last executing test programs:

1m14.011651706s ago: executing program 2 (id=1672):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0)=<r3=>0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x808, 0x80000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(r6, &(0x7f00000000c0)='net/ip_vs_stats_percpu\x00')
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xffffffffffffffff}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x5c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x7c40280f}, @NFTA_HOOK_DEV={0x14, 0x3, 'geneve0\x00'}]}]}], {0x14}}, 0xb8}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r4)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB="0100010e000000006737123c8354e6140000", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x4800}, 0x8004)
sendmsg$NFC_CMD_DEV_UP(r0, &(0x7f0000000140)={0x0, 0x46, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c1d1e47", @ANYRES16=r1, @ANYBLOB="01002abd70003c0200000200000008000100", @ANYRES32=r3, @ANYBLOB], 0x1c}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, 0x0, 0x4000084)
close(0x3)

1m10.830838846s ago: executing program 2 (id=1677):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$igmp(0x2, 0x3, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
ppoll(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)

1m9.83013197s ago: executing program 2 (id=1684):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mknod$loop(0x0, 0x0, 0x1)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x2, 0x4, 0x1, 0x1, 0x500, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x3, 0x13, r5, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
dup(r6)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r7, 0x29, 0x35, 0x0, 0xa)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
connect$inet6(r8, &(0x7f00000001c0)={0xa, 0x4e22, 0x4, @local, 0xe}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r8, 0x84, 0x23, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, 0x0)
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x1c, 0x42, 0x9, 0x0, 0x0, {0x3}, [@typed={0x8, 0x2, 0x0, 0x0, @u32=0x3}]}, 0x1c}}, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000440)=ANY=[@ANYBLOB="1201000335d09b20f80600b0a8b90102030109021b000103eea0420904620a01ffd6530909050209"], &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0})

1m6.527992558s ago: executing program 2 (id=1700):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000080)=@arm64={0x9, 0xff, 0x5, '\x00', 0x47})

1m6.413569192s ago: executing program 1 (id=1701):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000080)={0x1ff, 0x200, 0x2, {0x6, @sliced={0x1, [0xfff6, 0x9, 0x0, 0x0, 0x5, 0x41, 0x8, 0x97a, 0x6, 0x6, 0x80e8, 0x1, 0x6, 0x6, 0x10, 0x5, 0xb125, 0x3, 0x3, 0x1, 0x4, 0x8, 0x6, 0x6, 0xfe39, 0xb, 0xf6, 0x8, 0x7, 0x0, 0x6, 0x0, 0x4, 0x4, 0x9, 0xfff, 0xc03b, 0x9, 0x3, 0x40, 0x8, 0xff08, 0x5, 0x4, 0x33, 0x1, 0x101, 0x4000], 0xff}}, 0x9})
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c00000010000104fcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="00800000000000002c0012800e00010069703665727370616e0000001800028008000d00e50b00000800040000004000040012"], 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
recvmmsg(r0, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x8000006}, {{0x0, 0x0, 0x0}, 0x10000}, {{0x0, 0x0, 0x0}, 0xfffffffd}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000800)=""/191, 0xbf}, {&(0x7f0000000cc0)=""/261, 0x105}, {&(0x7f0000001b40)=""/4099, 0x1003}, {&(0x7f00000006c0)=""/215, 0xd7}], 0x4}}], 0x4, 0x22, 0x0)
r3 = fsmount(r0, 0x0, 0x4)
splice(r3, &(0x7f0000000340)=0x8, r0, &(0x7f00000004c0)=0x1, 0x6, 0x8)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073797a3100000000080041007369770014003300626f6e6430"], 0x38}, 0x1, 0x0, 0x0, 0x8801}, 0x20000000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000200), r5)
mknod$loop(&(0x7f00000190c0)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f00000191c0)={[&(0x7f0000000380)=' T\xfc\x81\x8e\x9f5\x0e \x043[B\xad\x13\x9f\xae\x8f\xbb\x9a\x0f\x9f\x03\xa5\xfc9\xbb\xa4.\xf4\xeb\x03\xf1\xb6\x8c\xc4E\x93\n&k\xec\xc8\xdch\xd6\x1e\xcb\fA\\da/O\xdcn7\x1b@\xbf\xfb\x17J\xaaD\xe4\x01\xbc', &(0x7f0000019080)='\x00']}, &(0x7f0000019280)={[&(0x7f0000000200)=' ']})
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000500), 0x80602, 0x0)
sendmsg$L2TP_CMD_TUNNEL_MODIFY(r5, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="000425bd7000fcdbdf250300000014000f00050000000000000006001b004e2300000c001000040000000000000008000a000300000014002000ff01000000002000000000002c5a000100001a004e22e3ff0b0016000900000000000000a770bb70a18900ee2f77952d5be9ef94b93a54fc3eacfeee7c460150ae1d7c238cf7485b767a9832de947669"], 0x64}, 0x1, 0x0, 0x0, 0x4005}, 0x24008800)
read$msr(0xffffffffffffffff, &(0x7f00000003c0)=""/182, 0xb6)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, 0x140f, 0x1, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_CHARDEV_TYPE={0xb, 0x45, 'uverbs\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000)

1m6.226939275s ago: executing program 3 (id=1703):
semget(0x1, 0x3, 0x319)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000020000200000002000000005000000030000000100000f0400000000002000000000000000000000000004fdffffff0000"], 0x0, 0x3d, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0x40000000015, 0x5, 0x0)
shmget$private(0x0, 0x4000, 0x808, &(0x7f0000007000/0x4000)=nil)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x24004000)
openat(0xffffffffffffff9c, 0x0, 0x1, 0x160)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18080000000000000000000000ffffff7f0000000000000095"], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1m6.226352561s ago: executing program 0 (id=1704):
r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f0000000480)="76989dff8050c0b9a9b7fd45a216d8083de7ccbd555867bdfddb0b7f4af5b06b821723e9a1b0abc76ccf8d18efa62e8660628ef34486e389153b25017fe3d34bdad6d25091686e59425d393b2743ffd741fd11676bdddc7847b2e502dcd461fc9d8e4975ffad0a0ada54137d041bae9dc8c2675e1c8213280bf04a4547f165b53a1d961302c398c9a256f838eaa032f116fbd5f91a85ed79fe2ae0331380c439d9a6c951576d94337e5eebfe6f38ce173086da00072de5808459075a1e0b", 0xbe, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r0, r0, r0}, &(0x7f00000001c0)=""/201, 0xc9, &(0x7f0000000140)={&(0x7f0000000300)={'sha1-avx\x00'}})
keyctl$setperm(0x5, r0, 0x6)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r3=>0x0})
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x1ff)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/kcm\x00')
pread64(r4, &(0x7f0000000940)=""/231, 0xe7, 0x10000004)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000540)={"61761ca37434bd5e3ba03b84b456857d780025c38a62c053bb8c43eb542cc1ddbb7845d9e97b2b7db5834d94827dbf92387b710bafb1979a7f00e03dc293833758294c1fc357ba5717065165ab046dfb44c67d14048c88a4a21a1978da5514c206f312ab43412077070327f7c8d8bacfca3d5134fdd72d7d5ee29bc471476c22d3e305cca6ede290312b705c46362669eaafe6873d12b4c42fe31e55e5c8680683c4fcffc52f7c50280d5f34ed5584bb772e3ca1c05b14b44f8cb1797713b44447272031ae50ac17c168d39029b9bd61d813dbf13690bf9515bed3e6062c350dd963e00ac40d1ac76016164a195f426bd915f7d1214229ebad421e76f6a7a93af763ace25a5afbc4650e45494e2edc1b03a000263dd5adb6cae5ce93c5d625a62a6c2336dbf0b540e44019035bf0377156cb879ee9326cabc106dbe1f4088644120075ebd1211945cbcf0ef7148954e87353c3afe6450f8b8ed42195b1e3c32da6fa9beff08541fd11f88fbaed8ecf398552e0f2fda4f369bbae26545d09e6a1731c9c6ccab257bea8b579eea66a0bed21b8cf15ddfa6dd605483c49ba1b9edf8acc9ec428328e82f7279fc436995ee9b6f9b325eb7c3739dc35c1e3b439793b08ae4c7878eb12047c5c0a4e0539968e8e9b1d6917d0ff480768c0b04965166bb54801e80fe29ed1344a28fbaa90e8f951ceea9c31ef952b98a0c6c56128f0875d94c0f438b21e477cbbcd6235d834b06b96ca3b80f5624d8be48a1f031f48b799a3aef5cd39edda3d717e03e9936bb92ed3c73042584fee70b0d29bda002954996cb75ad61ec19acc51a7048b33558770e4e985bedd2c4dd99867c1426780b55e8ff738e4a4a44a2cc959d6ec37603b2dccbd2651b1d8fd8954e3e3e6af6c8bb2ca2cc96e2821a9ed0843a9d11c9c1e1de4284b1d614cd7be88f33c8229a164176dd8936d985285dd56aee74d2816e3a608e0a251b0d6309c119f791a4b5c64ddc8a4f7670bf33e3d032c8abc6e08437959e3494fa66970e618207b96715b6a729468c456fa61307378c406e66fce011a9bd03efac3a6cdb452a00ec313966cbe4dceafccae40bd39f7d4b31be6e468b6993581504c666dd32e354575e91c7bd78cc8788c2d0c24b55f75b4d8c18020ca7595e4858ccf03981058852f1ea1451d0ede8b3e5d20af0586faebfa1c6b026a913dd99c00096fddebc89eab356d4cea1cc744e0b9a1925b1ee2b5ef1e8383565eb6350d915a6e30fa5c1eac11dd8aa85103981606f2bc3ea3573fd41d21c2573a6915fcdad4e3afc9e937b15861ae1f92d0fa6d37a618a6cd8007c5d71114b7da1cbed87c23e059ffec5fcb1155bddd41f7d12793ade8292bcb8d07ea85e1b7bdbba19b5a75aeed63588a93a2107c6015c5adfba76411266007c6e5a25f7c2341aa45bec3d06778afc17f21844f59"})
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)=@newqdisc={0x3c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0xfff3}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_FWMARK={0x8, 0x12, 0x5}]}}]}, 0x3c}}, 0x20000010)

1m5.3685868s ago: executing program 4 (id=1706):
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x11, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x1, 0x40, 0x1})
io_uring_enter(r1, 0x627, 0xc1040000, 0x43, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)=0xd)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x2)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
io_submit(0x0, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

1m5.351086657s ago: executing program 3 (id=1707):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x4c, &(0x7f0000000000), 0x4)
sendmsg$unix(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
recvmsg$unix(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@rights={{0x10}}, @cred={{0x1c}}], 0x30}, 0x10000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000000c0), 0x200080, 0x0)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000ffb000/0x3000)=nil, 0x3000}, 0x2049caf5d54d1220})
write$nbd(r3, &(0x7f0000000600)={0x67446698, 0x1, 0x3, 0x4, 0x4, "11b5561bd10f62d9b9c6dcc1c551e7a03238a69f6b0f9b8a9b1f2d046719519dcab3d063e4e763b2f12f669b7751e043ab250e9e6e25e6ac2841ab3dd82817b6d2e146c71eb546cf2b2088b6217e51b2292e870798f51dea229b62528bacbe77cf39945e4ca59f1f92811d0a7c3a5ca07db17b5f7bde2644b1e468e3cdf4dca649eb1ed2c79876f66c1cb4cf8f546ec40a5907c069903f5ba55e794767451679f86c244a69cdb3d75a75057ff281da1e66dc93eb80ceb56cb22e7a12b3a2f649ccb6255a72758ad42825d651b88eb705309dba91b563946db39afaffc58f11f6ce5fcf92c69e6ec8b4c098a8f89a54627c81e79083d71bdd1c1532e064d978ea2f3a9b552b5ae04bedac3bf8936e211d3ffa712c5e7bd5a5d0b6fd42c2bc3ecd3a671a9aaecf3016d3461f4cb9bba75cbdc039ecbe24f12af92ab119092d73ba0c5bd247c3c0f56a872235d7d6e6f973642a07573477ac7d9c82a3e05d7dbaf0fec5691fe9092386dc4908c418e650fcc4e349c96f2313f072559d655835cca17bb69d001a0ac135fdc7244bf096ea4de54b8fac074cd53482e5ab19e3d6acb955debbfce720258d7ea8311a36db0019f3167b615fd966b598e31b67ae6d4020d6178084c891fa0250de6fcfb007b7c24f584bf02c35f6670c4b49f003da8f9fe0613e81ebf0d31dc0b0ed79a6510a480044f0e1ccfa0bf17bd664652317bb6f120d9fe8560cd50b8446d22f5ea2732bd40b4bb9a7c75807e7dc02922b056fe1e1e2fe89d12b259c4ef81819adf01c4fc3febd42751d73dc1d22045a2c7704f9001fa2b4f748dfa35504bac726a9099542b173491d555beb6b8fe4e3bc24600b29bb46d8679651654379446932451eec29a464d52f8594bfa5094d70de69831baf95472db0d2d5041fd8f114b6397978c789550b2500b6e977a904fc73074dbc2f2c12ae614d1b00550b9ccd973488d6e7dce553f1050a4828e0fbbcc6f453cf538875c706fff9f936b6ed98a10a0dbdd25277fc63eed6ace6b8c13cc38dad01ad6e2b1388a22b6384c11ad845729f99f9e821a8112b4b797c39f854bfbdca03b5258f59af7fd26566805557e6fe36224ba6f820b70b798739fe5985d254eb3fe1fa65bd2e329b802dbe2dbb20e30b9f7e9c74b4ec6698d83749f7dda9bee7ebaf939084e1e4e5289db6cbfdf481da817be7af268c1226fbb988e51ea09f9338cfde069ea3fda04897a7887751de41a0059be7a5543c3c221c41bc072670135853433f13a45f9b6705c555072b85c640dce8810552a2fccf2fd0f1fa4229f385d39ad119cc1b6b3d0cad81dae36d7ab2e7368446250ecab883f8ebfa4a5125879b51fccf5d158be69131a513a317f117b39c51e4ea19ef6b4ed41b46cd6eac89736f5291062424d4730a04b1d2addb934c3c1a325f5ed6ae492fdbfdaff12bf477b4e409c837b8c922ad532e30bfd7bd1a3087ef3316356b4881e704c4271e0d39cc2ac1b2b10ec965a8cd0a8c89173b982ceb91f32599a8cb76ae3195af83ec01bd1e5fa5c084588924c29e2eb307e72f9f755d7fecd560fe011bee15b0f0ed8e1ad00633611daa428bb843c114ca68431b98ae65fb0587249a39b47dc1bf23830425b9d079d98b1a345b69f743c0d6561186b430183cb8890a1f827f307fc7607f9d784e314652d4ea9817a34cbe363747e3ee6e2706d7cdf1903dfe4378a46d2e0febdd77730e31c8621d3f683e4e2b00262b54f1d430f0dfa1837d2632a0adfaca02b7c01e0f4340e9d17f46e67412c97a7892bd0e9b7d780777b8206a0abf5eea7c807b5e2bb9e6fd723238c813d05d08d60ed37fe0aa1d6a1923838f2a458ff88dee2d0f6c21361a890fd2e4f05fb1c88daf885df48227e591973a8bc4aac34074331e891d6ae64ff3a435497dd52365308af03a00928179815bf9b7bc0dbff924dd52523be1545802ec4bd23b94873b8712ace857a89c118a98ac54ab63a9d8c6e1017c32455255599888613ebff7b91120695210d411120428de2e6f6ae79567981640d96e540813035ab1faaf10a5298b742dffdbba0838b737848e143ee587ec0f709d7e5668e21c40e37e4055d363271a999050edcf898e52c191916a13cb8bf058d9f645e6cd0844670e892e001ca4b3904ee0353a2cfb72ccba0ee4e24793fdfa1a49fe53eae533d2524044a5108a4a33e224a5e047c458bf6464cc2d65eb9aba10124f310d30149b42c79774e3a7de995e403d7ce7f7bc5b585fb242ceb2d35cd1fe86d8b83e72ced701c5f6a0d20accd24d45e4ffe5d029c031b92c2e6742ba5caee6b0a94133b7d1ed94ae2d3b13bd9abdc9581d290a580c07bf48ed3920754eff76a79e14afe7ecd84e3acbec7aaa48a9f484eb091b7562fcdd565ed2a4c2dc3497b040b82fc65e0fdf4515546d763fdb8a431dc4f34740147f17d88aa91e708b93fdc94c81a0c8a9acec4b83f1979538b70ae6a3db636782650fa4dc00a5b3c4ab56c7cc4f2917a3181f44e3c7a9e2e415c766fd870bc78d26a74e4eeb066538784dde78b9a80301f2d3516e9ad5c80bd93c522d5dd84080502f8287fe5965ab87c320b002a7eb648af88156c0cbaaefb3d2af3463b5483d91992ba3c6eddc9e290efb2ede306e21da2ad48bc06fda4905fe91d8a97d8e36ec41761c313686b94bb81737ade3fa1e3a903b01e623647a18ffd32cd15dfd61e5229d5b4a7fdfd0d75268ef0dfbb8bed04df8769715f776e4073ed99f7392b018c26eea7698142ef8e7292152984a85620ee14e0ca4545dad190c3a6fecd41d09032267a6a85893348d2f69962fdcc8500729857300c70d9d1d9676a02c03718273cd4d0024dde88e11a26f041a235e3c772f0d2f107ac5d6af7ea6fabf93fe387fb75a24a01837ec29cbc1af81bad8334f33c27ceae11f41b00416fc48bd41e77abf60df38541f74bb589211dc189654b3569c218ea9527b1052727194385678558372af99c1f0d680dbf39b723f773dad3edf3414cd12d955096efa993f520321bdd286dab8d99cefe3c5aafbbed2dbfdcbc14f135b2b99927c70f71248c74b9f7cd6bcf635b4ab2530e8c7142494d5c8c97bf4a9c01c4cbf4a244b655a6a009effcbd368137d4f9d46b1a7777557a6b99478b748e65a13f7ccfa4a13ca04b29075230968523a0e565b3ff141d968cb373e3524416621ec51b73ac2a3379b103d404afbc2003db43b32455e8d0451ab4e5f48f748cdd16c791bbee4671601b59a49d3cf0b4511751768ae6d58cf72434ed324d1637ca27a0aedbe08ef963aef0cdadce1ec76741d0bfd85b6c4f1692d32fdb1f874700b295a5f34f6795f7ea5f9905742d55255a942dca19c89375075bc394a1b917ed6b83c7e62fe6300661e8bfb29e5994c455fb8cdc316fd9b3125559058a84fe69216ee1d419dea7c0e015e85c91ab4bfe2eeb9437f17e276d3bfcdf53ca166e5e9875a5a949e1051b62d006c9069d147ea2a48ed2854b9873594d52abf3badb2197ce075ef2f36ae61981dd5c5af3d0231132a2f7ade45320495ee925b476ee26b3ae2832c9deea2bf8a699289b503123d735441c4357a6107e809b4d75ff238e545f315d2b9f03d1d131a38d5e10c76c6b9969b6e572fed780f96e955782469f22a8251d79b4175d87666b57acd29f6b02faa7384eee5b7e64118914ddda8fa1392b3819eb2b93574dcfb80fdd6d55cfe1dccc9644e19d79bf5d506bf68bc9b290527e9d760308870d02c175deb33c96aff83fd2de4b93b33b5514e7714c7b98ef664ceca0cd33e82abe5b66f90fc6e5a4e6f812f1db581d1c258fba658c4073af3402cb5135039ef29433fa4d66257bc6a624ef506dd878f636bdfa0a537e3214034b6e8c2930b8b5652a8b19af4874f095fa51feaed088a5e64de24d90a699bc48f9a268c260c7ea411c44e527c238e916bca4a41c282788754e48632761f5ffdbd788c2a90e462a6e7d58740737088828ba5bd492e48e4d6a892ef1ec8678abd8590e5822233a00884baf2becb5e774985c1431975aa410fb59cd9bc334be202e7e535272580c82481638c0fdde6ae4ec4f8e02bb70be1c23c437745a3a7c978388baecc641a8d353ea9d6cbaecd10406dd6562f2fa3ccbea451e8c167d54475ed42061d7bf32a3f902e30648a3bd699f4e9848efe3d6cb5a996aee3000898b5ada377a87d3426ca52b03d7baa19b07dd0e2c93e4aa0aeac628d5a3654390ff8e8c54d590643a51b5f95c53af27c43d90ef8cde55dc531e0e6aa500180869d3e27a0430a67fc0ae8e32ef8d999ed5755080fb10903f9cc4b994d65b53866aae9ebff695a9278b079f4e54e577a604aa7eae6cd46b1c67937d1a61035f28dec68f77ad4f3f790e001ab6e412d20f97ab4ec006f2ab427c88e9be00261a0369959ccb15f31bb3434aba23f52ddce71bf3743ab1baf892d68d1d859c37f48c22ba16397b2d069d41ffbfb122583bc69606013a7e3ddb9dc29241f9322fa34a0f79392457197a5081a32731f1f12b71805eee87131ebd4613543d1dd0bd85e9dce891b929c3ec4721a6735a66c8440ff25657f12f290801829fcd11219fa16d41fd866a743f9c6bb71dbc3c0798effbf3993f616aa07943af9f76ad7a98cf38073a7a7d804a124e0701696563a4c70dbd40cbf56bef98b38be63e48a86bde0d3e09882bd220142f2230f8b3e24c80cf4d00d37e10647e222dc1c58948a853b9ca07e5dd3a861513d1cccdf834104bc41964c0e1765c1fc81ef44dfd0474c96bcbe0a4f138d953732cbd953e9327f842fc8042417f221b434bc898f2872c8fc2d6e7dafd0d6ac94ebd44fa65f9a36f0d044b64620e0e0184daac78eeb31edea4627e6f1f929051059e5addf1251ed59abea7d54d55ee641e718d0cf4ddb535d9a1aecd31e98566b9d85b7a65eede9bf0deb9382fbbe5349a53557abadec102b0a775ef12dde56ab0d4e67a5a7ddc7c727148caebcd6729d9279162dac81e164433426d5fd3325fabf7a8a269a3b33c8c91968902c6702de919519ad45393b55099182b037fe3b2db2021113210631d69051b17a4bfb6da2f19f859de57479011bedb8d3853a0d8b883d3bb11ecf7d027e75ae772ab90626831d03773084c28b5a80beed5122ccbe076ad372d8a9e039ee12c619011c908f037e6427b99f6ae52f18b3048d72859964adb06fde80ed2846d459637d1688720e23a5f6b7958dc3dd393b311b14d871f94f5635d01852e764fb13e66024de2cd9e8808ee173f224f304b72fb307191b7692ba0f212aa9c41cd15e98efcd2284d46e5e116add36abeaaf4f2a34cc282769a1306ad130a97a8b6a8b05d40b9733d4326dfbc8a21167bfbaa7d120547c7bb7c5ed354cbe38f969321d9706e9088630034b6732729ad0975334fa2c6a2b75f8f9cbc01ac97a3a7a6f1094a2c77f5356afd3242c1c1c05f569b758bd45c22814cd6245167473383aafe3cf7d8ccf478480a7125aaac2fd75251d867ccbdde6969ab459b27df49d5f673f14ab4aae047c6a4e5df9958ab41a8694843b035e83b21309a34c81ab5eb53c50940ad454a776800645fa63bb89c9c5322c0cde68c58eda032838bc51cf5a29485396dc1059603e2e267d1cae0fa56f4b2774f65b10f7b33b6ac060f821ecf728ce21d5bb4dd70022e381ea27d63399812e6f9b620e582415beaba0ce07f0a1f6700b15e576d2302f1b9bbe1bf0a1725b842fd91cf11882117f4cb5fcbd523c0f7c2f0696639387943a109f1cd31456063b305d55a50c"}, 0x1010)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xe}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0xd}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)

1m5.28325789s ago: executing program 1 (id=1708):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$igmp(0x2, 0x3, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
ppoll(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)

1m5.275553223s ago: executing program 0 (id=1709):
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={<r0=>0xffffffffffffffff, 0x5, 0x80, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000003000/0x2000)=nil, &(0x7f0000001000/0x2000)=nil, 0x2000, 0x2})
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
recvmmsg(r2, &(0x7f0000000980)=[{{&(0x7f0000000500)=@can, 0x80, &(0x7f0000000900)=[{&(0x7f0000000100)=""/8, 0x8}, {&(0x7f0000000580)=""/238, 0xee}, {&(0x7f0000000680)=""/93, 0x5d}, {&(0x7f0000000480)=""/38, 0x26}, {&(0x7f0000000700)=""/151, 0x97}, {&(0x7f00000007c0)=""/53, 0x35}, {&(0x7f0000000800)=""/200, 0xc8}], 0x7}, 0x3ff}], 0x1, 0x2, &(0x7f00000001c0))

1m3.696512156s ago: executing program 1 (id=1710):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0xd}, 0x18)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0xff, 0xff})

1m3.635255004s ago: executing program 0 (id=1711):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000e40)={'wlan0\x00'})
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000200)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x20000015}, 0x4000)

1m3.548057609s ago: executing program 3 (id=1712):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
fgetxattr(r0, &(0x7f0000000000)=@known='trusted.overlay.upper\x00', 0x0, 0x0)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)={0x14, 0x7, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0x400}}, 0x14}}, 0x0)

1m2.91020609s ago: executing program 3 (id=1713):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a800000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="120000000300000004000000120000", @ANYRES32], 0x50)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000080)=ANY=[@ANYBLOB="400e", @ANYBLOB="cf0400000000000000001300", @ANYBLOB="0400130006001200000000000600b500850100000a0006"], 0x40}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x40044)
sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002, 0x0, 0xc004}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000005c0)={'gre0\x00'})
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d2"], 0xdd12}], 0x1}, 0x10)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, &(0x7f0000000800)={@multicast2, @multicast2, 0xffffffffffffffff, "43db21ebada8b129a1dcff9d3347e8059ca832ee3dab6d347046c4a28ebc12b9", 0xfa4, 0x9, 0x2, 0x91}, 0x3c)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1m2.908865698s ago: executing program 2 (id=1714):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000500000000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f00000001c0)={0x0, 0x0}, 0x10)
sendmmsg$unix(r1, &(0x7f00000000c0), 0x3f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000bc0)=@newtaction={0x98, 0x30, 0x48b, 0x0, 0x0, {}, [{0x84, 0x1, [@m_ctinfo={0x30, 0x2, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_simple={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'nat\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x6f8, 0x2, 0x0, 0x6, 0x1ff}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x98}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd5e, 0x240000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
mount(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x10040, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x80001)
r7 = userfaultfd(0x801)
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
syz_io_uring_submit(r5, 0x0, 0x0)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x47d})
ioctl$UFFDIO_REGISTER(r6, 0x8010aa01, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r8}, 0x20)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r9=>0xffffffffffffffff})
getsockopt$SO_COOKIE(r9, 0x1, 0x39, &(0x7f0000000040), &(0x7f00000000c0)=0x8)

