last executing test programs:

18.263917682s ago: executing program 3 (id=612):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="120100002ec6601037210100352a010203010902120001000000000904"], 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x4081, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_usb_connect(0x3, 0x2d, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, 0x0, 0x10)
fcntl$notify(0xffffffffffffffff, 0x402, 0x8000003d)
r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x20000)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r2, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x4, 0x0, 0x0, 0x400000007fff, 0x3, 0x3e, 0xffffffeb, 0x294, 0x40, 0x0, 0x0, 0x8f2c, 0x38, 0x1, 0x0, 0x2}, [{0x3, 0xf97, 0x4, 0xd, 0x1cc, 0xe2, 0x1, 0x3}], "acfb3f051b91849846ec830e8fc0391036d324f1a13b7574e061825a8f5cf1f6fa11aedf8441af886914f68393e338af41d98f7ed031e6346889031d5273cfa7d0ec1641e7928743622c8b7f7bd2c007b08f3f"}, 0xcb)
close(r2)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd', @ANYRESOCT, @ANYBLOB=',rootmode=0000000000000000040000,u'])
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x0, 0x0, 0x80}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x8, 'syz1\x00', 0x0})
r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x16fa, 0x800, 0x4, 0x8}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x4, 0x0, 0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, 0x400, 0x1, {0x0, r6}})

16.772740661s ago: executing program 4 (id=614):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6906bb2b0eb2fe32d2f0048678cd35ef833c350900f95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb6000000000000", 0x87}, {&(0x7f0000000400)="029993440c7a1d95d3bb8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d082247558bef6b2b2cd6a0dffece1b36526e9388c344fb7ac429e434ccb0330483c0604aaf296d8218e240055cb92f17b1b47fd7b1b178ca0d1c470154ed985a179f87c9bc40206c86df9abc5", 0x6c}, {&(0x7f0000000180)="0c1928a7397d5f2e855cb2b0b1e61d3fe47dc3e798cf47cfdbf169e77257f308b400000000227094d569a4", 0x2b}, {&(0x7f0000000740)="c8605474ee573ad5ad5acedf22046d983c7964dad745eb7c8eb102c0d2b166382d3f325806513b1eb3fe7b135bfef85013c74b374f5892a7254e3405ebe8d6125ace8414fc44456c1c521ce19dae4a7f37f08f5e7b686c02967dfb02fa1ec528de641f95606c3be81b643b62d206a8aadea3d7663c32b159036bde2ee6fb0441c70bb0b0a46174f8387436eaeafa94aedef284393412f0239be8", 0x9a}], 0x4}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000000)="acc841985992b79554acfc02163bb0fb2bb293e68c02bb40b6b870bde5700d368744361ae9fce3", 0x27}, {&(0x7f0000000e80)="5be3b011e12323e4ab88c0472f0700000000000000e71ba6231f303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf646e72f8fe08c33a33b275787892f61fbb621794716f96031931b55af30fa01d72aa5a53ee4c07ab7c96a4a9ed93f4d20269982ab6feb22d8e77afb7b861622ab963b07f0026fd6424082bcd0864a854e542aacc3201fff776fe1c000000000000000000000000000000002da46e8a95bcead77a244256266fe952d151a841aaa0c9c727bf08c37869c70d6aed073d6bb9fb037a079b697f3ba963ba49b6aecdc3e839ae25d497b0e60408b8e0a9931aeb1be35eea2a22fa50d66a634804121bde6a4a2d7a23c08d8237aac90c577c24f4ec2949d9202659fe626262e0764eed651fe91d276cd8918ba1a079c716281613b127eca886d75e994a1b41314ff21f5a4fd8a7e55c65b2eebabf0db0268c53503bb309959c1c0b222c6fb8310e8f25e7c26e24baedcc72d41798c95c01626c311e9f1262dfa4dedd161672c578a7af36c8a95437f295e14a1e0c7245cb53f83cc7b4b9294bb13473331502b7735a955080f7c2fd79d3fe0de99505840905376e957c012fc4e4e0ea1c8db07ac01ae1e0e5c38a0963194a", 0x1f8}, {&(0x7f0000000d80)="bd2f6aa36cea0e4bccda9ad762e998d923018ec9f30d63c7059c3c786069915581888508ff589f82857ff546b23b88d6bd61f1efc982005bf6c9abc4fe2caf32ef3ff105b69346a4d09afd7b0b8bd5f8", 0x50}], 0x3}}], 0x2, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
r1 = open(&(0x7f0000000380)='./bus\x00', 0x143142, 0x91)
ftruncate(r1, 0x2007ffb)
sendfile(r1, r1, 0x0, 0x1000000201005)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x6d)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r3, 0xc0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440)=r4, 0x4)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001380)={0x6, 0x1c, &(0x7f0000001080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x6}, [@map_fd={0x18, 0xa}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @ldst={0x1, 0x3, 0x2, 0xa, 0x9, 0x18, 0xffffffffffffffff}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x3}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}]}, &(0x7f0000000980)='syzkaller\x00', 0x5, 0xf0, &(0x7f0000001280)=""/240, 0x41100, 0x22, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000d40)={0x4, 0xd, 0x71b017c3, 0x1}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000e00), &(0x7f0000000e40)=[{0x3, 0x5, 0x9, 0x8}, {0x5, 0x1, 0x6, 0xb}, {0x4, 0x1, 0x0, 0xb}], 0x10, 0x10000, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001440)={0x6, 0x1e, &(0x7f0000000b00)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}, {}, {}, [@tail_call, @tail_call, @alu={0x4, 0x0, 0x2, 0x7, 0x5, 0x40, 0xfffffffffffffff0}, @ldst={0x1, 0x3, 0x6, 0x2, 0x1, 0x8, 0xfffffffffffffffc}, @cb_func={0x18, 0x7, 0x4, 0x0, 0x5}, @jmp={0x5, 0x1, 0x0, 0x0, 0xa, 0x100, 0x8}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000640)='GPL\x00', 0x8, 0xa7, &(0x7f0000000c00)=""/167, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000700)={0x0, 0xa, 0x7, 0xfffffffa}, 0x10, r4, r5, 0x0, 0x0, 0x0, 0x10, 0xa, @void, @value}, 0x94)
r6 = socket$nl_route(0x10, 0x3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r7 = syz_open_procfs$pagemap(0x0, &(0x7f0000000180))
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f0000000000)={0x60, 0x0, &(0x7f000007c000/0x4000)=nil, &(0x7f0000839000/0x1000)=nil, 0x0, 0x0, 0x0, 0xc, 0x4b, 0x0, 0x6, 0x2e})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
sendmsg$nl_route(r6, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)=@ipv4_delrule={0x58, 0x21, 0x610, 0x70bd2c, 0x25dfdbfb, {0x2, 0x14, 0x80, 0x4, 0x8, 0x0, 0x0, 0x5, 0x10002}, [@FRA_SRC={0x8, 0x2, @local}, @FRA_DST={0x8, 0x1, @multicast1}, @FRA_SRC={0x8, 0x2, @multicast1}, @FRA_GENERIC_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e23, 0x4e20}}, @FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x6d7}, @FRA_DST={0x8, 0x1, @loopback}, @FRA_SRC={0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000004}, 0x40000800)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

15.43843817s ago: executing program 0 (id=617):
setxattr$system_posix_acl(0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = getpid()
r2 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x80, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r2, 0x3ba0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x42, 0x0)
io_setup(0x20, 0x0)
io_submit(0x0, 0x1, &(0x7f00000001c0)=[&(0x7f0000000d80)={0xf, 0x400000000000, 0x0, 0x1, 0x0, r5, &(0x7f0000000c40)='\r2', 0x2}])
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x0)
recvmmsg$unix(r7, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)
unlinkat(r5, &(0x7f0000000040)='./file0\x00', 0x200)

15.438056916s ago: executing program 2 (id=618):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, 0x0)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000000))
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, 0x0, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b95", 0x6d, 0xffffffffffffffff)
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000180)=0x6f)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
write$dsp(r2, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
syz_usb_connect(0x2, 0x24, 0x0, 0x0)

13.18347524s ago: executing program 0 (id=619):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r4, 0xc0f85403, &(0x7f0000000040)={{0x1, 0x0, 0x0, 0x3}, 0x0, 0x0, 'id1\x00', 'timer1\x00', 0x0, 0x81, 0x1, 0xffffffffffffd0c4, 0x10000000})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x33, &(0x7f0000000040)=0x2, 0x4)

10.306248317s ago: executing program 2 (id=620):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x0, 0x4002)
ioctl$LOOP_SET_FD(r1, 0x4c00, r0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x7, 0xffffffffffffff7f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x3a)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x80800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000002c0)=[0x0], &(0x7f0000000340), 0x0, 0x1, 0x0, 0x0, r5})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, 0x0)

8.963430995s ago: executing program 0 (id=621):
io_setup(0x10000, &(0x7f00000014c0))
r0 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000140)={0x1000000000004008, 0x7}, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000180)=0xffffffff)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000080)={0x1, r1})
socket$inet6(0xa, 0x2, 0x800)
r2 = syz_open_dev$vim2m(&(0x7f0000001240), 0x1, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000080)=0x1)
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000100)=0x1)
r3 = fsopen(&(0x7f0000000040)='btrfs\x00', 0x0)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r3, 0x4, &(0x7f00000000c0)='acl\x00', 0x0, 0xffffffffffffff9c)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@perf_event={0x4}}, 0x18)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0xfffffffd)
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r5})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000c40)={0x1, 0x0, [{0x0, 0xf3, &(0x7f00000008c0)=""/243}]})

8.736029853s ago: executing program 4 (id=622):
prctl$PR_GET_KEEPCAPS(0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x103, 0x1}, 0x20)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x5}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000001a007d11ac1984d080e100000a000000000000080000000008000400", @ANYRES32=0x0, @ANYBLOB="140005"], 0x38}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount(&(0x7f0000000000)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='xfs\x00', 0x0, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0], 0x2, 0x80000, 0x0, <r1=>0xffffffffffffffff})
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e23, 0x6, @private2={0xfc, 0x2, '\x00', 0x1}, 0x1}, 0x1c)

