844a3c42f0d95380b129bbe34ff1f4d8cc49f64c7db4ec2511ce3acace6f8fa9530622cd35ec6ec772c05f6691ae67993803f0effa6cca76174f95c5ac0b3027276e2ceda08c8aa24bac29694fd58ffcf67a4b307f508f6dc7b4883d4101d0d77ff7bacb0417d63a9c1617d0135863b51a5214f9b3fd79cc63b1aa178c05406b15f6c3eeaf5462ec7ba43ea6ed6bef2a959e1ca20a889057752ddfce8d17058cf7f3883d7e4f4565fcb3478d79aca32041226ef43ae634b675f8d9a68392fa40d55599b03ab9475f833a2735ea8f7e455a4b5884d447f81af7f2db483f6d548df041f0be0529e435f0871b60cf82260d44839cdc8a7ab4e96cbde18066765379f2aa278393e2ddbba317aba311029a2ab389d84cf688084643763bedf44b5be9bedaac4b910da5085aae4936c0d549157c81c4d019a059bf20739b420b7c34cbe862b5d737132065740dcaa8473d6d3da7038cdf1238fe4e5d2025f95129919f4d4a6151fa0a5558b3855e3cdbad84bb0954bfb8a59a018184f2dffba248c9941c1e870f4855ced394adc00526e924360716c409f3102852a643668072b89ddd72eb412b76912b354dea98d6cb26eb975379f1568b52c5b3e709c721d4701b6edaabe47c27842764474ae67f26842c8196ec4accf5bac9b9b8836443728d6e5a50f83c3cf477bf543d30242b83f50354a5301be812189ead90a7729dc139e5a8b3d90320bd04672fdb2bbb0f1b3d232df0852f83e4b5806b105977d3f1850e6be1cc144a1d283af18d3e6fafe02239f40940cbd9f5cfeada1f21ad6f1dd07ecaf0ca6a946f0c72068bd49ad2050cc6fd3beec18bf5a4556eff86300818eeb7f187d3567da865c9af78090375fb46025de93396ef16d63f7726ee501c9c6b56d7b12c21f59514518441d45971aa19d201a81cfe817c12dbe6233a736c0067004ba433f474868dc273fedfbcb665f2a59457ce1bb07bf5fee2e9d617e9d89c0e6b8f0e44f57e518d61ca0ed9da7a483535b0ef95a879a1509b25f152728476ef42785adaea215897455df73a41af61b803f87d9a46c584df24721d0eb1429981fb583d6d9a27677e8b50e824ec3a746a26cb22cd3e06f1badd28b4c23ea2157e08839a456a4d2c1513a5479f62537fca68b73a40f882053322f468869f1d44a02a460a0ed103d9f5db613a926cf143edc35e9d96f50f13f5eeb46d5501586886b9a75372657ec35008869b39411ab3096b8b60204d05b0bc0d25b3f6f7c1472fb138858f27ecbbee8a15602510f1e570c369860c3ba5eec381f7ed2654edeed5ca645de435949c884fe3ede2baa97d94a75f210316bd84cc1f9424c90ddff791f2dec91005cad15ea2683802f3975d4707b04eb6fa9f8fe30254a9fa8c2343dc414447eeee0e4874f538e5f6895ba8acf6694c54ce0a49ab4d88b477ad0a4d4f3aef499910d7e0ca1d1f1af3d9d82e20d5754993f8ecfd1b5585180a095c55d344d2afaef4c23e65f2280f33e8b2ce9714f4de574b1506d5cd97098b11ffc1ca2b50f37735704169706318940a841099556a51e220e992778682d3c863a6d6fc919c51be53f97643d10a6f6c704e8b86774ec6e7571aff3e70620e7f2ac6292eeb379faa4d6530b2494b8553d729fb4b3901f45f74e7c795fdbbb2df42e170a0718dd41a6b3827f54f5692bf3b61a4dc01b935e9d9e9ea0b77d623f5fb99516f1c8ab5aeab8c77344428a7aab443e2457b3675a836ec0a488590b8549f5efe350833d2345c0ef10424e6be1ba4960545745e42c95b00da3ea82fac4206e05bf4412a5db0db4bccbdaa2d357addafbfd196f90b0a0506c6c3a3f33704cc65d689afe3ba4f025a6a6ee5546ee27441818b94247858189612d98be38a81b85f92110f6fcfc888a3bc4c33b4c15b2a83a7d5c298fb3a4cca4f65eb9d61c9d6a4161be192d7ec1988581dd86eb7c002d8110db7b4699fc545a4436c95dcae1e85cc841a11942124732002e3b80160d2aa9081d62578883c52a863a6b1c224711bda25913300c5535eeda2f7384e2fc086df340f0f24c9298f3e06a9bcbba41793f86e73552b9b58ad49f292130f6510bea2ccea8cbaf2a46c488459f81faf6c0b63a38df0b59d94e2da846de5b5d95674cfb1ae9e300dda4ad2730c020d12f9837bcfb9d232785df7892a22960266eb74850353622d747e6017ec51cef6334ac541a2b0501900c4e665693bec062aac29bcee49ee9aa4ee823d6cb38f5eeb05c81dd2cfdc135656611b080261ea03dd610c887a5bc48dc2d24ef9d4f82c7e5577c2d2c50c320c022d846c84f6813ba1f4c4eb813b26d0c90693ada2e078b11c58bb55e067636e5203bba67b7bc9c550dd2cd178e878df463b58eda9ed3313509464bbe2c9acbe087dbc28c6bf45dcb881b53f9fe31521aee5c66425db00b1d6a77370d060bd78c29fc31f0119292be2931a7fad4a4c82a657dbba5490923a2b39dd9df48a26f867e51e91dfef5bf6c967569ca572502a855c88d84020c508bac725414f72b8ab45f23021c9aec14874ae6f7d88efcc1c5248030100468c0e004ce3a19e0910d8f0e5945c14f969ba873d1abcd925f84ffccf3eeb09f44095899a6ec5221c22f6b3df966253619af3711b0d923102957e5720afc327beb3e0f439654db2d80cafd99f9ff9271a630a2e055959dbc0064712c8f1386fbc0b5da1888e74df4b8a392b337578f201d2fcf2add44f7a58bf7c0464dd3799f5fd7214f2fe3c3138a0f182f2879ca27b486d97087a2754ddf3e97847e3a7c638891c80ce9da6c277df2eba0703aed2dd9b1389e7a53b3549f082ce76e32fa4edc737b1af173481417b6105d66", 0x1000}, {&(0x7f0000001200)='`', 0xf4240}], 0x2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000020000000850000006d00"/24], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, 0x2, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000003600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000008850000000700000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x18)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_dev$vim2m(&(0x7f0000000040), 0x3, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r6, 0xc0405602, &(0x7f0000000000)={0x32, 0x2, 0x0, "444900e1b0faa9b0071c937f7f00002e0c0000ff070000ff0f0000c39b00", 0x494e4f4b})
getsockopt$ax25_int(r1, 0x101, 0x6, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
r7 = socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0xb)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4400000010004b04000023dc5ad93c5c2b7b0000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800500160003000000080004"], 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18}, './file0\x00'}) (async)
getsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f00000000c0)={@local, @remote}, &(0x7f0000000300)=0xc) (async)
syz_open_dev$midi(&(0x7f00000001c0), 0x2, 0x40c01) (async)
writev(r3, &(0x7f0000000140)=[{&(0x7f0000000200)="720e08733a245d4d89a5c41888a6cdeb07316aa2c9c12e47f60e788da5638bf22207c42671fab2b6f17b7e187cb6aa02b05ad6d1fab5bd3589e6091fab3c3d7c86f8e3f2e618ff21d9a2e399df37abd9a6b1eb0bc6b01c63d8f31c87b2f8f08d5ea0ab80795043c222e7ec1ffdad384f11227446bbc2573a9371f273b3b5893e3b17e19510ebed3d75b6c01ab0358ac2f6f5c8c41ca2ad82bf21b4bd1a920017914db1de44b01ece759c7b0449b7ccd185ad9a3cad60b40ad1461deea4dda78e50ea0fd87bdb053e61d2215aa81d031d0de6b6deb86ab1b55bd95237c7902f71424f175bd99f6e68e7fe215f1800833de1057c0a2d9db0d056f59dc6dd2ecb75bf9190407e35734790a15839563f6e3a2fc10c8c0b7caa231f2cbf4544cb16e2813a7807a0e54b772652dc8e4ed41489f91e5d8ee740f11a8402bc15e8b6c85ce8c5f380604334d366012b5f68805e9e0fbdfecee5f89446744d11c5b05db112dce671817b9ea66dd28661c4ea2cf20ad7b59461574a4ddd503f81172c0c0f098d656e640e87c4c10f6a7388269a79bc8ccdc4bc6e5eda196b95bdf4209c039c53fdf91c1d507f0328528687dcfb0bc3aa548e9c4b3c10831f32fdc836421e6f3804d7f3455fc67ae4bda3c015a1404873d23701d19e28cefb7a2f1c3083045335b5c7d5f7e81ca38b27a8c9fc367ffab2fdc4c1edde8f0c86d3a0dfd44aa793f3a30a25bad5114828207d5e25d8a92e16dc989020c87718399704c362114165827b2cd87c5c035afa0943776b9d0167cbfa4c0c9d9956ed3ccd60d4e28dda00e4ae80c5e92e53bc31cb1f273a8aa8a22f1cf5fbcf41e97d35e215ef0ebe48d1ad173038f342461eec39669a6b7e49b84347893a43aae69c7c4a130728751f15119bdb055b0a003e59ce58feced60fc0646436691accbc4ea7198a1ec56417ffb46fbfaad56e80b3bb4f2f9d2bcb75a94e3e08c0cd3ab358f644d93980cd89696455d508ed8eff336a0c51fb756f913091ac4a92b69c995aecd63056769fe07b60556848edbedc9d85bb94df52bb45fb49fe7ae378a46bdbc53fe4c35cfc4d104863dc08720cad04a802d7ea96a01b2d418edfb7866ee0e28e450e223ccc67fa1825b4146b2607d9eb5bf1ace1652f4e4b395ae4422e125e334c410b079a0e43b6e25526ab0c013deb5d2c78d565cabc0560b9ae639affa9b2ce91fd5505006833c05d73314288791f8e1b6b2e7cf87893baa43cb49d66664aab7fab658160caf2bc4e291f8e210cee58d962dc3cff19346e2ac3464c24844015e341b59633f88657e496ad4fa0224fd378f39e240326bcb33ea4a36ab4f401cd15e0fadcdd5290bfc0845e73a785df5809c46572d7601ef9b62c523a6b4f73ec237d0785781f950011591a7a5da9c55f5f57f1ef5c6c482412d6a7c7d7483342afb47c565898f9421a9733f8a8932d4bc7c1be67c0f764d7002745828fcc37a6cb0e2cb50f5431198124174de9c4a0320524c37c15dacc502685b394f502531a77222fe6b96504120f51cd5ed19d85db163e418695c1407aa343043b1888108c3c00c37cf9be5f0f86738375e327ca302db6d5fe341644cc507d3ca85ac21023527d7c6fe27bf4bf922098b8f7616f8e22ea4866e92bc53fc8ecc3767b5ed94e2dbbefb63ce3c7b43413f29a095650603c1ecb5e3962147b52b3d896ccd50464c286b1e7f5b03dedec32e7e988a02e6867805e4394219919f9032e440f24d0f35f313a8588e8fcfafe12365278c41dcbeaf1541646dc83cc6a2c26d6c805c24f7d24bc08ef11dc08cfe744277b939763dfda80f2ffa6d70103e7d2e7519fd80784478e48d1254d39dfedb544b6fad988a1417ebde5a1007cac38c1b0a7d59bd1897cc3a3f8752f349914438f327abde7f9cadd75e202637ef587f6393a96dd6a9f723b8e96de251c83154fb140c18be876d3a1dea93b4c3fc70de26458726cd8526a833cf84d3bf8e1bca44381451d02cf33e3acbe2db44ea4d54eab162aaeb199298557aaa00e1b6574f8c4b367bc06c70221ba734244806298aef143bc25e15d9124cbc66d2271ef83f66010ec6320d0f103aa60896be129a0cf4e4fd24cad14cc02bf0e87dee84319915050fe7ca9553b6d399ebc5726bd445e5bd7b9da010ca088870ecd346862177bc6f918d83a431c48bf2facc41bad7251f91b7d60ad43dab75e4490659786615b796c30f7e1cbeaba66a8ef1e04663128219329e6fc06a8c7f6dd7ba212d6c6b31e5a6c35fa287b6b1f10409a420b40db1bd866bd6d9c7520360edb457e15297f9ecc68e2a42b5edafb86fbb52543c898df7e776756f7a388b132db54ce63df5acb28f8a472fd16e79917c59d627e94509945d45f9524ff1a9c12c240c49f723420499c06c4efdab01b18ea1bb15f69af114dc4f3f9068a7e1b78d251cbf4e60d91180eec5298339059e10a3973ef2b2c5122200fb59e4d60e5255448fe02c258c7afbf606e985d33ecebd4c7a6d4068f0daf2a4da96545f2aa1d65718b3aafde67b128191620d8fec1ea2349871c3aae489cfe7d9bc1f4043e706c99b04d955cd99a4ae6c82da21e4c80dea95e9ab5a56b9d3d235712056f424fa5ea1c169d84a0e5b1f5d1ee5abf0dd360470c3efc9d7c241dbcb31fe4845b30ed4869294f6757af70c99c481c6820dce5dd4866e810d03da56f67ebbaa6ab21d3359413f90d4ed95700089875616e5333570107258f02a1c4ca2eeec1b9df0e47fa3776c224821403bc595f0274fc9f7540364b96ab6eb72607a5372a6947f93e079ec7ae1bf0d2d8ac6acda8692856c51219d9d64a650385e73fbd1c7088a61c031a2f946fae964023dfe982f91e12daa3edd3516d6ff25e71fa981eb4dd8cf9ef2c1bcdca42746b3014ab87ff66ec62e6d424e8a12224d60977a844a3c42f0d95380b129bbe34ff1f4d8cc49f64c7db4ec2511ce3acace6f8fa9530622cd35ec6ec772c05f6691ae67993803f0effa6cca76174f95c5ac0b3027276e2ceda08c8aa24bac29694fd58ffcf67a4b307f508f6dc7b4883d4101d0d77ff7bacb0417d63a9c1617d0135863b51a5214f9b3fd79cc63b1aa178c05406b15f6c3eeaf5462ec7ba43ea6ed6bef2a959e1ca20a889057752ddfce8d17058cf7f3883d7e4f4565fcb3478d79aca32041226ef43ae634b675f8d9a68392fa40d55599b03ab9475f833a2735ea8f7e455a4b5884d447f81af7f2db483f6d548df041f0be0529e435f0871b60cf82260d44839cdc8a7ab4e96cbde18066765379f2aa278393e2ddbba317aba311029a2ab389d84cf688084643763bedf44b5be9bedaac4b910da5085aae4936c0d549157c81c4d019a059bf20739b420b7c34cbe862b5d737132065740dcaa8473d6d3da7038cdf1238fe4e5d2025f95129919f4d4a6151fa0a5558b3855e3cdbad84bb0954bfb8a59a018184f2dffba248c9941c1e870f4855ced394adc00526e924360716c409f3102852a643668072b89ddd72eb412b76912b354dea98d6cb26eb975379f1568b52c5b3e709c721d4701b6edaabe47c27842764474ae67f26842c8196ec4accf5bac9b9b8836443728d6e5a50f83c3cf477bf543d30242b83f50354a5301be812189ead90a7729dc139e5a8b3d90320bd04672fdb2bbb0f1b3d232df0852f83e4b5806b105977d3f1850e6be1cc144a1d283af18d3e6fafe02239f40940cbd9f5cfeada1f21ad6f1dd07ecaf0ca6a946f0c72068bd49ad2050cc6fd3beec18bf5a4556eff86300818eeb7f187d3567da865c9af78090375fb46025de93396ef16d63f7726ee501c9c6b56d7b12c21f59514518441d45971aa19d201a81cfe817c12dbe6233a736c0067004ba433f474868dc273fedfbcb665f2a59457ce1bb07bf5fee2e9d617e9d89c0e6b8f0e44f57e518d61ca0ed9da7a483535b0ef95a879a1509b25f152728476ef42785adaea215897455df73a41af61b803f87d9a46c584df24721d0eb1429981fb583d6d9a27677e8b50e824ec3a746a26cb22cd3e06f1badd28b4c23ea2157e08839a456a4d2c1513a5479f62537fca68b73a40f882053322f468869f1d44a02a460a0ed103d9f5db613a926cf143edc35e9d96f50f13f5eeb46d5501586886b9a75372657ec35008869b39411ab3096b8b60204d05b0bc0d25b3f6f7c1472fb138858f27ecbbee8a15602510f1e570c369860c3ba5eec381f7ed2654edeed5ca645de435949c884fe3ede2baa97d94a75f210316bd84cc1f9424c90ddff791f2dec91005cad15ea2683802f3975d4707b04eb6fa9f8fe30254a9fa8c2343dc414447eeee0e4874f538e5f6895ba8acf6694c54ce0a49ab4d88b477ad0a4d4f3aef499910d7e0ca1d1f1af3d9d82e20d5754993f8ecfd1b5585180a095c55d344d2afaef4c23e65f2280f33e8b2ce9714f4de574b1506d5cd97098b11ffc1ca2b50f37735704169706318940a841099556a51e220e992778682d3c863a6d6fc919c51be53f97643d10a6f6c704e8b86774ec6e7571aff3e70620e7f2ac6292eeb379faa4d6530b2494b8553d729fb4b3901f45f74e7c795fdbbb2df42e170a0718dd41a6b3827f54f5692bf3b61a4dc01b935e9d9e9ea0b77d623f5fb99516f1c8ab5aeab8c77344428a7aab443e2457b3675a836ec0a488590b8549f5efe350833d2345c0ef10424e6be1ba4960545745e42c95b00da3ea82fac4206e05bf4412a5db0db4bccbdaa2d357addafbfd196f90b0a0506c6c3a3f33704cc65d689afe3ba4f025a6a6ee5546ee27441818b94247858189612d98be38a81b85f92110f6fcfc888a3bc4c33b4c15b2a83a7d5c298fb3a4cca4f65eb9d61c9d6a4161be192d7ec1988581dd86eb7c002d8110db7b4699fc545a4436c95dcae1e85cc841a11942124732002e3b80160d2aa9081d62578883c52a863a6b1c224711bda25913300c5535eeda2f7384e2fc086df340f0f24c9298f3e06a9bcbba41793f86e73552b9b58ad49f292130f6510bea2ccea8cbaf2a46c488459f81faf6c0b63a38df0b59d94e2da846de5b5d95674cfb1ae9e300dda4ad2730c020d12f9837bcfb9d232785df7892a22960266eb74850353622d747e6017ec51cef6334ac541a2b0501900c4e665693bec062aac29bcee49ee9aa4ee823d6cb38f5eeb05c81dd2cfdc135656611b080261ea03dd610c887a5bc48dc2d24ef9d4f82c7e5577c2d2c50c320c022d846c84f6813ba1f4c4eb813b26d0c90693ada2e078b11c58bb55e067636e5203bba67b7bc9c550dd2cd178e878df463b58eda9ed3313509464bbe2c9acbe087dbc28c6bf45dcb881b53f9fe31521aee5c66425db00b1d6a77370d060bd78c29fc31f0119292be2931a7fad4a4c82a657dbba5490923a2b39dd9df48a26f867e51e91dfef5bf6c967569ca572502a855c88d84020c508bac725414f72b8ab45f23021c9aec14874ae6f7d88efcc1c5248030100468c0e004ce3a19e0910d8f0e5945c14f969ba873d1abcd925f84ffccf3eeb09f44095899a6ec5221c22f6b3df966253619af3711b0d923102957e5720afc327beb3e0f439654db2d80cafd99f9ff9271a630a2e055959dbc0064712c8f1386fbc0b5da1888e74df4b8a392b337578f201d2fcf2add44f7a58bf7c0464dd3799f5fd7214f2fe3c3138a0f182f2879ca27b486d97087a2754ddf3e97847e3a7c638891c80ce9da6c277df2eba0703aed2dd9b1389e7a53b3549f082ce76e32fa4edc737b1af173481417b6105d66", 0x1000}, {&(0x7f0000001200)='`', 0xf4240}], 0x2) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000020000000850000006d00"/24], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, 0x2, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000003600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000008850000000700000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x18) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10) (async)
syz_open_dev$vim2m(&(0x7f0000000040), 0x3, 0x2) (async)
ioctl$vim2m_VIDIOC_ENUM_FMT(r6, 0xc0405602, &(0x7f0000000000)={0x32, 0x2, 0x0, "444900e1b0faa9b0071c937f7f00002e0c0000ff070000ff0f0000c39b00", 0x494e4f4b}) (async)
getsockopt$ax25_int(r1, 0x101, 0x6, &(0x7f0000000380), &(0x7f00000003c0)=0x4) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) (async)
umount2(&(0x7f0000000040)='./file0\x00', 0xb) (async)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4400000010004b04000023dc5ad93c5c2b7b0000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800500160003000000080004"], 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async)