1m2.907137805s ago: executing program 4 (id=1715):
r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
ioctl$USBDEVFS_DISCSIGNAL(r0, 0x8010550e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x0, 0x4)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='rcu_utilization\x00', r4, 0x0, 0x1}, 0x18)
socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @local, 0x4e21, 0x2, 'none\x00', 0x0, 0x8, 0x77}, {@loopback, 0x4e23, 0x2, 0x80cd, 0x12d5f, 0x3}}, 0x44)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000002740)=ANY=[@ANYBLOB="140000001300015b993dde440113e90006"], 0x14}], 0x1}, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r5, 0x11, 0x65, 0x0, &(0x7f0000000340))
socket$inet_smc(0x2b, 0x1, 0x0)
r6 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r6, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000008c0)=ANY=[@ANYBLOB="e00000001000090500000000000000006f6d8864d22a3f2ffaa46c88bca90000002b0e13e735a3184f123d6da2f1acfac0ee2dd2b184b27db1f302de337c0004060000000000bf852c8986626691b01b2d44e4ce28715f2d28290a9423debbb86f9dba4a2dba4dbe076c02262600c446a567de243ab0d67683f7bb11c9cab3b3eed8a8bef4ff1631aa78acefca03c1a66db4424a8ba100022db228bb7b5eb5100e434db5dd5e995aa0912086d9f4606d2e4cc898739222c5d3a83cb6b707f3336336ebb7d681000000140000800d000000c4ec601a5f39d90830000000000000804413e0cb35357d186acb14cc1cfdf8fc9f2cf7f17fec986c4249af45baac42e95d7bcdf049f44bc4d7bed938251d5b9c13cf950ad6508d5f5eb06390e61adf569cc04619b1de1b4b718de3bb52da75fc6a8acd9b207ab937f2c494c05dcc3ebf9b4b8aca33ee507102aff21da7d705decdae7910c3ca6f7d91cc5b63c53d6ff187d5fdedb18c4b24dae50cc02c898ba883e60532391ab26b00efeff6b02e0cda"], 0xe0}], 0x1}, 0x40040)

1m2.873406681s ago: executing program 0 (id=1716):
syz_usb_connect(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000226aa140070ad0001310010203010902240001000000000904000002bd22f00009050303000000000009058a"], 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x80000001}, @NFTA_LIMIT_TYPE={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x8}, @NFTA_LIMIT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}]}}}]}]}], {0x14}}, 0xf0}}, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000140)=0x200000000)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000900))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000000c0)=0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x212420, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r4, 0x4048ae9b, &(0x7f00000001c0)={0x70003, 0x0, [0x7, 0xb, 0x2, 0x9, 0xfffffffffffffff7, 0x6, 0x3000000002, 0x35fe7901]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
preadv2(r1, &(0x7f0000000280)=[{&(0x7f0000000040)=""/86, 0x56}, {0x0}], 0x2, 0xffff, 0x4, 0x3)
syz_emit_ethernet(0x411, &(0x7f0000000300)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0x3, 0x6, "efa599", 0x3db, 0x1, 0x0, @empty, @dev={0xfe, 0x80, '\x00', 0x3c}, {[@hopopts={0x2357b158ec3448c3, 0xd, '\x00', [@jumbo={0xc2, 0x4, 0x81}, @jumbo={0xc2, 0x4, 0x6}, @ra={0x5, 0x2, 0x1021}, @generic={0x44, 0x5, "0523275be2"}, @enc_lim={0x4, 0x1, 0x7}, @calipso={0x7, 0x50, {0x1, 0x12, 0xb, 0x8e, [0x5a2c, 0x9, 0xd, 0xf74c, 0x5, 0x1, 0x9, 0xfff, 0x8]}}]}, @srh={0x0, 0x2, 0x4, 0x1, 0x1, 0x0, 0x100, [@remote]}, @srh={0x89, 0x8, 0x4, 0x4, 0x10, 0x20, 0x0, [@mcast2, @private0={0xfc, 0x0, '\x00', 0x4}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01']}, @dstopts={0x33, 0x11, '\x00', [@generic={0x8, 0x8c, "493bf8fdbc439db420177b5dc402647e5855f964565059914fefc839a61722f7d458c654a981edd7f6edd28a4e08628a7aacab9bd90687cdcf7d1ab4c8d328032f181dc235e76e1533c24b7d3a2c3aa65884c96af11530a27963000912f05ab12b65e0cb1e75cbde720dc082b11b679e9a223d7b9377275e0d1c343e9fece137bb183ebc05d816a8ac34c0f1"}]}, @hopopts={0x4, 0xb, '\x00', [@padn={0x1, 0x1, [0x0]}, @jumbo={0xc2, 0x4, 0x1}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @calipso={0x7, 0x30, {0x2, 0xa, 0x9, 0xfeff, [0x1ff, 0x8, 0x6, 0x1, 0x80000000]}}, @pad1, @calipso={0x7, 0x10, {0x3, 0x2, 0xf9, 0x45, [0x6]}}, @pad1]}, @dstopts={0x73, 0x7, '\x00', [@enc_lim={0x4, 0x1, 0x9}, @calipso={0x7, 0x28, {0x7, 0x8, 0x2, 0x82b5, [0x3ff, 0x101, 0x8, 0x1]}}, @jumbo={0xc2, 0x4, 0x9}, @jumbo={0xc2, 0x4, 0x3}]}, @routing={0x32, 0x0, 0x1, 0x1}, @dstopts={0x87, 0x20, '\x00', [@padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x10, {0x0, 0x2, 0x3, 0x0, [0x7ff]}}, @generic={0x7f, 0xde, "e2879adb68e9a25eb520df004b1c40a5329e63cf31f80b42cd2f7e195263515abd2c9dcfb743d2264222054de57b38e355b63c022389e5d9c84191157756854683d8fc38bd21af1852a4a5b3aa4cc10828f03c0fa22abdc4857ff950f00c27ef0e04e931bb5a5c29c5f6239ffd724aa55313a39a0d4e4bd8dae9789d406bed61f76aead109d740b8db453d12c267fa6871247f258cd047efcb65dda5a202eda60209ac1e5a6c20917a444ad3bfbd87ef6e87b773c5189b6534dab2d64ccfcec0ad069728f4d5eac4f80b3676a00bd3208aae9a425c89f10ab3fae68e591b"}, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1]}, @hopopts={0x3a, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x2}, @pad1]}, @srh={0x6, 0x12, 0x4, 0x9, 0x0, 0x4, 0x0, [@local, @loopback, @mcast1, @remote, @private1, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, @private0, @loopback, @dev={0xfe, 0x80, '\x00', 0xb}]}], "3e6eca"}}}}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000009000000040000000000000e02"], 0x0, 0x3d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r6 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1e000000000000000700400009"], 0x50)
ioctl$sock_kcm_SIOCKCMCLONE(r6, 0x890b, &(0x7f0000000000))
r7 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$inet(r7, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @local}, 0x1b, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0xff0e}], 0x4, 0x0, 0x0, 0xa6820000}, 0x0)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r9)
sendmsg$NFC_CMD_DEV_UP(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r10, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}}, 0x0)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r5, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x38, r8, 0x20, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x3}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x10}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x440)