8.532522041s ago: executing program 3 (id=623):
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
inotify_init1(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000b40)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r2, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010129bd7c08fceddf251200000008000300", @ANYRES32=r4, @ANYBLOB="0a00060008021100000100000c0081000500010007000000"], 0x34}}, 0x0)
r5 = dup3(r0, r1, 0x0)
preadv(r5, &(0x7f0000000280)=[{&(0x7f0000000000)=""/24, 0x18}], 0x1, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
gettid()
mmap$IORING_OFF_SQ_RING(&(0x7f0000d9f000/0x4000)=nil, 0x4000, 0x200000f, 0xd1031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r7, 0x0, 0x0}, 0x10)
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
r9 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r9, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r9, 0xfffffffd)
r10 = accept4(r9, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r10, 0x84, 0xb, &(0x7f00000002c0)={0x3, 0x1, 0x2, 0xff, 0xa4, 0x0, 0x1, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2, 0x20}, 0xe)
ioctl$sock_inet6_tcp_SIOCINQ(r10, 0x541b, &(0x7f00000000c0))
sendmmsg$inet_sctp(r8, 0x0, 0x0, 0x4044040)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000200)='htcp\x00', 0x5)

7.910105713s ago: executing program 1 (id=624):
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x1, 0x1)
close(0x3)
r0 = epoll_create1(0x80000)
syz_emit_ethernet(0xae, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xffffffffffffff1a, &(0x7f0000000200)=0x400000bce)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYRESDEC=r1, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYBLOB="84289d55", @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r3, &(0x7f0000000300), &(0x7f0000000000)=""/10, 0x2}, 0x20)
r4 = io_uring_setup(0x371c, 0x0)
socket$netlink(0x10, 0x3, 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r4, 0x16, &(0x7f0000000740)={&(0x7f0000001000)}, 0x1)
capset(&(0x7f0000000000)={0x20080522}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
flock(0xffffffffffffffff, 0x8)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x80)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x22000, 0x0)
r6 = syz_open_pts(r5, 0x84081)
r7 = dup(r6)
ioctl$TCGETS(r6, 0x5401, &(0x7f0000000100))
ioctl$IOCTL_VMCI_VERSION2(r7, 0x7a7, &(0x7f0000000240)=0x80000)
futex(0xfffffffffffffffd, 0x6, 0x0, 0x0, 0x0, 0x0)
r8 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r8, &(0x7f00000005c0)={0x4})
r9 = socket$key(0xf, 0x3, 0x2)
dup3(r9, r8, 0x0)

7.237945704s ago: executing program 3 (id=625):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000003c0)='rcu_utilization\x00', r1}, 0x18)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
r3 = creat(&(0x7f0000000000)='./file0\x00', 0x84)
ioctl$SIOCGETMIFCNT_IN6(r3, 0x89e0, &(0x7f0000000180))
pread64(r3, 0x0, 0x0, 0x4)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x4e24, @empty}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = dup(0xffffffffffffffff)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000d40)=ANY=[@ANYBLOB="18000000b1a50000000000000000000085000000002020642500000000d4cb3772588e740ce06edd002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xa0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={0x0, r7}, 0x18)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000100000,user_i', @ANYRESDEC=0x0, @ANYBLOB=',group_id', @ANYRESDEC=0x0])
read$FUSE(r8, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='system.posix_acl_access\x00', 0x0, 0x3c, 0x3)
ioctl$TUNSETOWNER(r6, 0x400454cc, 0x0)
lsm_get_self_attr(0x64, 0x0, 0x0, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001600)=@mangle={'mangle\x00', 0x8, 0x6, 0x960, 0x770, 0x268, 0xf8, 0xf8, 0x470, 0x890, 0x890, 0x890, 0x890, 0x890, 0x6, 0x0, {[{{@uncond, 0x0, 0xd0, 0xf8, 0x0, {0x7a00000000000000}, [@inet=@rpfilter={{0x28}}]}, @HL={0x28}}, {{@ipv6={@dev, @loopback, [], [], 'pimreg0\x00', 'veth1_macvtap\x00'}, 0x0, 0x148, 0x170, 0x0, {0x5002}, [@common=@unspec=@physdev={{0x68}, {'veth0_to_team\x00', {}, 'netpci0\x00', {}, 0x14, 0x15}}, @common=@unspec=@connbytes={{0x38}}]}, @common=@unspec=@NFQUEUE1={0x28}}, {{@uncond, 0x0, 0x1e0, 0x208, 0x0, {}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @remote, @ipv4={'\x00', '\xff\xff', @loopback}, @mcast2, @local, @local, @local, @dev, @rand_addr=' \x01\x00', @private1, @mcast2, @dev, @private2, @private1, @mcast2, @loopback]}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x2d8, 0x300, 0x0, {}, [@common=@unspec=@bpf0={{0x230}}]}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@eui64={{0x28}}]}, @inet=@TOS={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x9c0)

7.014848478s ago: executing program 2 (id=626):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, 0x0)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000000))
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, 0x0, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b95", 0x6d, 0xffffffffffffffff)
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000180)=0x6f)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
write$dsp(r2, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
syz_usb_connect(0x2, 0x24, 0x0, 0x0)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
r3 = syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
ioctl$PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f000014e000/0x1000)=nil, &(0x7f0000e18000/0x3000)=nil, 0x0, &(0x7f0000000280)=[{0x7, 0xffffffffffffffff, 0x9}, {0x1, 0xf, 0xfffffffffffffffe}], 0x2, 0x1, 0x0, 0x79, 0x0, 0x18})
r4 = io_uring_setup(0x3458, &(0x7f0000000080)={0x0, 0xffffeffa, 0x18, 0x2, 0x1})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)

6.989851687s ago: executing program 1 (id=627):
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a010101000000008903ce070200", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c00000090"], 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f1068109e733e1a68", 0xf, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="480000001000050400"/19, @ANYRES32, @ANYBLOB="ebffffffffffffff280012800b00010065727370616e0000180002800400120005"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
r6 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r6, 0x0)
r7 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x862b01)
ioctl$EVIOCGSND(r7, 0x8040451a, &(0x7f0000002880)=""/4102)
openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40000, 0x80)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x200100, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

6.04628807s ago: executing program 4 (id=628):
r0 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4, 0x3ff, @empty, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x11e, 0xd, 0x0, 0x40)

6.045196776s ago: executing program 0 (id=629):
syz_usb_connect(0x5, 0x24, &(0x7f0000002040)=ANY=[@ANYBLOB="12010000fe76181004160780a6af011703010902120001000000000904"], 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x3, 0xbc01)
syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
symlinkat(&(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r2 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r3 = syz_usb_connect$uac1(0x2, 0xa6, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000106b1d01010000000003010902940003010040000904000000010100000a2401000000020102132406000006000000281ab0ab2c90619b34000000000000000000000924030000000000000924050000f8211cfd0924030500000004000724050401"], 0x0)
syz_usb_control_io$uac1(r3, &(0x7f0000000080)={0x14, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={<r5=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r4, 0x84, 0x79, &(0x7f0000000040)={r5, 0xffff, 0x5c3e}, 0x8)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000d00)=ANY=[@ANYBLOB="1201000200000008c016f1092fbb7888ad7213d6a8a4e88656e10540000102030109022d00010140600c090400f20203010302092106000301222f0e090581cb62ac796fbfe9f284b30898b6f865e4d0637817db552b034cd4c66f4578420cb8118b0df105bdf1eea5b97c124f2785640181bdec9297588ef1080438a254658a3dd9045b8b733f3c9bdc88e55b86b4babb10a6287ec0c6e3ca1ac40164a6f0a77c0843c710fae8ce2fa1448bd1a45d8901bbd246f54615d0b4ed76af11c5e4c32f6fb5cbe604a9dc3f36f8"], &(0x7f0000000b80)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x310, 0x0, 0x6, 0xc7, 0x77, 0x9}, 0x2e, &(0x7f0000000980)=ANY=[@ANYBLOB], 0x4, [{0x4, &(0x7f00000009c0)=@lang_id={0x4, 0x3, 0x2001}}, {0x2, &(0x7f0000000a00)=@string={0x2}}, {0x4, &(0x7f0000000b00)=@lang_id={0x4, 0x3, 0x860}}, {0x4, &(0x7f0000000b40)=@lang_id={0x4, 0x3, 0x3001}}]})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000140)=ANY=[@ANYBLOB="01000000000000f207010040"])
bind$alg(r2, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(xchacha12)\x00'}, 0x58)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r9, @ANYRES16=r1], 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000c00)={@in={{0x2, 0x4e22, @empty}}, 0x0, 0x0, 0x41, 0x0, "8ec164ff6dae2590a9501918b11c62c77b00ac5e82321d44d0a2b6854bd28a1539acb69ddafa002ac4f2ef558afe6138c23d9807a0a82deafd5a8c67f933c328d82e0a07ee254d2ed8c897fd940003eb"}, 0xd8)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r0, 0x80dc5521, &(0x7f0000000180)=""/135)

6.044534804s ago: executing program 3 (id=630):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0xc)
socket$inet_smc(0x2b, 0x1, 0x0)
r1 = getpid()
ptrace$ARCH_SHSTK_DISABLE(0x1e, r1, 0x3, 0x5002)
socket(0xa, 0x3, 0x3a)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, 0x0)
r2 = semget$private(0x0, 0x8, 0x20)
semtimedop(r2, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000080)=@sack_info={0x0, 0x6, 0x1}, 0xc)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000040)=@sack_info={0x0, 0x80, 0x4}, &(0x7f00000002c0)=0xc)
setsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, 0x0, 0x0)

4.302489101s ago: executing program 4 (id=631):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r4, 0xc0f85403, &(0x7f0000000040)={{0x1, 0x0, 0x0, 0x3}, 0x0, 0x0, 'id1\x00', 'timer1\x00', 0x0, 0x81, 0x1, 0xffffffffffffd0c4, 0x10000000})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x33, &(0x7f0000000040)=0x2, 0x4)