3.778640447s ago: executing program 2 (id=647):
r0 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x85, &(0x7f0000000000), 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000780)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@struct={0x5, 0x0, 0x0, 0xf, 0x0, 0x8}]}, {0x0, [0x5f, 0x2e, 0x0, 0x2e, 0x61]}}, &(0x7f00000000c0)=""/254, 0x2b, 0xfe, 0xa, 0x2, 0x0, @void, @value}, 0x28)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r1, 0x7)
r2 = io_uring_setup(0x2237, &(0x7f0000000880)={0x0, 0xf819, 0x800, 0x2, 0x159})
accept4$unix(r1, 0x0, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
r6 = syz_io_uring_setup(0x10e, &(0x7f00000001c0)={0x0, 0x4, 0x100}, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r9 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x4d, 0x0, 0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0\x00', r9, 0x1000})
io_uring_enter(r6, 0x7ffe, 0x184c, 0x2, 0x0, 0x0)

3.716590513s ago: executing program 1 (id=648):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0xa, 0x9, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x7b)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4, 0x10, r0, 0x52d0e000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0x11, 0x20000000000000a, 0x300)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
syz_emit_ethernet(0xad, &(0x7f0000000240)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}, @val={@void, {0x8864}}, {@generic={0x5, "e1c44c8cfd2bd1dff4b747024268ac5d7913fcb5f53b1ee36f7743e8d1da486e24c7316025298511ac5ee47a919d5ab6d34eb81c5e9353a2e8a3be0439f2029ba745ced34049ee6e68fa23752b1ade206f65783d83e3f961b0567490f37aa2c5c9e41661e7b8bf0953e83691eb5afc1d1d2cd39e42cee67a6ca78b6bced077138fb618b365386f8b2f29636d2ce1e40f55bde16916996c40f55321"}}}, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0), 0x2801, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0x12, &(0x7f0000000300)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@map_fd={0x18, 0x3, 0x1, 0x0, r0}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000200)="9e36d448b388dd965f7a3312779a", 0x0, 0x0, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.565566687s ago: executing program 1 (id=649):
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x12, 0xc, &(0x7f0000000fc0)=ANY=[@ANYBLOB="1800000000000000000000000000100085000000bb000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x26, '\x00', 0x0, @cgroup_sock_addr=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

3.476248937s ago: executing program 4 (id=650):
socket$pptp(0x18, 0x1, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="68000000071401"], 0x68}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=@newlink={0x2c, 0x10, 0x801, 0x0, 0x4, {0x0, 0x0, 0x0, 0x0, 0x4000, 0x4a080}, [@IFLA_XDP={0x4}, @IFLA_GROUP={0x8}]}, 0x2c}}, 0x0)

2.507441307s ago: executing program 1 (id=651):
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB=' '], 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x2000004)
syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=<r0=>0x0, &(0x7f0000000000)=<r1=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x1)
mlock(&(0x7f0000626000/0x5000)=nil, 0x5000)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x40800)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r5, 0xc058534f, &(0x7f0000002380)={{0x0, 0x1}, 0x0, 0x0, 0x2, {0x4, 0x1}, 0x3, 0x800})
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x195)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000020000000000f400040000f40000000020"], 0x1c, 0x1)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x2, 0x2, 0x0, 0x2, 0xd, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x8, 0x8, 0x0, "fd"}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0xa0000000}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xff}}}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @empty}}, @sadb_x_nat_t_type={0x1}]}, 0x68}, 0x1, 0x7}, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x8001}, 0x8)
getsockopt$bt_hci(r6, 0x84, 0x7f, &(0x7f0000000080)=""/4057, &(0x7f0000000000)=0xfd9)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r0, r1, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})

1.91662604s ago: executing program 4 (id=652):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[], 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001200000008000800030000000800090003000000180001801400020076657468305f746f5f626f6e640000000800070000000000080006"], 0x4c}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000600)={0x84, &(0x7f0000001000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = memfd_secret(0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r3, 0x114, 0x7, &(0x7f0000000700)={@qipcrtr={0x2a, 0xffffffffffffffff}, {&(0x7f0000000000)=""/24, 0x18}, &(0x7f00000006c0)}, 0xa0)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r3, 0x0)
mmap$binder(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
syz_usb_connect(0x6, 0x1fa, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0x4, 0x64, 0x10, 0x10, 0x413c, 0x8128, 0x95a5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1e8, 0x2, 0x5, 0x6, 0x0, 0x8, [{{0x9, 0x4, 0x4d, 0xfb, 0x1, 0x8e, 0x39, 0xaa, 0x26, [], [{{0x9, 0x5, 0xe, 0x1, 0x400, 0x8, 0xf, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x3a, 0xe}]}}]}}, {{0x9, 0x4, 0x7b, 0x1, 0x5, 0x47, 0x33, 0xd1, 0x7, [@cdc_ncm={{0x7, 0x24, 0x6, 0x0, 0x1, '|J'}, {0x5, 0x24, 0x0, 0xf}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x2, 0xd6, 0x10}, {0x6, 0x24, 0x1a, 0x9, 0x14}, [@country_functional={0xa, 0x24, 0x7, 0x6, 0x9, [0x6, 0x3ff]}]}, @cdc_ncm={{0x9, 0x24, 0x6, 0x0, 0x1, "165cf564"}, {0x5, 0x24, 0x0, 0x7}, {0xd, 0x24, 0xf, 0x1, 0x1af1, 0xbc6a, 0x2, 0xea}, {0x6, 0x24, 0x1a, 0x9, 0x4}}], [{{0x9, 0x5, 0x7, 0x10, 0x200, 0xb4, 0x2, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x4, 0x800}]}}, {{0x9, 0x5, 0x3, 0x1, 0x20, 0xc4, 0x1, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0xc}, @generic={0x78, 0xf, "d48bbf49a8600e62f2e1f97a1b952077c58e02012d14567657cca3d01d3d88c1c8a622fa832cb273d3152388c86b3d74dd0fef259c8995c8163f31181b4d60bb02714b6b66b675d6d3590c5388324bb29ba41188469b67c9216524565f6271600a2f9c0fbc7396a32e1f18eca2b7277ef34a8c31e30a"}]}}, {{0x9, 0x5, 0x3, 0xc, 0x400, 0x1c, 0xf, 0xd8, [@generic={0xc0, 0x22, "680fdcd94a66ccdd153c33d4e509ca50248349cb9d81a19e5cefe7fd52ab9317f8151a83a0743c356702518b4e972daa60be74b8375cf42b0aa9443b2b9ec4209491dff915310f4b5357720cc8a90e543950b7e90038e2c6ab80d6e09e259ba13ad5da8985a16b34d1f1885f9d0b7825ed80f7366fd39aae0538684724ecd7e574a0444b011bc5893590cc47eddc69d0e7ffdd50ab2181419d86538d70bb635734fbf11d64011c0775847a9aa4ecb9b6ca5aee44fe2f67e8d8482d2ef166"}]}}, {{0x9, 0x5, 0xf, 0x10, 0x20, 0x5d, 0x4, 0x4}}, {{0x9, 0x5, 0x1, 0x0, 0x0, 0x6, 0x3, 0x5}}]}}]}}]}}, &(0x7f0000000580)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x201, 0x2a, 0xff, 0x4, 0x10, 0x2}, 0x108, &(0x7f0000000280)=ANY=[@ANYBLOB="050f08010614100a7bc20000000f0f0600c0c00000c000000007100214a3640e0b10010433007f070300081410040ff3b5323ca5f2e7c9d73916c76120904abe100a90754acb2926a90cfc780cb56d31e677fc55303d4c71a1e594705c4c565252f85040b954ef4db4c8407934bad79677b10def82154724991a5d7164176cf6004000034b10e39a9b9d6cb59d16682e4a3dae7f6387859f8723914a845d8becb9633615e3e117bc100e0d0487f3fcbe722b99ac86d22d3a5d57ae9250b1d2c7de0958ad65bdbf23c73d23f6ead5c7065e4e271b0a9adab6d49be81f531ec6fcc4a5e942f267601118a88d6351badcab2f0b10010c200008fe04000700"/264], 0x4, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x2c09}}, {0xad, &(0x7f0000000400)=@string={0xad, 0x3, "c02c2277d72c7fc73d78309ed6d6e0c9639a160d2d8b0cc52b9352fda82b9f27ff2c087068e899d65581285596adb2124e1281f1701950016f4dab0032e6fd853a4e0bb57c63895b1eff302a18eec443f52cc0a38b4d4416b541d55c65d12f62e766ed71a2f165f50c1feafd206cc7494fd8bdab5cd52f2649eb4acac91a686e350c7800abfa05f013cd1a85660fd4f61536983ba72e0af6ee7c9acdc8c05929ac8ebdaeab5a1643483d34"}}, {0x4, &(0x7f00000004c0)=@lang_id={0x4, 0x3, 0x409}}, {0x7c, &(0x7f0000000500)=@string={0x7c, 0x3, "cfcc22f5988e3b2a5884dafba7bff98541a2f22c147dce280633a2f3185935e84d56e64f50087e22c435fb0eb40923286cad10654e12d393b4cfdf947de98446932cf1809e9b8b7ecffe529d5a4c3f941408c60fec2e93df76bf03350463d2f5d1f08efe2d595e66e786ef274d31b4fee3b66c87143699aed05c"}}]})

1.915165382s ago: executing program 0 (id=653):
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r0 = mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x0, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x6, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x6, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$VHOST_SET_VRING_ENDIAN(r1, 0x4008af13, &(0x7f0000000440)={0x1, 0xffffffb3})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001500)={0x11, 0x3, &(0x7f0000001040)=ANY=[@ANYRES32=r1, @ANYRESHEX=r0, @ANYRESHEX=r0, @ANYRES32=0x0], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000015c0)={&(0x7f0000001100)='xen_mmu_flush_tlb_multi\x00', r1, 0x0, 0x4}, 0x18)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000001000), 0x111041)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r4 = accept4(r3, 0x0, 0x0, 0x0)
read$alg(r4, &(0x7f0000000000)=""/20, 0x14)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r5, &(0x7f0000000140)={0x2, 0x4e24, @local}, 0x10)
connect$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @multicast2}, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x8080}, 0x4000090)
r6 = fcntl$dupfd(r2, 0x406, r2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0xc08c5335, &(0x7f0000000180)={0x0, 0x80, 0xfffffffd})
mq_timedsend(r0, 0x0, 0x0, 0xfffffffffffffffe, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="ec0300", @ANYRES32=r9, @ANYBLOB="24007a809efe03004ef8cb0000c94def140001001b4dc62c03e2e9ff182f9b05d6dddea6"], 0x40}}, 0x4000840)
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f0000001080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="00082dbd7000ffdbdf25060008000a001800030303e2020300000a0018000303030303030000751a5513685535c528c1fd62d617d64d63a4c7f8a2f15c21cefb5b72c4f97ef861834f39c1d1d357d2f7c2cc51c5dc"], 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x840)
close(r0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

892.470926ms ago: executing program 1 (id=654):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

874.370682ms ago: executing program 0 (id=655):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000020000000000000f9ffff0b85000000070000008500000007"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0) (async)
socket$inet_udp(0x2, 0x2, 0x0) (async)
r2 = socket(0x10, 0x803, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x6)
syz_open_dev$I2C(&(0x7f00000000c0), 0x0, 0x0) (async)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYRES16], 0x3c}, 0x1, 0x0, 0x0, 0x8881}, 0x8000) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000) (async)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) (async)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f00000000c0)='westwood\x00', 0x9)
sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)

855.726848ms ago: executing program 1 (id=656):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x96, 0x52041)
r1 = mq_open(&(0x7f00000000c0)='.\\{*\'\x00', 0x40, 0xa0, &(0x7f0000000100)={0x4eb60180, 0x8000, 0x6, 0x3})
mq_timedsend(r1, &(0x7f0000000140)="d81818cce0438be76b6aa2ea1ce12f15de17cd4723460dd5fe33be76af815ab112a524a5e0a853674558d039404420d30c9e7b3a07861c821ac6155a6e286b658a449d76b91380047f9905c34f4d0253ef2674d84937ccb6fa9d8163d4b187651364dc48ca35eb86c73ca07b525a1c5325b0352610570df41c6a4355b64290fdba6792c313310d03002992b7a903db1c1d436aa46555473549e61c", 0x9b, 0x400, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x7c4c, 0x8, 0xe})
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x49, 0x71, 0x4c, 0x40, 0x93a, 0x2623, 0xb214, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x65, 0x0, 0x0, 0xde, 0x75, 0xf5}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r2, 0x0, 0x0)
syslog(0x4, &(0x7f0000000200)=""/174, 0xae)

792.373521ms ago: executing program 2 (id=657):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100), 0x28200, 0x0)
vmsplice(r0, &(0x7f0000000440)=[{0x0}], 0x1, 0x2)

754.510553ms ago: executing program 0 (id=658):
memfd_secret(0x0)
getsockopt$SO_COOKIE(0xffffffffffffffff, 0x1, 0x47, 0x0, &(0x7f00000000c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000040)={0x400, 0x3, 0x8}, 0x8)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b00)={r3, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
sendto$inet(r1, &(0x7f0000000100)="ab", 0x34000, 0x40048c4, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
clock_gettime(0x0, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x400000001, &(0x7f0000000300)={<r5=>0xffffffffffffffff}, 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @loopback}, {0xa, 0x0, 0xfffffffe, @empty}, r5}}, 0x48)
write$RDMA_USER_CM_CMD_QUERY(r4, &(0x7f0000000040)={0x13, 0x10, 0xfa00, {&(0x7f0000000780), r5, 0x2}}, 0x18)

753.357119ms ago: executing program 3 (id=659):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x10837, &(0x7f0000000340)={0x0, 0x8922, 0x80, 0x0, 0x3db}, 0x0, &(0x7f0000000140))
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
execve(&(0x7f0000019100)='./file0\x00', 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0cc5605, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = dup(0xffffffffffffffff)
r3 = fsopen(&(0x7f0000000180)='hfs\x00', 0x1)
r4 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r5 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
mmap(&(0x7f00003c8000/0x3000)=nil, 0x3000, 0x2000005, 0x10, 0xffffffffffffffff, 0x56ec6000)
ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5)
sendfile(r4, r4, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r4, 0x4c02, &(0x7f0000000280)={0x0, {}, 0x0, {}, 0x40000001, 0x4, 0xb, 0x0, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef33f86bf01933bdb6fd7ecdd91b59ca8d541", "78042a8bde94000000008d030000004f07b84819ffdf4a0400", [0x7fffffff, 0xb]})
ioctl$LOOP_SET_STATUS(r4, 0x4c02, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r4)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
lsm_get_self_attr(0x0, 0x0, 0x0, 0x0)
write$6lowpan_enable(r2, 0x0, 0x0)

236.656068ms ago: executing program 2 (id=660):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=@newlink={0x48, 0x10, 0xa01, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x10}, @IFLA_MACSEC_CIPHER_SUITE={0xc, 0x4, 0x80c20001000003}]}}}]}, 0x48}}, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x10837, &(0x7f0000000340)={0x0, 0xfdd8, 0x8000, 0x0, 0x3db}, 0x0, &(0x7f0000000140))
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
execve(&(0x7f0000019100)='./file0\x00', 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0cc5605, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = dup(0xffffffffffffffff)
r4 = fsopen(&(0x7f0000000180)='hfs\x00', 0x1)
r5 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r6 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
mmap(&(0x7f00003c8000/0x3000)=nil, 0x3000, 0x2000005, 0x10, 0xffffffffffffffff, 0x56ec6000)
ioctl$LOOP_CHANGE_FD(r5, 0x4c00, r6)
sendfile(r5, r5, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r5, 0x4c02, &(0x7f0000000280)={0x0, {}, 0x0, {}, 0x40000001, 0x4, 0xb, 0x0, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef33f86bf01933bdb6fd7ecdd91b59ca8d541", "78042a8bde94000000008d030000004f07b84819ffdf4a0400", [0x7fffffff, 0xb]})
ioctl$LOOP_SET_STATUS(r5, 0x4c02, 0x0)
ioctl$LOOP_CHANGE_FD(r5, 0x4c06, r5)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x85a0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
lsm_get_self_attr(0x0, 0x0, 0x0, 0x0)
write$6lowpan_enable(r3, 0x0, 0x0)

167.647223ms ago: executing program 0 (id=661):
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x12, 0xc, &(0x7f0000000fc0)=ANY=[@ANYBLOB="1800000000000000000000000000100085000000bb000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x26, '\x00', 0x0, @cgroup_sock_addr=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

116.362473ms ago: executing program 4 (id=662):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$inet_sctp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000003c0)='l', 0x1}], 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="20000000000001008400000002000000040041000000000000000000", @ANYRES32=0x0, @ANYBLOB='0'], 0x50, 0x24048800}, 0x10)

82.007693ms ago: executing program 4 (id=663):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, 0x0)
creat(0x0, 0xd931d3864d39ddd8)
r2 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0x4]}, 0x8)
read(r2, &(0x7f0000000740)=""/377, 0x179)
timer_create(0x9, &(0x7f0000000180)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f00000000c0)=<r3=>0x0)
timer_settime(r3, 0x0, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x18})
r4 = signalfd4(0xffffffffffffffff, &(0x7f00000003c0)={[0x1fffffffff]}, 0x8, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{r0, <r5=>0xffffffffffffffff}, &(0x7f0000000280), &(0x7f0000000300)='%-010d \x00'}, 0x20)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x1, 0x70bd27, 0xa5dfdbfb, {0x0, 0x0, 0x0, r8, 0x64e10, 0x16201}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x14, 0x5, 0x0, 0x1, [@IFLA_BRPORT_STATE={0x5, 0x1, 0x2}, @IFLA_BRPORT_BACKUP_PORT={0x8, 0x22, r8}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x404c000}, 0x2)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r4, 0xe0, &(0x7f0000000f80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000580)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f00000005c0)=[0x0], &(0x7f00000006c0)=[0x0, 0x0], <r9=>0x0, 0x98, &(0x7f0000000700)=[{}], 0x8, 0x10, &(0x7f0000000740), &(0x7f00000007c0), 0x8, 0xf1, 0x8, 0x8, &(0x7f0000000800)}}, 0x10)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r11 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r11, 0x6, 0x0, 0x0, 0x0)
r12 = fsmount(r11, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000580)={r10, r12, 0x0, 0x0, @val=@netkit={@void, @value}}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x1, 0x2, &(0x7f0000000440)=@raw=[@map_val={0x18, 0x5, 0x2, 0x0, r5, 0x0, 0x0, 0x0, 0x7}], &(0x7f0000000480)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', r8, @fallback=0x40e3b7127c90a525, r4, 0x8, &(0x7f0000000500)={0x4, 0x3}, 0x8, 0x10, &(0x7f0000000540)={0x2, 0xd, 0x4, 0x4}, 0x10, r9, r4, 0x4, &(0x7f00000008c0)=[r0, r4, r12], &(0x7f0000000900)=[{0x2, 0x1, 0x5, 0x4}, {0x2, 0x2, 0xd, 0x1}, {0x5, 0x4, 0xe, 0xa}, {0x5, 0x3, 0x6, 0x8}], 0x10, 0xa5b0, @void, @value}, 0x94)
r13 = syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x3416, 0x13100, 0x2, 0x4, 0x0, r4}, &(0x7f0000000180)=<r14=>0x0, &(0x7f0000000200)=<r15=>0x0)
syz_io_uring_submit(r14, r15, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r4})
io_uring_enter(r13, 0x2def, 0x9566, 0x0, 0x0, 0x0)