1m1.926165608s ago: executing program 4 (id=1717):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a800000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="120000000300000004000000120000", @ANYRES32], 0x50)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000080)=ANY=[@ANYBLOB="400e", @ANYBLOB="cf0400000000000000001300", @ANYBLOB], 0x40}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010029bd7000bfbb000009000000080001e8ffffff00"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x40044)
sendmmsg(0xffffffffffffffff, &(0x7f0000002080)=[{{&(0x7f0000000840)=@tipc=@name={0x1e, 0x2, 0x2, {{0x0, 0x4}}}, 0x80, &(0x7f0000000c40)=[{&(0x7f00000008c0)="e171e01655f30950398c64b067172684985c7f6aa82b3de3898bf7c117b2f8335e6d9bfb632bfe344f77d7d9adebc3c4c64c95c15af8581311f1a665ed308c870f0c49fe8e067981fb73da91eaa0d3e3fc6dbea6879072344c1acb63770d3e3d5563974b71b71b43eb853fb17972bcc47a0315332d8cf2", 0x77}, {&(0x7f0000005b00)="43aa1832ac64f528f6f0096b759cfa2a71f51ad4f5bf79a3cc5aa758bb7ca07414c963ebd951d2203e6430dd8f134117b4155fd69ecae4b1fe75e9b05622ab4f2e224ead5f8d4b555c457b58b406f614bd011a9fc59e9276d39223c5eebb2e395eda9ed7875d99af63d229c415fadd863778a6c02811e702fd528de60514948ad298a15b427c088084157e08148f8446ce76ca46a82b0a2c5e38eb0e07dc3ac70a3607d1157e8026b92bb7c17c1cd932f198b81ab719550430eeb1f1709b1c111a8eb01829052be073244744bbe399a0c01ad6abf57c24aaf6396e0dafeffb24a02e7bd5c4810113ef4e6644125e7ade244cfcb6d3d2d5c82335906bf7efaef7cc3464de70189d90f17b99099c24b962be46880572060063c92ebc3cb9d65cb133d7248f8ebae5b5db209e0440f8b501d904aa3708b840ac45831f85f3ce1b083dbf6467a4e5be4c12a839dcdf293c9c3bace8240af6e55b9a2bf153a4f58705d6d7005b1db554f93cf289052e73539bc0901d191edbcc01df9d46540858d6fe72e52157e9c9eee7a0319a75eba1bcc7780f440e90b3c2cc2313d191c175a3c76106c85e965abc13ecc0eb47b769c5c76d77550adbd33a9de2df1dfcdf9140c6f41078c3d8aeb1c8451fb429e3d2227bed52ca081f31a94fc8d83a48432385432c20b48222d7ed04c14c2c775de87c60d40746a2595cdd807e987aa4289bea719f3bfff4e9324070c386608e9f466786d0791f27a2376433514c74f21dae1560c8ab77148d81124962583436beb54936421d77f8728a27a35b63b011388c1380655011e8755e1bd7f7b63a3ac8df535ab9b631212c1ee9d37f40342c92b3257f4654df9589ff1fdc4ca49666f09f20f8faf0abf61b97582053e34a4481cee86765247cf66bf0fb0b66107bd5674a6f8b14d2bcbf22cd7bec5d8ae1f09897f0ebe9c7bda39bdb081f129f6c8597b78960c97ba68efc28d18fa60f85d903e6a223a20c4fdc6775839e700ba332f7bd18783e9ad0a1d5bfb1af1ad305ba3d785cf4138fae0d8527b22d6446e04fd7c76a54b9f7665dad2c034c3cac5a345398b08796dcd85c20da8397ac3559f6c001cedb0a5855b70d3f37705f7577d12abc5782158191482ccd18d858999030d5b64fd67a9e576d90b12c0883d165e426badae965bef33c79749e17f2c2a7c370b26a37cd6206e5ba4a263f0c8722312a76d6208e1d94a239caaeda4f1949d1504b15e3c5cf59519b8a63e90b09e1503c4d5053d01f7f3ab0004c3440f2e78b3d37d0c26b0f5c84afab9d418e85956fa38352ac4a793960a5e1198e949666c11ad4342c98d2ebc79a8137a34a04f2107b1fbd5f38c9d7c44450220d822f15b34d568262b4bf256db83476623bb660ac8bcdbb8a5e5ff2b96bc3a751e0b548f15cfa40d504589d3ec048f4d54135d8a2c47a8ecc5b8255fcb76a40f00c28f4129d19601dfeebe7b32f5b776677c932398801c8c3eb821b2d65bf077c8f149e5ba44c3745d4df89b17ad61ce0b093e1d3545af97bf62f207a447eb6ed54b048c3cda21baef0ac614d9957f51caf6d67d05f5a240a72cd56f017fabbe9c56d16c27892fca799ad4536da9efd0026c40c668066acdd8f3ce3e7d3aed4c5413f3f9f05868493704717f2c5d7a4a897f103201850b736127df7d1e2cb8294f8c9c05d4ff7dd0b637c9a667e8eb599cec9c2f8743f537b81786874c6b95d8347e06ae3b09b18b850e4bff25b9c7175f1cd73968236bee78630b6905eb340dc73b78cc8f7fb58cf5d1a1f1587e6af04dbc2a5e0894de62a9cc2fc3919c9670774adbb6f5a4edb57480210512589f9e6009202f8f93f3c02294ec84f29b2f9e7721bfc29f6a07a075ebc23f0ed176e225095cfdcd401414bd482ed0fd92c03802791e2b99abeafb3725c8ccea748caf399afe49c5b7d29b18bc90881271cefa152096327d22d352e62c88464304e6b1b5e3d3f407ecf1411282bf67204f276569ab6f5e11dd03c277be7a97498ffb75796a624665adf70e9516484916764ee976b3fb473d3828785981962b11c090a8f1c1afbebd325176c29f81fd4302d6804b3179b13448a23194adbca04fe2aa2698d2830a73000eee8d7cf1f6ff3a8d1b167d958b0cd52f829f7e3b4653cfbf5ce6208262f4b49a8a349967ac4f6a174449a4284c0b4bd797ffd888a96bb516cb10b67be368f18ad13211fc654a247967b151546504e7ba2f0c24fbb80839f15359ed2c787f6b22bd86651758fb394694ed898872bd715d746a372c1ae57ce0245b6ff34a634298a0b36c7594438e738d71b8ec282b5bb9b289d727c38dd9f83666b8443eb299af121b17df5ea2338cbfb2ffd99e48db615e9f1b2dc704820d327e97b89493c164c33569c61eef24eec0c08df69f109758e6096b2b11de85c809e04d20f13cdf78df953ef0a7aacd7f3d0fc32dd737dd0cdb11a6e2efa722e2e8fc9bf7d1b79f067b3552dc29db2d3efe3a8ccc8362db4935f30efc2e446985068a26bf9700085890ba7efb49730bf90ed982265752728550b20e3fcf852ab3b420e5d3af9ff0838faf765fc515018d5b392764b6ed2a7d1fdf8e01222f113bd874889acc8870c63292078e01934c37c88ed2a9abf824e8288f28666fc75639845117e791078bd3f73089fabdb77bfd577f2726f8ff40f81d30d46197ecd31cd38691d86bbc2f2bec47666c2a5ead787f58167ad3a8ca4a14fddd56ee301915b1b90fed96ee5ce02e96cdfc1b59d4ba1fab8cb352407eccabe8fe36a0837bd4186bbec7cc56e3227192a9e34d839d7fed2a768fae2410326efc2d8533ac917f3520d3c735c4291e2f6dc10e033ece884c846bea19aecb617e39affa25a9c692a868acd3322169e9ee5c3b4802a48352fbca757decdf3880b21240aa1d0a03b4eac07930d399b3e957f033fb72d26bbb0ee5aa9707f83222183d6c269fb7bf28162dcc21d7b6fc08fa8cd175006cac2c52561a03a791b7f365b0cd5de1c152992de90135ae5092af1cb1f6c4a5d9ee9a73387953e2ecef23d3cfb9336672ce370e1deb1a9fea7a223a2f3d39bbbc663ade34eb06ed53764e2801432e64545000d25c849eea3ecb87c08a0536421776ae033b4182ab183bd14a55c2d8d19849f9157faed72694d92f70086e927a3ef70945d147e6e3181095bc58ca6d71277bc3e6957eb54247c3225d76db7c277739512224fa7200012587bd4a8b8812853c00f6e44d007ddb138e96e7ffbee94a989753266f4be3c98a4ff349874d16886c9d3348eb76aacc580825e102e844da8940b4bdfe5068b0a69efafed3239295b544a7aaed7c5ea6febd677b1985f1cce6bd62a2fa5f94b30021fbf9890fc979e1b2b68905a113bffa48bde4ac06d0fdba5162b01f689810e5f3612af1c659c08d92cb691c28f3d3607ed35a2f8e4867f019702572a207ba678a01b8205f58dcf84ebf66dfa78f5e29a8e03f9f44c1b09c289fa4f620871f26f416f8e0750d98510aff2b12e29a26fc3301d45070804d8591784ca6a7d6678ce650447a068f4d5bda9fe7b9a3a31243fced22b4e4cc2e9feb2bfd10425e0c81e8103acdb9ac409ceb1a321291506cf1441e7b46a6e1e74f5bbc83979f40fca7cf77951ea042552ea0f311fe2b92c6fc0be29d3cd4d0b40859c7b9d8999abafeb70443664694e649be618875341491dec5fcbc0ce662612e01d91385072b1a087cf707753f3fc85f9f160f762c80fe9cee8e37318ba44ccced7d2bf6f2804c30bc6afe8eb910e4a2a521ebe0f2f24c0a3de3a51664a8b58b9c8865f02411260588ac3f70bf45f79016374c574a58f3c35216d32d30bc05095a94c97a774947519f59ad9d81061449ca1190da948119be43a61dbd964eec32c443788ef5cf795acff2cb17b6e34e8493bf635736824089b7058d8e35c2e5782a1f7aee970719506c0e204129492c2f6247a08c0a811994427225610fd122fea0265bb4bda99c3e4ba9d144184f2be054cb6b6abe341a2c17d7e62788df495e74723b08e143a36ca854acfaadfc4c77eeff366f1ad15ded4c2ddfcf9dcdce377be35c0a75453a198c1088441f6b9e7214e6161402e24ea89f64f6c65e89c85fb2c5755b69e60b3e80381574581410ea0036689291bed84466ad7de6d3839a255753203c59a398daf53cc6d8b90a6e0a333765e25ecb1fe36cf3b5b5627c3ca4f2c9219bec0d6925bf5b9fe2e6aaadb7bfd3aa7a8e3743900f7405b46e7ec065bc8a310962b5770d2f6ea7e41756dc7efe3d5f9172d93fe82e1a1259502ee367f4b922055ee0f9da9b7f35ece712cb243790ef127de520c240abad6502d9e544bf073dc11319a81dab4b529a6ea8222dedcb494e4ee495cf30200a51c465d4cd68a162033125c1008c5c51eca6c62b13fe6c3beeabf387a059db1991c6cc9c37a3ec0f88bd275345fd76fb996bde5ab941adf5ed5ad2368e37f7572f2606baea2ea88db5550f8a1e1034739708b3a87942d4b3a0ee20e207211d64ea450c1c7ab1ba0ef22d5cad8f48aa13b48bb9dd5886efc85440eb726ed7b139ad3b2a387fe346cc6d1d68c38cda7468f4e53adbdbcb024f5e1cda9a47a3f69d2b9733778b24ebca9cfaca77fffb0df2bed553116587a86b23fbbebfa4f0c4850c8cdce268f7642d73a298eec8946d8ad1af57bf09af31107c6e52a44bf17e9c66a8ec1c15c9010b665bc546b02bee492e7b1723bf665fe1d2522cd7fbc3c8f8e8e95adaf671664a4f0dc83f55b20b37c14512ea687ccbf8a89571bf880619ea87bf9c4e5533694ac2e5b553f3ae7a1c32eaf2fbfe7f44781a09d6bba5b822e80b6a9ecd0adfad62b396e7008238193b7f7e51f71fb58a034be97f2b91f5f65c0c7642122cfb8deda4e4919d9a6bde1812e691740b69f81919d38b39f9bd2869a17259f1493be2ea4da98b050e7f5ff55918c9ac4d55f95adf4f6c1162f1c13ac77ebd8a9e91405da94418192a7fc96ae53fa82d77b18d7e6c4bd31ede9d68f4d6327f7868c8a7e4b4d79499b4e1b79d3e16ead715a06d468c4eb27c4bbc5a12fd4dec0cb1d2c0cd0c79c7786397915183114693dbe9638b999daf55562421a2b79d4b8ce03997595497c939f75a6bad104fb5c9d923c0f7cd184db06d7fd46497e0387aef21aec157898f5c4af74bf6c19a7ac085f6228bc8b8167794af4bef2f1cc037ab05bd158b23b1e466e10acd46a39cccbac628ebb1a82cb640a2427b0fd5431f5fb1279d3461ba7fa7fe47e302c2a1660089276c89986c41e765756feeef72d917e77970d63136c13760b8c1d58fdd0332f731d0352fd0193cf5d68f2b5fc3b3cae5e3bebfded97a21976558337b2726dd7354e14bda262f3a37e4b3bfe15c12df21b08fabb8f9526778a12d70901fc80f48910c35a059f371661b54c8684f5aba5c6cda63e5024f46b0254f082829b7d7b4222ee9d7140f2c5a34cce8b688d1c8b7a3f08664159f505426d0880abeb1049894bb5503477e2abbdf7829ed222ec14d51449a55f70644cafaa613ef9f421a20321b2faa3dcb5db993b2afadb68099870188e78dfec69382e87a6a46407f9e0ae79f67b7fbadb83fe9f3b6a18e833e111067f989e782685bda03c022cfab9c2bb9d022b6113285b1d8cf92af11069969d3ea523efc5fe06171b84ad1db71486c5f838aacfcdc796a48b43c644cd7e2d069f5672c306251563145fd7d56e37954e92fa82f0a6b6027f371de758d44125b50f9c5ed77b08b0850079a4165678cc74ada5326f2e31f9fd25", 0x1000}, {&(0x7f0000000940)="15903e222dea5c0a55872c16b646d92049cb0b3b74c29c006753117faeccdb5b2c8591811db62f1f03e8ee5c519fc90d3f0834626104c5982e43cc958fd12f7831779bc7d5992e9acfc5fd2591d8f14c447cf3e93dd835cd242c2aeedf7f3fffc4124eafd3e94e7229162ff1b16c3e6418269fd129b2686e344fac535a017b5c330a935643c2720e1e30813dcfa436c6b67a6ff18dd70473a45024cc071e3f89daedd3aed1159a20", 0xa8}, {&(0x7f0000000a00)="1b89a6a0d7f96fcbbf5aca268b680ff3c50a0d51b1986770571eab74c9163cd84279f67c92107ae0bcc2b9d93d2710493c1312b309cb694a0e21d81529ea259b81b06347fdb9ddd39c7da92222f6f1600783ee71d2a8d4f0638111b89e83a53c851b7d27cddb45035b2680e85e9e25e494096c43155df829472671af34a281ca6702e67e4ec803badf96db599213a76739974fb58b3a32243d5c1d94", 0x9c}, {&(0x7f0000000ac0)="cdde6d98d22bf82600ac8a2f9fcdd1e626b371185de6f7e943c08f7c2959c2902f7fdf6202db7c4054719d715a8f64efb97bc03cd5cc80a3a1dfd98ff3c1633a91195bdaac666d7c94df0c94f6e9f1caed78bf6e7659b3ca50843a333775d8f100cf2d451834ab7cf1f561ccb877d6015bd845848109e092dfe34dd2a913f5a13d7b6caf7258ab7915e94e992a2fa4993b787ee30e64c5f28ce63b5a575264adceea78153eae", 0xa6}, {&(0x7f0000000b80)="e7104c3a28524642287adb5558664f7b1241a199e821fc097b8c300c28e62e9ae99c2ce086", 0x25}, {&(0x7f0000000bc0)="c8c8e1c2f44c094ca3b19943ee83b388f8f3e142b14cf247bc42a96156eba5000184e93f538feeb9ca7cf4b2d59ac42c67b33c650b0407a6d2e28e8cc28db8a4f2086a41e7bc36492e97", 0x4a}], 0x7, &(0x7f0000000cc0)=[{0x18, 0x113, 0x5, "25b783"}, {0x88, 0x10f, 0x32, "27cc915e78534b0b1a894a14d5b50502e49f2822042fcf21ea8a53dede09446a783a2ec6afefef7f51b1babad6a6b48d5c70015ca102dfdf4e6d45dd46fa2bc5deb03ee28e05f20c4484e89a2f80640896b541de62a1f4977ce70ba5633ecf59abc0a8495f25d60b1cb4aac5df35e319be3f"}, {0x30, 0x131, 0x7, "b34fc7320ed5dc682d01f714c21489dde1a48f5686b99510f6f7c2"}, {0xe8, 0x108, 0x8600, "6bffcdef9c0aa7ea0d1b9701699457d34c7b8626b165cce7f831638a37749f16a8c6facbaf56240e0ee0f56b28e39b2d0f68c93dbf702f381c2dbf916faf7f45d71a3992064a3d5f959fdb4b4b2932611f11773a11c4ca0886321bed584d815fa405e08ce35acf158547faf2622078fae6c8d20e3cbabcb64b04dfb5cf99180800acd5a26197af97b2a41a67430985c9c3edd181be415148c11d9b6bc836393fa2d24780b2491a50693dd1603d988a77a519f4bb4f72284d7922f81ddbeda2aa9a144d9e9679930e5e8f30b91e4df6b4a5eda258a71b"}, {0x78, 0x118, 0x8001, "46c6a850502493e1a6165ca8867b23a235902ec3fb358d1da540d452bf3f9b90feb7daa7ccaa39c5fb140168b4dd3b18cdb768b24955ad9b407f12b6ce802593beaea18cba244e48ac75ccd80d8737a5d07658e0624df53c7ade0755c4219429b2"}, {0x80, 0x102, 0xfffffeff, "c88ba23285e78ceeac88e6988df58b894cc41279bffb041d9874ebe5694cff56f96932484020c0db198ceeccd5f1ad3b879e6cc516a6fba472824d0e4cb6d30d5dfea9b39cabd05649b6c9d2ea7086167797fcafcc79ff7fa8cfdf0d9395c898b8f51e539b3c942e261f43d445dc"}, {0x18, 0x1, 0x7, "2c8266629616"}, {0x60, 0x29, 0x6, "e40443bd158f4e5256a7cd82a71460fe3445c1516a4e0199b04a54520b2c39ea541446afac11e965dec497cd0c15cfa099cbedfeec95fb099fc16709d38f52928a6ea915d24135b080c492a2c020"}], 0x328}}, {{&(0x7f0000001180)=@xdp={0x2c, 0x1, 0x0, 0x14}, 0x80, &(0x7f0000001280)=[{&(0x7f0000001200)="90b2da9edbcee1d3ec9296b32bd8b029b2b5dc95a8fa6b4f24828d97863358e74be38a5f1e1df64eca8fc5eeef73ad1b763a4de2f185827f354bc39c06fb66ed6cc3828c5099af3144fc71cbfb68919a4eed6b8dc201b2250b36edff6c7493b3e656e3e3cc676a63", 0x68}], 0x1}}, {{0x0, 0x0, &(0x7f0000001300)=[{&(0x7f00000012c0)="c436cac816968ac9b8eeddbd8f0a87a61e693a68910a78b41bfa9da927845b6beed6d0e0c3226e466aa763ece897a1f95f46e113f9cccc07049358", 0x3b}, {&(0x7f0000001400)="cfbc7c1bbee3c91034f5299cbcd157f74db2d0a93cd7f506c37805f2fbdd441f503c4699894b66433054a3c26bfaba6009e3046367e926c1063b8fcb29f37fdf08f7991f21ba4f45b6b482b565783d57b01c4c826ca5c44e1fe141e2b8ce3ac4fbcc90b2e404e6ca14b836e8324143c4153e8eee4983e9ab779b041a1281792c813df7a8b3ec5def71af80bd74a4982f25242ee009dd0e0343e772c20d8240592a2ad101624dff4990a39bb29b7ec400017710e7b5d26ac285089072ce6a6118b92f78866bcd342fe16cfe152bd35427a70da85ab10905426825d3fc782dea74d25fabf154fd471cee7404", 0xeb}, {&(0x7f0000001500)="0430e70388e30bb27e28523d01799f7a9c59b65e9db1230d483fabe5d936a716d652e77ae313ab6de1a31c9aeb4e9dd2cd74c9f2dabf7b4b4c8c88492ac9af33385914bedade1c8bf9d2944acac3d411ee7838b15953468dba885317469a045eef2dfe250cc94b861eee249ca78121ed3fd9b0c25c74abf86abdab41fd11944157de529f37897deba10c48b7e05c5db68a7a4da4bc616e30c31d0fbf5e9603dc6d086c175be408b16fc48c21d13be53c06622500c251fe439cf110e0def092", 0xbf}], 0x3, &(0x7f00000015c0)=[{0x40, 0x119, 0x101, "484ea99db12a29c6c34b7a652dd42d13ff65f09570a07b5b11cbec51252f378edb1ac2c8d4c283e3a893fb8bc4"}, {0x88, 0x109, 0x3, "e04ee1cc1fb90089c5ba6cc18252764e98757fdb784837669fe710ec6944f49406d9afaa0f2424cbffdd858dabb1aedcc1036c6cd489c80c2cdc541be75c14280d55c441a443c772d6b893c40394aabedfae6719fff12dafbca88f7297f73a663f59878f57aa9fb48a49bee97b40caad149753"}], 0xc8}}, {{&(0x7f00000016c0)=@phonet={0x23, 0x1, 0x4, 0x28}, 0x80, &(0x7f0000001800)=[{&(0x7f0000001740)="1a9838c0d4e42ed260eb794c561816945e5207244a94f2ca589e8b878982bb760005367c9e57f625790fd737b32293b77e71832ef7c292bbd252c396becc47783fca459e88c2ca3d86614cc16f8c13bfdb40197349adf7f20032ef3f94789272d268492e476eba5d01a6ecab337449e8ed02a38dc1b6963e7337a968a1006e5d10acc12ebc732ade8467d1547f4dc6bce3d2690749b95afa886bea17a2c8b7a03f64f0b0c2c936ba", 0xa8}], 0x1, &(0x7f0000001840)=[{0xc8, 0x10f, 0x0, "e1046b913fd101f6f7a1afb4c7d8b1116f2a433945bb3d8777079f974ce7a05d3d0800a41b7991a84c165fee0f481a47af7f056c688d52b58adc3139cd8eec378eb7b3edd09cd63520edae806540e8e4972e8776607ae32d28317666f576554bceb6c31d2aaf4d5d45904f45b7a64eb1051d45e19f398fe578b0ba9b0ccf8203bd461bc22091f824f3fc447adbe52f2761803efdd06457d816aa9a177753c2892ace13f467bea978f906616398a187a30dca06b25fc8f21b"}, {0x10, 0x10d, 0x5}, {0xe0, 0x10d, 0xe46e, "5da8a71e52273cec1e74a8efca309c2ee541554214941aa329ea77e70d982d53c41e88ceb57ee97d925e2841babf017caf1b5cea5437006abae9fb481619aef6b36dc952ec5e911629dc7c6f80364c926050f663f246440342e3c821e9c33538d2bde379ed53df30905c02c83204dd21215f2914918d595193106adcea7c6aae3bfb24887699a90312750895dc7968f53a5c6f2bba27edbae5bbf679fba03534fa35d0c20f585f0a06d502e73cf20c8e0a8cad9c8c3eed192f379a36dcd77d969a102a69fb84e471098088c5e67431d1"}, {0x48, 0x116, 0x22d3, "28a7b7fc2efe6eb315c28e8d65b46abcec1c95d723a53de75275d7788104c0aaeca9d6dcac57560995f57cf155df6cde4c6462187bfae2e8"}, {0x70, 0x115, 0x2, "f923c8b78fd603a6b6e8c5b70080e2da4ab61fbbbdf513620f0531908ae90770360c1c02d7ff6a74b4a2d6feeba3da658df2e101fc5500928586ec2930aef3c0bc3ed55d3547c591c9fec79b8af10cef93cc454f6305f5a8e7309b67b9e3"}, {0x90, 0x102, 0x9, "7818a3a0e24d354cb2a78c635a788fa0a5c12ad06e8e8bd71f7d95b5e7f8af64c1855343619bfd733cfadaeb3ba001ab2065c3122f573abc0d10f91529dff378f6607068c4c80f0c4e4efefa06d1ba055fb800ee05cf58c9ffad06166914f87b61b024bba9a683f65e7b1959aebc115b52ded21c5ab96df13ada"}, {0xc0, 0x11, 0x3ae, "a9f0f29ecde84f2e89f1c06b30c59c06ade4a1164c5e39c1fcb3ceaf2bc6f7f1e42c0c172f76394efdad184b5e598823efa551687f83b01116e30e8f5edddcc9bea47e8ceee4a9e8a44a228c86528d74380d3411332938411f072d76b75acddcd9021181eaf250eaee7c41e5d433b845d00d1c9bfbce4d8287060f715627bb5f75c2b3c6cf0a394d3f637360bab99043e9ba7cf978c2eb8eb87d2131ab06bb20ec2815e188fb2bfbf1478aa63d"}, {0x30, 0x118, 0x5, "d09107232ef6160d795b1b36248ba383308788603d5be52f764a07"}, {0x90, 0x0, 0x4, "684edd686dc492256fd9c13e57cfde37582a1f5bdfda7e2c2e3d29b10dc6173055c50f0f6747787ee7764600cce7fc02c1c8f16551d948ba1b5b9a51cdc13709798552a4f76d2c3d9a904716b169fbbb78010063ef9ea9e05b0b86e38bfbdd8b12ccb61a46a4b9c7c8f6a666d626e98e65125009ca859f9a50d6e3"}, {0x78, 0xecf4377ab545b0e4, 0x5, "9ef1d751882ff31c0f4176b6bba0ab1f142bd6fccac910c1f5f7a1d741f9e554159290862dd759f0e1b0928d37a0fc402e2b9682deb69ecf74ad02e23a714c5d94f6d0db9b7ef6cdc27e143f6a4b615af97cdc2afe7316cfc0bdc5f00e25312f1286679c76"}], 0x4f8}}, {{&(0x7f0000001d40)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x3}}, 0x80, &(0x7f0000001dc0)=[{&(0x7f0000006b00)="9b8bbb58521778071979c9b3b8e77cf367f5674923558877fda025f444de5d73298db9745d2896b816616b0cd220f00a688b21fcc06dda43b0fa5c0f2ccbacdf33aaa6e7e6fc24fab4b942f4e64dbb5e2f276f8837de93808bd57333a14d7ba3f2e692b7737691391dbe332603902501cfc8956b4cd67867d48d2cdd0cf44466e767a311f858e214fa3f490ff3a4b922a0536d780537e1efac5b0902f793a01d967ed809ecd0150fcd9b47b819f8246ec0c3d9d2cc0305eccea72f0fe18541b521a52e37d27eeeace86567baaf3907d6e359e974e2938437713e2450bbcbc834fab2a238537784fe671397bb66611c01e5bab1eb0335a6eb0c981c7bdbcd9cc0513e798ce06efaf1441fecb5df031b09c8a1228f288238eccf57959a44c00aaae97e03e0a43f8bad02a024557ccd3f9bce0ebc30be649a6c2daa1141d94e893ee8d0f9e58ee6dcb305ef512bed6323d7ff8f898165132a622366c7080c17a2816e3e8fb700b5c60ac68ca25b30a30e449457376cff2e91edd36f8cf55e0d0aab5373bf0397897008aeeb3e96d9c76c46664a5641bbd8b4ed9adeca44ed7eb686d9ba991232cc00d895123130eb86f8b36da0485ea98720ebf2c516e61cae9827672562cba91d8c34dfebb770859841e26140b95a0dce49b7bca95b5e5c867b00bb386f7b0468c15b906220d4e2480268303ae0ceced6553a9c368744bd499b8d4d434fa7bcded124e2da5b9b8f1b37e821ab38f5680b6c6d0813dfa97acf12413bf7b3a8f6c5f9a8c49c8b5a5206639592c25bb8b1dcd6950b70c822fe1cf940bb7629375ab0f8719d19cd62bc67f3c1fb54c33eca9ea10074bedc0cbc50eebf62bae7db99de1a44dced1980ef890b0976d587b30d892dc3abec81e7398e1638d14ecb949495e6a74f3f7b5f164e1872367470807071cd21020afa6b6286a7a0f00d323c3ee0d369a7dcd3b192a9dce5ae4942d1f1c54d8cae0846d27d672aeb990057bcd43bc03eaa26ec197642b067f0fc90aea1218561c20cc8c464cafe28490452b2b3efe244f606b94e0216a91b5329b174b3e6576db79a651868836699e60844cd9fe3e522d6e4eea03de2b75c5127161babc1cba0cc11e93c20d1d1598e50e20a7457b755d26fce8fe282a6f59a246c953c7bfd6be6e9ec46251a3b5e4735fbaf2f35db3da8a22b2f831a1edffb6d612c6d019b040aba95a92f5828440075e0a4adc490e51f6073bc0fd759b7608549105ed1cbe99c72885e40fa33f58879b62cf299362f64cf42fdb47829e5478d7f8af92f021351618054ad9f8d00422f5aff664d25d2105336e7cf855da72f7a8f98506942f7d06ee5dfc9342a4a233d014287b7d01418506476768cabbf43d16c56ea662894ae361b4a2780ed03dbaf002838122a334c01a3a28cd1106573a0460d8b68dc7d22c14aa7cdb99c82d5ed3ce341b3beed80e8cb509e6137d3392f67ed54c0ced8e8eccb0b4fd50a1e81b3f2bf3937f6aa8b83816fd462b4329a47abefd9be0f74ff2ecd2a155e82622e0aa070fefdd78ece06becf8f27836b982804c9858470787430e7e9781fa86c224a141e0a3f267ede655525c4674049ef386a49af1a3298f9ff0aee8c221894af132d40d558798f8627ccdb65a490c6b7e3316808c82e419f2cf1401aadb8e55b70c5da3bf1a0a02d1fc33cbca0618954066e259d074d9991ed60f237be45bf62175628766aad1fe5e9eed568d43ea120abf00eccb47b7c009a389d048dc57c0d0f6601ecd00d78d32a9531993ff223784c2f719a05332d3e476c052834710172a5dd84ed5ed18359f573dc50a99e4bcc18be2da98e406df6c6ba49b7c94dd1d490eb3b2815fe78ffd405424d003dfa1b126294e1be98b9b75448e539d38afd37ecfa5edebb02057ab97ccf40bf79d68bdf7f5457566b8e28331f2653f5c16974dcf6a3ad6ba7465d63d124cb2f7bfa933965bfe0d5dff38fc8a176f796c0ce9ad242dfa066700507c88eed703218b3b91ba969bbd3c36079726df1f5a002d7fbb393619ee305d6e4ca5b755b398db352bd9d33dcd6f6aa5ac3c9f395e4e561fe34aa1be92eed6dfa04a970c99175a544ab27b5fa425449916d482ecf9cc9c61ad7d7e2a702e3df4b4298ed152e720c0a8d9a5f30eee45fd9547e42d0273f3553d34b96bebfd84481742e3b8b85dba07c013d2ded3056a1f23ed43c117bf4c288cd5b45e57aa258bd5a3c31d5638890a240e7d5a251a9adaf1a1f2dc23b0419a91b3a9aa60cf2e5ba5bf6d4b64a38fd9d7dfa85c6bb3925c7c5604989dd424fc3c8c3c0081544ec76f483be888ac9fa98dbca4a637c448f32286e20fad54efdad86f99ff7d6806a77113776d8abc85b1645c11b9dafda7033d5f2a44bf39446be5a8ca867936191673742fd19790c9b00ff7d19e60e5b7a06cbb4d49404a5affd67dba7720255d40fb0e88d5ad62ed599697d59361bc6e76d04f33592e22624b972ecfd0d73d2da715d48add35f6281aa4c3fdfabd543820c3d83b39bce13cd7dcf68d551d08e117f9d913be332b0943bc1f8e99d0c596932e16666f9d0453db8d32ab4979b4f3b8be0143d11501c156e79db27f961f6a3f3f6f741be9ae096a00942d3a6afca7dd7444cb86cb55f7d65d98cd5a0da39302c26601e08284caaa27a02e8e3983f921a3aa2b1f328280e6782f66c4f48823ab2313d3b87d55b9d8b8417f26062f44364386abc2137d0690f101bda5d908f38bebff7714963a9004710a49fd7a0b55529afa53363c4ca1f263daee3ffd3218ac4865e95f3dae38077f6a22a848d55b8ddd7f07f030ffe39e96327bb7d51f6e49db127e0241ba5c8a7dc491ebfa620ceaffbf16467aa96df4063dca8d1d1d44b4dde4f3e4ed5375d343dadddc3b1ab284d68b3dfec2881668b1a0344ac477be9d548902620c993afc8e5dde2178b79536edb5230f86f768ae9e08824f6ebe4e1a9d30fe3d9da1737ec455c8229dd4142e58be30d6f31a7ea233a6872c18b0fa4d156871de0aceab250b06f4b94781ebaa55b62eca4e3c9c8ace0a8f0183a3a31d1ef77b42de8ebb1dbc2c7dbe6f2a14094ef62139e0f66fede725ab944090fa45e83652df8255079854aabc1e74f754993b493adbc8160467e42956b5b11c57c1a8af92e11a5138ee8e9fdb6f943bf987e4844e61fbcd47c5c414105a6c91d87e14cf8eb55510cacc0e2031e92febc6df5d528008bec76bc0d68f8e6ce9a1653a4a2a03c58fbf1543acc0b433b32623b828fdc68b75a71385db25693ec1f2bb2f3013c47e391d87fce66c27547011c8b99bdd6eafd4e9f2d18463f13fdde72e7586111e5131e932ffcd6de9698c8c6563ef181e2433c5cc1832c2507586d5f4e80693e7edb83fe24ba8b0fb943509d8e4162926b4f9141267449990d57ede1509c0cc25bbde921819cd6943f8b6875c511e62d880449fd592ab7eac13ddc9594368c3121ad7ea50708204601690f86e7e8aa3cd2e357a2b553121f4b9c2080a270f4d39bd6082c03c1802a79039aa3e0b7bd3ced5639b37b10de554dfe7b7d72c9bb83cbbc7b5a60007434a1679b0d82c04b09192225bb1cbcdbbd60ae22377a2cec47716334edbeccb108d08783f0400349d60301231b1791e8af0b165dbc27c2e024cf429adbe82fffdcdb2141d70989e4813f57e1cbc1e3f52240c63de5b93dc19efa06a21746096165feba1eac22e249c67990a9fed392d87eaf676c1313358d30d0b87b9991ff310ae8b90395adb633482aa65dea8a3ebdcfbb01be3972d7d189b234e2400a0b522bb099d1404f2cee3cbaca33740b6124fb8b2b70491f9921c906631b81ea9e8739149e7f1f7a1f1a99a0525569c9417093088c79b3583e70c81c7fce0af366c35db4c3badb25fdd2e0787f9fd1d9e4697143b33dcc75d02e7169d541eb8f3ed8ba3c3f9fbc12622cce22db237a39d35a2d79ab773f6c052678013f739f4067679da4b0246cca2fc09a03f3c47b6b00621c63e14d000acafd77e7a814b104008f9ea84ed6f53b6f06c6438c1717372a700583a53fc9b85582cfd791648e8ba3e614b53e82aadb8f65c129e77c5e25af02483399d07150c482861f7581fe38a09e1cbae1caa895a211f6e72b29b3f74356c4f607e4b689aff27a2bbc7eddb9f0003217bd1d4ad330adbc8700d30f59504b66298f0bb898b13dd34fd85e6270e140ba9354f1c688101b030d43c0dd0416c38f9281fecd9fe45e98742451792355512ad6582907f4bad0db17adc0f47e3cffd0b4a1a50b7831bf2e9d62a1216eb079a9fcab2903de5bfdb775b3d39a15462899f719d434f39e934d7ca0812a825a195b9788315f281642f95c58e229f35286b339c531c6dcbf035b710c20c83dec2adc20fe852db7c807eace205c90c1e256dc9c24cc48bef7f3d283bfe67817ab5f126d1fb2c18a045e9cf2fd4c814a676047c3d776fdd7c8d6d7255ed43a2bd7b8d2d0b68910759a9a868742919990204fa933179ef16a75c6e039820612e3f72032e538dfee406e3132d20d883fc0ae1340f954a3d68794cea7c229171a19bbb54920473b2e9ae278b763f9d732f44960ef22006705fb1641ebbb89dc51dc3620ac489517ab83d22c893ed20edbb8e1250d2b95929bdfc5448210faeeca00d068b06985e2f538676e7af9d0d6ac8392ab04d56df4499cff25041b9135bd399d803c3776384f530d3834a0d20a4a6bf3ed21e8103b899d99de5f792a62d58fb6af3a76f4a057c4af9f7cdb10defaaca75d6d905ecafbfee63970c0100bebce999c931c3ce0deaaebc615ada6391f4b72d9d8bde55e1ec7b07d5fdb659c8de8b20404f8e743402c9762d9cbeada403b8ef41bb31db794db7312812f9cf3959a1fbff8f7090dd961713c0a6d519a3e3c54fca3d724019843c23e08c4369c14e3a7c3c87f7cff7e65ed56f88f3f883dca1b04e9e3f0b98cf21d69972ce5f70fd292651bd0eca8fda70d0c2916e53cd39432fa17b42d4ca15b764c5846bdafc7ccb9133cca48df66cc8c81cb83e40a471b4b37913f753d7ba7763bbe525733478dc34d3e58c7337c59b7023347db6e3ad3fd2c12be3543d733b2a6ad58f14b2da0bd1dc37a121830446d74f60d3a1ee1128f8664dc1cff198983dd3dde7c324caa25515919ba61a856fb9eaf2493ab2132f73394acf070d47d3e3843b62fd0bb7a64ce7160ef44873509a9d9b7bd8e8fdf6f653dca2aad20ff30f3d4e6ecb2182c656b141a384b6e5ce25de0a28b2db577f0fc5c1cc451cbd05443bfc953c9b1ea9b666ac28ae68c9da15f300510b7e77b43ef869ff579d6463bc57c566379b31482eed4a06d012f268da4f1dabd7e8730213b98336fdd13736eee46ac1df720cab564e04f931b8c108ca81f66cefc7076dffa0d916d1f67fb9a3444f59bff2303d19557d97ba3d85e202d9fb7298a2790eeb36f3fc0cc2f939ba3bebc242c4a70f4a974a8d6e1c7a95f3be57f67cc040fc5ca49590caef7f589f085f0fb041eb27a3ff0e9be123880f8fed70eb529b6df552926c70d03fda77cffb9405951e4beb2336a0be43fc4e1b672d815c07a3cae6786b6819c79e220146823031a931e468faadc316b8271d09faccfe4c4e65ebf8ad3fb72e433495596531ef1ae77fb4f13831898fda3fcb7966af16603731524c474244f21a9ad3c1a013b95a29ea0998048e86de336a66ea915916631a4b542089ea1f25701dca2390fd38dce5218a7f01a33a140483f84af785b97465c3374c7583c05512c5e4f4e956d5502e3df17", 0x1000}], 0x1, &(0x7f0000001e00)=[{0xe0, 0x111, 0xfff, "3f07ba7848920896f6c7b85984af395cbaf609835be7bd733c9fc4baa3f9f8c17d6a0b5ea1f4783d3df6b881a22e2f98bd2201949238727a8477557369fa43206ae90c7f662739b9aebbb6502f41fcb7792c9482edfa8a5db5a9b04694ae9325e2ebc4f2a04fbc72768863cbca61ee1af9cc2b00c999ccbe4f950a765d22fba5adcdf386f931840bf5aedd8a4b1711908410e4ecb6d48c8a45f34578b29cd0a9f282a8300909d1213bf0d9202136bfed7af235d51494a8deb6e6f3b9f924327d0fffbd12131b0436d7"}, {0x30, 0x10c, 0x3, "b8da3ec65ebf001ab15fba83c909a44c36f7f30c1994c86f42af61f7"}, {0x90, 0x107, 0x9, "9b7d0de95e2307c04770036732c11bcee927fd31ec4c2ddc5be649c12f239ab8921603376a7ef68e3cf339fb30e22ae570d89a19c376e24b5af1bd8188c9e6151e509e9ea678b8309202b2a06d14b8bb4a0f681e46f2ff40e5fb090097dadc5a6e7ab9698ca52c9bd342b92a1ef858686c6ac1f903198c5f6dc9821666d2"}], 0x1a0}}], 0x5, 0x48000)
sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002, 0x0, 0xc004}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000005c0)={'gre0\x00'})
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1m1.792960923s ago: executing program 1 (id=1718):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
setreuid(0x0, 0xee00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000340)={0x0, 0x5, 0x35})
write$rfkill(r0, &(0x7f0000000000)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8)

1m1.731580227s ago: executing program 3 (id=1719):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xff, 0x9}]})
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @link_local, @void, {@ipv4={0x1c00, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