4.049206151s ago: executing program 3 (id=632):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6906bb2b0eb2fe32d2f0048678cd35ef833c350900f95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb6000000000000", 0x87}, {&(0x7f0000000400)="029993440c7a1d95d3bb8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d082247558bef6b2b2cd6a0dffece1b36526e9388c344fb7ac429e434ccb0330483c0604aaf296d8218e240055cb92f17b1b47fd7b1b178ca0d1c470154ed985a179f87c9bc40206c86df9abc5", 0x6c}, {&(0x7f0000000180)="0c1928a7397d5f2e855cb2b0b1e61d3fe47dc3e798cf47cfdbf169e77257f308b400000000227094d569a4", 0x2b}, {&(0x7f0000000740)="c8605474ee573ad5ad5acedf22046d983c7964dad745eb7c8eb102c0d2b166382d3f325806513b1eb3fe7b135bfef85013c74b374f5892a7254e3405ebe8d6125ace8414fc44456c1c521ce19dae4a7f37f08f5e7b686c02967dfb02fa1ec528de641f95606c3be81b643b62d206a8aadea3d7663c32b159036bde2ee6fb0441c70bb0b0a46174f8387436eaeafa94aedef284393412f0239be8", 0x9a}], 0x4}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000000)="acc841985992b79554acfc02163bb0fb2bb293e68c02bb40b6b870bde5700d368744361ae9fce3", 0x27}, {&(0x7f0000000e80)="5be3b011e12323e4ab88c0472f0700000000000000e71ba6231f303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf646e72f8fe08c33a33b275787892f61fbb621794716f96031931b55af30fa01d72aa5a53ee4c07ab7c96a4a9ed93f4d20269982ab6feb22d8e77afb7b861622ab963b07f0026fd6424082bcd0864a854e542aacc3201fff776fe1c000000000000000000000000000000002da46e8a95bcead77a244256266fe952d151a841aaa0c9c727bf08c37869c70d6aed073d6bb9fb037a079b697f3ba963ba49b6aecdc3e839ae25d497b0e60408b8e0a9931aeb1be35eea2a22fa50d66a634804121bde6a4a2d7a23c08d8237aac90c577c24f4ec2949d9202659fe626262e0764eed651fe91d276cd8918ba1a079c716281613b127eca886d75e994a1b41314ff21f5a4fd8a7e55c65b2eebabf0db0268c53503bb309959c1c0b222c6fb8310e8f25e7c26e24baedcc72d41798c95c01626c311e9f1262dfa4dedd161672c578a7af36c8a95437f295e14a1e0c7245cb53f83cc7b4b9294bb13473331502b7735a955080f7c2fd79d3fe0de99505840905376e957c012fc4e4e0ea1c8db07ac01ae1e0e5c38a0963194a", 0x1f8}, {&(0x7f0000000d80)="bd2f6aa36cea0e4bccda9ad762e998d923018ec9f30d63c7059c3c786069915581888508ff589f82857ff546b23b88d6bd61f1efc982005bf6c9abc4fe2caf32ef3ff105b69346a4d09afd7b0b8bd5f8", 0x50}], 0x3}}], 0x2, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
r1 = open(&(0x7f0000000380)='./bus\x00', 0x143142, 0x91)
ftruncate(r1, 0x2007ffb)
sendfile(r1, r1, 0x0, 0x1000000201005)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x6d)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r3, 0xc0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440)=r4, 0x4)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001380)={0x6, 0x1c, &(0x7f0000001080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x6}, [@map_fd={0x18, 0xa}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @ldst={0x1, 0x3, 0x2, 0xa, 0x9, 0x18, 0xffffffffffffffff}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x3}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}]}, &(0x7f0000000980)='syzkaller\x00', 0x5, 0xf0, &(0x7f0000001280)=""/240, 0x41100, 0x22, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000d40)={0x4, 0xd, 0x71b017c3, 0x1}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000e00), &(0x7f0000000e40)=[{0x3, 0x5, 0x9, 0x8}, {0x5, 0x1, 0x6, 0xb}, {0x4, 0x1, 0x0, 0xb}], 0x10, 0x10000, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001440)={0x6, 0x1e, &(0x7f0000000b00)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}, {}, {}, [@tail_call, @tail_call, @alu={0x4, 0x0, 0x2, 0x7, 0x5, 0x40, 0xfffffffffffffff0}, @ldst={0x1, 0x3, 0x6, 0x2, 0x1, 0x8, 0xfffffffffffffffc}, @cb_func={0x18, 0x7, 0x4, 0x0, 0x5}, @jmp={0x5, 0x1, 0x0, 0x0, 0xa, 0x100, 0x8}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000640)='GPL\x00', 0x8, 0xa7, &(0x7f0000000c00)=""/167, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000700)={0x0, 0xa, 0x7, 0xfffffffa}, 0x10, r4, r5, 0x0, 0x0, 0x0, 0x10, 0xa, @void, @value}, 0x94)
r6 = socket$nl_route(0x10, 0x3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r7 = syz_open_procfs$pagemap(0x0, &(0x7f0000000180))
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f0000000000)={0x60, 0x0, &(0x7f000007c000/0x4000)=nil, &(0x7f0000839000/0x1000)=nil, 0x0, 0x0, 0x0, 0xc, 0x4b, 0x0, 0x6, 0x2e})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
sendmsg$nl_route(r6, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)=@ipv4_delrule={0x58, 0x21, 0x610, 0x70bd2c, 0x25dfdbfb, {0x2, 0x14, 0x80, 0x4, 0x8, 0x0, 0x0, 0x5, 0x10002}, [@FRA_SRC={0x8, 0x2, @local}, @FRA_DST={0x8, 0x1, @multicast1}, @FRA_SRC={0x8, 0x2, @multicast1}, @FRA_GENERIC_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e23, 0x4e20}}, @FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x6d7}, @FRA_DST={0x8, 0x1, @loopback}, @FRA_SRC={0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000004}, 0x40000800)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

3.967719593s ago: executing program 1 (id=633):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000003e00)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002e0001000000000000000000010100800c0001"], 0x114}], 0x1}, 0x0) (fail_nth: 2)

3.765222616s ago: executing program 1 (id=634):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@delsa={0x48, 0x12, 0x1, 0x0, 0x0, {@in=@dev}, [@srcaddr={0x14, 0xd, @in6=@rand_addr=' \x01\x00'}, @mark={0xc}]}, 0x48}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000040)=0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x3, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x190, 0xf1f80502f07a58b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_PACKETS_PER_SLAVE={0x8, 0x14, 0xff}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40010}, 0x240080c1)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00000018"], 0x50}}, 0x0)

3.549246619s ago: executing program 1 (id=635):
r0 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000000))
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4, 0x8010, r0, 0x74dd0000)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000003e00)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002e0001000000000000000000010100800c0001"], 0x114}], 0x1}, 0x0)

3.409676656s ago: executing program 4 (id=636):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000003c0)='rcu_utilization\x00', r1}, 0x18)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
r3 = creat(&(0x7f0000000000)='./file0\x00', 0x84)
ioctl$SIOCGETMIFCNT_IN6(r3, 0x89e0, &(0x7f0000000180))
pread64(r3, 0x0, 0x0, 0x4)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x4e24, @empty}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000d40)=ANY=[@ANYBLOB="18000000b1a50000000000000000000085000000002020642500000000d4cb3772588e740ce06edd002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xa0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r6}, 0x10)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=00000000000000000100000,use', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r7, &(0x7f00000021c0)={0x2020, 0x0, 0x0, <r8=>0x0, <r9=>0x0}, 0x2020)
setxattr$system_posix_acl(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='system.posix_acl_access\x00', &(0x7f0000000380)=ANY=[@ANYBLOB="02000000010000000000000002000400", @ANYRES32=r8, @ANYBLOB="02000400", @ANYRES32=r8, @ANYBLOB="040006000000000008000300", @ANYRES32=r9, @ANYBLOB="100f062befb600000000"], 0x3c, 0x3)
ioctl$TUNSETOWNER(0xffffffffffffffff, 0x400454cc, r8)
lsm_get_self_attr(0x64, 0x0, 0x0, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001600)=@mangle={'mangle\x00', 0x8, 0x6, 0x960, 0x770, 0x268, 0xf8, 0xf8, 0x470, 0x890, 0x890, 0x890, 0x890, 0x890, 0x6, 0x0, {[{{@uncond, 0x0, 0xd0, 0xf8, 0x0, {0x7a00000000000000}, [@inet=@rpfilter={{0x28}}]}, @HL={0x28}}, {{@ipv6={@dev, @loopback, [], [], 'pimreg0\x00', 'veth1_macvtap\x00'}, 0x0, 0x148, 0x170, 0x0, {0x5002}, [@common=@unspec=@physdev={{0x68}, {'veth0_to_team\x00', {}, 'netpci0\x00', {}, 0x14, 0x15}}, @common=@unspec=@connbytes={{0x38}}]}, @common=@unspec=@NFQUEUE1={0x28}}, {{@uncond, 0x0, 0x1e0, 0x208, 0x0, {}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @remote, @ipv4={'\x00', '\xff\xff', @loopback}, @mcast2, @local, @local, @local, @dev, @rand_addr=' \x01\x00', @private1, @mcast2, @dev, @private2, @private1, @mcast2, @loopback]}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x2d8, 0x300, 0x0, {}, [@common=@unspec=@bpf0={{0x230}}]}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@eui64={{0x28}}]}, @inet=@TOS={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x9c0)

3.322211767s ago: executing program 1 (id=637):
r0 = syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x60)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0xfffffffffffffffb], 0x0, 0x0, 0x1, 0x1}}, 0x40)
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x8, &(0x7f0000000980)=ANY=[@ANYBLOB="bcea"])
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x2, 0x0, 0x351}, &(0x7f00000000c0), &(0x7f0000000080))
io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
ioctl$EVIOCSFF(r3, 0x40304580, &(0x7f0000000280)={0x51, 0x5, 0xf, {0x803}, {0x5, 0x2}, @ramp={0x3ff, 0x7, {0x6, 0x9, 0x1, 0xfffc}}})

