last executing test programs:

7m0.89323766s ago: executing program 0 (id=453):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000000)=@framed, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x670, 0x5, 0x338, 0x2f0, 0xf8, 0xfeffffff, 0x2f0, 0x220, 0x3c8, 0x3c8, 0xffffffff, 0x3c8, 0x220, 0x5, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'caif0\x00', {}, {}, 0x6}, 0x0, 0x70, 0x98}, @common=@inet=@TCPMSS={0x28}}, {{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @broadcast, @remote, @icmp_id}}}}, {{@ip={@loopback, @rand_addr, 0x0, 0x0, 'lo\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id}}}}, {{@ip={@remote, @broadcast, 0x0, 0x0, 'pim6reg0\x00', 'wlan0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv6=@private2, @ipv4=@dev, @port, @gre_key}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x398)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
read$msr(0xffffffffffffffff, 0x0, 0x0)
r5 = socket(0x848000000015, 0x805, 0x0)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @private2, 0x3ff}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000900000000b953639b4ab62ba30517d63b994e00"/42], 0x48)
sendmsg(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000001400)='H', 0x20001401}], 0x1}, 0x803e000000000000)
close_range(r4, 0xffffffffffffffff, 0x0)
fanotify_init(0x8, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
getrusage(0x0, &(0x7f0000000640))

6m59.387638771s ago: executing program 0 (id=456):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000020c0)=@newqdisc={0x38, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x7}}]}, 0x38}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000d00)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x401, 0x8001, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xd, 0x8}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x9, 0x4be, 0x6, 0x6, 0x452c, 0x5, 0xd, 0x0, 0xab2}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x51}, 0x8000)
socket(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@getqdisc={0x24, 0x26, 0x705, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0xfff1}, {0x10, 0x8}, {0x4, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x4c88b}, 0x0)

6m57.55223142s ago: executing program 0 (id=463):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
socket$inet_sctp(0x2, 0x5, 0x84)
openat$dlm_control(0xffffffffffffff9c, 0x0, 0x2401, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
lstat(&(0x7f0000000340)='./file0\x00', 0x0)
getpid()
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240))
bpf$MAP_CREATE(0x0, 0x0, 0x48)
capset(0x0, &(0x7f0000000280)={0x0, 0x9, 0x0, 0x81, 0xffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff})
r2 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0xe1002)
ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64=r1])
socket(0x11, 0x800000003, 0x0)

6m56.773410996s ago: executing program 0 (id=468):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94)
r1 = socket$key(0xf, 0x3, 0x2)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000340)=<r2=>0x0)
r3 = syz_open_procfs(r2, &(0x7f0000000380)='net/ip_vs\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r7 = dup3(r6, r5, 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x400c6314}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x51, 0x0, &(0x7f00000002c0)="a90cbf9b6da511911a7904b24a37e8cca3b2fe9e21e52d2b4b7049f2330ed1551946c71353fab8f17586aab37c49b330d41df9cc8e83b4130760e2786bbf3c239794655b2e83047bfeb4da8956eef3f21d"})
readv(r4, &(0x7f00000000c0)=[{0x0}, {&(0x7f00000001c0)=""/172, 0xac}], 0x2)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x6, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000fcffffff850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
preadv(r1, &(0x7f0000000400)=[{&(0x7f0000003080)=""/4092, 0xffc}], 0x1, 0xffffffff, 0x1)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB="060000000000000000000000000000000000e500", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="050000000300"/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r9}, &(0x7f0000000080), &(0x7f00000000c0)=r8}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000000)='cma_alloc_start\x00', r0, 0x0, 0x800000d76}, 0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x12b)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000680)=ANY=[@ANYRESDEC, @ANYRES64, @ANYRES8=r3, @ANYBLOB="c6baac92c58bec8c7f2f198876859a8a6107c7077ffa394a65a378a0e849b3e1d0589c4a5c799ba96b875435511ddb82a9ea22f09925605bd6c9a5e5a2c70d86258f6e7aa54b41a190c470c6f0156b6621d94c2dc732dd206fcdb53c5e8041ed49ed3da98ecdce26a4bca3cec514d3c4e832cc1f8b9ce5e5e57a64cf41d9b6e5727daec0390852526647ed4a9dc676a8dc53dc45d6dd5684262f18f4dc6ab28539dcce5f20098e5ca86a421854b2f430e7f491f405d236c127b7e5b1aff262d989ef0d1691aeef828babf715a55565f9c90694b33830612c78a4b1"], 0x0, 0xfffffffc, 0x0, 0x0, 0x41000, 0x27, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r10}, 0xc)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='configfs\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r11 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r11, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

6m55.170376411s ago: executing program 0 (id=470):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000003a80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x28, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x3}]}], {0x14}}, 0x70}}, 0x0)

6m53.242371339s ago: executing program 0 (id=475):
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = memfd_create(&(0x7f00000000c0)='\xe9`\x10\x98[\x82?O3#\xfa\x02\xdc\x96\xa1\xbc\x80\x00+\xb6O', 0x0)
write$binfmt_elf32(r1, &(0x7f0000001e80)=ANY=[], 0x38)
fcntl$setpipe(r0, 0x407, 0x8001a0)
splice(r0, 0x0, r2, 0x0, 0x200002, 0x0) (fail_nth: 3)

6m52.993050359s ago: executing program 32 (id=475):
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = memfd_create(&(0x7f00000000c0)='\xe9`\x10\x98[\x82?O3#\xfa\x02\xdc\x96\xa1\xbc\x80\x00+\xb6O', 0x0)
write$binfmt_elf32(r1, &(0x7f0000001e80)=ANY=[], 0x38)
fcntl$setpipe(r0, 0x407, 0x8001a0)
splice(r0, 0x0, r2, 0x0, 0x200002, 0x0) (fail_nth: 3)

31.003503769s ago: executing program 2 (id=1505):
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="20000a000000fbdbdf25140000000800070001000000080007000900000005000b0000000000080016000100010008000604"], 0x3c}, 0x1, 0x0, 0x0, 0x40851}, 0x4014)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000003e000701feffffff00000000017c0000040042800c00018006000600800a0000200002801c0017800400ad0014"], 0x44}, 0x1, 0x0, 0x0, 0x40040c0}, 0xc000)

30.357255849s ago: executing program 2 (id=1508):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x80)
syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000a68daa40d35b7c315e04000000010902120001000000000904010000ef0401"], 0x0)
process_mrelease(0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000080)={0x48, 0x5, 0x0, 0x0, <r0=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_RW(0xffffffffffffffff, 0x3ba0, &(0x7f0000000140)={0x48, 0x8, r0, 0x0, 0x1, 0x33, &(0x7f0000000100)="22081e45457ef14523ba6cb116bc27ed87622087dc7c54da8bf172d99a6f8a3be7dd29b41a52b5edb10f528a157f153d6989f7"})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000100000c02000000000000000000000d00"], 0x0, 0x34}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = epoll_create1(0x0)
r3 = socket$tipc(0x1e, 0x4, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000080)={0x20002002})
mmap(&(0x7f00007f4000/0x2000)=nil, 0x2000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
getdents(r6, &(0x7f0000000400)=""/132, 0x84)
lseek(r6, 0x0, 0x4)
pipe(&(0x7f0000000080))
r7 = socket$inet_udp(0x2, 0x2, 0x0)
close(r7)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

29.270766968s ago: executing program 5 (id=1509):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000280)="d8000000140081044e81f782db44b9040a1d080201000000040000a118000200ff030000000000000000000000000001a80016ea1f000840032e5f54c92011148ed08734843cb12b00000803600cfab94dcf5c0461c1d67f722f054f55153c6f94007134cf6ee08000a09108e8d8ef075c0100000000000000cb090000001fb791643a5e835913b06218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f52eb4edbb57a5025ccca9e00360d8bcc00400040fad95667e0060000", 0xbd}], 0x1, 0x0, 0x0, 0x7400}, 0x4040c04)

29.003665533s ago: executing program 5 (id=1513):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000002c0)={@val={0x0, 0x86dd}, @val={0x3, 0x0, 0xa, 0x0, 0x8d}, @mpls={[], @ipv6=@tipc_packet={0x8, 0x6, "09c2b4", 0x68, 0x6, 0xff, @private1, @mcast2, {[@dstopts={0x5e, 0x6, '\x00', [@generic={0x4, 0x2f, "ae6ce7126305a7a2c5ef39e2bef2ed4e6a567a6f04cafdc1a2d7ed4643a8b7d38c45a725fe866a672f993f794bbb47"}]}], @payload_named={{{{{0x28, 0x0, 0x0, 0x0, 0x1, 0xa, 0x2, 0x2, 0x4886, 0x0, 0x3, 0x9, 0x0, 0x2, 0x8, 0x0, 0x0, 0x4e23, 0x4e20}, 0x1}, 0x4, 0x4}}}}}}}, 0x9e)

28.614918246s ago: executing program 5 (id=1514):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x28, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x88)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000100)='./file1\x00', &(0x7f0000000180)='./file0\x00')
creat(&(0x7f0000000880)='./file0\x00', 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r2, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1781, 0x898, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x2, 0xa0, 0x2, [{{0x9, 0x4, 0x0, 0x1, 0x1, 0x3, 0x1, 0x3, 0x7, {0x9, 0x21, 0x2, 0x6, 0x1, {0x22, 0x57d}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x0, 0x7, 0x9}}}}}]}}]}}, 0x0)
shutdown(r2, 0x1)

27.626536826s ago: executing program 1 (id=1517):
ptrace(0x10, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x8c, 0x41, 0x107, 0x0, 0x7, {0x2, 0x7c}, [@nested={0x4, 0x31}, @nested={0x71, 0x1, 0x0, 0x1, [@generic="0d21a35edeabee19468e95c6bb", @typed={0x8, 0x110, 0x0, 0x0, @fd}, @nested={0x55, 0xcf, 0x0, 0x1, [@generic="bf288b9d9230a6366bbe245bd58e10aac0c978fc7f42215f4f5b64722f5890d962387d8981520adc5a3ae44bc2daf9c9393914cb35dc3a938c72f7b047ee0cda4dedc5dafe8ec76936cf81f87efea4", @generic="ebd6"]}]}]}, 0x8c}}, 0x4010)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007000c00000000000c000180060006"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

27.434110516s ago: executing program 3 (id=1518):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
syz_open_dev$video(0x0, 0xc000, 0x0)
syz_open_dev$I2C(0x0, 0x80, 0x274100)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback, 0x1}, 0x1c)
r5 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x600000)
recvmsg$can_j1939(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000480)=@rc, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000580)=""/165, 0xa5}, {&(0x7f0000000640)=""/254, 0xfe}, {&(0x7f0000000800)=""/179, 0xb3}, {&(0x7f00000008c0)=""/102, 0x66}, {&(0x7f00000000c0)}, {&(0x7f0000000940)=""/120, 0x78}, {&(0x7f00000009c0)=""/179, 0xb3}, {&(0x7f0000000340)=""/24, 0x18}, {&(0x7f0000000500)=""/62, 0x3e}, {&(0x7f0000000a80)=""/83, 0x53}], 0xa}, 0x130)
ioctl$SIOCAX25CTLCON(r5, 0x89e8, &(0x7f0000000040)={@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, 0x5, 0x5, 0x2, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]})
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0x10, 0x3, 0x0)
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=@newqdisc={0x64, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x14, 0x2, [@TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x40}, @TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x8}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}}, {0x4}}]}]}, 0x64}}, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x7, 0x1000000, 0x0})

27.359679199s ago: executing program 2 (id=1519):
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r4], 0x1c}}, 0x44)
sendmmsg$sock(r0, &(0x7f0000000c00)=[{{&(0x7f0000000100)=@pppoe={0x18, 0x0, {0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x9cdee939c720c692}, 'ip6gretap0\x00'}}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000300)="b8cd4705649f9f9309fe251da631114b34c55cc56e6bb60c941c521c029cdf048ce1035a96c0f68aba639fec32aa0682174ac43f07f24996a6710abe2bcb7e32a99587edeba4ebb0fb055b6df44387b808e1458e866e493d86fb0c01178d5069f8fb506b75503b6bf5932d7abdcf795d97421155d30d231593466d", 0x7b}, {&(0x7f0000000080)="c4ab39691a30f19b17dd1b5f4d6da08dabdc820b4720fac4a868ad9545f4676584c03c48fecb5b52", 0x28}], 0x2, &(0x7f0000000380)=[@mark={{0x14, 0x1, 0x24, 0x10000}}, @txtime={{0x18, 0x1, 0x3d, 0x400}}, @txtime={{0x18, 0x1, 0x3d, 0xe460000000000}}, @txtime={{0x18, 0x1, 0x3d, 0x78}}, @txtime={{0x18, 0x1, 0x3d, 0xfff}}, @txtime={{0x18, 0x1, 0x3d, 0x9}}], 0x90}}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000440)="4f1577636d1bc4cd8fa2c2c34252bfa95c07ce25bf35c3395a034f8bcb60f149674802e38562320d7a1e9852172463a4f64126f06cf63ade920cdcd33f7bb19a864ad4a16f", 0x45}, {&(0x7f00000004c0)="5d6256d7a4a73dae828b4c9c5e48b8eb366cb0b47461198b70a970e887e32f29b02132a4f6c3268de197b1112ce15828c3280cbbbd8ca1beee5eededc89235be4dc991fa44094671f937d24eb82599a27bbd6ca2ba56bcd506ab5c2e48437b4832608a2aefd14c77e11a4bd907a0b1a0ae2f83291042313a4144eb7bd22fcc6214b587649821483896aa54bf172a62476c033bc58c07db96c1fe6511951b4643cdacb3787aed7371171d73e41b4c65ea8a5eb37ccfef56e76427c8aff5a46d0db4d469b6b03b019e8656447c9cc7e1cbae4b1555c0fa558180e8027dc41b622988c43c2638", 0xe5}, {&(0x7f00000005c0)="cb60165e4016f5934425dc0cbe047e3344b26e0d4c3a34cb49814e411b411fd1a605e88299e6b38fa597faaa0ad70f0ba76cfabfc30bfb", 0x37}, {&(0x7f0000000600)="c8a1128f9db1b68299daa2eb2a119d656738f130", 0x14}], 0x4, &(0x7f0000000740)=[@mark={{0x14, 0x1, 0x24, 0xde47}}, @timestamping={{0x14, 0x1, 0x25, 0x2}}, @timestamping={{0x14, 0x1, 0x25, 0x100}}], 0x48}}, {{&(0x7f00000007c0)=@nfc={0x27, r4, 0xffffffffffffffff, 0x3}, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000840)="f21c016a4a5d8f1b5536e647e6a732205d77c0e7f7f1846ea17540be5ee353cb2ec5ba7c2862a68d1f67c7a9ac1c31c6eb314df4680058f738fb0be74d06c4fbb78cdea4ce04df047e2ef57fec952b7954df441e741f4e088dd38d75ba4cbbe120798f206ecbbd45d3ab44f8b373d560fdb28e6504a441964dab2b22237c600bfa24f8cec36aae0cea3527e2306ecd5dd44f3ab7a3d96fbf18a8956f78c37da482c69a09016979d202a4943d2cc6fbc7f7efc77169f3a470fea6c5efd8d6cc448d6c7de8ea3c015e2c", 0xc9}, {&(0x7f0000000940)="41bc8152067c558401f9f28facc5c9bdfbce9d6f9735310b3328f340328bf3d8ec2c2a9a3b3a867cb35ea7796a0183a229a8b5ead46509fabdd96534adb13b0c0179197492a0a3aaf206e87f74c2f852752b431e5fb1ba2ccabcf206d67b02b11ff7ff866b37eafc54f6377e7eeae0029833d95f494a0688f9959c980283edc7fc4759916dfb1a3152dd1f4434a91086e398b181b74ef24698", 0x99}, {&(0x7f0000000a00)="7153f0d5b1663d96cab2a906db6f155ff362b067f2d6ca7727700d72cc5c17b98752baf592907e90c9f2", 0x2a}, {&(0x7f0000000a40)="9d6b71f64d78d331b5c89330b3b219f2bbe48531e25cda224717f94ffcaa8bfa869f2330a909e4f346b1767582c20450a8d0bf4a20dae8e698d36b3eaebd93152cb46fb4c24cc90afb7a13b444c3c13651dea8335c3e6e1f020530f19200c2c1ce9a2f0470251d0b85f84f4e3ba2699ce610fe7f06ea6325c966ee3952d05d95295885543f24da1eff29e7e492279fba44e2e12984b4684507e0950236e11b2f455afb27d885bb625d8e5d75b91905d62fce924ea8774e6fee761327ab669dac1b53c385dcee5a0bce104bae6f65648ee1f9757b1af0f72e15b80ff87735e9371d236ea0b1124fb905326b5c852ed16882fc35", 0xf3}], 0x4, &(0x7f0000000b80)=[@txtime={{0x18, 0x1, 0x3d, 0x8}}, @timestamping={{0x14, 0x1, 0x25, 0xf2}}, @mark={{0x14, 0x1, 0x24, 0x81}}, @txtime={{0x18, 0x1, 0x3d, 0x100000000}}, @txtime={{0x18, 0x1, 0x3d, 0x7}}], 0x78}}], 0x3, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x40ead000)
madvise(&(0x7f0000130000/0xd000)=nil, 0xd000, 0x66)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19)
syz_clone3(&(0x7f00000001c0)={0x2000000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r5 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000020000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000002306000000000000030000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000340)='sys_enter\x00', r6}, 0x4b)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000280)={'\x00', 0x7e, 0x1000, 0x5c8, 0x80000003, 0x6})
memfd_create(&(0x7f0000000000)='\x00', 0x2)
ioctl$BLKTRACETEARDOWN(r5, 0x1276, 0x0)

26.958335296s ago: executing program 1 (id=1520):
r0 = syz_io_uring_setup(0x3c67, &(0x7f0000000400)={0x0, 0x9cfc, 0x2, 0x0, 0x227}, &(0x7f0000000300), &(0x7f0000000580))
r1 = io_uring_setup(0x23c02, &(0x7f0000000380)={0x0, 0xb504, 0x4000, 0x1, 0x267, 0x0, r0})
syz_io_uring_setup(0x529e, &(0x7f00000001c0)={0x0, 0x5571, 0x10000, 0x8002, 0x40024e, 0x0, r1}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000100)={0x0, 0x989680}, 0x1, 0x4, 0x1})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x20004000)
r4 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000200), 0x4501, 0x0)
bind$inet6(r4, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x1, 0x2ffffffff}, 0xc)
preadv(r6, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0x10, 0x3, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
r9 = syz_open_dev$dri(&(0x7f00000001c0), 0x0, 0x800)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r9, 0xc01864b0, &(0x7f0000000480)={0x0, 0x0, 0x9, 0x27ad, 0x5})
sendmsg$nl_xfrm(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="b8000000190001000000000000000000e0000002000000000000000000000000ac1414aa00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a900000000000000000000000000000400000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a0000000000000000000000804000020000000000000800000000000000000001000000000000"], 0xb8}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet_smc(0x2b, 0x1, 0x0)
rseq(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x5}, 0x20, 0x0, 0x0)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ppoll(&(0x7f0000000000)=[{r10, 0x211}], 0x1, 0x0, 0x0, 0x0)

26.694301154s ago: executing program 4 (id=1521):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000002780)={0x0, 0xa6ff, &(0x7f0000002740)={&(0x7f0000000040)={0x34, r1, 0x301, 0x0, 0x0, {0x4e}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0)