1m1.720605081s ago: executing program 2 (id=1720):
r0 = syz_open_dev$video4linux(&(0x7f0000000100), 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r4, 0x0, r5, 0x0, 0x1, 0xe)
vmsplice(r5, &(0x7f0000000380)=[{&(0x7f0000000180)="04", 0x1}, {&(0x7f00000004c0)="7f", 0x1}, {&(0x7f0000001300)="da02e0929db59d75553d26c696d90e4054549f85a1451da47072bcdb2e27d2917aec1fa8b39ef26bea1c75480c27fbe376dcc6965f92c8ccb83789f40a80bcb123a70adb75b978d08a793cd0e80be25e9cd3756f30799b308d15e0f193d191c9d3e900110e2416fb88dfd5aa261dfd3f1b4dcdc255461e538c38c841ce9909aba55dcbc152afdd4e9de5fa274f23492bb8e2cab755e02983b8772dfeed2cfee9fab687c674aaf05c60524965d42425e091452140bda00b29a7376f89328921050dc30faad301d9c86d88ad8aa00d687011d63a7144af28936c1aea5b9846d0b5a64564bd5e0681df3133b399bf2f3085351e5047a6906099fc8b98ff67baf10926f60e60676d8bac45696f563d9f3dd773f20babf9fd763c64cbf95d97707c3ae8615d025b22d1ce3a401c9e85b6dfd7befead05c348df9ddfb883459867c6426089524ff312c819d15e2d5cc800b26f90c7a034163521af054536debb192fe03715c5a7d0c73cccf70057bc677ac31014ff2a2462883cd40d80a3b8a830aed6d95448931082e9e2e6ef9e010c9b607223edb7e09492a0ac95d8f6b0b1134db18eea2b47a33a288dc27d8dcc417b77ab724a6b15b3369555660600f639c0495e25d65d22213e88917fde8ed947264c33f5fda448a450c68e2cca80a31421cc218f3aeb7234407d8137e87296bde3c010b1bcb9ba72696ceb5c63b48f03b907e2e8238132864e8a5c848627fddeef082ab85ac1e0c02d7f4111b195ce5d5f4439bcecda48f46738e427157817d5920d8484b91931f53b8d27f46511fa103235566bc09d38d1ccb2171710264f2e62d4eb5a90eb35d4eace763ef30141a89d8d8d71705a3eeab3aa76ed2c0bcdb8ca598334d79a66edee6cac3eb4db85e3390b3dfc33a8dec255f326f182c8afdfa31424b39feba825d94ea2196fe4a982c84d841a2ec92c990c622b25d1a9dfbb9371ea8404595cc03e6bb5a3a26f209dd2454a94735b7a3aca311e343bb02613370065acf299b3683f9214c948205d7350d2f291c0bef6f7829f637326f1cfc75e4c85035af140535dc436f864e75fc2bbcdbbc639822d6463c5cc3da6c888b4289998280a633ed291783193f3105a8600f415edc80595e199f6edc9be3c36dbc5cf550ff65d1ff81cfba4fe1170105da548b3cae9767737761bbe5ba8ffd02a41b76a75bc0743c83265aea2b0108d0a1f6bfae268f053a3609714e0ad4a3ee1e67501807d1c533b61f00e42e78aa33e340541e492d9f589bfbda7ec5b53603cc211ca3ca9396b27a2f2d2df75c86017a6e674ae05efdebbeef21f0147cbaca93437de4cba62df61babc68715cb065f8eb74a9ff4aac2a23fd0a62b5fb5ed69a60e25a49be97bd02769e3f9ed8f35956c10dd9b9f585a93552227804684a2cf9d3c3f5e048a05388982e343c6ad7a3e21410db6f2fa1947b7beb86b4853128db3a664006324e3564fab82cd33d9c0149fd87be6f852c857d5a23f71022cc5880d333e9129110a9e6a82822b749625157a7e75e90fb699260769e328d71a82ef41eb5fa7083a3e9e0a46177210f3802893224a08df6ef8e92538fe935caadef7c12492455a349b08022a1a8c6757ca79d262031ed5ac610bb74451823bbfe5f364bb98afafec4ce3116e7b20cfd56639272197d8bd9e20a37d9b90ae305c5f6c3eb9140049a3ac3c9896530130288744a36c2a94ea6f84c930b31aa957c29682f526ea9809ab0991990a9491791814210a69edf8df29d5a12f69d90c26788d3fc6ae6c079a49dab8283f43ce7e812ccf54658de24a9753960eac35405e549933754ff94e0c88b62d3e7318f2923a5cefb2184fbb361ad88ff9618ed678464af38496333b1083995c50f6fed40307f40a952c5c4a9d187082b850b9c48a91929afa32ceab9813cbcf024ad969775d16beac1d97c33f2b1084ca6719f1de998ec2b23cb4cabf135c1200b8523dc462434ef712737ec5a392b4a770f6b6702ab576d6d7c30284b7abe2db619442a94cb5b057eff83747175fc454cd4425b0bce81a44adc8e3a931dab3d9d885cbbf492cf152fe673a9f5eddd23609e45de5d406a5bc03842276bf933ad831a74911f1f679d3493533b59903a59d63795a56af2be052271da89c75ec4fd05c97c058ac89f79e3df94c56983589a74a3f583b395bb012d24a4988788d7f41d5334b0b64b427eabfdffde8cf3af5fdd4ae78b88fa402fde7bceba4b1fafff9ed5b7c55bddba7046231d2837b26ee7e88774558a5d78136c48a60d4a2410a05ab94807204cfc3ebf7f9c1a5a16b738dbab611cc89eaca55101e0af8128150205d244ddbaeae1eab2e23bd2d877b21c43039645a99ea507235b3ac9fc041fd37399c7b5ca5302ff54cc0c2b91ddda35cbe9a7b5d2c2bf7abb796f06185b56a0a7c4f652930e57b3c9eb69852921afffcc86be2768e40fe25f533b17f3a56e00c50964ba5a05de907bf1259ded7bb5a8f39c3e2f8f7f56b356be8e510028c15040894492fbcd84301e9ffcb36bd1959eb610ac82ca808b8a0b24e42e002d4de2ffa5b7f70c28e0f2c3d6734a90d31be326c7e8b1da1e7a94ec557e998f260c40082761780cca0ae7cdbd09c057a532a69d2e971f4d2fda2557069cc2c6e334f2dc246f5d675652bf6b4b6c4f838484fb64aebf2e51b384513d545f65a6bce99e696bd484c19799ce294cb4425c0a28ab1bf23ac84169232a4de593430b6d3cc18c3043c6c4e947f8cde7040b510530a4df0fe270cff302a62c3f858e674ecdfee262801c863dac815437ac62b720a8fd1146e2dfea80397b7f15965bbaeb41ba84ef63044c9dd48109973f96501ef0e51031706665b1724c0cab197117aca86bc137c6d2fbeb85d4b3d93200c7fc6d0e2583e44f607c72cf0cacd990d0160f332713cba1159a96ba717fcdd91bde51ad81448315387783a02a05fdde44c4819ffe9a5808d142bcaf283f90d82aca7fe2779ecccc6acbcf2d58a846d01e1ca2386f1a3321e7eca8bd05eccc06451f7da996d1a823f2235780e310e3f3d75a78a14e995f75799331304f3c33eb58561cc7e951f65d7e02c67849f70600610c0ac780d3b796a5fcda694d6a0ecaf6795524490086cd233dfdb44073f54e2f61a58a5e271602bdcb31c226c859e0a41e86a9aa437e49bb33e2fd8234e62e8acc22adcf55249ccacb6aeb5dbae76fd26c0785bd1a340da3f1a4f7dc44603c9a70f2637fd7e63aba68b1c61819d6aa4ef2e1745568ed9894bb66404e22e04a5c1d9d15d21bd5785db82f3bba763103b18015dbb9e63b3485257cf60ead97c07f89de16b7e5fedd1a1707fe9150a2eb5af96d753b3ccae88827f6126eb7919100ec1ac06cbb30c89aeffbedcd555cb2a2b4bb59481b9dfea27377b4e1ea1acc3392027c4f4dc9b44bd3161b57575a74c7f33e9f69374a3a94f4271e85cdd6c312649625ef4ac9032789e9943553b85ea594b2a8f517f205c57f22316fea2cd5ad2a6b3149b85dee2476fd69ffadc278d2b45c0a391d5567b6411d6f16852dff9d8ebdf0147ec840e054010c4a37764239b3783ea00a1e6605eef6b8d1f0fdf3dc0e2e94b501e1f9f7eae972dfe14fb241cb14d1726147b52ebc0ede069ea73df91cf0c4d6d58573d6413cba78fa85986b041baf5cb4fbbff89634ae5151d1eceef33a9acb1dea87d159a6868d4d43e7df706fef48284c648f8d6314aaabc1ba9702652eac010ec6d40dfca9eca1b7588e6efa4043510b91440cbf089aa6e52cc9b1e7e26c14bdb299392ee933afc436ab844083c0d263022bce73412054369f3949923c39c13f1c7d50a3505e16a5018d91470dc3bb1634cef7b6413d7c23d77b48cc21c22939daf26d3c271d3cf172f42ad40203f1db50127cf7e079e2a19ad34b56aba39992cffbe7726cab4a718656b955a6410bdb4642a7cd4b035037d84f447af81157a0c363df574423e0bbf46c323378953cce0537f59e2ae5d4307f13e75572f889640581607f34a65f7e4c5c7fc59a07541e40a7b83fbeee5e2910658eb2ea058050c58b6382916939c0a358f678f8b5002b8e79765083caee8ade57d1d3eec62e6306cc41547c2e805610ac7976ba97999aa2813a4d4acccdec14762c83cc5c18c9694a74487a7fcca996adde8da1c8a74842d7162f3c96ca7043c08a9bf769bfb07e1a33cd0591c3409098a6becd7804aac74373631207efa7a6eda851b3c9f483b024cae58396992fc58c36a1143d5f28dc4d6a221e1238082405f7a7234fcda6272329974e38d457698d12eabfe3edd327c32305f739820d83eaecde44f10a0e03d02b3c029ebcafdc6c01ec7010045d65438511c72f4fb5681ed8647d30f22bf37b345e9dd8a84d033370f18e904ef11a479fcf96bad45f1bda1a6fda19cf94ff95a8c489f665a162c3ddcc52f523e755b3821b5481662c9db2878a2ef996fa227863e82f641aa0cba96ca2464f0ee491c3db1f5a1ad5be4f2c9d3d4c8f1c0d70e3bef4c5455165571991dbe08057d8c2007e239acc50b8988ae77958bfb32f1a9b7e9cbd8adab24fb42f79e31fb624400b7e4877b0537dd892fdd56bcf86ca7ed5401c50b3bf473615e8e89504d586c8bde3d3802a7bc6f87674180e28fa12c1167b5355cdd66fb4a9457a68f6b2d0d2f5976ab8a36e7390b3204e2481220950776773630ddf839a", 0xd01}], 0x3, 0x6)
ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, 0x0)
write$vga_arbiter(r5, &(0x7f0000000280)=@other={'trylock', ' ', 'none'}, 0xd)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={r3}, 0x8)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_FREE_STREAMS(r7, 0x8008551d, &(0x7f0000000140)={0x5178, 0x1, [{0x1, 0x1}]})
pipe2(&(0x7f0000000240)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x84000)
r10 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read$FUSE(r10, &(0x7f0000002400)={0x2020, 0x0, <r11=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r9, &(0x7f0000000200)={0x10, 0xfffffffffffffff5, r11}, 0x10)
splice(r8, 0x0, r10, 0x0, 0x10, 0x0)
r12 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r12, 0xae60)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(r13, 0xc008aec1, &(0x7f0000000200))
ioctl$KVM_SET_MP_STATE(r13, 0x4004ae99, &(0x7f00000001c0)=0x5)
ioctl$VIDIOC_ENUMSTD(r0, 0xc0205647, &(0x7f0000000080)={0xf010000, 0x3000000, "3127608efb75b4c827912445aead8b49f0a87e73a02eec2f", {0xfffffffc, 0x200000}})
r14 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r14, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b040000000000000000020000004c000480240001800b000100736f636b657400001400028008000240000000030800014000000002240001800b0001007470726f7879000014000280080001400000000208000340000000100900010073797a30000000000900020073797a320000000014000000110001"], 0xa0}}, 0x40880)

1m1.599374986s ago: executing program 4 (id=1721):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$igmp(0x2, 0x3, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
ppoll(&(0x7f0000000240), 0x0, 0x0, 0x0, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)

1m1.183435149s ago: executing program 0 (id=1722):
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={<r0=>0xffffffffffffffff, 0x5, 0x80, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000003000/0x2000)=nil, &(0x7f0000001000/0x2000)=nil, 0x2000, 0x2})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wpan0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
recvmmsg(r2, &(0x7f0000000980)=[{{&(0x7f0000000500)=@can, 0x80, &(0x7f0000000900)=[{&(0x7f0000000100)=""/8, 0x8}, {&(0x7f0000000580)=""/238, 0xee}, {&(0x7f0000000680)=""/93, 0x5d}, {&(0x7f0000000480)=""/38, 0x26}, {&(0x7f0000000700)=""/151, 0x97}, {&(0x7f00000007c0)=""/53, 0x35}, {&(0x7f0000000800)=""/200, 0xc8}], 0x7}, 0x3ff}], 0x1, 0x2, &(0x7f00000001c0))

1m0.278735937s ago: executing program 3 (id=1723):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
sendmmsg$inet(r0, &(0x7f0000001200)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10, 0x0}}], 0x1, 0x2000c054)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = gettid()
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r3, &(0x7f0000000100)={0x1d, 0x0, 0x0, {}, 0xfd}, 0x18)
connect$can_j1939(r3, &(0x7f0000000080)={0x1d, 0x0, 0x0, {0x0, 0xf0, 0x2}, 0xfe}, 0x18)
sendmsg$can_j1939(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)='.', 0x1a000}}, 0x0)
r4 = fcntl$dupfd(r3, 0x406, r3)
bind$can_j1939(r4, &(0x7f0000000040)={0x1d, 0x0, 0x2, {0x0, 0xff}, 0xfe}, 0x18)
quotactl_fd$Q_SETINFO(0xffffffffffffffff, 0xffffffff80000600, 0x0, &(0x7f0000000040)={0x1, 0xfffffffffffffffc, 0x0, 0x4})
socket(0x28, 0x6, 0x7fef)
r5 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f0000000480)={0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x7, {0x1fffe, 0x8925, 0x25b2, 0x0, 0x8, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5, 0xfa, 0x8, 0x0, "d20bddda92e75aec79ff0300d28001000b0000000000001000000900"}})
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f2c0000000b0a01080000000000000000012300000900020073797a32000000080900010073797a30"], 0xc4}}, 0x24008004)

1m0.277905678s ago: executing program 4 (id=1724):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socket$l2tp6(0xa, 0x2, 0x73)
r1 = socket$inet(0x2, 0x1, 0x0)
listen(r1, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='task\x00')
mount$9p_fd(0x0, &(0x7f0000000340)='.\x00', &(0x7f0000000400), 0x6, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0x7, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xf1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x9, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe5, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
socket$l2tp6(0xa, 0x2, 0x73) (async)
socket$inet(0x2, 0x1, 0x0) (async)
listen(r1, 0x0) (async)
syz_open_procfs(0x0, &(0x7f0000000000)='task\x00') (async)
mount$9p_fd(0x0, &(0x7f0000000340)='.\x00', &(0x7f0000000400), 0x6, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}}) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
getpid() (async)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0x7, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xf1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x9, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe5, @void, @value}, 0x94) (async)

1m0.208966051s ago: executing program 0 (id=1725):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000080)=@arm64={0x9, 0xff, 0x5, '\x00', 0x47})

1m0.14755124s ago: executing program 1 (id=1726):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000e40)={'wlan0\x00'})
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000200)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x20000015}, 0x4000)

1m0.105400366s ago: executing program 1 (id=1727):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@local})
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0, {0x100}}, './file0\x00'})
ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f00000000c0)={0x8, 0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@hyper, 0x4}, @hyper, 0x0, 0x0, 0xe, 0x5})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000031401002dbd7000ffffffff0900020073797a32000000000800410072786500140033006c6f0000000000000000000000000000709a4ef1645d80e05033bfd1d2535a36b62323f7b9fc94b76a6a2d8cbee17c377ff82062871305ff9128dbaf007034e12c6f8559567f23b9172b69e6f5f569288b342ec9292c237fb83b296e424465b72a18f57b1347227520ca039f48d72b44f662063e6aba4312f5e5edd0b0e8657c560a022e5b697cfec092"], 0x38}, 0x1, 0x0, 0x0, 0x844}, 0x0)

55.703046984s ago: executing program 4 (id=1728):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0xd}, 0x18)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0xff, 0xff})

0s ago: executing program 32 (id=1725):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000080)=@arm64={0x9, 0xff, 0x5, '\x00', 0x47})

kernel console output (not intermixed with test programs):

