last executing test programs:

50.063245694s ago: executing program 4 (id=2694):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x3, 0x2, 0x3, 0x1, 0x0, 0x33}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f00000001c0)=0x4, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x3a8bc000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000008280)="03680f2a20da68ab7a58c28b635d19c32b6efabb6ae3b5eee5a74d8943c613539e166c8baef50500824343a2f05093a5c21f746caefe9f9bccd83cca0fc28da20e2706308c61398dfce5f54ea9f266791ba29a4c7da158637def8b816aa296815ff13c06d632df45feaec1fd272ec1b510eaf58fe6b26cc36df3ecc0f5b1f258a190304e2519dd39ba9f5bc1788926ced5202e3b1e3afa16ae0b5d66dc05b36d3a00f72e5f318f8bdfc7eddc94238c50031d0657a22445ad0b3b90a86b086eed837a00bf0a3888bf61b4db57d6d8d6b286bbb13ba3b246def60ac34241eb843f89fe77d7e3e52573e90d791f21d4a8dfcc24ba95db60e2135634c02bd4b14535285df4fbe381ec036d876c4c8057c79371fa9717414590890e182a7b9e0ab927812083acf0d04e04c20c0555c8ceedc5bcf9b0e814be6eca98ce7b2f9f17d098bea541b75a1617c09fa99902ad746811f89a1fc5e6a80d77528247d6c104395715d2c9f9102f070a295f20c4307b9e848d3928b50985bfa2486893139761925b8fab96d26291243db23c4fd4d96864f4db860731a4e3e10b52d8d0487f5a8536cb4507dbdc111570ad0321b918edbc52807c2e0676d3257553702d9c1bd6741e9cd5cdeb3b8f636b6eb02a3b0066d7f677d586de5018850000f000ab3960f6656fb98039ceb6400d0299c356fc22b7298ed157c667bed5563fac2192a8ff7706a9e58d9d2f92632d6b25d8b090642e3f323bf7ff4d8264617a43a97099dd7347fbe3b1c439737913f17eff57f3e1ff4fdac374fb554e9a6a1ff32daa69507698d660d8d5f591801d8e4a9309342c3dc84966dbfcd2652800200bcb0dde9d456b7a07c5409f4f5387d0150daa34dbc865c6108d34dcc51eedb277e9638b43ce3c9afac5d7aa0f8542e58b0a84632a07557b041845d0012cf016ef065f97660b731ce1b79493de71def047277a3ae6d4a0d86591847d3475926039848c5baf6e1b43bc83053855182423156e54cadc8c85089265b49da853d15e5a701fedf2bf7986a723abf72e513fa05cb178345f2fcc859df49e74c8ccef196000a05cb090f22986ffb6f8f74ab41d2d88b6b535507a23b03d2fc2743f6f69fbcd43b8ff52b1ba32fa0137d542c515569b7f486f8ffa02ad1f54767f51701eb4c141437720884d529a57e17bc2837799124f7f112f42bd90f5b435d7a5d7524f7667bb7a6266263e62bf7ebf6896888d584c65a530b766111f078630d8629ffa91acb5ed02498549bd7e042acae0fab7ccb23278088a364be3da9619d91e1061bbaa9b33c3c5fbbcbc725ce8c2cc9ab0f2b4d30078040d3ca79d3ca056c360381ee87e743dea73a25ea2b4843f9ef280feb507f933fb556c718d8bf8f8618db72805b65d381b319f65c745c1e5060dae2f498852e79aff8dd9c88fd939a31871a430d3ba96fb118c79d1b08a397af23b1a188d1802106f588c768a1e6c9d244ac9a38d2a54ed50f19b78bf25e0ae1f9337ceaa8ff5ca8640104b19bcd643b51501d4e03ed5ffb383e7ed0ab78d540ae10bbd64fba1af59a4190215b7d10230992bbb4ff618d8284a2e2446990511fc2bff07cce9ba94a11d3db041e220e3d931fdf129d8ec2c9b17d6587a0044c9e09f52848db43ddc0df94513cc9e94e9d427623502a910deea0f21d86b16366769a46bf0d6d9fc0d2cd6b98ed885e9e2d765bdd051196bf20bd27c46ec902726d96de352c346d904fa00d63b67d272f116dce489f9d636cef61b441b9c113addec983b8b2fbdb2b32049e436c972b2fcf5140dc7b094c5047cb6226da700b72aeb3febdf16a75b6f61a311f606251c99b377c775c8fb3446ccf25dc4cca24290b3939f948019b05c80b5a6382112f63e0990b324c16a087c72aaec08796afc769f678e3634100a5a9da8215cb5d7a6a6b50a81676ef4edca35595b11f9606bef2fb84fe1f0a0703c886579f09986086f0dca6eb8061f9a74c79c1f758684a7363974b14561b9d2efdaba6c4cd8cb70627da1e195fcae3d8b2fa751278e8f220c83e677e14731eccd6fe0c357b011ed88b6df0c266b383f224b8e95384e401b717030b1227582d0d1042bd90377c4f2c7206a19983fc5905e4eb87edb6532b26ca9e28e160202606d19d9f5da34762f4b3fa842d7bff382ad70dcbc411f8b3e4cace8c8e0c72898d24023545e0dfdc4176209276a535491ce11c045c57b45c40f19b12dcf6ffbf78ab23e7fe9bdc404cf47db9855f2b835e1fce57debfa071803ec38da3c77a904080a4c737ce2b20e14e8449762f1ca0b1ce71779d2e6ee5299e1cf230e8070045c23c1d0e52f66fe9039f95cdc0b448dc12d24de39157934270345991948fce921b5d8e739315cc75d4b3b49928437b88672c1a7770365207b43895f45909d5d972f48aa66de609152a5afa2c7d75f0a14189d0409f0b623eab3b6e7d81025cde140893ed71b6f24f5a36d21dafb62af6be9da845403bc8ed36672efa74d7da19d5794cb4b79fa1c86940b1890c012e14b7c3bb261f16bdd99efaa9819b0bc00af842a6b94c6086d15b16ab81af9331ba3a5bd6941ef35239e85455ceab02c598ccee8fbad97ed37daebfe3b26a5a6c9eda5f65a1cfaf7a1f1688267c812a56c552ae11b465dac030e18f9008ad03cad80bf2cb91a7d99dcfa54d323ae0a4c3a6dc0f80d7ff703870610a945eb0ab5b6d14e81869c8872f6b123d98edcf6bba10d76d35cff4b0bb73db8b6695a8351785bcba1e160a42ed367c4da727da38f91562e941e5c4fa90cd585c5f1cd3a7d6892f18a5aa3c74a4fc00bf5909267489b937a928d9d8ff92530b5226eedf8ab9a957e5ffec45bc3a55e6955b38393ce52892655265d1f741e0b744808eb568a08d145a8bc5ada9b079f6d0bec5fc2ace0502b3f926372dff49478fbd10451f0de4b3d1a63b9d4e17ade45628d2e9dca041fcf7fc1e105e1fc44089fde9caf418ba8454dc361df4a59e1bd79143d280613e3c79ad18e922a43e199aa5927bb9553dd31e6223ad19bf8aff6e1dac8b3680feea3138bc61742b03f047b3d77039c1a4c2d05bd89c4bc12a1b83d78b4e7023f690fce6a44608c423d8cbc2e80942b9d9df2f4bf5606640fa47692f3e003885983a73e1dc313b243bbab5c3c6348afab796da766044ba142eda5a9d3713e3eda8c54c1708909c5da89ba67d29cd7f409c9b759cba316c42028754e3cb6eae2cc4f6d66982f212320f199b2e837bb4c54c54bcdcd2ac240ef6295d38e9889b4213819ef0f9aba6ceead4e0fd2c4becdc1f8ee3049831996c9a74a5fd4e12a03d21ed47cf27e29f9d61e4b673d88914c36eefa53d3c49d94b463b7f8462c1951d50ad55009528f1e79fbc2fa70c3338b32c40ae3bb45d7079c7ae8433fb1aa19affbd3fbce0cb5ab0d557afb3be036856066eea45c28e93528b35477fc97fe9ff3641e5bb0f0e46069eb653c027daabff38541250081c77e0e3a1d030a73289e771cc41db10819af60599b5df0ad978fcf0b46af821c6b717b265e07d3a85397ea94de26f510290ddb5df8fcff76fe624843c8577802809c145916afce01d9dfdfa8bf07633e98f14fc73d5ef58ae5cb0c308bc74ca38259692a1cd4cf16752786a1c816f24612c27393d7e40a2df9a3dfa23a0c59613c8a7ccdd97c3fc67ecab94dcd8cc4b4517ed2414d41ce574074ffebd156e3d65c4421b0f339bc9f29abbfe49db62122248cf96b74d9639b3ef9d935cd81315a7ecfb0dc6ea1ee053c2e5c3615fbc10782f16a564fcabe1df70da7de989e00eedc346cef5b5cf880e9d563fc15302f056d37f98a939fd1dd5478b4318c256e93b77e31f87d8f7fe31755191b40d778ddb2ada1480bb9fcb96a09783fcf2c2c9fac2c3a2771dd0e2fb113cd460ee2c9cf4a712f04eb1b1a746091109f7ce0655e1ff7781fbe853e3d03bb91c9d8f4f416f5745c6b607bbf72786bd3c0ac4761e6e6d70f12dbefa1b13542086f793b72c6102ac06e75be17bdbb1efbf7e007f07f9bd433fd9d9cbf93e760757b792f15231895561fe49d9d683ccc066f38af581422b71702627162c0f0f35c36a61eaaa92129114b7334281e35fd39576e51d8593c149c9326e0c710ea4dcc9ef39a432a48ae1834f5046b954f9c033d6035cde0dbffe3e97f48a1dc695f4b2f6fe5d4eee83008318def105c37e11c9015670f13417ed036e68f6fbfca2a8289829677feb23079f3f2ee53b26e491924fefc1c50e54f288a8c4b6ba6d319054c3a9e39e14bba81b423acbd44b51279bbea6b0bb2047325837ce8b2191454f52ffa2cd04abe89e3de5bc102e9fdf740d3efd975bc9503af796e6aeee711ef8797de5d507a964730aa70cb9d3840054d4e1ffc57de378b511f7649666a54a6b3d91ed517198d76322bf99d13bef530a43ed3f13196bf2def6dcfb39f76471c75c5779bedf105717e546057fb478bfd24e8fdf3c12d028b542d1f424a9d45bb9e026e6098eb1cb0a77378300ec1b4c9f006aa68fb7fb5c57cf1b035cbe96009ead1ca25ea1e5fae40312a4e9fe250684a1c8653bb303209e0fc6a498f3a08f6c5b946378a349f3aea45104a2badb8a45f500bb4f0f6cd620ce794e0f390e1cb7f2f1fc0039f4250a577544a6862b47bf89eea3a8c1516b7a9dd111c2ca719190e8feb1a7079e9fdfdb8224dc50791c986825469c087c8f081616edaa4193e161281aa68b7286a364cbb336b2459f0892e57c40afcfda7d16ea1877efb4e4b0d4b5c31e8cba15066903d3a91bdc7fb64452fb9843436110596f0b038da167a86f97d32c807270a1c994fe88e2517e11bdd210dd982d3c8158459440108308a936c9d2370b9d157c3f9caec36ff05bc40b37f095edf33bf4fad440f38c3f52129456936c07014140be5618f4e9d07b66679238023390cd676b1a3a28d0e90d5ad9ef13a31fcdc5a435454309367c437424e340a1f91c6483bce1026d85a16fb854252ea4ede39a4e69702ecff76432de508e064eda0df9f263a25c0f626d1c1ffaa6783be2975451ee936cc2178648935a924f6fb2db2f8ba34e348920d903114520918cc6872b842e3744fc18d1363583a107ec7b89c7792c0d8069e12f873f6d668f6fdeb47b72986914e45c2b061c5c936c73c9bcf1475ea0d25edaad21cf193405c8acef3bff4e4f1b2b321d70dba59e856a8849c2bba9508bad775370669b2bb7f5e53181af8bff525e13a4935d7e28b997b4ff15da9e36f1353a154ab701ad15420786daaf27ba7e122f7b825c668185b685630420378b4142ec4e4242c2cf0bf6e143f7e55cb12fb9dd59a8df9959ce4fc5fff68ae7174977a31ad7fd644bc94a20bae76f0af474034990fdfec8ceca0e6cd93fe21d84837b7e9d74c17b6d3054f0c008ee05764745fd8773a0c1c31bb3eef5b7e261b54805b5c805a4eeef05c812fcdede200442e7340c63490645ebd09c235d5c52a785542526edfe3875ad08267faed1d0a15236f00c6736b94c1a3821302ff610697ad7becdbc96f54b55138b585cd122e0d5aeaf43c9ba373e8aa1c1297e3415552cc57cd60ee1f3c04500ed0eed37775c873de3066c034c176c67c5bfbe9899a47732030855781341374641da058eee61d01d11b9db8f19fd4558957897340e32cdfbc39713f1f439be0638f614cdb5361433a45a6ff024e39c94141dc5403af101404ce5f2efa97b90d9ecdb7c361785dab977feded32554d1a74d5cbfe2435be7f0329ce652455c2ac11fbe29fe3826796d4bea03dc53a37f63f5be2773f83faf282f0ae24d9fe5762b71b499fd37b4ce7e71f93c3a983f80fed477708bbf2261c89893c4b76e34fac9b42671b6cc81678cc867f53e8c3ec47716206212743ca0c4941c2c61ed3177fccf85921e998d2b826df751173944bb07eeaae4001f677a0687a2550eeac8bb5128ecad9c7b6a514596a30b8292fbacc09ab488193507b6785d7a35c979db774b2c413246f1ae88d35d1914b20b8fb501034321642fb0b0baba3378e4c31fb5e247c177e573295df0194462b99079a436400ba1be2e30d39b8714c0fb2bdcd981d5a5cd514f8d4f14e4e0437108630355d8f2b60a6d18cb14ceb2b5d0704aa6e93e180bd79cb17e176bc4f81a03db12a03413de6189896955bb9e3cc69b6f9a50a7eda3742527f98c71d7ea8ba75e253c2b783f7104813c619949e6a0765179b1b9cbe68b703335ab5986928d86384357a2f4189f4b4ffcd61a3d29709bbc93b5371f0e7798cb72ae4c17bcee24f8e566f2777803c3d182d15a63ac40063f0ccdf4bd790404524eae02eafb6b54c699578486490033f0be866c74a134083003d331b98658ba973ea674c4a0ff158403987b4c4752b07c8637a119b019fd5093406960144445056f6ffe73eda0235dc1871bb6058d4a9feecac628265689d58a81453d33290ab56eb691f3180d0288449f41844e56f5c6cf522d4a5866b24fb9552fde71946c4d25dcceaa41cfddb5a33c51c54c0a0a5abd31be8fb6ec53c1d14ba648e183979dbd0db01b9e51ba3803be7e7d3dee752668367264c783f74838121797ae5706ef3aa460682d1bf55808c70e69ae29d7683368470d08e7e9a1095305dce250b5b4bd48c02e098d241b1089736e8306a737e3a1a93e554cc3ab24672b8c74bfb8825004ca869e347f873de14575493836662ad741d79269904f905d7df64d0581ab8d76ee51a32d72ccb719f3a25c0a856b5bd2b2a1269e208d70c32e1d5ad0dfdc0ef43f0230e95eb85871eb4d6033abbf0be7025382d878eeaeea73c94270e79bd5757dc1bac95236a62545cd467830b12dcc30d7cc81e889d360d073db40058e9a1c7b41fc53e67740bc984132a1452cf7d000378f14ef93a7eb0dc9bacf23584ad6761139576607f8214757f71fc47b2944127116ca3e83b9d9643bce8d7bb44b4d16b5d5cff70a9e1114cd920b6fc1f409672648ad56ac3136ef0a314adb458faf3d3f171cb2fc513d76e43e6bda2f1a68e6fcf4a4ecbe6bc87716e2a82ea0c4657983ca0caaf8d75fdf5b0d7930e4f3e95eb1271485f938e7ad2bf0c97b7c11745de45518a1e3a74341968588558e7197b407d24eda0671ee28f219e4c5f809a7ea6f9f5b9705f4634a96112eb262bd5967db5237285b865d3f64516495ea6d1ec20dbed7af02362370bcc98671a61241fa1ef5b3095609d66ecc16010f6f67a280d1c6d215ec224ead17d68bbc9bc64b363b5be9b479b7aa2cbc8587a6b48cf653fde7a262a11ab3a10356f55f122310feac77c32ce0994d6e8a70f1c53331cb473a8e29427322fb6da292c4443b1678877f1c981fa05fbdef96520e5895aeb2a3a8e62652f9d8830c3b144b9598873e2ef41b7ade943807766877d609972cca74855eaedce07cda35b50557de96e736ca3107c154d31aeee78db214687b9964517bcd2c6c9ec047514b45c831aee4588166dc3ec9ab36bd1033e74b3d02d731c5bd84f659fa9fe55cac08c12cb999a2e64fac52f6cb7d1fffbf45d9a1126787d0060fd1be563ccbc278ac97dab0c1bee664675f273f5fa429bdc24b21ff1cf0a3ad3c687fb07ffd88bad6ab6c6b422a43b77ff76f96bf405c07f8a667bb8ff54d6714aaa21ceba2e78ce03146b2ab9f49e6d65081119b8e7cf3843e91349790d2b975c9f9c305df0ab4f2b1b2f30f629313cc66a325e4037f38f29842ee5781ba73d2f30f506cf7ff2237a72b4075aefa32cdd5ba0ae4e65cb6fa47a3e06f0d5f684b7172d6b58f5f7d783c4122db4f4b8b4f9d3296c9d115f432710c29d40dfca0010ecbe2f42fac899911d65c84f08aaa1923c8add5af518286211db14e1187a8839f3b2ae8bd914eafc16a576bbe3eba6271a4c5b3170c3f543761f11f1326a05c575bde1b5c6afd3876bea4fbb649071a95caf74de9f7b3421803ec351f934b8d0932ce72a13abf3627d9a396c10875fc167ef1ae98ff92af9ca366033c99d30306fd540a09d67d26ab192504e7c09f9e4d06287a2b1748f1761ba3c16d9d08be7562b7351c4b4679f5d4b38681bfd86c7f2003a9749b20b602112a95803469f5d252c564912b55c4bf3409298dbd066d877cc70a89b484b9ee6bb836c9acd1e53086c4be85e9a3bc5969c7016db9c72b68620c241409d06f4d7f72fe2289c9b4921055922783b8b886bc22926b7d194820af2b90e3c60e87e1a7851f38a970c07c1da120d1da75de2bb994ff7d05a313522373326f160914a9589711e0439d694f5221afe8cc118722ce4927e9543e61a12a76bcf2da1d01a0f258095d32063387349b4e9f253d8b73c6e834b6866f8a56b4797b92d521fa732aa0d55c8e9d6c56011ee6fb450853dc564d18e97c463609c27a63f9c91c46d7bd80ace4edc0615ca342f43ca3b3d0cc36ed52b7d1f457e5b4b26b5eca0d91abe4f1a42a2eec40ec2faff1222f71dc226d6344e947b45155691205c09913fc3c6ab3fe76f4d1b11fa45869e20694b5f0a1074780a07332764212533b797dd24d8df157d4172f91253b77eb2ec90c8222307ed59136463057b7f469116086410b7503b44cef401c47811c1390060da5b3321d34096b67468a7702978d98d4bd721c18a25ed541249638e90281dc8e3565dc33e66d7b832a9bd62c02c5ed0e92935c92472499653d2d842ea6697c733ee80d775884074b3a0c250a4aa021bb6ea93514f9cc5f09feb5719d270cd184e364ca966f1416e10f111bc425f32a993fc5cd75503f99d89d91d7ddc6dee70193057cb946e5fbf8663c53e12cebffe5dbd4a86bfcf5f35f0d8aa43763a60e00356b4f8bc2bca01b02cfddde38f0c4df1e7f98709fdebc5abb5eb9631bdc3dbfcf15517fabcf16931eb7381e83713b081ad1947274d4896ee8953d772e9e71f363b6f1147317bc739ec128e4ec865f8f0ea34cd5ff19fb2c28931d2c85846735358504ae9161535cd7890e8b95c814cfec116b78e6d0eb5097cd4f35888121452e27391d865c15f0b986925d0d0c623bcbb4d8ca66603720253af17853967ea5954eb5ef0dc43de185ec4925026c680464e66d1caff1f4c7c757bd55ec2515ffe7183e3481ff6f626c2228a3fc3d15f63e4bfbec76a2a170206142cbbcf204a1cbfe0ee56eb47dfb79c80894c0a0fbf8a2955d861678fc2f8f9ad7a28052197b5992bced1273658da5b1f42fca48c80883600c24d8515a0c7113deb4c97df918ab64bca16a0c14f2547dc91d5ce4f884978c95fe54899f77ffc20a2c4b27350bc451bef72a46d8e144ad57a8d5f8ac039f58b8a53ea1f3fd5fce612a171bf82ba17c0681cf46ce5c8181a522ed2e986361903903159643046c7be1787dac6ccab09d18a30997541dc6e9efa260f1ff0392bc1890f19d8bb725f4fe7d8bc618f46e0c23be6b9ca67777dd3f5a89b41ccfb11a526a3bed045a2906f86cc5186a1db7a70391261b694b423e5a44d374f9d3720330e083574083f8950b2b35c8bb5b6c0a7fe259f235dc1c069d4581a9f0a7451890561a0829bb290de6aefe4d243ae0b00ca61a1dc4262bb4951242b21d88148eb7b6a9718d6433274f2b3c9bcdbb6d5df67b48ff42692d8cd7f4b7f41728de68ea1ce0f3e4a2843c5b9ffc43f69b8a0445dce44081f5b443a327084b0d00d07cbdbbfd2da5d67bf8d4bb4ee408d17eeee48b61decd06bd3dac9a1adbeb069b49ec96608b9179bb3af4c10f2ade6778b31fd4c22c2961cb949a64e9a8a4879c550f8d8783064cb304511e40e2e562ba83c08ba8ae011a784ed9db03db5527a7aae222c856c8df0a94f9c4def0f94244c5b8e3db9f39dbd337928e24d9d8562f231fea72116c01089163d2c5f4ca17faab20b73c9957fa1a9af20837a804870034d4e64281125b070d8ee0dbf05f95e5fb079e2a57e9af977222e90b664189114dccbca81ee58b7de90a813768a2049052b339a608d3e9966bdb3b584291fbf7694a7d1dea7f72ca604894e6cca5d326ed5e48c15eff5e6a8cc11c40f84ca920d79a5c55d07001909bf6338921c656a39d59d03f62bb5b8870189f0416ec8c317b03ccdcbbeb3e1a9bf2661813f4966b57eb56a2757de5f7745851b5f7bf75e41eb1646e61a41923c5c0e58c2ea478d95b5c39c450744aea0aad3706fce684cb7338ff3dacab60e8d968f0e6fc070693ae3ca16996b34a50afb7e6e377546ae28dc8de7a2ea3a657b4b0003a91a488e347c61971d62f32eaf843d4d4c4f86cc4033c1244c8408def09188dde509c629323f34072f9089a3846680894e8b000a03865438b2ea212b68fdef7f17583f92014eef2c8115a37c9c82dee06213c1407c1433690f68cdc8e91971104039dfe06774b946f43b68b7957a5ca3ee763eafbb7437850eb0a285c413bcf6965232d593d8da47a2a06abc635ae38e596a9dae55b43f341bcc6fe72d79b453ac1c259da37f64cbc1f1508caf280aa6a3f4cd2ff5564cc5a8727f222431454a5ac93398a29fb95b4e057686cd6fcd920992f74e5870749676a36e043bec5fc1b0fce5563affe9addfaa3689e857383ccd1f2924080449d2cfb006e855570b711c1dedd1df2629afaa3806f4ae229a9a8ef1940ddf2c55dac7812d2374c0684b7ba27b2f0849ee4c055d2b8ccc8e41c593378340d7546bb974bc8032f220b37099e3b04c6591c40d2c50a855a491e03c1c9cbb32c400f6104341262d92daaf3e2c04936cf28788fdff8e0a77770a9deb9089a9e32eb5d9e2581aecd98f83881ca8e7d49e603556dc03a9aa19a8f3a4735aaee347b25ea35b36fa57484c0b6d591979b4a3da894fa0c15966d6a5e02e397cccdb9c314b504372b81ef6913877767001263c05dae362b49e5928ef36f554ce245b4111486417634f1e7f4530a760ae6ffd3123f5736ac12c5bf506c5dca03079c0fd0776cdb56c938cdf480fb9b97b1685dfa3be6f712aae107e2dda726bec137b2ebdf56c0fcaecca4350bd7b5c84d57f29c2a2c99ae10c30cece4831d71ae4ee3362983cc816bb6cb9225b9db08503a1be23a26a0425a8628a2e718feae5df91d829f27966f766b623a0a4958a57642aefae259713733670d5b1d027fb8eb2d0d3a0b4acd482076dfa09ffe883f556b2db2262bc0872e1bd713f100dd7a8a8f2d725b46e09c625d513179872bbcc9a41e596a18b2471d977f4ca2bebd06cdaba31b70ef25e098f214fef16f16f725cad4311eb91457fdb70b471eddb65ecafb1e2b03c5ff21356241e3cab2c8ba601f9ef1aec9006b7cd0b81da29be01cb4c1d52e563298e373013886ebb1889bd5616647c6c418ea6bc1f3c0853b65cae48467b35f08318e3a9d034af7224cc3520ab1ece7751ba15407298b21e4f84ef7c23d7993739403d4f116cba2d0ae2d4003a28334c461c734d4555105b986ad0af28aac36c753ab52b91b7e23ae3ab07d3b170fe53a2249efe5b65463a3f237cec72091b04005f95a15ae595191ba39d0ae1d91d8e00b132ae9339884bc57bbb79978a308e1c31c5f213b092f380a7ba58f55869e9c29a5a6e7a7aa4f8d58e5787cc05e500", 0x2000, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_GET_NESTED_STATE(r4, 0xc080aebe, &(0x7f000000a100)={{0x0, 0x0, 0x80}})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r7)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
pselect6(0x54, 0x0, &(0x7f0000000080)={0xb}, 0x0, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_CTRL(r8, 0xc008561c, &(0x7f0000000040)={0xf0f022})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r10=>0x0})
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
semtimedop(0x0, &(0x7f0000000180)=[{0x2, 0x5, 0x1000}], 0x1f4, &(0x7f0000000040))
sendmsg$NL80211_CMD_SET_CQM(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x2c, r11, 0x1, 0x0, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_CQM={0x10, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0x4}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x5}]}]}, 0x2c}}, 0x0)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r7, 0x0, 0x20000000)