2.148709045s ago: executing program 4 (id=638):
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYRES64=r0], &(0x7f0000000200)='GPL\x00', 0xff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x89a1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
unshare(0x20000400)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
read$msr(0xffffffffffffffff, &(0x7f0000002000)=""/102400, 0x19000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x50)
pipe2$9p(&(0x7f00000001c0), 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x20000023896)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000280), &(0x7f00000013c0)=0xc)
sendmmsg$unix(r7, &(0x7f00000001c0), 0x0, 0x4)
setsockopt$sock_int(r6, 0x1, 0x10, &(0x7f00000002c0)=0x8001, 0x4)
write$binfmt_elf64(r7, &(0x7f0000000500)=ANY=[], 0x78)
splice(r6, 0x0, 0xffffffffffffffff, 0x0, 0x39000, 0x0)
socket(0x10, 0x80002, 0x0)
syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000086b1d010140000102030109025f00030100600009040000000101"], 0x0)

2.008851345s ago: executing program 0 (id=639):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)={0x20, r1, 0x821, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4040004)

1.981256146s ago: executing program 2 (id=640):
r0 = memfd_secret(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
r2 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0)
ioctl$EVIOCRMFF(r2, 0x40044581, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = shmget(0x0, 0x2000, 0x100, &(0x7f0000ffc000/0x2000)=nil)
shmat(r6, &(0x7f0000ffc000/0x3000)=nil, 0x1000)
shmctl$IPC_RMID(r6, 0x0)
r7 = shmget$private(0x0, 0x2000, 0x400, &(0x7f0000ffd000/0x2000)=nil)
shmctl$SHM_STAT(r7, 0xd, &(0x7f0000000000)=""/82)
clock_gettime(0x3, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000002c0)=ANY=[@ANYBLOB="20000000051421"], 0x20}, 0x1, 0x0, 0x0, 0x40c4}, 0x0)
r10 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r8, r0, 0x2e, 0x4608, @void}, 0x10)
read$FUSE(r0, &(0x7f0000000b80)={0x2020, 0x0, <r11=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000140)={0x50, 0x0, r11, {0x7, 0x2b, 0x5, 0x300400, 0x5, 0x0, 0x1ff, 0x6, 0x0, 0x0, 0x4, 0xc000}}, 0x50)
bpf$LINK_DETACH(0x22, &(0x7f0000000080)=r10, 0x4)

1.852891062s ago: executing program 0 (id=641):
r0 = socket$inet6(0xa, 0x3, 0x1d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x84}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c)
r4 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="12011f00abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x4000000, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r5 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
read$FUSE(r5, &(0x7f0000007100)={0x2020}, 0x941f)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r6 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$setperm(0x5, r6, 0x52b242d)
keyctl$join(0x1, &(0x7f0000000100)={'syz', 0x3})
keyctl$join(0x1, &(0x7f0000000140)={'syz', 0x3})
syz_usb_control_io(r4, &(0x7f0000000340)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="201006000000065f01"], 0x0, 0x0, 0x0, 0x0}, 0x0)

1.840397314s ago: executing program 3 (id=642):
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
move_mount(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)={0x20, r1, 0x821, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4040004)
r2 = openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x880, 0x126, 0xb04dfdbe26e48019}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000f40), r3)
sendmsg$IPVS_CMD_NEW_SERVICE(r3, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010067bd7000fbdbdf25010000005c3aa08040c42d9114000300fe8000d1ea8a7279e7c02cf4c60a000000000000000000000000bb"], 0x70}, 0x1, 0x0, 0x0, 0x20004084}, 0x20008800)
sendmsg$IPVS_CMD_DEL_SERVICE(r2, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1029}, 0xc, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="1076ace8f6b3a66a05a029c190ed5f4e09", @ANYBLOB="85d691b08324e2add788e0f81c3dcfab43096bc9bb58014ea1159df083d8c5264c15cea5cf5260784f4f661ef40ce63a136e3268aa2b05bca36637a4b48af5a18553080e3f7dc76302aa44397ca1da03207a0a642e94a2f2acc083b60c880000aacfad69df1752bf83436398ca973ef720e39a74bd6086dfec7e406b5c536573e16ec1569b33279fdff0677524cd9607c9b58b6cba3299e21519ca394e971d5b", @ANYRESOCT=r2], 0x110}, 0x1, 0x0, 0x0, 0x8000}, 0x24000844)

654.149939ms ago: executing program 2 (id=643):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) (async)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) (async)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) (async, rerun: 64)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}) (async, rerun: 64)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000006c0)=@newlink={0x50, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @sit={{0x8}, {0x24, 0x2, 0x0, 0x1, [@IFLA_IPTUN_FWMARK={0x8, 0x14, 0x800000f0}, @IFLA_IPTUN_LOCAL={0x8, 0x2, @rand_addr=0x64010102}, @IFLA_IPTUN_TOS={0x5, 0x5, 0xc9}, @IFLA_IPTUN_TTL={0x5, 0x4, 0x1}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r5, 0x6, 0x1, &(0x7f0000000000)={0x2000, 0x747, 0x0, 0x3, 0x0, 0x0, 0x9}, 0xc) (async)
connect$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmmsg$inet(r5, &(0x7f0000002080)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000080)="ce", 0x1}], 0x2a0}}], 0x2, 0x40488e4)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_int(r6, 0x6, 0x4, 0x0, &(0x7f0000000080)) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10) (async, rerun: 64)
socket$packet(0x11, 0x3, 0x300) (async, rerun: 64)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f00000083c0)={{0x1}}) (async)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f00000000c0)={0x0, 0xf, 0x0, 0x0, 0x3})
read(0xffffffffffffffff, 0x0, 0x0)
close(r0) (async)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x18, 0x2d, 0x1, 0x0, 0x0, "", [@typed={0x6, 0xf1, 0x0, 0x0, @str='+\x00'}]}, 0x18}], 0x1}, 0x0)
r9 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r9, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1a5300000000000010f71efeebefffffff7f000000700000"], 0x18}, 0x400fc00)

0s ago: executing program 2 (id=644):
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYRES64=r0], &(0x7f0000000200)='GPL\x00', 0xff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x89a1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
unshare(0x20000400)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x50)
pipe2$9p(&(0x7f00000001c0), 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x20000023896)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000280), &(0x7f00000013c0)=0xc)
sendmmsg$unix(r7, &(0x7f00000001c0), 0x0, 0x4)
setsockopt$sock_int(r6, 0x1, 0x10, &(0x7f00000002c0)=0x8001, 0x4)
write$binfmt_elf64(r7, &(0x7f0000000500)=ANY=[], 0x78)
splice(r6, 0x0, 0xffffffffffffffff, 0x0, 0x39000, 0x0)
socket(0x10, 0x80002, 0x0)
syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000086b1d010140000102030109025f00030100600009040000000101"], 0x0)

kernel console output (not intermixed with test programs):