CX: 00007f8ccb18e929
[  410.551288][ T8988] RDX: 00000000001e4011 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  410.551303][ T8988] RBP: 00007f8ccbf2a090 R08: 0000000000000000 R09: 0000000000000000
[  410.551317][ T8988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  410.551329][ T8988] R13: 0000000000000001 R14: 00007f8ccb3b6080 R15: 00007ffc0b5fad48
[  410.551370][ T8988]  </TASK>
[  411.790628][ T5889] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  412.509329][ T5889] usb 2-1: Using ep0 maxpacket: 32
[  412.521269][ T5889] usb 2-1: New USB device found, idVendor=1ba6, idProduct=0001, bcdDevice=49.88
[  412.642043][ T5889] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  412.653907][ T5889] usb 2-1: Product: syz
[  412.658752][ T5889] usb 2-1: Manufacturer: syz
[  412.668277][ T5889] usb 2-1: SerialNumber: syz
[  412.838601][ T5889] usb 2-1: config 0 descriptor??
[  412.955864][ T5889] as10x_usb: device has been detected
[  412.970368][ T5889] dvbdev: DVB: registering new adapter (Abilis Systems DVB-Titan)
[  414.077260][ T5889] usb 2-1: DVB: registering adapter 1 frontend 0 (Abilis Systems DVB-Titan)...
[  414.159837][ T5889] as10x_usb: error during firmware upload part1
[  414.186066][ T5889] Registered device Abilis Systems DVB-Titan
[  414.278110][ T5919] usb 2-1: USB disconnect, device number 31
[  414.360810][ T5919] Unregistered device Abilis Systems DVB-Titan
[  414.364836][ T5919] as10x_usb: device has been disconnected
[  415.239844][ T2155] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  416.489566][ T2155] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  416.508506][ T2155] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  416.529493][ T2155] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  416.538844][ T2155] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  416.577862][ T2155] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  416.608543][ T2155] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  416.622973][ T2155] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  416.638663][ T2155] usb 3-1: Product: syz
[  416.647697][ T2155] usb 3-1: Manufacturer: syz
[  416.666764][ T2155] cdc_wdm 3-1:1.0: skipping garbage
[  416.680418][ T2155] cdc_wdm 3-1:1.0: skipping garbage
[  416.696970][ T2155] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  416.721356][ T2155] cdc_wdm 3-1:1.0: Unknown control protocol
[  416.947645][ T9031] mkiss: ax0: crc mode is auto.
[  417.844627][    T9] usb 3-1: USB disconnect, device number 15
[  417.869852][ T2155] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  418.399226][   T43] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  418.407024][ T2155] usb 5-1: device descriptor read/64, error -71
[  418.589125][   T43] usb 2-1: Using ep0 maxpacket: 8
[  418.601375][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  418.612634][   T43] usb 2-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  418.624768][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.659671][ T2155] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  418.674692][   T43] usb 2-1: config 0 descriptor??
[  418.818882][ T2155] usb 5-1: device descriptor read/64, error -71
[  419.149654][ T2155] usb usb5-port1: attempt power cycle
[  419.167464][   T43] kye 0003:0458:5013.0009: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  419.199074][   T43] kye 0003:0458:5013.0009: hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.1-1/input0
[  419.210134][   T43] kye 0003:0458:5013.0009: tablet-enabling feature report not found
[  419.224738][   T43] kye 0003:0458:5013.0009: tablet enabling failed
[  419.315319][ T5824] Bluetooth: hci3: unexpected event for opcode 0x0804
[  419.322919][   T24] IPVS: starting estimator thread 0...
[  419.419584][ T9078] IPVS: using max 22 ests per chain, 52800 per kthread
[  419.459552][   T24] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  419.953017][ T9057] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  420.019202][ T2155] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  421.139104][ T2155] usb 5-1: device not accepting address 15, error -71
[  421.232900][ T9057] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  421.241235][   T24] usb 4-1: Using ep0 maxpacket: 32
[  421.267619][   T24] usb 4-1: config 0 interface 0 has no altsetting 0
[  421.294817][   T24] usb 4-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  421.332543][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  421.375862][ T5919] usb 2-1: USB disconnect, device number 32
[  421.382084][   T24] usb 4-1: Product: syz
[  421.406249][   T24] usb 4-1: Manufacturer: syz
[  421.704549][   T24] usb 4-1: SerialNumber: syz
[  422.214580][   T24] usb 4-1: config 0 descriptor??
[  422.571407][ T2155] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  422.743607][   T24] usb 4-1: can't set config #0, error -71
[  422.752597][ T2155] usb 5-1: unable to get BOS descriptor or descriptor too short
[  422.765495][   T24] usb 4-1: USB disconnect, device number 27
[  422.773558][ T2155] usb 5-1: not running at top speed; connect to a high speed hub
[  422.810295][ T2155] usb 5-1: config 3 has an invalid interface number: 98 but max is 0
[  422.818446][ T2155] usb 5-1: config 3 has no interface number 0
[  423.044873][ T2155] usb 5-1: config 3 interface 98 altsetting 10 endpoint 0x2 has an invalid bInterval 0, changing to 4
[  423.056534][ T2155] usb 5-1: config 3 interface 98 altsetting 10 endpoint 0x2 has invalid wMaxPacketSize 0
[  423.067391][ T2155] usb 5-1: config 3 interface 98 has no altsetting 0
[  423.117330][ T9102] program syz.3.885 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  423.214487][ T9104] netlink: 4 bytes leftover after parsing attributes in process `syz.2.884'.
[  423.346423][ T9104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  423.397592][ T2155] usb 5-1: New USB device found, idVendor=06f8, idProduct=b000, bcdDevice=b9.a8
[  423.473135][ T9104] batman_adv: batadv0: Removing interface: batadv_slave_0
[  423.523899][ T2155] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.532088][ T2155] usb 5-1: Product: syz
[  423.536294][ T2155] usb 5-1: Manufacturer: syz
[  423.546255][ T2155] usb 5-1: SerialNumber: syz
[  423.582860][ T9104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  423.652955][ T9104] batman_adv: batadv0: Removing interface: batadv_slave_1
[  425.623240][ T2155] usb 5-1: USB disconnect, device number 16
[  425.949639][ T5832] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  426.039185][ T2155] usb 5-1: new full-speed USB device number 17 using dummy_hcd
[  426.099124][ T5832] usb 4-1: Using ep0 maxpacket: 8
[  426.112557][ T5832] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  426.129153][ T5832] usb 4-1: config 179 has no interface number 0
[  426.145770][ T5832] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  426.177383][ T5832] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  426.198879][ T5832] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  426.204484][ T2155] usb 5-1: too many configurations: 250, using maximum allowed: 8
[  426.225906][ T2155] usb 5-1: unable to read config index 0 descriptor/start: -61
[  426.236927][ T2155] usb 5-1: can't read configurations, error -61
[  426.286858][ T5832] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  426.333252][ T5832] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  426.369131][ T5832] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  426.398615][ T5832] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  426.409633][ T2155] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[  426.495269][ T9127] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  426.655109][ T2155] usb 5-1: too many configurations: 250, using maximum allowed: 8
[  426.740350][ T2155] usb 5-1: unable to read config index 0 descriptor/start: -61
[  426.778354][ T2155] usb 5-1: can't read configurations, error -61
[  426.825430][ T2155] usb usb5-port1: attempt power cycle
[  427.405193][ T2155] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[  427.461695][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  427.461718][   T30] audit: type=1400 audit(1749455242.359:102): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=9145 comm="syz.0.898" daddr=::ffff:172.20.20.59 dest=20003
[  427.692667][ T2155] usb 5-1: too many configurations: 250, using maximum allowed: 8
[  427.718225][ T2155] usb 5-1: unable to read config index 0 descriptor/start: -61
[  427.882959][ T2155] usb 5-1: can't read configurations, error -61
[  427.914418][ T5912] usb 4-1: USB disconnect, device number 28
[  427.914424][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  427.914473][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  428.019515][ T2155] usb 5-1: new full-speed USB device number 20 using dummy_hcd
[  428.062796][ T2155] usb 5-1: too many configurations: 250, using maximum allowed: 8
[  428.082949][ T2155] usb 5-1: unable to read config index 0 descriptor/start: -61
[  428.091077][ T2155] usb 5-1: can't read configurations, error -61
[  428.103272][ T2155] usb usb5-port1: unable to enumerate USB device
[  429.322971][ T9166] Invalid source name
[  429.326999][ T9166] UBIFS error (pid: 9166): cannot open "./file0", error -22
[  429.510818][ T9174] netlink: 20 bytes leftover after parsing attributes in process `syz.3.904'.
[  430.049390][ T9175] macvtap0: entered allmulticast mode
[  430.054903][ T9175] veth0_macvtap: entered allmulticast mode
[  430.104849][ T9171] netlink: 20 bytes leftover after parsing attributes in process `syz.3.904'.
[  430.131952][ T5824] Bluetooth: hci2: unexpected event for opcode 0x2042
[  430.328260][ T9188] netlink: 20 bytes leftover after parsing attributes in process `syz.0.907'.
[  430.351600][ T9188] netlink: 20 bytes leftover after parsing attributes in process `syz.0.907'.
[  430.858468][ T9194] netlink: 'syz.3.911': attribute type 3 has an invalid length.
[  430.920228][ T9194] netlink: 'syz.3.911': attribute type 1 has an invalid length.
[  430.928042][ T9194] netlink: 216 bytes leftover after parsing attributes in process `syz.3.911'.
[  430.940696][ T9194] NCSI netlink: No device for ifindex 33022
[  430.970314][ T9199] loop6: detected capacity change from 0 to 7
[  431.520699][ T9199] Dev loop6: unable to read RDB block 7
[  431.552803][ T9199]  loop6: unable to read partition table
[  431.572551][ T9199] loop6: partition table beyond EOD, truncated
[  431.593500][ T9199] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[  431.889095][ T9212] FAULT_INJECTION: forcing a failure.
[  431.889095][ T9212] name failslab, interval 1, probability 0, space 0, times 0
[  431.902702][ T9212] CPU: 0 UID: 0 PID: 9212 Comm: syz.4.916 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  431.902731][ T9212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  431.902745][ T9212] Call Trace:
[  431.902756][ T9212]  <TASK>
[  431.902766][ T9212]  dump_stack_lvl+0x189/0x250
[  431.902804][ T9212]  ? __pfx____ratelimit+0x10/0x10
[  431.902838][ T9212]  ? __pfx_dump_stack_lvl+0x10/0x10
[  431.902871][ T9212]  ? __pfx__printk+0x10/0x10
[  431.902899][ T9212]  ? __pfx___might_resched+0x10/0x10
[  431.902946][ T9212]  should_fail_ex+0x414/0x560
[  431.902980][ T9212]  should_failslab+0xa8/0x100
[  431.903012][ T9212]  __kmalloc_cache_node_noprof+0x73/0x3d0
[  431.903040][ T9212]  ? __get_vm_area_node+0x13f/0x300
[  431.903072][ T9212]  __get_vm_area_node+0x13f/0x300
[  431.903097][ T9212]  ? trace_sched_exit_tp+0x38/0x120
[  431.903129][ T9212]  __vmalloc_node_range_noprof+0x301/0x12f0
[  431.903159][ T9212]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  431.903222][ T9212]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  431.903250][ T9212]  ? __might_fault+0xb0/0x130
[  431.903277][ T9212]  ? _parse_integer_limit+0x1ae/0x1f0
[  431.903313][ T9212]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  431.903340][ T9212]  __vmalloc_noprof+0xb1/0xf0
[  431.903369][ T9212]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  431.903401][ T9212]  bpf_prog_alloc_no_stats+0x4a/0x4e0
[  431.903437][ T9212]  bpf_prog_alloc+0x3c/0x1a0
[  431.903469][ T9212]  bpf_prog_load+0x735/0x1930
[  431.903512][ T9212]  ? __pfx_bpf_prog_load+0x10/0x10
[  431.903567][ T9212]  ? bpf_lsm_bpf+0x9/0x20
[  431.903595][ T9212]  ? security_bpf+0x7e/0x300
[  431.903629][ T9212]  __sys_bpf+0x5f1/0x860
[  431.903658][ T9212]  ? __pfx___sys_bpf+0x10/0x10
[  431.903708][ T9212]  ? rcu_is_watching+0x15/0xb0
[  431.903748][ T9212]  __x64_sys_bpf+0x7c/0x90
[  431.903774][ T9212]  do_syscall_64+0xfa/0x3b0
[  431.903796][ T9212]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.903817][ T9212]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  431.903838][ T9212]  ? clear_bhb_loop+0x60/0xb0
[  431.903865][ T9212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.903886][ T9212] RIP: 0033:0x7f96fbf8e929
[  431.903912][ T9212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  431.903931][ T9212] RSP: 002b:00007f96fcdcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  431.903954][ T9212] RAX: ffffffffffffffda RBX: 00007f96fc1b5fa0 RCX: 00007f96fbf8e929
[  431.903970][ T9212] RDX: 0000000000000094 RSI: 0000200000000400 RDI: 0000000000000005
[  431.903984][ T9212] RBP: 00007f96fcdcc090 R08: 0000000000000000 R09: 0000000000000000
[  431.903998][ T9212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  431.904011][ T9212] R13: 0000000000000001 R14: 00007f96fc1b5fa0 R15: 00007ffd8e949de8
[  431.904045][ T9212]  </TASK>
[  432.187074][    C0] vkms_vblank_simulate: vblank timer overrun
[  432.373147][ T9212] syz.4.916: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  432.476759][ T9212] CPU: 0 UID: 0 PID: 9212 Comm: syz.4.916 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  432.476791][ T9212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  432.476805][ T9212] Call Trace:
[  432.476834][ T9212]  <TASK>
[  432.476844][ T9212]  dump_stack_lvl+0x189/0x250
[  432.476885][ T9212]  ? __pfx_dump_stack_lvl+0x10/0x10
[  432.476917][ T9212]  ? __pfx__printk+0x10/0x10
[  432.476940][ T9212]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  432.476976][ T9212]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  432.477014][ T9212]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  432.477053][ T9212]  warn_alloc+0x214/0x310
[  432.477096][ T9212]  ? __pfx_warn_alloc+0x10/0x10
[  432.477127][ T9212]  ? __get_vm_area_node+0x13f/0x300
[  432.477159][ T9212]  ? __get_vm_area_node+0x2b5/0x300
[  432.477183][ T9212]  ? trace_sched_exit_tp+0x38/0x120
[  432.477217][ T9212]  __vmalloc_node_range_noprof+0x326/0x12f0
[  432.477278][ T9212]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  432.477306][ T9212]  ? __might_fault+0xb0/0x130
[  432.477334][ T9212]  ? _parse_integer_limit+0x1ae/0x1f0
[  432.477370][ T9212]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  432.477398][ T9212]  __vmalloc_noprof+0xb1/0xf0
[  432.477426][ T9212]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  432.477459][ T9212]  bpf_prog_alloc_no_stats+0x4a/0x4e0
[  432.477494][ T9212]  bpf_prog_alloc+0x3c/0x1a0
[  432.477525][ T9212]  bpf_prog_load+0x735/0x1930
[  432.477568][ T9212]  ? __pfx_bpf_prog_load+0x10/0x10
[  432.477621][ T9212]  ? bpf_lsm_bpf+0x9/0x20
[  432.477650][ T9212]  ? security_bpf+0x7e/0x300
[  432.477683][ T9212]  __sys_bpf+0x5f1/0x860
[  432.477712][ T9212]  ? __pfx___sys_bpf+0x10/0x10
[  432.477753][ T9212]  ? rcu_is_watching+0x15/0xb0
[  432.477794][ T9212]  __x64_sys_bpf+0x7c/0x90
[  432.477819][ T9212]  do_syscall_64+0xfa/0x3b0
[  432.477841][ T9212]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  432.477862][ T9212]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  432.477882][ T9212]  ? clear_bhb_loop+0x60/0xb0
[  432.477908][ T9212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  432.477929][ T9212] RIP: 0033:0x7f96fbf8e929
[  432.477949][ T9212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  432.477969][ T9212] RSP: 002b:00007f96fcdcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  432.477992][ T9212] RAX: ffffffffffffffda RBX: 00007f96fc1b5fa0 RCX: 00007f96fbf8e929
[  432.478008][ T9212] RDX: 0000000000000094 RSI: 0000200000000400 RDI: 0000000000000005
[  432.478021][ T9212] RBP: 00007f96fcdcc090 R08: 0000000000000000 R09: 0000000000000000
[  432.478034][ T9212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  432.478047][ T9212] R13: 0000000000000001 R14: 00007f96fc1b5fa0 R15: 00007ffd8e949de8
[  432.478085][ T9212]  </TASK>
[  432.478104][ T9212] Mem-Info:
[  432.982172][ T9212] active_anon:260 inactive_anon:11550 isolated_anon:0
[  432.982172][ T9212]  active_file:15678 inactive_file:35839 isolated_file:0
[  432.982172][ T9212]  unevictable:768 dirty:332 writeback:0
[  432.982172][ T9212]  slab_reclaimable:10362 slab_unreclaimable:107713
[  432.982172][ T9212]  mapped:35303 shmem:7087 pagetables:933
[  432.982172][ T9212]  sec_pagetables:0 bounce:0
[  432.982172][ T9212]  kernel_misc_reclaimable:0
[  432.982172][ T9212]  free:1308721 free_pcp:10710 free_cma:0
[  433.580217][ T9212] Node 0 active_anon:5540kB inactive_anon:41692kB active_file:62512kB inactive_file:143356kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:136736kB dirty:1332kB writeback:0kB shmem:26892kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:11068kB pagetables:3608kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  433.614258][    C0] vkms_vblank_simulate: vblank timer overrun
[  433.764987][ T9212] Node 1 active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:120kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  433.799998][ T9212] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  433.830213][ T9212] lowmem_reserve[]: 0 2501 2503 2503 2503
[  433.836059][ T9212] Node 0 DMA32 free:1316424kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:11436kB inactive_anon:20928kB active_file:60740kB inactive_file:143288kB unevictable:1536kB writepending:1332kB present:3129332kB managed:2561508kB mlocked:0kB bounce:0kB free_pcp:40948kB local_pcp:25684kB free_cma:0kB
[  434.230882][ T5824] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  434.241269][ T5824] Bluetooth: hci2: Injecting HCI hardware error event
[  434.257760][ T5824] Bluetooth: hci2: hardware error 0x00
[  434.271611][ T9212] lowmem_reserve[]: 0 0 1 1 1
[  434.415721][ T9212] Node 0 Normal free:8kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:44kB active_file:1772kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1904kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  434.446596][    C0] vkms_vblank_simulate: vblank timer overrun
[  434.632672][ T9212] lowmem_reserve[]: 0 0 0 0 0
[  434.701971][ T9212] Node 1 Normal free:3903016kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:17088kB local_pcp:8768kB free_cma:0kB
[  434.734666][    C0] vkms_vblank_simulate: vblank timer overrun
[  434.743696][ T9212] lowmem_reserve[]: 0 0 0 0 0
[  435.016463][ T9212] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  435.059134][ T9212] Node 0 DMA32: 1839*4kB (UM) 42*8kB (UM) 116*16kB (ME) 439*32kB (UME) 190*64kB (UME) 31*128kB (UME) 23*256kB (UM) 17*512kB (UM) 14*1024kB (UME) 5*2048kB (UM) 304*4096kB (UM) = 1324076kB
[  435.150583][ T9212] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  435.330709][ T9212] Node 1 Normal: 174*4kB (UME) 48*8kB (UME) 37*16kB (UME) 141*32kB (UME) 42*64kB (UME) 9*128kB (UME) 5*256kB (UME) 3*512kB (ME) 3*1024kB (UME) 2*2048kB (UE) 948*4096kB (M) = 3903016kB
[  435.350721][ T9212] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  435.360734][ T9212] Node 0 hugepages_total=6 hugepages_free=6 hugepages_surp=4 hugepages_size=2048kB
[  435.370533][ T9212] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  436.179688][ T9212] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  436.193963][ T9212] 52903 total pagecache pages
[  436.198716][ T9212] 0 pages in swap cache
[  436.210319][ T9212] Free swap  = 124996kB
[  436.215699][ T9212] Total swap = 124996kB
[  436.220473][ T9212] 2097051 pages RAM
[  436.224391][ T9212] 0 pages HighMem/MovableOnly
[  436.232330][ T9212] 424567 pages reserved
[  436.239748][ T9212] 0 pages cma reserved
[  436.331350][ T5824] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  436.437322][ T9246] loop6: detected capacity change from 0 to 524287999
[  437.645130][ T9259] kvm: pic: non byte write
[  439.583675][    T9] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  439.902109][    T9] usb 5-1: config 0 has an invalid interface number: 230 but max is 0
[  439.917790][    T9] usb 5-1: config 0 has no interface number 0
[  439.943132][    T9] usb 5-1: New USB device found, idVendor=05da, idProduct=00a3, bcdDevice=83.43
[  439.989545][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  440.007910][    T9] usb 5-1: Product: syz
[  440.025575][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  440.032102][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  440.213037][    T9] usb 5-1: Manufacturer: syz
[  440.217710][    T9] usb 5-1: SerialNumber: syz
[  440.323512][ T9288] netlink: 'syz.1.939': attribute type 15 has an invalid length.
[  441.186114][    T9] usb 5-1: config 0 descriptor??
[  441.197188][    T9] microtek usb (rev 0.4.3): expecting 3 got 0 endpoints! Bailing out.
[  441.735749][ T9305] netlink: 12 bytes leftover after parsing attributes in process `syz.1.944'.
[  441.821360][ T9305] netlink: 20 bytes leftover after parsing attributes in process `syz.1.944'.
[  441.851619][ T5832] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  442.031540][ T5832] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  442.044402][ T5832] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  442.076694][ T5832] usb 3-1: New USB device found, idVendor=0c70, idProduct=f00d, bcdDevice= 0.00
[  442.101001][ T5832] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.127455][ T5832] usb 3-1: config 0 descriptor??
[  442.338610][ T9317] netlink: 4 bytes leftover after parsing attributes in process `syz.3.949'.
[  442.562179][    T9] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  442.570789][ T5968] usb 5-1: USB disconnect, device number 21
[  442.587864][ T5832] aquacomputer_d5next 0003:0C70:F00D.000A: unknown main item tag 0x0
[  442.694492][ T5832] aquacomputer_d5next 0003:0C70:F00D.000A: unknown main item tag 0x0
[  442.702928][ T5832] aquacomputer_d5next 0003:0C70:F00D.000A: item fetching failed at offset 2/5
[  442.712805][ T5832] aquacomputer_d5next 0003:0C70:F00D.000A: probe with driver aquacomputer_d5next failed with error -22
[  443.444710][    T9] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  443.457871][    T9] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  443.475813][    T9] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  443.482067][ T5919] usb 3-1: USB disconnect, device number 16
[  443.488959][    T9] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  443.515035][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.933504][    T9] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  444.090069][    T9] usb 2-1: invalid MIDI out EP 0
[  444.094094][   T30] audit: type=1326 audit(1749455258.999:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9328 comm="syz.3.952" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9237f8e929 code=0x0
[  444.188172][    T9] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22
[  444.205354][ T9334] bio_check_eod: 2 callbacks suppressed
[  444.205370][ T9334] syz.3.952: attempt to access beyond end of device
[  444.205370][ T9334] loop7: rw=0, sector=0, nr_sectors = 1 limit=0
[  444.257122][ T9334] FAT-fs (loop7): unable to read boot sector
[  444.441000][    T9] usb 2-1: USB disconnect, device number 33
[  444.574758][ T9341] FAULT_INJECTION: forcing a failure.
[  444.574758][ T9341] name failslab, interval 1, probability 0, space 0, times 0
[  444.595049][ T9341] CPU: 1 UID: 0 PID: 9341 Comm: syz.4.956 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  444.595080][ T9341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  444.595094][ T9341] Call Trace:
[  444.595103][ T9341]  <TASK>
[  444.595113][ T9341]  dump_stack_lvl+0x189/0x250
[  444.595150][ T9341]  ? __pfx____ratelimit+0x10/0x10
[  444.595183][ T9341]  ? __pfx_dump_stack_lvl+0x10/0x10
[  444.595214][ T9341]  ? __pfx__printk+0x10/0x10
[  444.595242][ T9341]  ? __pfx___might_resched+0x10/0x10
[  444.595272][ T9341]  ? fs_reclaim_acquire+0x7d/0x100
[  444.595308][ T9341]  should_fail_ex+0x414/0x560
[  444.595341][ T9341]  should_failslab+0xa8/0x100
[  444.595370][ T9341]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  444.595397][ T9341]  ? __pfx___mutex_lock+0x10/0x10
[  444.595413][ T9341]  ? __alloc_skb+0x112/0x2d0
[  444.595442][ T9341]  __alloc_skb+0x112/0x2d0
[  444.595472][ T9341]  nci_send_cmd+0x90/0x360
[  444.595506][ T9341]  nci_dev_up+0x35f/0xd50
[  444.595534][ T9341]  ? lockdep_hardirqs_on+0x9c/0x150
[  444.595599][ T9341]  ? __pfx_nci_dev_up+0x10/0x10
[  444.595627][ T9341]  ? nfc_get_device+0x85/0xd0
[  444.595657][ T9341]  nfc_dev_up+0x16d/0x320
[  444.595696][ T9341]  nfc_genl_dev_up+0x89/0xe0
[  444.595722][ T9341]  genl_family_rcv_msg_doit+0x215/0x300
[  444.595764][ T9341]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  444.595812][ T9341]  ? bpf_lsm_capable+0x9/0x20
[  444.595844][ T9341]  ? security_capable+0x7e/0x2e0
[  444.595884][ T9341]  genl_rcv_msg+0x60e/0x790
[  444.595923][ T9341]  ? __pfx_genl_rcv_msg+0x10/0x10
[  444.595957][ T9341]  ? __pfx_nfc_genl_dev_up+0x10/0x10
[  444.596001][ T9341]  netlink_rcv_skb+0x208/0x470
[  444.596027][ T9341]  ? __pfx_genl_rcv_msg+0x10/0x10
[  444.596060][ T9341]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  444.596105][ T9341]  ? down_read+0x1ad/0x2e0
[  444.596129][ T9341]  genl_rcv+0x28/0x40
[  444.596157][ T9341]  netlink_unicast+0x75b/0x8d0
[  444.596192][ T9341]  netlink_sendmsg+0x805/0xb30
[  444.596230][ T9341]  ? __pfx_netlink_sendmsg+0x10/0x10
[  444.596265][ T9341]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  444.596290][ T9341]  ? __pfx_netlink_sendmsg+0x10/0x10
[  444.596316][ T9341]  __sock_sendmsg+0x219/0x270
[  444.596353][ T9341]  ____sys_sendmsg+0x505/0x830
[  444.596388][ T9341]  ? __pfx_____sys_sendmsg+0x10/0x10
[  444.596426][ T9341]  ? import_iovec+0x74/0xa0
[  444.596452][ T9341]  ___sys_sendmsg+0x21f/0x2a0
[  444.596483][ T9341]  ? __pfx____sys_sendmsg+0x10/0x10
[  444.596554][ T9341]  ? __fget_files+0x2a/0x420
[  444.596593][ T9341]  ? __fget_files+0x3a0/0x420
[  444.596634][ T9341]  __x64_sys_sendmsg+0x19b/0x260
[  444.596665][ T9341]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  444.596704][ T9341]  ? __pfx_ksys_write+0x10/0x10
[  444.596726][ T9341]  ? rcu_is_watching+0x15/0xb0
[  444.596763][ T9341]  ? do_syscall_64+0xbe/0x3b0
[  444.596787][ T9341]  do_syscall_64+0xfa/0x3b0
[  444.596805][ T9341]  ? lockdep_hardirqs_on+0x9c/0x150
[  444.596836][ T9341]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.596858][ T9341]  ? clear_bhb_loop+0x60/0xb0
[  444.596883][ T9341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.596904][ T9341] RIP: 0033:0x7f96fbf8e929
[  444.596923][ T9341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  444.596942][ T9341] RSP: 002b:00007f96fcdcc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  444.596964][ T9341] RAX: ffffffffffffffda RBX: 00007f96fc1b5fa0 RCX: 00007f96fbf8e929
[  444.596980][ T9341] RDX: 0000000000008004 RSI: 0000200000000180 RDI: 0000000000000006
[  444.596993][ T9341] RBP: 00007f96fcdcc090 R08: 0000000000000000 R09: 0000000000000000
[  444.597006][ T9341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  444.597018][ T9341] R13: 0000000000000000 R14: 00007f96fc1b5fa0 R15: 00007ffd8e949de8
[  444.597053][ T9341]  </TASK>
[  444.650178][ T9341] nci: nci_send_cmd: no memory for command
[  444.653702][    C1] vkms_vblank_simulate: vblank timer overrun
[  444.978474][    C1] vkms_vblank_simulate: vblank timer overrun
[  445.156272][ T9351] netlink: 8 bytes leftover after parsing attributes in process `syz.2.954'.
[  445.776063][ T9362] fuse: Bad value for 'group_id'
[  445.781296][ T9362] fuse: Bad value for 'group_id'
[  446.020921][ T9364] loop6: detected capacity change from 0 to 7
[  446.037546][ T9364] Dev loop6: unable to read RDB block 7
[  446.058181][ T9364]  loop6: unable to read partition table
[  446.082667][ T9364] loop6: partition table beyond EOD, truncated
[  446.197302][ T9364] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[  447.589213][    T9] usb 2-1: new full-speed USB device number 34 using dummy_hcd
[  448.035877][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  448.381734][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  448.399147][    T9] usb 2-1: New USB device found, idVendor=0c70, idProduct=f012, bcdDevice= 0.00
[  448.417426][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  448.444629][    T9] usb 2-1: config 0 descriptor??
[  448.455835][ T9393] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  448.914692][ T9392] Invalid ELF header type: 0 != 1
[  450.980382][    T9] usbhid 2-1:0.0: can't add hid device: -71
[  450.995878][ T9425] netlink: 8 bytes leftover after parsing attributes in process `syz.2.969'.
[  451.019904][    T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  451.033985][    T9] usb 2-1: USB disconnect, device number 34
[  452.353500][ T9439] FAULT_INJECTION: forcing a failure.
[  452.353500][ T9439] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  452.444474][ T9440] netlink: 'syz.4.979': attribute type 15 has an invalid length.
[  452.542005][ T9439] CPU: 1 UID: 0 PID: 9439 Comm: syz.3.980 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  452.542039][ T9439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  452.542053][ T9439] Call Trace:
[  452.542062][ T9439]  <TASK>
[  452.542078][ T9439]  dump_stack_lvl+0x189/0x250
[  452.542118][ T9439]  ? __pfx____ratelimit+0x10/0x10
[  452.542152][ T9439]  ? __pfx_dump_stack_lvl+0x10/0x10
[  452.542185][ T9439]  ? __pfx__printk+0x10/0x10
[  452.542207][ T9439]  ? __might_fault+0xb0/0x130
[  452.542247][ T9439]  should_fail_ex+0x414/0x560
[  452.542281][ T9439]  _copy_from_user+0x2d/0xb0
[  452.542304][ T9439]  sctp_getsockopt_assoc_stats+0xec/0x780
[  452.542334][ T9439]  ? __pfx_sctp_getsockopt_assoc_stats+0x10/0x10
[  452.542389][ T9439]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  452.542434][ T9439]  sctp_getsockopt+0x421/0xb60
[  452.542465][ T9439]  do_sock_getsockopt+0x35d/0x650
[  452.542497][ T9439]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  452.542523][ T9439]  ? __pfx_do_syscall_64+0x10/0x10
[  452.542542][ T9439]  ? __fget_files+0x3a0/0x420
[  452.542570][ T9439]  ? __fget_files+0x2a/0x420
[  452.542607][ T9439]  __x64_sys_getsockopt+0x1a5/0x250
[  452.542633][ T9439]  ? __pfx_do_syscall_64+0x10/0x10
[  452.542655][ T9439]  ? __pfx_do_syscall_64+0x10/0x10