48.556625147s ago: executing program 4 (id=2699):
syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0xd2fd01)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000150012800b0001006970766c616e00000400028708000500", @ANYRES32], 0x44}}, 0x8000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x11, 0x80a, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="780000001000010400"/20, @ANYRES32, @ANYBLOB="60300300001400005800128009000100626f6e640000000048000280"], 0x78}}, 0x0)
ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})
r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000003c0), 0x100, 0x0)
ioctl$SIOCGETLINKNAME(r3, 0x89e0, &(0x7f0000000400)={0x3})
r4 = socket(0x15, 0x5, 0x0)
getsockopt(r4, 0x200000000114, 0x5, &(0x7f0000000080)=""/26, &(0x7f0000000000)=0x1a)
r5 = fsopen(&(0x7f0000000480)='hfs\x00', 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
mlock(&(0x7f0000000000/0x2000)=nil, 0x2000)
r6 = epoll_create(0x2)
r7 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f00000000c0)={0x40000000})
mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000001000/0x4000)=nil)
r8 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x80)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r8, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
unshare(0x62040200)
getdents64(0xffffffffffffffff, 0xffffffffffffffff, 0x43)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="6000000010000104004000000101000000000000", @ANYRES32=0x0, @ANYBLOB="09000200010000002c0012800e000100697036677265746170"], 0x60}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r8, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000002680)=[0x0], 0x1})
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000240)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r2)
sendmsg$NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="38001000", @ANYRES16=r10, @ANYBLOB="000427bd7000ffdbdf25020000000400d10008003f0002000000080040000000008005003e0007000000080026006c090000"], 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x8000)

45.218927514s ago: executing program 4 (id=2707):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000010c0), 0x802, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000080)={'syz0\x00', {0x1, 0xffff}, 0x42, [0x0, 0x3, 0x403, 0x100000, 0x6, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0xffffffff, 0x0, 0x4, 0x1, 0xffffffff, 0x0, 0x0, 0x0, 0xeed1, 0x3, 0xffffffc, 0x8, 0x0, 0x0, 0xed9, 0x0, 0x0, 0x0, 0xe7df, 0x8000000, 0x10000006, 0x0, 0x1, 0x6, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3, 0x0, 0x4, 0x0, 0xffffffff], [0x0, 0xa82, 0x0, 0x3, 0x2, 0x733, 0x3, 0x4, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, 0xa, 0x0, 0x2000000, 0x0, 0x0, 0x80000, 0x0, 0xfffffff8, 0x0, 0x0, 0x79, 0xfffffffd, 0x0, 0x0, 0x0, 0x2, 0x47, 0x10000, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x7fff0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x28220be9, 0x401, 0x0, 0x2, 0xfffffffc, 0x0, 0xfffffffd, 0x0, 0xfffffffd, 0x0, 0x20], [0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0xfcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x3, 0x0, 0x0, 0x7, 0x0, 0x0, 0xfffffffe, 0x0, 0xfffffffd, 0x800, 0x0, 0x0, 0x400, 0x0, 0xffffffff, 0x89, 0x0, 0x800, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x80008000, 0x0, 0xfffffffe, 0xfffffffc, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x351e, 0x0, 0xd, 0x0, 0x0, 0x6492, 0x8], [0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xd2a, 0x200000, 0x0, 0x0, 0x10, 0x0, 0x0, 0x804, 0x0, 0xf, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x2, 0x0, 0x3, 0x0, 0xfd32, 0x6, 0x0, 0x6, 0x0, 0x2, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x8000006, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x1, 0x0, 0x0, 0x100000]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x5)
ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0x3)
ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, 0x0, &(0x7f0000000140)='GPL\x00', 0x6, 0x99, &(0x7f0000000000)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x94)
r1 = creat(&(0x7f0000000500)='./file0\x00', 0x4)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0xa)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x103201, 0x0)
ioctl$SNDCTL_SYNTH_MEMAVL(r2, 0xc004510e, &(0x7f0000000000)=0x40000004)

44.73813032s ago: executing program 4 (id=2709):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
close(0xffffffffffffffff)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
r4 = syz_io_uring_setup(0x5c2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x8006, 0x145}, &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000200)=<r6=>0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00')
fchmod(0xffffffffffffffff, 0xc6)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r5, r6, 0x0)
io_uring_enter(r4, 0x6e2, 0x600, 0x1, 0x0, 0x0)
r7 = fsopen(&(0x7f00000004c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r8, &(0x7f0000000140)='./file0\x00')
readlinkat(r8, 0x0, &(0x7f00000002c0)=""/204, 0xcc)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r3)
sendmsg$NL80211_CMD_SET_PMKSA(r3, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r9, @ANYBLOB="010027bd7000fcdbdf253400003b0c009900000000001b0000000f003400050a86912416255141aa320008001f010600000004015500eda8b004d5009d6a2ec05801983174680a000600fbda750a50388b4395965000001400fe00d543b2a92ee14c7fa6c71ce13984fcc31400fe00f69cc2e45634c5caeb350ff32d3db9750a003400020202020202000008001f015c9800000a0006000802110000000000050020010a000000"], 0xa8}}, 0x14)
r10 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r0)
r11 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r11, 0x1, 0x1a, &(0x7f0000000240)={0x3, &(0x7f0000000400)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x28, 0x0, 0x0, 0xfefff024}, {0x6, 0x0, 0x0, 0x6}]}, 0x10)
syz_emit_ethernet(0xcc, &(0x7f0000000140)=ANY=[], 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r12=>0x0})
r13 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x100000, 0x0, 0xffffffffffffffff, 0x7, '\x00', r12, 0xffffffffffffffff, 0x0, 0x3, 0x5}, 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r13, &(0x7f00000003c0)="c6c1be0068624e98eb6f9e8ac75706ab5f54d703e6f62928c77fb9868fe31d96c93f97e4e6de7064f16e49569e4733e5f7967b37ebce8606ff40408ecf33a849ac80358078b5184a1226450a9319bc0d932b0921a5db3c7d3fa7b06b2a249d04063a58dc036fc0e5931abb0abdcba8a55997478e8634fbdc010d0d740a95fadfb6c7d43afd2b9d8458dd76e839b629684147518d69dc9e83b8dd7b3f801923bd0c9b35929794f0209976007818abf7aec2d0776dd772b3a836eda0f4871cfc68f23c0e29e7de4b74", &(0x7f0000000080)=""/182, 0x4}, 0x20)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x1c, r10, 0x331, 0x0, 0x0, {0x8}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r12}]}, 0x1c}}, 0x0)

42.607160291s ago: executing program 4 (id=2715):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = syz_usb_connect$hid(0x5, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0xff, 0x150a, 0x1201, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x6, 0x0, 0xf4, [{{0x9, 0x4, 0x0, 0x3, 0x1, 0x3, 0x1, 0x2, 0x3, {0x9, 0x21, 0xc2, 0x0, 0x1, {0x22, 0x621}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x5a, 0x1, 0x6}}, [{{0x9, 0x5, 0x2, 0x3, 0x3ff, 0x7, 0x7f}}]}}}]}}]}}, &(0x7f0000000380)={0xa, &(0x7f00000002c0)={0xa, 0x6, 0x201, 0x2, 0x0, 0x8, 0x20, 0x5}, 0x1a, &(0x7f0000000300)={0x5, 0xf, 0x1a, 0x2, [@wireless={0xb, 0x10, 0x1, 0xc, 0x81, 0x6, 0xe, 0x0, 0x7}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x0, 0x5, 0x40, 0xfff9}]}, 0x1, [{0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x3465}}]})
syz_usb_control_io$hid(r1, &(0x7f0000000540)={0x16, &(0x7f00000003c0)=ANY=[@ANYBLOB="20048c0000008c028e711b55308efece02a8c5f754f65efaf73b5a3cae36b3752f32aa3fa898c031a62ab9b663168f882efe76dc16df3a7a14f040cb435da6f30a1cc2c30486ded5ac11f6c3ed4f9e65f296ee802e96d3fe73b348d691c2d9f3f03233056b5b05b686e26fbbe02dde54ad80a2f478dc5fccbc07c5f4aa8e558d35b611325dab0bb9e04204330e3d32990cff"], &(0x7f00000007c0)=ANY=[], &(0x7f00000004c0)={0x0, 0x22, 0x3, {[@local=@item_012={0x1, 0x2, 0xa, 'q'}, @main=@item_012={0x0, 0x0, 0xb}]}}, &(0x7f0000000500)={0x0, 0x21, 0x9, {0x9, 0x21, 0x80, 0x7, 0x1, {0x22, 0xc83}}}}, &(0x7f0000000780)={0x2c, &(0x7f0000000580)={0x40, 0x7, 0x8d, "f6e5a87adef4d1c9e225cf17dc4ecf0fca59c04edc75b6aaadbe5aae80c9c18a0c093f33c65c674acbab1ea4989ff4e545839af694e1a924b5f1e4681968f18f1c545f45f8ddc36dc3ac704f3ce7ee441ff9f1b0322e6e8eabb68852272a9480611a54b864767e41b9a0cc0d467c1e094513cc8ea6bf6acf45248729071ccaf1964f2540fa4f06f1b5f0b20194"}, &(0x7f0000000640)={0x0, 0xa, 0x1, 0x10}, &(0x7f00000001c0)={0x0, 0x8, 0x1, 0x2}, &(0x7f00000006c0)={0x20, 0x1, 0x75, "1f93386df67fa3d846291bed30dbf6f12462a1b30ef2761e6ac72b15e03235292a40570554a960daa4dd546d93d83e7b07cf34704875509e931a0a160aba4316b77170615eb9927479d3711fba1e7d0f427bb0f905fa470dd6d1fbc526e481991759dfebf90574f262ebfbe8d522dd8b180a85650f"}, &(0x7f0000000740)={0x20, 0x3, 0x1, 0x7}})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
sendmsg$RDMA_NLDEV_CMD_DELLINK(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x10}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x89b0, &(0x7f0000000040)={'bond0\x00'})
r3 = landlock_create_ruleset(&(0x7f0000000040)={0x556, 0x2, 0x3}, 0x18, 0x0)
landlock_restrict_self(r3, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
openat$audio(0xffffff9c, 0x0, 0x402, 0x0)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r5, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4000090)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x2, 0x8, 0x0, 0x3}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
migrate_pages(0x0, 0x8, &(0x7f0000000280)=0x9, &(0x7f00000003c0)=0x3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
fcntl$setownex(r8, 0xf, &(0x7f0000000180)={0x1})
sendmmsg$unix(r7, &(0x7f0000006c40)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="e9", 0x1}], 0x1}}], 0x1, 0x40815)

39.31963862s ago: executing program 4 (id=2722):
socket$nl_generic(0x10, 0x3, 0x10)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1500000010"], 0x48)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0003000000320001140012800c0001006d6163766c616e000400028008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r5], 0x44}}, 0x0)
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000700)}, {&(0x7f0000000d40)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e4", 0x70}, {&(0x7f0000000b80)}], 0x3}}, {{0x0, 0x0, 0x0}}], 0x2, 0xc0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
io_uring_setup(0x31db, &(0x7f0000000580)={0x0, 0x416f, 0x1, 0x2, 0x17b})

29.623799493s ago: executing program 1 (id=2754):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0)
sendfile(r1, r0, 0x0, 0x100000500)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r2, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
syz_usb_disconnect(0xffffffffffffffff)
ioctl$EVIOCRMFF(0xffffffffffffffff, 0x83c0550b, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000040), 0x202, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r3, 0x8010500c, 0x0)

29.325853708s ago: executing program 0 (id=2755):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x3c}}, 0x0) (fail_nth: 2)

28.77388431s ago: executing program 0 (id=2757):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_io_uring_setup(0x8ff, &(0x7f0000000a00)={0x0, 0x7d10, 0x80, 0x3, 0x1000034f}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000580))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r2 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

28.186920444s ago: executing program 0 (id=2759):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x9, 0x80, 0x0, 0xffffffff, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000580), 0x80802, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r2, 0xc0044d0b, 0xfffffffffffffffe)
sendfile(r1, r0, &(0x7f00000000c0)=0x8b, 0x100000500)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
r4 = syz_open_dev$evdev(&(0x7f0000000440), 0x0, 0x282)
syz_usb_disconnect(r4)
ioctl$EVIOCRMFF(r4, 0x83c0550b, 0x0)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000280)={0x0, {0x2, 0x4e24, @loopback}, {0x2, 0x4e21, @multicast1}, {0x2, 0x4e23, @empty}, 0x20, 0x0, 0x0, 0x0, 0xdbed, &(0x7f0000000240)='ip6gre0\x00', 0x478, 0xf27, 0xc25})
r5 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000040), 0x202, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r5, 0x8010500c, &(0x7f0000000100))

27.634640851s ago: executing program 1 (id=2760):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x180, 0x1)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x5, 0x3, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0], 0x0, 0xb0, &(0x7f0000000300)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x1f, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
r2 = signalfd(0xffffffffffffffff, &(0x7f0000000540)={[0x95ba]}, 0x8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x17, &(0x7f00000005c0)=@raw=[@alu={0x7, 0x0, 0xa, 0x8, 0x2, 0xfffffffffffffff8}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @map_fd={0x18, 0x1, 0x1, 0x0, 0x1}, @map_fd={0x18, 0x1, 0x1, 0x0, 0x1}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x8}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7ff}}, @call={0x85, 0x0, 0x0, 0x35}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @func={0x85, 0x0, 0x1, 0x0, 0x4}], &(0x7f0000000680)='syzkaller\x00', 0x2, 0xbb, &(0x7f00000006c0)=""/187, 0x40f00, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000780)={0x9, 0x3}, 0x8, 0x10, &(0x7f00000007c0)={0x0, 0x3, 0xd2, 0x10001}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000800)=[0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000840)=[{0x1, 0x2, 0x1, 0xb}, {0x3, 0x4, 0x6, 0xc}, {0x1, 0x1, 0xf, 0x2}, {0x5, 0x1, 0xe, 0xc}, {0x2, 0x3, 0xf, 0x5}, {0x3, 0x1, 0x10, 0xa}, {0x5, 0x5, 0xf, 0x1}, {0x4, 0x4, 0x4, 0x5}], 0x10, 0x3}, 0x94)
r4 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000009c0)=@o_path={&(0x7f0000000980)='./file0\x00', 0x0, 0x10}, 0x18)
r5 = creat(&(0x7f0000000a00)='./file0\x00', 0x180)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0xe, 0x1a, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xb}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_idx_val={0x18, 0x0, 0x6, 0x0, 0x10, 0x0, 0x0, 0x0, 0x7}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xff00000}}, @generic={0x6, 0x0, 0x9, 0x100, 0x8}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000140)='GPL\x00', 0x1, 0x90, &(0x7f0000000180)=""/144, 0x40f00, 0x64, '\x00', r1, @sk_skb=0x4, r2, 0x8, &(0x7f0000000580)={0x9, 0x3}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, r3, 0x0, &(0x7f0000000a40)=[r4, 0x1, r5], 0x0, 0x10, 0x4}, 0x94)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000b40)={'nicvf0\x00', 0x400})
socket$netlink(0x10, 0x3, 0x6)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0x40a85323, &(0x7f0000000b80)={{0x10, 0x2}, 'port0\x00', 0x0, 0xa, 0x1000, 0x1, 0x98a, 0x0, 0x2, 0x0, 0x3, 0x8})
socketpair(0x2c, 0x5, 0x5, &(0x7f0000000c40)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$FS_IOC_FSGETXATTR(r6, 0x801c581f, &(0x7f0000000c80)={0x7fffffff, 0x4, 0xfff, 0xd1, 0x7fff})
r7 = eventfd2(0x0, 0x800)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000cc0)={0x0, r7})
setsockopt$inet_MCAST_MSFILTER(r5, 0x0, 0x30, &(0x7f0000000d00)={0x1000, {{0x2, 0x4e23, @broadcast}}, 0x0, 0x5, [{{0x2, 0x4e21, @loopback}}, {{0x2, 0x4e24, @multicast2}}, {{0x2, 0x4e20, @local}}, {{0x2, 0x4e24, @empty}}, {{0x2, 0x4e23, @remote}}]}, 0x310)
socket$inet_smc(0x2b, 0x1, 0x0)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001040), 0x501640, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001080)='./cgroup.net/syz1\x00', 0x1ff)
r9 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r5, 0xc0189373, &(0x7f00000010c0)={{0x1, 0x1, 0x18, r8, {0xf}}, './file1\x00'})
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001140)=@newtclass={0x5c, 0x28, 0x300, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r1, {0xb, 0xa}, {0xb, 0xb}, {0xfffd, 0x6}}, [@tclass_kind_options=@c_sfb={0x8}, @tclass_kind_options=@c_hfsc={{0x9}, {0x14, 0x2, [@TCA_HFSC_FSC={0x10, 0x2, {0xcd6, 0x8, 0x7fffffff}}]}}, @TCA_RATE={0x6, 0x5, {0x2, 0x1f}}, @tclass_kind_options=@c_cbs={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4048048}, 0x4000804)
io_uring_setup(0x4eb2, &(0x7f0000001240)={0x0, 0x5135, 0x8000, 0x0, 0x2b6, 0x0, r7})
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r2, 0x40046210, &(0x7f00000012c0)=0x1)
r10 = add_key$user(&(0x7f0000001300), &(0x7f0000001340)={'syz', 0x2}, &(0x7f0000001380)="06a62daed03cef3ade60f81b9d6cab977734d8ba504bac48e3d6323e7288a538afd9f8f209ff0581ee1f69d081df4a15ff6f868d47f46f2cd4383bb77159dffdd1996cab69827db584330123c07e66c3521caf60753b7e3ebb30618e0a00a32d9a509f0579e79d36d69dbb493f8bad489ac59d3b1124a06b509e268f69edc9cb0b5312ecf2c29bc085d3a45f02dafe249017869cb120e20f65ed29ce567d410591d3624706f2", 0xa6, 0xfffffffffffffffc)
keyctl$dh_compute(0x17, &(0x7f0000001440)={0x0, 0x0, r10}, &(0x7f0000001480)=""/18, 0x12, &(0x7f0000001600)={&(0x7f00000014c0)={'sha512-ce\x00'}, &(0x7f0000001500)="e5c60a345da84eeeebf0e480c5cf1f67a875ddeb215e4fb5ce96b47d712808dd16d23e6f24a1aa9401e77f5a74157e131cb65e8fdeddf31a052f5d00d0b2d6062f926fd3d20b7f0f22d090ebb831e17f275464603fb08e94f2b981859a4a63693a4d05ca016ad242711896e47361c4895d67c500e532b707ba37f883d12040bf2011331e7e2e9be9e5af8d7364ca11e64466558070e907e50e154c03115dee93a11314961b6fb04fea373e4de04eb25f0d824d0c39aad160469ce27e1e0a6500ad39346d", 0xc4})
socket$inet_udplite(0x2, 0x2, 0x88)
syz_open_dev$loop(&(0x7f0000001640), 0x4, 0x20a100)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000001680), 0x2000, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000004, 0x30, r9, 0x3f05a000)

27.504166235s ago: executing program 1 (id=2762):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'lo\x00', <r0=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r0, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x9, 0x80, 0x0, 0xffffffff, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000580), 0x80802, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r3, 0xc0044d0b, 0xfffffffffffffffe)
sendfile(r2, r1, &(0x7f00000000c0)=0x8b, 0x100000500)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
r5 = syz_open_dev$evdev(&(0x7f0000000440), 0x0, 0x282)
syz_usb_disconnect(r5)
ioctl$EVIOCRMFF(r5, 0x83c0550b, 0x0)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000280)={0x0, {0x2, 0x4e24, @loopback}, {0x2, 0x4e21, @multicast1}, {0x2, 0x4e23, @empty}, 0x20, 0x0, 0x0, 0x0, 0xdbed, &(0x7f0000000240)='ip6gre0\x00', 0x478, 0xf27, 0xc25})
r6 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000040), 0x202, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r6, 0x8010500c, &(0x7f0000000100))

26.564874404s ago: executing program 0 (id=2765):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x141841, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f0000000040)={@val={0x1c, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x0, 0x4, 0x0, 0x1c}, {"7302ae64596acd1b0c85f79e959ba407dfe2680a9f3a5624b94b05eb30a8db4c40666ac03a878052cd6f34b42454ed6a1125e62675b21d5a1fba5cf3bedbddc95b7e41e2f08bc48db0daee34e764ee3ee41a0c70477ab54c7b85"}}}}}, 0x90)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
fspick(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0xa)
r5 = dup(r4)
r6 = open(&(0x7f0000000040)='./file1\x00', 0x1850c2, 0x14c)
ftruncate(r6, 0x200004)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x21, &(0x7f00000005c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r8, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
write$apparmor_exec(r6, &(0x7f0000000000)=ANY=[@ANYBLOB="0300000000000000"], 0x8)
sendfile(r5, r6, 0x0, 0x80001d00c0d1)
r9 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r9, &(0x7f0000000dc0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
execve(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0)

25.06800048s ago: executing program 1 (id=2767):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x2515, 0x0, 0x0, 0x1000, &(0x7f0000fec000/0x1000)=nil})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, 0x0)