0s ago: executing program 0 (id=664):
r0 = syz_usb_connect(0x3, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300042e010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000500)={0x34, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})

kernel console output (not intermixed with test programs):

[ T5833] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   75.096548][ T5833] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   75.106144][ T5833] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   75.114547][ T5833] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   75.123239][ T5833] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   75.179178][ T5828] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   75.192410][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   75.200706][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   75.211456][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   75.219211][ T5828] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   75.227754][ T5828] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   75.236202][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   75.264888][ T5836] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   75.275758][ T5836] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   75.284471][ T5836] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   75.295807][ T5836] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   75.304442][ T5836] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   75.860360][ T5829] chnl_net:caif_netlink_parms(): no params data found
[   75.889700][ T5831] chnl_net:caif_netlink_parms(): no params data found
[   76.008587][ T5838] chnl_net:caif_netlink_parms(): no params data found
[   76.141599][ T5820] chnl_net:caif_netlink_parms(): no params data found
[   76.217596][ T5824] chnl_net:caif_netlink_parms(): no params data found
[   76.229635][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.237579][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.246802][ T5831] bridge_slave_0: entered allmulticast mode
[   76.254245][ T5831] bridge_slave_0: entered promiscuous mode
[   76.263451][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.270651][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.278052][ T5831] bridge_slave_1: entered allmulticast mode
[   76.286392][ T5831] bridge_slave_1: entered promiscuous mode
[   76.294180][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.301371][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.308899][ T5829] bridge_slave_0: entered allmulticast mode
[   76.316160][ T5829] bridge_slave_0: entered promiscuous mode
[   76.397179][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.404623][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.411989][ T5829] bridge_slave_1: entered allmulticast mode
[   76.418996][ T5829] bridge_slave_1: entered promiscuous mode
[   76.483593][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.490803][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.498386][ T5838] bridge_slave_0: entered allmulticast mode
[   76.506926][ T5838] bridge_slave_0: entered promiscuous mode
[   76.534002][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.559321][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.568923][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.576471][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.583702][ T5838] bridge_slave_1: entered allmulticast mode
[   76.590944][ T5838] bridge_slave_1: entered promiscuous mode
[   76.618137][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.630944][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.667653][ T5820] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.674885][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.682569][ T5820] bridge_slave_0: entered allmulticast mode
[   76.689556][ T5820] bridge_slave_0: entered promiscuous mode
[   76.736765][ T5820] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.744074][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.751380][ T5820] bridge_slave_1: entered allmulticast mode
[   76.759048][ T5820] bridge_slave_1: entered promiscuous mode
[   76.794501][ T5829] team0: Port device team_slave_0 added
[   76.803295][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.815905][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.856299][ T5831] team0: Port device team_slave_0 added
[   76.865155][ T5829] team0: Port device team_slave_1 added
[   76.873533][ T5831] team0: Port device team_slave_1 added
[   76.917498][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.925261][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.932553][ T5824] bridge_slave_0: entered allmulticast mode
[   76.939753][ T5824] bridge_slave_0: entered promiscuous mode
[   76.998864][ T5838] team0: Port device team_slave_0 added
[   77.007510][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.017180][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.025370][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.032900][ T5824] bridge_slave_1: entered allmulticast mode
[   77.040149][ T5824] bridge_slave_1: entered promiscuous mode
[   77.048135][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.056014][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.082655][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.099438][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.106852][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.133586][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.146859][ T5838] team0: Port device team_slave_1 added
[   77.169707][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.179323][ T5827] Bluetooth: hci2: command tx timeout
[   77.179606][ T5827] Bluetooth: hci0: command tx timeout
[   77.209817][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.216891][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.243885][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.256933][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.264215][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.290493][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.323616][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.330712][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.357300][ T5827] Bluetooth: hci4: command tx timeout
[   77.362994][ T5828] Bluetooth: hci3: command tx timeout
[   77.363453][ T5836] Bluetooth: hci1: command tx timeout
[   77.375035][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.404149][ T5820] team0: Port device team_slave_0 added
[   77.433292][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.447680][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.454767][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.481633][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.494965][ T5820] team0: Port device team_slave_1 added
[   77.529305][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.593183][ T5831] hsr_slave_0: entered promiscuous mode
[   77.600044][ T5831] hsr_slave_1: entered promiscuous mode
[   77.639421][ T5824] team0: Port device team_slave_0 added
[   77.664017][ T5829] hsr_slave_0: entered promiscuous mode
[   77.670785][ T5829] hsr_slave_1: entered promiscuous mode
[   77.677232][ T5829] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   77.685257][ T5829] Cannot create hsr debugfs directory
[   77.691631][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.699492][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.725870][ T5820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.738959][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.746129][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.773135][ T5820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.798568][ T5824] team0: Port device team_slave_1 added
[   77.898498][ T5838] hsr_slave_0: entered promiscuous mode
[   77.905375][ T5838] hsr_slave_1: entered promiscuous mode
[   77.911431][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   77.919551][ T5838] Cannot create hsr debugfs directory
[   77.925953][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.933295][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.959778][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.972952][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.980036][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.006549][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.103470][ T5820] hsr_slave_0: entered promiscuous mode
[   78.110117][ T5820] hsr_slave_1: entered promiscuous mode
[   78.116849][ T5820] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.124880][ T5820] Cannot create hsr debugfs directory
[   78.288330][ T5824] hsr_slave_0: entered promiscuous mode
[   78.294795][ T5824] hsr_slave_1: entered promiscuous mode
[   78.300866][ T5824] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.308992][ T5824] Cannot create hsr debugfs directory
[   78.739131][ T5831] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   78.754292][ T5831] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   78.770127][ T5831] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   78.797467][ T5831] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   78.860117][ T5829] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   78.873023][ T5829] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   78.892652][ T5829] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   78.904971][ T5829] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   78.973209][ T5820] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   78.985713][ T5820] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   78.996656][ T5820] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   79.029587][ T5820] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   79.127665][ T5838] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   79.156393][ T5838] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   79.197335][ T5838] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   79.226972][ T5838] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   79.252035][ T5836] Bluetooth: hci0: command tx timeout
[   79.262442][ T5836] Bluetooth: hci2: command tx timeout
[   79.313914][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.324160][ T5824] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   79.336840][ T5824] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   79.348793][ T5824] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   79.360778][ T5824] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   79.412719][ T5836] Bluetooth: hci4: command tx timeout
[   79.423044][ T5836] Bluetooth: hci1: command tx timeout
[   79.423054][ T5827] Bluetooth: hci3: command tx timeout
[   79.461391][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   79.488524][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.495789][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.538461][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.545621][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.569337][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.599161][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.641377][ T5820] 8021q: adding VLAN 0 to HW filter on device team0
[   79.668882][ T3055] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.676087][ T3055] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.693148][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.715365][ T3055] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.722633][ T3055] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.735663][ T5829] 8021q: adding VLAN 0 to HW filter on device team0
[   79.769857][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.777077][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.821072][ T5838] 8021q: adding VLAN 0 to HW filter on device team0
[   79.850352][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.857582][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.897920][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.905179][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.937445][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.944705][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.978392][ T5820] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   80.101584][ T5838] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   80.165060][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.290284][ T5824] 8021q: adding VLAN 0 to HW filter on device team0
[   80.336577][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.407142][ T3486] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.414361][ T3486] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.469177][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.476394][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.591229][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.616082][ T5831] veth0_vlan: entered promiscuous mode
[   80.651837][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.664934][ T5831] veth1_vlan: entered promiscuous mode
[   80.763458][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.822780][ T5831] veth0_macvtap: entered promiscuous mode
[   80.856681][ T5820] veth0_vlan: entered promiscuous mode
[   80.880620][ T5831] veth1_macvtap: entered promiscuous mode
[   80.906601][ T5838] veth0_vlan: entered promiscuous mode
[   80.928114][ T5820] veth1_vlan: entered promiscuous mode
[   80.979157][ T5838] veth1_vlan: entered promiscuous mode
[   81.019178][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.064239][ T5820] veth0_macvtap: entered promiscuous mode
[   81.076208][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.096366][ T5820] veth1_macvtap: entered promiscuous mode
[   81.118390][ T5831] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.130758][ T5831] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.140060][ T5831] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.149384][ T5831] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.175751][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.231688][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.255755][ T5838] veth0_macvtap: entered promiscuous mode
[   81.278066][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.334617][ T5836] Bluetooth: hci2: command tx timeout
[   81.335225][ T5827] Bluetooth: hci0: command tx timeout
[   81.357783][ T5838] veth1_macvtap: entered promiscuous mode
[   81.376931][ T5820] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.386386][ T5820] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.395822][ T5820] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.404572][ T5820] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.467948][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.484635][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.493554][ T5827] Bluetooth: hci3: command tx timeout
[   81.493868][ T5828] Bluetooth: hci4: command tx timeout
[   81.501765][ T5824] veth0_vlan: entered promiscuous mode
[   81.504640][ T5836] Bluetooth: hci1: command tx timeout
[   81.537780][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.556391][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.607601][ T5838] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.624595][ T5838] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.633815][ T5838] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.644120][ T5838] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.674996][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.697349][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.709150][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.710275][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.727123][ T5824] veth1_vlan: entered promiscuous mode
[   81.772472][ T5829] veth0_vlan: entered promiscuous mode
[   81.839871][ T5829] veth1_vlan: entered promiscuous mode
[   81.861560][ T5824] veth0_macvtap: entered promiscuous mode
[   81.881366][ T5831] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   81.884633][ T3486] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.912792][ T3486] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.942386][ T5824] veth1_macvtap: entered promiscuous mode
[   82.145847][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.188037][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.195901][ T3055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.195922][ T3055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.290024][ T5824] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.305974][ T5824] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.318848][ T5824] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.328711][ T5824] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.385739][ T5829] veth0_macvtap: entered promiscuous mode
[   82.427443][ T3055] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.438988][ T5829] veth1_macvtap: entered promiscuous mode
[   82.453557][ T3055] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.548919][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.630086][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.691009][ T5947] FAULT_INJECTION: forcing a failure.
[   82.691009][ T5947] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   82.733759][ T5947] CPU: 1 UID: 0 PID: 5947 Comm: syz.1.6 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[   82.733787][ T5947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   82.733801][ T5947] Call Trace:
[   82.733812][ T5947]  <TASK>
[   82.733821][ T5947]  dump_stack_lvl+0x189/0x250
[   82.733858][ T5947]  ? __pfx____ratelimit+0x10/0x10
[   82.733882][ T5947]  ? __pfx_dump_stack_lvl+0x10/0x10
[   82.733906][ T5947]  ? __pfx__printk+0x10/0x10
[   82.733937][ T5947]  should_fail_ex+0x414/0x560
[   82.733964][ T5947]  _copy_to_user+0x31/0xb0
[   82.733985][ T5947]  simple_read_from_buffer+0xe1/0x170
[   82.734012][ T5947]  proc_fail_nth_read+0x1df/0x250
[   82.734040][ T5947]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   82.734066][ T5947]  ? rw_verify_area+0x258/0x650
[   82.734085][ T5947]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   82.734109][ T5947]  vfs_read+0x200/0x980
[   82.734134][ T5947]  ? __pfx___mutex_lock+0x10/0x10
[   82.734151][ T5947]  ? __pfx_vfs_read+0x10/0x10
[   82.734172][ T5947]  ? __fget_files+0x2a/0x420
[   82.734198][ T5947]  ? __fget_files+0x3a0/0x420
[   82.734218][ T5947]  ? __fget_files+0x2a/0x420
[   82.734249][ T5947]  ksys_read+0x145/0x250
[   82.734270][ T5947]  ? __pfx_ksys_read+0x10/0x10
[   82.734287][ T5947]  ? rcu_is_watching+0x15/0xb0
[   82.734317][ T5947]  ? do_syscall_64+0xbe/0x3b0
[   82.734337][ T5947]  do_syscall_64+0xfa/0x3b0
[   82.734349][ T5947]  ? lockdep_hardirqs_on+0x9c/0x150
[   82.734368][ T5947]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.734390][ T5947]  ? clear_bhb_loop+0x60/0xb0
[   82.734411][ T5947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.734428][ T5947] RIP: 0033:0x7f754038d33c
[   82.734449][ T5947] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   82.734463][ T5947] RSP: 002b:00007f7541217030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   82.734481][ T5947] RAX: ffffffffffffffda RBX: 00007f75405b6080 RCX: 00007f754038d33c
[   82.734494][ T5947] RDX: 000000000000000f RSI: 00007f75412170a0 RDI: 0000000000000007
[   82.734505][ T5947] RBP: 00007f7541217090 R08: 0000000000000000 R09: 0000000000000000
[   82.734515][ T5947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.734525][ T5947] R13: 0000000000000000 R14: 00007f75405b6080 R15: 00007ffddfe054e8
[   82.734554][ T5947]  </TASK>
[   82.738733][ T5829] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.813125][ T5907] kernel read not supported for file /dsp (pid: 5907 comm: kworker/0:5)
[   82.897504][ T5829] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.004538][ T5829] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.027196][ T5829] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.096643][   T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.105193][   T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.209624][ T5960] loop6: detected capacity change from 0 to 7
[   83.232949][ T5959] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   83.295807][ T5960] Dev loop6: unable to read RDB block 7
[   83.315370][ T5960]  loop6: unable to read partition table
[   83.356639][ T5960] loop6: partition table beyond EOD, truncated
[   83.402244][ T5960] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[   83.452466][ T5836] Bluetooth: hci0: command tx timeout
[   83.458531][ T5836] Bluetooth: hci2: command tx timeout
[   83.471351][ T3486] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.479698][ T3486] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.572531][ T5836] Bluetooth: hci3: command tx timeout
[   83.578503][ T5836] Bluetooth: hci1: command tx timeout
[   83.586225][ T5836] Bluetooth: hci4: command tx timeout