[  452.542680][ T9439]  do_syscall_64+0xfa/0x3b0
[  452.542703][ T9439]  ? lockdep_hardirqs_on+0x9c/0x150
[  452.542735][ T9439]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.542757][ T9439]  ? clear_bhb_loop+0x60/0xb0
[  452.542784][ T9439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.542806][ T9439] RIP: 0033:0x7f9237f8e929
[  452.542825][ T9439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  452.542845][ T9439] RSP: 002b:00007f9238df0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  452.542868][ T9439] RAX: ffffffffffffffda RBX: 00007f92381b5fa0 RCX: 00007f9237f8e929
[  452.542885][ T9439] RDX: 0000000000000070 RSI: 0000000000000084 RDI: 0000000000000003
[  452.542898][ T9439] RBP: 00007f9238df0090 R08: 0000200000000140 R09: 0000000000000000
[  452.542913][ T9439] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  452.542927][ T9439] R13: 0000000000000000 R14: 00007f92381b5fa0 R15: 00007ffd1cd12158
[  452.542961][ T9439]  </TASK>
[  452.773735][    C1] vkms_vblank_simulate: vblank timer overrun
[  453.812424][ T9449] netlink: 14212 bytes leftover after parsing attributes in process `syz.4.983'.
[  454.105646][ T9434] netem: change failed
[  455.564062][ T9476] netlink: 'syz.3.990': attribute type 1 has an invalid length.
[  455.595830][ T9476] netlink: 224 bytes leftover after parsing attributes in process `syz.3.990'.
[  455.661911][ T9476] netlink: 'syz.3.990': attribute type 1 has an invalid length.
[  457.054787][ T9491] netlink: 'syz.1.993': attribute type 15 has an invalid length.
[  458.696299][ T9505] netlink: 12 bytes leftover after parsing attributes in process `syz.3.999'.
[  459.154478][ T5832] usb 4-1: new full-speed USB device number 29 using dummy_hcd
[  460.219149][ T5832] usb 4-1: config 0 has an invalid interface number: 205 but max is 0
[  460.237889][ T5832] usb 4-1: config 0 has no interface number 0
[  460.712723][ T9518] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1000'.
[  460.855447][ T5832] usb 4-1: config 0 interface 205 altsetting 241 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  460.868710][ T5832] usb 4-1: config 0 interface 205 has no altsetting 0
[  460.889460][ T5832] usb 4-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a
[  460.930715][ T5832] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  460.969357][ T5832] usb 4-1: Product: syz
[  460.977191][ T5832] usb 4-1: Manufacturer: syz
[  460.986330][ T5832] usb 4-1: SerialNumber: syz
[  460.995287][ T5832] usb 4-1: config 0 descriptor??
[  461.004442][ T5832] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state.
[  461.028749][ T5832] dvb-usb: bulk message failed: -22 (3/0)
[  461.042394][ T9522] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1004'.
[  461.079681][ T5832] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  461.101640][ T5832] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device)
[  461.129619][ T5832] usb 4-1: media controller created
[  461.155042][ T5832] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  461.185821][ T9531] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1005'.
[  462.096811][ T9532] netlink: 'syz.4.1006': attribute type 15 has an invalid length.
[  462.205646][ T5832] dvb-usb: bulk message failed: -22 (6/0)
[  462.229383][ T5832] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device'
[  462.485836][ T5832] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input11
[  463.209638][ T5832] dvb-usb: schedule remote query interval to 150 msecs.
[  463.220554][ T9531] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1005'.
[  463.378420][ T5832] dvb-usb: bulk message failed: -22 (3/0)
[  463.399565][ T5832] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected.
[  463.441368][ T5832] usb 4-1: USB disconnect, device number 29
[  463.514551][ T5832] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected.
[  463.881646][   T30] audit: type=1326 audit(1749455278.699:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9541 comm="syz.3.1010" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9237f8e929 code=0x0
[  463.937857][ T5832] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  467.304393][ T9581] netlink: 'syz.3.1018': attribute type 15 has an invalid length.
[  467.819433][    C0] vcan0: j1939_tp_rxtimer: 0xffff88806e7b3c00: rx timeout, send abort
[  467.828396][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88806e7b3c00: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  467.983773][ T9580] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1019'.
[  468.078316][ T9580] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1019'.
[  468.338932][ T9589] loop6: detected capacity change from 0 to 524287999
[  468.346290][ T9589] buffer_io_error: 22 callbacks suppressed
[  468.346304][ T9589] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.360274][ T9589] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.368306][ T9589] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.376263][ T9589] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.384225][ T9589] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.393042][ T9589] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.401123][ T9589] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.409097][ T9589] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.417011][ T9589] ldm_validate_partition_table(): Disk read failed.
[  468.423927][ T9589] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.431893][ T9589] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.439918][ T9589] Dev loop6: unable to read RDB block 0
[  468.445819][ T9589]  loop6: unable to read partition table
[  468.451711][ T9589] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  468.519089][  T977] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  468.716178][  T977] usb 3-1: config 0 has an invalid interface number: 4 but max is 0
[  468.724875][  T977] usb 3-1: config 0 has no interface number 0
[  468.780212][  T977] usb 3-1: New USB device found, idVendor=05c6, idProduct=9035, bcdDevice=26.4c
[  468.813384][  T977] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  468.842787][  T977] usb 3-1: Product: syz
[  468.852879][  T977] usb 3-1: Manufacturer: syz
[  468.878453][  T977] usb 3-1: SerialNumber: syz
[  469.666105][  T977] usb 3-1: config 0 descriptor??
[  470.390778][  T977] usb 3-1: USB disconnect, device number 17
[  470.619095][ T9606] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1028'.
[  470.644468][ T9606] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1028'.
[  471.064042][ T9620] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1030'.
[  471.130031][ T9622] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1032'.
[  473.020683][ T9642] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  473.028631][ T9642] batadv_slave_0: entered promiscuous mode
[  473.176047][ T9647] FAULT_INJECTION: forcing a failure.
[  473.176047][ T9647] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  473.259095][ T9647] CPU: 0 UID: 0 PID: 9647 Comm: syz.3.1038 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  473.259126][ T9647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  473.259139][ T9647] Call Trace:
[  473.259148][ T9647]  <TASK>
[  473.259158][ T9647]  dump_stack_lvl+0x189/0x250
[  473.259197][ T9647]  ? __pfx____ratelimit+0x10/0x10
[  473.259229][ T9647]  ? __pfx_dump_stack_lvl+0x10/0x10
[  473.259261][ T9647]  ? __pfx__printk+0x10/0x10
[  473.259298][ T9647]  should_fail_ex+0x414/0x560
[  473.259331][ T9647]  strncpy_from_user+0x36/0x290
[  473.259362][ T9647]  getname_flags+0xf3/0x540
[  473.259398][ T9647]  do_sys_openat2+0xbc/0x1c0
[  473.259436][ T9647]  ? __pfx_do_sys_openat2+0x10/0x10
[  473.259471][ T9647]  ? exc_page_fault+0x76/0xf0
[  473.259507][ T9647]  ? do_user_addr_fault+0xc8a/0x1390
[  473.259538][ T9647]  __x64_sys_openat+0x138/0x170
[  473.259578][ T9647]  do_syscall_64+0xfa/0x3b0
[  473.259596][ T9647]  ? lockdep_hardirqs_on+0x9c/0x150
[  473.259627][ T9647]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  473.259649][ T9647]  ? clear_bhb_loop+0x60/0xb0
[  473.259676][ T9647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  473.259698][ T9647] RIP: 0033:0x7f9237f8d290
[  473.259717][ T9647] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  473.259738][ T9647] RSP: 002b:00007f9238defb70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  473.259761][ T9647] RAX: ffffffffffffffda RBX: 0000000000022c01 RCX: 00007f9237f8d290
[  473.259777][ T9647] RDX: 0000000000022c01 RSI: 00007f9238defc10 RDI: 00000000ffffff9c
[  473.259791][ T9647] RBP: 00007f9238defc10 R08: 0000000000000000 R09: 002367732f766564
[  473.259806][ T9647] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd
[  473.259820][ T9647] R13: 0000000000000000 R14: 00007f92381b5fa0 R15: 00007ffd1cd12158
[  473.259854][ T9647]  </TASK>
[  473.455523][    C0] vkms_vblank_simulate: vblank timer overrun
[  473.700280][   T30] audit: type=1326 audit(1749455288.599:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9652 comm="syz.4.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96fbf8e929 code=0x7ffc0000
[  473.789121][ T5832] usb 2-1: new full-speed USB device number 35 using dummy_hcd
[  473.806071][   T30] audit: type=1326 audit(1749455288.599:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9652 comm="syz.4.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96fbf8e929 code=0x7ffc0000
[  473.891811][   T30] audit: type=1326 audit(1749455288.599:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9652 comm="syz.4.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96fbf8e929 code=0x7ffc0000
[  474.222698][ T5832] usb 2-1: config 0 has an invalid interface number: 120 but max is 0
[  474.229786][ T9665] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns
[  474.240841][ T9665] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  474.257999][   T30] audit: type=1326 audit(1749455288.599:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9652 comm="syz.4.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96fbf8e929 code=0x7ffc0000
[  474.258431][ T5832] usb 2-1: config 0 has no interface number 0
[  474.279564][    C0] vkms_vblank_simulate: vblank timer overrun
[  474.303211][   T30] audit: type=1326 audit(1749455288.599:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9652 comm="syz.4.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96fbf8e929 code=0x7ffc0000
[  474.352413][   T30] audit: type=1326 audit(1749455288.599:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9652 comm="syz.4.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96fbf8e929 code=0x7ffc0000
[  474.374093][ T5832] usb 2-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 10
[  474.374133][ T5832] usb 2-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  474.381294][ T5832] usb 2-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice=55.58
[  474.438824][   T30] audit: type=1326 audit(1749455288.609:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9652 comm="syz.4.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96fbf8e929 code=0x7ffc0000
[  474.473493][ T5832] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  474.622813][   T30] audit: type=1326 audit(1749455288.609:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9652 comm="syz.4.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96fbf8e929 code=0x7ffc0000
[  474.646593][   T30] audit: type=1326 audit(1749455288.629:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9652 comm="syz.4.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96fbf8e929 code=0x7ffc0000
[  474.669266][   T30] audit: type=1326 audit(1749455288.629:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9652 comm="syz.4.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96fbf8e929 code=0x7ffc0000
[  474.729942][ T5832] usb 2-1: Product: syz
[  474.734658][ T5832] usb 2-1: Manufacturer: syz
[  474.745063][ T5832] usb 2-1: SerialNumber: syz
[  474.767450][ T5832] usb 2-1: config 0 descriptor??
[  474.791555][ T5832] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.120/input/input13
[  475.131768][   T24] usb 2-1: USB disconnect, device number 35
[  476.970405][ T5912] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  477.245409][ T5912] usb 5-1: config 0 has an invalid interface number: 230 but max is 0
[  477.292042][ T5912] usb 5-1: config 0 has no interface number 0
[  477.322385][ T5912] usb 5-1: New USB device found, idVendor=05da, idProduct=00a3, bcdDevice=83.43
[  477.398051][ T9679] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  477.418846][ T5912] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  477.492778][ T5912] usb 5-1: Product: syz
[  477.497038][ T5912] usb 5-1: Manufacturer: syz
[  477.512252][ T5912] usb 5-1: SerialNumber: syz
[  477.516717][ T9691] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  477.524930][ T5912] usb 5-1: config 0 descriptor??
[  477.546692][ T5912] microtek usb (rev 0.4.3): expecting 3 got 0 endpoints! Bailing out.
[  477.557662][ T9691] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  477.600252][ T9694] FAULT_INJECTION: forcing a failure.
[  477.600252][ T9694] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  477.615627][ T9694] CPU: 1 UID: 0 PID: 9694 Comm: syz.3.1053 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  477.615657][ T9694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  477.615670][ T9694] Call Trace:
[  477.615678][ T9694]  <TASK>
[  477.615687][ T9694]  dump_stack_lvl+0x189/0x250
[  477.615723][ T9694]  ? __pfx____ratelimit+0x10/0x10
[  477.615757][ T9694]  ? __pfx_dump_stack_lvl+0x10/0x10
[  477.615787][ T9694]  ? __pfx__printk+0x10/0x10
[  477.615809][ T9694]  ? __might_fault+0xb0/0x130
[  477.615847][ T9694]  should_fail_ex+0x414/0x560
[  477.615880][ T9694]  _copy_from_user+0x2d/0xb0
[  477.615903][ T9694]  userfaultfd_ioctl+0x578/0x4bc0
[  477.615926][ T9694]  ? kasan_save_track+0x4f/0x80
[  477.615949][ T9694]  ? kasan_save_free_info+0x46/0x50
[  477.615979][ T9694]  ? __kasan_slab_free+0x62/0x70
[  477.616001][ T9694]  ? kfree+0x18e/0x440
[  477.616020][ T9694]  ? tomoyo_path_number_perm+0x47a/0x5a0
[  477.616044][ T9694]  ? security_file_ioctl+0xcb/0x2d0
[  477.616069][ T9694]  ? __se_sys_ioctl+0x47/0x170
[  477.616087][ T9694]  ? do_syscall_64+0xfa/0x3b0
[  477.616100][ T9694]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  477.616124][ T9694]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  477.616153][ T9694]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  477.616173][ T9694]  ? kasan_quarantine_put+0xdd/0x220
[  477.616205][ T9694]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  477.616224][ T9694]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  477.616243][ T9694]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[  477.616261][ T9694]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  477.616281][ T9694]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  477.616298][ T9694]  ? smack_log+0xef/0x3f0
[  477.616314][ T9694]  ? __pfx_smack_log+0x10/0x10
[  477.616328][ T9694]  ? smk_access+0x14c/0x4e0
[  477.616347][ T9694]  ? smk_tskacc+0x2fc/0x370
[  477.616364][ T9694]  ? smack_file_ioctl+0x2a9/0x340
[  477.616384][ T9694]  ? __pfx_smack_file_ioctl+0x10/0x10
[  477.616409][ T9694]  ? __fget_files+0x2a/0x420
[  477.616429][ T9694]  ? __fget_files+0x3a0/0x420
[  477.616449][ T9694]  ? __fget_files+0x2a/0x420
[  477.616479][ T9694]  ? bpf_lsm_file_ioctl+0x9/0x20
[  477.616509][ T9694]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  477.616533][ T9694]  __se_sys_ioctl+0xfc/0x170
[  477.616559][ T9694]  do_syscall_64+0xfa/0x3b0
[  477.616575][ T9694]  ? lockdep_hardirqs_on+0x9c/0x150
[  477.616598][ T9694]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  477.616612][ T9694]  ? clear_bhb_loop+0x60/0xb0
[  477.616633][ T9694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  477.616653][ T9694] RIP: 0033:0x7f9237f8e929
[  477.616672][ T9694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  477.616692][ T9694] RSP: 002b:00007f9238df0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  477.616714][ T9694] RAX: ffffffffffffffda RBX: 00007f92381b5fa0 RCX: 00007f9237f8e929
[  477.616730][ T9694] RDX: 0000200000000100 RSI: 00000000c020aa07 RDI: 0000000000000003
[  477.616744][ T9694] RBP: 00007f9238df0090 R08: 0000000000000000 R09: 0000000000000000
[  477.616756][ T9694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.616764][ T9694] R13: 0000000000000000 R14: 00007f92381b5fa0 R15: 00007ffd1cd12158
[  477.616787][ T9694]  </TASK>
[  477.832538][ T5832] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  478.401470][ T5832] usb 2-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98
[  478.459658][ T5832] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  478.661337][ T9706] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1058'.
[  478.695757][ T5832] usb 2-1: config 0 descriptor??
[  478.735843][ T9707] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1057'.
[  478.930478][ T9708] overlayfs: missing 'lowerdir'
[  478.980449][ T5832] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  478.998996][ T5832] ftdi_sio ttyUSB0: unknown device type: 0xc698
[  479.003839][   T24] usb 5-1: USB disconnect, device number 23
[  479.221256][ T5832] usb 2-1: USB disconnect, device number 36
[  479.228488][ T5832] ftdi_sio 2-1:0.0: device disconnected
[  479.627015][ T9722] 9pnet_fd: Insufficient options for proto=fd
[  479.639136][   T24] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  479.660719][ T9722] af_packet: tpacket_rcv: packet too big, clamped from 4 to 4294967272. macoff=96
[  479.694419][   T30] kauditd_printk_skb: 47 callbacks suppressed
[  479.694439][   T30] audit: type=1400 audit(1749455293.573:162): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=9721 comm="syz.0.1062" dest=20000
[  479.721394][ T5832] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  479.810047][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  479.831661][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  479.854654][   T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  479.876630][   T24] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  479.888439][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.059856][ T5832] usb 3-1: Using ep0 maxpacket: 32
[  480.060159][   T24] usb 5-1: config 0 descriptor??
[  480.085238][ T5832] usb 3-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  480.115820][ T5832] usb 3-1: config 0 interface 0 has no altsetting 0
[  480.115872][ T5832] usb 3-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[  480.115899][ T5832] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.156572][ T9729] FAULT_INJECTION: forcing a failure.
[  480.156572][ T9729] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  480.172184][ T9729] CPU: 0 UID: 0 PID: 9729 Comm: syz.1.1064 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  480.172214][ T9729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  480.172224][ T9729] Call Trace:
[  480.172230][ T9729]  <TASK>
[  480.172236][ T9729]  dump_stack_lvl+0x189/0x250
[  480.172270][ T9729]  ? __pfx____ratelimit+0x10/0x10
[  480.172305][ T9729]  ? __pfx_dump_stack_lvl+0x10/0x10
[  480.172340][ T9729]  ? __pfx__printk+0x10/0x10
[  480.172377][ T9729]  should_fail_ex+0x414/0x560
[  480.172401][ T9729]  _copy_to_user+0x31/0xb0
[  480.172417][ T9729]  simple_read_from_buffer+0xe1/0x170
[  480.172454][ T9729]  proc_fail_nth_read+0x1df/0x250
[  480.172489][ T9729]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  480.172522][ T9729]  ? rw_verify_area+0x258/0x650
[  480.172545][ T9729]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  480.172567][ T9729]  vfs_read+0x200/0x980
[  480.172590][ T9729]  ? __pfx___mutex_lock+0x10/0x10
[  480.172615][ T9729]  ? __pfx_vfs_read+0x10/0x10
[  480.172642][ T9729]  ? __fget_files+0x2a/0x420
[  480.172673][ T9729]  ? __fget_files+0x3a0/0x420
[  480.172702][ T9729]  ? __fget_files+0x2a/0x420
[  480.172729][ T9729]  ksys_read+0x145/0x250
[  480.172750][ T9729]  ? __pfx_ksys_read+0x10/0x10
[  480.172786][ T9729]  ? do_syscall_64+0xbe/0x3b0
[  480.172809][ T9729]  do_syscall_64+0xfa/0x3b0
[  480.172829][ T9729]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.172851][ T9729]  ? clear_bhb_loop+0x60/0xb0
[  480.172873][ T9729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.172887][ T9729] RIP: 0033:0x7fed8558d33c
[  480.172902][ T9729] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  480.172930][ T9729] RSP: 002b:00007fed86483030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  480.172954][ T9729] RAX: ffffffffffffffda RBX: 00007fed857b6080 RCX: 00007fed8558d33c
[  480.172969][ T9729] RDX: 000000000000000f RSI: 00007fed864830a0 RDI: 0000000000000008
[  480.172982][ T9729] RBP: 00007fed86483090 R08: 0000000000000000 R09: 0000000000000000
[  480.172994][ T9729] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000001
[  480.173007][ T9729] R13: 0000000000000000 R14: 00007fed857b6080 R15: 00007ffddb46b9b8
[  480.173037][ T9729]  </TASK>
[  480.399437][    C0] vkms_vblank_simulate: vblank timer overrun
[  480.510305][ T5832] usb 3-1: config 0 descriptor??
[  480.754975][ T9715] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  480.769040][ T9745] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  480.899268][    T9] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  480.901469][   T24] plantronics 0003:047F:FFFF.000B: ignoring exceeding usage max
[  480.997912][   T24] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  481.005635][ T5832] uclogic 0003:5543:0781.000C: ignoring exceeding usage max
[  481.023758][ T5832] uclogic 0003:5543:0781.000C: No inputs registered, leaving
[  481.049163][    T9] usb 4-1: Using ep0 maxpacket: 8
[  481.077915][ T5832] uclogic 0003:5543:0781.000C: hidraw0: USB HID v0.07 Device [HID 5543:0781] on usb-dummy_hcd.2-1/input0
[  481.097288][    T9] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  481.102798][   T24] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  481.107266][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  481.399755][ T5832] usb 3-1: USB disconnect, device number 18
[  481.425241][    T9] usb 4-1: config 0 descriptor??
[  482.338575][ T5912] usb 5-1: USB disconnect, device number 24
[  482.627122][ T9766] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1075'.
[  482.658535][ T9766] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  482.667658][ T9766] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  482.676597][ T9766] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  482.685442][ T9766] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  482.708171][ T9766] vxlan0: entered promiscuous mode
[  482.954103][ T9771] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1074'.
[  483.156703][ T9770] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1077'.
[  483.883560][    T9] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  483.894862][    T9] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  483.916046][    T9] asix 4-1:0.0: probe with driver asix failed with error -71
[  483.928434][    T9] usb 4-1: USB disconnect, device number 31
[  484.199111][   T24] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  484.230561][ T9780] cgroup: fork rejected by pids controller in /syz1
[  484.359508][   T24] usb 5-1: Using ep0 maxpacket: 16
[  484.377881][   T24] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  484.400957][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  484.546278][   T24] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  484.576060][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  484.615565][   T24] usb 5-1: Product: syz
[  484.635897][   T24] usb 5-1: Manufacturer: syz
[  484.654811][   T24] usb 5-1: SerialNumber: syz
[  484.686709][   T24] usb 5-1: config 0 descriptor??
[  484.704243][   T24] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  484.722170][   T24] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  485.682639][   T24] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  485.701856][   T24] em28xx 5-1:0.0: Config register raw data: 0x00
[  486.552730][   T30] audit: type=1326 audit(1749455300.463:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10489 comm="syz.0.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f914e58e929 code=0x7ffc0000
[  487.547228][   T30] audit: type=1326 audit(1749455300.483:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10489 comm="syz.0.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f914e58e929 code=0x7ffc0000
[  487.576494][  T977] usb 5-1: USB disconnect, device number 25
[  487.591070][  T977] em28xx 5-1:0.0: Disconnecting em28xx
[  487.623438][T10498] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  488.552233][   T30] audit: type=1326 audit(1749455300.483:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10489 comm="syz.0.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f914e58e929 code=0x7ffc0000
[  488.588276][  T977] em28xx 5-1:0.0: Freeing device
[  489.558106][   T30] audit: type=1326 audit(1749455300.483:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10489 comm="syz.0.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f914e58e929 code=0x7ffc0000
[  490.277640][   T30] audit: type=1326 audit(1749455300.483:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10489 comm="syz.0.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f914e58e929 code=0x7ffc0000
[  490.347894][   T30] audit: type=1326 audit(1749455300.483:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10489 comm="syz.0.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f914e58e929 code=0x7ffc0000
[  490.375917][   T30] audit: type=1326 audit(1749455300.483:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10489 comm="syz.0.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f914e58e929 code=0x7ffc0000
[  490.476728][   T30] audit: type=1326 audit(1749455300.493:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10489 comm="syz.0.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f914e58e929 code=0x7ffc0000
[  490.695064][   T30] audit: type=1326 audit(1749455300.493:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10489 comm="syz.0.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f914e58e929 code=0x7ffc0000
[  490.718309][   T30] audit: type=1326 audit(1749455300.493:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10489 comm="syz.0.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f914e58e929 code=0x7ffc0000
[  493.413823][T10526] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  493.740016][   T24] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  493.923590][   T24] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  493.935462][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  494.052693][   T24] usb 2-1: config 0 descriptor??
[  494.076015][   T24] gspca_main: cpia1-2.14.0 probing 0813:0001
[  494.519195][   T24] gspca_cpia1: usb_control_msg 03, error -32
[  494.530981][   T24] cpia1 2-1:0.0: unexpected state after lo power cmd: 01
[  494.539618][T10541] fuse: Unknown parameter 'group_i00000000000000000000'
[  495.795095][   T24] gspca_cpia1: usb_control_msg 02, error -110
[  495.795655][   T24] gspca_cpia1: usb_control_msg 05, error -32
[  495.796030][   T24] gspca_cpia1: usb_control_msg 05, error -32
[  495.796400][   T24] gspca_cpia1: usb_control_msg 05, error -32
[  495.796761][   T24] gspca_cpia1: usb_control_msg 05, error -32
[  495.796787][   T24] cpia1 2-1:0.0: unexpected systemstate: 01
[  497.333475][   T43] usb 2-1: USB disconnect, device number 37
[  497.370017][   T24] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  497.696678][T10589] netlink: 'syz.0.1113': attribute type 29 has an invalid length.
[  497.853134][T10591] netlink: 'syz.4.1116': attribute type 15 has an invalid length.
[  498.419831][   T24] usb 4-1: Using ep0 maxpacket: 8
[  498.639628][   T24] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  498.648736][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  498.675777][   T24] usb 4-1: config 0 descriptor??
[  498.895356][T10601] Invalid source name
[  498.899553][T10601] UBIFS error (pid: 10601): cannot open "./file0", error -22
[  499.553809][   T24] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  499.715391][   T24] asix 4-1:0.0: probe with driver asix failed with error -71
[  499.763444][   T24] usb 4-1: USB disconnect, device number 32
[  500.610575][T10616] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  500.619508][T10616] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  500.990934][T10627] netlink: 'syz.2.1128': attribute type 15 has an invalid length.
[  501.550377][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  501.556739][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  502.579289][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout
[  502.649238][ T5824] Bluetooth: hci3: command 0x0c1a tx timeout
[  503.544104][T10653] RDS: rds_bind could not find a transport for fc00::1, load rds_tcp or rds_rdma?
[  505.207407][T10669] netlink: 'syz.0.1140': attribute type 15 has an invalid length.
[  506.409672][T10670] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1141'.
[  506.622047][T10670] tipc: Started in network mode
[  506.627328][T10670] tipc: Node identity 0000000000000000000000625f953d01, cluster identity 4711
[  506.650019][T10670] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  506.658858][ T5824] Bluetooth: hci3: connection err: -111
[  506.746332][T10680] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1144'.
[  506.756536][T10678] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1144'.
[  508.164297][T10690] No control pipe specified
[  508.432699][T10690] lo speed is unknown, defaulting to 1000
[  509.820758][T10716] netlink: 'syz.1.1152': attribute type 15 has an invalid length.
[  512.039283][T10725] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 0
[  518.254210][T10767] fuse: Unknown parameter 'group_id00000000000000000000'
[  518.891885][T10763] tmpfs: Unknown parameter 'usrquota·{'
[  519.073981][T10777] No source specified
[  519.666148][T10786] loop6: detected capacity change from 0 to 524287999
[  519.679554][T10786] buffer_io_error: 6 callbacks suppressed
[  519.685383][T10786] Buffer I/O error on dev loop6, logical block 0, async page read
[  519.696604][T10786] Buffer I/O error on dev loop6, logical block 0, async page read
[  519.705793][T10786] Buffer I/O error on dev loop6, logical block 0, async page read
[  519.715340][T10786] Buffer I/O error on dev loop6, logical block 0, async page read
[  519.724945][T10786] Buffer I/O error on dev loop6, logical block 0, async page read
[  519.734785][T10786] Buffer I/O error on dev loop6, logical block 0, async page read
[  519.744819][T10786] Buffer I/O error on dev loop6, logical block 0, async page read