25.417670194s ago: executing program 3 (id=1522):
lsetxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x0, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000040)={0x0, 0x0, 0x8, 0xd, 0x200, &(0x7f0000000080)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000a0000fdfd000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000005000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$sock_buf(r3, 0x1, 0x3b, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000040)='cubic\x00', 0x6)
sendmmsg$inet(r2, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="68377863ac6ea61666eaa696435a75f1626fe3a3acedcaf71527ff51d446daac757559d2d6fc2b90952355ec6c61d718c91784312b1b4771888a0811895b02ffb658934b0bbd6466c9cc04cc7252f1f1deea5a8b9c6797c8f1263db526cf88899f7ecab544662eb34743cefb660a78cb9468d2900b3cda4cca9d89ab6d341d145acf249276dda272407bc98d9e5431316d468b9e4750f2316589dc4de3157592d27fd723a512c85b08035842b75ec422346f9696f4bb3226b0ca75d135ebd8cae46fb83b71c103e1fdcb1934fd1d28b4916abe2c44e26ea72be426c27052e816212096000155788943b846746ccb492175fc9e01", 0xf4}, {&(0x7f00000003c0)="5453b4b759f9d4f4f33bda880b70e0dadde06223919f4585429ef69078a4956f646ea03bfd4c090a003c01f32b1a175baf38c1eb4572c8b372a4cf9128062e58ff575546876a2804144c3aea98c4a3533396f87e860de8c66bceb0e6b387ec853b7e91c57587d38436637e702ae18eeccefdcd7a3cdd7bfc327b5d619b57d56afe1628b65e2948af5ee0e3f52746a5aff58bb7c6d253a58bf745584d1bc19fe5e42b5534eab9e9d2587b413e81f68b60f56130f82b327f5fe900e3e107bc6b783d1d23a056426d6502133386b51e657046c1c43a2a2c4a7611ee6592a5ee08700d24d832163b3def", 0xe8}, {&(0x7f0000000640)="d48c8225ddfdf2c06c27763617468581389d34126760ba3dd0fe077a7c2ce378dd62cafeeb4ba1493766d09fd561d69a5bf8109ffcd3e43d8c16b9c3fa92d4439c5af1fa4775d01dcf0748a24ab51b52fbe75287a4b9aaa18fd479bdd154b4efe531a242d90a1ca2799c242bfd4ddd8271448d3415bd3a907ad340dc2fa2471393212d02eb25242808cffdc4e7a646211c18ac8602f5fc1e4f82b72871a8d42f37988365ff", 0xa5}, {&(0x7f0000000740)="f52ec22aafecc37a6d9995f1afb5c1727f223f9b84451a110b1dfbf19cc7ed183ba93f6d55645001887fc999262b9c938e22ef5ec46b4b1b535060dcca5cff1f0e5a1d9b32cef2b6e0a61af7968dc1759c4d901867d7d6e9f2521f6a1578e1cc2fbf58837a2633c0b8299192718c61227412dafd01e8", 0x76}, {&(0x7f0000000200)="057322e186", 0x5}], 0x5}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="acc870bde54caaeacb0000108cef4fa7bf44702b284b2e80cb32d33a86853c8c28797cd14c72c87f849f6ccbf3198d11a0b1ef000000000200000088e0e022b04dbd50d36f3c028c27ba0000", 0x4c}, {&(0x7f0000000840)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b4", 0x6a}, {&(0x7f0000000e80)="5be3b011e12323e4ab88c0472f0700000000000000e71ba6231f303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf646e72f8fe08c33a33b275787892f61fbb621794716f96031931b55af30fa01d72aa5a53", 0x94}], 0x3}}], 0x2, 0xc0)
sendto$inet(r2, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

25.238617955s ago: executing program 5 (id=1523):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0e000000040000000400000009"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

24.558422696s ago: executing program 1 (id=1524):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000280)="d8000000140081044e81f782db44b9040a1d080201000000040000a118000200ff030000000000000000000000000001a80016ea1f000840032e5f54c92011148ed08734843cb12b00000803600cfab94dcf5c0461c1d67f722f054f55153c6f94007134cf6ee08000a09108e8d8ef075c0100000000000000cb090000001fb791643a5e835913b06218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f52eb4edbb57a5025ccca9e00360d8bcc00400040fad95667e0060000", 0xbd}], 0x1, 0x0, 0x0, 0x7400}, 0x4040c04)

23.780281426s ago: executing program 5 (id=1525):
r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x203, 0x2581)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x24, 0x2, 0x3, 0x5, 0x0, 0x0, {}, [@NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x10}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x27}]}, 0x24}}, 0x44840)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000800)='.\x00', &(0x7f0000000040)='tracefs\x00', 0x0, &(0x7f00000006c0)='=\n\x9b\xa1Q\a\x00\n@\xf6\"2a\xd7\x1fch\x1a}#\x1f\xff\xff\xffIT\xe4\x8c&\xac\xe6:\xc5\xe8\xd9\"\x82\xd5\xeb\x90\xef1:\xba\xc3\xc3\xd3\xad\'\xc44\x17,,\x8dZz\x04\x17-#F\xc7<\xe6\xf5]%gC\x9e\xca\nR\xc3\xc8\x98\xd8\xc8\x9eZ\xa76\x9f\xc2=\xaa\xcet7\xb9\xbd\xd47\xe3\xc8@$8\v\x9f\xfd\xe1!\x11\x19Y\x06J\x8f\x80\xef9Tw8\x1b\xe2\xf3\x85\xd5}\xa5\xb7\xd5|\xd8ZE\x92\xb4\x18|\x14\xc8\x14\xab\xe3\xd2\xb8\xf9J\x13\xbc\xea\xccp;\xa5\xe8\r=\n\x9e\xfb\x17\"\xc4QJ\xdf\xa9\x02BQ\x11\b\xab\x14\xf7\x16\xde\xc3\x89\xc6d\xdd\x18\x01\xdd\xf3\xe2\xa5\xef\x02\x17T\x94\xb9\xd4v\xb1\xe3\xb7L\xe6>*\x11e\x18\xe7-\b\xe9\x87\x81,N\x1f\x94\xa4\xe5\xd6\xd4m\x92\xccg3jNvd\xd2O|c\xb3\xa0\xf2\xc6\\\x8a\'\xb3\x81S\x9b6\xf5\xb7\x93\v\xb0\aD\xb9\xf7>\xcf?\xea\xfb\xfc\xb9\x9d\xa5\xb5\xbc\xe2\xddUJN\xb2\xb7\x9c\xc3qk\x06\xdb\xd69\x8b\x00'/288)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r4, 0x29, 0x44, &(0x7f0000000040)={'HL\x00'}, &(0x7f00000000c0)=0x1e)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, 0x0, &(0x7f0000000080)='syzkaller\x00'}, 0x94)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000005700)=[@text32={0x20, 0x0}], 0x1, 0xc, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
arch_prctl$ARCH_GET_GS(0x1004, &(0x7f0000000840))
ioctl$KVM_SET_NESTED_STATE(r7, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0x80}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3e9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e516"})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="0f01c30fc7390f01cbb9080b00000f320fc72d1454d4980fc7682bc4c2999aaddd8bceb38fe8eca2a80100000037c4e14ddee2660f38810b", 0x38}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x400, 0x0)
ioctl$PPPIOCNEWUNIT(r8, 0xc004743e, &(0x7f00000004c0)=0x3)
r9 = fcntl$dupfd(r0, 0x0, r0)
ioctl$USBDEVFS_SUBMITURB(r9, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
sendmsg$key(r9, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="02037f03040000002bbd7000ffdbdf2502000a00f600"/32], 0x20}}, 0x40000c4)
ioctl$USBDEVFS_REAPURBNDELAY(r0, 0x4008550d, 0x0)

23.658404373s ago: executing program 4 (id=1526):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), r0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x14, r1, 0x1}, 0x14}}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x20, r3, 0x7, 0x0, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x20}}, 0x4000004)

23.578916154s ago: executing program 1 (id=1527):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x18)
recvmmsg(r0, &(0x7f0000007640)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x23, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000500)={@broadcast, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x17, 0x20, 0x3, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x2, 0x0, 0x0, @void}}}}}}}, 0x0)

22.841016896s ago: executing program 1 (id=1528):
socket$nl_netfilter(0x10, 0x3, 0xc)
io_uring_enter(0xffffffffffffffff, 0x29ff, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20040000)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x9}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40186f40, &(0x7f0000000440)=0x1f)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[@ANYBLOB="6800000002060500000000000000000000000000120003006269746d61703a69702c6d616300000005000400000000000900020073797a300140000080020c00018008000140000000000800064000000000050005000200000000000000000000000000000000006f8e875417c2ec263d1705564688c337adcd3de67522269d"], 0x68}}, 0x0)
syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x4abd, 0x80, 0x4, 0x1ab}, &(0x7f0000000040)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000240), 0xaaa43, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{0x0}], 0x1)
syz_io_uring_submit(r2, r3, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x81, 0x8, 0x1, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r5 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r5, 0x40045532, 0x0)

22.839951714s ago: executing program 2 (id=1529):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', <r1=>0x0})
io_submit(0x0, 0x0, 0x0)
r2 = socket$igmp6(0xa, 0x3, 0x2)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth0_vlan\x00', <r4=>0x0})
ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @remote, 0x3, 0x2, 0x5, 0x500, 0xb7, 0x2520062, r4})
syz_emit_ethernet(0x5e, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb00282b00fc020000000000000000000000000000fe8000000000000000000000000000aa"], 0x0)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
r6 = syz_usb_connect$cdc_ecm(0x1, 0x9f, &(0x7f0000000280)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x8d, 0x1, 0x1, 0xfb, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0xd, 0x2, 0x2, 0x6, 0x0, 0x8, {{0x9, 0x24, 0x6, 0x0, 0x0, "08d6fe33"}, {0x5, 0x24, 0x0, 0x3}, {0xd, 0x24, 0xf, 0x1, 0x8, 0xeb, 0x2, 0x53}, [@dmm={0x7, 0x24, 0x14, 0x100, 0xfff1}, @obex={0x5, 0x24, 0x15, 0x1}, @mbim_extended={0x8, 0x24, 0x1c, 0x2, 0x2}, @mdlm={0x15, 0x24, 0x12, 0x3}, @mdlm={0x15, 0x24, 0x12, 0x100}, @dmm={0x7, 0x24, 0x14, 0x5, 0x8000}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x40, 0xff, 0xfc}}], {{0x9, 0x5, 0x82, 0x2, 0x10, 0xfa, 0x6, 0xe}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0x4, 0x3, 0xfd}}}}}]}}]}}, &(0x7f00000004c0)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x201, 0xfe, 0x2, 0xf4, 0x8, 0x1}, 0xf, &(0x7f00000001c0)={0x5, 0xf, 0xf, 0x1, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x2, 0x1d, 0x7, 0x9}]}, 0x4, [{0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x43e}}, {0x6d, &(0x7f0000000380)=@string={0x6d, 0x3, "57bca0685187118bfa6633b91c0ebb584e77dd60e6dac5a87547f1a4b52591c10b5dccbe255b02c594ca620c2cc1d999a1078570eb312abbfc0307ed8bd3615c600152d8f934b18703f21bdf98e3eddc9da58962f07ef85d26a167a5e905c4cf7ab39fa03399eebf2169d0"}}, {0x38, &(0x7f0000000400)=@string={0x38, 0x3, "c7bb0ce6a94bad0fe90a4f3d76f031f847126706af2ae1bd2897533269c123e824d365cb6c6716915930522bed1b0cf0958836a43f46"}}, {0x4, &(0x7f0000000440)=@lang_id={0x4, 0x3, 0x182d}}]})
syz_usb_control_io$cdc_ecm(r6, &(0x7f0000000640)={0x14, &(0x7f0000000540)={0x20, 0x23, 0xa1, {0xa1, 0x3, "db7559cf0d20150441787307e6027e578d7d346e43a5d2cceddcbba762f0bf2db2261510f85602c88998addbef875b807f1ec96a073225a5ec35253dbb5d3250247e285551719cbe02dd28107d502976a188ccb48a5ae6fac49cda0a10922f7a123305bf2f73d7cad38360e8d96df7c580fa7a8ee32af5eff2447c3083c4c41c3fad868524e4adcb081759e8842225f504d8f5273b60357f9028acda02ecc0"}}, &(0x7f0000000600)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000780)={0x1c, &(0x7f0000000680)={0x0, 0x8, 0x5a, "8071ebd750b2d2918c705a00fad68bb86376605014bbc636d8e54e260119096ecabc1143cc5f2cf1261d4b7a3dc0a242718ce87b0f2634369e814fb0d036a68fef0ae694dd5e35bb51d12272d2de626e5833f299d7972e8fd303"}, &(0x7f0000000700)={0x0, 0xa, 0x1, 0x5}, &(0x7f0000000740)={0x0, 0x8, 0x1, 0x78}})
syz_usb_control_io$hid(r5, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00222500050000000006e53f93b2938f8da7bfb3d1ad070000000083000f020057a90da1f60b000004000448aa078ceaff5a4128cfc899e0dc3a7da94081844f7156c114f7be14f5fd2abdc1937a36151bf6d89445a434855c139284d19337bd67e293e0fae16cc445d5530134451ee5e8636303485a005e6921ed01d7d6"], 0x0}, 0x0)
r7 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'geneve0\x00'})
ioctl$EVIOCGKEYCODE_V2(r7, 0x80284504, &(0x7f0000000100)=""/95)
ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000080)={@mcast1, 0x16, r1})

22.832866798s ago: executing program 4 (id=1530):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x47ffffe, 0x101140)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x0, 0x2, &(0x7f0000000180)="fae969a2", 0x4) (async)
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0) (async)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r4, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x41c45e244160ae7a}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x7c, 0x0, 0x8, 0x70bd2c, 0x25dfdbff, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @DEVLINK_ATTR_PORT_INDEX={0x8}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}]}, 0x7c}, 0x1, 0x0, 0x0, 0x48000}, 0xb760d8684fcbc867)
ioctl$sock_ifreq(r3, 0x89a3, &(0x7f0000000040)={'veth1_to_bond\x00', @ifru_names='bond0\x00'})

21.397149926s ago: executing program 3 (id=1531):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r0 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001ac0)=@delchain={0x50, 0x65, 0x200, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x8, 0xb}, {0xd, 0x7}, {0xfff1, 0xd}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_KEY_ETH_SRC_MASK={0xa, 0x7, [0xff, 0xff, 0xff, 0xff]}, @TCA_FLOWER_KEY_PORT_SRC_MIN={0x6, 0x57, 0x4e20}, @TCA_FLOWER_KEY_ICMPV4_TYPE_MASK={0x5}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4080}, 0xc050)
recvmsg$can_raw(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000ac0)=""/4096, 0x1000}], 0x1}, 0x40)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x38582c89fefb0938, 0xffffffffffffffff, 0xbe20a000)
r2 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
pwritev(r2, &(0x7f0000000500)=[{&(0x7f00000001c0)="8b7b0aec79948004bb37", 0xa}, {0x0, 0x4000}, {&(0x7f0000000180)="261e72e2e824a141775ac8ef", 0xc}], 0x3, 0x0, 0x9)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r4 = dup(r3)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000280)="d8000000140081044e81f782db44b9040a1d080201000000040000a118000200ff030000000000000000000000000001a80016ea1f000840032e5f54c92011148ed08734843cb12b00000803600cfab94dcf5c0461c1d67f722f054f55153c6f94007134cf6ee08000a09108e8d8ef075c0100000000000000cb090000001fb791643a5e835913b06218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f52eb4edbb57a5025ccca9e00360d8bcc00400040fad95667e0060000000000000580bb9ad809d5e1cace81b341139fe3cd4032e8edb12d", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x4040c04)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000dc0), 0x6df8}}, 0x0)

21.014362512s ago: executing program 4 (id=1532):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x54, r1, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_DEVKEY={0x38, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_ID={0x28, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x1c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}]}]}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000041}, 0x2000c0c0)

21.013503555s ago: executing program 5 (id=1533):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
syz_open_dev$video(0x0, 0xc000, 0x0)
syz_open_dev$I2C(0x0, 0x80, 0x274100)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback, 0x1}, 0x1c)
r5 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x600000)
recvmsg$can_j1939(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000480)=@rc, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000580)=""/165, 0xa5}, {&(0x7f0000000640)=""/254, 0xfe}, {&(0x7f0000000800)=""/179, 0xb3}, {&(0x7f00000008c0)=""/102, 0x66}, {&(0x7f00000000c0)}, {&(0x7f0000000940)=""/120, 0x78}, {&(0x7f00000009c0)=""/179, 0xb3}, {&(0x7f0000000340)=""/24, 0x18}, {&(0x7f0000000500)=""/62, 0x3e}, {&(0x7f0000000a80)=""/83, 0x53}], 0xa}, 0x130)
ioctl$SIOCAX25CTLCON(r5, 0x89e8, &(0x7f0000000040)={@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, 0x5, 0x5, 0x2, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]})
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0x10, 0x3, 0x0)
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=@newqdisc={0x64, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x14, 0x2, [@TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x40}, @TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x8}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}}, {0x4}}]}]}, 0x64}}, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x7, 0x1000000, 0x0})

12.575205094s ago: executing program 3 (id=1534):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000300)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='contention_end\x00', r0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)=':', 0x1, 0x4fed0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x20, 0x4, 0x2, 0xfffffffd, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0xffffffff}, 0x50)
r2 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
r3 = inotify_init()
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
inotify_add_watch(r3, &(0x7f0000000240)='./file0\x00', 0x8c5)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="150000000800000002"], 0x50)
acct(&(0x7f0000000140)='./file0\x00')
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000002680)={r4, 0x0, 0x0}, 0x20)
r5 = open(&(0x7f00000000c0)='./file0\x00', 0x800, 0x0)
fremovexattr(r5, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
ioctl$VIDIOC_ENUM_FREQ_BANDS(r2, 0xc0405665, &(0x7f0000000280)={0x80, 0x2, 0x3, 0x400, 0x0, 0xb, 0x2})

12.218054892s ago: executing program 4 (id=1535):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
r6 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
setsockopt$sock_timeval(r6, 0x1, 0x42, &(0x7f00000000c0)={0x0, 0x2710}, 0x10)
recvmsg(r6, &(0x7f0000002540)={0x0, 0x0, 0x0}, 0x0)

10.609980975s ago: executing program 3 (id=1536):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0e000000040000000400000009"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

9.602099851s ago: executing program 3 (id=1537):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x8, 0x3, 0x0, 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x50}, 0x94)
dup(0xffffffffffffffff)
r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$tcp_congestion(r5, &(0x7f0000000100)='reno\x00', 0x5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x17, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)={@cgroup=r7, r6, 0x12, 0x0, 0x0, @void, @value=0x0}, 0x20)
write$tcp_congestion(r5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000007c0)={@map=r7, r6, 0x12, 0x18, 0x0, @void, @value=r6}, 0x20)
setsockopt$MRT6_FLUSH(0xffffffffffffffff, 0x29, 0xd4, 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
timer_create(0x3, &(0x7f0000000180)={0x0, 0x9, 0x4, @thr={&(0x7f0000000080)="e9dfd10ff186c55812ae9cc121a142c340f4542bb0aac86f3d155c64dec2ec38fbbbd604b24af517fbdd03db758a116a59e0683d543191ca64c76b48c82809de", &(0x7f00000000c0)="ed2f73fab9508d7890e6b1328c48d4ed67673acf1e2ab39345e61620be9f40f2c58cbbb073a2afe30e9f852abd4befedb10f876201fc5be8a3326c7219528a723312272fb897a8f3aabd5f33333087894db953d984e0f6fe951d0dce1fa580800b42b360d64b29d595b3f1c62105192fef5af80be50db43897e018d37441c4c2ef6c421505da33cd6e0e8aef9da63115af8e7eb6dba302fd8673f2e7888ed4752ce48146db2d260f07e7d3a8b8d30388bf87"}}, &(0x7f00000001c0)=<r9=>0x0)
timer_settime(r9, 0x0, &(0x7f0000000240)={{0x0, 0x3938700}, {0x77359400}}, &(0x7f0000000280))
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000007040)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x94}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x17}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)