evice strings: Mfr=1, Product=2, SerialNumber=3
[  436.909715][ T5981] usb 1-1: Product: 퉠Ꞙᆰ៛☬췀逽䎲롆䶯蛇Śⲿ鿪햼몴⶙꘿ṯ䠢淜㲒蚵ꔜ輥忩嫦䘀磟�^¹쳇᥼◽럎鉡⠻븽瀱푵쩙뚹�冘��낆ݵ뇠渃�緞牦牦望�ڰꢞᲚ균䬷䞌⨎阱
[  436.939934][ T5981] usb 1-1: Manufacturer: ј
[  436.945390][ T5981] usb 1-1: SerialNumber: 븪䦧꽿�铽춺ஹ�䩽瘯�㇧涜⻿嗾�袓ㅩㅒ鴮ᒋ틻層旭⯕庽薬粸ㆰ蘙侳ᦙ᱙߈╔䷭ΚŔᦩ⚖�巹�攩뿀떎ㅽ�潀髊蛸꘷锌暜岃㙩맘肋쬀᪞潼ں縻�꾇慄ﷻ�蹯��࿘馸�㞾胇䋔島澥躢ߕ�ﳬ婴�昂긆༑�䥰臚풇뒹骜
[  437.204632][ T5981] gspca_main: spca508-2.14.0 probing 041e:4018
[  438.433897][ T5981] gspca_spca508: reg_read err -71
[  438.439986][ T5981] gspca_spca508: reg_read err -71
[  438.451066][ T5981] gspca_spca508: reg_read err -71
[  438.623580][ T5981] gspca_spca508: reg_read err -71
[  438.643365][ T5981] gspca_spca508: reg_read err -71
[  438.656409][ T5981] gspca_spca508: reg write: error -71
[  438.677057][ T5981] spca508 1-1:3.99: probe with driver spca508 failed with error -71
[  438.751621][ T5981] usb 1-1: USB disconnect, device number 10
[  438.998119][    T9] usbhid 5-1:0.0: can't add hid device: -71
[  439.364355][    T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  439.397952][    T9] usb 5-1: USB disconnect, device number 10
[  439.957547][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  439.973171][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  441.831624][ T7745] netlink: 8 bytes leftover after parsing attributes in process `syz.1.213'.
[  442.003517][ T5917] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  442.137987][ T7739] 9pnet_fd: Insufficient options for proto=fd
[  442.263772][ T5917] usb 5-1: Using ep0 maxpacket: 16
[  442.296159][ T5917] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  442.334790][ T5917] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  442.365528][ T5917] usb 5-1: Product: syz
[  442.369834][ T5917] usb 5-1: Manufacturer: syz
[  442.393527][ T5917] usb 5-1: SerialNumber: syz
[  442.413507][ T5917] usb 5-1: config 0 descriptor??
[  442.677736][ T7743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  442.726511][ T7743] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  442.786342][ T7743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  442.815570][ T7743] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  442.842098][ T7743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  442.869628][ T7743] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  442.942556][ T5915] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  443.062293][    T9] usb 5-1: USB disconnect, device number 11
[  443.454051][ T7756] IPVS: sed: UDP 224.0.0.2:20004 - no destination available
[  443.652425][ T5913] IPVS: starting estimator thread 0...
[  443.684914][ T5915] usb 2-1: Using ep0 maxpacket: 8
[  443.707448][ T5915] usb 2-1: config 3 has an invalid interface number: 99 but max is 0
[  443.720655][ T5915] usb 2-1: config 3 has an invalid interface association descriptor of length 2, skipping
[  443.736585][ T5915] usb 2-1: config 3 has no interface number 0
[  443.742931][ T5915] usb 2-1: config 3 interface 99 altsetting 7 endpoint 0x4 has an invalid bInterval 130, changing to 7
[  443.763756][ T7758] IPVS: using max 30 ests per chain, 72000 per kthread
[  443.794004][ T5915] usb 2-1: config 3 interface 99 has no altsetting 0
[  443.814142][ T5915] usb 2-1: New USB device found, idVendor=041e, idProduct=4018, bcdDevice=ed.42
[  443.826915][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  443.894796][ T5915] usb 2-1: Product: 퉠Ꞙᆰ៛☬췀逽䎲롆䶯蛇Śⲿ鿪햼몴⶙꘿ṯ䠢淜㲒蚵ꔜ輥忩嫦䘀磟�^¹쳇᥼◽럎鉡⠻븽瀱푵쩙뚹�冘��낆ݵ뇠渃�緞牦牦望�ڰꢞᲚ균䬷䞌⨎阱
[  444.082624][ T5915] usb 2-1: Manufacturer: ј
[  444.114359][ T5915] usb 2-1: SerialNumber: 븪䦧꽿�铽춺ஹ�䩽瘯�㇧涜⻿嗾�袓ㅩㅒ鴮ᒋ틻層旭⯕庽薬粸ㆰ蘙侳ᦙ᱙߈╔䷭ΚŔᦩ⚖�巹�攩뿀떎ㅽ�潀髊蛸꘷锌暜岃㙩맘肋쬀᪞潼ں縻�꾇慄ﷻ�蹯��࿘馸�㞾胇䋔島澥躢ߕ�ﳬ婴�昂긆༑�䥰臚풇뒹骜
[  445.509388][ T5915] gspca_main: spca508-2.14.0 probing 041e:4018
[  445.542395][ T5915] gspca_spca508: reg_read err -71
[  445.560433][ T5915] gspca_spca508: reg_read err -71
[  445.588066][ T5915] gspca_spca508: reg_read err -71
[  445.604855][ T5915] gspca_spca508: reg_read err -71
[  445.623962][ T5915] gspca_spca508: reg_read err -71
[  445.662396][ T5915] gspca_spca508: reg write: error -71
[  445.680078][ T5915] spca508 2-1:3.99: probe with driver spca508 failed with error -71
[  445.719538][ T5915] usb 2-1: USB disconnect, device number 8
[  445.773485][ T5913] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  445.968099][ T7771] FAULT_INJECTION: forcing a failure.
[  445.968099][ T7771] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  446.057176][ T5913] usb 1-1: device descriptor read/64, error -71
[  446.065952][ T7771] CPU: 0 UID: 0 PID: 7771 Comm: syz.2.223 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  446.065974][ T7771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  446.065982][ T7771] Call Trace:
[  446.065988][ T7771]  <TASK>
[  446.065994][ T7771]  dump_stack_lvl+0x189/0x250
[  446.066016][ T7771]  ? __lock_acquire+0xaac/0xd20
[  446.066037][ T7771]  ? __pfx_dump_stack_lvl+0x10/0x10
[  446.066057][ T7771]  ? __pfx__printk+0x10/0x10
[  446.066080][ T7771]  ? __might_fault+0xb0/0x130
[  446.066110][ T7771]  should_fail_ex+0x414/0x560
[  446.066134][ T7771]  set_fd_set+0x3a/0xa0
[  446.066155][ T7771]  core_sys_select+0x731/0x990
[  446.066179][ T7771]  ? __pfx_core_sys_select+0x10/0x10
[  446.066203][ T7771]  ? __pfx_set_user_sigmask+0x10/0x10
[  446.066223][ T7771]  __se_sys_pselect6+0x27a/0x300
[  446.066239][ T7771]  ? __pfx___se_sys_pselect6+0x10/0x10
[  446.066254][ T7771]  ? __x64_sys_pselect6+0x21/0xf0
[  446.066268][ T7771]  do_syscall_64+0xf6/0x210
[  446.066280][ T7771]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  446.066290][ T7771]  ? clear_bhb_loop+0x45/0xa0
[  446.066301][ T7771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  446.066309][ T7771] RIP: 0033:0x7f7ed978e969
[  446.066318][ T7771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  446.066326][ T7771] RSP: 002b:00007f7eda50f038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  446.066336][ T7771] RAX: ffffffffffffffda RBX: 00007f7ed99b5fa0 RCX: 00007f7ed978e969
[  446.066342][ T7771] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[  446.066348][ T7771] RBP: 00007f7eda50f090 R08: 0000000000000000 R09: 0000000000000000
[  446.066353][ T7771] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  446.066359][ T7771] R13: 0000000000000000 R14: 00007f7ed99b5fa0 R15: 00007ffc5d89df48
[  446.066373][ T7771]  </TASK>
[  446.413375][ T5913] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  446.543418][ T5913] usb 1-1: device descriptor read/64, error -71
[  446.749454][ T7790] ..
@ÿ: renamed from bond_slave_0 (while UP)
[  446.809886][ T7790] tipc: Started in network mode
[  446.814991][ T7790] tipc: Node identity fe800000000000000000000000000013, cluster identity 4711
[  446.828589][ T7790] tipc: Enabled bearer <udp:syz0>, priority 10
[  447.137243][ T5913] usb usb1-port1: attempt power cycle
[  447.193324][ T5946] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  447.483627][ T5946] usb 5-1: Using ep0 maxpacket: 16
[  447.508406][ T5946] usb 5-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  447.811191][ T5913] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  447.861171][ T5913] usb 1-1: device descriptor read/8, error -71
[  448.012041][ T5946] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.810112][ T5981] tipc: Node number set to 4269801491
[  449.033462][ T5946] usb 5-1: Product: syz
[  449.043467][ T5946] usb 5-1: Manufacturer: syz
[  449.742078][ T5946] usb 5-1: SerialNumber: syz
[  449.748969][ T5946] usb 5-1: config 0 descriptor??
[  449.754266][ T7809] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  449.769417][ T5946] usb 5-1: can't set config #0, error -71
[  449.777296][ T5946] usb 5-1: USB disconnect, device number 12
[  449.924949][ T7812] netlink: 'syz.0.236': attribute type 2 has an invalid length.
[  449.973532][ T5980] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  450.193879][ T5980] usb 2-1: Using ep0 maxpacket: 16
[  450.247920][ T7814] bridge0: port 3(batadv0) entered disabled state
[  450.255674][ T7814] bridge0: port 2(bridge_slave_1) entered disabled state
[  450.263357][ T7814] bridge0: port 1(bridge_slave_0) entered disabled state
[  450.280373][ T5980] usb 2-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  450.290546][ T7814] bridge0: entered allmulticast mode
[  450.308820][ T5980] usb 2-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  450.355056][ T5980] usb 2-1: Product: syz
[  450.361069][ T5980] usb 2-1: Manufacturer: syz
[  450.383286][ T5980] usb 2-1: SerialNumber: syz
[  450.488974][ T5980] usb 2-1: config 0 descriptor??
[  450.533317][ T5915] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  450.836430][ T7806] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  450.845528][ T5915] usb 3-1: Using ep0 maxpacket: 8
[  450.854656][ T7806] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  450.869994][ T5915] usb 3-1: config 3 has an invalid interface number: 99 but max is 0
[  450.881958][ T5915] usb 3-1: config 3 has an invalid interface association descriptor of length 2, skipping
[  450.905120][ T5915] usb 3-1: config 3 has no interface number 0
[  450.919124][ T7806] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  450.924371][ T5915] usb 3-1: config 3 interface 99 altsetting 7 endpoint 0x4 has an invalid bInterval 130, changing to 7
[  450.933969][ T7806] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  450.944324][ T5915] usb 3-1: config 3 interface 99 has no altsetting 0
[  450.965515][ T7806] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  450.981005][ T7806] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  450.988135][ T5915] usb 3-1: New USB device found, idVendor=041e, idProduct=4018, bcdDevice=ed.42
[  451.000457][ T5915] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  451.012593][ T5915] usb 3-1: Product: 퉠Ꞙᆰ៛☬췀逽䎲롆䶯蛇Śⲿ鿪햼몴⶙꘿ṯ䠢淜㲒蚵ꔜ輥忩嫦䘀磟�^¹쳇᥼◽럎鉡⠻븽瀱푵쩙뚹�冘��낆ݵ뇠渃�緞牦牦望�ڰꢞᲚ균䬷䞌⨎阱
[  451.035485][ T5915] usb 3-1: Manufacturer: ј
[  451.040144][ T5915] usb 3-1: SerialNumber: 븪䦧꽿�铽춺ஹ�䩽瘯�㇧涜⻿嗾�袓ㅩㅒ鴮ᒋ틻層旭⯕庽薬粸ㆰ蘙侳ᦙ᱙߈╔䷭ΚŔᦩ⚖�巹�攩뿀떎ㅽ�潀髊蛸꘷锌暜岃㙩맘肋쬀᪞潼ں縻�꾇慄ﷻ�蹯��࿘馸�㞾胇䋔島澥躢ߕ�ﳬ婴�昂긆༑�䥰臚풇뒹骜
[  451.072031][ T5946] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  451.096250][ T5980] usb 2-1: USB disconnect, device number 9
[  451.223361][ T5946] usb 5-1: Using ep0 maxpacket: 8
[  451.230428][ T5946] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  451.242054][ T5946] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  451.263646][ T5946] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  451.272823][ T5946] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  451.281097][ T5946] usb 5-1: Product: syz
[  451.285826][ T5946] usb 5-1: Manufacturer: syz
[  451.290479][ T5946] usb 5-1: SerialNumber: syz