[   84.085510][ T3055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.101054][ T3055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.317487][ T5972] syzkaller1: entered promiscuous mode
[   84.353343][ T5972] syzkaller1: entered allmulticast mode
[   84.359378][ T5976] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   84.360628][ T5978] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   84.371621][ T5977] FAULT_INJECTION: forcing a failure.
[   84.371621][ T5977] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.470756][ T3055] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.515689][ T3055] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.545658][ T5977] CPU: 1 UID: 0 PID: 5977 Comm: syz.2.3 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[   84.545683][ T5977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   84.545693][ T5977] Call Trace:
[   84.545699][ T5977]  <TASK>
[   84.545707][ T5977]  dump_stack_lvl+0x189/0x250
[   84.545736][ T5977]  ? __pfx____ratelimit+0x10/0x10
[   84.545760][ T5977]  ? __pfx_dump_stack_lvl+0x10/0x10
[   84.545783][ T5977]  ? __pfx__printk+0x10/0x10
[   84.545798][ T5977]  ? __might_fault+0xb0/0x130
[   84.545827][ T5977]  should_fail_ex+0x414/0x560
[   84.545854][ T5977]  _copy_from_iter+0x1db/0x16f0
[   84.545878][ T5977]  ? __lock_acquire+0xab9/0xd20
[   84.545907][ T5977]  ? __pfx__copy_from_iter+0x10/0x10
[   84.545946][ T5977]  tun_get_user+0x4ce/0x3ce0
[   84.545974][ T5977]  ? __lock_acquire+0xab9/0xd20
[   84.546004][ T5977]  ? __might_fault+0xb0/0x130
[   84.546025][ T5977]  ? __pfx_tun_get_user+0x10/0x10
[   84.546052][ T5977]  ? __lock_acquire+0xab9/0xd20
[   84.546077][ T5977]  ? ref_tracker_alloc+0x318/0x460
[   84.546094][ T5977]  ? __lock_acquire+0xab9/0xd20
[   84.546115][ T5977]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   84.546140][ T5977]  ? tun_get+0x1c/0x2f0
[   84.546166][ T5977]  ? tun_get+0x1c/0x2f0
[   84.546187][ T5977]  ? tun_get+0x1c/0x2f0
[   84.546211][ T5977]  tun_chr_write_iter+0x113/0x200
[   84.546234][ T5977]  vfs_write+0x54b/0xa90
[   84.546257][ T5977]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   84.546280][ T5977]  ? __pfx_vfs_write+0x10/0x10
[   84.546309][ T5977]  ? __fget_files+0x2a/0x420
[   84.546338][ T5977]  ksys_write+0x145/0x250
[   84.546359][ T5977]  ? __pfx_ksys_write+0x10/0x10
[   84.546383][ T5977]  ? rcu_is_watching+0x15/0xb0
[   84.546412][ T5977]  ? do_syscall_64+0xbe/0x3b0
[   84.546432][ T5977]  do_syscall_64+0xfa/0x3b0
[   84.546446][ T5977]  ? lockdep_hardirqs_on+0x9c/0x150
[   84.546468][ T5977]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.546484][ T5977]  ? clear_bhb_loop+0x60/0xb0
[   84.546504][ T5977]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.546519][ T5977] RIP: 0033:0x7f3ebb18e929
[   84.546535][ T5977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.546548][ T5977] RSP: 002b:00007f3ebc05e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   84.546567][ T5977] RAX: ffffffffffffffda RBX: 00007f3ebb3b6080 RCX: 00007f3ebb18e929
[   84.546579][ T5977] RDX: 0000000000000036 RSI: 0000200000000080 RDI: 0000000000000003
[   84.546590][ T5977] RBP: 00007f3ebc05e090 R08: 0000000000000000 R09: 0000000000000000
[   84.546600][ T5977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.546610][ T5977] R13: 0000000000000001 R14: 00007f3ebb3b6080 R15: 00007fffc8676c68
[   84.546637][ T5977]  </TASK>
[   84.819782][    C1] vkms_vblank_simulate: vblank timer overrun
[   85.368172][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   85.377256][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   85.470495][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   85.479622][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   85.572878][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   86.865756][  T978] cfg80211: failed to load regulatory.db
[   86.878106][ T6004] FAULT_INJECTION: forcing a failure.
[   86.878106][ T6004] name failslab, interval 1, probability 0, space 0, times 1
[   86.897115][ T6004] CPU: 1 UID: 0 PID: 6004 Comm: syz.4.5 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[   86.897141][ T6004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   86.897151][ T6004] Call Trace:
[   86.897158][ T6004]  <TASK>
[   86.897166][ T6004]  dump_stack_lvl+0x189/0x250
[   86.897200][ T6004]  ? __pfx____ratelimit+0x10/0x10
[   86.897224][ T6004]  ? __pfx_dump_stack_lvl+0x10/0x10
[   86.897248][ T6004]  ? __pfx__printk+0x10/0x10
[   86.897271][ T6004]  ? __pfx___might_resched+0x10/0x10
[   86.897298][ T6004]  should_fail_ex+0x414/0x560
[   86.897325][ T6004]  should_failslab+0xa8/0x100
[   86.897347][ T6004]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[   86.897368][ T6004]  ? __alloc_skb+0x112/0x2d0
[   86.897391][ T6004]  __alloc_skb+0x112/0x2d0
[   86.897413][ T6004]  netlink_sendmsg+0x5c6/0xb30
[   86.897442][ T6004]  ? __pfx_netlink_sendmsg+0x10/0x10
[   86.897469][ T6004]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   86.897488][ T6004]  ? __pfx_netlink_sendmsg+0x10/0x10
[   86.897508][ T6004]  __sock_sendmsg+0x219/0x270
[   86.897537][ T6004]  ____sys_sendmsg+0x505/0x830
[   86.897562][ T6004]  ? __pfx_____sys_sendmsg+0x10/0x10
[   86.897590][ T6004]  ? import_iovec+0x74/0xa0
[   86.897611][ T6004]  ___sys_sendmsg+0x21f/0x2a0
[   86.897633][ T6004]  ? __pfx____sys_sendmsg+0x10/0x10
[   86.897688][ T6004]  ? __fget_files+0x2a/0x420
[   86.897709][ T6004]  ? __fget_files+0x3a0/0x420
[   86.897740][ T6004]  __x64_sys_sendmsg+0x19b/0x260
[   86.897763][ T6004]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   86.897794][ T6004]  ? __pfx_ksys_write+0x10/0x10
[   86.897810][ T6004]  ? rcu_is_watching+0x15/0xb0
[   86.897838][ T6004]  ? do_syscall_64+0xbe/0x3b0
[   86.897858][ T6004]  do_syscall_64+0xfa/0x3b0
[   86.897872][ T6004]  ? lockdep_hardirqs_on+0x9c/0x150
[   86.897914][ T6004]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.897930][ T6004]  ? clear_bhb_loop+0x60/0xb0
[   86.897951][ T6004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.897967][ T6004] RIP: 0033:0x7fcbeeb8e929
[   86.897984][ T6004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.897998][ T6004] RSP: 002b:00007fcbef9b6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.898016][ T6004] RAX: ffffffffffffffda RBX: 00007fcbeedb5fa0 RCX: 00007fcbeeb8e929
[   86.898029][ T6004] RDX: 0000000004000004 RSI: 0000200000000100 RDI: 0000000000000005
[   86.898040][ T6004] RBP: 00007fcbef9b6090 R08: 0000000000000000 R09: 0000000000000000
[   86.898051][ T6004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.898061][ T6004] R13: 0000000000000000 R14: 00007fcbeedb5fa0 R15: 00007ffce9f498c8
[   86.898089][ T6004]  </TASK>
[   87.160057][    C1] vkms_vblank_simulate: vblank timer overrun
[   87.723922][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   87.812682][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   87.928651][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   88.031158][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   89.396690][ T6014] netlink: 12 bytes leftover after parsing attributes in process `syz.4.21'.
[   89.405730][ T6014] netlink: 12 bytes leftover after parsing attributes in process `syz.4.21'.
[   89.464668][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   90.373562][ T6020] netlink: 8 bytes leftover after parsing attributes in process `syz.0.22'.
[   90.443868][   T10] kernel write not supported for file /dsp (pid: 10 comm: kworker/0:1)
[   90.546938][ T6033] vcan0: tx drop: invalid sa for name 0xffffffffffffffff
[   90.554766][ T6034] vcan0: tx drop: invalid sa for name 0xffffffffffffffff
[   90.564398][ T6033] cifs: Unknown parameter 'no'‘a�£Nð[G¶zob,erèèµ;%j¸¼
[   90.564398][ T6033] ‡üzæ,€@q¬Ú÷ôÐåéJ#³"ŽÚh/.�W1ȱ¨nNCº"†CÙ×ðÚ<“™+`# ÷Ž¢k²–'
[   90.861391][ T6042] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   91.072960][ T6047] Zero length message leads to an empty skb
[   91.897692][ T6048] netlink: 16 bytes leftover after parsing attributes in process `syz.3.29'.
[   92.063718][ T6063] netlink: 8 bytes leftover after parsing attributes in process `syz.2.33'.
[   92.072732][ T6063] netlink: 736 bytes leftover after parsing attributes in process `syz.2.33'.
[   92.676753][ T6074] netlink: 8 bytes leftover after parsing attributes in process `syz.0.34'.
[   92.874751][ T5825] kernel write not supported for file /dsp (pid: 5825 comm: kworker/0:3)
[   93.389030][ T5825] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   93.663390][ T5825] usb 3-1: Using ep0 maxpacket: 32
[   94.238569][ T5825] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   94.252229][ T5825] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[   94.356571][ T6089] netlink: 104 bytes leftover after parsing attributes in process `syz.3.35'.
[   94.400167][ T5825] usb 3-1: config 1 has no interface number 1
[   94.432159][ T5825] usb 3-1: config 1 interface 2 altsetting 228 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[   94.528988][ T5825] usb 3-1: config 1 interface 2 has no altsetting 1
[   94.553716][ T5825] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   94.573934][ T5825] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.592090][ T5825] usb 3-1: Product: syz
[   94.602622][ T5825] usb 3-1: Manufacturer: syz
[   94.622263][ T5825] usb 3-1: SerialNumber: syz
[   95.007274][ T6077] netlink: 'syz.2.38': attribute type 1 has an invalid length.
[   95.554282][ T6103] Driver unsupported XDP return value 0 on prog  (id 12) dev N/A, expect packet loss!
[   96.973970][ T5825] usb-storage 3-1:1.2: USB Mass Storage device detected
[   97.277217][ T5825] usb 3-1: USB disconnect, device number 2
[   97.368346][ T5886] udevd[5886]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   97.981864][ T6125] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   98.104891][ T6130] netlink: 56 bytes leftover after parsing attributes in process `syz.0.48'.
[   98.135756][ T6130] hub 8-0:1.0: USB hub found
[   98.141406][ T6130] hub 8-0:1.0: 1 port detected
[   98.183597][ T5825] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   98.252524][ T5872] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   98.434154][ T5825] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   98.446021][ T5872] usb 3-1: Using ep0 maxpacket: 8
[   98.467733][ T5872] usb 3-1: config 162 has an invalid interface number: 197 but max is 1
[   98.492224][ T5825] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   98.511475][ T5872] usb 3-1: config 162 has an invalid interface number: 143 but max is 1
[   98.529902][ T5825] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.542471][ T5872] usb 3-1: config 162 has no interface number 0
[   98.560637][ T5872] usb 3-1: config 162 has no interface number 1
[   98.568963][ T5825] usb 4-1: config 0 descriptor??
[   98.592403][ T5872] usb 3-1: config 162 interface 197 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[   98.900194][ T5872] usb 3-1: config 162 interface 143 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[   98.911627][ T5872] usb 3-1: config 162 interface 143 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[   98.923852][ T5872] usb 3-1: config 162 interface 143 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024
[   98.941560][ T5872] usb 3-1: config 162 interface 143 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[   98.955244][ T5872] usb 3-1: config 162 interface 143 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[   98.976880][ T5872] usb 3-1: config 162 interface 197 has no altsetting 0
[   98.985084][ T5872] usb 3-1: config 162 interface 143 has no altsetting 0
[   99.004679][ T5872] usb 3-1: New USB device found, idVendor=0c10, idProduct=0000, bcdDevice=95.a7
[   99.024929][ T5872] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.036359][ T5872] usb 3-1: Product: syz
[   99.040660][ T5872] usb 3-1: Manufacturer: syz
[   99.050189][ T5872] usb 3-1: SerialNumber: syz
[   99.094436][ T5825] keytouch 0003:0926:3333.0001: fixing up Keytouch IEC report descriptor
[   99.223881][ T5825] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0001/input/input5
[  100.174176][ T6141] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  100.210323][ T5825] keytouch 0003:0926:3333.0001: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  100.492743][ T6141] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  100.539813][ T5825] usb 4-1: USB disconnect, device number 2
[  101.212170][ T5907] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  101.260655][ T6144] fido_id[6144]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  101.300171][ T5828] Bluetooth: hci5: HCI Read Local Supported Commands not supported
[  101.312172][ T5872] usb 3-1: USB disconnect, device number 3
[  101.312524][ T5836] Bluetooth: hci5: sending frame failed (-19)
[  101.325203][ T5828] Bluetooth: hci5: Opcode 0x0c03 failed: -19
[  101.404670][ T5907] usb 5-1: config 0 has an invalid interface number: 64 but max is 0
[  101.444382][ T6150] netlink: 24 bytes leftover after parsing attributes in process `syz.1.57'.
[  101.451394][ T5907] usb 5-1: config 0 has no interface number 0
[  101.508185][ T5907] usb 5-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[  101.658889][ T5907] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.674546][ T5907] usb 5-1: Product: syz
[  101.678797][ T5907] usb 5-1: Manufacturer: syz
[  101.684369][ T5907] usb 5-1: SerialNumber: syz
[  101.695635][ T5907] usb 5-1: config 0 descriptor??
[  102.664445][ T5907] usb 5-1: Found UVC 0.00 device syz (046d:0823)
[  102.685377][ T5907] usb 5-1: No valid video chain found.
[  102.700651][ T6164] tipc: Started in network mode
[  102.869887][ T5907] usb 5-1: USB disconnect, device number 2
[  102.877384][ T6164] tipc: Node identity 00000000000000400000000000000001, cluster identity 4711
[  102.923015][ T6164] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  103.596248][ T6180] usb usb1: usbfs: process 6180 (syz.3.65) did not claim interface 0 before use
[  104.283170][ T6190] capability: warning: `syz.4.66' uses deprecated v2 capabilities in a way that may be insecure
[  104.366019][ T6192] program syz.3.67 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  104.483379][ T6197] netlink: 28 bytes leftover after parsing attributes in process `syz.1.68'.
[  104.492609][ T6197] netlink: 28 bytes leftover after parsing attributes in process `syz.1.68'.
[  105.537875][ T6173] syz.0.62 (6173): drop_caches: 2
[  105.706079][ T6173] Process accounting resumed
[  105.753405][ T6204] syz.2.70 uses obsolete (PF_INET,SOCK_PACKET)
[  106.082197][ T5872] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  106.102807][ T6212] fuse: Bad value for 'fd'
[  106.836952][ T5872] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  106.851037][ T5872] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  106.890805][ T5872] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.916885][ T5872] usb 1-1: Product: syz
[  106.929795][ T5872] usb 1-1: Manufacturer: syz
[  106.945094][ T5872] usb 1-1: SerialNumber: syz
[  106.957355][ T5872] usb 1-1: config 0 descriptor??
[  107.710710][ T5872] usb 1-1: USB disconnect, device number 2
[  107.945583][ T5907] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  108.082384][ T6233] kernel profiling enabled (shift: 9)
[  108.144241][ T5907] usb 4-1: config 0 has an invalid interface number: 64 but max is 0
[  108.162033][ T5907] usb 4-1: config 0 has no interface number 0
[  108.175386][ T5907] usb 4-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[  108.195117][ T5907] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.211216][ T5907] usb 4-1: Product: syz
[  108.220346][ T5907] usb 4-1: Manufacturer: syz
[  108.232011][ T5907] usb 4-1: SerialNumber: syz
[  108.250975][ T5907] usb 4-1: config 0 descriptor??
[  108.439964][ T5872] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  109.214334][ T5872] usb 1-1: Using ep0 maxpacket: 16
[  109.508271][ T5907] usb 4-1: Found UVC 0.00 device syz (046d:0823)
[  109.525318][ T5872] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  109.536554][ T5907] usb 4-1: No valid video chain found.
[  109.542280][ T5872] usb 1-1: New USB device found, idVendor=056a, idProduct=00df, bcdDevice= 0.00
[  109.574161][ T5907] usb 4-1: USB disconnect, device number 3
[  109.584105][ T5872] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.624868][ T5872] usb 1-1: config 0 descriptor??
[  109.852660][ T6249] lo speed is unknown, defaulting to 1000
[  109.859564][ T6249] lo speed is unknown, defaulting to 1000
[  109.879289][ T6249] lo speed is unknown, defaulting to 1000
[  109.947152][ T6249] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  110.137263][ T6249] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  110.410435][ T6249] lo speed is unknown, defaulting to 1000
[  110.418848][ T6249] lo speed is unknown, defaulting to 1000
[  110.426679][ T6249] lo speed is unknown, defaulting to 1000
[  110.433991][ T6249] lo speed is unknown, defaulting to 1000
[  110.441442][ T6249] lo speed is unknown, defaulting to 1000
[  112.330470][ T6234] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  112.456927][ T6234] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  112.508677][ T6234] netlink: 'syz.0.79': attribute type 1 has an invalid length.
[  112.592294][ T6234] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  112.624423][ T6234] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  112.654930][   T10] usb 1-1: USB disconnect, device number 3
[  112.693903][ T6270] netlink: 8 bytes leftover after parsing attributes in process `syz.3.91'.
[  112.818241][ T6274] netlink: 24 bytes leftover after parsing attributes in process `syz.1.92'.
[  112.882087][ T5907] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  113.054054][ T5907] usb 3-1: too many configurations: 44, using maximum allowed: 8
[  113.148099][ T5907] usb 3-1: unable to read config index 0 descriptor/start: -61
[  113.217961][ T5907] usb 3-1: can't read configurations, error -61
[  113.463051][ T5907] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  113.499578][ T5872] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  113.808376][ T5907] usb 3-1: too many configurations: 44, using maximum allowed: 8
[  113.846301][ T5907] usb 3-1: unable to read config index 0 descriptor/start: -61
[  113.874156][ T5907] usb 3-1: can't read configurations, error -61
[  113.909603][ T5872] usb 2-1: config 0 has an invalid interface number: 64 but max is 0
[  113.926395][ T6295] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  113.945827][ T6295] cramfs: wrong magic
[  113.958927][ T5907] usb usb3-port1: attempt power cycle
[  114.003158][ T5872] usb 2-1: config 0 has no interface number 0
[  114.248677][ T5872] usb 2-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[  114.328663][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.378744][ T5907] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  114.451577][ T5872] usb 2-1: Product: syz
[  114.476398][ T5907] usb 3-1: too many configurations: 44, using maximum allowed: 8
[  114.530385][ T5872] usb 2-1: Manufacturer: syz
[  114.594422][ T5872] usb 2-1: SerialNumber: syz
[  114.614962][ T5907] usb 3-1: unable to read config index 0 descriptor/start: -61
[  114.720440][ T5907] usb 3-1: can't read configurations, error -61
[  114.789179][ T5872] usb 2-1: config 0 descriptor??
[  114.992057][ T5907] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  115.432093][ T5872] usb 2-1: Found UVC 0.00 device syz (046d:0823)
[  115.434514][ T5887] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  115.642334][ T5872] usb 2-1: No valid video chain found.
[  115.659794][ T5872] usb 2-1: USB disconnect, device number 2
[  115.838492][ T6301] netlink: 26 bytes leftover after parsing attributes in process `syz.3.99'.
[  115.850714][ T6301] netlink: 26 bytes leftover after parsing attributes in process `syz.3.99'.
[  115.862126][ T5907] usb 3-1: device not accepting address 7, error -71
[  115.870782][ T5907] usb usb3-port1: unable to enumerate USB device
[  116.086507][ T5887] usb 4-1: unable to get BOS descriptor or descriptor too short
[  116.215143][ T5907] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  116.229354][ T5887] usb 4-1: no configurations
[  116.511323][ T5887] usb 4-1: can't read configurations, error -22
[  116.524208][ T5907] usb 3-1: Using ep0 maxpacket: 8
[  116.934273][ T5907] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  116.972460][ T5907] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  116.996586][ T5907] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  117.028327][ T5907] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  117.055395][ T5907] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  117.066380][ T5907] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.156159][ T5907] hub 3-1:1.0: bad descriptor, ignoring hub
[  117.162225][ T5907] hub 3-1:1.0: probe with driver hub failed with error -5
[  117.170628][ T6322] trusted_key: syz.1.107 sent an empty control message without MSG_MORE.