8.51646981s ago: executing program 2 (id=1538):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x18)
recvmmsg(r0, &(0x7f0000007640)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x23, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000500)={@broadcast, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x17, 0x20, 0x3, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x2, 0x0, 0x0, @void}}}}}}}, 0x0)

8.381183514s ago: executing program 4 (id=1539):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x8, 0x3, 0x0, 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x50}, 0x94)
dup(0xffffffffffffffff)
r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$tcp_congestion(r5, &(0x7f0000000100)='reno\x00', 0x5)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)={@cgroup=r6, 0xffffffffffffffff, 0x12, 0x0, 0x0, @void, @value=0x0}, 0x20)
write$tcp_congestion(r5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000007c0)={@map=r6, 0xffffffffffffffff, 0x12, 0x18}, 0x20)
r7 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
setsockopt$MRT6_FLUSH(r7, 0x29, 0xd4, 0x0, 0x0)

8.224157767s ago: executing program 1 (id=1540):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), r0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x14, r1, 0x1}, 0x14}}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x20, r3, 0x7, 0x0, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x20}}, 0x4000004)

7.912127357s ago: executing program 2 (id=1541):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="12000000020000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r0}, 0x20)
r2 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x8a73, 0x100, 0x22, 0x1b7}, &(0x7f0000000300)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0x103, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/15, 0xf}], 0x1})
io_uring_enter(r2, 0x47ba, 0x3000000, 0x0, 0x0, 0x0)
r5 = socket$inet(0x2, 0x802, 0x1)
write(r5, &(0x7f0000000440)="08008edf773c", 0x6)

0s ago: executing program 33 (id=1533):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
syz_open_dev$video(0x0, 0xc000, 0x0)
syz_open_dev$I2C(0x0, 0x80, 0x274100)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback, 0x1}, 0x1c)
r5 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x600000)
recvmsg$can_j1939(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000480)=@rc, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000580)=""/165, 0xa5}, {&(0x7f0000000640)=""/254, 0xfe}, {&(0x7f0000000800)=""/179, 0xb3}, {&(0x7f00000008c0)=""/102, 0x66}, {&(0x7f00000000c0)}, {&(0x7f0000000940)=""/120, 0x78}, {&(0x7f00000009c0)=""/179, 0xb3}, {&(0x7f0000000340)=""/24, 0x18}, {&(0x7f0000000500)=""/62, 0x3e}, {&(0x7f0000000a80)=""/83, 0x53}], 0xa}, 0x130)
ioctl$SIOCAX25CTLCON(r5, 0x89e8, &(0x7f0000000040)={@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, 0x5, 0x5, 0x2, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]})
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0x10, 0x3, 0x0)
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=@newqdisc={0x64, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x14, 0x2, [@TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x40}, @TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x8}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}}, {0x4}}]}]}, 0x64}}, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x7, 0x1000000, 0x0})

kernel console output (not intermixed with test programs):