[  451.318111][ T5915] gspca_main: spca508-2.14.0 probing 041e:4018
[  451.325504][ T5915] gspca_spca508: reg_read err -71
[  451.334650][ T5915] gspca_spca508: reg_read err -71
[  451.340772][ T5915] gspca_spca508: reg_read err -71
[  451.347117][ T5915] gspca_spca508: reg_read err -71
[  451.352705][ T5915] gspca_spca508: reg_read err -71
[  451.360701][ T5915] gspca_spca508: reg write: error -71
[  451.368139][ T5915] spca508 3-1:3.99: probe with driver spca508 failed with error -71
[  451.410537][ T5915] usb 3-1: USB disconnect, device number 9
[  451.744015][ T5946] usb 5-1: cannot find UAC_HEADER
[  451.937041][ T5946] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[  451.952345][ T5946] usb 5-1: USB disconnect, device number 13
[  451.984538][ T5860] udevd[5860]: setting owner of /dev/bus/usb/005/013 to uid=0, gid=0 failed: No such file or directory
[  452.093998][ T5860] udevd[5860]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  452.137615][ T7837] binder: 7836:7837 ioctl c0306201 2000000003c0 returned -14
[  452.146890][ T7837] FAULT_INJECTION: forcing a failure.
[  452.146890][ T7837] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  452.161030][ T7837] CPU: 1 UID: 0 PID: 7837 Comm: syz.1.244 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  452.161074][ T7837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  452.161094][ T7837] Call Trace:
[  452.161099][ T7837]  <TASK>
[  452.161106][ T7837]  dump_stack_lvl+0x189/0x250
[  452.161130][ T7837]  ? __lock_acquire+0xaac/0xd20
[  452.161153][ T7837]  ? __pfx_dump_stack_lvl+0x10/0x10
[  452.161173][ T7837]  ? __pfx__printk+0x10/0x10
[  452.161196][ T7837]  ? __might_fault+0xb0/0x130
[  452.161228][ T7837]  should_fail_ex+0x414/0x560
[  452.161256][ T7837]  _copy_from_user+0x2d/0xb0
[  452.161277][ T7837]  binder_ioctl_write_read+0x124/0xa090
[  452.161304][ T7837]  ? is_bpf_text_address+0x26/0x2b0
[  452.161329][ T7837]  ? is_bpf_text_address+0x292/0x2b0
[  452.161347][ T7837]  ? is_bpf_text_address+0x26/0x2b0
[  452.161368][ T7837]  ? kernel_text_address+0xa5/0xe0
[  452.161388][ T7837]  ? __kernel_text_address+0xd/0x40
[  452.161405][ T7837]  ? unwind_get_return_address+0x4d/0x90
[  452.161422][ T7837]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  452.161437][ T7837]  ? arch_stack_walk+0xfc/0x150
[  452.161462][ T7837]  ? __pfx_binder_ioctl_write_read+0x10/0x10
[  452.161482][ T7837]  ? stack_trace_save+0x9c/0xe0
[  452.161500][ T7837]  ? stack_depot_save_flags+0x40/0x910
[  452.161531][ T7837]  ? kasan_save_track+0x4f/0x80
[  452.161549][ T7837]  ? kasan_save_track+0x3e/0x80
[  452.161570][ T7837]  ? do_vfs_ioctl+0xf36/0x1eb0
[  452.161586][ T7837]  ? __se_sys_ioctl+0x47/0x170
[  452.161602][ T7837]  ? do_syscall_64+0xf6/0x210
[  452.161617][ T7837]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  452.161634][ T7837]  ? binder_debug+0x13f/0x1b0
[  452.161655][ T7837]  ? __pfx_binder_debug+0x10/0x10
[  452.161670][ T7837]  ? do_raw_spin_lock+0x121/0x290
[  452.161697][ T7837]  ? _raw_spin_unlock+0x28/0x50
[  452.161711][ T7837]  ? binder_get_thread+0x178/0x6d0
[  452.161734][ T7837]  binder_ioctl+0x3e0/0x19c0
[  452.161753][ T7837]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  452.161769][ T7837]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  452.161784][ T7837]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[  452.161796][ T7837]  ? __pfx_binder_ioctl+0x10/0x10
[  452.161814][ T7837]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  452.161828][ T7837]  ? smack_log+0xef/0x3f0
[  452.161858][ T7837]  ? __pfx_smack_log+0x10/0x10
[  452.161877][ T7837]  ? smk_access+0x14c/0x4e0
[  452.161897][ T7837]  ? smk_tskacc+0x2fc/0x370
[  452.161915][ T7837]  ? smack_file_ioctl+0x2a9/0x340
[  452.161934][ T7837]  ? __pfx_smack_file_ioctl+0x10/0x10
[  452.161959][ T7837]  ? __fget_files+0x3a0/0x420
[  452.161978][ T7837]  ? __fget_files+0x2a/0x420
[  452.161999][ T7837]  ? bpf_lsm_file_ioctl+0x9/0x20
[  452.162015][ T7837]  ? __pfx_binder_ioctl+0x10/0x10
[  452.162031][ T7837]  __se_sys_ioctl+0xf9/0x170
[  452.162051][ T7837]  do_syscall_64+0xf6/0x210
[  452.162068][ T7837]  ? clear_bhb_loop+0x45/0xa0
[  452.162088][ T7837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.162103][ T7837] RIP: 0033:0x7f21c998e969
[  452.162118][ T7837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  452.162131][ T7837] RSP: 002b:00007f21ca7a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  452.162149][ T7837] RAX: ffffffffffffffda RBX: 00007f21c9bb5fa0 RCX: 00007f21c998e969
[  452.162161][ T7837] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000003
[  452.162172][ T7837] RBP: 00007f21ca7a1090 R08: 0000000000000000 R09: 0000000000000000
[  452.162182][ T7837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  452.162191][ T7837] R13: 0000000000000000 R14: 00007f21c9bb5fa0 R15: 00007ffe974a4158
[  452.162216][ T7837]  </TASK>
[  452.162224][ T7837] binder: 7836:7837 ioctl c0306201 2000000001c0 returned -14
[  455.333466][ T5841] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  455.793594][ T5841] usb 4-1: Using ep0 maxpacket: 16
[  455.805605][ T5841] usb 4-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  455.815557][ T5841] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  455.893908][ T7857] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  456.462903][ T5841] usb 4-1: Product: syz
[  456.467340][ T5841] usb 4-1: Manufacturer: syz
[  456.471957][ T5841] usb 4-1: SerialNumber: syz
[  456.480651][ T5841] usb 4-1: config 0 descriptor??
[  456.558200][ T5841] usb 4-1: can't set config #0, error -71
[  456.593060][ T5841] usb 4-1: USB disconnect, device number 12
[  457.784940][ T5913] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  457.853323][ T5915] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  457.944318][ T5913] usb 3-1: Using ep0 maxpacket: 16
[  458.058138][ T5913] usb 3-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  458.071795][ T5913] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  458.079979][ T5915] usb 1-1: Using ep0 maxpacket: 16
[  458.088532][ T5913] usb 3-1: Product: syz
[  458.092717][ T5913] usb 3-1: Manufacturer: syz
[  458.108021][ T5913] usb 3-1: SerialNumber: syz
[  458.113487][ T5915] usb 1-1: config index 0 descriptor too short (expected 2372, got 36)
[  458.129240][ T5913] usb 3-1: config 0 descriptor??
[  458.135055][ T5915] usb 1-1: config 0 has too many interfaces: 33, using maximum allowed: 32
[  458.195150][ T5915] usb 1-1: config 0 has an invalid descriptor of length 34, skipping remainder of the config
[  458.239810][ T7877] ..
@ÿ: renamed from bond_slave_0 (while UP)
[  458.250296][ T5866] Bluetooth: hci3: unexpected cc 0x203e length: 2 > 1
[  458.343042][ T7878] tipc: Started in network mode
[  458.348120][ T7878] tipc: Node identity fe800000000000000000000000000013, cluster identity 4711
[  458.359362][ T7878] tipc: Enabled bearer <udp:syz0>, priority 10
[  458.465417][ T5915] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 33
[  458.625917][ T5915] usb 1-1: New USB device found, idVendor=060b, idProduct=0000, bcdDevice= 0.00
[  458.700650][ T5946] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  458.713505][ T5915] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  458.719449][ T7859] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  458.732610][ T5915] usb 1-1: config 0 descriptor??
[  458.753845][ T7859] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  458.892516][ T5946] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  458.929467][ T7859] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  458.941556][ T5946] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  458.966672][ T5946] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  458.975829][ T5946] usb 2-1: Product: syz
[  458.980059][ T5946] usb 2-1: Manufacturer: syz
[  458.985109][ T7859] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  458.988655][ T5946] usb 2-1: SerialNumber: syz
[  459.025397][ T5946] usb 2-1: config 0 descriptor??
[  459.030612][ T7859] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  459.064636][ T7859] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  459.125497][ T5946] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -22
[  459.172800][ T5981] usb 3-1: USB disconnect, device number 10
[  459.202274][ T7586] udevd[7586]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card4/controlC4/../uevent} for writing: No such file or directory
[  459.463129][ T7871] x_tables: ip_tables: udp match: only valid for protocol 17
[  459.477601][ T5946] tipc: Node number set to 4269801491
[  460.395522][ T5980] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  460.834262][ T5980] usb 4-1: config 34 has an invalid descriptor of length 1, skipping remainder of the config
[  460.852934][ T7891] warning: `syz.2.261' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  460.928010][ T5980] usb 4-1: config 34 has 0 interfaces, different from the descriptor's value: 10
[  460.953269][ T5980] usb 4-1: New USB device found, idVendor=0733, idProduct=0430, bcdDevice=35.fb
[  460.982595][ T5980] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  461.540956][ T5946] usb 2-1: USB disconnect, device number 10
[  461.754918][ T5981] usb 4-1: USB disconnect, device number 13
[  461.812064][ T7905] 9pnet_fd: Insufficient options for proto=fd
[  461.953478][ T5841] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  462.059544][ T5980] usb 1-1: USB disconnect, device number 15
[  462.133295][ T5841] usb 3-1: Using ep0 maxpacket: 16
[  462.147539][ T5841] usb 3-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  462.275120][ T5841] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  462.330398][ T5841] usb 3-1: Product: syz
[  462.376923][ T5841] usb 3-1: Manufacturer: syz
[  462.436628][ T5841] usb 3-1: SerialNumber: syz
[  462.513796][ T5875] Bluetooth: hci0: command 0x0406 tx timeout
[  462.520669][ T5875] Bluetooth: hci2: command 0x0406 tx timeout
[  462.529285][ T5875] Bluetooth: hci4: command 0x0406 tx timeout
[  462.534807][ T5870] Bluetooth: hci1: command 0x0406 tx timeout
[  462.536614][ T5875] Bluetooth: hci3: command 0x0406 tx timeout
[  462.549669][ T5841] usb 3-1: config 0 descriptor??
[  462.654268][ T5841] as10x_usb: device has been detected
[  462.746026][ T5841] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  462.924876][ T7903] random: crng reseeded on system resumption
[  462.992224][ T5841] usb 3-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  463.010195][ T5841] as10x_usb: error during firmware upload part1
[  463.016883][ T5841] Registered device Sky IT Digital Key (green led)