[  117.202762][ T5907] cdc_wdm 3-1:1.0: skipping garbage
[  117.208521][ T5907] cdc_wdm 3-1:1.0: skipping garbage
[  117.242147][ T5907] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  117.262955][ T5907] cdc_wdm 3-1:1.0: Unknown control protocol
[  117.297012][ T6326] FAULT_INJECTION: forcing a failure.
[  117.297012][ T6326] name failslab, interval 1, probability 0, space 0, times 0
[  117.370475][ T6307] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  117.380736][ T6329] netlink: 8 bytes leftover after parsing attributes in process `syz.3.109'.
[  117.390263][ T6326] CPU: 0 UID: 0 PID: 6326 Comm: syz.0.108 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  117.390291][ T6326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  117.390301][ T6326] Call Trace:
[  117.390309][ T6326]  <TASK>
[  117.390316][ T6326]  dump_stack_lvl+0x189/0x250
[  117.390353][ T6326]  ? __pfx____ratelimit+0x10/0x10
[  117.390379][ T6326]  ? __pfx_dump_stack_lvl+0x10/0x10
[  117.390402][ T6326]  ? __pfx__printk+0x10/0x10
[  117.390426][ T6326]  ? __pfx___might_resched+0x10/0x10
[  117.390448][ T6326]  ? fs_reclaim_acquire+0x7d/0x100
[  117.390475][ T6326]  should_fail_ex+0x414/0x560
[  117.390500][ T6326]  ? __pfx_sock_alloc_inode+0x10/0x10
[  117.390525][ T6326]  should_failslab+0xa8/0x100
[  117.390547][ T6326]  ? __pfx_sock_alloc_inode+0x10/0x10
[  117.390568][ T6326]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  117.390587][ T6326]  ? sock_alloc_inode+0x28/0xc0
[  117.390614][ T6326]  ? __pfx_sock_alloc_inode+0x10/0x10
[  117.390636][ T6326]  sock_alloc_inode+0x28/0xc0
[  117.390658][ T6326]  alloc_inode+0x67/0x1b0
[  117.390680][ T6326]  __sock_create+0x12d/0x9f0
[  117.390706][ T6326]  __sys_socket+0xd7/0x1b0
[  117.390728][ T6326]  __x64_sys_socket+0x7a/0x90
[  117.390747][ T6326]  do_syscall_64+0xfa/0x3b0
[  117.390762][ T6326]  ? lockdep_hardirqs_on+0x9c/0x150
[  117.390784][ T6326]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.390801][ T6326]  ? clear_bhb_loop+0x60/0xb0
[  117.390822][ T6326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.390838][ T6326] RIP: 0033:0x7f425af90847
[  117.390853][ T6326] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.390867][ T6326] RSP: 002b:00007f425bd8afa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  117.390886][ T6326] RAX: ffffffffffffffda RBX: 00007f425b1b5fa0 RCX: 00007f425af90847
[  117.390898][ T6326] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  117.390909][ T6326] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  117.390919][ T6326] R10: 0000200000000180 R11: 0000000000000286 R12: 0000000000000001
[  117.390930][ T6326] R13: 0000000000000000 R14: 00007f425b1b5fa0 R15: 00007fffd4160618
[  117.390959][ T6326]  </TASK>
[  117.390967][ T6326] socket: no more sockets
[  117.414458][ T6307] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  117.417531][ T6329] netlink: 8 bytes leftover after parsing attributes in process `syz.3.109'.
[  117.564096][ T6336] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  117.639939][ T6337] : entered promiscuous mode
[  118.425965][ T5872] usb 3-1: USB disconnect, device number 8
[  119.631044][ T5828] Bluetooth: min 0 < 6
[  120.312870][ T6366] warning: `syz.3.120' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  120.591520][ T6377] random: crng reseeded on system resumption
[  121.662105][ T5828] Bluetooth: hci3: command tx timeout
[  123.343604][ T6404] netlink: 'syz.4.130': attribute type 2 has an invalid length.
[  123.357849][ T5825] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  123.378488][ T6406] =======================================================
[  123.378488][ T6406] WARNING: The mand mount option has been deprecated and
[  123.378488][ T6406]          and is ignored by this kernel. Remove the mand
[  123.378488][ T6406]          option from the mount to silence this warning.
[  123.378488][ T6406] =======================================================
[  123.413958][ T6406] overlayfs: failed to resolve './bus': -2
[  123.572284][ T5825] usb 2-1: device descriptor read/64, error -71
[  123.772088][ T2152] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[  123.885468][ T6417] netlink: 'syz.3.135': attribute type 2 has an invalid length.
[  123.908907][ T5825] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  123.971680][ T2152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  124.082032][ T5825] usb 2-1: device descriptor read/64, error -71
[  124.126714][ T2152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  124.193900][ T5825] usb usb2-port1: attempt power cycle
[  124.202067][ T2152] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  124.376138][ T2152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.408026][ T2152] usb 3-1: config 0 descriptor??
[  124.728050][ T5825] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  125.163611][ T5825] usb 2-1: device descriptor read/8, error -71
[  125.532865][ T5825] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  126.896374][ T2152] usb 3-1: string descriptor 0 read error: -22
[  126.971258][ T2152] uclogic 0003:256C:006D.0003: interface is invalid, ignoring
[  126.984438][ T5825] usb 2-1: device descriptor read/8, error -71
[  127.132555][ T5825] usb usb2-port1: unable to enumerate USB device
[  127.186113][ T2152] usb 3-1: USB disconnect, device number 9
[  128.595367][ T6458] netlink: 'syz.0.145': attribute type 21 has an invalid length.
[  128.681209][ T6458] netlink: 156 bytes leftover after parsing attributes in process `syz.0.145'.
[  128.840186][ T6464] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  130.667408][ T6477] netlink: 'syz.2.152': attribute type 1 has an invalid length.
[  131.810006][ T6477] 8021q: adding VLAN 0 to HW filter on device bond1
[  132.977841][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  132.995561][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  133.011050][   T30] audit: type=1800 audit(1749837390.242:2): pid=6500 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.157" name="bus" dev="overlay" ino=152 res=0 errno=0
[  133.106292][   T30] audit: type=1326 audit(1749837390.542:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6503 comm="syz.1.158" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f754038e929 code=0x0
[  133.283435][ T6506] fuse: Unknown parameter 'f%'
[  133.301279][ T6506] can0: slcan on ptm0.
[  133.522862][ T5879] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  133.824792][ T5879] usb 2-1: Using ep0 maxpacket: 32
[  133.924828][ T5879] usb 2-1: config 0 has an invalid interface number: 20 but max is 0
[  133.943634][ T5879] usb 2-1: config 0 has no interface number 0
[  133.949808][ T5879] usb 2-1: config 0 interface 20 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  133.965100][ T5879] usb 2-1: config 0 interface 20 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  133.982378][ T5879] usb 2-1: config 0 interface 20 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  134.016216][ T5879] usb 2-1: New USB device found, idVendor=04e6, idProduct=0005, bcdDevice= 1.00
[  134.111705][ T5879] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.285431][ T5879] usb 2-1: Product: syz
[  134.308274][ T5879] usb 2-1: Manufacturer: syz
[  134.321638][ T5879] usb 2-1: SerialNumber: syz
[  135.103521][ T5879] usb 2-1: config 0 descriptor??
[  135.110036][ T6507] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  135.249564][ T5879] ums-sddr09 2-1:0.20: USB Mass Storage device detected
[  135.634206][ T5879] ums-sddr09 2-1:0.20: probe with driver ums-sddr09 failed with error -22
[  135.654093][ T6505] can0 (unregistered): slcan off ptm0.
[  136.583864][ T5872] usb 2-1: USB disconnect, device number 7
[  136.947599][ T6573] loop6: detected capacity change from 0 to 7
[  136.967366][ T6573] Buffer I/O error on dev loop6, logical block 0, async page read
[  137.126425][ T6573] Buffer I/O error on dev loop6, logical block 0, async page read
[  137.130548][ T6580] netlink: 8 bytes leftover after parsing attributes in process `syz.1.174'.
[  137.532849][ T6573] Buffer I/O error on dev loop6, logical block 0, async page read
[  137.542724][ T6573] Buffer I/O error on dev loop6, logical block 0, async page read
[  137.562212][ T6573] Buffer I/O error on dev loop6, logical block 0, async page read
[  137.691362][ T6583] Buffer I/O error on dev loop6, logical block 0, async page read
[  138.081174][ T6573] Buffer I/O error on dev loop6, logical block 0, async page read
[  138.140745][ T6573] Buffer I/O error on dev loop6, logical block 0, async page read
[  138.223697][ T6573] ldm_validate_partition_table(): Disk read failed.
[  138.230426][ T6573] Buffer I/O error on dev loop6, logical block 0, async page read
[  138.267310][ T6596] FAULT_INJECTION: forcing a failure.
[  138.267310][ T6596] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.292141][ T6596] CPU: 1 UID: 0 PID: 6596 Comm: syz.4.177 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  138.292167][ T6596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  138.292177][ T6596] Call Trace:
[  138.292183][ T6596]  <TASK>
[  138.292190][ T6596]  dump_stack_lvl+0x189/0x250
[  138.292219][ T6596]  ? __pfx____ratelimit+0x10/0x10
[  138.292243][ T6596]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.292264][ T6596]  ? __pfx__printk+0x10/0x10
[  138.292280][ T6596]  ? __might_fault+0xb0/0x130
[  138.292308][ T6596]  should_fail_ex+0x414/0x560
[  138.292331][ T6596]  _copy_from_user+0x2d/0xb0
[  138.292348][ T6596]  do_tcp_getsockopt+0x1cf/0x2610
[  138.292379][ T6596]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[  138.292397][ T6596]  ? sock_recv_errqueue+0x4e0/0x510
[  138.292417][ T6596]  ? __lock_acquire+0xab9/0xd20
[  138.292436][ T6596]  ? look_up_lock_class+0x74/0x170
[  138.292459][ T6596]  ? register_lock_class+0x51/0x320
[  138.292482][ T6596]  ? __lock_acquire+0xab9/0xd20
[  138.292509][ T6596]  ? __mutex_trylock_common+0x153/0x260
[  138.292536][ T6596]  ? __pfx___mutex_trylock_common+0x10/0x10
[  138.292562][ T6596]  ? rcu_is_watching+0x15/0xb0
[  138.292583][ T6596]  ? trace_contention_end+0x39/0x120
[  138.292598][ T6596]  ? __mutex_lock+0x330/0xe80
[  138.292621][ T6596]  ? smc_getsockopt+0x123/0x380
[  138.292644][ T6596]  ? __pfx___mutex_lock+0x10/0x10
[  138.292659][ T6596]  ? __lock_acquire+0xab9/0xd20
[  138.292685][ T6596]  tcp_getsockopt+0x89/0x130
[  138.292705][ T6596]  ? sock_recv_errqueue+0x4e0/0x510
[  138.292719][ T6596]  ? sock_recv_errqueue+0x4e0/0x510
[  138.292735][ T6596]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  138.292750][ T6596]  smc_getsockopt+0x1ba/0x380
[  138.292773][ T6596]  ? __pfx_smc_getsockopt+0x10/0x10
[  138.292803][ T6596]  do_sock_getsockopt+0x35d/0x650
[  138.292825][ T6596]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  138.292843][ T6596]  ? __pfx_do_syscall_64+0x10/0x10
[  138.292857][ T6596]  ? __fget_files+0x3a0/0x420
[  138.292876][ T6596]  ? __fget_files+0x2a/0x420
[  138.292904][ T6596]  __x64_sys_getsockopt+0x1a5/0x250
[  138.292921][ T6596]  ? __pfx_do_syscall_64+0x10/0x10
[  138.292938][ T6596]  ? __pfx_do_syscall_64+0x10/0x10
[  138.292956][ T6596]  do_syscall_64+0xfa/0x3b0
[  138.292970][ T6596]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.292991][ T6596]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.293008][ T6596]  ? clear_bhb_loop+0x60/0xb0
[  138.293058][ T6596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.293075][ T6596] RIP: 0033:0x7fcbeeb8e929
[  138.293091][ T6596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.293104][ T6596] RSP: 002b:00007fcbef9b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  138.293123][ T6596] RAX: ffffffffffffffda RBX: 00007fcbeedb5fa0 RCX: 00007fcbeeb8e929
[  138.293136][ T6596] RDX: 0000000000000006 RSI: 0000000000000006 RDI: 0000000000000003
[  138.293145][ T6596] RBP: 00007fcbef9b6090 R08: 0000200000000040 R09: 0000000000000000
[  138.293155][ T6596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.293165][ T6596] R13: 0000000000000000 R14: 00007fcbeedb5fa0 R15: 00007ffce9f498c8
[  138.293193][ T6596]  </TASK>
[  138.729176][ T6583] Buffer I/O error on dev loop6, logical block 0, async page read
[  138.770072][ T6573] Dev loop6: unable to read RDB block 0
[  138.776533][ T6573]  loop6: unable to read partition table
[  138.782927][ T6573] loop6: partition table beyond EOD, truncated
[  138.789287][ T6573] loop_reread_partitions: partition scan of loop6 (3Ÿ‚¾‚³÷„I÷>Ê9äÿtPΪÅó×AÝÁÅ8}!Žñè3#yXÖe) failed (rc=-5)
[  139.287045][ T6612] IPVS: sync thread started: state = BACKUP, mcast_ifn = team_slave_1, syncid = 4, id = 0
[  139.801912][ T5193] ldm_validate_partition_table(): Disk read failed.
[  139.810877][ T5193] Dev loop6: unable to read RDB block 0
[  139.819254][ T5193]  loop6: unable to read partition table
[  139.825712][ T5193] loop6: partition table beyond EOD, truncated
[  141.099929][ T6663] 9pnet_fd: Insufficient options for proto=fd
[  142.110693][ T6672] binder: 6671:6672 ioctl c0306201 2000000003c0 returned -14
[  142.173854][ T6676] binder_alloc: 6671: binder_alloc_buf, no vma
[  142.314749][ T6672] netlink: 4 bytes leftover after parsing attributes in process `syz.4.201'.
[  142.381650][ T6672] netlink: 5 bytes leftover after parsing attributes in process `syz.4.201'.
[  142.412193][ T6672] netlink: 5 bytes leftover after parsing attributes in process `syz.4.201'.
[  144.235868][ T6706] netlink: 4 bytes leftover after parsing attributes in process `syz.2.206'.
[  144.726231][ T6709] netlink: 24 bytes leftover after parsing attributes in process `syz.1.209'.
[  145.090660][ T6709] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  145.099282][ T6709] cramfs: wrong magic
[  146.409485][ T6734] FAULT_INJECTION: forcing a failure.
[  146.409485][ T6734] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  146.423446][ T6734] CPU: 0 UID: 0 PID: 6734 Comm: syz.4.217 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  146.423469][ T6734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  146.423479][ T6734] Call Trace:
[  146.423487][ T6734]  <TASK>
[  146.423494][ T6734]  dump_stack_lvl+0x189/0x250
[  146.423523][ T6734]  ? __pfx____ratelimit+0x10/0x10
[  146.423549][ T6734]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.423573][ T6734]  ? __pfx__printk+0x10/0x10
[  146.423590][ T6734]  ? __might_fault+0xb0/0x130
[  146.423622][ T6734]  should_fail_ex+0x414/0x560
[  146.423649][ T6734]  _copy_from_user+0x2d/0xb0
[  146.423667][ T6734]  __sys_connect+0x123/0x440
[  146.423689][ T6734]  ? __pfx___sys_connect+0x10/0x10
[  146.423732][ T6734]  __x64_sys_connect+0x7a/0x90
[  146.423752][ T6734]  do_syscall_64+0xfa/0x3b0
[  146.423769][ T6734]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.423785][ T6734]  ? asm_sysvec_call_function_single+0x1a/0x20
[  146.423802][ T6734]  ? clear_bhb_loop+0x60/0xb0
[  146.423823][ T6734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.423839][ T6734] RIP: 0033:0x7fcbeeb8e929
[  146.423854][ T6734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.423868][ T6734] RSP: 002b:00007fcbef995038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  146.423886][ T6734] RAX: ffffffffffffffda RBX: 00007fcbeedb6080 RCX: 00007fcbeeb8e929
[  146.423898][ T6734] RDX: 0000000000000018 RSI: 0000200000000000 RDI: 0000000000000005
[  146.423909][ T6734] RBP: 00007fcbef995090 R08: 0000000000000000 R09: 0000000000000000
[  146.423920][ T6734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.423929][ T6734] R13: 0000000000000000 R14: 00007fcbeedb6080 R15: 00007ffce9f498c8
[  146.423958][ T6734]  </TASK>
[  146.604908][    C0] vkms_vblank_simulate: vblank timer overrun
[  147.303620][ T6729] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  148.133065][ T5828] Bluetooth: hci0: command 0x0c1a tx timeout
[  150.348208][ T6770] netlink: 8 bytes leftover after parsing attributes in process `syz.4.228'.
[  152.998932][ T6816] netlink: 8 bytes leftover after parsing attributes in process `syz.1.241'.
[  155.799411][ T6850] FAULT_INJECTION: forcing a failure.
[  155.799411][ T6850] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.935497][ T6850] CPU: 0 UID: 0 PID: 6850 Comm: syz.1.251 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  155.935525][ T6850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  155.935535][ T6850] Call Trace:
[  155.935543][ T6850]  <TASK>
[  155.935550][ T6850]  dump_stack_lvl+0x189/0x250
[  155.935579][ T6850]  ? __pfx____ratelimit+0x10/0x10
[  155.935604][ T6850]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.935627][ T6850]  ? __pfx__printk+0x10/0x10
[  155.935659][ T6850]  should_fail_ex+0x414/0x560
[  155.935692][ T6850]  _copy_from_user+0x2d/0xb0
[  155.935719][ T6850]  sctp_setsockopt+0x19f/0x1200
[  155.935740][ T6850]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  155.935760][ T6850]  do_sock_setsockopt+0x257/0x3e0
[  155.935784][ T6850]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  155.935809][ T6850]  ? __fget_files+0x2a/0x420
[  155.935840][ T6850]  __x64_sys_setsockopt+0x18b/0x220
[  155.935867][ T6850]  do_syscall_64+0xfa/0x3b0
[  155.935882][ T6850]  ? lockdep_hardirqs_on+0x9c/0x150
[  155.935905][ T6850]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.935922][ T6850]  ? clear_bhb_loop+0x60/0xb0
[  155.935943][ T6850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.935960][ T6850] RIP: 0033:0x7f754038e929
[  155.935975][ T6850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.935989][ T6850] RSP: 002b:00007f7541238038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  155.936007][ T6850] RAX: ffffffffffffffda RBX: 00007f75405b5fa0 RCX: 00007f754038e929
[  155.936020][ T6850] RDX: 0000000000000071 RSI: 0000000000000084 RDI: 0000000000000003
[  155.936030][ T6850] RBP: 00007f7541238090 R08: 0000000000000008 R09: 0000000000000000
[  155.936041][ T6850] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  155.936052][ T6850] R13: 0000000000000000 R14: 00007f75405b5fa0 R15: 00007ffddfe054e8
[  155.936081][ T6850]  </TASK>
[  157.998421][ T6872] netlink: 12 bytes leftover after parsing attributes in process `syz.1.257'.
[  158.363513][ T6880] i2c i2c-0: Invalid block write size 34
[  158.371594][ T6880] netlink: 'syz.0.261': attribute type 1 has an invalid length.
[  158.407630][ T6880] 8021q: adding VLAN 0 to HW filter on device bond1
[  159.396408][ T6889] lo speed is unknown, defaulting to 1000
[  159.411317][ T6889] lo speed is unknown, defaulting to 1000
[  159.423863][ T6889] lo speed is unknown, defaulting to 1000
[  159.979679][ T6889] infiniband s
z1: set active
[  159.984687][ T6889] infiniband s
z1: added lo
[  160.030105][ T5956] lo speed is unknown, defaulting to 1000
[  160.111258][ T6889] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR
[  160.346858][ T6889] infiniband s
z1: Couldn't open port 1
[  160.399123][ T6889] RDS/IB: s
z1: added
[  160.403730][ T6889] smc: adding ib device s
z1 with port count 1
[  160.410082][ T6889] smc:    ib device s
z1 port 1 has pnetid 
[  160.417943][ T6889] lo speed is unknown, defaulting to 1000
[  160.549362][ T6889] lo speed is unknown, defaulting to 1000
[  160.668691][ T6889] lo speed is unknown, defaulting to 1000
[  160.795481][ T6889] lo speed is unknown, defaulting to 1000
[  160.918765][ T6889] lo speed is unknown, defaulting to 1000
[  161.046813][ T5956] lo speed is unknown, defaulting to 1000
[  162.235983][   T30] audit: type=1800 audit(1749837419.632:4): pid=6906 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.264" name="bus" dev="overlay" ino=291 res=0 errno=0
[  162.286794][ T6907] netlink: 36 bytes leftover after parsing attributes in process `syz.2.264'.
[  163.954130][ T6929] 9pnet_fd: Insufficient options for proto=fd
[  164.052478][  T978] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  164.924384][  T978] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  164.940146][  T978] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  164.951229][  T978] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  165.071791][  T978] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  165.098603][  T978] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  165.114788][ T6941] netlink: 12 bytes leftover after parsing attributes in process `syz.4.273'.
[  165.174012][  T978] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  165.187454][  T978] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  165.195763][  T978] usb 3-1: Product: syz
[  165.200141][  T978] usb 3-1: Manufacturer: syz
[  165.225190][  T978] cdc_wdm 3-1:1.0: skipping garbage
[  165.232613][ T5907] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  165.249153][  T978] cdc_wdm 3-1:1.0: skipping garbage
[  165.375354][  T978] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  165.381403][  T978] cdc_wdm 3-1:1.0: Unknown control protocol