24.997396416s ago: executing program 2 (id=2768):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x3, 0x2, 0x3, 0x1, 0x0, 0x33}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f00000001c0)=0x4, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x3a8bc000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000008280)="03680f2a20da68ab7a58c28b635d19c32b6efabb6ae3b5eee5a74d8943c613539e166c8baef50500824343a2f05093a5c21f746caefe9f9bccd83cca0fc28da20e2706308c61398dfce5f54ea9f266791ba29a4c7da158637def8b816aa296815ff13c06d632df45feaec1fd272ec1b510eaf58fe6b26cc36df3ecc0f5b1f258a190304e2519dd39ba9f5bc1788926ced5202e3b1e3afa16ae0b5d66dc05b36d3a00f72e5f318f8bdfc7eddc94238c50031d0657a22445ad0b3b90a86b086eed837a00bf0a3888bf61b4db57d6d8d6b286bbb13ba3b246def60ac34241eb843f89fe77d7e3e52573e90d791f21d4a8dfcc24ba95db60e2135634c02bd4b14535285df4fbe381ec036d876c4c8057c79371fa9717414590890e182a7b9e0ab927812083acf0d04e04c20c0555c8ceedc5bcf9b0e814be6eca98ce7b2f9f17d098bea541b75a1617c09fa99902ad746811f89a1fc5e6a80d77528247d6c104395715d2c9f9102f070a295f20c4307b9e848d3928b50985bfa2486893139761925b8fab96d26291243db23c4fd4d96864f4db860731a4e3e10b52d8d0487f5a8536cb4507dbdc111570ad0321b918edbc52807c2e0676d3257553702d9c1bd6741e9cd5cdeb3b8f636b6eb02a3b0066d7f677d586de5018850000f000ab3960f6656fb98039ceb6400d0299c356fc22b7298ed157c667bed5563fac2192a8ff7706a9e58d9d2f92632d6b25d8b090642e3f323bf7ff4d8264617a43a97099dd7347fbe3b1c439737913f17eff57f3e1ff4fdac374fb554e9a6a1ff32daa69507698d660d8d5f591801d8e4a9309342c3dc84966dbfcd2652800200bcb0dde9d456b7a07c5409f4f5387d0150daa34dbc865c6108d34dcc51eedb277e9638b43ce3c9afac5d7aa0f8542e58b0a84632a07557b041845d0012cf016ef065f97660b731ce1b79493de71def047277a3ae6d4a0d86591847d3475926039848c5baf6e1b43bc83053855182423156e54cadc8c85089265b49da853d15e5a701fedf2bf7986a723abf72e513fa05cb178345f2fcc859df49e74c8ccef196000a05cb090f22986ffb6f8f74ab41d2d88b6b535507a23b03d2fc2743f6f69fbcd43b8ff52b1ba32fa0137d542c515569b7f486f8ffa02ad1f54767f51701eb4c141437720884d529a57e17bc2837799124f7f112f42bd90f5b435d7a5d7524f7667bb7a6266263e62bf7ebf6896888d584c65a530b766111f078630d8629ffa91acb5ed02498549bd7e042acae0fab7ccb23278088a364be3da9619d91e1061bbaa9b33c3c5fbbcbc725ce8c2cc9ab0f2b4d30078040d3ca79d3ca056c360381ee87e743dea73a25ea2b4843f9ef280feb507f933fb556c718d8bf8f8618db72805b65d381b319f65c745c1e5060dae2f498852e79aff8dd9c88fd939a31871a430d3ba96fb118c79d1b08a397af23b1a188d1802106f588c768a1e6c9d244ac9a38d2a54ed50f19b78bf25e0ae1f9337ceaa8ff5ca8640104b19bcd643b51501d4e03ed5ffb383e7ed0ab78d540ae10bbd64fba1af59a4190215b7d10230992bbb4ff618d8284a2e2446990511fc2bff07cce9ba94a11d3db041e220e3d931fdf129d8ec2c9b17d6587a0044c9e09f52848db43ddc0df94513cc9e94e9d427623502a910deea0f21d86b16366769a46bf0d6d9fc0d2cd6b98ed885e9e2d765bdd051196bf20bd27c46ec902726d96de352c346d904fa00d63b67d272f116dce489f9d636cef61b441b9c113addec983b8b2fbdb2b32049e436c972b2fcf5140dc7b094c5047cb6226da700b72aeb3febdf16a75b6f61a311f606251c99b377c775c8fb3446ccf25dc4cca24290b3939f948019b05c80b5a6382112f63e0990b324c16a087c72aaec08796afc769f678e3634100a5a9da8215cb5d7a6a6b50a81676ef4edca35595b11f9606bef2fb84fe1f0a0703c886579f09986086f0dca6eb8061f9a74c79c1f758684a7363974b14561b9d2efdaba6c4cd8cb70627da1e195fcae3d8b2fa751278e8f220c83e677e14731eccd6fe0c357b011ed88b6df0c266b383f224b8e95384e401b717030b1227582d0d1042bd90377c4f2c7206a19983fc5905e4eb87edb6532b26ca9e28e160202606d19d9f5da34762f4b3fa842d7bff382ad70dcbc411f8b3e4cace8c8e0c72898d24023545e0dfdc4176209276a535491ce11c045c57b45c40f19b12dcf6ffbf78ab23e7fe9bdc404cf47db9855f2b835e1fce57debfa071803ec38da3c77a904080a4c737ce2b20e14e8449762f1ca0b1ce71779d2e6ee5299e1cf230e8070045c23c1d0e52f66fe9039f95cdc0b448dc12d24de39157934270345991948fce921b5d8e739315cc75d4b3b49928437b88672c1a7770365207b43895f45909d5d972f48aa66de609152a5afa2c7d75f0a14189d0409f0b623eab3b6e7d81025cde140893ed71b6f24f5a36d21dafb62af6be9da845403bc8ed36672efa74d7da19d5794cb4b79fa1c86940b1890c012e14b7c3bb261f16bdd99efaa9819b0bc00af842a6b94c6086d15b16ab81af9331ba3a5bd6941ef35239e85455ceab02c598ccee8fbad97ed37daebfe3b26a5a6c9eda5f65a1cfaf7a1f1688267c812a56c552ae11b465dac030e18f9008ad03cad80bf2cb91a7d99dcfa54d323ae0a4c3a6dc0f80d7ff703870610a945eb0ab5b6d14e81869c8872f6b123d98edcf6bba10d76d35cff4b0bb73db8b6695a8351785bcba1e160a42ed367c4da727da38f91562e941e5c4fa90cd585c5f1cd3a7d6892f18a5aa3c74a4fc00bf5909267489b937a928d9d8ff92530b5226eedf8ab9a957e5ffec45bc3a55e6955b38393ce52892655265d1f741e0b744808eb568a08d145a8bc5ada9b079f6d0bec5fc2ace0502b3f926372dff49478fbd10451f0de4b3d1a63b9d4e17ade45628d2e9dca041fcf7fc1e105e1fc44089fde9caf418ba8454dc361df4a59e1bd79143d280613e3c79ad18e922a43e199aa5927bb9553dd31e6223ad19bf8aff6e1dac8b3680feea3138bc61742b03f047b3d77039c1a4c2d05bd89c4bc12a1b83d78b4e7023f690fce6a44608c423d8cbc2e80942b9d9df2f4bf5606640fa47692f3e003885983a73e1dc313b243bbab5c3c6348afab796da766044ba142eda5a9d3713e3eda8c54c1708909c5da89ba67d29cd7f409c9b759cba316c42028754e3cb6eae2cc4f6d66982f212320f199b2e837bb4c54c54bcdcd2ac240ef6295d38e9889b4213819ef0f9aba6ceead4e0fd2c4becdc1f8ee3049831996c9a74a5fd4e12a03d21ed47cf27e29f9d61e4b673d88914c36eefa53d3c49d94b463b7f8462c1951d50ad55009528f1e79fbc2fa70c3338b32c40ae3bb45d7079c7ae8433fb1aa19affbd3fbce0cb5ab0d557afb3be036856066eea45c28e93528b35477fc97fe9ff3641e5bb0f0e46069eb653c027daabff38541250081c77e0e3a1d030a73289e771cc41db10819af60599b5df0ad978fcf0b46af821c6b717b265e07d3a85397ea94de26f510290ddb5df8fcff76fe624843c8577802809c145916afce01d9dfdfa8bf07633e98f14fc73d5ef58ae5cb0c308bc74ca38259692a1cd4cf16752786a1c816f24612c27393d7e40a2df9a3dfa23a0c59613c8a7ccdd97c3fc67ecab94dcd8cc4b4517ed2414d41ce574074ffebd156e3d65c4421b0f339bc9f29abbfe49db62122248cf96b74d9639b3ef9d935cd81315a7ecfb0dc6ea1ee053c2e5c3615fbc10782f16a564fcabe1df70da7de989e00eedc346cef5b5cf880e9d563fc15302f056d37f98a939fd1dd5478b4318c256e93b77e31f87d8f7fe31755191b40d778ddb2ada1480bb9fcb96a09783fcf2c2c9fac2c3a2771dd0e2fb113cd460ee2c9cf4a712f04eb1b1a746091109f7ce0655e1ff7781fbe853e3d03bb91c9d8f4f416f5745c6b607bbf72786bd3c0ac4761e6e6d70f12dbefa1b13542086f793b72c6102ac06e75be17bdbb1efbf7e007f07f9bd433fd9d9cbf93e760757b792f15231895561fe49d9d683ccc066f38af581422b71702627162c0f0f35c36a61eaaa92129114b7334281e35fd39576e51d8593c149c9326e0c710ea4dcc9ef39a432a48ae1834f5046b954f9c033d6035cde0dbffe3e97f48a1dc695f4b2f6fe5d4eee83008318def105c37e11c9015670f13417ed036e68f6fbfca2a8289829677feb23079f3f2ee53b26e491924fefc1c50e54f288a8c4b6ba6d319054c3a9e39e14bba81b423acbd44b51279bbea6b0bb2047325837ce8b2191454f52ffa2cd04abe89e3de5bc102e9fdf740d3efd975bc9503af796e6aeee711ef8797de5d507a964730aa70cb9d3840054d4e1ffc57de378b511f7649666a54a6b3d91ed517198d76322bf99d13bef530a43ed3f13196bf2def6dcfb39f76471c75c5779bedf105717e546057fb478bfd24e8fdf3c12d028b542d1f424a9d45bb9e026e6098eb1cb0a77378300ec1b4c9f006aa68fb7fb5c57cf1b035cbe96009ead1ca25ea1e5fae40312a4e9fe250684a1c8653bb303209e0fc6a498f3a08f6c5b946378a349f3aea45104a2badb8a45f500bb4f0f6cd620ce794e0f390e1cb7f2f1fc0039f4250a577544a6862b47bf89eea3a8c1516b7a9dd111c2ca719190e8feb1a7079e9fdfdb8224dc50791c986825469c087c8f081616edaa4193e161281aa68b7286a364cbb336b2459f0892e57c40afcfda7d16ea1877efb4e4b0d4b5c31e8cba15066903d3a91bdc7fb64452fb9843436110596f0b038da167a86f97d32c807270a1c994fe88e2517e11bdd210dd982d3c8158459440108308a936c9d2370b9d157c3f9caec36ff05bc40b37f095edf33bf4fad440f38c3f52129456936c07014140be5618f4e9d07b66679238023390cd676b1a3a28d0e90d5ad9ef13a31fcdc5a435454309367c437424e340a1f91c6483bce1026d85a16fb854252ea4ede39a4e69702ecff76432de508e064eda0df9f263a25c0f626d1c1ffaa6783be2975451ee936cc2178648935a924f6fb2db2f8ba34e348920d903114520918cc6872b842e3744fc18d1363583a107ec7b89c7792c0d8069e12f873f6d668f6fdeb47b72986914e45c2b061c5c936c73c9bcf1475ea0d25edaad21cf193405c8acef3bff4e4f1b2b321d70dba59e856a8849c2bba9508bad775370669b2bb7f5e53181af8bff525e13a4935d7e28b997b4ff15da9e36f1353a154ab701ad15420786daaf27ba7e122f7b825c668185b685630420378b4142ec4e4242c2cf0bf6e143f7e55cb12fb9dd59a8df9959ce4fc5fff68ae7174977a31ad7fd644bc94a20bae76f0af474034990fdfec8ceca0e6cd93fe21d84837b7e9d74c17b6d3054f0c008ee05764745fd8773a0c1c31bb3eef5b7e261b54805b5c805a4eeef05c812fcdede200442e7340c63490645ebd09c235d5c52a785542526edfe3875ad08267faed1d0a15236f00c6736b94c1a3821302ff610697ad7becdbc96f54b55138b585cd122e0d5aeaf43c9ba373e8aa1c1297e3415552cc57cd60ee1f3c04500ed0eed37775c873de3066c034c176c67c5bfbe9899a47732030855781341374641da058eee61d01d11b9db8f19fd4558957897340e32cdfbc39713f1f439be0638f614cdb5361433a45a6ff024e39c94141dc5403af101404ce5f2efa97b90d9ecdb7c361785dab977feded32554d1a74d5cbfe2435be7f0329ce652455c2ac11fbe29fe3826796d4bea03dc53a37f63f5be2773f83faf282f0ae24d9fe5762b71b499fd37b4ce7e71f93c3a983f80fed477708bbf2261c89893c4b76e34fac9b42671b6cc81678cc867f53e8c3ec47716206212743ca0c4941c2c61ed3177fccf85921e998d2b826df751173944bb07eeaae4001f677a0687a2550eeac8bb5128ecad9c7b6a514596a30b8292fbacc09ab488193507b6785d7a35c979db774b2c413246f1ae88d35d1914b20b8fb501034321642fb0b0baba3378e4c31fb5e247c177e573295df0194462b99079a436400ba1be2e30d39b8714c0fb2bdcd981d5a5cd514f8d4f14e4e0437108630355d8f2b60a6d18cb14ceb2b5d0704aa6e93e180bd79cb17e176bc4f81a03db12a03413de6189896955bb9e3cc69b6f9a50a7eda3742527f98c71d7ea8ba75e253c2b783f7104813c619949e6a0765179b1b9cbe68b703335ab5986928d86384357a2f4189f4b4ffcd61a3d29709bbc93b5371f0e7798cb72ae4c17bcee24f8e566f2777803c3d182d15a63ac40063f0ccdf4bd790404524eae02eafb6b54c699578486490033f0be866c74a134083003d331b98658ba973ea674c4a0ff158403987b4c4752b07c8637a119b019fd5093406960144445056f6ffe73eda0235dc1871bb6058d4a9feecac628265689d58a81453d33290ab56eb691f3180d0288449f41844e56f5c6cf522d4a5866b24fb9552fde71946c4d25dcceaa41cfddb5a33c51c54c0a0a5abd31be8fb6ec53c1d14ba648e183979dbd0db01b9e51ba3803be7e7d3dee752668367264c783f74838121797ae5706ef3aa460682d1bf55808c70e69ae29d7683368470d08e7e9a1095305dce250b5b4bd48c02e098d241b1089736e8306a737e3a1a93e554cc3ab24672b8c74bfb8825004ca869e347f873de14575493836662ad741d79269904f905d7df64d0581ab8d76ee51a32d72ccb719f3a25c0a856b5bd2b2a1269e208d70c32e1d5ad0dfdc0ef43f0230e95eb85871eb4d6033abbf0be7025382d878eeaeea73c94270e79bd5757dc1bac95236a62545cd467830b12dcc30d7cc81e889d360d073db40058e9a1c7b41fc53e67740bc984132a1452cf7d000378f14ef93a7eb0dc9bacf23584ad6761139576607f8214757f71fc47b2944127116ca3e83b9d9643bce8d7bb44b4d16b5d5cff70a9e1114cd920b6fc1f409672648ad56ac3136ef0a314adb458faf3d3f171cb2fc513d76e43e6bda2f1a68e6fcf4a4ecbe6bc87716e2a82ea0c4657983ca0caaf8d75fdf5b0d7930e4f3e95eb1271485f938e7ad2bf0c97b7c11745de45518a1e3a74341968588558e7197b407d24eda0671ee28f219e4c5f809a7ea6f9f5b9705f4634a96112eb262bd5967db5237285b865d3f64516495ea6d1ec20dbed7af02362370bcc98671a61241fa1ef5b3095609d66ecc16010f6f67a280d1c6d215ec224ead17d68bbc9bc64b363b5be9b479b7aa2cbc8587a6b48cf653fde7a262a11ab3a10356f55f122310feac77c32ce0994d6e8a70f1c53331cb473a8e29427322fb6da292c4443b1678877f1c981fa05fbdef96520e5895aeb2a3a8e62652f9d8830c3b144b9598873e2ef41b7ade943807766877d609972cca74855eaedce07cda35b50557de96e736ca3107c154d31aeee78db214687b9964517bcd2c6c9ec047514b45c831aee4588166dc3ec9ab36bd1033e74b3d02d731c5bd84f659fa9fe55cac08c12cb999a2e64fac52f6cb7d1fffbf45d9a1126787d0060fd1be563ccbc278ac97dab0c1bee664675f273f5fa429bdc24b21ff1cf0a3ad3c687fb07ffd88bad6ab6c6b422a43b77ff76f96bf405c07f8a667bb8ff54d6714aaa21ceba2e78ce03146b2ab9f49e6d65081119b8e7cf3843e91349790d2b975c9f9c305df0ab4f2b1b2f30f629313cc66a325e4037f38f29842ee5781ba73d2f30f506cf7ff2237a72b4075aefa32cdd5ba0ae4e65cb6fa47a3e06f0d5f684b7172d6b58f5f7d783c4122db4f4b8b4f9d3296c9d115f432710c29d40dfca0010ecbe2f42fac899911d65c84f08aaa1923c8add5af518286211db14e1187a8839f3b2ae8bd914eafc16a576bbe3eba6271a4c5b3170c3f543761f11f1326a05c575bde1b5c6afd3876bea4fbb649071a95caf74de9f7b3421803ec351f934b8d0932ce72a13abf3627d9a396c10875fc167ef1ae98ff92af9ca366033c99d30306fd540a09d67d26ab192504e7c09f9e4d06287a2b1748f1761ba3c16d9d08be7562b7351c4b4679f5d4b38681bfd86c7f2003a9749b20b602112a95803469f5d252c564912b55c4bf3409298dbd066d877cc70a89b484b9ee6bb836c9acd1e53086c4be85e9a3bc5969c7016db9c72b68620c241409d06f4d7f72fe2289c9b4921055922783b8b886bc22926b7d194820af2b90e3c60e87e1a7851f38a970c07c1da120d1da75de2bb994ff7d05a313522373326f160914a9589711e0439d694f5221afe8cc118722ce4927e9543e61a12a76bcf2da1d01a0f258095d32063387349b4e9f253d8b73c6e834b6866f8a56b4797b92d521fa732aa0d55c8e9d6c56011ee6fb450853dc564d18e97c463609c27a63f9c91c46d7bd80ace4edc0615ca342f43ca3b3d0cc36ed52b7d1f457e5b4b26b5eca0d91abe4f1a42a2eec40ec2faff1222f71dc226d6344e947b45155691205c09913fc3c6ab3fe76f4d1b11fa45869e20694b5f0a1074780a07332764212533b797dd24d8df157d4172f91253b77eb2ec90c8222307ed59136463057b7f469116086410b7503b44cef401c47811c1390060da5b3321d34096b67468a7702978d98d4bd721c18a25ed541249638e90281dc8e3565dc33e66d7b832a9bd62c02c5ed0e92935c92472499653d2d842ea6697c733ee80d775884074b3a0c250a4aa021bb6ea93514f9cc5f09feb5719d270cd184e364ca966f1416e10f111bc425f32a993fc5cd75503f99d89d91d7ddc6dee70193057cb946e5fbf8663c53e12cebffe5dbd4a86bfcf5f35f0d8aa43763a60e00356b4f8bc2bca01b02cfddde38f0c4df1e7f98709fdebc5abb5eb9631bdc3dbfcf15517fabcf16931eb7381e83713b081ad1947274d4896ee8953d772e9e71f363b6f1147317bc739ec128e4ec865f8f0ea34cd5ff19fb2c28931d2c85846735358504ae9161535cd7890e8b95c814cfec116b78e6d0eb5097cd4f35888121452e27391d865c15f0b986925d0d0c623bcbb4d8ca66603720253af17853967ea5954eb5ef0dc43de185ec4925026c680464e66d1caff1f4c7c757bd55ec2515ffe7183e3481ff6f626c2228a3fc3d15f63e4bfbec76a2a170206142cbbcf204a1cbfe0ee56eb47dfb79c80894c0a0fbf8a2955d861678fc2f8f9ad7a28052197b5992bced1273658da5b1f42fca48c80883600c24d8515a0c7113deb4c97df918ab64bca16a0c14f2547dc91d5ce4f884978c95fe54899f77ffc20a2c4b27350bc451bef72a46d8e144ad57a8d5f8ac039f58b8a53ea1f3fd5fce612a171bf82ba17c0681cf46ce5c8181a522ed2e986361903903159643046c7be1787dac6ccab09d18a30997541dc6e9efa260f1ff0392bc1890f19d8bb725f4fe7d8bc618f46e0c23be6b9ca67777dd3f5a89b41ccfb11a526a3bed045a2906f86cc5186a1db7a70391261b694b423e5a44d374f9d3720330e083574083f8950b2b35c8bb5b6c0a7fe259f235dc1c069d4581a9f0a7451890561a0829bb290de6aefe4d243ae0b00ca61a1dc4262bb4951242b21d88148eb7b6a9718d6433274f2b3c9bcdbb6d5df67b48ff42692d8cd7f4b7f41728de68ea1ce0f3e4a2843c5b9ffc43f69b8a0445dce44081f5b443a327084b0d00d07cbdbbfd2da5d67bf8d4bb4ee408d17eeee48b61decd06bd3dac9a1adbeb069b49ec96608b9179bb3af4c10f2ade6778b31fd4c22c2961cb949a64e9a8a4879c550f8d8783064cb304511e40e2e562ba83c08ba8ae011a784ed9db03db5527a7aae222c856c8df0a94f9c4def0f94244c5b8e3db9f39dbd337928e24d9d8562f231fea72116c01089163d2c5f4ca17faab20b73c9957fa1a9af20837a804870034d4e64281125b070d8ee0dbf05f95e5fb079e2a57e9af977222e90b664189114dccbca81ee58b7de90a813768a2049052b339a608d3e9966bdb3b584291fbf7694a7d1dea7f72ca604894e6cca5d326ed5e48c15eff5e6a8cc11c40f84ca920d79a5c55d07001909bf6338921c656a39d59d03f62bb5b8870189f0416ec8c317b03ccdcbbeb3e1a9bf2661813f4966b57eb56a2757de5f7745851b5f7bf75e41eb1646e61a41923c5c0e58c2ea478d95b5c39c450744aea0aad3706fce684cb7338ff3dacab60e8d968f0e6fc070693ae3ca16996b34a50afb7e6e377546ae28dc8de7a2ea3a657b4b0003a91a488e347c61971d62f32eaf843d4d4c4f86cc4033c1244c8408def09188dde509c629323f34072f9089a3846680894e8b000a03865438b2ea212b68fdef7f17583f92014eef2c8115a37c9c82dee06213c1407c1433690f68cdc8e91971104039dfe06774b946f43b68b7957a5ca3ee763eafbb7437850eb0a285c413bcf6965232d593d8da47a2a06abc635ae38e596a9dae55b43f341bcc6fe72d79b453ac1c259da37f64cbc1f1508caf280aa6a3f4cd2ff5564cc5a8727f222431454a5ac93398a29fb95b4e057686cd6fcd920992f74e5870749676a36e043bec5fc1b0fce5563affe9addfaa3689e857383ccd1f2924080449d2cfb006e855570b711c1dedd1df2629afaa3806f4ae229a9a8ef1940ddf2c55dac7812d2374c0684b7ba27b2f0849ee4c055d2b8ccc8e41c593378340d7546bb974bc8032f220b37099e3b04c6591c40d2c50a855a491e03c1c9cbb32c400f6104341262d92daaf3e2c04936cf28788fdff8e0a77770a9deb9089a9e32eb5d9e2581aecd98f83881ca8e7d49e603556dc03a9aa19a8f3a4735aaee347b25ea35b36fa57484c0b6d591979b4a3da894fa0c15966d6a5e02e397cccdb9c314b504372b81ef6913877767001263c05dae362b49e5928ef36f554ce245b4111486417634f1e7f4530a760ae6ffd3123f5736ac12c5bf506c5dca03079c0fd0776cdb56c938cdf480fb9b97b1685dfa3be6f712aae107e2dda726bec137b2ebdf56c0fcaecca4350bd7b5c84d57f29c2a2c99ae10c30cece4831d71ae4ee3362983cc816bb6cb9225b9db08503a1be23a26a0425a8628a2e718feae5df91d829f27966f766b623a0a4958a57642aefae259713733670d5b1d027fb8eb2d0d3a0b4acd482076dfa09ffe883f556b2db2262bc0872e1bd713f100dd7a8a8f2d725b46e09c625d513179872bbcc9a41e596a18b2471d977f4ca2bebd06cdaba31b70ef25e098f214fef16f16f725cad4311eb91457fdb70b471eddb65ecafb1e2b03c5ff21356241e3cab2c8ba601f9ef1aec9006b7cd0b81da29be01cb4c1d52e563298e373013886ebb1889bd5616647c6c418ea6bc1f3c0853b65cae48467b35f08318e3a9d034af7224cc3520ab1ece7751ba15407298b21e4f84ef7c23d7993739403d4f116cba2d0ae2d4003a28334c461c734d4555105b986ad0af28aac36c753ab52b91b7e23ae3ab07d3b170fe53a2249efe5b65463a3f237cec72091b04005f95a15ae595191ba39d0ae1d91d8e00b132ae9339884bc57bbb79978a308e1c31c5f213b092f380a7ba58f55869e9c29a5a6e7a7aa4f8d58e5787cc05e500", 0x2000, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_GET_NESTED_STATE(r4, 0xc080aebe, &(0x7f000000a100)={{0x0, 0x0, 0x80}})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r7)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
pselect6(0x54, 0x0, &(0x7f0000000080)={0xb}, 0x0, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_CTRL(r8, 0xc008561c, &(0x7f0000000040)={0xf0f022})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r10=>0x0})
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
semtimedop(0x0, &(0x7f0000000180)=[{0x2, 0x5, 0x1000}], 0x1f4, &(0x7f0000000040))
sendmsg$NL80211_CMD_SET_CQM(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x2c, r11, 0x1, 0x0, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_CQM={0x10, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0x4}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x5}]}]}, 0x2c}}, 0x0)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r7, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)

24.545171043s ago: executing program 1 (id=2769):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_io_uring_setup(0x8ff, &(0x7f0000000a00)={0x0, 0x7d10, 0x80, 0x3, 0x1000034f}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x2})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

24.425839486s ago: executing program 0 (id=2771):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, &(0x7f0000000080)={@loopback={0xfec0ffff00000000}, @private1, @local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x280})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r3 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000080)={0x8}, 0x10)
write(r3, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r3, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
socket(0x2, 0x80805, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
pipe2$watch_queue(0x0, 0x80)
add_key(0x0, &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffc, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16)
mprotect(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0)

23.965788759s ago: executing program 32 (id=2722):
socket$nl_generic(0x10, 0x3, 0x10)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1500000010"], 0x48)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0003000000320001140012800c0001006d6163766c616e000400028008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r5], 0x44}}, 0x0)
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000700)}, {&(0x7f0000000d40)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e4", 0x70}, {&(0x7f0000000b80)}], 0x3}}, {{0x0, 0x0, 0x0}}], 0x2, 0xc0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
io_uring_setup(0x31db, &(0x7f0000000580)={0x0, 0x416f, 0x1, 0x2, 0x17b})

23.583429408s ago: executing program 2 (id=2773):
r0 = socket(0x1, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89fe, &(0x7f0000000340)={'bridge0\x00', &(0x7f0000000000)=@ethtool_coalesce={0xf, 0x0, 0x200, 0x2, 0x7, 0x9, 0x0, 0x5, 0x9, 0x2, 0xca1, 0x8, 0x1, 0x6, 0xff, 0x9, 0x3, 0x7, 0x7, 0xb, 0x64, 0x1000, 0xc}})

23.534144191s ago: executing program 2 (id=2774):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00')
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000080)='-6', 0x2}], 0x1)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c)
listen(0xffffffffffffffff, 0x6)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r4 = accept(r2, 0x0, 0x0)
io_uring_setup(0x59b1, 0x0)
ppoll(&(0x7f0000000040)=[{r3, 0x40a0}], 0x1, &(0x7f0000000140)={0x0, 0x3938700}, &(0x7f00000001c0)={[0x397b]}, 0x8)
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0xfffffdef}}, 0x0)
recvfrom(r3, 0x0, 0x0, 0x3e8, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
r5 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@ip_pktinfo={{0x1c, 0x110, 0xd, {0x0, @loopback=0x7f000300, @empty}}}, @ip_ttl={{0x14, 0x0, 0x2, 0xc3}}], 0x38}, 0x0)
sendmmsg$inet(r1, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000c40)="5c5eafd3ae55a73702d6befaee97f47f4be65587e1fca708cee084691e4587d887a5eaab43ac5edc4886496910cd7a153cd84b93208c7b1a625b3ea990092389b19dab4f61e30ee60a4d7e51ffc9a5accbe20844356dd0ce192542d5e58d80657b3b5fb7a3d39337df9305959f", 0x6d}, {&(0x7f0000000800)="104b0b7073fbd7f77a847bdbfdf6da474f700bf113b18d16d8380f42e296b49f1326c7d0d97be798e205654b8a885df6ee57ec7b690491c55ca484b54170549c7a72b8a579005ffcb0b309dae34571b17126534a763ca881", 0x58}], 0x2}}], 0x1, 0x0)
ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000180)=@mmap={0xfff, 0xb, 0x4, 0xe000, 0x0, {0x77359400}, {0x4, 0x1, 0x3, 0xf, 0x2, 0x0, "43d01e55"}, 0x3, 0x1, {}, 0x1, 0x0, r0})
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r1, &(0x7f0000000580)="17", 0xfffffffffffffe08, 0x10008095, 0x0, 0x0)

22.5778937s ago: executing program 2 (id=2776):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'lo\x00', <r0=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r0, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000400}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000580), 0x80802, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r1, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
syz_usb_connect(0x0, 0xbea, &(0x7f00000007c0)=ANY=[@ANYBLOB="120101020d500920"], 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2d, &(0x7f0000000200)=0xfffffff1, 0x4)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000280)={0x0, {0x2, 0x4e24, @loopback}, {0x2, 0x4e21, @multicast1}, {0x2, 0x4e23, @empty}, 0x20, 0x0, 0x0, 0x0, 0xdbed, &(0x7f0000000240)='ip6gre0\x00', 0x478, 0xf27, 0xc25})

21.637982365s ago: executing program 2 (id=2778):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'lo\x00', <r0=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r0, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x9, 0x80, 0x0, 0xffffffff, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000580), 0x80802, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r3, 0xc0044d0b, 0xfffffffffffffffe)
sendfile(r2, r1, &(0x7f00000000c0)=0x8b, 0x100000500)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
r5 = syz_open_dev$evdev(&(0x7f0000000440), 0x0, 0x282)
syz_usb_disconnect(r5)
ioctl$EVIOCRMFF(r5, 0x83c0550b, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000280)={0x0, {0x2, 0x4e24, @loopback}, {0x2, 0x4e21, @multicast1}, {0x2, 0x4e23, @empty}, 0x20, 0x0, 0x0, 0x0, 0xdbed, &(0x7f0000000240)='ip6gre0\x00', 0x478, 0xf27, 0xc25})
r6 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000040), 0x202, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r6, 0x8010500c, &(0x7f0000000100))

21.14562367s ago: executing program 1 (id=2779):
socket$netlink(0x10, 0x3, 0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
socket$nl_audit(0x10, 0x3, 0x9)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2$9p(&(0x7f0000000240), 0x4040)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000380)=0x1000, 0x4)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000140), 0x8)
sched_setattr(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
socket$can_bcm(0x1d, 0x2, 0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=@newqdisc={0x50, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x24, 0x2, [@TCA_HTB_INIT={0xffffff78}, @TCA_HTB_DIRECT_QLEN={0x3}]}}]}, 0x50}}, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
io_uring_setup(0x1530, &(0x7f0000000480)={0x0, 0x575e, 0x800, 0x8000002, 0x1d4})
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
io_setup(0x7, &(0x7f0000000280)=<r5=>0x0)
r6 = openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/power/wakeup_count', 0x42, 0x0)
io_submit(r5, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f00000001c0)='7', 0x1, 0x4}])

20.876279159s ago: executing program 0 (id=2780):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x2515, 0x0, 0x0, 0x1000, &(0x7f0000fec000/0x1000)=nil})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, 0x0)

20.73373292s ago: executing program 2 (id=2781):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4b, 0x9, 0x8, 0x0, 0x400003}, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000240)={0x4, 0xffff1000, 0x1, 0xffffffffffffffff, 0x1})
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, 0x0, 0x0)
syz_open_dev$sndctrl(0x0, 0xfffffffffffffffc, 0x40000)
r5 = syz_open_dev$sndctrl(&(0x7f00000000c0), 0x10000, 0x200000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x7000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0}, 0x68)
brk(0x400000ffc000)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r5, 0x80045530, &(0x7f0000000140)=""/18)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f00000001c0)={0x0, <r6=>0x0})
prlimit64(r6, 0xe, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x5c, 0x18, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_HOOK={0x30, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wg2\x00'}, {0x14, 0x1, 'pimreg0\x00'}]}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x84}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2000002, 0x42032, 0xffffffffffffffff, 0x80000000)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