[  519.755000][T10786] Buffer I/O error on dev loop6, logical block 0, async page read
[  519.763866][T10786] ldm_validate_partition_table(): Disk read failed.
[  519.771552][T10786] Buffer I/O error on dev loop6, logical block 0, async page read
[  519.781250][T10786] Buffer I/O error on dev loop6, logical block 0, async page read
[  519.792808][T10786] Dev loop6: unable to read RDB block 0
[  519.806443][T10786]  loop6: unable to read partition table
[  519.815420][T10786] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  521.610046][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  521.610065][   T30] audit: type=1400 audit(1883673063.524:176): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=10797 comm="syz.1.1177"
[  521.729084][ T5832] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  521.849427][  T977] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  521.948244][ T5832] usb 5-1: Using ep0 maxpacket: 8
[  521.954461][T10804] fuse: Unknown parameter 'group_id00000000000000000000'
[  521.958118][ T5832] usb 5-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  521.988839][ T5832] usb 5-1: config 6 interface 0 altsetting 0 has an endpoint descriptor with address 0x61, changing to 0x1
[  522.016087][ T5832] usb 5-1: config 6 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 97, changing to 7
[  522.029972][  T977] usb 2-1: config 0 has an invalid interface number: 50 but max is 0
[  522.042583][  T977] usb 2-1: config 0 has no interface number 0
[  522.050605][ T5832] usb 5-1: config 6 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 24929, setting to 1024
[  522.068014][  T977] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  522.089439][ T5832] usb 5-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  522.098807][  T977] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  522.113483][  T977] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  522.137863][ T5832] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  522.157959][  T977] usb 2-1: Product: syz
[  522.176064][ T5832] usb 5-1: Product: syz
[  522.184823][  T977] usb 2-1: Manufacturer: syz
[  522.198284][ T5832] usb 5-1: Manufacturer: syz
[  522.210657][  T977] usb 2-1: SerialNumber: syz
[  522.222104][ T5832] usb 5-1: SerialNumber: syz
[  522.242926][  T977] usb 2-1: config 0 descriptor??
[  522.291765][  T977] yurex 2-1:0.50: USB YUREX device now attached to Yurex #0
[  523.147986][ T5832] hso 5-1:6.0: Can't find BULK IN endpoint
[  523.489755][ T5912] usb 5-1: USB disconnect, device number 26
[  523.667190][ T5832] usb 2-1: USB disconnect, device number 38
[  523.781675][ T5832] yurex 2-1:0.50: USB YUREX #0 now disconnected
[  524.329337][   T30] audit: type=1400 audit(1883673066.234:177): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=10833 comm="syz.2.1191" dest=20000
[  524.791261][T10844] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1193'.
[  525.964940][T10857] xt_hashlimit: size too large, truncated to 1048576
[  525.978740][T10857] xt_hashlimit: max too large, truncated to 1048576
[  527.776227][T10871] overlayfs: missing 'lowerdir'
[  530.994901][  T977] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  531.346019][  T977] usb 2-1: device descriptor read/64, error -71
[  531.729113][  T977] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  531.889365][  T977] usb 2-1: device descriptor read/64, error -71
[  532.130463][  T977] usb usb2-port1: attempt power cycle
[  535.099432][T10931] rdma_rxe: rxe_newlink: failed to add lo
[  535.832241][T10929] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1219'.
[  535.841830][T10929] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1219'.
[  535.851155][T10929] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1219'.
[  535.860216][T10929] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1219'.
[  536.582194][T10939] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1224'.
[  540.291903][T10968] rdma_rxe: rxe_newlink: failed to add lo
[  540.383798][T10969] rdma_rxe: rxe_newlink: failed to add lo
[  541.862575][T10974] netlink: 'syz.0.1233': attribute type 1 has an invalid length.
[  542.489652][T10978] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1235'.
[  542.670390][T10986] [U] 	
[  544.990264][T11027] netlink: 'syz.2.1250': attribute type 15 has an invalid length.
[  546.054549][T11037] FAULT_INJECTION: forcing a failure.
[  546.054549][T11037] name failslab, interval 1, probability 0, space 0, times 0
[  546.114790][T11040] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1255'.
[  546.129143][T11037] CPU: 0 UID: 0 PID: 11037 Comm: syz.4.1254 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  546.129181][T11037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  546.129195][T11037] Call Trace:
[  546.129203][T11037]  <TASK>
[  546.129213][T11037]  dump_stack_lvl+0x189/0x250
[  546.129250][T11037]  ? __pfx____ratelimit+0x10/0x10
[  546.129282][T11037]  ? __pfx_dump_stack_lvl+0x10/0x10
[  546.129313][T11037]  ? __pfx__printk+0x10/0x10
[  546.129337][T11037]  ? lock_acquire+0x175/0x360
[  546.129364][T11037]  ? __pfx___might_resched+0x10/0x10
[  546.129398][T11037]  should_fail_ex+0x414/0x560
[  546.129432][T11037]  should_failslab+0xa8/0x100
[  546.129461][T11037]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[  546.129489][T11037]  ? ethnl_default_set_doit+0x524/0xa20
[  546.129523][T11037]  kmemdup_noprof+0x2b/0x70
[  546.129560][T11037]  ethnl_default_set_doit+0x524/0xa20
[  546.129599][T11037]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  546.129631][T11037]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  546.129672][T11037]  genl_family_rcv_msg_doit+0x215/0x300
[  546.129711][T11037]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  546.129756][T11037]  ? bpf_lsm_capable+0x9/0x20
[  546.129787][T11037]  ? security_capable+0x7e/0x2e0
[  546.129824][T11037]  genl_rcv_msg+0x60e/0x790
[  546.129862][T11037]  ? __pfx_genl_rcv_msg+0x10/0x10
[  546.129889][T11037]  ? ref_tracker_free+0x63a/0x7d0
[  546.129916][T11037]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  546.129945][T11037]  ? __pfx_ref_tracker_free+0x10/0x10
[  546.129984][T11037]  netlink_rcv_skb+0x208/0x470
[  546.130010][T11037]  ? __pfx_genl_rcv_msg+0x10/0x10
[  546.130041][T11037]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  546.130084][T11037]  ? down_read+0x1ad/0x2e0
[  546.130108][T11037]  genl_rcv+0x28/0x40
[  546.130135][T11037]  netlink_unicast+0x75b/0x8d0
[  546.130170][T11037]  netlink_sendmsg+0x805/0xb30
[  546.130212][T11037]  ? __pfx_netlink_sendmsg+0x10/0x10
[  546.130251][T11037]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  546.130276][T11037]  ? __pfx_netlink_sendmsg+0x10/0x10
[  546.130302][T11037]  __sock_sendmsg+0x219/0x270
[  546.130339][T11037]  ____sys_sendmsg+0x505/0x830
[  546.130372][T11037]  ? __pfx_____sys_sendmsg+0x10/0x10
[  546.130409][T11037]  ? import_iovec+0x74/0xa0
[  546.130433][T11037]  ___sys_sendmsg+0x21f/0x2a0
[  546.130463][T11037]  ? __pfx____sys_sendmsg+0x10/0x10
[  546.130530][T11037]  ? __fget_files+0x2a/0x420
[  546.130557][T11037]  ? __fget_files+0x3a0/0x420
[  546.130596][T11037]  __x64_sys_sendmsg+0x19b/0x260
[  546.130626][T11037]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  546.130664][T11037]  ? __pfx_ksys_write+0x10/0x10
[  546.130684][T11037]  ? rcu_is_watching+0x15/0xb0
[  546.130720][T11037]  ? do_syscall_64+0xbe/0x3b0
[  546.130743][T11037]  do_syscall_64+0xfa/0x3b0
[  546.130761][T11037]  ? lockdep_hardirqs_on+0x9c/0x150
[  546.130790][T11037]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.130811][T11037]  ? clear_bhb_loop+0x60/0xb0
[  546.130837][T11037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.130857][T11037] RIP: 0033:0x7f96fbf8e929
[  546.130875][T11037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  546.130893][T11037] RSP: 002b:00007f96fcdcc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  546.130915][T11037] RAX: ffffffffffffffda RBX: 00007f96fc1b5fa0 RCX: 00007f96fbf8e929
[  546.130943][T11037] RDX: 0000000000000000 RSI: 0000200000003b80 RDI: 0000000000000003
[  546.130954][T11037] RBP: 00007f96fcdcc090 R08: 0000000000000000 R09: 0000000000000000
[  546.130967][T11037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  546.130979][T11037] R13: 0000000000000000 R14: 00007f96fc1b5fa0 R15: 00007ffd8e949de8
[  546.131010][T11037]  </TASK>
[  546.500154][    C0] vkms_vblank_simulate: vblank timer overrun
[  547.451361][T11053] fuse: Bad value for 'fd'
[  548.726983][T11064] netlink: 'syz.1.1261': attribute type 15 has an invalid length.
[  549.239822][T11069] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1262'.
[  549.398618][T11077] binder: 11070:11077 ioctl c0306201 0 returned -14
[  550.651797][T11087] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1271'.
[  550.661200][T11087] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1271'.
[  550.681930][T11087] netlink: 'syz.2.1271': attribute type 30 has an invalid length.
[  552.585994][T11096] lo speed is unknown, defaulting to 1000
[  555.843489][T11105] netlink: 'syz.3.1274': attribute type 1 has an invalid length.
[  556.142068][   T24] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  556.390292][   T24] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  557.378018][T11124] netlink: 'syz.0.1275': attribute type 15 has an invalid length.
[  558.257794][T11134] FAULT_INJECTION: forcing a failure.
[  558.257794][T11134] name failslab, interval 1, probability 0, space 0, times 0
[  558.292372][T11134] CPU: 0 UID: 0 PID: 11134 Comm: syz.2.1282 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  558.292404][T11134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  558.292417][T11134] Call Trace:
[  558.292426][T11134]  <TASK>
[  558.292435][T11134]  dump_stack_lvl+0x189/0x250
[  558.292473][T11134]  ? __pfx____ratelimit+0x10/0x10
[  558.292505][T11134]  ? __pfx_dump_stack_lvl+0x10/0x10
[  558.292537][T11134]  ? __pfx__printk+0x10/0x10
[  558.292565][T11134]  ? __pfx___might_resched+0x10/0x10
[  558.292596][T11134]  ? fs_reclaim_acquire+0x7d/0x100
[  558.292631][T11134]  should_fail_ex+0x414/0x560
[  558.292664][T11134]  should_failslab+0xa8/0x100
[  558.292695][T11134]  __kmalloc_cache_noprof+0x70/0x3d0
[  558.292720][T11134]  ? genl_start+0x1c9/0x6c0
[  558.292756][T11134]  genl_start+0x1c9/0x6c0
[  558.292786][T11134]  ? netlink_lookup+0x30/0x200
[  558.292816][T11134]  __netlink_dump_start+0x466/0x7e0
[  558.292850][T11134]  genl_family_rcv_msg_dumpit+0x1e7/0x2c0
[  558.292886][T11134]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  558.292925][T11134]  ? rcu_is_watching+0x15/0xb0
[  558.292963][T11134]  ? __pfx_genl_start+0x10/0x10
[  558.292992][T11134]  ? __pfx_genl_dumpit+0x10/0x10
[  558.293020][T11134]  ? __pfx_genl_done+0x10/0x10
[  558.293055][T11134]  ? bpf_lsm_capable+0x9/0x20
[  558.293086][T11134]  ? security_capable+0x7e/0x2e0
[  558.293125][T11134]  genl_rcv_msg+0x5da/0x790
[  558.293164][T11134]  ? __pfx_genl_rcv_msg+0x10/0x10
[  558.293194][T11134]  ? ref_tracker_free+0x63a/0x7d0
[  558.293221][T11134]  ? __pfx_batadv_tt_global_dump+0x10/0x10
[  558.293251][T11134]  ? __pfx_ref_tracker_free+0x10/0x10
[  558.293295][T11134]  netlink_rcv_skb+0x208/0x470
[  558.293322][T11134]  ? __pfx_genl_rcv_msg+0x10/0x10
[  558.293355][T11134]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  558.293398][T11134]  ? down_read+0x1ad/0x2e0
[  558.293423][T11134]  genl_rcv+0x28/0x40
[  558.293451][T11134]  netlink_unicast+0x75b/0x8d0
[  558.293486][T11134]  netlink_sendmsg+0x805/0xb30
[  558.293522][T11134]  ? __pfx_netlink_sendmsg+0x10/0x10
[  558.293557][T11134]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  558.293583][T11134]  ? __pfx_netlink_sendmsg+0x10/0x10
[  558.293609][T11134]  __sock_sendmsg+0x219/0x270
[  558.293646][T11134]  sock_sendmsg+0x158/0x230
[  558.293682][T11134]  ? __pfx_sock_sendmsg+0x10/0x10
[  558.293728][T11134]  ? __asan_memset+0x22/0x50
[  558.293748][T11134]  ? iov_iter_bvec+0xb8/0x180
[  558.293784][T11134]  splice_to_socket+0x8ff/0xf10
[  558.293837][T11134]  ? __pfx_splice_to_socket+0x10/0x10
[  558.293861][T11134]  ? current_time+0x222/0x370
[  558.293922][T11134]  ? touch_atime+0xf1/0x6d0
[  558.293987][T11134]  ? __pfx_splice_to_socket+0x10/0x10
[  558.294015][T11134]  direct_splice_actor+0x101/0x160
[  558.294046][T11134]  splice_direct_to_actor+0x5a5/0xcc0
[  558.294096][T11134]  ? __pfx_direct_splice_actor+0x10/0x10
[  558.294123][T11134]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  558.294163][T11134]  do_splice_direct+0x181/0x270
[  558.294193][T11134]  ? __pfx_do_splice_direct+0x10/0x10
[  558.294221][T11134]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  558.294253][T11134]  ? bpf_lsm_file_permission+0x9/0x20
[  558.294280][T11134]  ? security_file_permission+0x75/0x290
[  558.294309][T11134]  ? rw_verify_area+0x258/0x650
[  558.294337][T11134]  do_sendfile+0x4da/0x7e0
[  558.294368][T11134]  ? __pfx_vfs_write+0x10/0x10
[  558.294398][T11134]  ? __pfx_do_sendfile+0x10/0x10
[  558.294429][T11134]  ? __fget_files+0x3a0/0x420
[  558.294470][T11134]  __se_sys_sendfile64+0x13e/0x190
[  558.294504][T11134]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  558.294531][T11134]  ? rcu_is_watching+0x15/0xb0
[  558.294567][T11134]  ? do_syscall_64+0xbe/0x3b0
[  558.294591][T11134]  do_syscall_64+0xfa/0x3b0
[  558.294609][T11134]  ? lockdep_hardirqs_on+0x9c/0x150
[  558.294639][T11134]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  558.294660][T11134]  ? clear_bhb_loop+0x60/0xb0
[  558.294687][T11134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  558.294707][T11134] RIP: 0033:0x7f8ccb18e929
[  558.294726][T11134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  558.294744][T11134] RSP: 002b:00007f8ccbf5e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  558.294766][T11134] RAX: ffffffffffffffda RBX: 00007f8ccb3b5fa0 RCX: 00007f8ccb18e929
[  558.294782][T11134] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 000000000000000a
[  558.294794][T11134] RBP: 00007f8ccbf5e090 R08: 0000000000000000 R09: 0000000000000000
[  558.294807][T11134] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000001
[  558.294819][T11134] R13: 0000000000000000 R14: 00007f8ccb3b5fa0 R15: 00007ffc0b5fad48
[  558.294852][T11134]  </TASK>
[  558.819371][ T5912] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  559.050396][ T5912] usb 2-1: Using ep0 maxpacket: 16
[  559.082986][ T5912] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  559.173108][ T5912] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  559.352962][ T5912] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  559.466203][ T5912] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  559.497314][ T5912] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  559.557058][ T5912] usb 2-1: Product: syz
[  559.578021][ T5912] usb 2-1: Manufacturer: syz
[  559.595943][ T5912] usb 2-1: SerialNumber: syz
[  559.671239][T11147] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1288'.
[  559.808331][T11149] [U] 	
[  559.900769][T11155] FAULT_INJECTION: forcing a failure.
[  559.900769][T11155] name failslab, interval 1, probability 0, space 0, times 0
[  559.913753][T11155] CPU: 0 UID: 0 PID: 11155 Comm: syz.4.1286 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  559.913782][T11155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  559.913795][T11155] Call Trace:
[  559.913804][T11155]  <TASK>
[  559.913814][T11155]  dump_stack_lvl+0x189/0x250
[  559.913851][T11155]  ? __pfx____ratelimit+0x10/0x10
[  559.913883][T11155]  ? __pfx_dump_stack_lvl+0x10/0x10
[  559.913915][T11155]  ? __pfx__printk+0x10/0x10
[  559.913969][T11155]  should_fail_ex+0x414/0x560
[  559.914009][T11155]  should_failslab+0xa8/0x100
[  559.914041][T11155]  kmem_cache_alloc_noprof+0x73/0x3c0
[  559.914067][T11155]  ? radix_tree_node_alloc+0x7e/0x3a0
[  559.914104][T11155]  radix_tree_node_alloc+0x7e/0x3a0
[  559.914143][T11155]  idr_get_free+0x2b3/0xa70
[  559.914190][T11155]  idr_alloc_u32+0x159/0x2d0
[  559.914242][T11155]  ? __pfx_idr_alloc_u32+0x10/0x10
[  559.914276][T11155]  ? net_generic+0x1e/0x240
[  559.914304][T11155]  ? l2tp_session_register+0xd4/0xd70
[  559.914332][T11155]  l2tp_session_register+0x259/0xd70
[  559.914357][T11155]  ? __pfx___mutex_lock+0x10/0x10
[  559.914385][T11155]  ? __pfx_l2tp_session_register+0x10/0x10
[  559.914422][T11155]  pppol2tp_connect+0xd59/0x1750
[  559.914462][T11155]  ? __pfx_pppol2tp_connect+0x10/0x10
[  559.914516][T11155]  ? bpf_lsm_socket_connect+0x9/0x20
[  559.914546][T11155]  __sys_connect+0x313/0x440
[  559.914569][T11155]  ? fput+0x96/0xd0
[  559.914600][T11155]  ? __pfx___sys_connect+0x10/0x10
[  559.914638][T11155]  ? __pfx_ksys_write+0x10/0x10
[  559.914672][T11155]  __x64_sys_connect+0x7a/0x90
[  559.914696][T11155]  do_syscall_64+0xfa/0x3b0
[  559.914714][T11155]  ? lockdep_hardirqs_on+0x9c/0x150
[  559.914745][T11155]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.914766][T11155]  ? clear_bhb_loop+0x60/0xb0
[  559.914792][T11155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.914812][T11155] RIP: 0033:0x7f96fbf8e929
[  559.914831][T11155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  559.914850][T11155] RSP: 002b:00007f96fcd8a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  559.914873][T11155] RAX: ffffffffffffffda RBX: 00007f96fc1b6160 RCX: 00007f96fbf8e929
[  559.914888][T11155] RDX: 0000000000000032 RSI: 0000200000000240 RDI: 0000000000000006
[  559.914902][T11155] RBP: 00007f96fcd8a090 R08: 0000000000000000 R09: 0000000000000000
[  559.914915][T11155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  559.914927][T11155] R13: 0000000000000000 R14: 00007f96fc1b6160 R15: 00007ffd8e949de8
[  559.914961][T11155]  </TASK>
[  560.517600][ T5912] usb 2-1: 0:2 : does not exist
[  561.005125][T11167] netlink: 'syz.2.1291': attribute type 15 has an invalid length.
[  562.517876][ T5912] usb 2-1: 1:0: failed to get current value for ch 0 (-22)
[  562.894719][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  562.902696][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  563.062938][ T5912] usb 2-1: USB disconnect, device number 42
[  564.040448][T11194] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1295'.
[  566.019296][T11214] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1303'.
[  566.380825][T11211] netlink: 'syz.1.1304': attribute type 15 has an invalid length.
[  566.742222][T11220] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1305'.
[  571.117592][T11265] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  571.123926][T11265] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  571.247374][T11268] netlink: 'syz.1.1318': attribute type 15 has an invalid length.
[  572.743924][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout
[  573.529050][ T5824] Bluetooth: hci3: command 0x0c1a tx timeout
[  573.553096][T11283] tmpfs: Unknown parameter 'usrqõoŽa_block_hardlimit'
[  575.164236][T11311] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1330'.
[  576.097239][T11309] rdma_rxe: rxe_newlink: failed to add lo
[  576.443588][T11318] IPVS: ip_vs_add_dest(): server weight less than zero
[  577.370855][T11335] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1341'.
[  577.464530][T11337] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1342'.
[  579.217753][T11366] FAULT_INJECTION: forcing a failure.
[  579.217753][T11366] name failslab, interval 1, probability 0, space 0, times 0
[  579.230968][T11366] CPU: 1 UID: 0 PID: 11366 Comm: syz.3.1348 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  579.230998][T11366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  579.231012][T11366] Call Trace:
[  579.231021][T11366]  <TASK>
[  579.231030][T11366]  dump_stack_lvl+0x189/0x250
[  579.231075][T11366]  ? __pfx____ratelimit+0x10/0x10
[  579.231109][T11366]  ? __pfx_dump_stack_lvl+0x10/0x10
[  579.231142][T11366]  ? __pfx__printk+0x10/0x10
[  579.231171][T11366]  ? __pfx___might_resched+0x10/0x10
[  579.231202][T11366]  ? fs_reclaim_acquire+0x7d/0x100
[  579.231238][T11366]  should_fail_ex+0x414/0x560
[  579.231272][T11366]  should_failslab+0xa8/0x100
[  579.231302][T11366]  __kmalloc_cache_noprof+0x70/0x3d0
[  579.231329][T11366]  ? posix_clock_open+0xb5/0x230
[  579.231356][T11366]  posix_clock_open+0xb5/0x230
[  579.231382][T11366]  chrdev_open+0x4c9/0x5e0
[  579.231416][T11366]  ? __pfx_chrdev_open+0x10/0x10
[  579.231455][T11366]  ? __pfx_chrdev_open+0x10/0x10
[  579.231483][T11366]  do_dentry_open+0xdf0/0x1970
[  579.231535][T11366]  vfs_open+0x3b/0x340
[  579.231564][T11366]  ? path_openat+0x2ecd/0x3830
[  579.231589][T11366]  path_openat+0x2ee5/0x3830
[  579.231616][T11366]  ? rcu_is_watching+0x15/0xb0
[  579.231649][T11366]  ? trace_sched_exit_tp+0x38/0x120
[  579.231705][T11366]  ? __pfx_path_openat+0x10/0x10
[  579.231728][T11366]  ? __pfx___schedule+0x10/0x10
[  579.231767][T11366]  ? irqentry_exit+0x74/0x90
[  579.231808][T11366]  do_filp_open+0x1fa/0x410
[  579.231834][T11366]  ? __pfx_do_filp_open+0x10/0x10
[  579.231854][T11366]  ? preempt_schedule_common+0x83/0xd0
[  579.231911][T11366]  ? _raw_spin_unlock+0x3f/0x50
[  579.231939][T11366]  ? alloc_fd+0x64c/0x6c0
[  579.231980][T11366]  do_sys_openat2+0x121/0x1c0
[  579.232018][T11366]  ? __pfx_do_sys_openat2+0x10/0x10
[  579.232059][T11366]  ? ksys_write+0x22a/0x250
[  579.232087][T11366]  ? __pfx_ksys_write+0x10/0x10
[  579.232117][T11366]  __x64_sys_openat+0x138/0x170
[  579.232158][T11366]  do_syscall_64+0xfa/0x3b0
[  579.232179][T11366]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  579.232200][T11366]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  579.232221][T11366]  ? clear_bhb_loop+0x60/0xb0
[  579.232248][T11366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  579.232269][T11366] RIP: 0033:0x7f9237f8e929
[  579.232288][T11366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  579.232308][T11366] RSP: 002b:00007f9238dae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  579.232331][T11366] RAX: ffffffffffffffda RBX: 00007f92381b6160 RCX: 00007f9237f8e929
[  579.232347][T11366] RDX: 00000000000aad82 RSI: 0000200000000200 RDI: ffffffffffffff9c
[  579.232363][T11366] RBP: 00007f9238dae090 R08: 0000000000000000 R09: 0000000000000000
[  579.232376][T11366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  579.232389][T11366] R13: 0000000000000000 R14: 00007f92381b6160 R15: 00007ffd1cd12158
[  579.232424][T11366]  </TASK>
[  579.669113][   T43] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  579.778455][T11356] lo speed is unknown, defaulting to 1000
[  579.879084][   T43] usb 5-1: Using ep0 maxpacket: 8
[  579.911777][   T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  579.969272][   T43] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  579.978382][   T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.021213][   T43] usb 5-1: config 0 descriptor??
[  580.059697][T11373] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1352'.
[  580.194608][T11378] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1354'.
[  580.294623][   T43] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  581.182052][ T5832] usb 5-1: USB disconnect, device number 27
[  581.665464][T11401] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1362'.
[  581.949009][T11407] FAULT_INJECTION: forcing a failure.
[  581.949009][T11407] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  581.964048][T11407] CPU: 0 UID: 0 PID: 11407 Comm: syz.3.1363 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  581.964078][T11407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  581.964092][T11407] Call Trace:
[  581.964100][T11407]  <TASK>
[  581.964110][T11407]  dump_stack_lvl+0x189/0x250
[  581.964147][T11407]  ? __pfx____ratelimit+0x10/0x10
[  581.964180][T11407]  ? __pfx_dump_stack_lvl+0x10/0x10
[  581.964213][T11407]  ? __pfx__printk+0x10/0x10
[  581.964236][T11407]  ? __might_fault+0xb0/0x130
[  581.964275][T11407]  should_fail_ex+0x414/0x560
[  581.964320][T11407]  _copy_from_user+0x2d/0xb0
[  581.964342][T11407]  smc_setsockopt+0x3b8/0xab0
[  581.964371][T11407]  ? lockdep_hardirqs_on+0x9c/0x150
[  581.964408][T11407]  ? __pfx_smc_setsockopt+0x10/0x10
[  581.964444][T11407]  ? __pfx_smc_setsockopt+0x10/0x10
[  581.964477][T11407]  do_sock_setsockopt+0x257/0x3e0
[  581.964513][T11407]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  581.964543][T11407]  ? __fget_files+0x2a/0x420
[  581.964580][T11407]  __x64_sys_setsockopt+0x18b/0x220
[  581.964613][T11407]  do_syscall_64+0xfa/0x3b0
[  581.964633][T11407]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  581.964653][T11407]  ? asm_sysvec_call_function_single+0x1a/0x20
[  581.964674][T11407]  ? clear_bhb_loop+0x60/0xb0
[  581.964700][T11407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  581.964738][T11407] RIP: 0033:0x7f9237f8e929
[  581.964758][T11407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  581.964777][T11407] RSP: 002b:00007f9238dcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  581.964800][T11407] RAX: ffffffffffffffda RBX: 00007f92381b6080 RCX: 00007f9237f8e929
[  581.964817][T11407] RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000008
[  581.964829][T11407] RBP: 00007f9238dcf090 R08: 00000000000003f8 R09: 0000000000000000
[  581.964843][T11407] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[  581.964856][T11407] R13: 0000000000000000 R14: 00007f92381b6080 R15: 00007ffd1cd12158
[  581.964889][T11407]  </TASK>
[  582.367397][T11406] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1362'.
[  583.200266][T11417] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1366'.
[  585.166711][T11447] netlink: 'syz.4.1375': attribute type 10 has an invalid length.
[  585.212620][T11447] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1375'.
[  585.350718][T11447] bridge0: port 3(ip6gretap0) entered blocking state
[  585.357663][T11447] bridge0: port 3(ip6gretap0) entered disabled state
[  585.429308][T11447] ip6gretap0: entered allmulticast mode
[  585.521808][T11447] ip6gretap0: entered promiscuous mode
[  585.595422][T11457] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1377'.
[  585.766026][T11464] FAULT_INJECTION: forcing a failure.
[  585.766026][T11464] name failslab, interval 1, probability 0, space 0, times 0
[  585.786051][T11464] CPU: 0 UID: 0 PID: 11464 Comm: syz.4.1379 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  585.786083][T11464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  585.786097][T11464] Call Trace:
[  585.786107][T11464]  <TASK>
[  585.786117][T11464]  dump_stack_lvl+0x189/0x250
[  585.786155][T11464]  ? __pfx____ratelimit+0x10/0x10
[  585.786188][T11464]  ? __pfx_dump_stack_lvl+0x10/0x10
[  585.786219][T11464]  ? __pfx__printk+0x10/0x10
[  585.786243][T11464]  ? __pfx___might_resched+0x10/0x10
[  585.786273][T11464]  ? fs_reclaim_acquire+0x7d/0x100
[  585.786308][T11464]  should_fail_ex+0x414/0x560
[  585.786341][T11464]  should_failslab+0xa8/0x100
[  585.786370][T11464]  __kmalloc_noprof+0xcb/0x4f0
[  585.786402][T11464]  ? alloc_pipe_info+0x1fd/0x4d0
[  585.786434][T11464]  alloc_pipe_info+0x1fd/0x4d0
[  585.786463][T11464]  splice_direct_to_actor+0xa5d/0xcc0
[  585.786492][T11464]  ? __lock_acquire+0xab9/0xd20
[  585.786534][T11464]  ? __lock_acquire+0xab9/0xd20
[  585.786560][T11464]  ? __pfx_direct_splice_actor+0x10/0x10
[  585.786587][T11464]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  585.786625][T11464]  do_splice_direct+0x181/0x270
[  585.786655][T11464]  ? __pfx_do_splice_direct+0x10/0x10
[  585.786684][T11464]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  585.786715][T11464]  ? bpf_lsm_file_permission+0x9/0x20
[  585.786743][T11464]  ? security_file_permission+0x75/0x290
[  585.786794][T11464]  ? rw_verify_area+0x258/0x650
[  585.786823][T11464]  do_sendfile+0x4da/0x7e0
[  585.786854][T11464]  ? __pfx_vfs_write+0x10/0x10
[  585.786886][T11464]  ? __pfx_do_sendfile+0x10/0x10
[  585.786917][T11464]  ? __fget_files+0x3a0/0x420
[  585.786958][T11464]  __se_sys_sendfile64+0x13e/0x190
[  585.786992][T11464]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  585.787021][T11464]  ? rcu_is_watching+0x15/0xb0
[  585.787058][T11464]  ? do_syscall_64+0xbe/0x3b0
[  585.787082][T11464]  do_syscall_64+0xfa/0x3b0
[  585.787101][T11464]  ? lockdep_hardirqs_on+0x9c/0x150
[  585.787132][T11464]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  585.787154][T11464]  ? clear_bhb_loop+0x60/0xb0
[  585.787181][T11464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  585.787203][T11464] RIP: 0033:0x7f96fbf8e929
[  585.787222][T11464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  585.787242][T11464] RSP: 002b:00007f96fcdcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  585.787265][T11464] RAX: ffffffffffffffda RBX: 00007f96fc1b5fa0 RCX: 00007f96fbf8e929
[  585.787281][T11464] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000008
[  585.787294][T11464] RBP: 00007f96fcdcc090 R08: 0000000000000000 R09: 0000000000000000
[  585.787308][T11464] R10: 00004000000053d2 R11: 0000000000000246 R12: 0000000000000001
[  585.787321][T11464] R13: 0000000000000000 R14: 00007f96fc1b5fa0 R15: 00007ffd8e949de8
[  585.787355][T11464]  </TASK>
[  586.202694][    C0] vcan0: j1939_tp_rxtimer: 0xffff888032ca4400: rx timeout, send abort
[  586.711004][    C0] vcan0: j1939_tp_rxtimer: 0xffff888032ca4400: abort rx timeout. Force session deactivation
[  587.379287][   T43] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  587.729828][   T43] usb 4-1: Using ep0 maxpacket: 16
[  587.737542][   T43] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  587.749241][   T43] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  587.762322][   T43] usb 4-1: New USB device found, idVendor=0483, idProduct=1234, bcdDevice=ff.76
[  587.771652][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  587.779743][   T43] usb 4-1: Product: syz
[  587.783968][   T43] usb 4-1: Manufacturer: syz
[  587.783991][   T43] usb 4-1: SerialNumber: syz
[  587.794979][ T5955] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  588.441437][   T43] usb 4-1: config 0 descriptor??
[  588.482536][T11503] trusted_key: encrypted_key: insufficient parameters specified
[  588.579112][ T5955] usb 2-1: Using ep0 maxpacket: 8
[  588.587235][ T5955] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  588.597931][ T5955] usb 2-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5
[  588.611306][ T5955] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  588.625505][ T5955] usb 2-1: config 0 descriptor??
[  588.652391][T11492] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  588.661670][T11492] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  589.168814][T11507] trusted_key: encrypted_key: insufficient parameters specified
[  589.746830][   T43] usb_8dev 4-1:0.0 can0: sending command message failed
[  589.857487][   T43] usb_8dev 4-1:0.0 can0: can't get firmware version