[  165.423465][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  165.430518][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  165.438875][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  165.445538][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  165.453215][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  165.460073][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  165.467213][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  165.473855][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  165.480346][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  165.487150][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  165.493743][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  165.500396][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  165.506756][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  165.513383][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  165.519808][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  165.526438][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  165.532791][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  165.539417][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  165.545786][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  165.552464][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  165.634011][  T978] usb 3-1: USB disconnect, device number 10
[  165.640043][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  166.173641][ T5907] usb 1-1: config 0 has an invalid interface number: 64 but max is 0
[  166.208189][ T5907] usb 1-1: config 0 has no interface number 0
[  166.723183][ T5907] usb 1-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[  166.759733][ T5907] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.795799][ T5907] usb 1-1: Product: syz
[  167.232141][ T5907] usb 1-1: Manufacturer: syz
[  167.274567][ T5907] usb 1-1: SerialNumber: syz
[  167.317616][ T5907] usb 1-1: config 0 descriptor??
[  167.556274][ T5907] usb 1-1: can't set config #0, error -71
[  167.816902][ T5907] usb 1-1: USB disconnect, device number 4
[  169.637572][ T6987] netlink: 12 bytes leftover after parsing attributes in process `syz.0.284'.
[  170.843683][   T30] audit: type=1400 audit(1749837428.292:5): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="B" requested=w pid=6995 comm="syz.3.289" daddr=fe80::ff
[  171.053616][ T5907] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  171.212196][ T5907] usb 3-1: device descriptor read/64, error -71
[  172.483891][ T5907] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  172.673856][ T5907] usb 3-1: device descriptor read/64, error -71
[  172.774422][ T7017] futex_wake_op: syz.1.295 tries to shift op by -1; fix this program
[  172.823300][ T5907] usb usb3-port1: attempt power cycle
[  173.272136][ T5907] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  173.494790][ T7030] netlink: 12 bytes leftover after parsing attributes in process `syz.3.299'.
[  173.732823][ T5907] usb 3-1: device descriptor read/8, error -71
[  175.219583][ T7049] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  175.607778][ T7056] netlink: 8 bytes leftover after parsing attributes in process `syz.0.305'.
[  176.248937][ T7068] fuse: Unknown parameter 'fd00000000000000000000'
[  176.283687][ T7068] syz.0.307: attempt to access beyond end of device
[  176.283687][ T7068] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[  176.297496][ T7068] hpfs: hpfs_map_sector(): read error
[  176.366509][ T7069] o2cb: This node has not been configured.
[  176.372830][ T7069] o2cb: Cluster check failed. Fix errors before retrying.
[  176.380459][ T7069] (syz.0.307,7069,1):user_dlm_register:674 ERROR: status = -22
[  176.388258][ T7069] (syz.0.307,7069,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[  178.334887][ T7094] netlink: 12 bytes leftover after parsing attributes in process `syz.4.313'.
[  179.107325][ T7105] syz.1.317 (7105): /proc/7101/oom_adj is deprecated, please use /proc/7101/oom_score_adj instead.
[  182.514173][ T7146] netlink: 12 bytes leftover after parsing attributes in process `syz.0.329'.
[  185.350739][ T7178] netlink: 8 bytes leftover after parsing attributes in process `syz.2.337'.
[  186.499662][ T7185] pim6reg1: entered promiscuous mode
[  186.505138][ T7185] pim6reg1: entered allmulticast mode
[  188.148843][ T7202] netlink: 8 bytes leftover after parsing attributes in process `syz.1.344'.
[  189.824990][ T5907] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  189.957713][ T5907] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  190.936993][   T30] audit: type=1400 audit(1749837448.382:6): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="B" requested=w pid=7234 comm="syz.3.355" daddr=fe80::bb
[  191.006646][   T30] audit: type=1400 audit(1749837448.452:7): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="B" requested=w pid=7234 comm="syz.3.355" dest=2
[  191.040143][ T7231] fido_id[7231]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  191.092498][   T24] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  191.334245][   T24] usb 3-1: Using ep0 maxpacket: 8
[  191.371239][   T24] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  191.477033][   T24] usb 3-1: config 179 has no interface number 0
[  191.506064][ T5872] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  191.547952][   T24] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  191.620526][   T24] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  191.645073][   T24] usb 3-1: config 179 interface 65 altsetting 12 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  191.682382][   T24] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  191.702512][   T24] usb 3-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  191.716519][   T24] usb 3-1: config 179 interface 65 has no altsetting 0
[  191.732420][   T24] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  191.748719][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.773273][ T5872] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  191.791493][ T5872] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  191.835654][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.881688][ T5872] usb 2-1: Product: syz
[  191.884015][   T24] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input6
[  191.888902][ T5872] usb 2-1: Manufacturer: syz
[  191.909809][ T5872] usb 2-1: SerialNumber: syz
[  191.917565][ T5872] usb 2-1: config 0 descriptor??
[  191.997387][ T7232] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  192.032871][ T5178] input input6: unable to receive magic message: -110
[  192.066839][ T7232] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.130770][ T7248] xt_l2tp: v2 sid > 0xffff: 262144
[  192.163620][ T5178] input input6: unable to receive magic message: -32
[  192.284630][   T10] usb 3-1: USB disconnect, device number 15
[  192.284769][    C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  192.396316][   T10] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  192.592836][ T7251] netlink: 8 bytes leftover after parsing attributes in process `syz.4.360'.
[  193.109768][ T5872] usb 2-1: USB disconnect, device number 8
[  193.698285][ T6143] udevd[6143]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  194.522961][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  194.546262][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  195.562681][ T7285] 9pnet_fd: Insufficient options for proto=fd
[  196.411719][ T5828] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  196.420452][ T5828] Bluetooth: hci4: Injecting HCI hardware error event
[  196.443843][ T5828] Bluetooth: hci4: hardware error 0x00
[  197.675444][ T7303] 9pnet_fd: Insufficient options for proto=fd
[  198.142863][   T30] audit: type=1400 audit(1749837455.592:8): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="B" requested=w pid=7304 comm="syz.2.374" daddr=ff01::1 dest=20000
[  199.026186][   T30] audit: type=1326 audit(1749837456.472:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7321 comm="syz.4.379" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcbeeb8e929 code=0x0
[  199.211628][ T7327] netlink: 44 bytes leftover after parsing attributes in process `syz.2.380'.
[  199.224311][ T7327] netlink: 44 bytes leftover after parsing attributes in process `syz.2.380'.
[  199.252389][ T5828] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  199.260165][ T7328] xt_l2tp: v2 sid > 0xffff: 262144
[  199.282206][ T5879] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  199.454463][ T5879] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  199.519500][ T5879] usb 4-1: New USB device found, idVendor=1532, idProduct=010d, bcdDevice= 0.00
[  199.555506][ T5879] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.596892][ T5879] usb 4-1: config 0 descriptor??
[  199.802123][   T24] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  200.246236][ T7320] capability: warning: `syz.3.378' uses 32-bit capabilities (legacy support in use)
[  200.561441][ T7320] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  200.622470][ T7336] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  200.669390][ T7320] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  200.722195][ T7336] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  200.743087][ T7341] netlink: 100 bytes leftover after parsing attributes in process `syz.1.385'.
[  200.763856][ T5879] razer 0003:1532:010D.0005: hidraw0: USB HID v0.00 Device [HID 1532:010d] on usb-dummy_hcd.3-1/input0
[  200.792202][   T24] usb 1-1: Using ep0 maxpacket: 32
[  200.804021][   T24] usb 1-1: config 4 has an invalid interface number: 8 but max is 0
[  200.822728][   T24] usb 1-1: config 4 has no interface number 0
[  200.836504][   T24] usb 1-1: config 4 interface 8 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[  200.887242][   T24] usb 1-1: config 4 interface 8 altsetting 1 bulk endpoint 0x8A has invalid maxpacket 0
[  200.952114][   T24] usb 1-1: config 4 interface 8 has no altsetting 0
[  200.957688][   T10] usb 4-1: USB disconnect, device number 6
[  200.991731][   T24] usb 1-1: New USB device found, idVendor=065a, idProduct=0009, bcdDevice=60.65
[  201.014467][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.040065][   T24] usb 1-1: Product: syz
[  201.065213][   T24] usb 1-1: Manufacturer: syz
[  201.076783][   T24] usb 1-1: SerialNumber: syz
[  201.113196][ T7351] binder: 7350:7351 ioctl 89f1 200000000480 returned -22
[  201.602656][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[  201.606698][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  201.608823][ T5834] Bluetooth: hci3: command 0x0406 tx timeout
[  201.614875][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  201.790145][ T7362] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock
[  201.976386][   T24] opticon 1-1:4.8: opticon converter detected
[  202.067023][   T24] usb 1-1: opticon converter now attached to ttyUSB0
[  202.090353][   T24] usb 1-1: USB disconnect, device number 5
[  202.116903][   T24] opticon ttyUSB0: opticon converter now disconnected from ttyUSB0
[  202.129867][   T24] opticon 1-1:4.8: device disconnected
[  203.061440][ T5144] Bluetooth: hci0: hardware error 0x71
[  203.170898][ T7377] xt_l2tp: v2 sid > 0xffff: 262144
[  205.172382][ T5144] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  207.208399][   T30] audit: type=1400 audit(1749837464.592:10): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="B" requested=w pid=7408 comm="syz.3.403" dest=2
[  207.747584][ T7429] netlink: 4 bytes leftover after parsing attributes in process `syz.0.408'.
[  208.212281][   T24] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  208.467953][   T24] usb 3-1: Using ep0 maxpacket: 8
[  208.489035][   T24] usb 3-1: unable to get BOS descriptor or descriptor too short
[  208.513342][   T24] usb 3-1: config 1 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.549049][   T24] usb 3-1: No eUSB2 isoc ep 129 companion for config 1 interface 0 altsetting 6
[  208.602281][   T24] usb 3-1: config 1 interface 0 altsetting 6 bulk endpoint 0x82 has invalid maxpacket 16
[  208.626160][   T24] usb 3-1: config 1 interface 0 altsetting 6 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  208.639645][   T24] usb 3-1: config 1 interface 0 has no altsetting 0
[  208.711694][   T24] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  208.743357][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.310245][   T24] usb 3-1: Product: syz
[  209.314552][   T24] usb 3-1: Manufacturer: syz
[  209.319184][   T24] usb 3-1: SerialNumber: syz
[  209.381504][ T7424] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  209.392911][ T7424] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  209.751682][ T7424] IPVS: set_ctl: invalid protocol: 98 172.20.20.34:20003
[  210.125728][   T24] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  210.172103][   T24] usb 3-1: USB disconnect, device number 16
[  210.453396][ T7458] 9pnet_fd: Insufficient options for proto=fd
[  211.996669][   T30] audit: type=1400 audit(1749837469.442:11): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="B" requested=w pid=7473 comm="syz.1.423" dest=2
[  212.517353][ T7479] netlink: 8 bytes leftover after parsing attributes in process `syz.2.424'.
[  212.840467][ T7474] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  212.855149][ T7474] overlay: filesystem on ./bus not supported as upperdir
[  212.869185][ T7474] evm: overlay not supported
[  213.846157][ T7492] netlink: 72 bytes leftover after parsing attributes in process `syz.4.428'.
[  213.876141][ T7487] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  214.153019][   T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  214.323790][   T10] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  214.344937][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.382608][   T10] usb 5-1: config 0 descriptor??
[  214.407275][   T10] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  216.775187][ T7534] netlink: 'syz.2.438': attribute type 9 has an invalid length.
[  216.958818][ T7534] netlink: 212260 bytes leftover after parsing attributes in process `syz.2.438'.
[  217.822295][   T10] gspca_stv06xx: I2C: Read error writing address: -71
[  217.892655][   T10] usb 5-1: USB disconnect, device number 3
[  217.925273][ T7540] netlink: 4 bytes leftover after parsing attributes in process `syz.0.439'.
[  218.220641][ T7548] Bluetooth: MGMT ver 1.23
[  218.232175][ T2152] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  218.235971][ T7548] FAULT_INJECTION: forcing a failure.
[  218.235971][ T7548] name failslab, interval 1, probability 0, space 0, times 0
[  218.267375][ T7548] CPU: 0 UID: 0 PID: 7548 Comm: syz.3.443 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  218.267400][ T7548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  218.267411][ T7548] Call Trace:
[  218.267419][ T7548]  <TASK>
[  218.267428][ T7548]  dump_stack_lvl+0x189/0x250
[  218.267469][ T7548]  ? __pfx____ratelimit+0x10/0x10
[  218.267494][ T7548]  ? __pfx_dump_stack_lvl+0x10/0x10
[  218.267518][ T7548]  ? __pfx__printk+0x10/0x10
[  218.267541][ T7548]  ? __pfx___might_resched+0x10/0x10
[  218.267564][ T7548]  ? fs_reclaim_acquire+0x7d/0x100
[  218.267594][ T7548]  should_fail_ex+0x414/0x560
[  218.267622][ T7548]  should_failslab+0xa8/0x100
[  218.267645][ T7548]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  218.267666][ T7548]  ? __alloc_skb+0x112/0x2d0
[  218.267684][ T7548]  ? get_current_settings+0x48b/0x5a0
[  218.267713][ T7548]  __alloc_skb+0x112/0x2d0
[  218.267744][ T7548]  mgmt_send_event+0x46/0x190
[  218.267771][ T7548]  set_connectable+0x40c/0x790
[  218.267803][ T7548]  ? __pfx_set_connectable+0x10/0x10
[  218.267861][ T7548]  hci_mgmt_cmd+0x9c9/0xef0
[  218.267899][ T7548]  hci_sock_sendmsg+0x6ca/0xef0
[  218.267927][ T7548]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  218.267952][ T7548]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  218.267972][ T7548]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  218.267994][ T7548]  __sock_sendmsg+0x219/0x270
[  218.268022][ T7548]  sock_write_iter+0x258/0x330
[  218.268047][ T7548]  ? __pfx_sock_write_iter+0x10/0x10
[  218.268081][ T7548]  ? bpf_lsm_file_permission+0x9/0x20
[  218.268101][ T7548]  ? security_file_permission+0x75/0x290
[  218.268134][ T7548]  vfs_write+0x54b/0xa90
[  218.268160][ T7548]  ? __pfx_sock_write_iter+0x10/0x10
[  218.268185][ T7548]  ? __pfx_vfs_write+0x10/0x10
[  218.268222][ T7548]  ? __fget_files+0x2a/0x420
[  218.268256][ T7548]  ksys_write+0x145/0x250
[  218.268279][ T7548]  ? __pfx_ksys_write+0x10/0x10
[  218.268295][ T7548]  ? rcu_is_watching+0x15/0xb0
[  218.268326][ T7548]  ? do_syscall_64+0xbe/0x3b0
[  218.268346][ T7548]  do_syscall_64+0xfa/0x3b0
[  218.268361][ T7548]  ? lockdep_hardirqs_on+0x9c/0x150
[  218.268384][ T7548]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.268401][ T7548]  ? clear_bhb_loop+0x60/0xb0
[  218.268424][ T7548]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.268441][ T7548] RIP: 0033:0x7f369198e929
[  218.268465][ T7548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.268480][ T7548] RSP: 002b:00007f36927d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  218.268503][ T7548] RAX: ffffffffffffffda RBX: 00007f3691bb5fa0 RCX: 00007f369198e929
[  218.268515][ T7548] RDX: 0000000000000007 RSI: 0000200000000340 RDI: 0000000000000007
[  218.268527][ T7548] RBP: 00007f36927d5090 R08: 0000000000000000 R09: 0000000000000000
[  218.268538][ T7548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  218.268549][ T7548] R13: 0000000000000000 R14: 00007f3691bb5fa0 R15: 00007ffec66b9958
[  218.268579][ T7548]  </TASK>
[  218.818761][ T2152] usb 3-1: Using ep0 maxpacket: 8
[  218.838382][ T2152] usb 3-1: unable to get BOS descriptor or descriptor too short
[  218.866484][ T2152] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[  218.878677][   T30] audit: type=1400 audit(1749837476.282:12): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="B" requested=w pid=7560 comm="syz.0.446" daddr=ff00::1 dest=2
[  218.895840][   T30] audit: type=1326 audit(1749837476.282:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7560 comm="syz.0.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f425af8e929 code=0x7ffc0000
[  218.918649][   T30] audit: type=1326 audit(1749837476.282:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7560 comm="syz.0.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f425af8e929 code=0x7ffc0000
[  218.944453][   T30] audit: type=1326 audit(1749837476.282:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7560 comm="syz.0.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f425af8e929 code=0x7ffc0000
[  218.993803][ T2152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  219.058776][ T2152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  219.118902][   T30] audit: type=1326 audit(1749837476.282:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7560 comm="syz.0.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f425af8e929 code=0x7ffc0000
[  219.123008][ T2152] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1
[  219.188305][   T30] audit: type=1326 audit(1749837476.282:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7560 comm="syz.0.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f425af8e929 code=0x7ffc0000
[  219.369253][   T30] audit: type=1326 audit(1749837476.282:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7560 comm="syz.0.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f425af8e929 code=0x7ffc0000
[  219.391556][   T30] audit: type=1326 audit(1749837476.282:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7560 comm="syz.0.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f425af8e929 code=0x7ffc0000
[  219.422651][   T30] audit: type=1326 audit(1749837476.282:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7560 comm="syz.0.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f425af8e929 code=0x7ffc0000
[  219.434461][ T2152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  220.186658][   T30] audit: type=1326 audit(1749837476.282:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7560 comm="syz.0.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f425af8e929 code=0x7ffc0000
[  220.208109][    C0] vkms_vblank_simulate: vblank timer overrun
[  220.256807][ T2152] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 222
[  220.285627][ T7580] netlink: 8 bytes leftover after parsing attributes in process `syz.4.451'.
[  220.299990][ T2152] usb 3-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84
[  220.317136][ T2152] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.381093][ T2152] usb 3-1: Product: syz
[  220.387751][ T2152] usb 3-1: Manufacturer: syz
[  220.393228][ T2152] usb 3-1: SerialNumber: syz
[  220.417262][ T2152] usb 3-1: config 0 descriptor??
[  220.449378][ T7542] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  220.464429][ T7542] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  220.495571][ T2152] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  220.572070][ T5872] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  220.729465][ T7580] mmap: syz.4.451 (7580) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  220.778484][ T5872] usb 1-1: config 0 has an invalid interface number: 87 but max is 0