6/report_descriptor': No such file or directory
[  299.772038][    T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  299.904428][ T5952] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  299.944176][    T9] usb 5-1: Using ep0 maxpacket: 16
[  299.981377][    T9] usb 5-1: unable to get BOS descriptor or descriptor too short
[  300.007772][    T9] usb 5-1: config 4 has an invalid interface number: 111 but max is 0
[  300.041774][    T9] usb 5-1: config 4 has no interface number 0
[  300.064429][ T5952] usb 6-1: Using ep0 maxpacket: 16
[  300.069101][    T9] usb 5-1: config 4 interface 111 altsetting 8 bulk endpoint 0x1 has invalid maxpacket 8
[  300.075681][ T5952] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  300.102567][ T8046] netlink: 4 bytes leftover after parsing attributes in process `syz.1.630'.
[  300.108753][    T9] usb 5-1: config 4 interface 111 has no altsetting 0
[  300.128217][ T5952] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C
[  300.150034][    T9] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=44.99
[  300.177335][ T5952] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 7
[  300.210046][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.214530][ T5952] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  300.230903][    T9] usb 5-1: Product: syz
[  300.230922][    T9] usb 5-1: Manufacturer: syz
[  300.230936][    T9] usb 5-1: SerialNumber: syz
[  300.236837][ T8032] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  300.316807][ T5952] usb 6-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f
[  300.355608][ T5952] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.385939][ T5952] usb 6-1: Product: syz
[  300.402323][ T5952] usb 6-1: Manufacturer: syz
[  300.413505][ T5952] usb 6-1: SerialNumber: syz
[  300.464494][ T5952] usb 6-1: config 0 descriptor??
[  300.583160][    T9] pvrusb2: Hardware description: Terratec Grabster AV400
[  300.621254][    T9] pvrusb2: **********
[  300.633824][    T9] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  300.687520][    T9] pvrusb2: Important functionality might not be entirely working.
[  300.719015][    T9] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  300.953976][ T5952] rc_core: IR keymap rc-xbox-dvd not found
[  300.999022][ T5952] Registered IR keymap rc-empty
[  301.252763][    T9] pvrusb2: **********
[  301.262637][    T9] usb 5-1: selecting invalid altsetting 0
[  301.265955][ T5952] rc rc0: syz syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  301.330894][ T5952] input: syz syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input17
[  301.398077][    T9] usb 5-1: USB disconnect, device number 10
[  301.411433][    T9] pvrusb2: Device being rendered inoperable
[  301.687940][ T8064] binder: 8063:8064 ioctl c018620c 200000000000 returned -1
[  302.145130][ T5885] usb 6-1: USB disconnect, device number 3
[  302.145195][    C1] xbox_remote 6-1:0.0: xbox_remote_irq_in: usb_submit_urb()=-19
[  302.619288][ T8074] binder: 8073:8074 ioctl c018620c 200000000000 returned -1
[  302.822194][ T8081] =======================================================
[  302.822194][ T8081] WARNING: The mand mount option has been deprecated and
[  302.822194][ T8081]          and is ignored by this kernel. Remove the mand
[  302.822194][ T8081]          option from the mount to silence this warning.
[  302.822194][ T8081] =======================================================
[  302.883616][ T8081] 9pnet_rdma: rdma_create_trans (8081): problem binding to privport: 13
[  303.304328][ T5885] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  304.011183][ T8103] netlink: 4 bytes leftover after parsing attributes in process `syz.2.642'.
[  304.020339][ T5885] usb 4-1: Using ep0 maxpacket: 32
[  304.056363][ T5885] usb 4-1: config 0 has no interfaces?
[  304.077471][ T5885] usb 4-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  304.101242][ T5885] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.119890][ T5885] usb 4-1: Product: syz
[  304.129972][ T5885] usb 4-1: Manufacturer: syz
[  304.150209][ T5885] usb 4-1: SerialNumber: syz
[  304.183611][ T5885] usb 4-1: config 0 descriptor??
[  304.328979][ T8109] netlink: 32 bytes leftover after parsing attributes in process `syz.1.644'.
[  305.076668][ T5919] usb 4-1: USB disconnect, device number 12
[  306.485613][   T43] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  307.303851][   T43] usb 2-1: Using ep0 maxpacket: 16
[  307.394304][ T8137] binder: 8128:8137 ioctl c018620c 200000000000 returned -1
[  307.534013][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  307.692300][   T43] usb 2-1: New USB device found, idVendor=04fc, idProduct=05d8, bcdDevice= 0.00
[  307.844208][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  307.986797][   T43] usb 2-1: config 0 descriptor??
[  308.187816][   T43] usbhid 2-1:0.0: can't add hid device: -71
[  308.193939][   T43] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  308.216215][   T43] usb 2-1: USB disconnect, device number 7
[  309.488478][ T8165] netlink: 4 bytes leftover after parsing attributes in process `syz.1.655'.
[  309.784279][ T5919] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  310.018626][ T5919] usb 3-1: Using ep0 maxpacket: 16
[  310.396545][ T5919] usb 3-1: New USB device found, idVendor=0483, idProduct=1234, bcdDevice=ff.76
[  310.432867][ T5919] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.457786][ T5919] usb 3-1: Product: syz
[  310.461993][ T5919] usb 3-1: Manufacturer: syz
[  310.485650][ T5919] usb 3-1: SerialNumber: syz
[  310.512093][ T5919] usb 3-1: config 0 descriptor??
[  310.663823][ T5885] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  310.756063][ T8167] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  310.781526][ T8167] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  310.823872][ T5885] usb 5-1: Using ep0 maxpacket: 32
[  310.837909][ T5885] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  310.844027][ T5906] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  310.877912][ T5885] usb 5-1: New USB device found, idVendor=044e, idProduct=1215, bcdDevice= 0.40
[  310.895272][ T5885] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.903305][ T5919] usb_8dev 3-1:0.0 can0: sending command message failed
[  310.903377][ T5919] usb_8dev 3-1:0.0 can0: can't get firmware version
[  310.948900][ T5885] usb 5-1: Product: 쮷㟩䄚ᩖ千虐ᄞ溽誟삸茤쪦鏅怷艚ුඕ烚曔댕顫꫘ﰅ䂒孯멈㇄衧粮䓦渄㆕ቕﯓ결虸瞝ᖊ裃坞㣼纉唪㮍ఀꖍﱽꋳ鏍࣐䪮쇸钞嬱婒ዠᡭ࠽娍婿౼꫕꺫仡힊톕肈廃豑㣞빳쬲འ᜾㋤䇃㨸ᶕﾵ圸懎칊ꆬ院෕ﺵ龀ﭱ℞剀诀䜮뢊蕖ﮱ曤㇞
[  311.005557][ T5919] usb_8dev 3-1:0.0: probe with driver usb_8dev failed with error -22
[  311.015355][ T5885] usb 5-1: Manufacturer: 穢溮脼㾶碂竭ꂂ剉铙Մ뇆戴㠌棴ﮮ䜢峐챬줨䕊⒊쭶微ᗰ݄啛㫺䫉桧껂䯟聝
[  311.056626][ T5885] usb 5-1: SerialNumber: syz
[  311.069479][ T5906] usb 4-1: Using ep0 maxpacket: 32
[  311.082930][ T5919] usb 3-1: USB disconnect, device number 20
[  311.116127][ T5906] usb 4-1: config 0 has no interfaces?
[  311.128699][ T5906] usb 4-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  311.159625][ T5906] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.186638][ T5906] usb 4-1: Product: syz
[  311.199059][ T5906] usb 4-1: Manufacturer: syz
[  311.220019][ T5906] usb 4-1: SerialNumber: syz
[  311.303815][ T8197] program syz.5.662 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  311.700871][ T5906] usb 4-1: config 0 descriptor??
[  311.855044][ T5885] usbhid 5-1:1.0: can't add hid device: -71
[  311.880163][ T5885] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  311.929441][ T8199] binder: 8196:8199 ioctl c018620c 200000000000 returned -1
[  312.226879][ T5885] usb 5-1: USB disconnect, device number 11
[  312.363700][    T9] usb 4-1: USB disconnect, device number 13
[  312.469323][ T8208] binder: 8204:8208 ioctl c0306201 200000000040 returned -22
[  312.918583][ T8223] netlink: 4 bytes leftover after parsing attributes in process `syz.2.669'.
[  313.101983][ T5919] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  314.050405][ T5919] usb 5-1: device descriptor read/64, error -71
[  314.824098][ T5919] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  315.349950][ T5919] usb 5-1: device descriptor read/64, error -71
[  315.538631][ T5919] usb usb5-port1: attempt power cycle
[  315.859967][ T8251] binder: 8242:8251 ioctl c0306201 200000000040 returned -22
[  316.772590][   T30] audit: type=1326 audit(1751166531.092:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8256 comm="syz.5.676" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f60cb78e929 code=0x0
[  317.169899][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  317.182142][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  317.345875][ T8264] binder: 8260:8264 ioctl c018620c 200000000000 returned -1
[  319.131449][ T8283] netlink: 4 bytes leftover after parsing attributes in process `syz.4.681'.
[  320.973997][ T5825] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  321.154185][ T5825] usb 5-1: device descriptor read/64, error -71
[  321.484184][ T5825] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  321.549564][ T8322] overlayfs: missing 'workdir'
[  321.687676][ T8323] bridge1: entered promiscuous mode
[  321.693210][ T8323] bridge1: entered allmulticast mode
[  321.854365][ T5825] usb 5-1: device descriptor read/64, error -71
[  322.302752][ T5825] usb usb5-port1: attempt power cycle
[  322.639805][ T8331] netlink: 4 bytes leftover after parsing attributes in process `syz.1.692'.
[  322.910258][ T8339] overlayfs: missing 'workdir'
[  323.011024][ T8340] bridge1: entered promiscuous mode
[  323.016783][ T8340] bridge1: entered allmulticast mode
[  323.694873][ T5825] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  323.744151][ T5825] usb 5-1: device descriptor read/8, error -71
[  326.535741][   T43] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  326.629415][ T8367] sp0: Synchronizing with TNC
[  326.835845][   T43] usb 6-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  326.862478][   T43] usb 6-1: config 0 interface 0 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 7
[  326.875999][   T43] usb 6-1: config 0 interface 0 has no altsetting 0
[  326.886053][   T43] usb 6-1: New USB device found, idVendor=047f, idProduct=c055, bcdDevice= 0.00
[  326.895479][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  327.222565][   T43] usb 6-1: config 0 descriptor??
[  327.354953][ T8362] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  327.521160][ T8375] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  327.530665][ T8375] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  327.540349][ T8375] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  327.730464][ T8362] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  327.744232][ T8362] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  327.765795][ T8384] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  327.835512][ T8384] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  327.856833][ T8385] netlink: 4 bytes leftover after parsing attributes in process `syz.2.704'.
[  327.937167][   T43] usbhid 6-1:0.0: can't add hid device: -71
[  327.951001][   T43] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  327.999430][ T8395] netlink: 132 bytes leftover after parsing attributes in process `syz.3.705'.
[  328.023463][ T5885] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  328.046496][   T43] usb 6-1: USB disconnect, device number 4
[  328.127022][ T5885] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  328.159734][ T8399] warning: `syz.5.707' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  328.203879][ T5877] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  328.374325][ T5877] usb 5-1: device descriptor read/64, error -71
[  328.442677][ T8402] fido_id[8402]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  328.783910][ T5877] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  330.036934][ T5877] usb 5-1: device descriptor read/64, error -71
[  330.154249][ T5877] usb usb5-port1: attempt power cycle
[  330.540009][ T5877] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  330.574644][ T5877] usb 5-1: device descriptor read/8, error -71
[  330.833838][ T5877] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  330.902539][ T5877] usb 5-1: device descriptor read/8, error -71
[  331.031671][ T5877] usb usb5-port1: unable to enumerate USB device
[  332.146148][ T8482] overlayfs: failed to resolve './file0': -2
[  334.515550][ T8523] Driver unsupported XDP return value 0 on prog  (id 118) dev N/A, expect packet loss!
[  334.633881][ T5919] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  334.917404][ T5919] usb 4-1: device descriptor read/64, error -71
[  335.513912][ T5919] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  335.710346][ T8540] overlayfs: failed to resolve './file0': -2
[  336.183648][ T5919] usb 4-1: device descriptor read/64, error -71
[  336.620551][ T5919] usb usb4-port1: attempt power cycle
[  338.755252][ T8563] FAULT_INJECTION: forcing a failure.
[  338.755252][ T8563] name failslab, interval 1, probability 0, space 0, times 0
[  338.770052][ T8563] CPU: 0 UID: 0 PID: 8563 Comm: syz.5.738 Not tainted 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(full) 
[  338.770076][ T8563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  338.770099][ T8563] Call Trace:
[  338.770107][ T8563]  <TASK>
[  338.770115][ T8563]  dump_stack_lvl+0x189/0x250
[  338.770145][ T8563]  ? __pfx____ratelimit+0x10/0x10
[  338.770168][ T8563]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.770191][ T8563]  ? __pfx__printk+0x10/0x10
[  338.770213][ T8563]  ? __pfx___might_resched+0x10/0x10
[  338.770235][ T8563]  ? fs_reclaim_acquire+0x7d/0x100
[  338.770262][ T8563]  should_fail_ex+0x414/0x560
[  338.770287][ T8563]  should_failslab+0xa8/0x100
[  338.770309][ T8563]  __kmalloc_noprof+0xcb/0x4f0
[  338.770327][ T8563]  ? copy_splice_read+0x143/0x9b0
[  338.770352][ T8563]  copy_splice_read+0x143/0x9b0
[  338.770373][ T8563]  ? irqentry_exit+0x74/0x90
[  338.770403][ T8563]  ? __pfx_copy_splice_read+0x10/0x10
[  338.770434][ T8563]  ? lockdep_set_lock_cmp_fn+0xe5/0x150
[  338.770463][ T8563]  ? alloc_pipe_info+0x374/0x4d0
[  338.770482][ T8563]  ? __pfx_copy_splice_read+0x10/0x10
[  338.770497][ T8563]  splice_direct_to_actor+0x4a6/0xcc0
[  338.770534][ T8563]  ? __pfx_direct_splice_actor+0x10/0x10
[  338.770552][ T8563]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  338.770582][ T8563]  do_splice_direct+0x181/0x270
[  338.770605][ T8563]  ? __pfx_do_splice_direct+0x10/0x10
[  338.770626][ T8563]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  338.770648][ T8563]  ? bpf_lsm_file_permission+0x9/0x20
[  338.770670][ T8563]  ? security_file_permission+0x75/0x290
[  338.770691][ T8563]  ? rw_verify_area+0x258/0x650
[  338.770714][ T8563]  do_sendfile+0x4da/0x7e0
[  338.770735][ T8563]  ? __pfx_vfs_write+0x10/0x10
[  338.770760][ T8563]  ? __pfx_do_sendfile+0x10/0x10
[  338.770782][ T8563]  ? __fget_files+0x3a0/0x420
[  338.770815][ T8563]  __se_sys_sendfile64+0x13e/0x190
[  338.770842][ T8563]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  338.770874][ T8563]  do_syscall_64+0xfa/0x3b0
[  338.770896][ T8563]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.770917][ T8563]  ? asm_sysvec_call_function_single+0x1a/0x20
[  338.770933][ T8563]  ? clear_bhb_loop+0x60/0xb0
[  338.770954][ T8563]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.770970][ T8563] RIP: 0033:0x7f60cb78e929
[  338.770986][ T8563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.771000][ T8563] RSP: 002b:00007f60cc669038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  338.771018][ T8563] RAX: ffffffffffffffda RBX: 00007f60cb9b6080 RCX: 00007f60cb78e929
[  338.771031][ T8563] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000007
[  338.771041][ T8563] RBP: 00007f60cc669090 R08: 0000000000000000 R09: 0000000000000000
[  338.771051][ T8563] R10: 000000000000009c R11: 0000000000000246 R12: 0000000000000001
[  338.771061][ T8563] R13: 0000000000000000 R14: 00007f60cb9b6080 R15: 00007ffd0e52ce08
[  338.771089][ T8563]  </TASK>
[  339.953915][ T5885] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  340.128221][ T5885] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  340.163829][ T5885] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  340.222568][ T5885] usb 6-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  340.244799][ T8585] binder: 8576:8585 ioctl c0306201 200000000040 returned -22
[  340.253421][ T8584] binder: 8577:8584 ioctl c018620c 200000000000 returned -1
[  340.326194][ T5885] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  340.395745][ T5885] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.476733][ T5885] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  340.558991][ T5885] usb 6-1: invalid MIDI out EP 0
[  341.169081][ T5885] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -22
[  341.239862][ T5885] usb 6-1: USB disconnect, device number 5
[  341.435823][ T8591] overlayfs: failed to resolve './file0': -2
[  343.588183][ T5885] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  344.426255][ T5885] usb 2-1: device descriptor read/64, error -71
[  345.094915][    T9] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  345.599467][    T9] usb 3-1: Using ep0 maxpacket: 16
[  345.725043][    T9] usb 3-1: config 0 has an invalid interface number: 35 but max is 0
[  345.801477][    T9] usb 3-1: config 0 has no interface number 0
[  345.822127][    T9] usb 3-1: config 0 interface 35 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 7
[  346.317436][ T8637] overlayfs: failed to resolve './file0': -2
[  346.386298][    T9] usb 3-1: config 0 interface 35 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  347.366036][    T9] usb 3-1: New USB device found, idVendor=07d0, idProduct=4101, bcdDevice=ec.5c
[  347.375357][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.383561][    T9] usb 3-1: Product: syz
[  347.388366][    T9] usb 3-1: Manufacturer: syz
[  347.393058][    T9] usb 3-1: SerialNumber: syz
[  347.401064][    T9] usb 3-1: config 0 descriptor??
[  347.410050][    T9] cypress_m8 3-1:0.35: Nokia CA-42 V2 Adapter converter detected
[  347.638849][ T8612] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.711299][ T8612] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  347.735277][    T9] usb 3-1: Nokia CA-42 V2 Adapter converter now attached to ttyUSB0
[  347.751868][    T9] usb 3-1: USB disconnect, device number 21
[  347.771470][    T9] nokiaca42v2 ttyUSB0: Nokia CA-42 V2 Adapter converter now disconnected from ttyUSB0
[  347.792265][    T9] cypress_m8 3-1:0.35: device disconnected
[  348.029521][ T5825] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  348.281770][ T5825] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  348.377167][ T5825] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  348.433852][ T5825] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  348.596814][ T5825] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  348.664041][ T5877] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  348.716166][ T5825] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  348.757202][ T5825] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  348.833662][ T5825] usb 5-1: invalid MIDI out EP 0
[  348.850780][ T8662] binder: BINDER_SET_CONTEXT_MGR already set
[  348.863876][ T8662] binder: 8661:8662 ioctl 4018620d 200000000040 returned -16
[  348.887446][ T5877] usb 4-1: device descriptor read/64, error -71
[  348.939641][   T30] audit: type=1326 audit(1751166563.252:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8665 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  348.939693][   T30] audit: type=1326 audit(1751166563.252:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8665 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  348.939731][   T30] audit: type=1326 audit(1751166563.252:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8665 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  348.939769][   T30] audit: type=1326 audit(1751166563.252:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8665 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  348.939806][   T30] audit: type=1326 audit(1751166563.252:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8665 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  348.939842][   T30] audit: type=1326 audit(1751166563.262:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8665 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  348.939880][   T30] audit: type=1326 audit(1751166563.262:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8665 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  348.939917][   T30] audit: type=1326 audit(1751166563.262:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8665 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  348.939953][   T30] audit: type=1326 audit(1751166563.262:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8665 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2fbbb8d290 code=0x7ffc0000
[  349.089527][ T6482] udevd[6482]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  349.117193][ T5825] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[  349.204808][ T5877] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  349.277442][ T5825] usb 5-1: USB disconnect, device number 23
[  349.363989][ T5877] usb 4-1: device descriptor read/64, error -71
[  350.074471][ T8666] tty tty25: ldisc open failed (-12), clearing slot 24
[  350.169704][ T5877] usb usb4-port1: attempt power cycle
[  350.573536][ T8680] netlink: 'syz.1.771': attribute type 11 has an invalid length.
[  350.708215][ T8683] netlink: 4 bytes leftover after parsing attributes in process `syz.1.773'.
[  350.803882][ T5877] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  350.840717][ T5877] usb 4-1: device descriptor read/8, error -71
[  350.894004][ T8688] overlayfs: failed to resolve './file0': -2
[  351.152713][ T5877] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  351.471470][ T5877] usb 4-1: device descriptor read/8, error -71
[  351.587396][ T5877] usb usb4-port1: unable to enumerate USB device
[  353.659897][ T8723] netlink: 8 bytes leftover after parsing attributes in process `syz.2.779'.
[  353.677853][ T8723] bridge0: port 2(bridge_slave_1) entered disabled state
[  353.685591][ T8723] bridge0: port 1(bridge_slave_0) entered disabled state
[  353.916717][ T8712] mpoa:mpoad_close: (<unknown>) going down
[  354.100982][ T8736] overlayfs: failed to resolve './file0': -2
[  355.324226][ T5952] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  355.602521][ T5952] usb 4-1: device descriptor read/64, error -71
[  355.694227][    T9] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  355.903876][ T5952] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  355.917106][    T9] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  355.948190][    T9] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  356.191636][    T9] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  356.205209][    T9] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  356.213972][ T5952] usb 4-1: device descriptor read/64, error -71
[  356.219242][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  357.209711][    T9] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  357.222729][    T9] usb 2-1: invalid MIDI out EP 0
[  357.324342][ T5952] usb usb4-port1: attempt power cycle
[  357.354025][ T5919] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  357.528229][ T5919] usb 3-1: config 9 has an invalid interface number: 187 but max is 0
[  357.549636][ T5919] usb 3-1: config 9 has no interface number 0
[  357.560240][ T5919] usb 3-1: config 9 interface 187 altsetting 2 endpoint 0xB has invalid maxpacket 1024, setting to 64
[  357.572705][ T5919] usb 3-1: config 9 interface 187 has no altsetting 0
[  357.586574][ T5919] usb 3-1: New USB device found, idVendor=0403, idProduct=6015, bcdDevice= 0.19
[  357.598793][ T5919] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.691389][ T6482] udevd[6482]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  357.719877][ T5919] usb 3-1: Product: syz
[  357.723520][    T9] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22
[  357.748442][    T9] usb 2-1: USB disconnect, device number 10
[  357.765042][ T5919] usb 3-1: Manufacturer: syz