19.276199423s ago: executing program 3 (id=2782):
prlimit64(0x0, 0xc, &(0x7f0000000140)={0x4}, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBLED(r0, 0x4b65, 0x5)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRESOCT=r0, @ANYRESOCT=r0], 0x50)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
unshare(0x2c060000)
unshare(0x24020400)
r2 = syz_open_dev$sndctrl(&(0x7f0000000280), 0x40000020008, 0x402002)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r2, 0xc0045540, &(0x7f0000000000)=0xfffffffd)
unlink(&(0x7f0000000040)='./cgroup/cgroup.procs\x00')
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0xa, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'ip6gretap0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=@newqdisc={0x2c, 0x24, 0x8, 0x0, 0x25dfdbfc, {0x60, 0x0, 0x0, r6, {0xfffb, 0x3}, {0xffff, 0xffe0}, {0x2, 0x10}}, [@TCA_RATE={0x6, 0x5, {0x2, 0x8}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20048840}, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="180000004e00010000000000000000cc2bd256cd1808df0e"], 0x18}}, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000240), 0x40082, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
creat(0x0, 0x122)
r8 = syz_usb_connect(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010003ac9bcc20d118af1ebb5a0102030109022400010700800b0904bb06023ae504000905070020000508ce090503"], &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r8, 0x0, &(0x7f0000000e80)={0x44, &(0x7f0000000a00)=ANY=[@ANYBLOB="0800f0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r9 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
madvise(&(0x7f000050d000/0xa000)=nil, 0xa000, 0xe)
dup3(r7, r9, 0x80000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
openat$audio1(0xffffffffffffff9c, &(0x7f00000000c0), 0x28080, 0x0)
socket$kcm(0x29, 0x5, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))

18.704409188s ago: executing program 3 (id=2783):
socket$nl_route(0x10, 0x3, 0x0)
unshare(0x8000000)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x21, &(0x7f0000000140)=0xec62, 0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000840)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x5, 0x8, 0x0, 0x0, 0x1, 0x9, 0x8, 0x0, 0x3}, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
socket$kcm(0x2, 0xa, 0x2)
socket$packet(0x11, 0x3, 0x300)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r2, &(0x7f0000000280)=[{&(0x7f0000000740)=""/209, 0xd1}], 0x1, 0x0, 0x20000)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
modify_ldt$write(0x1, &(0x7f00000004c0)={0x1000fff, 0x0, 0xffffffffffffffff}, 0x10)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000140000001100"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c0001400000000000000007140000"], 0xdc}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000004000003300000a20000000120a0102511cedb9e9b278ab176f50e9c94fa14000000000000000020000810908020073797a32000000002c000000030a010200000c0000000000010001000b00070066696c74657200000900030073797a30000000002660bacaddd1b3404a140a01030000000000ca00000700000008000340000000080c00064000000000000000179d7d60f79537c031000000000c00064000000000edff0002150000001100010004000000000000ed2c97c522a36a5db290914ab8158de807f4d921b7791d9f48c4f821944e8f1f8556296be0a937b708a5510cd8491ad0caa83215cd0741b687537c31745ee9d0095b220bb35981b1b7e1783c9db22a88012452637e21c6c60e28d32ecc478708c9a70c92e50c63cf4de6ebb382ed62af53d2842981732d8578dc3d202a7dbc06767321dfe35d7e0a686b600de541bcc3669d2910af350f6e4cb593b8f162d0613bd5d9467b471f080fee3649d0a818ac364f82def5f7b87dd7483f68b6c8399bc73ff8ba93504e763c4b9b948d832332150fefaf2a376e80342751b417baa1cc38ec236cd2822e899a956accf416420cde3bccf48bd1debffb4e8dbde1226a2cec6e5420ee0ce515aa498359214cad797240897e35bbf71c35433b9ec6338bf4ced0c16f9305350beef1ffe373977e40a0eb9333354ef8891a05bfdbe692d6b3a97b5f0831bc6973a5d60d341da9e40e3be39caf207f0351e4470458e39275b4"], 0xb4}, 0x1, 0x0, 0x0, 0x2004c899}, 0x0)
r4 = timerfd_create(0x0, 0x0)
timerfd_settime(r4, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, 0x0)
timerfd_gettime(r4, 0x0)

17.765873126s ago: executing program 3 (id=2784):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0)
sendfile(r1, r0, 0x0, 0x100000500)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r2, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
syz_usb_disconnect(0xffffffffffffffff)
ioctl$EVIOCRMFF(0xffffffffffffffff, 0x83c0550b, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000040), 0x202, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r3, 0x8010500c, 0x0)

16.983833798s ago: executing program 3 (id=2785):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00')
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000080)='-6', 0x2}], 0x1)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c)
listen(0xffffffffffffffff, 0x6)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r4 = accept(r2, 0x0, 0x0)
io_uring_setup(0x59b1, 0x0)
ppoll(&(0x7f0000000040)=[{r3, 0x40a0}], 0x1, &(0x7f0000000140)={0x0, 0x3938700}, &(0x7f00000001c0)={[0x397b]}, 0x8)
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0xfffffdef}}, 0x0)
recvfrom(r3, 0x0, 0x0, 0x3e8, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
r5 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@ip_pktinfo={{0x1c, 0x110, 0xd, {0x0, @loopback=0x7f000300, @empty}}}, @ip_ttl={{0x14, 0x0, 0x2, 0xc3}}], 0x38}, 0x0)
sendmmsg$inet(r1, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000c40)="5c5eafd3ae55a73702d6befaee97f47f4be65587e1fca708cee084691e4587d887a5eaab43ac5edc4886496910cd7a153cd84b93208c7b1a625b3ea990092389b19dab4f61e30ee60a4d7e51ffc9a5accbe20844356dd0ce192542d5e58d80657b3b5fb7a3d39337df9305959f", 0x6d}, {&(0x7f0000000800)="104b0b7073fbd7f77a847bdbfdf6da474f700bf113b18d16d8380f42e296b49f1326c7d0d97be798e205654b8a885df6ee57ec7b690491c55ca484b54170549c7a72b8a579005ffcb0b309dae34571b17126534a763ca881", 0x58}], 0x2}}], 0x1, 0x0)
ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000180)=@mmap={0xfff, 0xb, 0x4, 0xe000, 0x0, {0x77359400}, {0x4, 0x1, 0x3, 0xf, 0x2, 0x0, "43d01e55"}, 0x3, 0x1, {}, 0x1, 0x0, r0})
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r1, &(0x7f0000000580)="17", 0xfffffffffffffe08, 0x10008095, 0x0, 0x0)

16.065851394s ago: executing program 3 (id=2786):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x9, 0x80, 0x0, 0xffffffff, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000580), 0x80802, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r2, 0xc0044d0b, 0xfffffffffffffffe)
sendfile(r1, r0, &(0x7f00000000c0)=0x8b, 0x100000500)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
r4 = syz_open_dev$evdev(&(0x7f0000000440), 0x0, 0x282)
syz_usb_disconnect(r4)
ioctl$EVIOCRMFF(r4, 0x83c0550b, 0x0)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000280)={0x0, {0x2, 0x4e24, @loopback}, {0x2, 0x4e21, @multicast1}, {0x2, 0x4e23, @empty}, 0x20, 0x0, 0x0, 0x0, 0xdbed, &(0x7f0000000240)='ip6gre0\x00', 0x478, 0xf27, 0xc25})
r5 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000040), 0x202, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r5, 0x8010500c, &(0x7f0000000100))

15.340913904s ago: executing program 3 (id=2787):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'lo\x00', <r0=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r0, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000400}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000580), 0x80802, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r1, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
syz_usb_connect(0x0, 0xbea, &(0x7f00000007c0)=ANY=[@ANYBLOB="120101020d500920"], 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2d, &(0x7f0000000200)=0xfffffff1, 0x4)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000280)={0x0, {0x2, 0x4e24, @loopback}, {0x2, 0x4e21, @multicast1}, {0x2, 0x4e23, @empty}, 0x20, 0x0, 0x0, 0x0, 0xdbed, &(0x7f0000000240)='ip6gre0\x00', 0x478, 0xf27, 0xc25})

6.001015264s ago: executing program 33 (id=2779):
socket$netlink(0x10, 0x3, 0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
socket$nl_audit(0x10, 0x3, 0x9)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2$9p(&(0x7f0000000240), 0x4040)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000380)=0x1000, 0x4)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000140), 0x8)
sched_setattr(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
socket$can_bcm(0x1d, 0x2, 0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=@newqdisc={0x50, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x24, 0x2, [@TCA_HTB_INIT={0xffffff78}, @TCA_HTB_DIRECT_QLEN={0x3}]}}]}, 0x50}}, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
io_uring_setup(0x1530, &(0x7f0000000480)={0x0, 0x575e, 0x800, 0x8000002, 0x1d4})
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
io_setup(0x7, &(0x7f0000000280)=<r5=>0x0)
r6 = openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/power/wakeup_count', 0x42, 0x0)
io_submit(r5, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f00000001c0)='7', 0x1, 0x4}])

5.504962864s ago: executing program 34 (id=2780):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x2515, 0x0, 0x0, 0x1000, &(0x7f0000fec000/0x1000)=nil})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, 0x0)

5.451040851s ago: executing program 35 (id=2781):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4b, 0x9, 0x8, 0x0, 0x400003}, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000240)={0x4, 0xffff1000, 0x1, 0xffffffffffffffff, 0x1})
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, 0x0, 0x0)
syz_open_dev$sndctrl(0x0, 0xfffffffffffffffc, 0x40000)
r5 = syz_open_dev$sndctrl(&(0x7f00000000c0), 0x10000, 0x200000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x7000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0}, 0x68)
brk(0x400000ffc000)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r5, 0x80045530, &(0x7f0000000140)=""/18)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f00000001c0)={0x0, <r6=>0x0})
prlimit64(r6, 0xe, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x5c, 0x18, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_HOOK={0x30, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wg2\x00'}, {0x14, 0x1, 'pimreg0\x00'}]}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x84}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2000002, 0x42032, 0xffffffffffffffff, 0x80000000)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

0s ago: executing program 36 (id=2787):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'lo\x00', <r0=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r0, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000400}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000580), 0x80802, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r1, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
syz_usb_connect(0x0, 0xbea, &(0x7f00000007c0)=ANY=[@ANYBLOB="120101020d500920"], 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2d, &(0x7f0000000200)=0xfffffff1, 0x4)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000280)={0x0, {0x2, 0x4e24, @loopback}, {0x2, 0x4e21, @multicast1}, {0x2, 0x4e23, @empty}, 0x20, 0x0, 0x0, 0x0, 0xdbed, &(0x7f0000000240)='ip6gre0\x00', 0x478, 0xf27, 0xc25})

kernel console output (not intermixed with test programs):