[  590.165137][ T5889] usb 2-1: USB disconnect, device number 43
[  590.173009][   T43] usb_8dev 4-1:0.0: probe with driver usb_8dev failed with error -22
[  590.238810][   T43] usb 4-1: USB disconnect, device number 33
[  590.739072][ T5955] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  590.952155][T11531] trusted_key: syz.2.1401 sent an empty control message without MSG_MORE.
[  590.957646][ T5955] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  591.053909][ T5955] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  591.133066][ T5955] usb 2-1: New USB device found, idVendor=0c70, idProduct=f00d, bcdDevice= 0.00
[  591.148203][ T5955] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  591.235512][ T5955] usb 2-1: config 0 descriptor??
[  592.307081][T11549] rdma_rxe: rxe_newlink: failed to add lo
[  592.889623][ T5955] aquacomputer_d5next 0003:0C70:F00D.000E: unknown main item tag 0x0
[  592.897829][ T5955] aquacomputer_d5next 0003:0C70:F00D.000E: unknown main item tag 0x0
[  592.949263][ T5955] aquacomputer_d5next 0003:0C70:F00D.000E: item fetching failed at offset 2/5
[  592.979659][ T5955] aquacomputer_d5next 0003:0C70:F00D.000E: probe with driver aquacomputer_d5next failed with error -22
[  593.019403][ T5955] usb 2-1: USB disconnect, device number 44
[  593.219210][ T5968] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  593.378989][ T5968] usb 5-1: Using ep0 maxpacket: 32
[  593.396032][ T5968] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  593.412616][ T5968] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  593.423686][ T5968] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  593.431886][ T5968] usb 5-1: Product: syz
[  593.436108][ T5968] usb 5-1: Manufacturer: syz
[  593.440846][ T5968] usb 5-1: SerialNumber: syz
[  593.447589][ T5968] usb 5-1: config 0 descriptor??
[  593.449332][ T5955] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  593.459361][ T5968] usb 5-1: bad CDC descriptors
[  593.465510][ T5968] usb 5-1: unsupported MDLM descriptors
[  593.631131][ T5955] usb 4-1: Using ep0 maxpacket: 8
[  593.660173][   T43] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  593.691827][ T5968] usb 5-1: USB disconnect, device number 28
[  593.695065][ T5955] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  593.775147][ T5955] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  593.857347][ T5955] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  593.960028][   T43] usb 3-1: Using ep0 maxpacket: 8
[  594.009037][ T5955] usb 4-1: New USB device found, idVendor=077d, idProduct=627a, bcdDevice= 0.10
[  594.024466][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  594.072140][ T5955] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  594.085311][   T43] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  594.122674][ T5955] usb 4-1: Product: syz
[  594.137546][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.148568][ T5955] usb 4-1: Manufacturer: syz
[  594.167302][ T5955] usb 4-1: SerialNumber: syz
[  594.182743][   T43] usb 3-1: config 0 descriptor??
[  594.199987][ T5955] usb 4-1: config 0 descriptor??
[  594.217060][ T5955] radioshark2 4-1:0.0: Invalid radioSHARK2 device
[  594.226760][ T5955] radioshark2 4-1:0.0: probe with driver radioshark2 failed with error -22
[  594.240688][ T5955] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  594.594305][   T43] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  594.723092][   T43] usb 4-1: USB disconnect, device number 34
[  594.727890][T11589] RDS: rds_bind could not find a transport for ::ffff:10.1.1.0, load rds_tcp or rds_rdma?
[  595.938537][T11601] trusted_key: encrypted_key: insufficient parameters specified
[  596.942358][   T43] usb 3-1: USB disconnect, device number 19
[  597.079119][  T977] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  597.399841][T11619] rdma_rxe: rxe_newlink: failed to add lo
[  598.077625][  T977] usb 2-1: Using ep0 maxpacket: 8
[  598.189761][  T977] usb 2-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  598.209023][  T977] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  598.234558][  T977] usb 2-1: Product: syz
[  598.243824][  T977] usb 2-1: Manufacturer: syz
[  598.250090][  T977] usb 2-1: SerialNumber: syz
[  598.273825][  T977] usb 2-1: config 0 descriptor??
[  598.292510][  T977] radio-usb-si4713 2-1:0.0: Si4713 development board discovered: (10C4:8244)
[  599.708320][T11644] rdma_rxe: rxe_newlink: failed to add lo
[  600.574161][  T977] radio-usb-si4713 2-1:0.0: probe with driver radio-usb-si4713 failed with error -32
[  600.720600][  T977] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  600.761598][  T977] usb 2-1: USB disconnect, device number 45
[  600.799141][T11646] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1438'.
[  600.957834][T11652] FAULT_INJECTION: forcing a failure.
[  600.957834][T11652] name failslab, interval 1, probability 0, space 0, times 0
[  600.971470][T11652] CPU: 0 UID: 0 PID: 11652 Comm: syz.4.1441 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  600.971498][T11652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  600.971511][T11652] Call Trace:
[  600.971520][T11652]  <TASK>
[  600.971529][T11652]  dump_stack_lvl+0x189/0x250
[  600.971565][T11652]  ? __pfx____ratelimit+0x10/0x10
[  600.971599][T11652]  ? __pfx_dump_stack_lvl+0x10/0x10
[  600.971631][T11652]  ? __pfx__printk+0x10/0x10
[  600.971655][T11652]  ? look_up_lock_class+0x74/0x170
[  600.971695][T11652]  should_fail_ex+0x414/0x560
[  600.971728][T11652]  should_failslab+0xa8/0x100
[  600.971758][T11652]  __kmalloc_noprof+0xcb/0x4f0
[  600.971783][T11652]  ? io_alloc_ocqe+0x6f/0x550
[  600.971825][T11652]  io_alloc_ocqe+0x6f/0x550
[  600.971851][T11652]  ? io_cqe_cache_refill+0x1a8/0x240
[  600.971882][T11652]  io_cqe_overflow_locked+0x26/0x40
[  600.971916][T11652]  __io_submit_flush_completions+0x248/0xe40
[  600.971943][T11652]  ? io_issue_sqe+0x5bf/0xfd0
[  600.971976][T11652]  io_submit_sqes+0x181b/0x1c50
[  600.972035][T11652]  __se_sys_io_uring_enter+0x2df/0x2b20
[  600.972083][T11652]  ? ksys_write+0x1cb/0x250
[  600.972112][T11652]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  600.972136][T11652]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  600.972170][T11652]  ? __pfx_vfs_write+0x10/0x10
[  600.972198][T11652]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  600.972236][T11652]  ? __fget_files+0x3a0/0x420
[  600.972274][T11652]  ? fput+0xa0/0xd0
[  600.972306][T11652]  ? ksys_write+0x22a/0x250
[  600.972333][T11652]  ? __pfx_ksys_write+0x10/0x10
[  600.972355][T11652]  ? rcu_is_watching+0x15/0xb0
[  600.972392][T11652]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  600.972422][T11652]  do_syscall_64+0xfa/0x3b0
[  600.972441][T11652]  ? lockdep_hardirqs_on+0x9c/0x150
[  600.972483][T11652]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.972504][T11652]  ? clear_bhb_loop+0x60/0xb0
[  600.972529][T11652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.972549][T11652] RIP: 0033:0x7f96fbf8e929
[  600.972569][T11652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  600.972587][T11652] RSP: 002b:00007f96fcdcc038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  600.972608][T11652] RAX: ffffffffffffffda RBX: 00007f96fc1b5fa0 RCX: 00007f96fbf8e929
[  600.972623][T11652] RDX: 0000000000000000 RSI: 0000000000000567 RDI: 0000000000000004
[  600.972635][T11652] RBP: 00007f96fcdcc090 R08: 0000000000000000 R09: 0000000000000000
[  600.972648][T11652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  600.972659][T11652] R13: 0000000000000000 R14: 00007f96fc1b5fa0 R15: 00007ffd8e949de8
[  600.972691][T11652]  </TASK>
[  601.519804][ T5919] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  601.988454][T11669] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1446'.
[  602.041075][ T5919] usb 3-1: Using ep0 maxpacket: 8
[  602.054762][ T5919] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  602.083138][ T5919] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  602.096662][ T5919] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  602.112086][ T5919] usb 3-1: config 0 descriptor??
[  602.122482][T11673] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1447'.
[  602.924344][ T5919] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  603.212962][ T5919] usb 3-1: USB disconnect, device number 20
[  605.861626][T11712] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1461'.
[  606.124589][T11687] mmap: syz.3.1453 (11687): VmData 25972736 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[  606.569789][T11721] block device autoloading is deprecated and will be removed.
[  606.724668][   T30] audit: type=1400 audit(2000000010.480:178): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=11717 comm="syz.2.1462" dest=2
[  608.221295][ T5955] usb 4-1: new full-speed USB device number 35 using dummy_hcd
[  608.739073][ T5919] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  608.852847][ T5955] usb 4-1: unable to get BOS descriptor or descriptor too short
[  608.880631][ T5955] usb 4-1: not running at top speed; connect to a high speed hub
[  608.903618][T11756] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1473'.
[  608.913373][ T5919] usb 2-1: Using ep0 maxpacket: 8
[  609.085706][ T5955] usb 4-1: config 3 has an invalid interface number: 98 but max is 0
[  609.453127][ T5919] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  609.652827][ T5955] usb 4-1: config 3 has no interface number 0
[  609.662544][ T5955] usb 4-1: config 3 interface 98 altsetting 10 endpoint 0x2 has an invalid bInterval 0, changing to 4
[  609.677301][ T5919] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  609.697178][ T5919] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  609.716596][ T5955] usb 4-1: config 3 interface 98 altsetting 10 endpoint 0x2 has invalid wMaxPacketSize 0
[  609.737090][ T5955] usb 4-1: config 3 interface 98 has no altsetting 0
[  609.887597][ T5919] usb 2-1: config 0 descriptor??
[  609.938171][ T5955] usb 4-1: New USB device found, idVendor=06f8, idProduct=b000, bcdDevice=b9.a8
[  609.960050][ T5955] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  609.989095][ T5955] usb 4-1: Product: syz
[  609.993420][ T5955] usb 4-1: Manufacturer: syz
[  610.002276][ T5955] usb 4-1: SerialNumber: syz
[  610.242385][ T5919] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  610.530287][T11768] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1477'.
[  611.190567][   T24] usb 2-1: USB disconnect, device number 46
[  611.397570][ T5955] usb 4-1: USB disconnect, device number 35
[  612.569023][  T977] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  612.741973][  T977] usb 2-1: Using ep0 maxpacket: 8
[  612.759627][  T977] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  612.768806][  T977] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.846742][  T977] usb 2-1: config 0 descriptor??
[  612.911355][T11798] IPVS: set_ctl: invalid protocol: 192 0.32.0.0:41984
[  613.709860][   T30] audit: type=1400 audit(2000000017.730:179): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=11806 comm="syz.0.1492"
[  613.782013][T11810] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1489'.
[  614.959040][   T30] audit: type=1400 audit(2000000018.950:180): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=11817 comm="syz.3.1493" daddr=::ffff:172.20.20.187
[  615.441552][  T977] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0012: -71
[  615.603110][  T977] asix 2-1:0.0: probe with driver asix failed with error -71
[  615.819747][  T977] usb 2-1: USB disconnect, device number 47
[  618.287526][T11860] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1505'.
[  619.802645][T11880] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1504'.
[  620.030808][T11882] netlink: 'syz.2.1510': attribute type 15 has an invalid length.
[  621.653978][ T5955] libceph: connect (1)[c::]:6789 error -101
[  622.367113][ T5955] libceph: mon0 (1)[c::]:6789 connect error
[  623.809438][ T5919] libceph: connect (1)[c::]:6789 error -101
[  623.815516][ T5919] libceph: mon0 (1)[c::]:6789 connect error
[  624.012276][T11910] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1516'.
[  624.342839][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  624.353137][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  624.360507][ T5919] libceph: connect (1)[c::]:6789 error -101
[  624.372735][ T5919] libceph: mon0 (1)[c::]:6789 connect error
[  625.090430][ T5919] libceph: connect (1)[c::]:6789 error -101
[  625.096906][ T5919] libceph: mon0 (1)[c::]:6789 connect error
[  625.274273][T11929] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1521'.
[  625.359554][ T5919] libceph: connect (1)[c::]:6789 error -101
[  625.365696][ T5919] libceph: mon0 (1)[c::]:6789 connect error
[  625.688406][T11890] ceph: No mds server is up or the cluster is laggy
[  626.015399][T11945] [U] 	
[  627.298010][T11959] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1530'.
[  627.427515][T11964] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1525'.
[  628.298079][T11974] netlink: 'syz.4.1537': attribute type 11 has an invalid length.
[  628.519703][T11978] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  629.060406][ T5919] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  629.298293][ T5919] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  629.382859][ T5919] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  629.489838][ T5919] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  629.588242][ T5919] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  629.711849][ T5919] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  629.820735][ T5919] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  630.009540][ T5919] usb 5-1: config 0 descriptor??
[  630.523528][ T5919] plantronics 0003:047F:FFFF.000F: item fetching failed at offset 6/15
[  630.535163][ T5919] plantronics 0003:047F:FFFF.000F: parse failed
[  630.553324][ T5919] plantronics 0003:047F:FFFF.000F: probe with driver plantronics failed with error -22
[  631.363768][ T5889] usb 5-1: USB disconnect, device number 29
[  632.176038][T12023] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1547'.
[  632.792143][ T5968] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  633.173382][ T5968] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  633.189178][ T5968] usb 3-1: New USB device found, idVendor=056e, idProduct=011c, bcdDevice= 0.00
[  633.199052][  T977] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  633.224366][ T5968] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.239311][ T5968] usb 3-1: config 0 descriptor??
[  633.330944][T12044] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1545'.
[  633.549020][  T977] usb 5-1: Using ep0 maxpacket: 16
[  633.561680][  T977] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  633.589032][  T977] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  633.598863][  T977] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  633.628990][  T977] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  633.638168][  T977] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.667902][ T5968] elecom 0003:056E:011C.0010: report_id 0 is invalid
[  633.680060][  T977] usb 5-1: config 0 descriptor??
[  633.685296][ T5968] elecom 0003:056E:011C.0010: item 0 0 1 8 parsing failed
[  633.709986][ T5968] elecom 0003:056E:011C.0010: probe with driver elecom failed with error -22
[  634.107753][  T977] microsoft 0003:045E:07DA.0011: No inputs registered, leaving
[  634.139429][  T977] microsoft 0003:045E:07DA.0011: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  634.169359][  T977] microsoft 0003:045E:07DA.0011: no inputs found
[  634.184682][  T977] microsoft 0003:045E:07DA.0011: could not initialize ff, continuing anyway
[  634.347647][T12032] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1549'.
[  634.358207][T12032] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1549'.
[  634.385861][ T5955] usb 5-1: USB disconnect, device number 30
[  635.689471][ T5832] usb 3-1: USB disconnect, device number 21
[  636.743507][T12093] netlink: 'syz.4.1570': attribute type 15 has an invalid length.
[  642.329540][ T5919] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  642.559809][ T5919] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  642.599361][ T5919] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  642.635987][ T5919] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  642.661004][ T5919] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  642.687259][ T5919] usb 5-1: SerialNumber: syz
[  642.728287][T12167] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1594'.
[  642.923316][ T5919] usb 5-1: 0:2 : does not exist
[  642.964768][ T5919] usb 5-1: USB disconnect, device number 31
[  643.211700][T12171] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  643.426623][T12181] FAULT_INJECTION: forcing a failure.
[  643.426623][T12181] name failslab, interval 1, probability 0, space 0, times 0
[  643.439960][T12181] CPU: 0 UID: 0 PID: 12181 Comm: syz.3.1597 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  643.439989][T12181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  643.440002][T12181] Call Trace:
[  643.440013][T12181]  <TASK>
[  643.440022][T12181]  dump_stack_lvl+0x189/0x250
[  643.440059][T12181]  ? __pfx____ratelimit+0x10/0x10
[  643.440091][T12181]  ? __pfx_dump_stack_lvl+0x10/0x10
[  643.440123][T12181]  ? __pfx__printk+0x10/0x10
[  643.440147][T12181]  ? __pfx___might_resched+0x10/0x10
[  643.440178][T12181]  ? fs_reclaim_acquire+0x7d/0x100
[  643.440214][T12181]  should_fail_ex+0x414/0x560
[  643.440247][T12181]  should_failslab+0xa8/0x100
[  643.440276][T12181]  __kmalloc_noprof+0xcb/0x4f0
[  643.440301][T12181]  ? tomoyo_encode+0x28b/0x550
[  643.440337][T12181]  tomoyo_encode+0x28b/0x550
[  643.440375][T12181]  tomoyo_realpath_from_path+0x58d/0x5d0
[  643.440410][T12181]  ? tomoyo_domain+0xda/0x130
[  643.440456][T12181]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  643.440483][T12181]  tomoyo_path_number_perm+0x1e8/0x5a0
[  643.440513][T12181]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  643.440559][T12181]  ? __lock_acquire+0xab9/0xd20
[  643.440610][T12181]  ? __fget_files+0x2a/0x420
[  643.440642][T12181]  ? __fget_files+0x2a/0x420
[  643.440668][T12181]  ? __fget_files+0x3a0/0x420
[  643.440695][T12181]  ? __fget_files+0x2a/0x420
[  643.440728][T12181]  security_file_ioctl+0xcb/0x2d0
[  643.440759][T12181]  __se_sys_ioctl+0x47/0x170
[  643.440785][T12181]  do_syscall_64+0xfa/0x3b0
[  643.440803][T12181]  ? lockdep_hardirqs_on+0x9c/0x150
[  643.440834][T12181]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  643.440855][T12181]  ? clear_bhb_loop+0x60/0xb0
[  643.440880][T12181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  643.440901][T12181] RIP: 0033:0x7f9237f8e929
[  643.440918][T12181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  643.440935][T12181] RSP: 002b:00007f9238dcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  643.440956][T12181] RAX: ffffffffffffffda RBX: 00007f92381b6080 RCX: 00007f9237f8e929
[  643.440971][T12181] RDX: 0000200000000200 RSI: 00000000c020aa00 RDI: 0000000000000008
[  643.440985][T12181] RBP: 00007f9238dcf090 R08: 0000000000000000 R09: 0000000000000000
[  643.440998][T12181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  643.441010][T12181] R13: 0000000000000000 R14: 00007f92381b6080 R15: 00007ffd1cd12158
[  643.441040][T12181]  </TASK>
[  643.441339][T12181] ERROR: Out of memory at tomoyo_realpath_from_path.
[  644.714036][T12189] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1598'.
[  646.061464][   T30] audit: type=1400 audit(2000000050.070:181): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=12209 comm="syz.0.1607" daddr=::ffff:0.0.0.0
[  647.087059][T12230] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1611'.
[  647.516947][T12237] trusted_key: encrypted_key: insufficient parameters specified
[  648.597893][T12248] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1616'.
[  649.230831][T12248] syz.0.1616 (12248) used greatest stack depth: 16880 bytes left
[  649.454043][T12239] input: syz0 as /devices/virtual/input/input18
[  649.485046][T12239] input: failed to attach handler leds to device input18, error: -6
[  650.748646][T12263] veth0_vlan: left allmulticast mode
[  650.929089][ T5832] lo speed is unknown, defaulting to 1000
[  651.979023][T12280] netlink: 'syz.4.1627': attribute type 15 has an invalid length.
[  651.989609][T12280] kAFS: No cell specified
[  652.007550][T12283] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1625'.
[  656.566052][T12355] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1649'.
[  656.824325][T12364] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1652'.
[  656.858602][T12364] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1652'.
[  658.032262][T12378] netlink: 'syz.1.1655': attribute type 15 has an invalid length.
[  659.479014][ T5889] usb 2-1: new full-speed USB device number 48 using dummy_hcd
[  659.635400][ T5889] usb 2-1: unable to get BOS descriptor or descriptor too short
[  659.655994][ T5889] usb 2-1: not running at top speed; connect to a high speed hub
[  659.715147][ T5889] usb 2-1: config 3 has an invalid interface number: 98 but max is 0
[  659.744345][ T5889] usb 2-1: config 3 has no interface number 0
[  659.763736][ T5889] usb 2-1: config 3 interface 98 altsetting 10 endpoint 0x2 has an invalid bInterval 0, changing to 4
[  659.777003][ T5889] usb 2-1: config 3 interface 98 altsetting 10 endpoint 0x2 has invalid wMaxPacketSize 0
[  659.797107][ T5889] usb 2-1: config 3 interface 98 has no altsetting 0
[  659.812933][ T5889] usb 2-1: New USB device found, idVendor=06f8, idProduct=b000, bcdDevice=b9.a8
[  659.828031][ T5889] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  659.839568][ T5889] usb 2-1: Product: syz
[  659.844468][ T5889] usb 2-1: Manufacturer: syz
[  659.851400][ T5889] usb 2-1: SerialNumber: syz
[  661.011258][T12414] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1671'.
[  661.523533][T12424] netlink: 'syz.4.1670': attribute type 15 has an invalid length.
[  662.212506][T12431] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1672'.
[  662.328394][ T5889] usb 2-1: USB disconnect, device number 48
[  665.771547][T12480] netlink: 'syz.3.1686': attribute type 10 has an invalid length.
[  665.804874][T12480] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  665.866552][T12471] xt_CT: No such helper "snmp"
[  665.949179][   T24] usb 3-1: new full-speed USB device number 22 using dummy_hcd
[  666.146752][   T24] usb 3-1: unable to get BOS descriptor or descriptor too short
[  666.211487][   T24] usb 3-1: not running at top speed; connect to a high speed hub
[  666.275230][   T24] usb 3-1: config 3 has an invalid interface number: 98 but max is 0
[  666.347261][   T24] usb 3-1: config 3 has no interface number 0
[  666.416212][   T24] usb 3-1: config 3 interface 98 altsetting 10 endpoint 0x2 has an invalid bInterval 0, changing to 4
[  666.514365][   T24] usb 3-1: config 3 interface 98 altsetting 10 endpoint 0x2 has invalid wMaxPacketSize 0
[  666.571140][   T24] usb 3-1: config 3 interface 98 has no altsetting 0
[  666.595871][   T24] usb 3-1: New USB device found, idVendor=06f8, idProduct=b000, bcdDevice=b9.a8
[  666.629079][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  666.656248][T12489] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1691'.
[  666.665316][   T24] usb 3-1: Product: syz
[  666.693109][   T24] usb 3-1: Manufacturer: syz
[  666.697774][   T24] usb 3-1: SerialNumber: syz
[  666.911913][T12493] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1692'.
[  668.381088][   T24] usb 3-1: USB disconnect, device number 22
[  668.656793][T12522] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  668.707480][T12522] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  668.927538][   T24] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  669.179554][   T24] usb 3-1: Using ep0 maxpacket: 8
[  669.246137][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  669.372347][   T24] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  669.484249][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  669.521361][   T24] usb 3-1: config 0 descriptor??
[  669.735188][   T24] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  669.955353][ T5968] usb 3-1: USB disconnect, device number 23
[  673.270216][T12574] program syz.1.1718 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  673.311028][   T30] audit: type=1326 audit(2000000077.320:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12572 comm="syz.3.1719" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9237f8e929 code=0x0
[  673.546100][T12585] usb usb1: usbfs: process 12585 (syz.2.1720) did not claim interface 0 before use
[  674.105928][T12574] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  674.196296][T12574] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  674.519314][T12574] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  674.614054][T12574] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  682.258845][    C0] sched: DL replenish lagged too much
[  685.977447][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  685.998590][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  749.656553][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  749.693885][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  784.838855][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  784.845954][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P12603/1:b..l
[  784.854456][    C0] rcu: 	(detected by 0, t=10503 jiffies, g=46741, q=854341 ncpus=2)
[  784.862477][    C0] task:syz.1.1727      state:R  running task     stack:27080 pid:12603 tgid:12600 ppid:5825   task_flags:0x400040 flags:0x00004004
[  784.877142][    C0] Call Trace:
[  784.880463][    C0]  <TASK>
[  784.883431][    C0]  __schedule+0x16a2/0x4cb0
[  784.887991][    C0]  ? unwind_next_frame+0xa5/0x2390
[  784.893157][    C0]  ? unwind_next_frame+0x19ae/0x2390
[  784.898483][    C0]  ? preempt_schedule_irq+0xb5/0x150
[  784.903820][    C0]  ? __pfx___schedule+0x10/0x10
[  784.908721][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  784.914925][    C0]  ? arch_stack_walk+0x10d/0x150
[  784.919925][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  784.925263][    C0]  preempt_schedule_irq+0xb5/0x150
[  784.930417][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  784.936187][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  784.942046][    C0]  irqentry_exit+0x6f/0x90
[  784.946478][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  784.952463][    C0] RIP: 0010:__update_page_owner_free_handle+0x183/0x470
[  784.959410][    C0] Code: 89 44 24 18 4c 89 64 24 20 66 83 7c 24 04 1f 0f 87 8e 01 00 00 e8 fd 62 95 ff 4c 89 f7 4c 8b 6c 24 28 4c 89 ee e8 4d 65 95 ff <4d> 39 f5 0f 84 2c 02 00 00 48 8b 2d 6d c5 fc 0b 4c 01 fd 83 3c 24
[  784.979017][    C0] RSP: 0018:ffffc9000453f128 EFLAGS: 00000297
[  784.985089][    C0] RAX: ffffffff822aeb03 RBX: dffffc0000000000 RCX: ffff88804d39bc00
[  784.993065][    C0] RDX: 0000000000000002 RSI: 0000000000000008 RDI: 0000000000000000
[  785.001042][    C0] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffff822ae9ae
[  785.009012][    C0] R10: 0000000000000010 R11: ffffffff81ace8a0 R12: 000000000007b589
[  785.016992][    C0] R13: 0000000000000008 R14: 0000000000000000 R15: ffff88801e50ba80
[  785.025053][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  785.031209][    C0]  ? __update_page_owner_free_handle+0x2e/0x470
[  785.037452][    C0]  ? __update_page_owner_free_handle+0x183/0x470
[  785.043805][    C0]  ? __update_page_owner_free_handle+0x183/0x470
[  785.050139][    C0]  ? __update_page_owner_free_handle+0x2e/0x470
[  785.056387][    C0]  __reset_page_owner+0x85/0x1f0
[  785.061330][    C0]  __free_frozen_pages+0xc65/0xe60
[  785.066458][    C0]  __put_partials+0x161/0x1c0
[  785.071148][    C0]  put_cpu_partial+0x17c/0x250
[  785.075922][    C0]  ? put_cpu_partial+0x6d/0x250
[  785.080785][    C0]  __slab_free+0x2f7/0x400
[  785.085210][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  785.091541][    C0]  ? __phys_addr+0xd3/0x180
[  785.096063][    C0]  qlist_free_all+0x97/0x140
[  785.100690][    C0]  kasan_quarantine_reduce+0x148/0x160
[  785.106153][    C0]  __kasan_slab_alloc+0x22/0x80
[  785.111023][    C0]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  785.116484][    C0]  ? vm_area_dup+0x2b/0x680
[  785.120998][    C0]  vm_area_dup+0x2b/0x680
[  785.125339][    C0]  __split_vma+0x1a9/0xa00
[  785.129761][    C0]  ? mas_next_slot+0xc20/0xcf0
[  785.134540][    C0]  ? __pfx___split_vma+0x10/0x10
[  785.139499][    C0]  vms_gather_munmap_vmas+0x4ab/0x12b0
[  785.144961][    C0]  ? find_lowest_rq+0x12e/0x760
[  785.149829][    C0]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  785.155828][    C0]  mmap_region+0x678/0x1f30
[  785.160352][    C0]  ? __pfx_mmap_region+0x10/0x10
[  785.165299][    C0]  ? __lock_acquire+0xab9/0xd20
[  785.170205][    C0]  ? mm_get_unmapped_area+0xa7/0xd0
[  785.175414][    C0]  ? shmem_get_unmapped_area+0x2cf/0x910
[  785.181053][    C0]  ? cap_mmap_addr+0xb0/0x100
[  785.185738][    C0]  ? bpf_lsm_mmap_addr+0x9/0x20
[  785.190598][    C0]  ? security_mmap_addr+0x71/0x270
[  785.195728][    C0]  do_mmap+0xc45/0x10d0
[  785.199903][    C0]  ? __pfx_do_mmap+0x10/0x10
[  785.204496][    C0]  ? down_write_killable+0x178/0x230
[  785.209781][    C0]  ? __pfx___sched_setscheduler+0x10/0x10
[  785.215504][    C0]  ? __pfx_down_write_killable+0x10/0x10
[  785.221140][    C0]  ? __pfx_do_futex+0x10/0x10
[  785.225916][    C0]  vm_mmap_pgoff+0x31b/0x4c0
[  785.230539][    C0]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  785.235666][    C0]  ? rcu_is_watching+0x15/0xb0
[  785.240450][    C0]  ? ksys_mmap_pgoff+0xf4/0x760
[  785.245321][    C0]  ? __x64_sys_mmap+0x7f/0x140
[  785.250099][    C0]  do_syscall_64+0xfa/0x3b0
[  785.254622][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  785.259842][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  785.265918][    C0]  ? clear_bhb_loop+0x60/0xb0
[  785.270611][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  785.276515][    C0] RIP: 0033:0x7fed8558e929
[  785.280934][    C0] RSP: 002b:00007fed86483038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  785.289352][    C0] RAX: ffffffffffffffda RBX: 00007fed857b6080 RCX: 00007fed8558e929
[  785.297324][    C0] RDX: b635773f06ebbeef RSI: 0000000000b36000 RDI: 0000200000000000
[  785.305296][    C0] RBP: 00007fed85610b39 R08: ffffffffffffffff R09: 0000000000000000
[  785.313268][    C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[  785.321250][    C0] R13: 0000000000000000 R14: 00007fed857b6080 R15: 00007ffddb46b9b8
[  785.329234][    C0]  </TASK>