[  220.813564][ T5872] usb 1-1: config 0 has no interface number 0
[  220.864923][ T5872] usb 1-1: too many endpoints for config 0 interface 87 altsetting 28: 204, using maximum allowed: 30
[  220.896207][ T5872] usb 1-1: config 0 interface 87 altsetting 28 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  220.922259][ T5872] usb 1-1: config 0 interface 87 altsetting 28 has 1 endpoint descriptor, different from the interface descriptor's value: 204
[  220.959847][ T5872] usb 1-1: config 0 interface 87 has no altsetting 0
[  220.984998][ T5872] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=8c.f4
[  221.003414][ T5872] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.043842][ T5872] usb 1-1: Product: syz
[  221.049723][ T5872] usb 1-1: Manufacturer: syz
[  221.072139][ T5872] usb 1-1: SerialNumber: syz
[  221.103178][ T5872] usb 1-1: config 0 descriptor??
[  221.382780][ T5907] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  221.658981][ T7542] tls_set_device_offload_rx: netdev not found
[  221.668633][ T5872] usb 1-1: can't set config #0, error -71
[  221.805441][ T5872] usb 1-1: USB disconnect, device number 6
[  222.627183][ T7542] xt_TCPMSS: Only works on TCP SYN packets
[  223.515270][ T5872] usb 3-1: USB disconnect, device number 17
[  223.825886][ T7619] netlink: 8 bytes leftover after parsing attributes in process `syz.1.459'.
[  224.503480][ T6736] Bluetooth: (null): Too short H5 packet
[  224.510547][ T6736] Bluetooth: (null): Invalid header checksum
[  224.524104][ T5907] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  224.527462][ T5990] Bluetooth: (null): Invalid header checksum
[  224.609468][ T6736] Bluetooth: (null): Invalid header checksum
[  224.712354][ T6736] Bluetooth: (null): Invalid header checksum
[  224.838530][ T5907] usb 4-1: config 0 has an invalid interface number: 4 but max is 0
[  225.455866][ T5907] usb 4-1: config 0 has no interface number 0
[  225.577659][ T5907] usb 4-1: New USB device found, idVendor=05c6, idProduct=9035, bcdDevice=26.4c
[  225.625691][ T5907] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.641500][ T5907] usb 4-1: Product: syz
[  225.650166][ T5907] usb 4-1: Manufacturer: syz
[  225.654946][ T5907] usb 4-1: SerialNumber: syz
[  225.667268][ T5907] usb 4-1: config 0 descriptor??
[  225.760538][ T7649] netlink: 8 bytes leftover after parsing attributes in process `syz.4.472'.
[  226.469339][ T2152] usb 4-1: USB disconnect, device number 7
[  226.490743][ T7664] netlink: 'syz.1.475': attribute type 21 has an invalid length.
[  226.508023][ T7664] netlink: 144 bytes leftover after parsing attributes in process `syz.1.475'.
[  226.749745][ T7666] futex_wake_op: syz.2.474 tries to shift op by 144; fix this program
[  226.789884][ T7666] netlink: 20 bytes leftover after parsing attributes in process `syz.2.474'.
[  227.875097][ T7685] ip6erspan0: entered promiscuous mode
[  228.296858][   T30] kauditd_printk_skb: 32 callbacks suppressed
[  228.296873][   T30] audit: type=1400 audit(1749837485.742:54): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="B" requested=w pid=7683 comm="syz.2.481" daddr=ff01::1 dest=20000
[  228.741505][ T7686] Process accounting resumed
[  229.984992][    C1] vcan0: j1939_tp_rxtimer: 0xffff888055bc5000: rx timeout, send abort
[  229.995442][    C1] vcan0: j1939_tp_rxtimer: 0xffff888055bc7400: rx timeout, send abort
[  230.494290][    C1] vcan0: j1939_tp_rxtimer: 0xffff888055bc5000: abort rx timeout. Force session deactivation
[  230.512022][    C1] vcan0: j1939_tp_rxtimer: 0xffff888055bc7400: abort rx timeout. Force session deactivation
[  232.731733][ T5956] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  233.192342][   T30] audit: type=1800 audit(1749837490.562:55): pid=7724 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.492" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  233.951407][ T5956] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  233.973792][ T5956] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  233.992154][ T5956] usb 3-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  234.011829][ T5956] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.136653][ T5956] usb 3-1: config 0 descriptor??
[  235.243342][ T7735] netlink: 'syz.4.495': attribute type 6 has an invalid length.
[  235.355410][ T5956] usbhid 3-1:0.0: can't add hid device: -71
[  235.383613][ T5956] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  235.405707][ T5956] usb 3-1: USB disconnect, device number 18
[  235.562147][ T5872] usb 1-1: new low-speed USB device number 7 using dummy_hcd
[  235.620359][ T7754] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  235.630655][ T7754] cramfs: wrong magic
[  235.733749][ T5872] usb 1-1: device descriptor read/64, error -71
[  236.022399][ T5872] usb 1-1: new low-speed USB device number 8 using dummy_hcd
[  236.243990][ T5872] usb 1-1: device descriptor read/64, error -71
[  236.430086][ T5872] usb usb1-port1: attempt power cycle
[  236.882072][ T5872] usb 1-1: new low-speed USB device number 9 using dummy_hcd
[  236.962245][ T5825] IPVS: starting estimator thread 0...
[  236.992999][ T5872] usb 1-1: device descriptor read/8, error -71
[  237.072346][ T7765] IPVS: using max 27 ests per chain, 64800 per kthread
[  237.702054][ T5872] usb 1-1: new low-speed USB device number 10 using dummy_hcd
[  237.770813][ T5872] usb 1-1: device descriptor read/8, error -71
[  237.953589][ T5872] usb usb1-port1: unable to enumerate USB device
[  238.072861][ T2152] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  238.759741][ T2152] usb 2-1: Using ep0 maxpacket: 32
[  238.838692][ T2152] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 174, changing to 11
[  238.992267][   T30] audit: type=1326 audit(1749837496.442:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7759 comm="syz.2.503" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3ebb18e929 code=0x0
[  239.032282][ T2152] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 33051, setting to 1024
[  239.697330][ T2152] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  239.715635][ T2152] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.731812][ T2152] usb 2-1: config 0 descriptor??
[  239.851650][ T7789] netlink: 32 bytes leftover after parsing attributes in process `syz.0.510'.
[  240.380547][ T7775] netlink: 44 bytes leftover after parsing attributes in process `syz.1.506'.
[  240.659741][ T2152] savu 0003:1E7D:2D5A.0006: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0
[  240.688646][ T2152] usb 2-1: USB disconnect, device number 9
[  240.935794][ T7801] bridge_slave_0: left allmulticast mode
[  240.944813][ T7801] bridge_slave_0: left promiscuous mode
[  240.950843][ T7801] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.038130][ T7803] netlink: 'syz.4.514': attribute type 1 has an invalid length.
[  241.049946][ T7803] netlink: 16 bytes leftover after parsing attributes in process `syz.4.514'.
[  241.112700][ T7801] bridge_slave_1: left allmulticast mode
[  241.121102][ T7801] bridge_slave_1: left promiscuous mode
[  241.149960][ T7801] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.237999][ T7801] bond0: (slave bond_slave_0): Releasing backup interface
[  241.332562][ T7801] bond0: (slave bond_slave_1): Releasing backup interface
[  241.360960][ T7801] team0: Port device team_slave_0 removed
[  241.422859][ T7801] team0: Port device team_slave_1 removed
[  241.430934][ T7801] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  241.438561][ T7801] batman_adv: batadv0: Removing interface: batadv_slave_0
[  241.463681][ T7801] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  241.474162][ T7801] batman_adv: batadv0: Removing interface: batadv_slave_1
[  241.502079][ T5872] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  241.674630][ T5872] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  241.729992][ T5872] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  241.748273][ T5872] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  241.762570][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.780529][ T5872] usb 2-1: config 0 descriptor??
[  241.801350][ T5872] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  241.819420][ T5872] dvb-usb: bulk message failed: -22 (3/0)
[  241.859113][ T5872] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  241.939444][ T5879] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  241.993568][ T5872] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  242.016193][ T5872] usb 2-1: media controller created
[  242.648195][ T5872] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  242.678967][ T5872] dvb-usb: bulk message failed: -22 (6/0)
[  242.689375][ T5872] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  242.703421][ T5872] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input7
[  242.752431][ T5879] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  242.770959][ T5879] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  242.781616][ T5879] usb 3-1: config 220 has no interface number 2
[  242.794809][ T5872] dvb-usb: schedule remote query interval to 150 msecs.
[  242.809732][ T5872] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  242.817843][ T5879] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  242.865624][ T5879] usb 3-1: config 220 interface 0 has no altsetting 0
[  242.888107][ T5879] usb 3-1: config 220 interface 76 has no altsetting 0
[  242.908800][ T5879] usb 3-1: config 220 interface 1 has no altsetting 0
[  242.927424][ T5879] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  242.939100][ T5879] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.967111][ T5879] usb 3-1: Product: syz
[  242.967784][ T5872] dvb-usb: bulk message failed: -22 (1/0)
[  242.977302][ T5879] usb 3-1: Manufacturer: syz
[  242.999985][ T5879] usb 3-1: SerialNumber: syz
[  243.009344][ T5872] dvb-usb: error while querying for an remote control event.
[  243.087445][ T7805] overlay: Bad value for 'workdir'
[  243.114712][ T2152] usb 2-1: USB disconnect, device number 10
[  243.180819][ T2152] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  243.801230][ T5879] usb 3-1: selecting invalid altsetting 0
[  243.817835][ T5879] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  243.854632][ T5879] usb 3-1: No valid video chain found.
[  243.920033][ T5879] usb 3-1: selecting invalid altsetting 0
[  243.926581][ T5879] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  243.962778][ T5879] usb 3-1: USB disconnect, device number 19
[  244.072616][   T30] audit: type=1800 audit(1749837501.512:57): pid=7839 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.525" name="bus" dev="tmpfs" ino=552 res=0 errno=0
[  244.620254][ T7844] dummy0: entered promiscuous mode
[  244.664421][ T7844] macsec1: entered allmulticast mode
[  244.670138][ T7844] dummy0: entered allmulticast mode
[  244.773613][ T7844] dummy0: left allmulticast mode
[  244.778799][ T7844] dummy0: left promiscuous mode
[  244.787910][   T30] audit: type=1400 audit(1749837502.232:58): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="B" requested=w pid=7848 comm="syz.0.528" daddr=fe80::
[  244.904446][ T7847] vti0: entered promiscuous mode
[  244.934768][ T7862] netlink: 8 bytes leftover after parsing attributes in process `syz.4.534'.
[  245.042383][ T5879] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  245.325836][ T5879] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  245.406468][ T5879] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.510168][ T5879] usb 4-1: config 0 descriptor??
[  246.606657][ T7868] team_slave_0: entered promiscuous mode
[  246.612985][ T7868] team_slave_1: entered promiscuous mode
[  246.653329][ T7854] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  246.669680][ T7868] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  246.677727][ T7854] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  246.693144][ T7868] team0: Device macvtap1 is already an upper device of the team interface
[  246.797488][ T7868] team_slave_0: left promiscuous mode
[  246.803267][ T7868] team_slave_1: left promiscuous mode
[  247.388316][   T30] audit: type=1326 audit(1749837504.832:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425af8e929 code=0x7ffc0000
[  247.512099][   T30] audit: type=1326 audit(1749837504.872:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425af8e929 code=0x7ffc0000
[  247.765330][   T30] audit: type=1326 audit(1749837504.872:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425af8e929 code=0x7ffc0000
[  247.799562][   T30] audit: type=1326 audit(1749837504.882:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f425af2ab19 code=0x7ffc0000
[  247.828719][   T30] audit: type=1326 audit(1749837504.882:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425af8e929 code=0x7ffc0000
[  248.247080][   T30] audit: type=1326 audit(1749837504.882:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f425af2ab19 code=0x7ffc0000
[  248.268592][    C0] vkms_vblank_simulate: vblank timer overrun
[  248.504601][   T30] audit: type=1326 audit(1749837504.882:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425af8e929 code=0x7ffc0000
[  248.544819][   T30] audit: type=1326 audit(1749837504.882:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f425af2ab19 code=0x7ffc0000
[  248.566196][    C0] vkms_vblank_simulate: vblank timer overrun
[  248.711900][ T5879] udl 4-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  248.736885][ T5879] [drm:udl_init] *ERROR* Selecting channel failed
[  248.743723][ T5956] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  248.789757][ T5879] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2
[  248.812109][ T5879] [drm] Initialized udl on minor 2
[  248.839320][ T5879] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  248.879207][ T5879] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  248.905296][ T5956] usb 3-1: Using ep0 maxpacket: 16
[  248.915900][   T24] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  248.934191][ T5879] usb 4-1: USB disconnect, device number 8
[  248.953897][ T5956] usb 3-1: config 0 has an invalid interface number: 214 but max is 0
[  248.970046][   T24] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  248.982102][ T5956] usb 3-1: config 0 has no interface number 0
[  248.990159][ T5956] usb 3-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  249.040606][ T5956] usb 3-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f2
[  249.055074][ T5956] usb 3-1: New USB device strings: Mfr=1, Product=6, SerialNumber=3
[  249.072158][ T5956] usb 3-1: Product: syz
[  249.076545][ T5956] usb 3-1: Manufacturer: syz
[  249.081297][ T5956] usb 3-1: SerialNumber: syz
[  249.102470][   T30] kauditd_printk_skb: 319 callbacks suppressed
[  249.102488][   T30] audit: type=1400 audit(1749837506.552:386): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="B" requested=w pid=7908 comm="syz.4.550" daddr=2001::1
[  249.163356][ T5956] usb 3-1: config 0 descriptor??
[  249.187187][ T5144] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  249.316724][   T30] audit: type=1326 audit(1749837506.602:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f425af2ab19 code=0x7ffc0000
[  249.346089][   T30] audit: type=1326 audit(1749837506.602:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f425af2ab19 code=0x7ffc0000
[  249.930780][   T30] audit: type=1326 audit(1749837506.602:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f425af2ab19 code=0x7ffc0000
[  250.112020][   T30] audit: type=1326 audit(1749837506.602:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f425af2ab19 code=0x7ffc0000
[  250.136137][   T30] audit: type=1326 audit(1749837506.602:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f425af2ab19 code=0x7ffc0000
[  250.161292][   T30] audit: type=1326 audit(1749837506.602:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f425af2ab19 code=0x7ffc0000
[  250.207561][   T30] audit: type=1326 audit(1749837506.602:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f425af2ab19 code=0x7ffc0000
[  250.246643][   T30] audit: type=1326 audit(1749837506.602:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f425af2ab19 code=0x7ffc0000
[  250.320932][   T30] audit: type=1326 audit(1749837506.602:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7878 comm="syz.0.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f425af2ab19 code=0x7ffc0000
[  250.476168][ T5956] usbtouchscreen 3-1:0.214: probe with driver usbtouchscreen failed with error -71
[  250.556912][ T5956] usb 3-1: USB disconnect, device number 20
[  251.404326][ T7936] 9pnet_fd: Insufficient options for proto=fd
[  252.291721][ T7946] netlink: 24 bytes leftover after parsing attributes in process `syz.1.560'.
[  252.481455][ T7957] overlay: Unknown parameter 'uid<00000000000000000000'
[  253.116477][ T2152] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  253.145218][ T7968] netlink: 60 bytes leftover after parsing attributes in process `syz.4.567'.
[  253.177975][ T7967] netlink: 60 bytes leftover after parsing attributes in process `syz.4.567'.
[  253.282887][ T2152] usb 3-1: Using ep0 maxpacket: 32
[  253.316933][ T2152] usb 3-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=cd.c6
[  253.381067][ T7974] 9pnet_fd: Insufficient options for proto=fd
[  253.402512][ T2152] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.431427][ T2152] usb 3-1: Product: syz
[  253.462110][ T2152] usb 3-1: Manufacturer: syz
[  253.476325][ T2152] usb 3-1: SerialNumber: syz
[  253.491751][ T2152] usb 3-1: config 0 descriptor??
[  253.709046][ T7988] FAULT_INJECTION: forcing a failure.
[  253.709046][ T7988] name failslab, interval 1, probability 0, space 0, times 0
[  253.723546][ T7988] CPU: 0 UID: 0 PID: 7988 Comm: syz.0.574 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  253.723571][ T7988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  253.723581][ T7988] Call Trace:
[  253.723590][ T7988]  <TASK>
[  253.723598][ T7988]  dump_stack_lvl+0x189/0x250
[  253.723627][ T7988]  ? __pfx____ratelimit+0x10/0x10
[  253.723652][ T7988]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.723675][ T7988]  ? __pfx__printk+0x10/0x10
[  253.723699][ T7988]  ? __pfx___might_resched+0x10/0x10
[  253.723738][ T7988]  should_fail_ex+0x414/0x560
[  253.723765][ T7988]  should_failslab+0xa8/0x100
[  253.723789][ T7988]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  253.723810][ T7988]  ? __alloc_skb+0x112/0x2d0
[  253.723834][ T7988]  __alloc_skb+0x112/0x2d0
[  253.723857][ T7988]  netlink_sendmsg+0x5c6/0xb30
[  253.723887][ T7988]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.723917][ T7988]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.723938][ T7988]  __sock_sendmsg+0x219/0x270
[  253.723966][ T7988]  ____sys_sendmsg+0x505/0x830
[  253.723993][ T7988]  ? __pfx_____sys_sendmsg+0x10/0x10
[  253.724024][ T7988]  ? import_iovec+0x74/0xa0
[  253.724046][ T7988]  ___sys_sendmsg+0x21f/0x2a0
[  253.724069][ T7988]  ? __pfx____sys_sendmsg+0x10/0x10
[  253.724128][ T7988]  ? __fget_files+0x2a/0x420
[  253.724149][ T7988]  ? __fget_files+0x3a0/0x420
[  253.724180][ T7988]  __x64_sys_sendmsg+0x19b/0x260
[  253.724216][ T7988]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  253.724262][ T7988]  do_syscall_64+0xfa/0x3b0
[  253.724281][ T7988]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.724297][ T7988]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  253.724313][ T7988]  ? clear_bhb_loop+0x60/0xb0
[  253.724334][ T7988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.724351][ T7988] RIP: 0033:0x7f425af8e929
[  253.724368][ T7988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.724382][ T7988] RSP: 002b:00007f425bd6b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  253.724400][ T7988] RAX: ffffffffffffffda RBX: 00007f425b1b6080 RCX: 00007f425af8e929
[  253.724413][ T7988] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000007
[  253.724423][ T7988] RBP: 00007f425bd6b090 R08: 0000000000000000 R09: 0000000000000000
[  253.724434][ T7988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.724443][ T7988] R13: 0000000000000000 R14: 00007f425b1b6080 R15: 00007fffd4160618
[  253.724471][ T7988]  </TASK>
[  254.278067][   T30] kauditd_printk_skb: 61 callbacks suppressed
[  254.278094][   T30] audit: type=1400 audit(1749837511.722:457): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="B" requested=w pid=7955 comm="syz.2.563" daddr=b404:210:c6cd:102:301:902:1200:100
[  254.396005][  T978] usb 3-1: USB disconnect, device number 21
[  255.254858][ T5956] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  255.396918][ T5907] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  255.575605][ T5956] usb 1-1: Using ep0 maxpacket: 16