14555]  security_file_ioctl+0xcb/0x2d0
[  717.072186][T14555]  __se_sys_ioctl+0x47/0x170
[  717.072198][T14555]  do_syscall_64+0xfa/0x3b0
[  717.072208][T14555]  ? lockdep_hardirqs_on+0x9c/0x150
[  717.072222][T14555]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.072232][T14555]  ? clear_bhb_loop+0x60/0xb0
[  717.072244][T14555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.072253][T14555] RIP: 0033:0x7f6369b8e929
[  717.072264][T14555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  717.072273][T14555] RSP: 002b:00007f636a97d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  717.072286][T14555] RAX: ffffffffffffffda RBX: 00007f6369db5fa0 RCX: 00007f6369b8e929
[  717.072293][T14555] RDX: 0000200000000000 RSI: 000000008038550a RDI: 0000000000000004
[  717.072300][T14555] RBP: 00007f636a97d090 R08: 0000000000000000 R09: 0000000000000000
[  717.072306][T14555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  717.072312][T14555] R13: 0000000000000000 R14: 00007f6369db5fa0 R15: 00007f6369edfa28
[  717.072328][T14555]  </TASK>
[  717.072333][T14555] ERROR: Out of memory at tomoyo_realpath_from_path.
[  717.766568][T14559] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2223'.
[  718.028260][T14562] netlink: 232 bytes leftover after parsing attributes in process `syz.3.2225'.
[  718.339060][T14571] syzkaller1: entered promiscuous mode
[  718.353475][T14571] syzkaller1: entered allmulticast mode
[  719.036215][ T5932] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[  719.219033][ T5932] usb 5-1: config 0 has no interfaces?
[  719.280276][ T5932] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  719.342939][ T5932] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  719.569607][ T5932] usb 5-1: Product: syz
[  719.573846][ T5932] usb 5-1: Manufacturer: syz
[  719.601461][ T5932] usb 5-1: SerialNumber: syz
[  719.644388][ T5932] usb 5-1: config 0 descriptor??
[  720.178181][T14598] syzkaller1: entered promiscuous mode
[  720.184252][T14598] syzkaller1: entered allmulticast mode
[  721.037891][ T5983] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  721.246129][ T5983] usb 3-1: Using ep0 maxpacket: 32
[  721.270038][ T5983] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  721.282957][ T5983] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  721.335712][ T5983] usb 3-1: config 0 descriptor??
[  721.619454][ T5849] usb 5-1: USB disconnect, device number 78
[  722.345956][ T5849] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[  722.527842][ T5849] usb 5-1: Using ep0 maxpacket: 32
[  722.535348][ T5849] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  722.550297][ T5849] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  722.559759][ T5849] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  722.568343][ T5849] usb 5-1: Product: syz
[  722.574328][ T5849] usb 5-1: Manufacturer: syz
[  722.584258][ T5849] usb 5-1: SerialNumber: syz
[  722.599265][ T5849] usb 5-1: config 0 descriptor??
[  722.645583][T14619] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  723.342152][T14633] input: syz0 as /devices/virtual/input/input28
[  723.391246][ T5983] dvb-usb: found a 'Elgato EyeTV Sat' in cold state, will try to load a firmware
[  723.429277][T14636] syzkaller1: entered promiscuous mode
[  723.434917][T14636] syzkaller1: entered allmulticast mode
[  723.533784][ T5849] usb 5-1: USB disconnect, device number 79
[  724.006789][ T5932] usb 1-1: new high-speed USB device number 84 using dummy_hcd
[  724.320979][ T5932] usb 1-1: config 0 has no interfaces?
[  724.336958][ T5932] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  724.354708][ T5932] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  724.370722][ T5932] usb 1-1: Product: syz
[  724.382451][ T5932] usb 1-1: Manufacturer: syz
[  724.401081][ T5932] usb 1-1: SerialNumber: syz
[  724.458322][ T5932] usb 1-1: config 0 descriptor??
[  725.625298][T14659] netlink: 348 bytes leftover after parsing attributes in process `syz.1.2251'.
[  727.276504][   T43] usb 1-1: USB disconnect, device number 84
[  727.336308][T14678] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2254'.
[  729.135921][ T5849] usb 1-1: new high-speed USB device number 85 using dummy_hcd
[  729.319945][ T5849] usb 1-1: config 0 has no interfaces?
[  729.333435][ T5849] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  729.345029][ T5849] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  729.558247][ T5849] usb 1-1: Product: syz
[  729.574913][ T5849] usb 1-1: Manufacturer: syz
[  729.694457][ T5849] usb 1-1: SerialNumber: syz
[  729.707752][ T5849] usb 1-1: config 0 descriptor??
[  729.721200][T14709] xt_TPROXY: Can be used only with -p tcp or -p udp
[  729.884994][   T30] kauditd_printk_skb: 62 callbacks suppressed
[  729.885013][   T30] audit: type=1326 audit(1752077519.698:950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14711 comm="syz.3.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  730.736455][   T30] audit: type=1326 audit(1752077519.698:951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14711 comm="syz.3.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  730.838304][   T30] audit: type=1326 audit(1752077519.698:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14711 comm="syz.3.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  731.089628][   T30] audit: type=1326 audit(1752077519.698:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14711 comm="syz.3.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  731.310017][   T30] audit: type=1326 audit(1752077519.698:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14711 comm="syz.3.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  731.721104][    T9] usb 1-1: USB disconnect, device number 85
[  731.911005][   T30] audit: type=1326 audit(1752077519.698:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14711 comm="syz.3.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  732.367597][   T43] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[  732.786672][   T43] usb 1-1: config 0 has no interfaces?
[  732.811633][T14730] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  732.860773][   T43] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  732.885581][   T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  732.945005][   T43] usb 1-1: Product: syz
[  732.952771][   T43] usb 1-1: Manufacturer: syz
[  732.957462][   T43] usb 1-1: SerialNumber: syz
[  732.964324][   T43] usb 1-1: config 0 descriptor??
[  734.075919][ T5849] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[  734.359343][ T5849] usb 4-1: config 0 has no interfaces?
[  734.372000][ T5849] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  734.386520][ T5849] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  734.394554][ T5849] usb 4-1: Product: syz
[  734.399263][ T5849] usb 4-1: Manufacturer: syz
[  734.403894][ T5849] usb 4-1: SerialNumber: syz
[  734.413804][ T5849] usb 4-1: config 0 descriptor??
[  734.731069][   T30] audit: type=1326 audit(1752077524.548:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14770 comm="syz.4.2277" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faa8498e929 code=0x0
[  735.365027][    T9] usb 1-1: USB disconnect, device number 86
[  736.734974][    T9] usb 4-1: USB disconnect, device number 87
[  737.216479][    T9] usb 4-1: new high-speed USB device number 88 using dummy_hcd
[  737.399983][    T9] usb 4-1: Using ep0 maxpacket: 32
[  737.408524][    T9] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  737.421902][    T9] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  737.431699][    T9] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  737.440358][    T9] usb 4-1: Product: syz
[  737.444789][    T9] usb 4-1: Manufacturer: syz
[  737.449895][    T9] usb 4-1: SerialNumber: syz
[  737.460704][    T9] usb 4-1: config 0 descriptor??
[  737.469465][T14798] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  737.552358][    T9] hub 4-1:0.0: bad descriptor, ignoring hub
[  737.595915][    T9] hub 4-1:0.0: probe with driver hub failed with error -5
[  737.618209][T14807] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2288'.
[  737.970554][    T9] usb 1-1: new high-speed USB device number 87 using dummy_hcd
[  738.146009][    T9] usb 1-1: Using ep0 maxpacket: 16
[  738.159931][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  738.184101][    T9] usb 1-1: config 0 has no interfaces?
[  738.189768][    T9] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  738.209222][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  738.257574][   T43] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[  738.278192][    T9] usb 1-1: config 0 descriptor??
[  738.431105][   T43] usb 5-1: config 0 has no interfaces?
[  738.442077][   T43] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  738.451473][   T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  738.460379][   T43] usb 5-1: Product: syz
[  738.464759][   T43] usb 5-1: Manufacturer: syz
[  738.469837][   T43] usb 5-1: SerialNumber: syz
[  738.480475][   T43] usb 5-1: config 0 descriptor??
[  738.494868][T14811] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2289'.
[  738.650266][   T43] raw-gadget.0 gadget.3: failed to queue suspend event
[  738.736600][T14798] raw-gadget.0 gadget.3: failed to queue resume event
[  738.798327][   T43] raw-gadget.0 gadget.3: failed to queue suspend event
[  738.801266][T14830] FAULT_INJECTION: forcing a failure.
[  738.801266][T14830] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  738.819887][T14830] CPU: 0 UID: 0 PID: 14830 Comm: syz.2.2294 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  738.819914][T14830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  738.819927][T14830] Call Trace:
[  738.819935][T14830]  <TASK>
[  738.819944][T14830]  dump_stack_lvl+0x189/0x250
[  738.819970][T14830]  ? __pfx____ratelimit+0x10/0x10
[  738.819995][T14830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  738.820015][T14830]  ? __pfx__printk+0x10/0x10
[  738.820039][T14830]  ? __might_fault+0xb0/0x130
[  738.820078][T14830]  should_fail_ex+0x414/0x560
[  738.820108][T14830]  _copy_from_iter+0x1db/0x16f0
[  738.820133][T14830]  ? rcu_is_watching+0x15/0xb0
[  738.820156][T14830]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  738.820179][T14830]  ? __pfx__copy_from_iter+0x10/0x10
[  738.820200][T14830]  ? __build_skb_around+0x257/0x3e0
[  738.820225][T14830]  ? netlink_sendmsg+0x642/0xb30
[  738.820246][T14830]  ? skb_put+0x11b/0x210
[  738.820270][T14830]  netlink_sendmsg+0x6b2/0xb30
[  738.820301][T14830]  ? __pfx_netlink_sendmsg+0x10/0x10
[  738.820325][T14830]  ? aa_sock_msg_perm+0x94/0x160
[  738.820351][T14830]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  738.820376][T14830]  ? __pfx_netlink_sendmsg+0x10/0x10
[  738.820398][T14830]  __sock_sendmsg+0x219/0x270
[  738.820428][T14830]  ____sys_sendmsg+0x505/0x830
[  738.820456][T14830]  ? __pfx_____sys_sendmsg+0x10/0x10
[  738.820487][T14830]  ? import_iovec+0x74/0xa0
[  738.820512][T14830]  ___sys_sendmsg+0x21f/0x2a0
[  738.820537][T14830]  ? __pfx____sys_sendmsg+0x10/0x10
[  738.820596][T14830]  ? __fget_files+0x2a/0x420
[  738.820617][T14830]  ? __fget_files+0x3a0/0x420
[  738.820649][T14830]  __x64_sys_sendmsg+0x19b/0x260
[  738.820673][T14830]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  738.820706][T14830]  ? __pfx_ksys_write+0x10/0x10
[  738.820726][T14830]  ? rcu_is_watching+0x15/0xb0
[  738.820752][T14830]  ? do_syscall_64+0xbe/0x3b0
[  738.820774][T14830]  do_syscall_64+0xfa/0x3b0
[  738.820790][T14830]  ? lockdep_hardirqs_on+0x9c/0x150
[  738.820815][T14830]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.820832][T14830]  ? clear_bhb_loop+0x60/0xb0
[  738.820855][T14830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.820872][T14830] RIP: 0033:0x7f6369b8e929
[  738.820890][T14830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  738.820906][T14830] RSP: 002b:00007f636a97d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  738.820926][T14830] RAX: ffffffffffffffda RBX: 00007f6369db5fa0 RCX: 00007f6369b8e929
[  738.820940][T14830] RDX: 0000000000000080 RSI: 0000200000000100 RDI: 0000000000000003
[  738.820952][T14830] RBP: 00007f636a97d090 R08: 0000000000000000 R09: 0000000000000000
[  738.820964][T14830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  738.820975][T14830] R13: 0000000000000000 R14: 00007f6369db5fa0 R15: 00007f6369edfa28
[  738.821003][T14830]  </TASK>
[  738.896965][T14798] raw-gadget.0 gadget.3: failed to queue resume event
[  739.163967][    T9] raw-gadget.0 gadget.3: failed to queue suspend event
[  739.242738][T14798] raw-gadget.0 gadget.3: failed to queue resume event
[  739.277303][   T43] raw-gadget.0 gadget.3: failed to queue suspend event
[  739.363370][T14798] raw-gadget.0 gadget.3: failed to queue resume event
[  739.387337][   T43] raw-gadget.0 gadget.3: failed to queue suspend event
[  739.467081][T14798] raw-gadget.0 gadget.3: failed to queue resume event
[  739.487206][   T43] raw-gadget.0 gadget.3: failed to queue suspend event
[  739.566198][T14798] raw-gadget.0 gadget.3: failed to queue resume event
[  739.606995][   T43] raw-gadget.0 gadget.3: failed to queue suspend event
[  739.686267][T14798] raw-gadget.0 gadget.3: failed to queue resume event
[  739.868354][   T43] raw-gadget.0 gadget.3: failed to queue suspend event
[  739.985979][T14798] raw-gadget.0 gadget.3: failed to queue resume event
[  739.998826][T14842] netlink: 348 bytes leftover after parsing attributes in process `syz.2.2297'.
[  740.205014][    T9] raw-gadget.0 gadget.3: failed to queue suspend event
[  740.259506][T14798] raw-gadget.0 gadget.3: failed to queue disconnect event
[  740.366748][    T9] usb 4-1: USB disconnect, device number 88
[  740.721292][   T43] usb 1-1: USB disconnect, device number 87
[  741.008712][   T43] usb 5-1: USB disconnect, device number 80
[  741.575939][ T5849] usb 4-1: new high-speed USB device number 89 using dummy_hcd
[  741.727691][ T5849] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  741.736571][ T5849] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  741.746817][ T5849] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  741.762082][ T5849] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  741.771295][ T5849] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  741.779782][ T5849] usb 4-1: Product: syz
[  741.784043][ T5849] usb 4-1: Manufacturer: syz
[  741.788786][ T5849] usb 4-1: SerialNumber: syz
[  741.999094][T14864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  742.008996][T14864] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  742.019213][T14864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  742.032820][T14864] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  742.044276][T14866] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  742.071754][T14864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  742.080520][T14866] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  742.089989][T14867] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  742.090399][T14864] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  742.099726][T14867] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  742.119632][ T5849] cdc_ether 4-1:1.0: skipping garbage
[  742.127695][ T5849] cdc_ether 4-1:1.0: invalid descriptor buffer length
[  742.134731][ T5849] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[  742.146783][ T5849] usb 4-1: USB disconnect, device number 89
[  744.616093][    T9] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[  744.775951][    T9] usb 5-1: Using ep0 maxpacket: 32
[  745.647353][T14925] input: syz0 as /devices/virtual/input/input29
[  745.694793][   T43] usb 4-1: new high-speed USB device number 90 using dummy_hcd
[  745.872437][   T43] usb 4-1: config 0 has no interfaces?
[  745.883579][   T43] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  745.894018][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  745.902414][   T43] usb 4-1: Product: syz
[  745.907087][   T43] usb 4-1: Manufacturer: syz
[  745.911920][   T43] usb 4-1: SerialNumber: syz
[  745.921780][   T43] usb 4-1: config 0 descriptor??
[  746.536579][   T43] usb 1-1: new high-speed USB device number 88 using dummy_hcd
[  746.705975][   T43] usb 1-1: Using ep0 maxpacket: 16
[  746.739891][T14935] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2321'.
[  747.180593][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  747.187596][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  747.339161][    T9] usb 5-1: unable to get BOS descriptor or descriptor too short
[  747.348159][    T9] usb 5-1: no configurations
[  747.352758][    T9] usb 5-1: can't read configurations, error -22
[  748.187636][  T979] usb 4-1: USB disconnect, device number 90
[  749.299694][    T9] usb 5-1: new full-speed USB device number 83 using dummy_hcd
[  749.465805][   T43] usb 1-1: unable to get BOS descriptor or descriptor too short
[  749.480945][   T43] usb 1-1: unable to read config index 0 descriptor/start: -71
[  749.496833][   T43] usb 1-1: can't read configurations, error -71
[  749.512940][    T9] usb 5-1: not running at top speed; connect to a high speed hub
[  749.541534][    T9] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  749.580012][    T9] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  749.615696][    T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  749.648156][    T9] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  749.684062][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  749.795878][    T9] usb 5-1: Product: syz
[  749.817450][    T9] usb 5-1: Manufacturer: syz
[  749.828029][    T9] usb 5-1: SerialNumber: syz
[  751.636881][ T5932] usb 4-1: new high-speed USB device number 91 using dummy_hcd
[  751.774110][    T9] usb 5-1: 0:2 : does not exist
[  751.796562][ T5932] usb 4-1: Using ep0 maxpacket: 16
[  751.825633][ T5932] usb 4-1: config 1 has an invalid interface number: 105 but max is 0
[  751.826029][    T9] usb 5-1: USB disconnect, device number 83
[  751.836740][ T5932] usb 4-1: config 1 has no interface number 0
[  751.887525][ T5901] udevd[5901]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  752.002905][ T5932] usb 4-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  752.020028][ T5932] usb 4-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  752.043057][ T5932] usb 4-1: config 1 interface 105 has no altsetting 0
[  752.093916][ T5932] usb 4-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  752.104568][ T5932] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  752.117184][ T5932] usb 4-1: Product: syz
[  752.121376][ T5932] usb 4-1: Manufacturer: syz
[  752.135884][ T5932] usb 4-1: SerialNumber: syz
[  752.148308][T14977] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  752.155592][T14977] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  752.678596][T14977] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  752.693371][T14977] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  752.723499][T15000] kvm: pic: single mode not supported
[  752.724143][T15000] kvm: pic: single mode not supported
[  752.730535][T15000] kvm: pic: level sensitive irq not supported
[  752.743054][T15000] kvm: pic: single mode not supported
[  752.752722][T15000] kvm: pic: non byte write
[  753.000135][   T30] audit: type=1326 audit(1752077542.818:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15003 comm="syz.1.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  753.026286][   T30] audit: type=1326 audit(1752077542.848:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15003 comm="syz.1.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  753.162302][ T5932] aqc111 4-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  753.184025][ T5932] aqc111 4-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  753.198556][ T5932] aqc111 4-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  753.344778][   T30] audit: type=1326 audit(1752077542.848:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15003 comm="syz.1.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  753.483582][T15011] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  754.032091][   T30] audit: type=1326 audit(1752077542.848:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15003 comm="syz.1.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  754.034159][ T5932] aqc111 4-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.3-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 1a:f6:1d:6e:d5:87
[  754.115637][   T30] audit: type=1326 audit(1752077542.848:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15003 comm="syz.1.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  754.196159][ T5932] usb 4-1: USB disconnect, device number 91
[  754.203999][ T5932] aqc111 4-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.3-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  754.225214][   T30] audit: type=1326 audit(1752077542.848:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15003 comm="syz.1.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  754.286188][   T30] audit: type=1326 audit(1752077542.848:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15003 comm="syz.1.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  754.339485][   T30] audit: type=1326 audit(1752077542.848:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15003 comm="syz.1.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  754.347525][ T5932] aqc111 4-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  754.430948][ T5932] aqc111 4-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  754.470799][ T5932] aqc111 4-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  755.981509][T15045] netlink: 348 bytes leftover after parsing attributes in process `syz.1.2350'.
[  756.122559][T15044] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2351'.
[  756.237026][T15044] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2351'.
[  756.483227][T15053] input: syz0 as /devices/virtual/input/input30
[  756.537098][ T5940] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[  756.699470][ T5940] usb 5-1: config index 0 descriptor too short (expected 65280, got 77)
[  756.726728][ T5940] usb 5-1: config 255 has too many interfaces: 255, using maximum allowed: 32
[  756.735644][ T5940] usb 5-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config
[  756.780007][T15061] kvm: kvm [15060]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x52
[  756.797485][ T5940] usb 5-1: config 255 has 0 interfaces, different from the descriptor's value: 255
[  756.809947][ T5940] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  756.823087][ T5940] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  756.825651][T15061] kvm: kvm [15060]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x8ed
[  756.831614][ T5940] usb 5-1: Product: syz
[  756.843772][T15061] kvm: kvm [15060]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x13a
[  756.854970][T15061] kvm: kvm [15060]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x13e
[  756.857615][ T5940] usb 5-1: Manufacturer: syz
[  756.884016][ T5940] usb 5-1: SerialNumber: syz
[  757.221025][T15072] netlink: 'syz.0.2359': attribute type 21 has an invalid length.
[  757.233661][    T9] usb 5-1: USB disconnect, device number 84
[  758.052570][   T30] audit: type=1326 audit(1752077547.868:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.1.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  758.109553][   T30] audit: type=1326 audit(1752077547.868:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.1.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  758.189848][   T30] audit: type=1326 audit(1752077547.868:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.1.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  758.674260][T15098] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  758.959452][T15095] input: syz0 as /devices/virtual/input/input31
[  759.155930][   T30] audit: type=1326 audit(1752077547.868:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.1.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  759.365950][   T30] audit: type=1326 audit(1752077547.868:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.1.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  759.443736][   T30] audit: type=1326 audit(1752077547.868:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.1.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  759.555644][   T30] audit: type=1326 audit(1752077547.868:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.1.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  759.663171][   T30] audit: type=1326 audit(1752077547.898:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.1.2364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f602078e929 code=0x7ffc0000
[  760.192411][   T43] usb 5-1: new full-speed USB device number 85 using dummy_hcd
[  760.380362][   T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  760.394642][   T43] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  760.622548][   T43] usb 5-1: New USB device found, idVendor=046a, idProduct=0023, bcdDevice= 0.00
[  760.634716][   T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  760.686646][   T43] usb 5-1: config 0 descriptor??
[  760.692258][T15111] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  760.968999][T15111] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  760.983932][T15111] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  761.274966][T15138] input: syz0 as /devices/virtual/input/input32
[  761.653580][T15111] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  761.677223][T15111] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  761.873058][T15149] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2378'.
[  761.898714][   T43] usbhid 5-1:0.0: can't add hid device: -71
[  761.904764][   T43] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  761.920421][   T43] usb 5-1: USB disconnect, device number 85
[  761.977095][ T5849] usb 1-1: new full-speed USB device number 90 using dummy_hcd
[  762.140190][ T5849] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  762.150492][ T5849] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  762.160798][ T5849] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  762.169937][ T5849] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  762.178707][ T5849] usb 1-1: SerialNumber: syz
[  762.197710][ T5849] usb 1-1: 0:2 : does not exist
[  762.603513][T15147] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2380'.
[  762.673517][T15147] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2380'.
[  762.762119][ T5940] usb 1-1: USB disconnect, device number 90
[  763.435416][T15176] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  763.442690][T15176] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  763.454490][T15176] vhci_hcd vhci_hcd.0: Device attached
[  763.686138][ T5940] usb 35-1: new low-speed USB device number 2 using vhci_hcd
[  763.865904][T15177] vhci_hcd: connection reset by peer
[  763.908198][ T2964] vhci_hcd: stop threads
[  763.913155][ T2964] vhci_hcd: release socket
[  763.918606][ T2964] vhci_hcd: disconnect device
[  763.951006][T15188] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2388'.
[  764.144557][T15191] input: syz0 as /devices/virtual/input/input33
[  766.169538][T15215] kvm: kvm [15214]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x52
[  766.195270][T15215] kvm: kvm [15214]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x8ed
[  766.473340][T15226] netlink: 348 bytes leftover after parsing attributes in process `syz.2.2397'.
[  766.646000][   T30] audit: type=1326 audit(1752077556.458:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15224 comm="syz.3.2398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  766.698028][   T30] audit: type=1326 audit(1752077556.458:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15224 comm="syz.3.2398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  766.738287][   T30] audit: type=1326 audit(1752077556.458:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15224 comm="syz.3.2398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  766.763661][   T30] audit: type=1326 audit(1752077556.548:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15224 comm="syz.3.2398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  766.806388][   T30] audit: type=1326 audit(1752077556.548:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15224 comm="syz.3.2398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  767.023880][   T30] audit: type=1326 audit(1752077556.548:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15224 comm="syz.3.2398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  767.311160][   T30] audit: type=1326 audit(1752077556.608:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15224 comm="syz.3.2398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  767.355355][T15243] openvswitch: netlink: Flow key attr not present in new flow.
[  767.674341][T15246] fuse: Unknown parameter '0xffffffffffffffff00000000000000000000'
[  768.929770][ T5940] vhci_hcd: vhci_device speed not set
[  769.239862][   T30] audit: type=1326 audit(1752077559.058:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15268 comm="syz.3.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  769.573680][   T30] audit: type=1326 audit(1752077559.058:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15268 comm="syz.3.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  769.611491][   T30] audit: type=1326 audit(1752077559.058:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15268 comm="syz.3.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  770.290221][T15282] kvm: kvm [15281]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x52
[  770.315298][T15282] kvm: kvm [15281]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x8ed
[  771.161502][T15293] syzkaller1: entered promiscuous mode
[  771.195946][T15293] syzkaller1: entered allmulticast mode
[  771.421828][T15302] fuse: Unknown parameter '0x0000000000000003'
[  771.590656][   T43] usb 5-1: new full-speed USB device number 86 using dummy_hcd
[  771.751907][   T43] usb 5-1: config 0 has no interfaces?
[  771.764513][   T43] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  771.830802][   T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  771.858552][   T43] usb 5-1: Product: syz
[  771.875411][   T43] usb 5-1: Manufacturer: syz
[  771.897621][   T43] usb 5-1: SerialNumber: syz
[  771.940153][   T43] usb 5-1: config 0 descriptor??
[  772.204383][T15315] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2419'.
[  772.385454][T15298] program syz.4.2413 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  772.400670][T15298] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  772.413176][T15298] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  773.467753][ T5983] dvb-usb: did not find the firmware file 'dvb-usb-az6027-03.fw' (status -2). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  773.505167][ T5983] dvb_usb_az6027 3-1:0.0: probe with driver dvb_usb_az6027 failed with error -2
[  773.556229][   T10] dvb-usb: did not find the firmware file 'dvb-usb-az6027-03.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  773.578729][ T5983] usb 3-1: USB disconnect, device number 59
[  773.606772][   T10] dvb_usb_az6027 2-1:0.0: probe with driver dvb_usb_az6027 failed with error -110
[  773.632765][   T10] usb 2-1: USB disconnect, device number 88
[  773.895944][ T5983] usb 3-1: new full-speed USB device number 60 using dummy_hcd
[  774.035922][ T5983] usb 3-1: device descriptor read/64, error -71
[  774.167088][T15327] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  774.276083][ T5983] usb 3-1: new full-speed USB device number 61 using dummy_hcd
[  774.438573][T15330] kvm: kvm [15328]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x52
[  774.462572][T15330] kvm: kvm [15328]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x8ed
[  774.473042][ T5983] usb 3-1: device descriptor read/64, error -71
[  774.573312][T15330] kvm: kvm [15328]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x13a
[  774.632200][  T979] usb 5-1: USB disconnect, device number 86
[  774.648745][ T5983] usb usb3-port1: attempt power cycle
[  774.668866][T15330] kvm: kvm [15328]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x13e
[  774.697688][T15333] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2423'.
[  774.738786][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  774.738803][   T30] audit: type=1326 audit(1752077564.558:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.4.2424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa8498e929 code=0x7ffc0000
[  774.785710][   T30] audit: type=1326 audit(1752077564.558:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.4.2424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa8498e929 code=0x7ffc0000
[  774.815173][   T30] audit: type=1326 audit(1752077564.598:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.4.2424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7faa8498e929 code=0x7ffc0000
[  774.846347][   T30] audit: type=1326 audit(1752077564.598:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.4.2424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa8498e929 code=0x7ffc0000
[  774.870166][   T30] audit: type=1326 audit(1752077564.598:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.4.2424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa8498e929 code=0x7ffc0000
[  774.941230][   T30] audit: type=1326 audit(1752077564.598:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.4.2424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7faa8498e929 code=0x7ffc0000
[  775.049405][ T5983] usb 3-1: new full-speed USB device number 62 using dummy_hcd