[  357.774039][ T5952] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  357.789747][ T5919] usb 3-1: SerialNumber: syz
[  358.443475][ T5952] usb 4-1: device descriptor read/8, error -71
[  358.765664][ T8778] overlayfs: failed to resolve './file0': -2
[  358.783451][ T5952] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  359.003585][ T5824] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  359.013679][ T5824] CPU: 1 UID: 0 PID: 5824 Comm: kworker/u9:2 Not tainted 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(full) 
[  359.013704][ T5824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  359.013717][ T5824] Workqueue: hci3 hci_rx_work
[  359.013748][ T5824] Call Trace:
[  359.013755][ T5824]  <TASK>
[  359.013764][ T5824]  dump_stack_lvl+0x189/0x250
[  359.013792][ T5824]  ? kernfs_path_from_node+0x2c/0x260
[  359.013816][ T5824]  ? __pfx_dump_stack_lvl+0x10/0x10
[  359.013840][ T5824]  ? __pfx__printk+0x10/0x10
[  359.013861][ T5824]  ? __rcu_read_unlock+0x84/0xe0
[  359.013879][ T5824]  ? kernfs_path_from_node+0x2c/0x260
[  359.013903][ T5824]  ? kernfs_path_from_node+0x22c/0x260
[  359.013924][ T5824]  ? kernfs_path_from_node+0x2c/0x260
[  359.013950][ T5824]  sysfs_create_dir_ns+0x259/0x280
[  359.013976][ T5824]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  359.014001][ T5824]  ? do_raw_spin_unlock+0x122/0x240
[  359.014025][ T5824]  kobject_add_internal+0x59f/0xb40
[  359.014052][ T5824]  kobject_add+0x155/0x220
[  359.014082][ T5824]  ? __pfx_kobject_add+0x10/0x10
[  359.014108][ T5824]  ? _raw_spin_unlock+0x3f/0x50
[  359.014133][ T5824]  ? get_device_parent+0x366/0x3a0
[  359.014163][ T5824]  device_add+0x408/0xb50
[  359.014193][ T5824]  hci_conn_add_sysfs+0xd5/0x1e0
[  359.014219][ T5824]  le_conn_complete_evt+0xc3a/0x1220
[  359.014252][ T5824]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  359.014272][ T5824]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  359.014294][ T5824]  ? __asan_memcpy+0x40/0x70
[  359.014315][ T5824]  ? __pfx___mutex_lock+0x10/0x10
[  359.014348][ T5824]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  359.014371][ T5824]  ? skb_pull_data+0xfb/0x200
[  359.014400][ T5824]  hci_le_conn_complete_evt+0x187/0x450
[  359.014435][ T5824]  hci_event_packet+0x78f/0x1200
[  359.014462][ T5824]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  359.014491][ T5824]  ? __pfx_hci_event_packet+0x10/0x10
[  359.014526][ T5824]  ? hci_send_to_monitor+0xe2/0x570
[  359.014549][ T5824]  hci_rx_work+0x46a/0xe80
[  359.014581][ T5824]  ? process_scheduled_works+0x9ef/0x17b0
[  359.014607][ T5824]  process_scheduled_works+0xade/0x17b0
[  359.014662][ T5824]  ? __pfx_process_scheduled_works+0x10/0x10
[  359.014704][ T5824]  worker_thread+0x8a0/0xda0
[  359.014757][ T5824]  kthread+0x70e/0x8a0
[  359.014779][ T5824]  ? __pfx_worker_thread+0x10/0x10
[  359.014802][ T5824]  ? __pfx_kthread+0x10/0x10
[  359.014823][ T5824]  ? _raw_spin_unlock_irq+0x23/0x50
[  359.014843][ T5824]  ? lockdep_hardirqs_on+0x9c/0x150
[  359.014864][ T5824]  ? __pfx_kthread+0x10/0x10
[  359.014883][ T5824]  ret_from_fork+0x3fc/0x770
[  359.014908][ T5824]  ? __pfx_ret_from_fork+0x10/0x10
[  359.014938][ T5824]  ? __switch_to_asm+0x39/0x70
[  359.014953][ T5824]  ? __switch_to_asm+0x33/0x70
[  359.014968][ T5824]  ? __pfx_kthread+0x10/0x10
[  359.014988][ T5824]  ret_from_fork_asm+0x1a/0x30
[  359.015023][ T5824]  </TASK>
[  359.311550][ T5824] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  359.342221][ T5952] usb 4-1: device descriptor read/8, error -71
[  359.462620][ T5952] usb usb4-port1: unable to enumerate USB device
[  359.474727][ T5824] Bluetooth: hci3: failed to register connection device
[  359.717641][ T5919] ftdi_sio 3-1:9.187: FTDI USB Serial Device converter detected
[  359.743237][ T5919] usb 3-1: Detected SIO
[  360.485632][ T5919] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  360.669306][ T5919] usb 3-1: USB disconnect, device number 22
[  362.279588][ T5919] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  362.292718][ T5919] ftdi_sio 3-1:9.187: device disconnected
[  364.361583][ T8823] overlayfs: failed to resolve './file0': -2
[  364.564485][ T5952] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  364.935889][ T5952] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  365.039355][ T5952] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  365.052335][ T5952] usb 4-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  365.066888][ T5952] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  365.078606][ T5952] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  365.300273][ T5952] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  365.575679][ T5826] Bluetooth: hci3: command 0x0406 tx timeout
[  365.618070][ T5952] usb 4-1: invalid MIDI out EP 0
[  366.080554][ T6110] udevd[6110]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  366.115939][ T5952] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22
[  366.156482][ T5952] usb 4-1: USB disconnect, device number 25
[  367.749409][ T8854] netlink: 65047 bytes leftover after parsing attributes in process `syz.4.821'.
[  368.743866][ T8865] overlayfs: failed to resolve './file0': -2
[  370.362579][ T8875] netlink: 'syz.1.827': attribute type 29 has an invalid length.
[  370.374218][ T5826] Bluetooth: hci2: command 0x0406 tx timeout
[  370.450332][ T8875] netlink: 'syz.1.827': attribute type 29 has an invalid length.
[  371.428084][ T8887] netlink: 256 bytes leftover after parsing attributes in process `syz.1.828'.
[  372.283815][ T8897] netlink: ct family unspecified
[  372.306404][ T8897] openvswitch: netlink: Actions may not be safe on all matching packets
[  372.351955][ T8898] netlink: 'syz.5.833': attribute type 12 has an invalid length.
[  373.214026][ T5825] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  373.581916][ T5825] usb 6-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  373.735891][ T5825] usb 6-1: config 1 interface 0 has no altsetting 0
[  373.951406][ T5825] usb 6-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40
[  374.111369][ T5825] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.255535][ T5825] usb 6-1: Product: syz
[  374.332033][ T5825] usb 6-1: Manufacturer: syz
[  374.408177][ T5825] usb 6-1: SerialNumber: syz
[  376.118837][ T8919] overlayfs: failed to resolve './file0': -2
[  377.578409][ T5825] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/input/input19
[  377.632700][ T5825] usb 6-1: USB disconnect, device number 6
[  377.638818][    C0] pxrc 6-1:1.0: pxrc_usb_irq - usb_submit_urb failed with result: -19
[  377.654210][ T5174] pxrc 6-1:1.0: pxrc_open - usb_submit_urb failed, error: -19
[  378.538030][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  378.545100][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  378.998834][ T8946] 9pnet_fd: Insufficient options for proto=fd
[  380.788094][ T8962] netlink: ct family unspecified
[  380.807829][ T8962] openvswitch: netlink: Actions may not be safe on all matching packets
[  383.415123][ T8993] netlink: 132 bytes leftover after parsing attributes in process `syz.5.856'.
[  383.899070][ T9004] overlayfs: missing 'workdir'
[  384.020033][ T9005] bridge2: entered promiscuous mode
[  384.025876][ T9005] bridge2: entered allmulticast mode
[  384.685668][ T9007] binder: 8998:9007 ioctl c018620c 200000000000 returned -1
[  385.049129][ T9010] netlink: ct family unspecified
[  385.054610][ T9010] openvswitch: netlink: Actions may not be safe on all matching packets
[  385.910197][ T9021] FAULT_INJECTION: forcing a failure.
[  385.910197][ T9021] name failslab, interval 1, probability 0, space 0, times 0
[  385.949990][ T9021] CPU: 1 UID: 0 PID: 9021 Comm: syz.1.864 Not tainted 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(full) 
[  385.950016][ T9021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  385.950027][ T9021] Call Trace:
[  385.950034][ T9021]  <TASK>
[  385.950043][ T9021]  dump_stack_lvl+0x189/0x250
[  385.950071][ T9021]  ? __pfx____ratelimit+0x10/0x10
[  385.950094][ T9021]  ? __pfx_dump_stack_lvl+0x10/0x10
[  385.950117][ T9021]  ? __pfx__printk+0x10/0x10
[  385.950138][ T9021]  ? __pfx___might_resched+0x10/0x10
[  385.950160][ T9021]  ? fs_reclaim_acquire+0x7d/0x100
[  385.950187][ T9021]  should_fail_ex+0x414/0x560
[  385.950211][ T9021]  should_failslab+0xa8/0x100
[  385.950234][ T9021]  __kmalloc_noprof+0xcb/0x4f0
[  385.950252][ T9021]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  385.950273][ T9021]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  385.950301][ T9021]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  385.950331][ T9021]  genl_family_rcv_msg_doit+0xb8/0x300
[  385.950361][ T9021]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  385.950385][ T9021]  ? rcu_is_watching+0x15/0xb0
[  385.950407][ T9021]  ? cap_capable+0x11f/0x460
[  385.950427][ T9021]  ? safesetid_security_capable+0xa9/0x1a0
[  385.950450][ T9021]  ? bpf_lsm_capable+0x9/0x20
[  385.950472][ T9021]  ? security_capable+0x7e/0x2e0
[  385.950501][ T9021]  genl_rcv_msg+0x60e/0x790
[  385.950530][ T9021]  ? __pfx_genl_rcv_msg+0x10/0x10
[  385.950549][ T9021]  ? ref_tracker_free+0x63a/0x7d0
[  385.950568][ T9021]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  385.950588][ T9021]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  385.950603][ T9021]  ? __pfx_nl80211_post_doit+0x10/0x10
[  385.950624][ T9021]  ? __pfx_ref_tracker_free+0x10/0x10
[  385.950655][ T9021]  netlink_rcv_skb+0x205/0x470
[  385.950675][ T9021]  ? __pfx_genl_rcv_msg+0x10/0x10
[  385.950698][ T9021]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  385.950733][ T9021]  ? down_read+0x1ad/0x2e0
[  385.950752][ T9021]  genl_rcv+0x28/0x40
[  385.950772][ T9021]  netlink_unicast+0x758/0x8d0
[  385.950807][ T9021]  netlink_sendmsg+0x805/0xb30
[  385.950835][ T9021]  ? __pfx_netlink_sendmsg+0x10/0x10
[  385.950862][ T9021]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  385.950881][ T9021]  ? __pfx_netlink_sendmsg+0x10/0x10
[  385.950899][ T9021]  __sock_sendmsg+0x21c/0x270
[  385.950926][ T9021]  ____sys_sendmsg+0x505/0x830
[  385.950952][ T9021]  ? __pfx_____sys_sendmsg+0x10/0x10
[  385.950989][ T9021]  ? import_iovec+0x74/0xa0
[  385.951015][ T9021]  ___sys_sendmsg+0x21f/0x2a0
[  385.951037][ T9021]  ? __pfx____sys_sendmsg+0x10/0x10
[  385.951095][ T9021]  ? __fget_files+0x2a/0x420
[  385.951115][ T9021]  ? __fget_files+0x3a0/0x420
[  385.951146][ T9021]  __x64_sys_sendmsg+0x19b/0x260
[  385.951168][ T9021]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  385.951198][ T9021]  ? __pfx_ksys_write+0x10/0x10
[  385.951214][ T9021]  ? rcu_is_watching+0x15/0xb0
[  385.951242][ T9021]  ? do_syscall_64+0xbe/0x3b0
[  385.951269][ T9021]  do_syscall_64+0xfa/0x3b0
[  385.951290][ T9021]  ? lockdep_hardirqs_on+0x9c/0x150
[  385.951311][ T9021]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.951328][ T9021]  ? clear_bhb_loop+0x60/0xb0
[  385.951349][ T9021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.951366][ T9021] RIP: 0033:0x7f379e18e929
[  385.951382][ T9021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  385.951397][ T9021] RSP: 002b:00007f379ef16038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  385.951417][ T9021] RAX: ffffffffffffffda RBX: 00007f379e3b5fa0 RCX: 00007f379e18e929
[  385.951431][ T9021] RDX: 0000000000000010 RSI: 0000200000000240 RDI: 0000000000000003
[  385.951443][ T9021] RBP: 00007f379ef16090 R08: 0000000000000000 R09: 0000000000000000
[  385.951454][ T9021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  385.951465][ T9021] R13: 0000000000000000 R14: 00007f379e3b5fa0 R15: 00007ffff0f198d8
[  385.951494][ T9021]  </TASK>
[  387.307544][    T9] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  387.338483][ T9041] netlink: 132 bytes leftover after parsing attributes in process `syz.3.870'.
[  387.490232][    T9] usb 6-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  387.512781][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  387.598249][    T9] usb 6-1: Product: syz
[  387.685561][    T9] usb 6-1: Manufacturer: syz
[  387.720072][    T9] usb 6-1: SerialNumber: syz
[  387.865799][    T9] usb 6-1: config 0 descriptor??
[  387.906168][    T9] gspca_main: sunplus-2.14.0 probing 055f:c230
[  388.757086][   T30] audit: type=1800 audit(1751166602.902:12): pid=9055 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.877" name="bus" dev="overlay" ino=924 res=0 errno=0
[  388.871551][ T5934] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  389.331892][ T5934] usb 4-1: device descriptor read/64, error -71
[  389.703986][ T5934] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  389.874892][ T5934] usb 4-1: device descriptor read/64, error -71
[  389.980652][ T9039] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  390.003623][ T5934] usb usb4-port1: attempt power cycle
[  390.023126][ T9039] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  390.188458][ T5884] usb 6-1: USB disconnect, device number 7
[  390.393901][ T5934] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  391.069349][ T5934] usb 4-1: device descriptor read/8, error -71
[  391.365299][ T5934] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  391.817971][ T5934] usb 4-1: device descriptor read/8, error -71
[  391.944334][ T5934] usb usb4-port1: unable to enumerate USB device
[  391.979198][ T9091] netlink: 132 bytes leftover after parsing attributes in process `syz.4.885'.
[  393.853059][ T9109] mpoa:mpoad_close: (<unknown>) going down
[  395.254277][ T9138] netlink: 'syz.5.896': attribute type 29 has an invalid length.
[  395.358426][ T5877] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  395.551696][ T5877] usb 5-1: device descriptor read/64, error -71
[  395.884033][ T5919] usb 4-1: new full-speed USB device number 30 using dummy_hcd
[  395.894463][ T5877] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  396.208348][ T5919] usb 4-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  396.257006][ T5877] usb 5-1: device descriptor read/64, error -71
[  396.418508][ T5919] usb 4-1: config 1 interface 0 has no altsetting 0
[  396.474639][ T5877] usb usb5-port1: attempt power cycle
[  396.570299][ T5919] usb 4-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40
[  396.703427][ T5919] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  396.837778][ T5919] usb 4-1: Product: syz
[  396.914995][ T5919] usb 4-1: Manufacturer: syz
[  396.948365][ T5877] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  396.990291][ T5919] usb 4-1: SerialNumber: syz
[  397.068267][ T5877] usb 5-1: device descriptor read/8, error -71
[  397.444378][ T5877] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  397.630949][ T5877] usb 5-1: device descriptor read/8, error -71
[  397.839626][ T5877] usb usb5-port1: unable to enumerate USB device
[  398.347329][ T5934] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  398.349588][ T5919] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input20
[  398.358233][ T9150] netlink: 132 bytes leftover after parsing attributes in process `syz.1.899'.
[  398.444226][ T9152] overlayfs: missing 'workdir'
[  398.583893][ T9153] bridge1: entered promiscuous mode
[  398.589661][ T9153] bridge1: entered allmulticast mode
[  399.226276][ T5934] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  399.324980][ T5919] usb 4-1: USB disconnect, device number 30
[  399.344073][ T5174] pxrc 4-1:1.0: pxrc_open - usb_submit_urb failed, error: -19
[  400.147801][ T9164] overlayfs: missing 'workdir'
[  400.283471][ T9165] bridge2: entered promiscuous mode
[  400.289179][ T9165] bridge2: entered allmulticast mode
[  400.926468][ T9155] fido_id[9155]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  403.369653][ T9190] overlayfs: missing 'workdir'
[  403.451078][ T9190] bridge2: entered promiscuous mode
[  403.456639][ T9190] bridge2: entered allmulticast mode
[  404.340314][ T5952] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  404.350035][ T9194] netlink: 132 bytes leftover after parsing attributes in process `syz.2.913'.
[  404.360917][ T5952] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  404.911078][ T9201] bridge3: entered promiscuous mode
[  404.916951][ T9201] bridge3: entered allmulticast mode
[  407.688623][ T5934] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  410.349096][ T9220] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  410.388743][ T5934] usb 2-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  410.444677][ T5934] usb 2-1: config 1 interface 0 has no altsetting 0
[  410.476101][ T5934] usb 2-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40
[  410.497417][ T5934] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  410.546730][ T5934] usb 2-1: Product: syz
[  410.564194][ T5934] usb 2-1: Manufacturer: syz
[  410.587704][ T5934] usb 2-1: SerialNumber: syz
[  410.925150][ T9224] binder: 9222:9224 ioctl c018620c 200000000000 returned -1
[  411.250426][ T5934] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input21
[  411.688972][ T5934] usb 2-1: USB disconnect, device number 11
[  411.695122][    C0] pxrc 2-1:1.0: pxrc_usb_irq - usb_submit_urb failed with result: -19
[  411.733636][ T5174] pxrc 2-1:1.0: pxrc_open - usb_submit_urb failed, error: -19
[  411.771000][ T5174] pxrc 2-1:1.0: pxrc_open - usb_submit_urb failed, error: -19
[  413.182035][ T9248] binder: 9244:9248 ioctl c0306201 200000000040 returned -22
[  415.164415][ T9257] netlink: 132 bytes leftover after parsing attributes in process `syz.2.927'.
[  415.178146][ T5934] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  415.202246][ T5934] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  416.898406][   T30] audit: type=1800 audit(1751166631.222:13): pid=9266 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.929" name="bus" dev="overlay" ino=1172 res=0 errno=0
[  417.655342][ T5919] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  418.243207][ T5919] usb 6-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  418.551891][ T5919] usb 6-1: config 1 interface 0 has no altsetting 0
[  419.095201][ T5919] usb 6-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40
[  419.320069][ T5919] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  420.400313][ T5919] usb 6-1: Product: syz
[  420.405341][ T5919] usb 6-1: Manufacturer: syz
[  420.409969][ T5919] usb 6-1: SerialNumber: syz
[  420.447745][ T5919] usb 6-1: can't set config #1, error -71
[  420.456534][ T5919] usb 6-1: USB disconnect, device number 8
[  420.766272][ T5877] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  420.780738][ T9294] usb usb3: usbfs: interface 0 claimed by hub while 'syz.2.937' sets config #4096
[  421.143907][ T5877] usb 2-1: device descriptor read/64, error -71
[  421.424866][ T5877] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  421.834210][ T5934] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  421.881306][ T9301] binder: 9298:9301 ioctl c0306201 200000000040 returned -22
[  422.142313][ T5934] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  422.278170][ T5934] usb 3-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[  422.363859][ T5877] usb 2-1: device descriptor read/64, error -71
[  422.381412][ T5934] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.398771][ T5934] usb 3-1: config 0 descriptor??
[  422.582396][ T5877] usb usb2-port1: attempt power cycle
[  423.097676][ T5934] usb 3-1: USB disconnect, device number 23
[  426.253936][ T5877] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  426.559411][ T5877] usb 2-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  426.759370][ T5877] usb 2-1: config 1 interface 0 has no altsetting 0
[  426.951840][ T5877] usb 2-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40
[  427.108324][ T5877] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  427.258234][ T5877] usb 2-1: Product: syz
[  427.329755][ T5877] usb 2-1: Manufacturer: syz
[  427.452645][ T5877] usb 2-1: SerialNumber: syz
[  428.309708][ T5877] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input22
[  428.458812][   T30] audit: type=1800 audit(1751166642.782:14): pid=9342 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.951" name="bus" dev="overlay" ino=1109 res=0 errno=0
[  428.593858][ T5877] usb 2-1: USB disconnect, device number 15
[  428.609816][ T5174] pxrc 2-1:1.0: pxrc_open - usb_submit_urb failed, error: -19
[  428.777681][ T5174] pxrc 2-1:1.0: pxrc_open - usb_submit_urb failed, error: -19
[  429.012558][ T9345] FAULT_INJECTION: forcing a failure.
[  429.012558][ T9345] name failslab, interval 1, probability 0, space 0, times 0
[  429.220274][ T9345] CPU: 0 UID: 0 PID: 9345 Comm: syz.2.952 Not tainted 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(full) 
[  429.220300][ T9345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  429.220314][ T9345] Call Trace:
[  429.220325][ T9345]  <TASK>
[  429.220332][ T9345]  dump_stack_lvl+0x189/0x250
[  429.220360][ T9345]  ? __pfx____ratelimit+0x10/0x10
[  429.220383][ T9345]  ? __pfx_dump_stack_lvl+0x10/0x10
[  429.220406][ T9345]  ? __pfx__printk+0x10/0x10
[  429.220426][ T9345]  ? __pfx___might_resched+0x10/0x10
[  429.220453][ T9345]  should_fail_ex+0x414/0x560
[  429.220476][ T9345]  should_failslab+0xa8/0x100
[  429.220498][ T9345]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  429.220519][ T9345]  ? __alloc_skb+0x112/0x2d0
[  429.220540][ T9345]  __alloc_skb+0x112/0x2d0
[  429.220562][ T9345]  netlink_sendmsg+0x5c6/0xb30
[  429.220580][ T9345]  ? finish_task_switch+0x266/0x950
[  429.220606][ T9345]  ? __pfx_netlink_sendmsg+0x10/0x10
[  429.220633][ T9345]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  429.220651][ T9345]  ? __pfx_netlink_sendmsg+0x10/0x10
[  429.220669][ T9345]  __sock_sendmsg+0x21c/0x270
[  429.220696][ T9345]  ____sys_sendmsg+0x505/0x830
[  429.220721][ T9345]  ? __pfx_____sys_sendmsg+0x10/0x10
[  429.220749][ T9345]  ? import_iovec+0x74/0xa0
[  429.220776][ T9345]  ___sys_sendmsg+0x21f/0x2a0
[  429.220798][ T9345]  ? __pfx____sys_sendmsg+0x10/0x10
[  429.220824][ T9345]  ? rcu_read_unlock_special+0x3fe/0x4c0
[  429.220872][ T9345]  ? __fget_files+0x2a/0x420
[  429.220900][ T9345]  ? __fget_files+0x3a0/0x420
[  429.220931][ T9345]  __x64_sys_sendmsg+0x19b/0x260
[  429.220953][ T9345]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  429.220983][ T9345]  ? __pfx_ksys_write+0x10/0x10
[  429.221007][ T9345]  ? do_syscall_64+0xbe/0x3b0
[  429.221033][ T9345]  do_syscall_64+0xfa/0x3b0
[  429.221055][ T9345]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.221070][ T9345]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  429.221086][ T9345]  ? clear_bhb_loop+0x60/0xb0
[  429.221106][ T9345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.221123][ T9345] RIP: 0033:0x7f2fbbb8e929
[  429.221139][ T9345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  429.221155][ T9345] RSP: 002b:00007f2fbc912038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  429.221173][ T9345] RAX: ffffffffffffffda RBX: 00007f2fbbdb5fa0 RCX: 00007f2fbbb8e929
[  429.221186][ T9345] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  429.221197][ T9345] RBP: 00007f2fbc912090 R08: 0000000000000000 R09: 0000000000000000
[  429.221207][ T9345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  429.221218][ T9345] R13: 0000000000000000 R14: 00007f2fbbdb5fa0 R15: 00007ffd877d4af8
[  429.221246][ T9345]  </TASK>
[  430.795352][ T9359] FAULT_INJECTION: forcing a failure.
[  430.795352][ T9359] name failslab, interval 1, probability 0, space 0, times 0
[  430.845091][ T9359] CPU: 0 UID: 0 PID: 9359 Comm: syz.2.957 Not tainted 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(full) 
[  430.845118][ T9359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  430.845130][ T9359] Call Trace:
[  430.845138][ T9359]  <TASK>
[  430.845146][ T9359]  dump_stack_lvl+0x189/0x250
[  430.845173][ T9359]  ? __pfx____ratelimit+0x10/0x10
[  430.845197][ T9359]  ? __pfx_dump_stack_lvl+0x10/0x10
[  430.845220][ T9359]  ? __pfx__printk+0x10/0x10
[  430.845244][ T9359]  ? __pfx___might_resched+0x10/0x10
[  430.845265][ T9359]  ? fs_reclaim_acquire+0x7d/0x100
[  430.845292][ T9359]  should_fail_ex+0x414/0x560
[  430.845317][ T9359]  should_failslab+0xa8/0x100
[  430.845340][ T9359]  __kmalloc_noprof+0xcb/0x4f0
[  430.845358][ T9359]  ? kfree+0x4d/0x440
[  430.845381][ T9359]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  430.845410][ T9359]  tomoyo_realpath_from_path+0xe3/0x5d0