[  466.165950][ T5841] usb 3-1: USB disconnect, device number 11
[  466.288842][ T5841] Unregistered device Sky IT Digital Key (green led)
[  466.289872][ T5841] as10x_usb: device has been disconnected
[  467.357133][ T5915] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  467.773902][ T5915] usb 4-1: Using ep0 maxpacket: 16
[  468.024437][ T5915] usb 4-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  468.055627][ T5915] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  468.066795][ T7942] tmpfs: Unknown parameter 'task_newtask'
[  468.105123][ T5915] usb 4-1: Product: syz
[  468.118272][ T5915] usb 4-1: Manufacturer: syz
[  468.139401][ T5915] usb 4-1: SerialNumber: syz
[  468.162924][ T5915] usb 4-1: config 0 descriptor??
[  468.399938][ T7929] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  468.428961][ T7929] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  468.464802][ T7929] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  468.477196][ T7929] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  468.498611][ T7929] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  468.507455][ T7929] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  468.533277][ T5841] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  468.572275][ T5915] usb 4-1: USB disconnect, device number 14
[  468.693579][ T5841] usb 5-1: Using ep0 maxpacket: 8
[  468.702956][ T5841] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  468.720311][ T5841] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  468.732872][ T5841] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  468.744655][ T5841] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  468.777507][ T5841] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  468.789115][ T5841] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  469.143408][ T5916] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  469.397196][ T5841] usb 5-1: GET_CAPABILITIES returned 0
[  469.406323][ T5841] usbtmc 5-1:16.0: can't read capabilities
[  469.426173][ T5841] usb 5-1: USB disconnect, device number 14
[  469.434207][ T5916] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  469.467348][ T5916] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  469.537281][ T5916] usb 1-1: config 0 descriptor??
[  469.742490][ T7961] netlink: 4 bytes leftover after parsing attributes in process `syz.3.281'.
[  469.773334][ T7952] overlayfs: workdir and upperdir must reside under the same mount
[  471.728500][ T5915] usb 1-1: USB disconnect, device number 16
[  472.402885][ T7981] bridge0: port 2(bridge_slave_1) entered disabled state
[  472.411393][ T7981] bridge0: port 1(bridge_slave_0) entered disabled state
[  472.584586][ T7981] bridge0: entered allmulticast mode
[  473.336508][ T7993] FAULT_INJECTION: forcing a failure.
[  473.336508][ T7993] name failslab, interval 1, probability 0, space 0, times 0
[  473.373260][ T7993] CPU: 0 UID: 0 PID: 7993 Comm: syz.2.290 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  473.373285][ T7993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  473.373296][ T7993] Call Trace:
[  473.373303][ T7993]  <TASK>
[  473.373311][ T7993]  dump_stack_lvl+0x189/0x250
[  473.373341][ T7993]  ? __pfx_dump_stack_lvl+0x10/0x10
[  473.373362][ T7993]  ? __pfx__printk+0x10/0x10
[  473.373388][ T7993]  ? __pfx___might_resched+0x10/0x10
[  473.373411][ T7993]  ? fs_reclaim_acquire+0x7d/0x100
[  473.373433][ T7993]  should_fail_ex+0x414/0x560
[  473.373462][ T7993]  should_failslab+0xa8/0x100
[  473.373486][ T7993]  __kmalloc_noprof+0xcb/0x4f0
[  473.373506][ T7993]  ? iovec_from_user+0x87/0x250
[  473.373529][ T7993]  iovec_from_user+0x87/0x250
[  473.373551][ T7993]  __import_iovec+0x163/0x7f0
[  473.373580][ T7993]  import_iovec+0x74/0xa0
[  473.373603][ T7993]  ___sys_recvmsg+0x43a/0x510
[  473.373629][ T7993]  ? __pfx____sys_recvmsg+0x10/0x10
[  473.373672][ T7993]  ? __fget_files+0x3a0/0x420
[  473.373703][ T7993]  do_recvmmsg+0x307/0x760
[  473.373732][ T7993]  ? __pfx_do_recvmmsg+0x10/0x10
[  473.373763][ T7993]  ? _copy_from_user+0x94/0xb0
[  473.373796][ T7993]  __x64_sys_recvmmsg+0x1af/0x240
[  473.373814][ T7993]  ? rcu_is_watching+0x15/0xb0
[  473.373837][ T7993]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  473.373861][ T7993]  ? do_syscall_64+0xba/0x210
[  473.373883][ T7993]  do_syscall_64+0xf6/0x210
[  473.373901][ T7993]  ? clear_bhb_loop+0x45/0xa0
[  473.373922][ T7993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  473.373937][ T7993] RIP: 0033:0x7f7ed978e969
[  473.373959][ T7993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  473.373974][ T7993] RSP: 002b:00007f7eda50f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  473.373991][ T7993] RAX: ffffffffffffffda RBX: 00007f7ed99b5fa0 RCX: 00007f7ed978e969
[  473.374003][ T7993] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  473.374014][ T7993] RBP: 00007f7eda50f090 R08: 0000200000003700 R09: 0000000000000000
[  473.374025][ T7993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  473.374035][ T7993] R13: 0000000000000000 R14: 00007f7ed99b5fa0 R15: 00007ffc5d89df48
[  473.374061][ T7993]  </TASK>
[  473.648356][ T5841] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  473.666667][ T5981] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  473.696000][ T8001] netlink: 140 bytes leftover after parsing attributes in process `syz.2.293'.
[  473.707586][ T8001] netlink: 44 bytes leftover after parsing attributes in process `syz.2.293'.
[  473.719058][ T8001] netlink: 'syz.2.293': attribute type 6 has an invalid length.
[  473.728291][ T8001] netlink: 'syz.2.293': attribute type 5 has an invalid length.
[  473.736702][ T8001] netlink: 'syz.2.293': attribute type 4 has an invalid length.
[  473.823441][ T5981] usb 2-1: Using ep0 maxpacket: 16
[  473.832008][ T5981] usb 2-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  473.851138][ T5981] usb 2-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  473.851513][ T5841] usb 1-1: Using ep0 maxpacket: 8
[  473.867624][ T5841] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  473.883666][ T5841] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  473.993688][ T5946] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  474.043513][ T5981] usb 2-1: Product: syz
[  474.047730][ T5981] usb 2-1: Manufacturer: syz
[  474.052339][ T5981] usb 2-1: SerialNumber: syz
[  474.082814][ T5981] usb 2-1: config 0 descriptor??
[  474.087912][ T5916] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  474.099966][ T5841] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  474.109733][ T5841] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  474.118168][ T5841] usb 1-1: Product: syz
[  474.122459][ T5841] usb 1-1: Manufacturer: syz
[  474.365649][ T5916] usb 4-1: Using ep0 maxpacket: 16
[  474.546569][ T5916] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  474.594779][ T5841] usb 1-1: SerialNumber: syz
[  474.654739][ T5916] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  474.663582][ T5946] usb 3-1: device descriptor read/64, error -71
[  474.663954][ T5916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  474.673157][ T8007] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  474.708327][ T8007] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  474.770529][ T7992] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  474.791173][ T7992] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  474.824378][ T7992] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  474.833105][ T7992] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  474.842178][ T5916] usb 4-1: config 0 descriptor??
[  474.855759][ T5916] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input6
[  474.926172][ T5946] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  475.152135][ T5841] usb 1-1: cannot find UAC_HEADER
[  475.879352][ T5946] usb 3-1: device descriptor read/64, error -71
[  476.001193][ T5988] usb 2-1: USB disconnect, device number 11
[  476.017619][ T5946] usb usb3-port1: attempt power cycle
[  476.085981][ T5841] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22
[  476.109481][ T5841] usb 1-1: USB disconnect, device number 17
[  476.936370][ T5174] bcm5974 4-1:0.0: could not read from device
[  476.943479][ T5946] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  476.956598][ T7586] udevd[7586]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card4/controlC4/../uevent} for writing: No such file or directory
[  477.007240][ T5946] usb 3-1: device descriptor read/8, error -71
[  477.016922][ T5174] bcm5974 4-1:0.0: could not read from device
[  477.026437][ T5174] bcm5974 4-1:0.0: could not read from device
[  477.027479][ T5916] usb 4-1: USB disconnect, device number 15
[  477.049403][ T5174] bcm5974 4-1:0.0: could not read from device
[  477.236720][ T5980] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  477.395681][ T5980] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  477.413493][ T5980] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  477.431123][ T5980] usb 5-1: config 0 descriptor??
[  477.650185][ T8016] overlayfs: workdir and upperdir must reside under the same mount
[  478.465977][ T8039] FAULT_INJECTION: forcing a failure.
[  478.465977][ T8039] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  478.479407][ T8039] CPU: 0 UID: 0 PID: 8039 Comm: syz.1.303 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  478.479430][ T8039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  478.479441][ T8039] Call Trace:
[  478.479448][ T8039]  <TASK>
[  478.479455][ T8039]  dump_stack_lvl+0x189/0x250
[  478.479484][ T8039]  ? __pfx_dump_stack_lvl+0x10/0x10
[  478.479506][ T8039]  ? __pfx__printk+0x10/0x10
[  478.479543][ T8039]  should_fail_ex+0x414/0x560
[  478.479573][ T8039]  _copy_to_user+0x31/0xb0
[  478.479595][ T8039]  sctp_getsockopt_primary_addr+0x456/0x5a0
[  478.479621][ T8039]  ? __pfx_sctp_getsockopt_primary_addr+0x10/0x10
[  478.479663][ T8039]  ? sctp_getsockopt+0x905/0xb60
[  478.479692][ T8039]  sctp_getsockopt+0x916/0xb60
[  478.479717][ T8039]  do_sock_getsockopt+0x35d/0x650
[  478.479740][ T8039]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  478.479759][ T8039]  ? do_syscall_64+0x40/0x210
[  478.479778][ T8039]  ? __fget_files+0x2a/0x420
[  478.479800][ T8039]  ? __fget_files+0x3a0/0x420
[  478.479820][ T8039]  ? __fget_files+0x2a/0x420
[  478.479850][ T8039]  __x64_sys_getsockopt+0x1a5/0x250
[  478.479868][ T8039]  ? do_syscall_64+0x40/0x210
[  478.479887][ T8039]  ? do_syscall_64+0x40/0x210
[  478.479910][ T8039]  do_syscall_64+0xf6/0x210
[  478.479928][ T8039]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  478.479943][ T8039]  ? clear_bhb_loop+0x45/0xa0