[  775.073332][T15342] openvswitch: netlink: Flow key attr not present in new flow.
[  775.103044][   T30] audit: type=1326 audit(1752077564.598:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.4.2424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa8498e929 code=0x7ffc0000
[  775.127046][ T5983] usb 3-1: device descriptor read/8, error -71
[  775.134931][   T30] audit: type=1326 audit(1752077564.598:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.4.2424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7faa8498e929 code=0x7ffc0000
[  775.782773][   T30] audit: type=1326 audit(1752077565.598:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15343 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf0c58e929 code=0x7ffc0000
[  775.860657][   T30] audit: type=1326 audit(1752077565.628:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15343 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7fbf0c58e929 code=0x7ffc0000
[  776.179855][T15351] syzkaller1: entered promiscuous mode
[  776.193447][T15351] syzkaller1: entered allmulticast mode
[  776.248523][T15353] FAULT_INJECTION: forcing a failure.
[  776.248523][T15353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  776.261943][T15353] CPU: 1 UID: 0 PID: 15353 Comm: syz.4.2429 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  776.261968][T15353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  776.261979][T15353] Call Trace:
[  776.261988][T15353]  <TASK>
[  776.261996][T15353]  dump_stack_lvl+0x189/0x250
[  776.262022][T15353]  ? __pfx____ratelimit+0x10/0x10
[  776.262049][T15353]  ? __pfx_dump_stack_lvl+0x10/0x10
[  776.262068][T15353]  ? __pfx__printk+0x10/0x10
[  776.262103][T15353]  should_fail_ex+0x414/0x560
[  776.262130][T15353]  _copy_to_user+0x31/0xb0
[  776.262154][T15353]  simple_read_from_buffer+0xe1/0x170
[  776.262181][T15353]  proc_fail_nth_read+0x1df/0x250
[  776.262209][T15353]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  776.262237][T15353]  ? rw_verify_area+0x258/0x650
[  776.262256][T15353]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  776.262281][T15353]  vfs_read+0x200/0x980
[  776.262307][T15353]  ? __pfx___mutex_lock+0x10/0x10
[  776.262326][T15353]  ? __pfx_vfs_read+0x10/0x10
[  776.262347][T15353]  ? __fget_files+0x2a/0x420
[  776.262375][T15353]  ? __fget_files+0x3a0/0x420
[  776.262395][T15353]  ? __fget_files+0x2a/0x420
[  776.262425][T15353]  ksys_read+0x145/0x250
[  776.262467][T15353]  ? __pfx_ksys_read+0x10/0x10
[  776.262484][T15353]  ? rcu_is_watching+0x15/0xb0
[  776.262511][T15353]  ? do_syscall_64+0xbe/0x3b0
[  776.262533][T15353]  do_syscall_64+0xfa/0x3b0
[  776.262549][T15353]  ? lockdep_hardirqs_on+0x9c/0x150
[  776.262574][T15353]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  776.262592][T15353]  ? clear_bhb_loop+0x60/0xb0
[  776.262614][T15353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  776.262632][T15353] RIP: 0033:0x7faa8498d33c
[  776.262648][T15353] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  776.262664][T15353] RSP: 002b:00007faa85874030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  776.262685][T15353] RAX: ffffffffffffffda RBX: 00007faa84bb5fa0 RCX: 00007faa8498d33c
[  776.262699][T15353] RDX: 000000000000000f RSI: 00007faa858740a0 RDI: 0000000000000005
[  776.262711][T15353] RBP: 00007faa85874090 R08: 0000000000000000 R09: 0000000000000000
[  776.262723][T15353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  776.262734][T15353] R13: 0000000000000000 R14: 00007faa84bb5fa0 R15: 00007faa84cdfa28
[  776.262768][T15353]  </TASK>
[  777.249700][  T979] usb 2-1: new high-speed USB device number 89 using dummy_hcd
[  777.608527][  T979] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  777.639842][  T979] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  777.662479][  T979] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  777.797939][  T979] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  777.942342][T15366] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  777.957683][  T979] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  778.275445][T15366] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  778.286441][T15366] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  778.703187][ T5983] usb 2-1: USB disconnect, device number 89
[  778.763840][ T5932] usb 3-1: new high-speed USB device number 64 using dummy_hcd
[  778.998602][ T5932] usb 3-1: config 0 has no interfaces?
[  779.054264][ T5932] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  779.208880][ T5932] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  779.222585][ T5932] usb 3-1: Product: syz
[  779.349914][ T5932] usb 3-1: Manufacturer: syz
[  779.500775][ T5932] usb 3-1: SerialNumber: syz
[  779.693920][ T5932] usb 3-1: config 0 descriptor??
[  780.405484][T15405] syzkaller1: entered promiscuous mode
[  780.411190][T15405] syzkaller1: entered allmulticast mode
[  780.740484][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  780.740500][   T30] audit: type=1326 audit(1752077570.558:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15408 comm="syz.3.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  780.766104][    T9] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[  780.777091][   T30] audit: type=1326 audit(1752077570.578:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15408 comm="syz.3.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  780.804117][   T30] audit: type=1326 audit(1752077570.578:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15408 comm="syz.3.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  780.827351][   T30] audit: type=1326 audit(1752077570.578:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15408 comm="syz.3.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  780.852046][   T30] audit: type=1326 audit(1752077570.578:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15408 comm="syz.3.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  780.877022][   T30] audit: type=1326 audit(1752077570.578:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15408 comm="syz.3.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  780.903574][   T30] audit: type=1326 audit(1752077570.578:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15408 comm="syz.3.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  780.929156][   T30] audit: type=1326 audit(1752077570.578:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15408 comm="syz.3.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  780.965938][    T9] usb 5-1: Using ep0 maxpacket: 8
[  781.024345][    T9] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  781.047705][    T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  781.058053][    T9] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  781.068402][    T9] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  781.084284][    T9] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  781.093690][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  781.101928][    T9] usb 5-1: Product: syz
[  781.106740][    T9] usb 5-1: Manufacturer: syz
[  781.111441][    T9] usb 5-1: SerialNumber: syz
[  781.292395][T15407] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  781.343682][    T9] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[  781.354717][    T9] usbtest 5-1:1.0: Linux user mode ISO test driver
[  781.375148][    T9] usbtest 5-1:1.0: high-speed {control bulk-in bulk-out} tests (+alt)
[  781.582048][T15407] loop2: detected capacity change from 0 to 7
[  781.611209][    T9] usb 5-1: USB disconnect, device number 87
[  781.655630][ T5849] usb 3-1: USB disconnect, device number 64
[  782.211595][T15434] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2447'.
[  784.586301][    T9] usb 4-1: new high-speed USB device number 93 using dummy_hcd
[  784.646325][ T5932] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[  784.685570][T15477] input: syz1 as /devices/virtual/input/input34
[  785.496812][ T5932] usb 5-1: Using ep0 maxpacket: 16
[  785.545955][    T9] usb 4-1: Using ep0 maxpacket: 32
[  785.550237][ T5932] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  785.564560][    T9] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  785.582304][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  785.608929][    T9] usb 4-1: config 0 descriptor??
[  785.619852][ T5932] usb 5-1: config 0 has no interfaces?
[  785.625343][ T5932] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  785.783711][ T5932] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  785.823988][    T9] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  785.844375][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  785.857536][    T9] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  785.866751][    T9] usb 4-1: media controller created
[  785.957157][ T5932] usb 5-1: config 0 descriptor??
[  786.282095][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  787.002321][   T30] audit: type=1326 audit(1752077576.818:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.2.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6369b8e929 code=0x7ffc0000
[  787.189864][   T30] audit: type=1326 audit(1752077576.858:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.2.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6369b8e929 code=0x7ffc0000
[  787.386883][T15496] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  787.388963][   T30] audit: type=1326 audit(1752077576.858:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.2.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f6369b8e929 code=0x7ffc0000
[  787.548169][   T30] audit: type=1326 audit(1752077576.858:1011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.2.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6369b8e929 code=0x7ffc0000
[  787.717854][   T30] audit: type=1326 audit(1752077576.858:1012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.2.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6369b8e929 code=0x7ffc0000
[  788.051907][   T30] audit: type=1326 audit(1752077576.858:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.2.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f6369b8e929 code=0x7ffc0000
[  788.090334][    T9] az6027: usb out operation failed. (-71)
[  788.139158][    T9] stb0899_attach: Driver disabled by Kconfig
[  788.140050][ T5932] usb 5-1: USB disconnect, device number 88
[  788.145176][    T9] az6027: no front-end attached
[  788.145176][    T9] 
[  788.187799][    T9] az6027: usb out operation failed. (-71)
[  788.193579][    T9] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  788.203352][   T30] audit: type=1326 audit(1752077576.858:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.2.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6369b8e929 code=0x7ffc0000
[  788.276273][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input35
[  788.312259][   T30] audit: type=1326 audit(1752077576.858:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.2.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6369b8e929 code=0x7ffc0000
[  788.384018][    T9] dvb-usb: schedule remote query interval to 400 msecs.
[  788.402811][    T9] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  788.447216][    T9] usb 4-1: USB disconnect, device number 93
[  788.506739][   T30] audit: type=1326 audit(1752077576.858:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.2.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f6369b8e929 code=0x7ffc0000
[  788.980778][    T9] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  789.247574][T15519] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2471'.
[  789.475976][    T9] usb 4-1: new high-speed USB device number 94 using dummy_hcd
[  789.915908][    T9] usb 4-1: Using ep0 maxpacket: 8
[  789.926289][    T9] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  789.937527][    T9] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  789.991968][    T9] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  790.100280][    T9] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  790.124727][    T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  790.135874][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  790.143864][    T9] usb 4-1: Product: syz
[  790.165923][    T9] usb 4-1: Manufacturer: syz
[  790.176082][    T9] usb 4-1: SerialNumber: syz
[  790.272097][T15509] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  790.284958][    T9] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[  790.348024][    T9] usbtest 4-1:1.0: Linux user mode ISO test driver
[  790.365556][    T9] usbtest 4-1:1.0: high-speed {control bulk-in bulk-out} tests (+alt)
[  790.604241][T15509] loop2: detected capacity change from 0 to 7
[  790.728846][ T5932] usb 1-1: new high-speed USB device number 91 using dummy_hcd
[  790.742432][    T9] usb 4-1: USB disconnect, device number 94
[  790.896666][ T5932] usb 1-1: Using ep0 maxpacket: 32
[  791.090792][ T5932] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  791.141863][ T5932] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  791.173121][ T5932] usb 1-1: config 0 descriptor??
[  791.422078][ T5932] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  791.487553][ T5932] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  791.504057][ T5932] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  791.517771][ T5932] usb 1-1: media controller created
[  791.557062][ T5932] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  791.836378][ T5983] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[  792.005953][ T5983] usb 3-1: Using ep0 maxpacket: 32
[  792.133002][ T5983] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  792.142279][ T5983] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  792.159737][ T5983] usb 3-1: config 0 descriptor??
[  792.368804][ T5983] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  792.384576][ T5983] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  792.621485][ T5983] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  792.638997][ T5983] usb 3-1: media controller created
[  792.731968][ T5940] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[  793.064040][ T5983] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  793.073835][ T5932] az6027: usb out operation failed. (-71)
[  793.083893][ T5932] az6027: usb out operation failed. (-71)
[  793.095896][ T5932] stb0899_attach: Driver disabled by Kconfig
[  793.105492][ T5932] az6027: no front-end attached
[  793.105492][ T5932] 
[  793.119303][ T5983] az6027: usb out operation failed. (-71)
[  793.146753][ T5983] az6027: usb out operation failed. (-71)
[  793.152515][ T5983] stb0899_attach: Driver disabled by Kconfig
[  793.161695][ T5983] az6027: no front-end attached
[  793.161695][ T5983] 
[  793.169810][ T5932] az6027: usb out operation failed. (-71)
[  793.175560][ T5932] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  793.185146][ T5932] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input36
[  793.197431][ T5983] az6027: usb out operation failed. (-71)
[  793.203180][ T5983] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  793.226748][ T5940] usb 5-1: Using ep0 maxpacket: 16
[  793.238079][ T5940] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  793.259092][ T5983] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input37
[  793.271398][T15560] loop6: detected capacity change from 0 to 524287999
[  793.271750][ T5940] usb 5-1: config 0 has no interfaces?
[  793.287095][ T5932] dvb-usb: schedule remote query interval to 400 msecs.
[  793.294076][ T5932] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  793.314214][ T5940] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  793.326883][ T5983] dvb-usb: schedule remote query interval to 400 msecs.
[  793.333863][ T5983] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  793.347140][ T5940] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  793.370826][ T5932] usb 1-1: USB disconnect, device number 91
[  793.403360][ T5940] usb 5-1: config 0 descriptor??
[  793.409813][ T5983] usb 3-1: USB disconnect, device number 65
[  793.636142][ T5932] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  793.697849][ T5983] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  794.075930][ T5940] usb 2-1: new high-speed USB device number 90 using dummy_hcd
[  794.156341][ T5983] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[  794.496896][ T5983] usb 3-1: Using ep0 maxpacket: 8
[  794.502094][ T5940] usb 2-1: Using ep0 maxpacket: 8
[  794.517290][ T5983] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  794.530574][ T5940] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  794.548071][ T5983] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  794.563051][ T5940] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  794.616704][ T5983] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  794.635894][ T5940] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  794.646759][ T5983] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  794.659732][ T5940] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  794.675613][ T5940] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  794.685216][ T5940] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  794.693236][ T5940] usb 2-1: Product: syz
[  794.697484][ T5940] usb 2-1: Manufacturer: syz
[  794.702077][ T5940] usb 2-1: SerialNumber: syz
[  794.711416][T15568] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  794.797229][ T5983] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  794.806856][ T5983] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  794.827998][ T5983] usb 3-1: Product: syz
[  794.832211][ T5983] usb 3-1: Manufacturer: syz
[  794.843698][ T5940] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[  794.852377][ T5983] usb 3-1: SerialNumber: syz
[  794.872552][ T5940] usbtest 2-1:1.0: Linux user mode ISO test driver
[  794.881562][ T5940] usbtest 2-1:1.0: high-speed {control bulk-in bulk-out} tests (+alt)
[  794.906756][T15569] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  794.925879][ T5983] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  794.935282][ T5983] usbtest 3-1:1.0: Linux user mode ISO test driver
[  795.038361][ T5983] usbtest 3-1:1.0: high-speed {control bulk-in bulk-out} tests (+alt)
[  795.078239][T15568] loop2: detected capacity change from 0 to 7
[  795.095229][ T5983] usb 2-1: USB disconnect, device number 90
[  795.357512][T15566] loop2: detected capacity change from 0 to 7
[  795.402257][   T55] usb 5-1: USB disconnect, device number 89
[  795.427661][ T5932] usb 3-1: USB disconnect, device number 66
[  797.636682][ T5849] usb 1-1: new high-speed USB device number 92 using dummy_hcd
[  797.815581][ T5849] usb 1-1: config 0 has no interfaces?
[  797.836097][ T5849] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  797.845436][ T5849] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.853925][ T5849] usb 1-1: Product: syz
[  797.859145][ T5849] usb 1-1: Manufacturer: syz
[  797.863767][ T5849] usb 1-1: SerialNumber: syz
[  797.905118][ T5849] usb 1-1: config 0 descriptor??
[  798.361747][T15622] fuse: Unknown parameter '0x0000000000000003'
[  798.837840][ T5932] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[  799.160845][ T5932] usb 3-1: Using ep0 maxpacket: 32
[  799.174259][ T5932] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  799.276040][ T5932] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  799.306005][ T5932] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  799.327411][ T5932] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  799.376424][ T5932] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  799.386965][ T5932] usb 3-1: config 0 descriptor??
[  799.429131][T15629] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  799.488174][ T5932] hub 3-1:0.0: USB hub found
[  799.656998][T15626] FAULT_INJECTION: forcing a failure.
[  799.656998][T15626] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  799.695428][T15626] CPU: 1 UID: 0 PID: 15626 Comm: syz.2.2498 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  799.695446][T15626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  799.695453][T15626] Call Trace:
[  799.695458][T15626]  <TASK>
[  799.695463][T15626]  dump_stack_lvl+0x189/0x250
[  799.695483][T15626]  ? __pfx____ratelimit+0x10/0x10
[  799.695499][T15626]  ? __pfx_dump_stack_lvl+0x10/0x10
[  799.695515][T15626]  ? __pfx__printk+0x10/0x10
[  799.695528][T15626]  ? __might_fault+0xb0/0x130
[  799.695546][T15626]  should_fail_ex+0x414/0x560
[  799.695564][T15626]  _copy_from_user+0x2d/0xb0
[  799.695576][T15626]  get_itimerspec64+0xa1/0x2f0
[  799.695588][T15626]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  799.695598][T15626]  ? __pfx_get_itimerspec64+0x10/0x10
[  799.695610][T15626]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  799.695624][T15626]  __x64_sys_timer_settime+0x142/0x240
[  799.695643][T15626]  ? __pfx___x64_sys_timer_settime+0x10/0x10
[  799.695665][T15626]  ? do_syscall_64+0xbe/0x3b0
[  799.695677][T15626]  do_syscall_64+0xfa/0x3b0
[  799.695686][T15626]  ? lockdep_hardirqs_on+0x9c/0x150
[  799.695700][T15626]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  799.695710][T15626]  ? clear_bhb_loop+0x60/0xb0
[  799.695722][T15626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  799.695732][T15626] RIP: 0033:0x7f6369b8e929
[  799.695742][T15626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  799.695750][T15626] RSP: 002b:00007f636a97d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000df
[  799.695763][T15626] RAX: ffffffffffffffda RBX: 00007f6369db5fa0 RCX: 00007f6369b8e929
[  799.695771][T15626] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000000
[  799.695777][T15626] RBP: 00007f636a97d090 R08: 0000000000000000 R09: 0000000000000000
[  799.695783][T15626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  799.695789][T15626] R13: 0000000000000000 R14: 00007f6369db5fa0 R15: 00007f6369edfa28
[  799.695804][T15626]  </TASK>
[  799.979885][ T5932] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  799.995502][ T5932] usbhid 3-1:0.0: can't add hid device: -71
[  800.001578][ T5932] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  800.027333][   T55] usb 2-1: new high-speed USB device number 91 using dummy_hcd
[  800.039055][ T5932] usb 3-1: USB disconnect, device number 67
[  800.098360][ T5983] usb 1-1: USB disconnect, device number 92
[  800.190661][   T55] usb 2-1: Using ep0 maxpacket: 32
[  800.197736][   T55] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  800.214497][   T55] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  800.228592][   T55] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  800.283792][   T55] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  800.313748][   T55] usb 2-1: config 0 descriptor??
[  800.627206][T15659] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551608)
[  800.638105][T15659] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647
[  800.732079][T15660] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2506'.
[  800.762095][T15660] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2506'.
[  800.790583][   T55] ft260 0003:0403:6030.001E: unbalanced collection at end of report description
[  801.026623][   T55] ft260 0003:0403:6030.001E: failed to parse HID
[  801.033177][   T55] ft260 0003:0403:6030.001E: probe with driver ft260 failed with error -22
[  801.058975][ T5849] usb 2-1: USB disconnect, device number 91
[  801.375970][   T55] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[  801.503573][ T5849] hid-generic 0000:0003:0000.001F: unknown main item tag 0x0
[  801.516136][ T5849] hid-generic 0000:0003:0000.001F: unknown main item tag 0x0
[  801.555904][   T55] usb 3-1: Using ep0 maxpacket: 32
[  801.556074][ T5849] hid-generic 0000:0003:0000.001F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  802.182093][T15676] fido_id[15676]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  802.231112][T15684] FAULT_INJECTION: forcing a failure.
[  802.231112][T15684] name failslab, interval 1, probability 0, space 0, times 0
[  802.244146][T15684] CPU: 0 UID: 0 PID: 15684 Comm: syz.4.2512 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  802.244181][T15684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  802.244194][T15684] Call Trace:
[  802.244201][T15684]  <TASK>
[  802.244209][T15684]  dump_stack_lvl+0x189/0x250
[  802.244237][T15684]  ? __pfx____ratelimit+0x10/0x10
[  802.244263][T15684]  ? __pfx_dump_stack_lvl+0x10/0x10
[  802.244285][T15684]  ? __pfx__printk+0x10/0x10
[  802.244323][T15684]  should_fail_ex+0x414/0x560
[  802.244357][T15684]  should_failslab+0xa8/0x100
[  802.244382][T15684]  kmem_cache_alloc_noprof+0x73/0x3c0
[  802.244401][T15684]  ? skb_clone+0x212/0x3a0
[  802.244428][T15684]  skb_clone+0x212/0x3a0
[  802.244454][T15684]  __netlink_deliver_tap+0x404/0x850
[  802.244487][T15684]  ? netlink_deliver_tap+0x2e/0x1b0
[  802.244510][T15684]  netlink_deliver_tap+0x19c/0x1b0
[  802.244533][T15684]  netlink_sendskb+0x68/0x140
[  802.244554][T15684]  netlink_rcv_skb+0x28c/0x470
[  802.244576][T15684]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  802.244598][T15684]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  802.244632][T15684]  ? netlink_deliver_tap+0x2e/0x1b0
[  802.244652][T15684]  ? netlink_deliver_tap+0x2e/0x1b0
[  802.244678][T15684]  netlink_unicast+0x758/0x8d0
[  802.244708][T15684]  netlink_sendmsg+0x805/0xb30
[  802.244740][T15684]  ? __pfx_netlink_sendmsg+0x10/0x10
[  802.244764][T15684]  ? aa_sock_msg_perm+0x94/0x160
[  802.244791][T15684]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  802.244816][T15684]  ? __pfx_netlink_sendmsg+0x10/0x10
[  802.244837][T15684]  __sock_sendmsg+0x219/0x270
[  802.244867][T15684]  ____sys_sendmsg+0x505/0x830
[  802.244895][T15684]  ? __pfx_____sys_sendmsg+0x10/0x10
[  802.244927][T15684]  ? import_iovec+0x74/0xa0
[  802.244952][T15684]  ___sys_sendmsg+0x21f/0x2a0
[  802.244977][T15684]  ? __pfx____sys_sendmsg+0x10/0x10
[  802.245036][T15684]  ? __fget_files+0x2a/0x420
[  802.245059][T15684]  ? __fget_files+0x3a0/0x420
[  802.245092][T15684]  __x64_sys_sendmsg+0x19b/0x260
[  802.245116][T15684]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  802.245148][T15684]  ? __pfx_ksys_write+0x10/0x10
[  802.245166][T15684]  ? rcu_is_watching+0x15/0xb0
[  802.245198][T15684]  ? do_syscall_64+0xbe/0x3b0
[  802.245220][T15684]  do_syscall_64+0xfa/0x3b0
[  802.245238][T15684]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.245255][T15684]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  802.245272][T15684]  ? clear_bhb_loop+0x60/0xb0
[  802.245293][T15684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.245310][T15684] RIP: 0033:0x7faa8498e929
[  802.245328][T15684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  802.245342][T15684] RSP: 002b:00007faa85874038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  802.245362][T15684] RAX: ffffffffffffffda RBX: 00007faa84bb5fa0 RCX: 00007faa8498e929
[  802.245376][T15684] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  802.245388][T15684] RBP: 00007faa85874090 R08: 0000000000000000 R09: 0000000000000000
[  802.245399][T15684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  802.245414][T15684] R13: 0000000000000000 R14: 00007faa84bb5fa0 R15: 00007faa84cdfa28
[  802.245442][T15684]  </TASK>
[  803.094774][T15698] FAULT_INJECTION: forcing a failure.
[  803.094774][T15698] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  803.111002][T15698] CPU: 0 UID: 0 PID: 15698 Comm: syz.4.2515 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  803.111026][T15698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  803.111038][T15698] Call Trace:
[  803.111045][T15698]  <TASK>
[  803.111052][T15698]  dump_stack_lvl+0x189/0x250
[  803.111079][T15698]  ? __pfx____ratelimit+0x10/0x10
[  803.111113][T15698]  ? __pfx_dump_stack_lvl+0x10/0x10
[  803.111134][T15698]  ? __pfx__printk+0x10/0x10
[  803.111156][T15698]  ? __might_fault+0xb0/0x130
[  803.111188][T15698]  should_fail_ex+0x414/0x560
[  803.111217][T15698]  _copy_from_iter+0x1db/0x16f0
[  803.111240][T15698]  ? rcu_is_watching+0x15/0xb0
[  803.111260][T15698]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  803.111283][T15698]  ? __pfx__copy_from_iter+0x10/0x10
[  803.111301][T15698]  ? __build_skb_around+0x257/0x3e0
[  803.111324][T15698]  ? netlink_sendmsg+0x642/0xb30
[  803.111351][T15698]  ? skb_put+0x11b/0x210
[  803.111374][T15698]  netlink_sendmsg+0x6b2/0xb30
[  803.111401][T15698]  ? __pfx_netlink_sendmsg+0x10/0x10
[  803.111424][T15698]  ? aa_sock_msg_perm+0x94/0x160
[  803.111450][T15698]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  803.111474][T15698]  ? __pfx_netlink_sendmsg+0x10/0x10
[  803.111495][T15698]  __sock_sendmsg+0x219/0x270
[  803.111525][T15698]  ____sys_sendmsg+0x505/0x830
[  803.111553][T15698]  ? __pfx_____sys_sendmsg+0x10/0x10
[  803.111583][T15698]  ? import_iovec+0x74/0xa0
[  803.111607][T15698]  ___sys_sendmsg+0x21f/0x2a0
[  803.111631][T15698]  ? __pfx____sys_sendmsg+0x10/0x10
[  803.111685][T15698]  ? __fget_files+0x2a/0x420
[  803.111706][T15698]  ? __fget_files+0x3a0/0x420
[  803.111738][T15698]  __x64_sys_sendmsg+0x19b/0x260
[  803.111761][T15698]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  803.111792][T15698]  ? __pfx_ksys_write+0x10/0x10
[  803.111809][T15698]  ? rcu_is_watching+0x15/0xb0
[  803.111832][T15698]  ? do_syscall_64+0xbe/0x3b0
[  803.111852][T15698]  do_syscall_64+0xfa/0x3b0
[  803.111866][T15698]  ? lockdep_hardirqs_on+0x9c/0x150
[  803.111889][T15698]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.111913][T15698]  ? clear_bhb_loop+0x60/0xb0
[  803.111934][T15698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.111950][T15698] RIP: 0033:0x7faa8498e929
[  803.111968][T15698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  803.111983][T15698] RSP: 002b:00007faa85874038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  803.112005][T15698] RAX: ffffffffffffffda RBX: 00007faa84bb5fa0 RCX: 00007faa8498e929
[  803.112017][T15698] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  803.112027][T15698] RBP: 00007faa85874090 R08: 0000000000000000 R09: 0000000000000000
[  803.112036][T15698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  803.112046][T15698] R13: 0000000000000000 R14: 00007faa84bb5fa0 R15: 00007faa84cdfa28
[  803.112074][T15698]  </TASK>
[  803.467906][    T9] usb 4-1: new full-speed USB device number 95 using dummy_hcd
[  803.628055][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  803.637977][    T9] usb 4-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00
[  803.647155][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  803.657994][    T9] usb 4-1: config 0 descriptor??
[  803.897056][T15694] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  803.906484][T15694] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  803.945066][    T9] nintendo 0003:057E:200E.0020: unbalanced delimiter at end of report description
[  803.959680][    T9] nintendo 0003:057E:200E.0020: HID parse failed
[  803.974341][    T9] nintendo 0003:057E:200E.0020: probe - fail = -22
[  803.996007][    T9] nintendo 0003:057E:200E.0020: probe with driver nintendo failed with error -22
[  804.039605][   T55] usb 3-1: unable to get BOS descriptor or descriptor too short
[  804.066431][   T55] usb 3-1: no configurations
[  804.071139][   T55] usb 3-1: can't read configurations, error -22
[  804.836750][ T5932] usb 2-1: new high-speed USB device number 92 using dummy_hcd
[  805.263055][ T5932] usb 2-1: config 0 has no interfaces?
[  805.274585][ T5932] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  805.284952][ T5932] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.293224][ T5932] usb 2-1: Product: syz
[  805.297660][ T5932] usb 2-1: Manufacturer: syz
[  805.302301][ T5932] usb 2-1: SerialNumber: syz
[  805.318336][ T5932] usb 2-1: config 0 descriptor??
[  805.948605][    T9] usb 4-1: USB disconnect, device number 95
[  806.829035][T15752] FAULT_INJECTION: forcing a failure.
[  806.829035][T15752] name failslab, interval 1, probability 0, space 0, times 0
[  806.870606][T15752] CPU: 0 UID: 0 PID: 15752 Comm: syz.3.2532 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  806.870635][T15752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  806.870645][T15752] Call Trace:
[  806.870653][T15752]  <TASK>
[  806.870662][T15752]  dump_stack_lvl+0x189/0x250
[  806.870687][T15752]  ? __pfx____ratelimit+0x10/0x10
[  806.870713][T15752]  ? __pfx_dump_stack_lvl+0x10/0x10
[  806.870732][T15752]  ? __pfx__printk+0x10/0x10
[  806.870762][T15752]  ? __pfx___might_resched+0x10/0x10
[  806.870787][T15752]  should_fail_ex+0x414/0x560
[  806.870815][T15752]  ? io_alloc_cache_init+0x3d/0x140
[  806.870833][T15752]  should_failslab+0xa8/0x100
[  806.870857][T15752]  __kvmalloc_node_noprof+0x161/0x5f0
[  806.870878][T15752]  ? io_alloc_cache_init+0x3d/0x140
[  806.870899][T15752]  io_alloc_cache_init+0x3d/0x140
[  806.870919][T15752]  io_ring_ctx_alloc+0x491/0xae0
[  806.870947][T15752]  io_uring_create+0x130/0xb60
[  806.870974][T15752]  __se_sys_io_uring_setup+0x264/0x270
[  806.870996][T15752]  ? __pfx___se_sys_io_uring_setup+0x10/0x10
[  806.871027][T15752]  ? rcu_is_watching+0x15/0xb0
[  806.871073][T15752]  ? do_syscall_64+0xbe/0x3b0
[  806.871093][T15752]  do_syscall_64+0xfa/0x3b0
[  806.871107][T15752]  ? lockdep_hardirqs_on+0x9c/0x150
[  806.871130][T15752]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.871146][T15752]  ? clear_bhb_loop+0x60/0xb0
[  806.871165][T15752]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.871181][T15752] RIP: 0033:0x7f1771f8e929