[  430.845434][ T9359]  ? tomoyo_domain+0xda/0x130
[  430.845463][ T9359]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  430.845483][ T9359]  tomoyo_path_number_perm+0x1e8/0x5a0
[  430.845506][ T9359]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  430.845544][ T9359]  ? __lock_acquire+0xab9/0xd20
[  430.845586][ T9359]  ? __fget_files+0x2a/0x420
[  430.845610][ T9359]  ? __fget_files+0x2a/0x420
[  430.845629][ T9359]  ? __fget_files+0x3a0/0x420
[  430.845649][ T9359]  ? __fget_files+0x2a/0x420
[  430.845673][ T9359]  security_file_ioctl+0xcb/0x2d0
[  430.845697][ T9359]  __se_sys_ioctl+0x47/0x170
[  430.845718][ T9359]  do_syscall_64+0xfa/0x3b0
[  430.845740][ T9359]  ? lockdep_hardirqs_on+0x9c/0x150
[  430.845762][ T9359]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  430.845779][ T9359]  ? clear_bhb_loop+0x60/0xb0
[  430.845800][ T9359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  430.845817][ T9359] RIP: 0033:0x7f2fbbb8e929
[  430.845836][ T9359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  430.845852][ T9359] RSP: 002b:00007f2fbc912038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  430.845872][ T9359] RAX: ffffffffffffffda RBX: 00007f2fbbdb5fa0 RCX: 00007f2fbbb8e929
[  430.845885][ T9359] RDX: 0000000000000000 RSI: 00000000c0189378 RDI: 0000000000000004
[  430.845896][ T9359] RBP: 00007f2fbc912090 R08: 0000000000000000 R09: 0000000000000000
[  430.845907][ T9359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  430.845918][ T9359] R13: 0000000000000000 R14: 00007f2fbbdb5fa0 R15: 00007ffd877d4af8
[  430.845947][ T9359]  </TASK>
[  430.846582][ T9359] ERROR: Out of memory at tomoyo_realpath_from_path.
[  431.709549][ T9372] 9pnet_fd: Insufficient options for proto=fd
[  431.912170][ T9369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.960'.
[  432.076804][ T9377] bridge1: entered promiscuous mode
[  432.082854][ T9377] bridge1: entered allmulticast mode
[  432.264306][ T5877] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  432.593839][ T5877] usb 4-1: device descriptor read/64, error -71
[  432.924015][ T5877] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  433.735998][ T5877] usb 4-1: device descriptor read/64, error -71
[  434.114001][   T24] usb 3-1: new full-speed USB device number 24 using dummy_hcd
[  434.389826][ T5877] usb usb4-port1: attempt power cycle
[  435.072468][   T30] audit: type=1800 audit(1751166649.392:15): pid=9394 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.966" name="bus" dev="overlay" ino=1052 res=0 errno=0
[  435.960802][   T24] usb 3-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  436.256541][ T9407] overlayfs: missing 'workdir'
[  436.394953][ T9408] bridge4: entered promiscuous mode
[  436.400449][ T9408] bridge4: entered allmulticast mode
[  437.020413][   T24] usb 3-1: config 1 interface 0 has no altsetting 0
[  437.194400][ T9410] 9pnet_fd: Insufficient options for proto=fd
[  437.201210][ T9410] atomic_op ffff88807a74b998 conn xmit_atomic 0000000000000000
[  437.287991][   T24] usb 3-1: string descriptor 0 read error: -71
[  437.295686][   T24] usb 3-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40
[  437.313791][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.342687][   T24] usb 3-1: can't set config #1, error -71
[  437.413130][   T24] usb 3-1: USB disconnect, device number 24
[  438.184062][   T24] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  438.210128][ T9425] netlink: 132 bytes leftover after parsing attributes in process `syz.2.973'.
[  438.232308][ T9426] bridge3: entered promiscuous mode
[  438.239798][ T9426] bridge3: entered allmulticast mode
[  438.264375][   T24] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  438.325075][ T9429] FAULT_INJECTION: forcing a failure.
[  438.325075][ T9429] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  438.383168][ T9429] CPU: 1 UID: 0 PID: 9429 Comm: syz.3.974 Not tainted 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(full) 
[  438.383196][ T9429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  438.383207][ T9429] Call Trace:
[  438.383214][ T9429]  <TASK>
[  438.383222][ T9429]  dump_stack_lvl+0x189/0x250
[  438.383251][ T9429]  ? __pfx____ratelimit+0x10/0x10
[  438.383275][ T9429]  ? __pfx_dump_stack_lvl+0x10/0x10
[  438.383298][ T9429]  ? __pfx__printk+0x10/0x10
[  438.383316][ T9429]  ? __might_fault+0xb0/0x130
[  438.383347][ T9429]  should_fail_ex+0x414/0x560
[  438.383372][ T9429]  _copy_from_iter+0x1db/0x16f0
[  438.383399][ T9429]  ? rcu_is_watching+0x15/0xb0
[  438.383424][ T9429]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  438.383445][ T9429]  ? __pfx__copy_from_iter+0x10/0x10
[  438.383469][ T9429]  ? __build_skb_around+0x257/0x3e0
[  438.383491][ T9429]  ? netlink_sendmsg+0x642/0xb30
[  438.383515][ T9429]  ? skb_put+0x11b/0x210
[  438.383537][ T9429]  netlink_sendmsg+0x6b2/0xb30
[  438.383565][ T9429]  ? __pfx_netlink_sendmsg+0x10/0x10
[  438.383591][ T9429]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  438.383611][ T9429]  ? __pfx_netlink_sendmsg+0x10/0x10
[  438.383630][ T9429]  __sock_sendmsg+0x21c/0x270
[  438.383657][ T9429]  ____sys_sendmsg+0x505/0x830
[  438.383682][ T9429]  ? __pfx_____sys_sendmsg+0x10/0x10
[  438.383712][ T9429]  ? import_iovec+0x74/0xa0
[  438.383742][ T9429]  ___sys_sendmsg+0x21f/0x2a0
[  438.383762][ T9429]  ? __pfx____sys_sendmsg+0x10/0x10
[  438.383815][ T9429]  ? __fget_files+0x2a/0x420
[  438.383835][ T9429]  ? __fget_files+0x3a0/0x420
[  438.383865][ T9429]  __x64_sys_sendmsg+0x19b/0x260
[  438.383885][ T9429]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  438.383912][ T9429]  ? __pfx_ksys_write+0x10/0x10
[  438.383928][ T9429]  ? rcu_is_watching+0x15/0xb0
[  438.383954][ T9429]  ? do_syscall_64+0xbe/0x3b0
[  438.383981][ T9429]  do_syscall_64+0xfa/0x3b0
[  438.384001][ T9429]  ? lockdep_hardirqs_on+0x9c/0x150
[  438.384023][ T9429]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.384040][ T9429]  ? clear_bhb_loop+0x60/0xb0
[  438.384061][ T9429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.384077][ T9429] RIP: 0033:0x7f3e4938e929
[  438.384093][ T9429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  438.384107][ T9429] RSP: 002b:00007f3e4a211038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  438.384126][ T9429] RAX: ffffffffffffffda RBX: 00007f3e495b5fa0 RCX: 00007f3e4938e929
[  438.384139][ T9429] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  438.384150][ T9429] RBP: 00007f3e4a211090 R08: 0000000000000000 R09: 0000000000000000
[  438.384160][ T9429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  438.384170][ T9429] R13: 0000000000000000 R14: 00007f3e495b5fa0 R15: 00007ffe8abf3d48
[  438.384199][ T9429]  </TASK>
[  439.504011][    T9] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  439.656807][   T30] audit: type=1800 audit(1751166653.982:16): pid=9449 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.979" name="bus" dev="overlay" ino=1156 res=0 errno=0
[  439.713910][    T9] usb 3-1: device descriptor read/64, error -71
[  440.151481][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  440.612121][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  440.624751][   T30] audit: type=1800 audit(1751166654.422:17): pid=9451 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.5.980" name="bus" dev="overlay" ino=448 res=0 errno=0
[  440.884060][    T9] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  441.013994][    T9] usb 3-1: device descriptor read/64, error -71
[  441.030341][   T30] audit: type=1800 audit(1751166655.352:18): pid=9456 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.981" name="bus" dev="overlay" ino=1078 res=0 errno=0
[  441.894684][    T9] usb usb3-port1: attempt power cycle
[  442.236643][ T9463] 9pnet_fd: Insufficient options for proto=fd
[  443.206475][    T9] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  443.534631][ T9475] netlink: 8 bytes leftover after parsing attributes in process `syz.5.986'.
[  443.543670][ T9475] netlink: 16 bytes leftover after parsing attributes in process `syz.5.986'.
[  443.688930][    T9] usb 3-1: device not accepting address 27, error -71
[  443.847851][ T5934] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  443.862304][ T9479] netlink: 132 bytes leftover after parsing attributes in process `syz.2.988'.
[  443.888465][ T5934] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  444.167881][ T9489] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551611)
[  444.186403][ T9489] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647
[  445.850096][ T9514] netlink: 124 bytes leftover after parsing attributes in process `syz.5.999'.
[  446.023903][   T24] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  446.206086][   T24] usb 5-1: device descriptor read/64, error -71
[  446.427507][ T9513] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  446.488544][   T24] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  446.561569][ T9526] netlink: ct family unspecified
[  446.575652][ T9526] openvswitch: netlink: Actions may not be safe on all matching packets
[  446.633852][   T24] usb 5-1: device descriptor read/64, error -71
[  446.709871][ T9528] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1004'.
[  446.721544][ T9528] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1004'.
[  446.753928][   T24] usb usb5-port1: attempt power cycle
[  447.085865][ T9537] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1007'.
[  447.102504][ T5935] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  447.110632][   T24] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  447.141222][ T5935] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  447.165152][   T24] usb 5-1: device descriptor read/8, error -71
[  447.451186][   T24] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  447.634696][   T24] usb 5-1: device descriptor read/8, error -71
[  447.884873][   T24] usb usb5-port1: unable to enumerate USB device
[  448.669453][ T9558] 9pnet_fd: Insufficient options for proto=fd
[  450.831662][ T9568] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.246941][ T9568] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.337551][ T9582] overlayfs: failed to resolve './file0': -2
[  451.858253][ T9581] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1021'.
[  451.899558][    T9] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  452.005167][    T9] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  452.151034][ T9568] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.244372][ T9587] fido_id[9587]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  452.382132][ T9568] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  453.033037][ T9568] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  453.183398][ T9568] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  453.273629][ T9568] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  453.285764][ T5877] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  453.311661][ T9568] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  453.423948][ T5877] usb 3-1: device descriptor read/64, error -71
[  454.276597][ T5877] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  454.361168][ T9621] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  454.434090][ T5877] usb 3-1: device descriptor read/64, error -71
[  454.614231][ T5877] usb usb3-port1: attempt power cycle
[  454.729184][ T9632] overlayfs: failed to resolve './file0': -2
[  455.042753][    T9] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  455.105870][ T9628] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1034'.
[  455.219112][    T9] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  455.556363][ T9635] fido_id[9635]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  455.576059][ T5877] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  455.605481][ T5877] usb 3-1: device descriptor read/8, error -71
[  455.854524][ T5877] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  455.916195][ T5877] usb 3-1: device descriptor read/8, error -71
[  456.220730][ T5877] usb usb3-port1: unable to enumerate USB device
[  458.954411][ T9677] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1047'.
[  459.000384][   T24] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  459.026588][ T9678] overlayfs: failed to resolve './file0': -2
[  459.099074][   T24] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  459.715469][ T9683] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1048'.
[  459.809939][ T9681] fido_id[9681]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  460.677425][ T9691] fuse: Bad value for 'fd'
[  460.919006][ T9700] openvswitch: netlink: Duplicate or invalid key (type 0).
[  460.919049][ T9700] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  461.073893][ T5919] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  461.203892][ T5919] usb 4-1: device descriptor read/64, error -71
[  461.279395][   T30] audit: type=1800 audit(1751166675.572:19): pid=9705 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.1054" name="bus" dev="overlay" ino=1182 res=0 errno=0
[  461.726796][ T5919] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  462.453423][ T5919] usb 4-1: device descriptor read/64, error -71
[  462.836890][ T9719] overlayfs: failed to resolve './file0': -2
[  462.845593][ T5919] usb usb4-port1: attempt power cycle
[  462.903567][ T9718] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  463.221275][ T5919] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  463.274755][ T5919] usb 4-1: device descriptor read/8, error -71
[  463.319633][ T5952] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  463.334254][ T9722] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1059'.
[  463.398496][ T5952] hid-generic 0000:0000:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  463.412560][ T9724] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1060'.
[  463.451314][ T9728] fuse: Bad value for 'fd'
[  463.555227][ T5919] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  463.624545][ T5919] usb 4-1: device descriptor read/8, error -71
[  463.759349][ T5919] usb usb4-port1: unable to enumerate USB device
[  464.110776][ T9744] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  464.178610][ T9744] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  464.967626][   T30] audit: type=1800 audit(1751166679.252:20): pid=9756 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.1071" name="bus" dev="overlay" ino=1152 res=0 errno=0
[  467.732771][ T9771] fuse: Bad value for 'fd'
[  467.895733][ T9777] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  468.059781][ T5934] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  469.138529][ T5934] usb 5-1: device descriptor read/64, error -71
[  469.398277][ T9799] binder: 9795:9799 ioctl c0306201 200000000040 returned -22
[  469.968050][ T9800] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1079'.
[  469.977625][ T5919] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  469.983861][ T5934] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  470.011231][ T5919] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  470.130405][ T5934] usb 5-1: device descriptor read/64, error -71
[  470.240897][ T9806] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  470.285556][ T5934] usb usb5-port1: attempt power cycle
[  471.125557][ T5934] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  471.209876][ T5934] usb 5-1: device descriptor read/8, error -71
[  472.760358][ T9836] binder: 9827:9836 ioctl c0306201 200000000040 returned -22
[  473.468873][ T9842] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  473.723874][ T5934] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  474.836902][ T5934] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  474.849645][ T5934] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  474.972619][ T5934] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  474.996392][ T5934] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  475.043584][ T5934] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.145210][ T5934] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  475.176063][ T5934] usb 5-1: invalid MIDI out EP 0
[  475.685018][ T9866] 9pnet_fd: Insufficient options for proto=fd
[  475.921387][   T24] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  476.135251][ T5934] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[  476.184021][ T5934] usb 5-1: USB disconnect, device number 36
[  476.283829][   T24] usb 4-1: device descriptor read/64, error -71
[  476.509976][   T30] audit: type=1800 audit(1751166690.822:21): pid=9872 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.5.1100" name="bus" dev="overlay" ino=608 res=0 errno=0
[  476.553949][   T24] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  477.533849][   T24] usb 4-1: device descriptor read/64, error -71
[  477.785482][   T24] usb usb4-port1: attempt power cycle
[  478.932929][ T9894] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  480.486673][ T9909] overlayfs: failed to resolve './file0': -2
[  480.541724][ T9909] bridge4: entered promiscuous mode
[  480.547362][ T9909] bridge4: entered allmulticast mode
[  481.143926][   T30] audit: type=1800 audit(1751166695.412:22): pid=9907 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.1111" name="bus" dev="overlay" ino=1245 res=0 errno=0
[  481.464165][ T9911] 9pnet_rdma: rdma_create_trans (9911): problem binding to privport: 13
[  482.194556][    T9] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  482.273829][    C0] hrtimer: interrupt took 91201 ns
[  482.424066][ T5877] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  482.585454][ T5877] usb 2-1: device descriptor read/64, error -71
[  483.110569][    T9] usb 4-1: Using ep0 maxpacket: 16
[  483.119925][    T9] usb 4-1: config 64 has an invalid descriptor of length 0, skipping remainder of the config
[  483.134560][   T30] audit: type=1326 audit(1751166697.452:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9934 comm="syz.2.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  483.159799][   T30] audit: type=1326 audit(1751166697.452:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9934 comm="syz.2.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  483.189829][ T5877] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  483.329956][    T9] usb 4-1: New USB device found, idVendor=9e88, idProduct=9e8f, bcdDevice=9b.e4
[  483.342685][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  483.345947][ T5877] usb 2-1: device descriptor read/64, error -71
[  483.355249][    T9] usb 4-1: Product: syz
[  483.362330][   T30] audit: type=1326 audit(1751166697.452:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9934 comm="syz.2.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  483.384913][    T9] usb 4-1: Manufacturer: syz
[  483.389590][    T9] usb 4-1: SerialNumber: syz
[  483.397459][   T30] audit: type=1326 audit(1751166697.452:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9934 comm="syz.2.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  483.419213][   T30] audit: type=1326 audit(1751166697.452:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9934 comm="syz.2.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  483.451818][   T30] audit: type=1326 audit(1751166697.452:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9934 comm="syz.2.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  483.477086][   T30] audit: type=1326 audit(1751166697.452:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9934 comm="syz.2.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  483.504043][   T30] audit: type=1326 audit(1751166697.452:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9934 comm="syz.2.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  483.509401][ T5877] usb usb2-port1: attempt power cycle
[  483.538379][   T30] audit: type=1326 audit(1751166697.452:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9934 comm="syz.2.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  483.564924][   T30] audit: type=1326 audit(1751166697.452:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9934 comm="syz.2.1118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fbbb8e929 code=0x7ffc0000
[  483.713591][    T9] ftdi_sio 4-1:64.0: Ignoring interface reserved for JTAG
[  483.728511][    T9] usb 4-1: USB disconnect, device number 41
[  484.104387][ T5877] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  484.219691][ T5877] usb 2-1: device descriptor read/8, error -71
[  484.504025][ T5877] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  484.684682][ T9953] netlink: 47 bytes leftover after parsing attributes in process `syz.5.1124'.
[  484.743870][ T5877] usb 2-1: device not accepting address 19, error -71
[  484.762285][ T5877] usb usb2-port1: unable to enumerate USB device
[  486.104479][ T9965] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  487.784695][ T9995] netlink: 47 bytes leftover after parsing attributes in process `syz.4.1136'.
[  487.873971][    T9] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  488.527580][    T9] usb 4-1: device descriptor read/64, error -71
[  488.983945][    T9] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  489.102314][T10007] netlink: 1088 bytes leftover after parsing attributes in process `syz.2.1137'.
[  489.291713][    T9] usb 4-1: device descriptor read/64, error -71
[  489.404861][    T9] usb usb4-port1: attempt power cycle
[  490.326587][    T9] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  490.422709][    T9] usb 4-1: device descriptor read/8, error -71
[  490.787019][    T9] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  491.040849][T10031] C: renamed from team_slave_0 (while UP)
[  491.791773][    T9] usb 4-1: device not accepting address 45, error -71
[  491.822210][    T9] usb usb4-port1: unable to enumerate USB device
[  491.828240][T10036] FAULT_INJECTION: forcing a failure.
[  491.828240][T10036] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  492.176334][T10031] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1142'.
[  492.186077][T10036] CPU: 1 UID: 0 PID: 10036 Comm: syz.3.1144 Not tainted 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(full) 
[  492.186093][T10036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  492.186100][T10036] Call Trace:
[  492.186105][T10036]  <TASK>
[  492.186110][T10036]  dump_stack_lvl+0x189/0x250
[  492.186129][T10036]  ? __pfx____ratelimit+0x10/0x10
[  492.186143][T10036]  ? __pfx_dump_stack_lvl+0x10/0x10
[  492.186156][T10036]  ? __pfx__printk+0x10/0x10
[  492.186165][T10036]  ? __might_fault+0xb0/0x130
[  492.186182][T10036]  should_fail_ex+0x414/0x560
[  492.186196][T10036]  _copy_from_user+0x2d/0xb0
[  492.186211][T10036]  ___sys_sendmsg+0x158/0x2a0
[  492.186224][T10036]  ? __pfx____sys_sendmsg+0x10/0x10
[  492.186252][T10036]  ? __fget_files+0x2a/0x420
[  492.186264][T10036]  ? __fget_files+0x3a0/0x420
[  492.186281][T10036]  __x64_sys_sendmsg+0x19b/0x260
[  492.186294][T10036]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  492.186310][T10036]  ? __pfx_ksys_write+0x10/0x10
[  492.186319][T10036]  ? rcu_is_watching+0x15/0xb0
[  492.186335][T10036]  ? do_syscall_64+0xbe/0x3b0
[  492.186350][T10036]  do_syscall_64+0xfa/0x3b0
[  492.186363][T10036]  ? lockdep_hardirqs_on+0x9c/0x150
[  492.186375][T10036]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.186385][T10036]  ? clear_bhb_loop+0x60/0xb0
[  492.186396][T10036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.186405][T10036] RIP: 0033:0x7f3e4938e929
[  492.186415][T10036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  492.186424][T10036] RSP: 002b:00007f3e4a211038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  492.186436][T10036] RAX: ffffffffffffffda RBX: 00007f3e495b5fa0 RCX: 00007f3e4938e929
[  492.186443][T10036] RDX: 0000000000000000 RSI: 00002000000029c0 RDI: 0000000000000003
[  492.186449][T10036] RBP: 00007f3e4a211090 R08: 0000000000000000 R09: 0000000000000000
[  492.186455][T10036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  492.186460][T10036] R13: 0000000000000000 R14: 00007f3e495b5fa0 R15: 00007ffe8abf3d48
[  492.186475][T10036]  </TASK>
[  493.225602][T10048] 9pnet_fd: Insufficient options for proto=fd
[  495.055411][ T5824] Bluetooth: hci0: unexpected event for opcode 0x1004