[  255.607555][ T5956] usb 1-1: config 0 has an invalid interface number: 148 but max is 0
[  255.637433][ T5956] usb 1-1: config 0 has no interface number 0
[  255.643758][ T5907] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[  255.651554][ T5956] usb 1-1: config 0 interface 148 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  255.664387][ T5956] usb 1-1: New USB device found, idVendor=0499, idProduct=8206, bcdDevice=f4.55
[  255.688258][ T5956] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.696703][ T5907] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  255.872384][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  255.884064][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  256.102090][ T5907] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  256.114762][ T5907] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  256.122917][ T5907] usb 2-1: Manufacturer: syz
[  256.130503][ T5907] usb 2-1: config 0 descriptor??
[  256.141863][ T5956] usb 1-1: config 0 descriptor??
[  256.252072][ T5907] rc_core: IR keymap rc-hauppauge not found
[  256.258313][ T5907] Registered IR keymap rc-empty
[  256.294199][ T5907] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  256.324332][ T5907] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input9
[  256.373016][    C0] igorplugusb 2-1:0.0: Error: urb status = -32
[  256.413590][ T5907] usb 2-1: USB disconnect, device number 11
[  256.445491][  T978] usb 1-1: USB disconnect, device number 11
[  256.643299][   T30] audit: type=1326 audit(1749837514.092:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8030 comm="syz.2.585" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3ebb18e929 code=0x0
[  257.173153][ T8037] netlink: 76 bytes leftover after parsing attributes in process `syz.4.587'.
[  258.359053][ T8054] netlink: 8 bytes leftover after parsing attributes in process `syz.0.589'.
[  258.649680][ T8072] netlink: 16 bytes leftover after parsing attributes in process `syz.0.598'.
[  258.685949][ T8072] bridge0: entered promiscuous mode
[  258.705408][ T8072] bridge0: left promiscuous mode
[  259.668024][ T8085] FAULT_INJECTION: forcing a failure.
[  259.668024][ T8085] name failslab, interval 1, probability 0, space 0, times 0
[  259.685085][ T8085] CPU: 1 UID: 0 PID: 8085 Comm: syz.1.602 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  259.685111][ T8085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  259.685122][ T8085] Call Trace:
[  259.685129][ T8085]  <TASK>
[  259.685137][ T8085]  dump_stack_lvl+0x189/0x250
[  259.685166][ T8085]  ? __pfx____ratelimit+0x10/0x10
[  259.685191][ T8085]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.685214][ T8085]  ? __pfx__printk+0x10/0x10
[  259.685228][ T8085]  ? rcu_is_watching+0x15/0xb0
[  259.685268][ T8085]  should_fail_ex+0x414/0x560
[  259.685295][ T8085]  should_failslab+0xa8/0x100
[  259.685318][ T8085]  kmem_cache_alloc_noprof+0x73/0x3c0
[  259.685338][ T8085]  ? skb_clone+0x212/0x3a0
[  259.685364][ T8085]  skb_clone+0x212/0x3a0
[  259.685389][ T8085]  __netlink_deliver_tap+0x404/0x850
[  259.685423][ T8085]  ? netlink_deliver_tap+0x2e/0x1b0
[  259.685444][ T8085]  netlink_deliver_tap+0x19c/0x1b0
[  259.685464][ T8085]  netlink_dump+0x8e4/0xe20
[  259.685497][ T8085]  ? __pfx_netlink_dump+0x10/0x10
[  259.685532][ T8085]  ? kmem_cache_free+0x18f/0x400
[  259.685557][ T8085]  netlink_recvmsg+0x676/0xa30
[  259.685588][ T8085]  ? __pfx_netlink_recvmsg+0x10/0x10
[  259.685612][ T8085]  ? __lock_acquire+0xab9/0xd20
[  259.685637][ T8085]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  259.685655][ T8085]  ? security_socket_recvmsg+0x7e/0x2e0
[  259.685675][ T8085]  ? __pfx_netlink_recvmsg+0x10/0x10
[  259.685694][ T8085]  sock_recvmsg+0x229/0x270
[  259.685724][ T8085]  ____sys_recvmsg+0x1c9/0x460
[  259.685755][ T8085]  ? __pfx_____sys_recvmsg+0x10/0x10
[  259.685794][ T8085]  ? import_iovec+0x74/0xa0
[  259.685816][ T8085]  ___sys_recvmsg+0x1b5/0x510
[  259.685851][ T8085]  ? __pfx____sys_recvmsg+0x10/0x10
[  259.685900][ T8085]  ? __fget_files+0x3a0/0x420
[  259.685933][ T8085]  do_recvmmsg+0x307/0x770
[  259.685964][ T8085]  ? __pfx_do_recvmmsg+0x10/0x10
[  259.686000][ T8085]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  259.686048][ T8085]  __x64_sys_recvmmsg+0x190/0x240
[  259.686073][ T8085]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  259.686092][ T8085]  ? rcu_is_watching+0x15/0xb0
[  259.686120][ T8085]  ? do_syscall_64+0xbe/0x3b0
[  259.686140][ T8085]  do_syscall_64+0xfa/0x3b0
[  259.686154][ T8085]  ? lockdep_hardirqs_on+0x9c/0x150
[  259.686177][ T8085]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.686193][ T8085]  ? clear_bhb_loop+0x60/0xb0
[  259.686215][ T8085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.686230][ T8085] RIP: 0033:0x7f754038e929
[  259.686247][ T8085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.686261][ T8085] RSP: 002b:00007f7541238038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  259.686279][ T8085] RAX: ffffffffffffffda RBX: 00007f75405b5fa0 RCX: 00007f754038e929
[  259.686292][ T8085] RDX: 0000000000000004 RSI: 000020000000c800 RDI: 0000000000000003
[  259.686302][ T8085] RBP: 00007f7541238090 R08: 0000000000000000 R09: 0000000000000000
[  259.686313][ T8085] R10: 0000000040000000 R11: 0000000000000246 R12: 0000000000000001
[  259.686323][ T8085] R13: 0000000000000000 R14: 00007f75405b5fa0 R15: 00007ffddfe054e8
[  259.686353][ T8085]  </TASK>
[  262.451608][   T30] audit: type=1400 audit(1749837519.892:459): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="B" requested=w pid=8115 comm="syz.4.612"
[  264.789924][  T978] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  264.970307][  T978] usb 3-1: config 0 has an invalid interface number: 64 but max is 0
[  264.984908][  T978] usb 3-1: config 0 has no interface number 0
[  264.996167][  T978] usb 3-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[  265.007355][ T8151] netlink: 2 bytes leftover after parsing attributes in process `syz.4.626'.
[  265.017740][  T978] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.026407][  T978] usb 3-1: Product: syz
[  265.030754][  T978] usb 3-1: Manufacturer: syz
[  265.035570][  T978] usb 3-1: SerialNumber: syz
[  265.043757][  T978] usb 3-1: config 0 descriptor??
[  265.052087][ T5872] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  265.122690][ T5907] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  265.212259][ T5872] usb 4-1: Using ep0 maxpacket: 16
[  265.223176][ T5872] usb 4-1: too many configurations: 60, using maximum allowed: 8
[  265.271074][ T5872] usb 4-1: New USB device found, idVendor=0471, idProduct=032c, bcdDevice=ba.e9
[  265.295336][ T5907] usb 1-1: Using ep0 maxpacket: 32
[  265.312462][ T5872] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=204
[  265.327725][ T5872] usb 4-1: Product: syz
[  265.334405][ T5907] usb 1-1: config 1 has an invalid interface number: 233 but max is 0
[  265.358062][ T5872] usb 4-1: Manufacturer: syz
[  265.367521][ T5907] usb 1-1: config 1 has no interface number 0
[  265.382072][ T5872] usb 4-1: SerialNumber: syz
[  265.402382][ T5907] usb 1-1: config 1 interface 233 altsetting 250 bulk endpoint 0x9 has invalid maxpacket 8
[  265.419273][ T5872] usb 4-1: config 0 descriptor??
[  265.426208][ T5907] usb 1-1: config 1 interface 233 has no altsetting 0
[  265.434377][  T978] usb 3-1: Found UVC 0.00 device syz (046d:0823)
[  265.444540][ T5872] pwc: Philips SPC 880NC USB webcam detected.
[  265.451331][  T978] usb 3-1: No valid video chain found.
[  265.464529][ T5907] usb 1-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=34.ac
[  265.476405][  T978] usb 3-1: USB disconnect, device number 22
[  265.483124][ T5907] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.509982][ T5907] usb 1-1: Product: syz
[  265.522058][ T5907] usb 1-1: Manufacturer: syz
[  265.526796][ T5907] usb 1-1: SerialNumber: syz
[  265.534061][ T8155] netlink: 60 bytes leftover after parsing attributes in process `syz.1.627'.
[  265.547016][ T8148] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  265.555755][ T8154] netlink: 60 bytes leftover after parsing attributes in process `syz.1.627'.
[  265.638803][ T8156] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  265.651339][ T8156] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  265.667252][ T5872] pwc: Warning: more than 1 configuration available.
[  265.679442][ T5872] pwc: Failed to set LED on/off time (-71)
[  265.692795][ T5872] pwc: send_video_command error -71
[  265.856617][ T5872] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  265.869119][ T5907] imon_raw 1-1:1.233: IR endpoint missing
[  265.882651][ T5872] Philips webcam 4-1:0.0: probe with driver Philips webcam failed with error -71
[  265.896731][ T5907] usb 1-1: USB disconnect, device number 12
[  266.528671][ T5872] usb 4-1: USB disconnect, device number 9
[  267.989369][ T8183] netlink: 32 bytes leftover after parsing attributes in process `syz.1.635'.
[  268.245355][ T8197] netlink: 60 bytes leftover after parsing attributes in process `syz.4.641'.
[  268.767691][ T8218] Can't find a SQUASHFS superblock on nullb0
[  268.778033][   T30] audit: type=1800 audit(1749837526.202:460): pid=8218 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.637" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  268.808868][ T8222] netlink: 88 bytes leftover after parsing attributes in process `syz.4.650'.
[  271.769394][  T978] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  272.027143][  T978] usb 2-1: config 0 has an invalid interface number: 101 but max is 0
[  272.057130][  T978] usb 2-1: config 0 has no interface number 0
[  272.091136][  T978] usb 2-1: New USB device found, idVendor=093a, idProduct=2623, bcdDevice=b2.14
[  272.114465][  T978] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.130571][  T978] usb 2-1: Product: syz
[  272.162129][  T978] usb 2-1: Manufacturer: syz
[  272.178240][  T978] usb 2-1: SerialNumber: syz
[  272.190538][  T978] usb 2-1: config 0 descriptor??
[  272.194186][ T8255] 
[  272.197903][ T8255] ======================================================
[  272.204953][ T8255] WARNING: possible circular locking dependency detected
[  272.212004][ T8255] 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 Not tainted
[  272.214107][  T978] gspca_main: gspca_pac7302-2.14.0 probing 093a:2623
[  272.219195][ T8255] ------------------------------------------------------
[  272.219209][ T8255] syz.2.660/8255 is trying to acquire lock:
[  272.219221][ T8255] ffffffff8f8683e8 (uevent_sock_mutex){+.+.}-{4:4}, at: kobject_uevent_net_broadcast+0x27e/0x560
[  272.219270][ T8255] 
[  272.219270][ T8255] but task is already holding lock:
[  272.219276][ T8255] ffff888024f26278 (&q->q_usage_counter(io)#24){++++}-{0:0}, at: loop_set_status+0x227/0xaf0
[  272.219321][ T8255] 
[  272.219321][ T8255] which lock already depends on the new lock.
[  272.219321][ T8255] 
[  272.219327][ T8255] 
[  272.219327][ T8255] the existing dependency chain (in reverse order) is:
[  272.219334][ T8255] 
[  272.219334][ T8255] -> #2 (&q->q_usage_counter(io)#24){++++}-{0:0}:
[  272.219363][ T8255]        lock_acquire+0x120/0x360
[  272.219381][ T8255]        blk_alloc_queue+0x538/0x620
[  272.219400][ T8255]        __blk_mq_alloc_disk+0x162/0x340
[  272.219421][ T8255]        loop_add+0x41b/0xad0
[  272.219435][ T8255]        loop_init+0x173/0x230
[  272.320696][ T8255]        do_one_initcall+0x233/0x820
[  272.326076][ T8255]        do_initcall_level+0x137/0x1f0
[  272.331529][ T8255]        do_initcalls+0x69/0xd0
[  272.336399][ T8255]        kernel_init_freeable+0x3d9/0x570
[  272.342202][ T8255]        kernel_init+0x1d/0x1d0
[  272.347052][ T8255]        ret_from_fork+0x3fc/0x770
[  272.352184][ T8255]        ret_from_fork_asm+0x1a/0x30
[  272.357478][ T8255] 
[  272.357478][ T8255] -> #1 (fs_reclaim){+.+.}-{0:0}:
[  272.364796][ T8255]        lock_acquire+0x120/0x360
[  272.369856][ T8255]        fs_reclaim_acquire+0x72/0x100
[  272.375333][ T8255]        kmem_cache_alloc_node_noprof+0x47/0x3c0
[  272.381664][ T8255]        __alloc_skb+0x112/0x2d0
[  272.386604][ T8255]        alloc_uevent_skb+0x7d/0x230
[  272.391970][ T8255]        kobject_uevent_net_broadcast+0x2fa/0x560
[  272.398468][ T8255]        kobject_uevent_env+0x55b/0x8c0
[  272.404030][ T8255]        kobject_synth_uevent+0x527/0xb00
[  272.409755][ T8255]        bus_uevent_store+0x115/0x170
[  272.415130][ T8255]        kernfs_fop_write_iter+0x375/0x4f0
[  272.420955][ T8255]        vfs_write+0x54b/0xa90
[  272.426067][ T8255]        ksys_write+0x145/0x250
[  272.430929][ T8255]        do_syscall_64+0xfa/0x3b0
[  272.435976][ T8255]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.442566][ T8255] 
[  272.442566][ T8255] -> #0 (uevent_sock_mutex){+.+.}-{4:4}:
[  272.450445][ T8255]        validate_chain+0xb9b/0x2140
[  272.455828][ T8255]        __lock_acquire+0xab9/0xd20
[  272.461225][ T8255]        lock_acquire+0x120/0x360
[  272.466346][ T8255]        __mutex_lock+0x182/0xe80
[  272.471488][ T8255]        kobject_uevent_net_broadcast+0x27e/0x560
[  272.478084][ T8255]        kobject_uevent_env+0x55b/0x8c0
[  272.483621][ T8255]        loop_set_status+0x4d3/0xaf0
[  272.488899][ T8255]        lo_ioctl+0xa5e/0x2410
[  272.493655][ T8255]        blkdev_ioctl+0x5a8/0x6d0
[  272.498682][ T8255]        __se_sys_ioctl+0xfc/0x170
[  272.503783][ T8255]        do_syscall_64+0xfa/0x3b0
[  272.508798][ T8255]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.515209][ T8255] 
[  272.515209][ T8255] other info that might help us debug this:
[  272.515209][ T8255] 
[  272.526004][ T8255] Chain exists of:
[  272.526004][ T8255]   uevent_sock_mutex --> fs_reclaim --> &q->q_usage_counter(io)#24
[  272.526004][ T8255] 
[  272.540317][ T8255]  Possible unsafe locking scenario:
[  272.540317][ T8255] 
[  272.547792][ T8255]        CPU0                    CPU1
[  272.553147][ T8255]        ----                    ----
[  272.558860][ T8255]   lock(&q->q_usage_counter(io)#24);
[  272.564237][ T8255]                                lock(fs_reclaim);
[  272.570729][ T8255]                                lock(&q->q_usage_counter(io)#24);
[  272.578620][ T8255]   lock(uevent_sock_mutex);
[  272.583209][ T8255] 
[  272.583209][ T8255]  *** DEADLOCK ***
[  272.583209][ T8255] 
[  272.591362][ T8255] 3 locks held by syz.2.660/8255:
[  272.596375][ T8255]  #0: ffff888025002400 (&lo->lo_mutex){+.+.}-{4:4}, at: loop_set_status+0x2c/0xaf0
[  272.605787][ T8255]  #1: ffff888024f26278 (&q->q_usage_counter(io)#24){++++}-{0:0}, at: loop_set_status+0x227/0xaf0
[  272.616435][ T8255]  #2: ffff888024f262b0 (&q->q_usage_counter(queue)#20){+.+.}-{0:0}, at: loop_set_status+0x227/0xaf0
[  272.627883][ T8255] 
[  272.627883][ T8255] stack backtrace:
[  272.633956][ T8255] CPU: 1 UID: 0 PID: 8255 Comm: syz.2.660 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  272.633976][ T8255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  272.633986][ T8255] Call Trace:
[  272.633994][ T8255]  <TASK>
[  272.634002][ T8255]  dump_stack_lvl+0x189/0x250
[  272.634029][ T8255]  ? __pfx_dump_stack_lvl+0x10/0x10
[  272.634048][ T8255]  ? __pfx__printk+0x10/0x10
[  272.634062][ T8255]  ? print_lock_name+0xde/0x100
[  272.634084][ T8255]  print_circular_bug+0x2ee/0x310
[  272.634108][ T8255]  check_noncircular+0x134/0x160
[  272.634130][ T8255]  validate_chain+0xb9b/0x2140
[  272.634161][ T8255]  __lock_acquire+0xab9/0xd20
[  272.634181][ T8255]  ? kobject_uevent_net_broadcast+0x27e/0x560
[  272.634196][ T8255]  lock_acquire+0x120/0x360
[  272.634212][ T8255]  ? kobject_uevent_net_broadcast+0x27e/0x560
[  272.634235][ T8255]  __mutex_lock+0x182/0xe80
[  272.634248][ T8255]  ? kobject_uevent_net_broadcast+0x27e/0x560
[  272.634263][ T8255]  ? vsnprintf+0xe11/0xf00
[  272.634284][ T8255]  ? kobject_uevent_net_broadcast+0x27e/0x560
[  272.634300][ T8255]  ? __pfx___mutex_lock+0x10/0x10
[  272.634311][ T8255]  ? add_uevent_var+0x278/0x450
[  272.634328][ T8255]  ? kobject_uevent_env+0x50a/0x8c0
[  272.634342][ T8255]  ? __pfx_add_uevent_var+0x10/0x10
[  272.634358][ T8255]  kobject_uevent_net_broadcast+0x27e/0x560
[  272.634375][ T8255]  kobject_uevent_env+0x55b/0x8c0
[  272.634392][ T8255]  loop_set_status+0x4d3/0xaf0
[  272.634418][ T8255]  lo_ioctl+0xa5e/0x2410
[  272.634438][ T8255]  ? stack_trace_save+0x9c/0xe0
[  272.634453][ T8255]  ? __pfx_lo_ioctl+0x10/0x10
[  272.634470][ T8255]  ? __lock_acquire+0xab9/0xd20
[  272.634496][ T8255]  ? __lock_acquire+0xab9/0xd20
[  272.634515][ T8255]  ? __lock_acquire+0xab9/0xd20
[  272.634535][ T8255]  ? __lock_acquire+0xab9/0xd20
[  272.634559][ T8255]  ? __lock_acquire+0xab9/0xd20
[  272.634582][ T8255]  ? is_bpf_text_address+0x26/0x2b0
[  272.634603][ T8255]  ? is_bpf_text_address+0x292/0x2b0
[  272.634621][ T8255]  ? is_bpf_text_address+0x26/0x2b0
[  272.634639][ T8255]  ? kernel_text_address+0xa5/0xe0
[  272.634655][ T8255]  ? __kernel_text_address+0xd/0x40
[  272.634676][ T8255]  ? unwind_get_return_address+0x4d/0x90
[  272.634699][ T8255]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  272.634713][ T8255]  ? arch_stack_walk+0xfc/0x150
[  272.634737][ T8255]  ? stack_trace_save+0x9c/0xe0
[  272.634754][ T8255]  ? kasan_save_track+0x4f/0x80
[  272.634768][ T8255]  ? kasan_save_track+0x3e/0x80
[  272.634781][ T8255]  ? kasan_save_free_info+0x46/0x50
[  272.634799][ T8255]  ? __kasan_slab_free+0x62/0x70
[  272.634814][ T8255]  ? kfree+0x18e/0x440
[  272.634830][ T8255]  ? tomoyo_path_number_perm+0x47a/0x5a0
[  272.634846][ T8255]  ? security_file_ioctl+0xcb/0x2d0
[  272.634862][ T8255]  ? __se_sys_ioctl+0x47/0x170
[  272.634876][ T8255]  ? do_syscall_64+0xfa/0x3b0
[  272.634896][ T8255]  ? do_vfs_ioctl+0xf37/0x1990
[  272.634910][ T8255]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  272.634926][ T8255]  ? kasan_quarantine_put+0xdd/0x220
[  272.634942][ T8255]  ? blkdev_common_ioctl+0xfc3/0x2450
[  272.634965][ T8255]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  272.634981][ T8255]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  272.634996][ T8255]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  272.635013][ T8255]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[  272.635028][ T8255]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  272.635044][ T8255]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  272.635065][ T8255]  ? __lock_acquire+0xab9/0xd20
[  272.635083][ T8255]  ? __asan_memset+0x22/0x50
[  272.635098][ T8255]  ? smack_file_ioctl+0x24a/0x340
[  272.635113][ T8255]  ? __pfx_smack_file_ioctl+0x10/0x10
[  272.635128][ T8255]  ? __pfx_lo_ioctl+0x10/0x10
[  272.635143][ T8255]  blkdev_ioctl+0x5a8/0x6d0
[  272.635162][ T8255]  ? __pfx_blkdev_ioctl+0x10/0x10
[  272.635178][ T8255]  ? __fget_files+0x2a/0x420
[  272.635197][ T8255]  ? bpf_lsm_file_ioctl+0x9/0x20
[  272.635215][ T8255]  ? __pfx_blkdev_ioctl+0x10/0x10
[  272.635237][ T8255]  __se_sys_ioctl+0xfc/0x170
[  272.635251][ T8255]  do_syscall_64+0xfa/0x3b0
[  272.635263][ T8255]  ? lockdep_hardirqs_on+0x9c/0x150
[  272.635281][ T8255]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.635294][ T8255]  ? clear_bhb_loop+0x60/0xb0
[  272.635309][ T8255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.635322][ T8255] RIP: 0033:0x7f3ebb18e929
[  272.635336][ T8255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.635347][ T8255] RSP: 002b:00007f3ebc05e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  272.635366][ T8255] RAX: ffffffffffffffda RBX: 00007f3ebb3b6080 RCX: 00007f3ebb18e929
[  272.635378][ T8255] RDX: 0000200000000280 RSI: 0000000000004c02 RDI: 0000000000000008
[  272.635387][ T8255] RBP: 00007f3ebb210b39 R08: 0000000000000000 R09: 0000000000000000
[  272.635396][ T8255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  272.635404][ T8255] R13: 0000000000000000 R14: 00007f3ebb3b6080 R15: 00007fffc8676c68
[  272.635420][ T8255]  </TASK>
[  273.168820][ T8266] hfs: unable to load iocharset "io#harset"
[  273.218185][ T8268] bridge0: port 2(bridge_slave_1) entered learning state
[  273.308318][  T978] gspca_pac7302: reg_w() failed i: 78 v: 00 error -110
[  273.317668][  T978] gspca_pac7302 2-1:0.101: probe with driver gspca_pac7302 failed with error -110
[  273.338651][  T978] usb 2-1: USB disconnect, device number 12
[  273.533461][ T2152] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  273.553638][ T8271] hfs: unable to load iocharset "io#harset"
[  273.702614][ T2152] usb 1-1: Using ep0 maxpacket: 8
[  273.716650][ T2152] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  273.734865][ T2152] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.749544][ T2152] usb 1-1: Product: syz
[  273.754448][ T2152] usb 1-1: Manufacturer: syz
[  273.759187][ T2152] usb 1-1: SerialNumber: syz
[  273.766851][ T2152] usb 1-1: config 0 descriptor??
[  273.975614][ T2152] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  274.378586][ T2152] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  274.389909][ T2152] usb 1-1: USB disconnect, device number 13