[  806.871197][T15752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  806.871211][T15752] RSP: 002b:00007f1772dee038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  806.871231][T15752] RAX: ffffffffffffffda RBX: 00007f17721b5fa0 RCX: 00007f1771f8e929
[  806.871244][T15752] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000a63
[  806.871255][T15752] RBP: 00007f1772dee090 R08: 0000000000000000 R09: 0000000000000000
[  806.871265][T15752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  806.871276][T15752] R13: 0000000000000001 R14: 00007f17721b5fa0 R15: 00007f17722dfa28
[  806.871302][T15752]  </TASK>
[  807.752381][ T5932] usb 2-1: USB disconnect, device number 92
[  808.054834][T15774] syzkaller1: entered promiscuous mode
[  808.062756][T15774] syzkaller1: entered allmulticast mode
[  808.637734][   T55] hid-generic 0000:0003:0000.0021: unknown main item tag 0x0
[  808.645665][   T55] hid-generic 0000:0003:0000.0021: unknown main item tag 0x0
[  808.694486][   T55] hid-generic 0000:0003:0000.0021: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  808.710363][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  808.732911][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  808.900192][T15798] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  808.949853][T15798] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  809.128909][T15793] fido_id[15793]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  809.839381][ T5983] usb 3-1: new full-speed USB device number 70 using dummy_hcd
[  810.005890][ T5983] usb 3-1: device descriptor read/64, error -71
[  810.266647][ T5983] usb 3-1: new full-speed USB device number 71 using dummy_hcd
[  810.566349][ T5983] usb 3-1: device descriptor read/64, error -71
[  810.689852][ T5983] usb usb3-port1: attempt power cycle
[  811.075902][ T5983] usb 3-1: new full-speed USB device number 72 using dummy_hcd
[  811.131206][ T5983] usb 3-1: device descriptor read/8, error -71
[  811.515943][ T5983] usb 3-1: new full-speed USB device number 73 using dummy_hcd
[  811.540481][ T5983] usb 3-1: device descriptor read/8, error -71
[  811.750730][ T5983] usb usb3-port1: unable to enumerate USB device
[  811.938457][T15827] fuse: Bad value for 'fd'
[  812.723566][T15847] netlink: 348 bytes leftover after parsing attributes in process `syz.3.2559'.
[  813.572889][T15868] FAULT_INJECTION: forcing a failure.
[  813.572889][T15868] name failslab, interval 1, probability 0, space 0, times 0
[  813.588932][T15868] CPU: 0 UID: 0 PID: 15868 Comm: syz.3.2564 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  813.588949][T15868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  813.588956][T15868] Call Trace:
[  813.588961][T15868]  <TASK>
[  813.588966][T15868]  dump_stack_lvl+0x189/0x250
[  813.588985][T15868]  ? __pfx____ratelimit+0x10/0x10
[  813.589000][T15868]  ? __pfx_dump_stack_lvl+0x10/0x10
[  813.589012][T15868]  ? __pfx__printk+0x10/0x10
[  813.589029][T15868]  ? xa_load+0x60/0x210
[  813.589042][T15868]  should_fail_ex+0x414/0x560
[  813.589060][T15868]  should_failslab+0xa8/0x100
[  813.589075][T15868]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  813.589088][T15868]  ? __alloc_skb+0x112/0x2d0
[  813.589102][T15868]  __alloc_skb+0x112/0x2d0
[  813.589115][T15868]  ctnetlink_conntrack_event+0x45d/0x1490
[  813.589127][T15868]  ? check_noncircular+0xe0/0x160
[  813.589141][T15868]  ? __lock_acquire+0xab9/0xd20
[  813.589161][T15868]  ? __pfx_ctnetlink_conntrack_event+0x10/0x10
[  813.589180][T15868]  ? __nf_conntrack_eventmask_report+0xc1/0x480
[  813.589195][T15868]  __nf_conntrack_eventmask_report+0x1fa/0x480
[  813.589213][T15868]  nf_conntrack_eventmask_report+0x2ce/0x4a0
[  813.589230][T15868]  ? __pfx_nf_conntrack_eventmask_report+0x10/0x10
[  813.589245][T15868]  ? nf_conntrack_tuple_taken+0x243/0xd30
[  813.589264][T15868]  nf_ct_delete+0x22f/0x600
[  813.589279][T15868]  nf_ct_gc_expired+0x267/0x380
[  813.589291][T15868]  ? __pfx_nf_ct_gc_expired+0x10/0x10
[  813.589305][T15868]  ? __siphash_unaligned+0x232/0x3b0
[  813.589329][T15868]  nf_conntrack_tuple_taken+0x79d/0xd30
[  813.589362][T15868]  ? nf_conntrack_tuple_taken+0xd8/0xd30
[  813.589396][T15868]  ? __pfx_nf_conntrack_tuple_taken+0x10/0x10
[  813.589425][T15868]  ? nf_ct_invert_tuple+0xb5/0x410
[  813.589450][T15868]  ? __asan_memcpy+0x40/0x70
[  813.589461][T15868]  ? nf_ct_invert_tuple+0x1fa/0x410
[  813.589474][T15868]  nf_nat_setup_info+0x70e/0x2660
[  813.589500][T15868]  ? __pfx_nf_nat_setup_info+0x10/0x10
[  813.589514][T15868]  ? __nla_validate_parse+0x2400/0x2d40
[  813.589536][T15868]  ? __pfx___nla_validate_parse+0x10/0x10
[  813.589545][T15868]  ? stack_trace_save+0x9c/0xe0
[  813.589561][T15868]  ? stack_depot_save_flags+0x40/0x900
[  813.589582][T15868]  ? __kasan_slab_alloc+0x6c/0x80
[  813.589592][T15868]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  813.589602][T15868]  ? __nf_conntrack_alloc+0x99/0x380
[  813.589614][T15868]  ? ctnetlink_new_conntrack+0x571/0x2070
[  813.589626][T15868]  ? nfnetlink_rcv_msg+0xb4d/0x1130
[  813.589640][T15868]  ? nfnetlink_rcv+0x26a/0x2520
[  813.589653][T15868]  ? netlink_unicast+0x758/0x8d0
[  813.589662][T15868]  ? netlink_sendmsg+0x805/0xb30
[  813.589672][T15868]  ? __sock_sendmsg+0x219/0x270
[  813.589687][T15868]  ? ____sys_sendmsg+0x505/0x830
[  813.589698][T15868]  ? nla_memcpy+0x5b/0xc0
[  813.589709][T15868]  ? nfnetlink_parse_nat_setup+0x375/0x680
[  813.589727][T15868]  nfnetlink_parse_nat_setup+0x4fd/0x680
[  813.589743][T15868]  ? __pfx_nfnetlink_parse_nat_setup+0x10/0x10
[  813.589781][T15868]  ctnetlink_parse_nat_setup+0xab/0x5e0
[  813.589797][T15868]  ctnetlink_new_conntrack+0x1048/0x2070
[  813.589812][T15868]  ? ctnetlink_new_conntrack+0x6d3/0x2070
[  813.589829][T15868]  ? __pfx_ctnetlink_new_conntrack+0x10/0x10
[  813.589841][T15868]  ? rcu_is_watching+0x15/0xb0
[  813.589853][T15868]  ? trace_contention_end+0x39/0x120
[  813.589867][T15868]  ? __mutex_lock+0x330/0xe80
[  813.589879][T15868]  ? __lock_acquire+0xab9/0xd20
[  813.589891][T15868]  ? nfnetlink_rcv_msg+0x9dc/0x1130
[  813.589921][T15868]  nfnetlink_rcv_msg+0xb4d/0x1130
[  813.589936][T15868]  ? nfnetlink_rcv_msg+0x20d/0x1130
[  813.589961][T15868]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  813.589974][T15868]  ? kasan_save_free_info+0x46/0x50
[  813.590018][T15868]  netlink_rcv_skb+0x205/0x470
[  813.590030][T15868]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  813.590046][T15868]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  813.590064][T15868]  ? bpf_lsm_capable+0x9/0x20
[  813.590076][T15868]  ? security_capable+0x7e/0x2e0
[  813.590095][T15868]  nfnetlink_rcv+0x26a/0x2520
[  813.590112][T15868]  ? __dev_queue_xmit+0x1cd7/0x3a70
[  813.590129][T15868]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  813.590142][T15868]  ? __dev_queue_xmit+0x27e/0x3a70
[  813.590158][T15868]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  813.590174][T15868]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  813.590189][T15868]  ? __pfx___dev_queue_xmit+0x10/0x10
[  813.590210][T15868]  ? ref_tracker_free+0x63a/0x7d0
[  813.590224][T15868]  ? __copy_skb_header+0xa7/0x550
[  813.590241][T15868]  ? __pfx_ref_tracker_free+0x10/0x10
[  813.590266][T15868]  ? skb_clone+0x246/0x3a0
[  813.590283][T15868]  ? __netlink_deliver_tap+0x807/0x850
[  813.590294][T15868]  ? netlink_deliver_tap+0x2e/0x1b0
[  813.590310][T15868]  ? netlink_deliver_tap+0x2e/0x1b0
[  813.590321][T15868]  ? netlink_deliver_tap+0x2e/0x1b0
[  813.590336][T15868]  netlink_unicast+0x758/0x8d0
[  813.590353][T15868]  netlink_sendmsg+0x805/0xb30
[  813.590371][T15868]  ? __pfx_netlink_sendmsg+0x10/0x10
[  813.590385][T15868]  ? aa_sock_msg_perm+0x94/0x160
[  813.590401][T15868]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  813.590420][T15868]  ? __pfx_netlink_sendmsg+0x10/0x10
[  813.590432][T15868]  __sock_sendmsg+0x219/0x270
[  813.590456][T15868]  ____sys_sendmsg+0x505/0x830
[  813.590484][T15868]  ? __pfx_____sys_sendmsg+0x10/0x10
[  813.590516][T15868]  ? import_iovec+0x74/0xa0
[  813.590542][T15868]  ___sys_sendmsg+0x21f/0x2a0
[  813.590562][T15868]  ? __pfx____sys_sendmsg+0x10/0x10
[  813.590596][T15868]  ? __fget_files+0x2a/0x420
[  813.590609][T15868]  ? __fget_files+0x3a0/0x420
[  813.590628][T15868]  __x64_sys_sendmsg+0x19b/0x260
[  813.590642][T15868]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  813.590660][T15868]  ? __pfx_ksys_write+0x10/0x10
[  813.590671][T15868]  ? rcu_is_watching+0x15/0xb0
[  813.590685][T15868]  ? do_syscall_64+0xbe/0x3b0
[  813.590697][T15868]  do_syscall_64+0xfa/0x3b0
[  813.590706][T15868]  ? lockdep_hardirqs_on+0x9c/0x150
[  813.590721][T15868]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  813.590730][T15868]  ? clear_bhb_loop+0x60/0xb0
[  813.590742][T15868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  813.590752][T15868] RIP: 0033:0x7f1771f8e929
[  813.590763][T15868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  813.590771][T15868] RSP: 002b:00007f1772dee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  813.590784][T15868] RAX: ffffffffffffffda RBX: 00007f17721b5fa0 RCX: 00007f1771f8e929
[  813.590791][T15868] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000006
[  813.590798][T15868] RBP: 00007f1772dee090 R08: 0000000000000000 R09: 0000000000000000
[  813.590804][T15868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  813.590812][T15868] R13: 0000000000000000 R14: 00007f17721b5fa0 R15: 00007f17722dfa28
[  813.590828][T15868]  </TASK>
[  814.315417][   T30] audit: type=1326 audit(1752077604.128:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15869 comm="syz.3.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  814.338071][   T30] audit: type=1326 audit(1752077604.128:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15869 comm="syz.3.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  814.364685][   T30] audit: type=1326 audit(1752077604.128:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15869 comm="syz.3.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  814.387490][   T30] audit: type=1326 audit(1752077604.128:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15869 comm="syz.3.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  814.411670][   T30] audit: type=1326 audit(1752077604.128:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15869 comm="syz.3.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  814.434480][   T30] audit: type=1326 audit(1752077604.128:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15869 comm="syz.3.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  814.457310][   T30] audit: type=1326 audit(1752077604.128:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15869 comm="syz.3.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  814.480132][   T30] audit: type=1326 audit(1752077604.128:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15869 comm="syz.3.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  814.502985][   T30] audit: type=1326 audit(1752077604.128:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15869 comm="syz.3.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1771f8d290 code=0x7ffc0000
[  814.525889][   T30] audit: type=1326 audit(1752077604.128:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15869 comm="syz.3.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1771f8e929 code=0x7ffc0000
[  815.215962][   T10] usb 2-1: new high-speed USB device number 93 using dummy_hcd
[  815.365987][   T10] usb 2-1: Using ep0 maxpacket: 8
[  815.379738][   T10] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  815.400112][   T10] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  815.409868][   T10] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  815.419748][   T10] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  815.439767][   T10] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  815.461409][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  815.477091][   T10] usb 2-1: Product: syz
[  815.484167][   T10] usb 2-1: Manufacturer: syz
[  815.492934][   T10] usb 2-1: SerialNumber: syz
[  815.508745][T15888] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  815.520734][   T10] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[  815.537742][   T10] usbtest 2-1:1.0: Linux user mode ISO test driver
[  815.552412][   T10] usbtest 2-1:1.0: high-speed {control bulk-in bulk-out} tests (+alt)
[  815.731204][T15888] loop2: detected capacity change from 0 to 7
[  815.744878][   T55] usb 2-1: USB disconnect, device number 93
[  816.055925][   T10] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[  816.311457][   T10] usb 3-1: config 0 has no interfaces?
[  816.333148][   T10] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  816.380854][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  816.389170][   T10] usb 3-1: Product: syz
[  816.393511][   T10] usb 3-1: Manufacturer: syz
[  816.398241][   T10] usb 3-1: SerialNumber: syz
[  816.411895][   T10] usb 3-1: config 0 descriptor??
[  816.986893][ T5849] usb 1-1: new high-speed USB device number 94 using dummy_hcd
[  817.152938][ T5849] usb 1-1: config 0 has no interfaces?
[  817.165437][ T5849] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  817.194379][ T5849] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  817.202995][ T5849] usb 1-1: Product: syz
[  817.207450][ T5849] usb 1-1: Manufacturer: syz
[  817.212130][ T5849] usb 1-1: SerialNumber: syz
[  817.238084][ T5849] usb 1-1: config 0 descriptor??
[  819.011325][ T5983] usb 3-1: USB disconnect, device number 74
[  820.069707][ T5983] usb 1-1: USB disconnect, device number 94
[  821.015904][ T5983] usb 1-1: new high-speed USB device number 95 using dummy_hcd
[  821.177982][ T5983] usb 1-1: config 0 has no interfaces?
[  821.186925][ T5983] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  821.195992][ T5983] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  821.203955][ T5983] usb 1-1: Product: syz
[  821.208506][ T5983] usb 1-1: Manufacturer: syz
[  821.213109][ T5983] usb 1-1: SerialNumber: syz
[  821.233887][ T5983] usb 1-1: config 0 descriptor??
[  821.930380][T16000] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  823.152899][ T5849] usb 1-1: USB disconnect, device number 95
[  824.137062][   T55] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[  824.385885][   T55] usb 3-1: Using ep0 maxpacket: 8
[  824.392509][   T55] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  824.422352][   T55] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  824.463145][   T55] usb 3-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  824.490235][   T55] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  824.518130][   T55] usb 3-1: Product: syz
[  824.524833][   T55] usb 3-1: Manufacturer: syz
[  824.531817][   T55] usb 3-1: SerialNumber: syz
[  824.548869][   T55] usb 3-1: config 0 descriptor??
[  824.774304][T16041] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  824.784902][T16041] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  825.279288][   T55] usb 3-1: USB disconnect, device number 75
[  826.173481][T16066] netlink: 348 bytes leftover after parsing attributes in process `syz.2.2617'.
[  827.255976][ T5849] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[  827.666040][ T5849] usb 1-1: Using ep0 maxpacket: 32
[  827.898654][T16087] loop6: detected capacity change from 0 to 524287999
[  827.916623][T16087] buffer_io_error: 11 callbacks suppressed
[  827.916642][T16087] Buffer I/O error on dev loop6, logical block 0, async page read
[  827.930829][T16087] Buffer I/O error on dev loop6, logical block 0, async page read
[  827.939033][T16087] Buffer I/O error on dev loop6, logical block 0, async page read
[  827.947228][T16087] Buffer I/O error on dev loop6, logical block 0, async page read
[  827.955287][T16087] Buffer I/O error on dev loop6, logical block 0, async page read
[  827.978478][T16087] Buffer I/O error on dev loop6, logical block 0, async page read
[  827.986858][T16087] Buffer I/O error on dev loop6, logical block 0, async page read
[  827.995007][T16087] Buffer I/O error on dev loop6, logical block 0, async page read
[  828.003160][T16087] ldm_validate_partition_table(): Disk read failed.
[  828.010308][T16087] Buffer I/O error on dev loop6, logical block 0, async page read
[  828.018826][T16087] Buffer I/O error on dev loop6, logical block 0, async page read
[  828.027415][T16087] Dev loop6: unable to read RDB block 0
[  828.033709][T16087]  loop6: unable to read partition table
[  828.040016][T16087] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  828.096567][T16088] Invalid logical block size (7)
[  829.308870][ T5983] hid-generic 0000:0003:0000.0022: unknown main item tag 0x0
[  829.317819][ T5983] hid-generic 0000:0003:0000.0022: unknown main item tag 0x0
[  829.351786][ T5983] hid-generic 0000:0003:0000.0022: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  829.355750][   T10] hid-generic 0000:0003:0000.0023: unknown main item tag 0x0
[  829.418269][   T10] hid-generic 0000:0003:0000.0023: unknown main item tag 0x0
[  829.505253][   T10] hid-generic 0000:0003:0000.0023: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  829.505560][T16107] fido_id[16107]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  829.759236][T16114] fido_id[16114]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  829.784506][ T5849] usb 1-1: unable to get BOS descriptor or descriptor too short
[  829.798881][ T5849] usb 1-1: no configurations
[  829.807300][ T5849] usb 1-1: can't read configurations, error -22
[  830.080081][T16129] netlink: 348 bytes leftover after parsing attributes in process `syz.3.2633'.
[  830.604781][    T9] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[  830.768159][T16144] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2638'.
[  830.870351][    T9] usb 5-1: config 0 has no interfaces?
[  830.881065][    T9] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  830.890566][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  830.898718][    T9] usb 5-1: Product: syz
[  830.903248][    T9] usb 5-1: Manufacturer: syz
[  830.907948][    T9] usb 5-1: SerialNumber: syz
[  830.914557][    T9] usb 5-1: config 0 descriptor??
[  831.092279][T16152] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2640'.
[  831.265886][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  831.265906][   T30] audit: type=1326 audit(1752077621.068:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16151 comm="syz.1.2640" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f602078e929 code=0x0
[  832.370326][   T55] hid-generic 0000:0003:0000.0024: unknown main item tag 0x0
[  832.379449][   T55] hid-generic 0000:0003:0000.0024: unknown main item tag 0x0
[  832.397631][   T55] hid-generic 0000:0003:0000.0024: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  832.605252][T16164] fido_id[16164]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  832.895937][ T5849] usb 4-1: new high-speed USB device number 96 using dummy_hcd
[  833.119063][    T9] usb 2-1: new high-speed USB device number 94 using dummy_hcd
[  833.126871][ T5849] usb 4-1: Using ep0 maxpacket: 16
[  833.176943][ T5849] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  833.192644][ T5849] usb 4-1: config 0 has no interfaces?
[  833.202990][ T5849] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  833.213036][ T5849] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  833.271211][ T5849] usb 4-1: config 0 descriptor??
[  833.366764][    T9] usb 2-1: Using ep0 maxpacket: 32
[  833.496274][  T979] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[  833.685902][  T979] usb 3-1: Using ep0 maxpacket: 32
[  835.056149][ T5849] usb 5-1: USB disconnect, device number 90
[  835.789184][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[  835.804663][    T9] usb 2-1: no configurations
[  835.879151][    T9] usb 2-1: can't read configurations, error -22
[  835.940543][  T979] usb 3-1: unable to get BOS descriptor or descriptor too short
[  835.990647][  T979] usb 3-1: no configurations
[  836.026408][  T979] usb 3-1: can't read configurations, error -22
[  836.034504][   T55] usb 4-1: USB disconnect, device number 96
[  836.842111][ T5983] hid-generic 0000:0003:0000.0025: unknown main item tag 0x0
[  836.875831][ T5983] hid-generic 0000:0003:0000.0025: unknown main item tag 0x0
[  836.912298][ T5983] hid-generic 0000:0003:0000.0025: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  837.265320][T16209] fido_id[16209]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  837.376829][T16216] openvswitch: netlink: Flow actions attr not present in new flow.
[  837.426664][T16218] FAULT_INJECTION: forcing a failure.
[  837.426664][T16218] name failslab, interval 1, probability 0, space 0, times 0
[  837.439501][T16218] CPU: 0 UID: 0 PID: 16218 Comm: syz.4.2657 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  837.439525][T16218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  837.439537][T16218] Call Trace:
[  837.439545][T16218]  <TASK>
[  837.439553][T16218]  dump_stack_lvl+0x189/0x250
[  837.439580][T16218]  ? __pfx____ratelimit+0x10/0x10
[  837.439606][T16218]  ? __pfx_dump_stack_lvl+0x10/0x10
[  837.439628][T16218]  ? __pfx__printk+0x10/0x10
[  837.439656][T16218]  ? __pfx___might_resched+0x10/0x10
[  837.439675][T16218]  ? fs_reclaim_acquire+0x7d/0x100
[  837.439704][T16218]  should_fail_ex+0x414/0x560
[  837.439739][T16218]  should_failslab+0xa8/0x100
[  837.439763][T16218]  __kmalloc_noprof+0xcb/0x4f0
[  837.439783][T16218]  ? kfree+0x4d/0x440
[  837.439799][T16218]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  837.439823][T16218]  tomoyo_realpath_from_path+0xe3/0x5d0
[  837.439844][T16218]  ? tomoyo_domain+0xd9/0x130
[  837.439868][T16218]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  837.439891][T16218]  tomoyo_path_number_perm+0x1e8/0x5a0
[  837.439917][T16218]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  837.439958][T16218]  ? __lock_acquire+0xab9/0xd20
[  837.439998][T16218]  ? __fget_files+0x2a/0x420
[  837.440024][T16218]  ? __fget_files+0x2a/0x420
[  837.440044][T16218]  ? __fget_files+0x3a0/0x420
[  837.440064][T16218]  ? __fget_files+0x2a/0x420
[  837.440090][T16218]  security_file_ioctl+0xcb/0x2d0
[  837.440120][T16218]  __se_sys_ioctl+0x47/0x170
[  837.440143][T16218]  do_syscall_64+0xfa/0x3b0
[  837.440159][T16218]  ? lockdep_hardirqs_on+0x9c/0x150
[  837.440184][T16218]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.440202][T16218]  ? clear_bhb_loop+0x60/0xb0
[  837.440223][T16218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.440240][T16218] RIP: 0033:0x7faa8498e929
[  837.440258][T16218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  837.440274][T16218] RSP: 002b:00007faa85874038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  837.440295][T16218] RAX: ffffffffffffffda RBX: 00007faa84bb5fa0 RCX: 00007faa8498e929
[  837.440307][T16218] RDX: 0000200000000040 RSI: 00000000c1105511 RDI: 0000000000000003
[  837.440319][T16218] RBP: 00007faa85874090 R08: 0000000000000000 R09: 0000000000000000
[  837.440331][T16218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  837.440342][T16218] R13: 0000000000000000 R14: 00007faa84bb5fa0 R15: 00007faa84cdfa28
[  837.440371][T16218]  </TASK>
[  837.440380][T16218] ERROR: Out of memory at tomoyo_realpath_from_path.
[  838.917813][ T5983] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[  839.677009][ T5983] usb 3-1: config 0 has no interfaces?
[  839.721002][ T5983] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  839.735935][  T979] usb 4-1: new high-speed USB device number 97 using dummy_hcd
[  839.744654][ T5983] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  839.820492][ T5983] usb 3-1: Product: syz
[  839.824706][ T5983] usb 3-1: Manufacturer: syz
[  839.865864][ T5983] usb 3-1: SerialNumber: syz
[  839.886432][  T979] usb 4-1: Using ep0 maxpacket: 32
[  839.902079][  T979] usb 4-1: unable to get BOS descriptor or descriptor too short
[  839.911628][  T979] usb 4-1: no configurations
[  839.916562][  T979] usb 4-1: can't read configurations, error -22
[  839.983796][ T5983] usb 3-1: config 0 descriptor??
[  840.032120][   T10] usb 1-1: new high-speed USB device number 98 using dummy_hcd
[  840.185924][   T10] usb 1-1: Using ep0 maxpacket: 16
[  840.195633][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  840.210698][   T10] usb 1-1: config 0 has no interfaces?
[  840.219494][   T10] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  840.246056][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  840.325916][   T10] usb 1-1: config 0 descriptor??
[  840.576824][T16247] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2665'.
[  841.742947][   T43] usb 3-1: USB disconnect, device number 78
[  841.814203][  T979] usb 5-1: new full-speed USB device number 91 using dummy_hcd
[  841.990733][  T979] usb 5-1: config 0 has an invalid interface number: 129 but max is 0
[  841.999864][  T979] usb 5-1: config 0 has no interface number 0
[  842.035934][  T979] usb 5-1: config 0 interface 129 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  842.150724][  T979] usb 5-1: New USB device found, idVendor=04e8, idProduct=a101, bcdDevice=80.8e
[  842.170741][  T979] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  842.185731][  T979] usb 5-1: Product: syz
[  842.196621][  T979] usb 5-1: Manufacturer: syz
[  842.204983][  T979] usb 5-1: SerialNumber: syz
[  842.242524][  T979] r8152-cfgselector 5-1: Unknown version 0x0000
[  842.265907][  T979] r8152-cfgselector 5-1: config 0 descriptor??
[  842.286037][   T43] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[  842.305509][T16254] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  842.331303][  T979] r8152 5-1:0.129: Expected endpoints are not found
[  842.477471][   T43] usb 3-1: Using ep0 maxpacket: 8
[  842.485214][   T43] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  842.497637][   T43] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  842.511026][   T43] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  842.530412][   T43] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  842.544978][  T979] r8152-cfgselector 5-1: USB disconnect, device number 91
[  842.573636][   T43] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  842.584054][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  842.600271][   T43] usb 3-1: Product: syz
[  842.617678][   T43] usb 3-1: Manufacturer: syz
[  842.690708][   T43] usb 3-1: SerialNumber: syz
[  842.708297][T16260] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  842.736871][   T43] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  842.746544][   T43] usbtest 3-1:1.0: Linux user mode ISO test driver
[  842.753098][   T43] usbtest 3-1:1.0: high-speed {control bulk-in bulk-out} tests (+alt)
[  842.835526][   T43] usb 1-1: USB disconnect, device number 98
[  842.986793][T16260] loop2: detected capacity change from 0 to 7
[  842.999645][   T55] usb 3-1: USB disconnect, device number 79
[  843.370149][T16270] netlink: 348 bytes leftover after parsing attributes in process `syz.1.2671'.
[  844.077409][T16283] netlink: 348 bytes leftover after parsing attributes in process `syz.0.2670'.
[  844.575579][   T55] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[  844.805904][   T55] usb 3-1: Using ep0 maxpacket: 32
[  844.837644][   T55] usb 3-1: unable to get BOS descriptor or descriptor too short
[  844.845369][   T55] usb 3-1: no configurations
[  844.886122][   T55] usb 3-1: can't read configurations, error -22
[  845.016714][T16289] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2676'.
[  845.775862][   T43] usb 2-1: new high-speed USB device number 96 using dummy_hcd
[  845.939055][   T43] usb 2-1: config 0 has no interfaces?
[  845.950525][   T43] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  845.960615][   T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  845.968740][   T43] usb 2-1: Product: syz
[  845.974685][   T43] usb 2-1: Manufacturer: syz
[  846.029272][   T43] usb 2-1: SerialNumber: syz
[  846.054979][   T43] usb 2-1: config 0 descriptor??
[  846.106219][ T5932] usb 1-1: new high-speed USB device number 99 using dummy_hcd
[  846.447925][ T5932] usb 1-1: config 0 has no interfaces?
[  846.460754][ T5932] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  846.470369][ T5932] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  846.479847][ T5932] usb 1-1: Product: syz
[  846.484231][ T5932] usb 1-1: Manufacturer: syz
[  846.491559][ T5932] usb 1-1: SerialNumber: syz
[  846.519065][ T5932] usb 1-1: config 0 descriptor??
[  846.852199][  T979] usb 4-1: new high-speed USB device number 99 using dummy_hcd
[  847.184486][  T979] usb 4-1: config 0 has no interfaces?
[  847.195677][  T979] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  847.205964][  T979] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  847.216258][  T979] usb 4-1: Product: syz
[  847.220487][  T979] usb 4-1: Manufacturer: syz
[  847.225132][  T979] usb 4-1: SerialNumber: syz
[  847.260312][  T979] usb 4-1: config 0 descriptor??
[  847.745929][ T5849] usb 5-1: new full-speed USB device number 92 using dummy_hcd
[  847.886353][ T5849] usb 5-1: device descriptor read/64, error -71
[  848.136545][ T5849] usb 5-1: new full-speed USB device number 93 using dummy_hcd
[  848.296841][ T5849] usb 5-1: device descriptor read/64, error -71
[  848.410309][ T5849] usb usb5-port1: attempt power cycle
[  848.713035][ T5932] usb 2-1: USB disconnect, device number 96
[  848.826168][ T5849] usb 5-1: new full-speed USB device number 94 using dummy_hcd
[  848.894455][ T5849] usb 5-1: device descriptor read/8, error -71
[  849.245935][ T5849] usb 5-1: new full-speed USB device number 95 using dummy_hcd
[  849.519085][ T5849] usb 5-1: device descriptor read/8, error -71
[  849.538267][T16336] netlink: 348 bytes leftover after parsing attributes in process `syz.1.2690'.
[  849.784339][   T43] usb 1-1: USB disconnect, device number 99
[  849.810924][ T5849] usb usb5-port1: unable to enumerate USB device
[  849.935109][ T5932] usb 4-1: USB disconnect, device number 99
[  850.416254][   T55] usb 1-1: new high-speed USB device number 100 using dummy_hcd
[  850.586714][   T55] usb 1-1: Using ep0 maxpacket: 32
[  851.086087][  T979] usb 4-1: new high-speed USB device number 100 using dummy_hcd
[  851.317552][  T979] usb 4-1: Using ep0 maxpacket: 32
[  851.344575][  T979] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  851.355509][  T979] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  851.377026][  T979] usb 4-1: config 0 descriptor??
[  851.535945][ T5849] usb 2-1: new high-speed USB device number 97 using dummy_hcd
[  851.797799][ T5849] usb 2-1: config 0 has no interfaces?
[  851.821402][  T979] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  851.828459][ T5849] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  851.853083][T16370] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2699'.
[  851.871509][ T5849] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  851.888841][  T979] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  851.921468][ T5849] usb 2-1: Product: syz
[  851.936569][  T979] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  851.943772][  T979] usb 4-1: media controller created
[  851.952948][ T5849] usb 2-1: Manufacturer: syz
[  852.024781][ T5849] usb 2-1: SerialNumber: syz
[  852.043593][ T5849] usb 2-1: config 0 descriptor??
[  852.104266][  T979] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  852.909880][   T55] usb 1-1: unable to get BOS descriptor or descriptor too short
[  852.917705][   T55] usb 1-1: no configurations
[  852.922296][   T55] usb 1-1: can't read configurations, error -22
[  853.881641][T16370] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2699'.
[  853.976616][T16370] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2699'.
[  854.224637][  T979] az6027: usb out operation failed. (-110)
[  854.250859][  T979] az6027: usb out operation failed. (-32)
[  854.260738][  T979] stb0899_attach: Driver disabled by Kconfig
[  854.299087][  T979] az6027: no front-end attached
[  854.299087][  T979] 
[  854.306834][  T979] az6027: usb out operation failed. (-32)
[  854.312590][  T979] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  854.362966][ T5940] usb 2-1: USB disconnect, device number 97
[  854.386045][  T979] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input41
[  854.607090][  T979] dvb-usb: schedule remote query interval to 400 msecs.
[  854.640859][  T979] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  854.691738][  T979] usb 4-1: USB disconnect, device number 100
[  855.159473][  T979] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  855.304987][T16408] input: syz0 as /devices/virtual/input/input42
[  856.325993][    T9] usb 4-1: new high-speed USB device number 101 using dummy_hcd
[  856.565989][    T9] usb 4-1: Using ep0 maxpacket: 32
[  856.588030][    T9] usb 4-1: unable to get BOS descriptor or descriptor too short
[  856.659474][    T9] usb 4-1: no configurations
[  856.668872][    T9] usb 4-1: can't read configurations, error -22
[  856.705924][   T55] usb 2-1: new high-speed USB device number 98 using dummy_hcd
[  856.866678][   T55] usb 2-1: Using ep0 maxpacket: 16
[  857.815920][    T9] usb 4-1: new high-speed USB device number 102 using dummy_hcd
[  857.986823][    T9] usb 4-1: Using ep0 maxpacket: 8
[  858.015167][    T9] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  858.035174][    T9] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  858.091404][    T9] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  858.133193][    T9] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  858.172826][ T5932] usb 5-1: new high-speed USB device number 96 using dummy_hcd
[  858.203891][    T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  858.215842][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  858.274882][    T9] usb 4-1: Product: syz