[  495.903934][   T30] audit: type=1800 audit(1751166709.982:33): pid=10060 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.1151" name="bus" dev="overlay" ino=1321 res=0 errno=0
[  497.498482][T10068] binder: 10064:10068 ioctl c0306201 200000000040 returned -22
[  498.304354][ T5884] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  498.544182][ T5884] usb 5-1: device descriptor read/64, error -71
[  499.144418][ T5824] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  499.154176][ T5824] Bluetooth: hci0: Injecting HCI hardware error event
[  499.163529][ T5824] Bluetooth: hci0: hardware error 0x00
[  499.243956][   T24] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  499.258142][ T5884] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  499.424190][ T5884] usb 5-1: device descriptor read/64, error -71
[  499.586128][ T5884] usb usb5-port1: attempt power cycle
[  499.683697][   T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  499.873808][   T24] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  499.883505][   T24] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  499.902387][   T24] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  499.911669][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  499.984040][   T24] usb 6-1: Product: syz
[  500.031512][   T24] usb 6-1: Manufacturer: syz
[  500.060695][   T24] usb 6-1: SerialNumber: syz
[  500.467141][ T5884] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  500.494999][ T5884] usb 5-1: device descriptor read/8, error -71
[  500.711730][   T24] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  501.419651][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  501.426150][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  501.683956][ T5884] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  501.926743][ T5824] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  503.087027][ T5884] usb 5-1: device descriptor read/8, error -71
[  503.198907][ T5884] usb usb5-port1: unable to enumerate USB device
[  503.369380][   T24] usb 6-1: USB disconnect, device number 9
[  503.413298][   T24] usblp0: removed
[  511.057735][T10160] binder: 10156:10160 ioctl c0306201 200000000040 returned -22
[  511.756721][T10166] binder: 10161:10166 ioctl c0306201 200000000040 returned -22
[  514.536699][T10178] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  514.546263][T10178] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  514.555910][T10178] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  514.782941][T10186] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1183'.
[  514.834977][T10183] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1183'.
[  516.245106][T10208] 9pnet_fd: Insufficient options for proto=fd
[  516.851868][T10217] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1191'.
[  516.862231][T10217] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1191'.
[  516.923313][T10214] binder: 10213:10214 ioctl c0306201 200000000040 returned -22
[  518.601526][T10234] overlayfs: missing 'workdir'
[  518.647556][T10234] bridge3: entered promiscuous mode
[  518.652885][T10234] bridge3: entered allmulticast mode
[  518.912564][T10237] netlink: 47 bytes leftover after parsing attributes in process `syz.2.1199'.
[  520.044190][T10250] 9pnet_fd: Insufficient options for proto=fd
[  520.843917][ T5884] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  521.070573][   T30] audit: type=1800 audit(1751166735.282:34): pid=10255 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.5.1203" name="bus" dev="overlay" ino=746 res=0 errno=0
[  521.175382][ T5884] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  521.290395][ T5884] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  521.400427][ T5884] usb 3-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  521.519821][ T5884] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  521.627798][ T5884] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  521.806673][ T5884] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  521.862042][ T5884] usb 3-1: invalid MIDI out EP 0
[  522.009331][T10263] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1204'.
[  522.076868][ T9768] udevd[9768]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  522.094424][ T5884] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -22
[  522.116799][ T5884] usb 3-1: USB disconnect, device number 33
[  523.230954][T10252] Bluetooth: MGMT ver 1.23
[  524.463700][   T30] audit: type=1800 audit(1751166738.782:35): pid=10278 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1210" name="bus" dev="overlay" ino=1481 res=0 errno=0
[  524.752472][T10287] 9pnet_fd: Insufficient options for proto=fd
[  525.571326][T10296] netlink: 47 bytes leftover after parsing attributes in process `syz.1.1216'.
[  525.647034][T10300] overlayfs: missing 'workdir'
[  525.715691][T10301] bridge4: entered promiscuous mode
[  525.721097][T10301] bridge4: entered allmulticast mode
[  526.650795][T10310] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1220'.
[  527.292978][T10310] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1220'.
[  527.770179][T10322] binder: 10317:10322 ioctl c0306201 200000000040 returned -22
[  528.678896][T10328] binder: 10325:10328 ioctl c018620c 200000000000 returned -1
[  529.271738][T10332] ip6gre1: entered promiscuous mode
[  529.296938][T10332] ip6gre1: entered allmulticast mode
[  530.825698][T10359] binder: 10350:10359 ioctl c0306201 200000000040 returned -22
[  531.141809][T10358] overlayfs: missing 'workdir'
[  531.168396][T10360] bridge6: entered promiscuous mode
[  531.174107][T10360] bridge6: entered allmulticast mode
[  531.343962][ T5826] Bluetooth: hci2: command 0x0406 tx timeout
[  532.403840][   T30] audit: type=1800 audit(1751166746.062:36): pid=10369 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.1233" name="bus" dev="overlay" ino=1414 res=0 errno=0
[  532.517916][ T5935] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  532.525096][   T30] audit: type=1326 audit(1751166746.852:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10365 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f379e18e929 code=0x7ffc0000
[  532.548947][T10371] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1235'.
[  532.558018][   T30] audit: type=1326 audit(1751166746.852:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10365 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f379e18e929 code=0x7ffc0000
[  532.558065][   T30] audit: type=1326 audit(1751166746.872:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10365 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f379e18e929 code=0x7ffc0000
[  532.558104][   T30] audit: type=1326 audit(1751166746.872:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10365 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f379e18e929 code=0x7ffc0000
[  532.558143][   T30] audit: type=1326 audit(1751166746.872:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10365 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f379e18e929 code=0x7ffc0000
[  532.558181][   T30] audit: type=1326 audit(1751166746.872:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10365 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f379e18e929 code=0x7ffc0000
[  532.558217][   T30] audit: type=1326 audit(1751166746.872:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10365 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f379e18e929 code=0x7ffc0000
[  532.558254][   T30] audit: type=1326 audit(1751166746.872:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10365 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f379e18e929 code=0x7ffc0000
[  532.558292][   T30] audit: type=1326 audit(1751166746.872:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10365 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f379e18e929 code=0x7ffc0000
[  532.821585][ T5935] hid-generic 0000:0000:0000.0013: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  533.061022][T10379] binder: 10377:10379 ioctl c018620c 200000000000 returned -1
[  533.655191][T10383] use of bytesused == 0 is deprecated and will be removed in the future,
[  533.664028][T10383] use the actual size instead.
[  534.085184][T10376] fido_id[10376]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  534.160638][T10386] FAULT_INJECTION: forcing a failure.
[  534.160638][T10386] name failslab, interval 1, probability 0, space 0, times 0
[  534.176132][T10386] CPU: 0 UID: 0 PID: 10386 Comm: syz.1.1238 Not tainted 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(full) 
[  534.176147][T10386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  534.176154][T10386] Call Trace:
[  534.176159][T10386]  <TASK>
[  534.176164][T10386]  dump_stack_lvl+0x189/0x250
[  534.176184][T10386]  ? __pfx____ratelimit+0x10/0x10
[  534.176199][T10386]  ? __pfx_dump_stack_lvl+0x10/0x10
[  534.176213][T10386]  ? __pfx__printk+0x10/0x10
[  534.176226][T10386]  ? __pfx___might_resched+0x10/0x10
[  534.176239][T10386]  ? fs_reclaim_acquire+0x7d/0x100
[  534.176255][T10386]  should_fail_ex+0x414/0x560
[  534.176269][T10386]  should_failslab+0xa8/0x100
[  534.176283][T10386]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  534.176295][T10386]  ? __d_alloc+0x31/0x6f0
[  534.176308][T10386]  ? __lock_acquire+0xab9/0xd20
[  534.176323][T10386]  __d_alloc+0x31/0x6f0
[  534.176339][T10386]  d_alloc_pseudo+0x1f/0xb0
[  534.176354][T10386]  alloc_file_pseudo+0xcc/0x210
[  534.176369][T10386]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  534.176382][T10386]  ? do_raw_spin_unlock+0x122/0x240
[  534.176394][T10386]  ? _raw_spin_unlock+0x28/0x50
[  534.176410][T10386]  sock_alloc_file+0xb8/0x2e0
[  534.176423][T10386]  ? __sys_socket+0x12c/0x1b0
[  534.176437][T10386]  __sys_socket+0x13d/0x1b0
[  534.176453][T10386]  __x64_sys_socket+0x7a/0x90
[  534.176467][T10386]  do_syscall_64+0xfa/0x3b0
[  534.176480][T10386]  ? lockdep_hardirqs_on+0x9c/0x150
[  534.176492][T10386]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.176508][T10386]  ? clear_bhb_loop+0x60/0xb0
[  534.176520][T10386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.176530][T10386] RIP: 0033:0x7f379e190847
[  534.176540][T10386] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  534.176549][T10386] RSP: 002b:00007f379ef14fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  534.176560][T10386] RAX: ffffffffffffffda RBX: 00007f379e3b5fa0 RCX: 00007f379e190847
[  534.176567][T10386] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  534.176573][T10386] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  534.176579][T10386] R10: 00002000000004c0 R11: 0000000000000286 R12: 0000000000000001
[  534.176586][T10386] R13: 0000000000000000 R14: 00007f379e3b5fa0 R15: 00007ffff0f198d8
[  534.176601][T10386]  </TASK>
[  534.630875][T10389] FAULT_INJECTION: forcing a failure.
[  534.630875][T10389] name failslab, interval 1, probability 0, space 0, times 0
[  534.643861][T10389] CPU: 1 UID: 0 PID: 10389 Comm: syz.4.1239 Not tainted 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(full) 
[  534.643886][T10389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  534.643897][T10389] Call Trace:
[  534.643904][T10389]  <TASK>
[  534.643913][T10389]  dump_stack_lvl+0x189/0x250
[  534.643941][T10389]  ? __pfx____ratelimit+0x10/0x10
[  534.643964][T10389]  ? __pfx_dump_stack_lvl+0x10/0x10
[  534.643988][T10389]  ? __pfx__printk+0x10/0x10
[  534.644008][T10389]  ? __pfx___might_resched+0x10/0x10
[  534.644031][T10389]  ? fs_reclaim_acquire+0x7d/0x100
[  534.644059][T10389]  should_fail_ex+0x414/0x560
[  534.644084][T10389]  should_failslab+0xa8/0x100
[  534.644107][T10389]  __kmalloc_noprof+0xcb/0x4f0
[  534.644126][T10389]  ? tomoyo_encode+0x28b/0x550
[  534.644153][T10389]  tomoyo_encode+0x28b/0x550
[  534.644182][T10389]  tomoyo_realpath_from_path+0x58d/0x5d0
[  534.644215][T10389]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  534.644236][T10389]  tomoyo_path_number_perm+0x1e8/0x5a0
[  534.644259][T10389]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  534.644279][T10389]  ? __pfx___schedule+0x10/0x10
[  534.644315][T10389]  ? __lock_acquire+0xab9/0xd20
[  534.644358][T10389]  ? __fget_files+0x2a/0x420
[  534.644382][T10389]  ? __fget_files+0x2a/0x420
[  534.644402][T10389]  ? __fget_files+0x3a0/0x420
[  534.644421][T10389]  ? __fget_files+0x2a/0x420
[  534.644453][T10389]  security_file_ioctl+0xcb/0x2d0
[  534.644477][T10389]  __se_sys_ioctl+0x47/0x170
[  534.644498][T10389]  do_syscall_64+0xfa/0x3b0
[  534.644522][T10389]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.644538][T10389]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  534.644555][T10389]  ? clear_bhb_loop+0x60/0xb0
[  534.644576][T10389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.644593][T10389] RIP: 0033:0x7fb1e098e929
[  534.644610][T10389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  534.644624][T10389] RSP: 002b:00007fb1e1731038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  534.644643][T10389] RAX: ffffffffffffffda RBX: 00007fb1e0bb6160 RCX: 00007fb1e098e929
[  534.644657][T10389] RDX: 0000200000000180 RSI: 0000000040345410 RDI: 0000000000000005
[  534.644668][T10389] RBP: 00007fb1e1731090 R08: 0000000000000000 R09: 0000000000000000
[  534.644679][T10389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  534.644690][T10389] R13: 0000000000000000 R14: 00007fb1e0bb6160 R15: 00007ffc86393ee8
[  534.644719][T10389]  </TASK>
[  534.644820][T10389] ERROR: Out of memory at tomoyo_realpath_from_path.
[  536.058997][T10404] overlayfs: missing 'workdir'
[  536.103977][T10404] bridge4: entered promiscuous mode
[  536.109226][T10404] bridge4: entered allmulticast mode
[  537.472011][T10422] binder: 10416:10422 ioctl c0306201 200000000040 returned -22
[  537.480954][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  537.480991][   T30] audit: type=1800 audit(1751166751.752:48): pid=10419 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.5.1247" name="bus" dev="overlay" ino=800 res=0 errno=0
[  538.702235][T10424] binder: 10423:10424 ioctl c018620c 200000000000 returned -1
[  539.255657][T10430] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  539.414060][T10439] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1255'.
[  541.611479][T10475] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  541.710452][ T5884] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  542.016627][T10472] binder: 10471:10472 ioctl c018620c 200000000000 returned -1
[  542.064068][ T5884] usb 3-1: device descriptor read/64, error -71
[  542.130665][T10487] bridge_slave_0: left allmulticast mode
[  542.152209][T10487] bridge_slave_0: left promiscuous mode
[  542.183389][T10487] bridge0: port 1(bridge_slave_0) entered disabled state
[  542.225641][T10487] bridge_slave_1: left allmulticast mode
[  542.232153][T10487] bridge_slave_1: left promiscuous mode
[  542.259793][T10487] bridge0: port 2(bridge_slave_1) entered disabled state
[  542.301609][T10487] bond0: (slave bond_slave_0): Releasing backup interface
[  542.309007][ T5884] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  542.344434][T10487] bond0: (slave bond_slave_1): Releasing backup interface
[  542.419990][T10487] team0: Port device team_slave_0 removed
[  542.455676][ T5884] usb 3-1: device descriptor read/64, error -71
[  542.472331][T10487] team0: Port device team_slave_1 removed
[  542.481942][T10487] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  542.491192][T10498] netlink: 47 bytes leftover after parsing attributes in process `syz.5.1274'.
[  542.500408][T10487] batman_adv: batadv0: Removing interface: batadv_slave_0
[  542.509509][T10487] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  542.517578][T10487] batman_adv: batadv0: Removing interface: batadv_slave_1
[  542.572244][ T5884] usb usb3-port1: attempt power cycle
[  543.065210][ T5884] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  543.136485][ T5884] usb 3-1: device descriptor read/8, error -71
[  543.635763][T10511] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  544.328934][T10517] binder: 10506:10517 ioctl c0306201 200000000040 returned -22
[  544.488758][ T5884] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  544.668138][ T5884] usb 3-1: device descriptor read/8, error -71
[  545.082970][ T5884] usb usb3-port1: unable to enumerate USB device
[  545.804011][T10523] binder: 10522:10523 ioctl c018620c 200000000000 returned -1
[  545.907283][T10536] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  545.925064][T10536] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  546.079727][T10539] binder: 10538:10539 ioctl c018620c 200000000000 returned -1
[  546.278027][ T5884] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  546.599475][   T30] audit: type=1800 audit(1751166760.652:49): pid=10547 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1286" name="bus" dev="overlay" ino=1591 res=0 errno=0
[  546.721702][ T5884] usb 6-1: device descriptor read/64, error -71
[  547.123988][ T5884] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  547.515397][ T5884] usb 6-1: device descriptor read/64, error -71
[  547.625611][ T5884] usb usb6-port1: attempt power cycle
[  547.860705][T10560] netlink: 'syz.2.1294': attribute type 5 has an invalid length.
[  548.055570][ T5884] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  548.128035][T10570] binder: 10568:10570 ioctl c018620c 200000000000 returned -1
[  548.317259][ T5884] usb 6-1: device descriptor read/8, error -71
[  548.633856][ T5884] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  548.664793][ T5884] usb 6-1: device descriptor read/8, error -71
[  548.885953][ T5884] usb usb6-port1: unable to enumerate USB device
[  549.071456][T10581] 9pnet_fd: Insufficient options for proto=fd
[  550.698579][T10600] 9pnet_fd: Insufficient options for proto=fd
[  551.726798][T10606] netlink: 47 bytes leftover after parsing attributes in process `syz.5.1307'.
[  553.181931][T10622] overlayfs: missing 'workdir'
[  553.188775][T10618] binder: 10615:10618 ioctl c018620c 200000000000 returned -1
[  553.218000][T10622] bridge5: entered promiscuous mode
[  553.223219][T10622] bridge5: entered allmulticast mode
[  554.438423][T10635] 9pnet_fd: Insufficient options for proto=fd
[  554.984878][T10636] ubi: mtd0 is already attached to ubi31
[  557.604086][   T30] audit: type=1800 audit(1751166771.932:50): pid=10660 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1324" name="bus" dev="overlay" ino=1646 res=0 errno=0
[  558.494769][T10662] netlink: 47 bytes leftover after parsing attributes in process `syz.5.1326'.
[  559.047488][T10667] netlink: 47 bytes leftover after parsing attributes in process `syz.1.1327'.
[  559.228212][T10676] 9pnet_fd: Insufficient options for proto=fd
[  560.147618][T10684] binder: 10675:10684 ioctl c018620c 200000000000 returned -1
[  560.801750][   T30] audit: type=1800 audit(1751166775.122:51): pid=10683 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.1331" name="bus" dev="overlay" ino=1462 res=0 errno=0
[  562.344176][T10705] program syz.4.1337 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  562.875897][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  562.882380][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  563.002683][ T5892] usb 4-1: new full-speed USB device number 46 using dummy_hcd
[  563.155348][ T5892] usb 4-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  563.344649][ T5892] usb 4-1: config 1 interface 0 has no altsetting 0
[  563.526530][T10723] 9pnet_fd: Insufficient options for proto=fd
[  564.053325][ T5892] usb 4-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40
[  564.080616][ T5892] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  564.249635][ T5892] usb 4-1: Product: syz
[  564.254591][ T5892] usb 4-1: Manufacturer: syz
[  564.259277][ T5892] usb 4-1: SerialNumber: syz
[  565.878585][ T5892] usb 4-1: can't set config #1, error -71
[  565.902919][ T5892] usb 4-1: USB disconnect, device number 46
[  566.048536][    T9] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[  566.061725][    T9] hid-generic 0000:0000:0000.0014: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  566.103317][T10742] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1348'.
[  567.194938][T10762] 9pnet_fd: Insufficient options for proto=fd
[  567.451159][T10771] netlink: 47 bytes leftover after parsing attributes in process `syz.3.1358'.
[  569.308281][T10789] netlink: 47 bytes leftover after parsing attributes in process `syz.2.1361'.
[  569.945114][T10795] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1362'.
[  571.589896][   T30] audit: type=1800 audit(1751166785.062:52): pid=10813 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.1368" name="bus" dev="overlay" ino=1564 res=0 errno=0
[  572.102996][T10821] 9pnet_fd: Insufficient options for proto=fd
[  574.132788][ T5892] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  574.306058][ T5892] usb 2-1: config 1 interface 0 has no altsetting 0
[  574.315476][ T5892] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice= 0.40
[  574.325056][ T5892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  574.336494][ T5892] usb 2-1: Product: syz
[  574.345002][ T5892] usb 2-1: Manufacturer: syz
[  574.355114][ T5892] usb 2-1: SerialNumber: syz
[  574.621171][ T8705] batman_adv: batadv1: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1
[  574.978256][T10831] bridge_slave_0: left allmulticast mode
[  574.984793][T10831] bridge_slave_0: left promiscuous mode
[  574.990730][T10831] bridge0: port 1(bridge_slave_0) entered disabled state
[  575.011265][T10831] bridge_slave_1: left allmulticast mode
[  575.019505][T10831] bridge_slave_1: left promiscuous mode
[  575.029813][T10831] bridge0: port 2(bridge_slave_1) entered disabled state
[  575.170933][T10831] bond0: (slave bond_slave_0): Releasing backup interface
[  575.833431][T10831] bond0: (slave bond_slave_1): Releasing backup interface
[  576.943994][   T30] audit: type=1800 audit(1751166790.472:53): pid=10852 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.1380" name="bus" dev="overlay" ino=1585 res=0 errno=0
[  576.994257][T10831] team0: Port device C removed
[  577.121770][T10854] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  577.159370][T10831] team0: Port device team_slave_1 removed
[  577.168498][T10831] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  577.178280][T10831] batman_adv: batadv0: Removing interface: batadv_slave_0
[  577.211290][T10831] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  577.218987][T10831] batman_adv: batadv0: Removing interface: batadv_slave_1
[  578.410094][ T5892] usbhid 2-1:1.0: can't add hid device: -71
[  578.474225][ T5892] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  581.370974][ T5892] usb 2-1: USB disconnect, device number 20
[  582.440934][T10879] 9pnet_fd: Insufficient options for proto=fd
[  583.174838][T10877] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  584.637370][T10901] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1396'.
[  584.665954][ T5892] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  584.714405][    T9] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  584.734809][ T5892] hid-generic 0000:0000:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  584.916069][    T9] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  584.940614][T10907] ubi: mtd0 is already attached to ubi31
[  585.016763][    T9] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  585.066847][    T9] usb 4-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  585.099710][    T9] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  585.143558][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  586.689401][    T9] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  588.371224][    T9] usb 4-1: invalid MIDI out EP 0
[  589.687965][    T9] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22
[  589.814184][T10922] 9pnet_fd: Insufficient options for proto=fd
[  590.706895][    T9] usb 4-1: USB disconnect, device number 47
[  590.868603][T10927] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1404'.
[  590.927628][T10927] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  590.967331][ T9081] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0
[  590.991614][T10931] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1406'.