[  858.304229][    T9] usb 4-1: Manufacturer: syz
[  858.316878][ T5932] usb 5-1: device descriptor read/64, error -71
[  858.340216][    T9] usb 4-1: SerialNumber: syz
[  858.365367][T16433] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  858.377225][    T9] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[  858.438710][    T9] usbtest 4-1:1.0: Linux user mode ISO test driver
[  858.460038][    T9] usbtest 4-1:1.0: high-speed {control bulk-in bulk-out} tests (+alt)
[  858.645333][ T5932] usb 5-1: new high-speed USB device number 97 using dummy_hcd
[  858.837998][ T5932] usb 5-1: device descriptor read/64, error -71
[  858.904063][T16433] loop2: detected capacity change from 0 to 7
[  858.986362][ T5932] usb usb5-port1: attempt power cycle
[  859.060246][    T9] usb 4-1: USB disconnect, device number 102
[  859.411047][ T5932] usb 5-1: new high-speed USB device number 98 using dummy_hcd
[  859.438409][ T5932] usb 5-1: device descriptor read/8, error -71
[  859.687577][ T5932] usb 5-1: new high-speed USB device number 99 using dummy_hcd
[  859.730607][ T5932] usb 5-1: device descriptor read/8, error -71
[  859.846858][ T5932] usb usb5-port1: unable to enumerate USB device
[  860.060733][   T55] usb 2-1: unable to get BOS descriptor or descriptor too short
[  860.091378][   T55] usb 2-1: unable to read config index 0 descriptor/start: -71
[  860.120477][   T55] usb 2-1: can't read configurations, error -71
[  860.466177][    T9] usb 4-1: new high-speed USB device number 103 using dummy_hcd
[  860.595883][    T9] usb 4-1: device descriptor read/64, error -71
[  860.715570][T16450] input: syz0 as /devices/virtual/input/input43
[  860.839605][    T9] usb 4-1: new high-speed USB device number 104 using dummy_hcd
[  861.006271][    T9] usb 4-1: device descriptor read/64, error -71
[  861.049156][T16459] macvlan5: entered allmulticast mode
[  861.134831][    T9] usb usb4-port1: attempt power cycle
[  861.162288][T16459] 8021q: adding VLAN 0 to HW filter on device macvlan5
[  861.285983][T16459] team0: Port device macvlan5 added
[  861.486031][    T9] usb 4-1: new high-speed USB device number 105 using dummy_hcd
[  861.506806][    T9] usb 4-1: device descriptor read/8, error -71
[  861.665876][ T5940] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[  861.752988][T16477] netlink: 'syz.1.2726': attribute type 12 has an invalid length.
[  861.761338][    T9] usb 4-1: new high-speed USB device number 106 using dummy_hcd
[  861.786395][    T9] usb 4-1: device descriptor read/8, error -71
[  861.825863][ T5940] usb 3-1: Using ep0 maxpacket: 32
[  861.834225][ T5940] usb 3-1: unable to get BOS descriptor or descriptor too short
[  861.845547][ T5940] usb 3-1: no configurations
[  861.850237][ T5940] usb 3-1: can't read configurations, error -22
[  861.896266][    T9] usb usb4-port1: unable to enumerate USB device
[  862.026350][   T43] usb 2-1: new high-speed USB device number 100 using dummy_hcd
[  862.195919][   T43] usb 2-1: Using ep0 maxpacket: 8
[  862.202588][   T43] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  862.212459][   T43] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  862.223164][   T43] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  862.233100][   T43] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  862.242955][   T43] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  862.256620][   T43] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  862.265670][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  862.279555][   T43] usbtmc 2-1:16.0: probe with driver usbtmc failed with error -22
[  862.786007][  T979] usb 1-1: new high-speed USB device number 102 using dummy_hcd
[  862.936150][  T979] usb 1-1: Using ep0 maxpacket: 16
[  863.001090][T16485] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2728'.
[  864.165915][    T9] usb 4-1: new high-speed USB device number 107 using dummy_hcd
[  864.335870][    T9] usb 4-1: Using ep0 maxpacket: 8
[  864.349307][    T9] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  864.359213][    T9] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  864.373596][    T9] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  864.383695][    T9] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  864.400362][    T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  864.409842][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  864.418206][    T9] usb 4-1: Product: syz
[  864.422616][    T9] usb 4-1: Manufacturer: syz
[  864.428222][    T9] usb 4-1: SerialNumber: syz
[  864.436756][ T5940] usb 3-1: new full-speed USB device number 84 using dummy_hcd
[  864.460836][T16492] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  864.475698][    T9] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[  864.486950][    T9] usbtest 4-1:1.0: Linux user mode ISO test driver
[  864.495137][    T9] usbtest 4-1:1.0: high-speed {control bulk-in bulk-out} tests (+alt)
[  864.566513][ T5940] usb 3-1: device descriptor read/64, error -71
[  864.730496][T16491] loop2: detected capacity change from 0 to 7
[  864.740714][ T5983] usb 4-1: USB disconnect, device number 107
[  864.835194][   T43] usb 2-1: USB disconnect, device number 100
[  864.841953][ T5940] usb 3-1: new full-speed USB device number 85 using dummy_hcd
[  864.995897][ T5940] usb 3-1: device descriptor read/64, error -71
[  865.106755][ T5940] usb usb3-port1: attempt power cycle
[  865.455879][ T5940] usb 3-1: new full-speed USB device number 86 using dummy_hcd
[  865.498146][ T5940] usb 3-1: device descriptor read/8, error -71
[  865.599030][  T979] usb 1-1: unable to get BOS descriptor or descriptor too short
[  865.639559][  T979] usb 1-1: unable to read config index 0 descriptor/start: -71
[  865.680113][  T979] usb 1-1: can't read configurations, error -71
[  865.680783][T16504] input: syz0 as /devices/virtual/input/input44
[  865.756730][ T5940] usb 3-1: new full-speed USB device number 87 using dummy_hcd
[  865.797468][ T5940] usb 3-1: device descriptor read/8, error -71
[  865.906215][ T5940] usb usb3-port1: unable to enumerate USB device
[  867.096680][ T5940] usb 4-1: new high-speed USB device number 108 using dummy_hcd
[  867.256366][ T5940] usb 4-1: Using ep0 maxpacket: 32
[  867.269860][ T5940] usb 4-1: unable to get BOS descriptor or descriptor too short
[  867.278736][ T5940] usb 4-1: no configurations
[  867.283328][ T5940] usb 4-1: can't read configurations, error -22
[  868.470826][T16547] input: syz0 as /devices/virtual/input/input46
[  869.826640][ T5940] usb 4-1: new high-speed USB device number 110 using dummy_hcd
[  869.896001][T16497] usb 3-1: new high-speed USB device number 88 using dummy_hcd
[  870.006404][ T5940] usb 4-1: Using ep0 maxpacket: 32
[  870.031894][ T5940] usb 4-1: unable to get BOS descriptor or descriptor too short
[  870.049404][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  870.145886][T16497] usb 3-1: Using ep0 maxpacket: 16
[  870.151260][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  870.208185][ T5940] usb 4-1: no configurations
[  870.213162][ T5940] usb 4-1: can't read configurations, error -22
[  871.122854][T16587] FAULT_INJECTION: forcing a failure.
[  871.122854][T16587] name failslab, interval 1, probability 0, space 0, times 0
[  871.136268][T16587] CPU: 0 UID: 0 PID: 16587 Comm: syz.0.2755 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  871.136295][T16587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  871.136307][T16587] Call Trace:
[  871.136316][T16587]  <TASK>
[  871.136324][T16587]  dump_stack_lvl+0x189/0x250
[  871.136351][T16587]  ? __pfx____ratelimit+0x10/0x10
[  871.136377][T16587]  ? __pfx_dump_stack_lvl+0x10/0x10
[  871.136398][T16587]  ? __pfx__printk+0x10/0x10
[  871.136425][T16587]  ? __pfx___might_resched+0x10/0x10
[  871.136450][T16587]  should_fail_ex+0x414/0x560
[  871.136479][T16587]  should_failslab+0xa8/0x100
[  871.136503][T16587]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  871.136525][T16587]  ? __alloc_skb+0x112/0x2d0
[  871.136550][T16587]  __alloc_skb+0x112/0x2d0
[  871.136574][T16587]  netlink_sendmsg+0x5c6/0xb30
[  871.136605][T16587]  ? __pfx_netlink_sendmsg+0x10/0x10
[  871.136630][T16587]  ? aa_sock_msg_perm+0x94/0x160
[  871.136656][T16587]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  871.136680][T16587]  ? __pfx_netlink_sendmsg+0x10/0x10
[  871.136701][T16587]  __sock_sendmsg+0x219/0x270
[  871.136730][T16587]  ____sys_sendmsg+0x505/0x830
[  871.136758][T16587]  ? __pfx_____sys_sendmsg+0x10/0x10
[  871.136790][T16587]  ? import_iovec+0x74/0xa0
[  871.136814][T16587]  ___sys_sendmsg+0x21f/0x2a0
[  871.136839][T16587]  ? __pfx____sys_sendmsg+0x10/0x10
[  871.136897][T16587]  ? __fget_files+0x2a/0x420
[  871.136918][T16587]  ? __fget_files+0x3a0/0x420
[  871.136951][T16587]  __x64_sys_sendmsg+0x19b/0x260
[  871.136976][T16587]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  871.137008][T16587]  ? __pfx_ksys_write+0x10/0x10
[  871.137026][T16587]  ? rcu_is_watching+0x15/0xb0
[  871.137052][T16587]  ? do_syscall_64+0xbe/0x3b0
[  871.137073][T16587]  do_syscall_64+0xfa/0x3b0
[  871.137096][T16587]  ? lockdep_hardirqs_on+0x9c/0x150
[  871.137121][T16587]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  871.137139][T16587]  ? clear_bhb_loop+0x60/0xb0
[  871.137160][T16587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  871.137177][T16587] RIP: 0033:0x7fbf0c58e929
[  871.137195][T16587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  871.137210][T16587] RSP: 002b:00007fbf0d398038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  871.137230][T16587] RAX: ffffffffffffffda RBX: 00007fbf0c7b5fa0 RCX: 00007fbf0c58e929
[  871.137244][T16587] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  871.137256][T16587] RBP: 00007fbf0d398090 R08: 0000000000000000 R09: 0000000000000000
[  871.137267][T16587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  871.137278][T16587] R13: 0000000000000000 R14: 00007fbf0c7b5fa0 R15: 00007fbf0c8dfa28
[  871.137311][T16587]  </TASK>
[  872.677905][T16497] usb 3-1: unable to get BOS descriptor or descriptor too short
[  872.691860][T16497] usb 3-1: unable to read config index 0 descriptor/start: -71
[  872.705241][T16497] usb 3-1: can't read configurations, error -71
[  873.150682][T16497] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[  873.350592][T16497] usb 3-1: Using ep0 maxpacket: 32
[  873.447724][T16497] usb 3-1: unable to get BOS descriptor or descriptor too short
[  873.456048][T16497] usb 3-1: no configurations
[  873.460681][T16497] usb 3-1: can't read configurations, error -22
[  873.545740][T16497] usb usb3-port1: attempt power cycle
[  873.899406][   T30] audit: type=1326 audit(1752077663.718:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16614 comm="syz.0.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf0c58e929 code=0x7ffc0000
[  874.863420][   T30] audit: type=1326 audit(1752077663.748:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16614 comm="syz.0.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7fbf0c58e929 code=0x7ffc0000
[  874.930557][   T30] audit: type=1326 audit(1752077663.748:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16614 comm="syz.0.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf0c58e929 code=0x7ffc0000
[  874.963365][   T30] audit: type=1326 audit(1752077663.748:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16614 comm="syz.0.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fbf0c58e929 code=0x7ffc0000
[  875.022326][   T30] audit: type=1326 audit(1752077663.748:1036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16614 comm="syz.0.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf0c58e929 code=0x7ffc0000
[  875.046788][   T30] audit: type=1326 audit(1752077663.748:1037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16614 comm="syz.0.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fbf0c58e929 code=0x7ffc0000
[  875.136103][T16621] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2766'.
[  876.512671][T16497] usb 1-1: new high-speed USB device number 104 using dummy_hcd
[  876.758997][T16497] usb 1-1: config 0 has no interfaces?
[  876.774261][T16497] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  876.784256][T16497] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  876.819132][T16497] usb 1-1: Product: syz
[  876.823352][T16497] usb 1-1: Manufacturer: syz
[  876.888438][T16497] usb 1-1: SerialNumber: syz
[  876.918095][T16497] usb 1-1: config 0 descriptor??
[  877.925868][    T9] usb 3-1: new high-speed USB device number 91 using dummy_hcd
[  878.076271][    T9] usb 3-1: Using ep0 maxpacket: 32
[  878.100603][    T9] usb 3-1: unable to get BOS descriptor or descriptor too short
[  878.120411][    T9] usb 3-1: no configurations
[  878.130536][    T9] usb 3-1: can't read configurations, error -22
[  878.346748][T16497] usb 4-1: new high-speed USB device number 112 using dummy_hcd
[  878.486075][T16497] usb 4-1: device descriptor read/64, error -71
[  878.736274][T16497] usb 4-1: new high-speed USB device number 113 using dummy_hcd
[  878.865849][T16497] usb 4-1: device descriptor read/64, error -71
[  878.976906][T16497] usb usb4-port1: attempt power cycle
[  879.232895][T16660] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2779'.
[  879.315892][T16497] usb 4-1: new high-speed USB device number 114 using dummy_hcd
[  879.337480][T16497] usb 4-1: device descriptor read/8, error -71
[  879.386675][ T5939] usb 1-1: USB disconnect, device number 104
[  879.606454][T16497] usb 4-1: new high-speed USB device number 115 using dummy_hcd
[  879.637413][T16497] usb 4-1: device descriptor read/8, error -71
[  879.867993][T16497] usb usb4-port1: unable to enumerate USB device
[  881.035542][T16675] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2782'.
[  900.324227][T14525] tipc: Resetting bearer <eth:syzkaller0>
[  900.347316][T14525] tipc: Disabling bearer <eth:syzkaller0>
[  931.490561][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  931.496983][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  992.928632][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  992.934967][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1014.056657][   T31] INFO: task kworker/1:1:43 blocked for more than 143 seconds.
[ 1014.064267][   T31]       Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0
[ 1014.072376][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1014.081175][   T31] task:kworker/1:1     state:D stack:20280 pid:43    tgid:43    ppid:2      task_flags:0x4208060 flags:0x00004000
[ 1014.093269][   T31] Workqueue: events rfkill_op_handler
[ 1014.098727][   T31] Call Trace:
[ 1014.101996][   T31]  <TASK>
[ 1014.104919][   T31]  __schedule+0x16f5/0x4d00
[ 1014.109563][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1014.114949][   T31]  ? schedule+0x165/0x360
[ 1014.119400][   T31]  ? __pfx___schedule+0x10/0x10
[ 1014.124280][   T31]  ? schedule+0x91/0x360
[ 1014.128728][   T31]  schedule+0x165/0x360
[ 1014.132906][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1014.138528][   T31]  __mutex_lock+0x724/0xe80
[ 1014.143042][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1014.147989][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1014.152676][   T31]  ? rfkill_epo+0x4c/0x180
[ 1014.157180][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1014.162219][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1014.167535][   T31]  rfkill_epo+0x4c/0x180
[ 1014.171794][   T31]  rfkill_op_handler+0x84/0x240
[ 1014.176726][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1014.182467][   T31]  process_scheduled_works+0xae1/0x17b0
[ 1014.188138][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1014.194167][   T31]  worker_thread+0x8a0/0xda0
[ 1014.198874][   T31]  kthread+0x70e/0x8a0
[ 1014.202966][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1014.208138][   T31]  ? __pfx_kthread+0x10/0x10
[ 1014.212742][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1014.218014][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1014.223237][   T31]  ? __pfx_kthread+0x10/0x10
[ 1014.227940][   T31]  ret_from_fork+0x3f9/0x770
[ 1014.232539][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1014.237707][   T31]  ? __switch_to_asm+0x39/0x70
[ 1014.242481][   T31]  ? __switch_to_asm+0x33/0x70
[ 1014.247530][   T31]  ? __pfx_kthread+0x10/0x10
[ 1014.252131][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1014.256963][   T31]  </TASK>
[ 1014.259992][   T31] INFO: task kworker/1:2:55 blocked for more than 143 seconds.
[ 1014.267657][   T31]       Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0
[ 1014.275287][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1014.284028][   T31] task:kworker/1:2     state:D stack:21400 pid:55    tgid:55    ppid:2      task_flags:0x4208060 flags:0x00004000
[ 1014.296392][   T31] Workqueue: events rfkill_global_led_trigger_worker
[ 1014.303078][   T31] Call Trace:
[ 1014.306563][   T31]  <TASK>
[ 1014.309734][   T31]  __schedule+0x16f5/0x4d00
[ 1014.314267][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1014.319700][   T31]  ? schedule+0x165/0x360
[ 1014.324047][   T31]  ? __pfx___schedule+0x10/0x10
[ 1014.328963][   T31]  ? schedule+0x91/0x360
[ 1014.333236][   T31]  schedule+0x165/0x360
[ 1014.337494][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1014.342985][   T31]  __mutex_lock+0x724/0xe80
[ 1014.347657][   T31]  ? look_up_lock_class+0x74/0x170
[ 1014.352793][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1014.357714][   T31]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[ 1014.363972][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1014.369040][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1014.374775][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1014.380557][   T31]  rfkill_global_led_trigger_worker+0x27/0xd0
[ 1014.386716][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1014.392437][   T31]  process_scheduled_works+0xae1/0x17b0
[ 1014.398073][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1014.404072][   T31]  worker_thread+0x8a0/0xda0
[ 1014.408720][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1014.415063][   T31]  ? __kthread_parkme+0x7b/0x200
[ 1014.420058][   T31]  kthread+0x70e/0x8a0
[ 1014.424139][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1014.429318][   T31]  ? __pfx_kthread+0x10/0x10
[ 1014.433935][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1014.439216][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1014.444434][   T31]  ? __pfx_kthread+0x10/0x10
[ 1014.449091][   T31]  ret_from_fork+0x3f9/0x770
[ 1014.453686][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1014.458875][   T31]  ? __switch_to_asm+0x39/0x70
[ 1014.463670][   T31]  ? __switch_to_asm+0x33/0x70
[ 1014.468695][   T31]  ? __pfx_kthread+0x10/0x10
[ 1014.473316][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1014.478165][   T31]  </TASK>
[ 1014.481266][   T31] INFO: task kworker/1:3:5932 blocked for more than 143 seconds.
[ 1014.489012][   T31]       Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0
[ 1014.496685][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1014.505337][   T31] task:kworker/1:3     state:D stack:21096 pid:5932  tgid:5932  ppid:2      task_flags:0x4208060 flags:0x00004000
[ 1014.517420][   T31] Workqueue: events rfkill_sync_work
[ 1014.522727][   T31] Call Trace:
[ 1014.526080][   T31]  <TASK>
[ 1014.529019][   T31]  __schedule+0x16f5/0x4d00
[ 1014.533528][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1014.538961][   T31]  ? schedule+0x165/0x360
[ 1014.543302][   T31]  ? __pfx___schedule+0x10/0x10
[ 1014.548229][   T31]  ? schedule+0x91/0x360
[ 1014.552486][   T31]  schedule+0x165/0x360
[ 1014.556729][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1014.562225][   T31]  __mutex_lock+0x724/0xe80
[ 1014.566809][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1014.571684][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1014.576653][   T31]  ? nfc_rfkill_set_block+0x50/0x2e0
[ 1014.581955][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1014.587036][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1014.592250][   T31]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1014.598212][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1014.604553][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 1014.610387][   T31]  nfc_rfkill_set_block+0x50/0x2e0
[ 1014.615512][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 1014.621293][   T31]  rfkill_set_block+0x1cf/0x440
[ 1014.626226][   T31]  rfkill_sync_work+0x114/0x200
[ 1014.631089][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1014.636878][   T31]  process_scheduled_works+0xae1/0x17b0
[ 1014.642454][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1014.648487][   T31]  worker_thread+0x8a0/0xda0
[ 1014.653086][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1014.659490][   T31]  ? __kthread_parkme+0x7b/0x200
[ 1014.664449][   T31]  kthread+0x70e/0x8a0
[ 1014.668578][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1014.673700][   T31]  ? __pfx_kthread+0x10/0x10
[ 1014.678342][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1014.683551][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1014.689411][   T31]  ? __pfx_kthread+0x10/0x10
[ 1014.694165][   T31]  ret_from_fork+0x3f9/0x770
[ 1014.698852][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1014.703999][   T31]  ? __switch_to_asm+0x39/0x70
[ 1014.708830][   T31]  ? __switch_to_asm+0x33/0x70
[ 1014.713604][   T31]  ? __pfx_kthread+0x10/0x10
[ 1014.718256][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1014.723040][   T31]  </TASK>
[ 1014.726158][   T31] INFO: task syz.4.2722:16458 blocked for more than 144 seconds.
[ 1014.733879][   T31]       Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0
[ 1014.741575][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1014.750311][   T31] task:syz.4.2722      state:D stack:25128 pid:16458 tgid:16458 ppid:5866   task_flags:0x400040 flags:0x00004004
[ 1014.762294][   T31] Call Trace:
[ 1014.765582][   T31]  <TASK>
[ 1014.768704][   T31]  __schedule+0x16f5/0x4d00
[ 1014.773243][   T31]  ? schedule+0x165/0x360
[ 1014.777643][   T31]  ? __pfx___schedule+0x10/0x10
[ 1014.782518][   T31]  ? schedule+0x91/0x360
[ 1014.786814][   T31]  schedule+0x165/0x360
[ 1014.790985][   T31]  schedule_timeout+0x9a/0x270
[ 1014.796010][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1014.801420][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1014.806765][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1014.811983][   T31]  ? wait_for_completion+0x267/0x5d0
[ 1014.817373][   T31]  wait_for_completion+0x2bf/0x5d0
[ 1014.822502][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[ 1014.828173][   T31]  ? __flush_work+0xd2/0xbc0
[ 1014.832776][   T31]  ? __flush_work+0xd2/0xbc0
[ 1014.837423][   T31]  __flush_work+0x9b9/0xbc0
[ 1014.841940][   T31]  ? __flush_work+0xd2/0xbc0
[ 1014.846700][   T31]  ? __pfx___flush_work+0x10/0x10
[ 1014.851741][   T31]  ? __pfx_wq_barrier_func+0x10/0x10
[ 1014.857114][   T31]  ? __pfx___cancel_work+0x10/0x10
[ 1014.862239][   T31]  ? nfc_genl_device_removed+0x23c/0x330
[ 1014.867915][   T31]  __cancel_work_sync+0xbe/0x110
[ 1014.872866][   T31]  rfkill_unregister+0x92/0x220
[ 1014.877792][   T31]  nfc_unregister_device+0x96/0x2a0
[ 1014.883006][   T31]  ? __pfx_virtual_ncidev_close+0x10/0x10
[ 1014.888796][   T31]  virtual_ncidev_close+0x56/0x90
[ 1014.893832][   T31]  __fput+0x449/0xa70
[ 1014.897889][   T31]  task_work_run+0x1d1/0x260
[ 1014.902497][   T31]  ? __pfx_task_work_run+0x10/0x10
[ 1014.907854][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[ 1014.913329][   T31]  exit_to_user_mode_loop+0xec/0x110
[ 1014.918700][   T31]  do_syscall_64+0x2bd/0x3b0
[ 1014.923293][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1014.928645][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1014.934729][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1014.939571][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1014.945616][   T31] RIP: 0033:0x7faa8498e929
[ 1014.950502][   T31] RSP: 002b:00007faa84cdfb88 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1014.959271][   T31] RAX: 0000000000000000 RBX: 00007faa84bb7ba0 RCX: 00007faa8498e929
[ 1014.967358][   T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1014.975343][   T31] RBP: 00007faa84bb7ba0 R08: 00000000000092fc R09: 0000000e84cdfe7f
[ 1014.983767][   T31] R10: 00000000003f6ae0 R11: 0000000000000246 R12: 00000000000d2679
[ 1014.992066][   T31] R13: 00007faa84bb6160 R14: ffffffffffffffff R15: 00007faa84cdfca0
[ 1015.000084][   T31]  </TASK>
[ 1015.003124][   T31] 
[ 1015.003124][   T31] Showing all locks held in the system:
[ 1015.011307][   T31] 2 locks held by kworker/u8:0/12:
[ 1015.016728][   T31]  #0: ffff8881466a5948 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1015.027961][   T31]  #1: ffffc90000117bc0 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1015.040402][   T31] 1 lock held by khungtaskd/31:
[ 1015.045250][   T31]  #0: ffffffff8e13f160 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1015.055371][   T31] 3 locks held by kworker/1:1/43:
[ 1015.060433][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1015.071994][   T31]  #1: ffffc90000b37bc0 ((rfkill_op_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1015.083299][   T31]  #2: ffffffff8f7f8928 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_epo+0x4c/0x180
[ 1015.092872][   T31] 3 locks held by kworker/1:2/55:
[ 1015.098307][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1015.109538][   T31]  #1: ffffc90000bf7bc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1015.123076][   T31]  #2: ffffffff8f7f8928 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[ 1015.134738][   T31] 2 locks held by getty/5613:
[ 1015.139715][   T31]  #0: ffff88814ccf30a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1015.149539][   T31]  #1: ffffc9000331e2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[ 1015.159964][   T31] 4 locks held by kworker/1:3/5932:
[ 1015.165146][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1015.176405][   T31]  #1: ffffc90004e1fbc0 ((work_completion)(&rfkill->sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1015.189089][   T31]  #2: ffffffff8f7f8928 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_sync_work+0x2e/0x200
[ 1015.199156][   T31]  #3: ffff888032e0f100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0
[ 1015.209158][   T31] 1 lock held by syz.4.2722/16458:
[ 1015.214257][   T31]  #0: ffff888032e0f100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[ 1015.224494][   T31] 2 locks held by syz-executor/16640:
[ 1015.229913][   T31]  #0: ffff88804f113118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[ 1015.240105][   T31]  #1: ffffffff8f7f8928 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[ 1015.250472][   T31] 3 locks held by syz.1.2779/16660:
[ 1015.255658][   T31]  #0: ffffffff8e9c2d48 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1015.264166][   T31]  #1: ffff888023ded100 (&dev->mutex){....}-{4:4}, at: nfc_register_device+0xa1/0x320
[ 1015.274002][   T31]  #2: ffffffff8f7f8928 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[ 1015.284437][   T31] 1 lock held by syz.0.2780/16666:
[ 1015.289603][   T31]  #0: ffffffff8e9c2d48 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1015.298241][   T31] 1 lock held by syz.2.2781/16672:
[ 1015.303336][   T31]  #0: ffffffff8e9c2d48 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1015.312268][   T31] 1 lock held by syz.3.2787/16691:
[ 1015.317428][   T31]  #0: ffffffff8e9c2d48 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1015.326264][   T31] 1 lock held by syz-executor/16692:
[ 1015.331572][   T31]  #0: ffffffff8e9c2d48 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1015.340797][   T31] 1 lock held by syz-executor/16693:
[ 1015.346309][   T31]  #0: ffffffff8e9c2d48 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1015.354825][   T31] 1 lock held by syz-executor/16694:
[ 1015.360366][   T31]  #0: ffffffff8e9c2d48 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1015.369147][   T31] 1 lock held by syz-executor/16695:
[ 1015.374415][   T31]  #0: ffffffff8e9c2d48 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1015.382912][   T31] 
[ 1015.385245][   T31] =============================================
[ 1015.385245][   T31] 
[ 1015.393946][   T31] NMI backtrace for cpu 1
[ 1015.393963][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[ 1015.393984][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1015.393996][   T31] Call Trace:
[ 1015.394003][   T31]  <TASK>
[ 1015.394011][   T31]  dump_stack_lvl+0x189/0x250
[ 1015.394035][   T31]  ? __wake_up_klogd+0xd9/0x110
[ 1015.394059][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1015.394080][   T31]  ? __pfx__printk+0x10/0x10
[ 1015.394116][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[ 1015.394143][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1015.394163][   T31]  ? _printk+0xcf/0x120
[ 1015.394189][   T31]  ? __pfx__printk+0x10/0x10
[ 1015.394214][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1015.394234][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1015.394259][   T31]  watchdog+0xfee/0x1030
[ 1015.394278][   T31]  ? watchdog+0x1de/0x1030
[ 1015.394303][   T31]  kthread+0x70e/0x8a0
[ 1015.394329][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1015.394346][   T31]  ? __pfx_kthread+0x10/0x10
[ 1015.394370][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1015.394394][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1015.394416][   T31]  ? __pfx_kthread+0x10/0x10
[ 1015.394440][   T31]  ret_from_fork+0x3f9/0x770
[ 1015.394462][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1015.394486][   T31]  ? __switch_to_asm+0x39/0x70
[ 1015.394505][   T31]  ? __switch_to_asm+0x33/0x70
[ 1015.394525][   T31]  ? __pfx_kthread+0x10/0x10
[ 1015.394548][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1015.394594][   T31]  </TASK>
[ 1015.394601][   T31] Sending NMI from CPU 1 to CPUs 0:
[ 1015.553385][    C0] NMI backtrace for cpu 0
[ 1015.553402][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[ 1015.553421][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1015.553432][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[ 1015.553459][    C0] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 93 2d 19 00 f3 0f 1e fa fb f4 <e9> c8 dd 02 00 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[ 1015.553472][    C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c6
[ 1015.553488][    C0] RAX: 74a2cee1afb44b00 RBX: ffffffff81975c78 RCX: 74a2cee1afb44b00
[ 1015.553501][    C0] RDX: 0000000000000001 RSI: ffffffff8d998685 RDI: ffffffff8be29dc0
[ 1015.553512][    C0] RBP: ffffffff8de07ea8 R08: ffff8880b8632f5b R09: 1ffff110170c65eb
[ 1015.553525][    C0] R10: dffffc0000000000 R11: ffffed10170c65ec R12: ffffffff8fa1eff0
[ 1015.553544][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a50
[ 1015.553555][    C0] FS:  0000000000000000(0000) GS:ffff888125c1b000(0000) knlGS:0000000000000000
[ 1015.553569][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1015.553581][    C0] CR2: 000055dbbe7de168 CR3: 000000000df38000 CR4: 00000000003526f0
[ 1015.553595][    C0] DR0: 0000000000000000 DR1: 00000000d88e0b5f DR2: 0000000000003706
[ 1015.553605][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1015.553616][    C0] Call Trace:
[ 1015.553625][    C0]  <TASK>
[ 1015.553632][    C0]  default_idle+0x13/0x20
[ 1015.553649][    C0]  default_idle_call+0x74/0xb0
[ 1015.553667][    C0]  do_idle+0x1e8/0x510
[ 1015.553685][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1015.553708][    C0]  ? __pfx_do_idle+0x10/0x10
[ 1015.553729][    C0]  ? do_idle+0x4ed/0x510
[ 1015.553749][    C0]  cpu_startup_entry+0x44/0x60
[ 1015.553767][    C0]  rest_init+0x2de/0x300
[ 1015.553783][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[ 1015.553800][    C0]  start_kernel+0x47d/0x500
[ 1015.553823][    C0]  x86_64_start_reservations+0x24/0x30
[ 1015.553839][    C0]  x86_64_start_kernel+0x143/0x1c0
[ 1015.553861][    C0]  common_startup_64+0x13e/0x147
[ 1015.553889][    C0]  </TASK>
[ 1015.554370][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1015.768114][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[ 1015.779910][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1015.789956][   T31] Call Trace:
[ 1015.793230][   T31]  <TASK>
[ 1015.796156][   T31]  dump_stack_lvl+0x99/0x250
[ 1015.801701][   T31]  ? __asan_memcpy+0x40/0x70
[ 1015.806290][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1015.811485][   T31]  ? __pfx__printk+0x10/0x10
[ 1015.816084][   T31]  panic+0x2db/0x790
[ 1015.819978][   T31]  ? __pfx_panic+0x10/0x10
[ 1015.824385][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[ 1015.830190][   T31]  ? irq_work_queue+0xc3/0x140
[ 1015.834951][   T31]  watchdog+0x102d/0x1030
[ 1015.839275][   T31]  ? watchdog+0x1de/0x1030
[ 1015.843687][   T31]  kthread+0x70e/0x8a0
[ 1015.847757][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1015.852421][   T31]  ? __pfx_kthread+0x10/0x10
[ 1015.857008][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1015.862201][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1015.867395][   T31]  ? __pfx_kthread+0x10/0x10
[ 1015.871981][   T31]  ret_from_fork+0x3f9/0x770
[ 1015.876575][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1015.881682][   T31]  ? __switch_to_asm+0x39/0x70
[ 1015.886440][   T31]  ? __switch_to_asm+0x33/0x70
[ 1015.891197][   T31]  ? __pfx_kthread+0x10/0x10
[ 1015.895786][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1015.900557][   T31]  </TASK>
[ 1015.903821][   T31] Kernel Offset: disabled
[ 1015.908137][   T31] Rebooting in 86400 seconds..