[  591.021879][ T9081] hid-generic 0000:0000:0000.0016: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  591.677438][T10939] syz_tun: entered allmulticast mode
[  591.871162][T10937] syz_tun: left allmulticast mode
[  591.946522][T10936] fido_id[10936]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  592.201046][T10944] FAULT_INJECTION: forcing a failure.
[  592.201046][T10944] name failslab, interval 1, probability 0, space 0, times 0
[  592.235913][T10944] CPU: 1 UID: 0 PID: 10944 Comm: syz.4.1410 Not tainted 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(full) 
[  592.235941][T10944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  592.235953][T10944] Call Trace:
[  592.235960][T10944]  <TASK>
[  592.235969][T10944]  dump_stack_lvl+0x189/0x250
[  592.235997][T10944]  ? __pfx____ratelimit+0x10/0x10
[  592.236021][T10944]  ? __pfx_dump_stack_lvl+0x10/0x10
[  592.236044][T10944]  ? __pfx__printk+0x10/0x10
[  592.236069][T10944]  ? __pfx___might_resched+0x10/0x10
[  592.236097][T10944]  should_fail_ex+0x414/0x560
[  592.236124][T10944]  should_failslab+0xa8/0x100
[  592.236147][T10944]  __kmalloc_cache_noprof+0x70/0x3d0
[  592.236167][T10944]  ? subflow_ulp_init+0xd0/0x5c0
[  592.236191][T10944]  subflow_ulp_init+0xd0/0x5c0
[  592.236209][T10944]  ? tcp_set_ulp+0xb1/0x5f0
[  592.236232][T10944]  tcp_set_ulp+0x53c/0x5f0
[  592.236255][T10944]  mptcp_subflow_create_socket+0x5c5/0xb40
[  592.236283][T10944]  ? __pfx_mptcp_subflow_create_socket+0x10/0x10
[  592.236306][T10944]  ? __pfx_smk_ipv4_check+0x10/0x10
[  592.236334][T10944]  __mptcp_nmpc_sk+0x148/0x750
[  592.236354][T10944]  ? tomoyo_check_inet_address+0x667/0x8c0
[  592.236377][T10944]  ? __pfx___mptcp_nmpc_sk+0x10/0x10
[  592.236396][T10944]  ? tomoyo_check_inet_address+0x275/0x8c0
[  592.236419][T10944]  ? look_up_lock_class+0x74/0x170
[  592.236448][T10944]  mptcp_connect+0x70/0xc10
[  592.236477][T10944]  __inet_stream_connect+0x298/0xf10
[  592.236519][T10944]  ? __local_bh_enable_ip+0x12d/0x1c0
[  592.236542][T10944]  ? __pfx___inet_stream_connect+0x10/0x10
[  592.236567][T10944]  ? __local_bh_enable_ip+0x12d/0x1c0
[  592.236589][T10944]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  592.236624][T10944]  inet_stream_connect+0x66/0xa0
[  592.236651][T10944]  __sys_connect+0x316/0x440
[  592.236669][T10944]  ? __fget_files+0x3a0/0x420
[  592.236691][T10944]  ? __pfx___sys_connect+0x10/0x10
[  592.236723][T10944]  ? __pfx_ksys_write+0x10/0x10
[  592.236739][T10944]  ? rcu_is_watching+0x15/0xb0
[  592.236771][T10944]  __x64_sys_connect+0x7a/0x90
[  592.236790][T10944]  do_syscall_64+0xfa/0x3b0
[  592.236811][T10944]  ? lockdep_hardirqs_on+0x9c/0x150
[  592.236832][T10944]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.236849][T10944]  ? clear_bhb_loop+0x60/0xb0
[  592.236871][T10944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.236888][T10944] RIP: 0033:0x7fb1e098e929
[  592.236904][T10944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  592.236919][T10944] RSP: 002b:00007fb1e1773038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  592.236938][T10944] RAX: ffffffffffffffda RBX: 00007fb1e0bb5fa0 RCX: 00007fb1e098e929
[  592.236952][T10944] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000008
[  592.236963][T10944] RBP: 00007fb1e1773090 R08: 0000000000000000 R09: 0000000000000000
[  592.236974][T10944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  592.236985][T10944] R13: 0000000000000000 R14: 00007fb1e0bb5fa0 R15: 00007ffc86393ee8
[  592.237015][T10944]  </TASK>
[  592.541319][    C1] vkms_vblank_simulate: vblank timer overrun
[  593.514175][T10964] 9pnet_fd: Insufficient options for proto=fd
[  595.352108][   T30] audit: type=1800 audit(1751166809.672:54): pid=10973 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.1418" name="bus" dev="overlay" ino=1559 res=0 errno=0
[  595.751820][T10970] netlink: 248 bytes leftover after parsing attributes in process `syz.2.1416'.
[  595.806040][T10970] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1416'.
[  595.992431][T10983] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1421'.
[  596.017097][ T9081] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[  596.023866][T10983] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  596.051407][ T9081] hid-generic 0000:0000:0000.0017: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  596.161462][T10985] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1422'.
[  596.214050][    T9] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  596.413636][    T9] usb 4-1: config 0 has an invalid interface number: 33 but max is 0
[  596.469770][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  596.568680][    T9] usb 4-1: config 0 has no interface number 0
[  596.653567][    T9] usb 4-1: config 0 interface 33 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1023
[  596.806452][    T9] usb 4-1: config 0 interface 33 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  596.889065][    T9] usb 4-1: New USB device found, idVendor=2040, idProduct=4901, bcdDevice=68.64
[  597.019239][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  597.029091][    T9] usb 4-1: Product: syz
[  597.034859][    T9] usb 4-1: Manufacturer: syz
[  597.039560][    T9] usb 4-1: SerialNumber: syz
[  597.863952][   T30] audit: type=1800 audit(1751166811.482:55): pid=11003 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.1425" name="bus" dev="overlay" ino=1631 res=0 errno=0
[  598.026870][    T9] usb 4-1: config 0 descriptor??
[  598.033918][T10982] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  598.044756][    T9] hdpvr 4-1:0.33: Could not find bulk-in endpoint
[  598.051367][    T9] hdpvr 4-1:0.33: probe with driver hdpvr failed with error -12
[  598.403466][T11012] 9pnet_fd: Insufficient options for proto=fd
[  598.923258][ T5935] usb 4-1: USB disconnect, device number 48
[  598.981474][T11017] overlayfs: missing 'workdir'
[  601.895572][   T30] audit: type=1800 audit(1751166816.222:56): pid=11036 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1435" name="bus" dev="overlay" ino=1788 res=0 errno=0
[  602.736883][ T5919] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0
[  602.753570][T11043] openvswitch: netlink: Message has 8 unknown bytes.
[  602.765134][ T5919] hid-generic 0000:0000:0000.0018: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  602.800488][T11042] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1437'.
[  604.926322][T11058] binder: 11054:11058 ioctl c018620c 200000000000 returned -1
[  605.116190][T11063] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  606.123107][   T30] audit: type=1800 audit(1751166819.622:57): pid=11068 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.1444" name="bus" dev="overlay" ino=1661 res=0 errno=0
[  607.394031][   T30] audit: type=1800 audit(1751166820.842:58): pid=11074 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.1447" name="bus" dev="overlay" ino=1649 res=0 errno=0
[  608.514143][T11084] openvswitch: netlink: Message has 8 unknown bytes.
[  608.739673][   T30] audit: type=1800 audit(1751166823.002:59): pid=11087 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.1449" name="bus" dev="overlay" ino=1663 res=0 errno=0
[  609.428497][ T5877] hid-generic 0000:0000:0000.0019: unknown main item tag 0x0
[  609.437901][ T5877] hid-generic 0000:0000:0000.0019: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  609.449956][T11091] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1452'.
[  610.383318][T11093] fido_id[11093]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  611.465400][T11108] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1457'.
[  611.500288][T11108] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1457'.
[  611.641274][T11112] loop4: detected capacity change from 0 to 7
[  611.660904][T11112]  loop4: [POWERTEC] p1 p2 p3 p4 p5
[  611.668432][T11112] loop4: p1 start 1600481121 is beyond EOD, truncated
[  611.678301][T11112] loop4: p2 size 1346830336 extends beyond EOD, truncated
[  611.685406][T11113] xt_hashlimit: size too large, truncated to 1048576
[  611.691833][T11112] loop4: p3 start 1572963 is beyond EOD, truncated
[  611.699253][T11112] loop4: p4 start 1536 is beyond EOD, truncated
[  611.705969][T11112] loop4: p5 start 12 is beyond EOD, truncated
[  611.784301][T11108] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1457'.
[  611.818030][T11116] overlayfs: missing 'workdir'
[  612.078527][ T9775] udevd[9775]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  612.581390][T11126] openvswitch: netlink: Message has 8 unknown bytes.
[  612.715003][T11117] bridge7: entered promiscuous mode
[  612.747567][T11117] bridge7: entered allmulticast mode
[  612.800748][T11132] overlayfs: missing 'workdir'
[  612.877297][T11132] bridge4: entered promiscuous mode
[  612.921879][T11132] bridge4: entered allmulticast mode
[  613.215341][   T24] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0
[  613.570071][   T24] hid-generic 0000:0000:0000.001A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  613.591036][T11137] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1466'.
[  614.748746][T11143] fido_id[11143]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  616.707680][T11175] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1477'.
[  618.444273][T11188] openvswitch: netlink: Missing valid actions attribute.
[  618.451406][T11188] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  618.480049][   T30] audit: type=1326 audit(1751166832.802:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11182 comm="syz.3.1479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3e4932ab19 code=0x7ffc0000
[  618.533217][   T30] audit: type=1326 audit(1751166832.802:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11182 comm="syz.3.1479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4938e929 code=0x7ffc0000
[  618.570763][   T30] audit: type=1326 audit(1751166832.802:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11182 comm="syz.3.1479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3e4932ab19 code=0x7ffc0000
[  618.592576][   T30] audit: type=1326 audit(1751166832.802:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11182 comm="syz.3.1479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3e4932ab19 code=0x7ffc0000
[  618.718012][   T30] audit: type=1326 audit(1751166832.802:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11182 comm="syz.3.1479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3e4932ab19 code=0x7ffc0000
[  618.744444][   T30] audit: type=1326 audit(1751166832.802:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11182 comm="syz.3.1479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4938e929 code=0x7ffc0000
[  618.767466][   T30] audit: type=1326 audit(1751166832.822:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11182 comm="syz.3.1479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3e4932ab19 code=0x7ffc0000
[  618.790436][   T30] audit: type=1326 audit(1751166832.822:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11182 comm="syz.3.1479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4938e929 code=0x7ffc0000
[  618.822740][   T30] audit: type=1326 audit(1751166832.822:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11182 comm="syz.3.1479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3e4932ab19 code=0x7ffc0000
[  618.844503][   T30] audit: type=1326 audit(1751166832.822:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11182 comm="syz.3.1479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4938e929 code=0x7ffc0000
[  622.170062][T11233] openvswitch: netlink: Missing valid actions attribute.
[  622.958802][T11233] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  623.283630][T11235] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  624.301680][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  624.728875][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  628.081341][T11268] openvswitch: netlink: Missing valid actions attribute.
[  628.081591][T11268] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  629.923868][   T24] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  630.073962][ T5877] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  630.135734][   T24] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  630.144025][   T24] usb 3-1: config 0 has no interface number 0
[  630.150178][   T24] usb 3-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e
[  630.181554][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  630.237807][   T24] usb 3-1: config 0 descriptor??
[  630.276237][ T5877] usb 5-1: config 0 has an invalid interface number: 33 but max is 0
[  630.292520][   T24] usb 3-1: bad CDC descriptors
[  630.326707][ T5877] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  630.404656][ T5877] usb 5-1: config 0 has no interface number 0
[  630.440777][ T5877] usb 5-1: config 0 interface 33 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1023
[  630.672811][ T5877] usb 5-1: config 0 interface 33 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  630.861025][    T9] usb 3-1: USB disconnect, device number 38
[  631.021995][ T5877] usb 5-1: New USB device found, idVendor=2040, idProduct=4901, bcdDevice=68.64
[  631.040468][ T5877] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  631.077716][ T5877] usb 5-1: Product: syz
[  631.090820][ T5877] usb 5-1: Manufacturer: syz
[  631.104312][ T5877] usb 5-1: SerialNumber: syz
[  631.125480][   T24] usb 6-1: new full-speed USB device number 14 using dummy_hcd
[  631.221521][ T5877] usb 5-1: config 0 descriptor??
[  631.251143][T11289] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  631.271952][T11304] openvswitch: netlink: EtherType 0 is less than min 600
[  631.320759][ T5877] hdpvr 5-1:0.33: Could not find bulk-in endpoint
[  631.359816][ T5877] hdpvr 5-1:0.33: probe with driver hdpvr failed with error -12
[  631.544517][T11308] binder: 11305:11308 ioctl c0306201 200000000040 returned -22
[  632.870146][ T5877] usb 5-1: USB disconnect, device number 41
[  633.344424][   T24] usb 6-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  633.576084][   T24] usb 6-1: config 1 interface 0 has no altsetting 0
[  634.007485][   T24] usb 6-1: string descriptor 0 read error: -71
[  634.037098][   T24] usb 6-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40
[  634.121973][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  634.192551][   T24] usb 6-1: can't set config #1, error -71
[  634.231276][   T24] usb 6-1: USB disconnect, device number 14
[  634.770847][T11310] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  635.713196][   T30] kauditd_printk_skb: 90 callbacks suppressed
[  635.713214][   T30] audit: type=1326 audit(1751166850.032:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11333 comm="syz.5.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60cb78e929 code=0x7ffc0000
[  635.940085][   T30] audit: type=1326 audit(1751166850.072:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11333 comm="syz.5.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f60cb78e929 code=0x7ffc0000
[  636.143882][   T30] audit: type=1326 audit(1751166850.072:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11333 comm="syz.5.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60cb78e929 code=0x7ffc0000
[  636.165520][    C0] vkms_vblank_simulate: vblank timer overrun
[  637.572589][ T9081] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  637.634588][   T30] audit: type=1326 audit(1751166850.082:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11333 comm="syz.5.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60cb78e929 code=0x7ffc0000
[  637.841900][   T30] audit: type=1326 audit(1751166850.082:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11333 comm="syz.5.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60cb78e929 code=0x7ffc0000
[  637.863576][    C0] vkms_vblank_simulate: vblank timer overrun
[  637.889348][T11351] ubi: mtd0 is already attached to ubi31
[  637.905809][ T9081] usb 3-1: Using ep0 maxpacket: 16
[  646.104053][   T30] audit: type=1326 audit(1751166850.082:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11333 comm="syz.5.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60cb78e52b code=0x7ffc0000
[  646.319403][ T9081] usb 3-1: unable to read config index 0 descriptor/start: -71
[  646.353844][   T30] audit: type=1326 audit(1751166850.082:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11333 comm="syz.5.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60cb78e52b code=0x7ffc0000
[  646.423843][ T9081] usb 3-1: can't read configurations, error -71
[  646.563989][   T30] audit: type=1326 audit(1751166850.082:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11333 comm="syz.5.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60cb78e52b code=0x7ffc0000
[  646.634673][T11360] Bluetooth: MGMT ver 1.23
[  646.689350][   T30] audit: type=1326 audit(1751166850.082:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11333 comm="syz.5.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60cb78e52b code=0x7ffc0000
[  646.778388][   T30] audit: type=1326 audit(1751166850.082:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11333 comm="syz.5.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60cb78e52b code=0x7ffc0000
[  647.446899][T11360] Process accounting resumed
[  647.801646][   T30] audit: type=1326 audit(1751166850.082:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11333 comm="syz.5.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60cb78e52b code=0x7ffc0000
[  648.063742][    C1] sched: DL replenish lagged too much
[  649.020533][   T30] audit: type=1326 audit(1751166850.082:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11333 comm="syz.5.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60cb78e52b code=0x7ffc0000
[  649.082129][   T30] audit: type=1326 audit(1751166850.082:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11333 comm="syz.5.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60cb78e52b code=0x7ffc0000
[  649.224188][   T30] audit: type=1326 audit(1751166850.082:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11333 comm="syz.5.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60cb78e52b code=0x7ffc0000
[  649.298139][   T30] audit: type=1326 audit(1751166850.082:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11333 comm="syz.5.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60cb78e52b code=0x7ffc0000
[  686.427958][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  687.208583][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  749.498840][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  749.520078][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  760.243739][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  760.250735][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P11369/1:b..l
[  760.259182][    C1] rcu: 	(detected by 1, t=10503 jiffies, g=42969, q=596 ncpus=2)
[  760.266932][    C1] task:syz.3.1537      state:R  running task     stack:24296 pid:11369 tgid:11366 ppid:5816   task_flags:0x40054c flags:0x00004000
[  760.281412][    C1] Call Trace:
[  760.284706][    C1]  <TASK>
[  760.287650][    C1]  __schedule+0x16a2/0x4cb0
[  760.292192][    C1]  ? preempt_schedule_irq+0xb5/0x150
[  760.297490][    C1]  ? __pfx___schedule+0x10/0x10
[  760.302328][    C1]  ? __lock_acquire+0xab9/0xd20
[  760.307174][    C1]  ? preempt_schedule_irq+0xaa/0x150
[  760.312441][    C1]  preempt_schedule_irq+0xb5/0x150
[  760.317530][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  760.323234][    C1]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  760.329019][    C1]  irqentry_exit+0x6f/0x90
[  760.333416][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  760.339372][    C1] RIP: 0010:unwind_next_frame+0x1883/0x2390
[  760.345247][    C1] Code: 20 ca 80 fa 01 0f 85 63 01 00 00 49 8d 4c 24 08 4c 39 e9 0f 86 55 01 00 00 48 39 c1 0f 87 4c 01 00 00 4c 3b a4 24 90 00 00 00 <4c> 8b 7c 24 48 0f 87 c9 00 00 00 49 8d 5e 28 48 89 d8 48 c1 e8 03
[  760.364829][    C1] RSP: 0018:ffffc9001b4a7178 EFLAGS: 00000202
[  760.370873][    C1] RAX: ffffc9001b4a8000 RBX: ffffc9001b4a7201 RCX: ffffc9001b4a7ef8
[  760.378823][    C1] RDX: ffffffff9032d701 RSI: 0000000000000000 RDI: ffffc9001b4a7250
[  760.386772][    C1] RBP: dffffc0000000000 R08: ffffc9001b4a72a7 R09: 0000000000000000
[  760.394719][    C1] R10: ffffc9001b4a7298 R11: fffff52003694e55 R12: ffffc9001b4a7ef0
[  760.402670][    C1] R13: ffffc9001b4a0000 R14: ffffc9001b4a7248 R15: ffffc9001b4a7258
[  760.410630][    C1]  ? unwind_next_frame+0xc98/0x2390
[  760.415814][    C1]  ? unwind_next_frame+0xa5/0x2390
[  760.420903][    C1]  ? exit_to_user_mode_loop+0x75/0x110
[  760.426340][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  760.432469][    C1]  arch_stack_walk+0x11c/0x150
[  760.437231][    C1]  ? do_syscall_64+0x2bd/0x3b0
[  760.441978][    C1]  stack_trace_save+0x9c/0xe0
[  760.446633][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  760.451983][    C1]  ? __lock_acquire+0xab9/0xd20
[  760.456812][    C1]  kasan_save_track+0x3e/0x80
[  760.461467][    C1]  ? kasan_save_track+0x3e/0x80
[  760.466291][    C1]  ? kasan_save_free_info+0x46/0x50
[  760.471470][    C1]  ? __kasan_slab_free+0x62/0x70
[  760.476381][    C1]  ? kmem_cache_free+0x18f/0x400
[  760.481295][    C1]  ? unlink_anon_vmas+0x614/0x670
[  760.486301][    C1]  ? free_pgtables+0x7bf/0xaf0
[  760.491045][    C1]  ? exit_mmap+0x444/0xb50
[  760.495435][    C1]  ? __mmput+0x118/0x420
[  760.499655][    C1]  ? exit_mm+0x1da/0x2c0
[  760.503871][    C1]  ? do_exit+0x648/0x22e0
[  760.508175][    C1]  ? do_group_exit+0x21c/0x2d0
[  760.512913][    C1]  ? get_signal+0x125e/0x1310
[  760.517569][    C1]  ? arch_do_signal_or_restart+0x9a/0x750
[  760.523267][    C1]  ? exit_to_user_mode_loop+0x75/0x110
[  760.528817][    C1]  ? unlink_anon_vmas+0x614/0x670
[  760.533819][    C1]  kasan_save_free_info+0x46/0x50
[  760.538823][    C1]  __kasan_slab_free+0x62/0x70
[  760.543565][    C1]  kmem_cache_free+0x18f/0x400
[  760.548317][    C1]  unlink_anon_vmas+0x614/0x670
[  760.553149][    C1]  free_pgtables+0x7bf/0xaf0
[  760.557757][    C1]  ? __pfx_free_pgtables+0x10/0x10
[  760.562875][    C1]  ? __pfx_down_write+0x10/0x10
[  760.567714][    C1]  ? __mas_set_range+0x12f/0x3c0
[  760.572648][    C1]  exit_mmap+0x444/0xb50
[  760.576893][    C1]  ? uprobe_clear_state+0x20f/0x290
[  760.582087][    C1]  ? __pfx_exit_mmap+0x10/0x10
[  760.586835][    C1]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  760.592467][    C1]  ? __pfx_exit_aio+0x10/0x10
[  760.597137][    C1]  ? uprobe_clear_state+0x274/0x290
[  760.602320][    C1]  ? mm_update_next_owner+0xa7/0x870
[  760.607584][    C1]  __mmput+0x118/0x420
[  760.611637][    C1]  exit_mm+0x1da/0x2c0
[  760.615686][    C1]  ? __pfx_exit_mm+0x10/0x10
[  760.620256][    C1]  ? rcu_is_watching+0x15/0xb0
[  760.625001][    C1]  do_exit+0x648/0x22e0
[  760.629137][    C1]  ? do_raw_spin_lock+0x121/0x290
[  760.634139][    C1]  ? __pfx_do_exit+0x10/0x10
[  760.638714][    C1]  do_group_exit+0x21c/0x2d0
[  760.643281][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  760.648465][    C1]  get_signal+0x125e/0x1310
[  760.652958][    C1]  arch_do_signal_or_restart+0x9a/0x750
[  760.658488][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  760.664630][    C1]  ? exit_to_user_mode_loop+0x40/0x110
[  760.670073][    C1]  exit_to_user_mode_loop+0x75/0x110
[  760.675339][    C1]  do_syscall_64+0x2bd/0x3b0
[  760.679913][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  760.685954][    C1]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  760.691562][    C1]  ? clear_bhb_loop+0x60/0xb0
[  760.696217][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  760.702087][    C1] RIP: 0033:0x7f3e4938e929
[  760.706482][    C1] RSP: 002b:00007f3e4a1cf0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  760.714873][    C1] RAX: fffffffffffffe00 RBX: 00007f3e495b6168 RCX: 00007f3e4938e929
[  760.722823][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3e495b6168
[  760.730774][    C1] RBP: 00007f3e495b6160 R08: 0000000000000000 R09: 0000000000000000
[  760.738721][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3e495b616c
[  760.746669][    C1] R13: 0000000000000000 R14: 00007ffe8abf3c60 R15: 00007ffe8abf3d48
[  760.754628][    C1]  </TASK>