[  478.479964][ T8039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  478.479980][ T8039] RIP: 0033:0x7f21c998e969
[  478.479994][ T8039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  478.480009][ T8039] RSP: 002b:00007f21ca75f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  478.480027][ T8039] RAX: ffffffffffffffda RBX: 00007f21c9bb6160 RCX: 00007f21c998e969
[  478.480039][ T8039] RDX: 0000000000000006 RSI: 0000000000000084 RDI: 0000000000000005
[  478.480049][ T8039] RBP: 00007f21ca75f090 R08: 00002000000000c0 R09: 0000000000000000
[  478.480060][ T8039] R10: 0000200000000340 R11: 0000000000000246 R12: 0000000000000001
[  478.480070][ T8039] R13: 0000000000000000 R14: 00007f21c9bb6160 R15: 00007ffe974a4158
[  478.480099][ T8039]  </TASK>
[  478.848119][ T5980] usb 1-1: new full-speed USB device number 18 using dummy_hcd
[  479.035805][ T5980] usb 1-1: config 0 has an invalid interface number: 124 but max is 0
[  479.189147][ T5980] usb 1-1: config 0 has no interface number 0
[  479.196131][ T5917] usb 5-1: USB disconnect, device number 15
[  479.215925][ T5980] usb 1-1: config 0 interface 124 has no altsetting 0
[  479.221984][ T8048] all: renamed from bridge_slave_0 (while UP)
[  479.277401][ T5980] usb 1-1: New USB device found, idVendor=05f9, idProduct=ffff, bcdDevice=a2.2a
[  479.332526][ T5980] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  479.359219][ T5980] usb 1-1: Product: syz
[  479.373494][ T5980] usb 1-1: Manufacturer: syz
[  479.380564][ T5980] usb 1-1: SerialNumber: syz
[  479.410047][ T5980] usb 1-1: config 0 descriptor??
[  479.622389][ T8035] sctp: [Deprecated]: syz.0.302 (pid 8035) Use of struct sctp_assoc_value in delayed_ack socket option.
[  479.622389][ T8035] Use struct sctp_sack_info instead
[  479.824600][ T5946] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  480.397679][ T5946] usb 5-1: Using ep0 maxpacket: 16
[  480.834678][ T5946] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  480.950464][ T5946] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  480.992152][ T5946] usb 5-1: Product: syz
[  481.008588][ T8064] netlink: '+}[@': attribute type 1 has an invalid length.
[  481.014943][ T5946] usb 5-1: Manufacturer: syz
[  481.031192][ T5946] usb 5-1: SerialNumber: syz
[  481.070782][ T5946] usb 5-1: config 0 descriptor??
[  481.095534][ T8066] netlink: 8 bytes leftover after parsing attributes in process `syz.1.311'.
[  481.113123][ T8064] 8021q: adding VLAN 0 to HW filter on device bond1
[  481.249937][ T8067] vlan2: entered allmulticast mode
[  481.276509][ T8067] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  481.369608][ T8056] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  481.378742][ T8067] bond1: (slave vlan2): making interface the new active one
[  481.414399][ T8056] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  481.444366][ T8067] bond1: (slave vlan2): Enslaving as an active interface with an up link
[  481.494076][ T8056] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  481.503971][ T8056] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  481.537278][ T8056] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  481.556978][ T8056] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  481.684137][ T5980] usbserial_generic 1-1:0.124: The "generic" usb-serial driver is only for testing and one-off prototypes.
[  481.770623][ T5980] usbserial_generic 1-1:0.124: Tell linux-usb@vger.kernel.org to add your device to a proper driver.
[  482.002580][ T5980] usbserial_generic 1-1:0.124: device has no bulk endpoints
[  482.267634][ T5980] usb 1-1: USB disconnect, device number 18
[  482.324382][ T5946] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  482.361662][ T5988] usb 5-1: USB disconnect, device number 16
[  482.603332][ T5946] usb 3-1: Using ep0 maxpacket: 16
[  482.607103][ T5946] usb 3-1: config 0 interface 0 has no altsetting 0
[  482.607139][ T5946] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  482.607160][ T5946] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.852413][ T5946] usb 3-1: config 0 descriptor??
[  484.135376][ T5878] Bluetooth: hci1: unexpected cc 0x203e length: 2 > 1
[  484.142616][ T5878] Bluetooth: hci1: unexpected event for opcode 0x203e
[  484.219694][ T8086] ..
@ÿ: renamed from bond_slave_0 (while UP)
[  484.320145][ T8083] tipc: Started in network mode
[  484.325507][ T8083] tipc: Node identity fe800000000000000000000000000013, cluster identity 4711
[  484.338098][ T8083] tipc: Enabled bearer <udp:syz0>, priority 10
[  484.917655][ T8091] netlink: 'syz.3.319': attribute type 33 has an invalid length.
[  485.228314][ T8102] fuse: Unknown parameter 'group_i00000000000000000000'
[  485.238456][ T8102] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  485.453637][  T976] tipc: Node number set to 4269801491
[  486.116694][ T8107] fuse: Unknown parameter 'grou00000000000000000000'
[  486.123863][ T5946] usbhid 3-1:0.0: can't add hid device: -71
[  486.125956][ T8107] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  486.131167][ T5946] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  486.221256][ T5946] usb 3-1: USB disconnect, device number 16
[  486.610304][ T8117] netlink: 'syz.2.325': attribute type 10 has an invalid length.
[  486.642434][ T8117] netlink: 40 bytes leftover after parsing attributes in process `syz.2.325'.
[  486.680586][ T8117] batadv0: entered promiscuous mode
[  486.723421][ T8117] batadv0: entered allmulticast mode
[  486.729440][ T8117] bridge0: port 3(batadv0) entered blocking state
[  486.794668][  T976] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  486.807169][ T8117] bridge0: port 3(batadv0) entered disabled state
[  486.842603][ T8121] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  486.886524][ T5937] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  486.896660][ T5937] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  486.938068][ T8123] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  486.983267][ T5841] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  487.018328][ T8123] netlink: 8 bytes leftover after parsing attributes in process `syz.3.327'.
[  487.193326][  T976] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  487.217483][ T5841] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  487.236775][ T5841] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  487.261049][ T5841] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  487.271270][  T976] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  487.291237][  T976] usb 1-1: config 0 descriptor??
[  487.391683][ T5841] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  487.422116][ T5841] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  487.460797][ T5841] usb 2-1: config 0 descriptor??
[  487.517757][ T8112] overlayfs: workdir and upperdir must reside under the same mount
[  487.900701][ T5841] usbhid 2-1:0.0: can't add hid device: -71
[  487.923303][ T5946] usb 4-1: new full-speed USB device number 16 using dummy_hcd
[  487.933086][ T5841] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  487.950283][ T5841] usb 2-1: USB disconnect, device number 12
[  488.013447][ T5914] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  488.101389][ T5946] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  488.118404][ T5946] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  488.145448][ T5946] usb 4-1: config 0 descriptor??
[  488.165595][ T5946] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  488.196386][ T5914] usb 3-1: Using ep0 maxpacket: 16
[  488.214347][ T5914] usb 3-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  488.230642][ T5914] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  488.239304][ T5914] usb 3-1: Product: syz
[  488.248850][ T5914] usb 3-1: Manufacturer: syz
[  488.254091][ T5914] usb 3-1: SerialNumber: syz
[  488.274143][ T5914] usb 3-1: config 0 descriptor??
[  488.370227][ T5946] gp8psk: usb in 128 operation failed.
[  488.512616][ T8135] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  488.563692][ T8135] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  488.580488][ T5946] gp8psk: FW Version = 83.163.51 (0x53a333)  Build 2195/81/104
[  488.615476][ T8135] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  488.630613][ T8135] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  488.657843][  T976] usb 1-1: USB disconnect, device number 19
[  488.662845][ T8135] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  488.698785][ T8135] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  488.769615][ T5914] usb 3-1: USB disconnect, device number 17
[  488.797340][ T8133] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  488.814331][ T8133] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  489.862626][ T8154] fuse: Unknown parameter 'group_i00000000000000000000'
[  489.875243][ T8154] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  490.685461][ T5946] gp8psk: usb in 149 operation failed.
[  490.690975][ T5946] gp8psk: failed to get FPGA version
[  490.708149][ T5946] gp8psk: usb in 138 operation failed.
[  490.718900][ T5946] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  490.733268][ T5946] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  490.803814][ T5980] usb 4-1: USB disconnect, device number 16
[  491.504707][ T5916] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  492.083759][ T5916] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  492.143256][ T5916] usb 1-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  492.189905][ T5916] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  492.209126][ T5916] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  492.590691][ T8190] overlayfs: fs on './file0' does not support file handles, falling back to xino=off.
[  493.383316][ T5916] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  493.464459][ T5980] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  493.543582][ T5916] usb 5-1: Using ep0 maxpacket: 16
[  493.591501][ T5916] usb 5-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  493.613482][ T5916] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  493.621488][ T5916] usb 5-1: Product: syz
[  493.635444][ T5916] usb 5-1: Manufacturer: syz
[  493.640255][ T5916] usb 5-1: SerialNumber: syz
[  494.244097][ T5980] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  494.253184][ T5980] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  494.314754][ T5980] usb 4-1: config 0 descriptor??
[  494.326710][ T5916] usb 5-1: config 0 descriptor??
[  494.345646][ T5917] usb 1-1: USB disconnect, device number 20
[  494.448106][ T5916] as10x_usb: device has been detected
[  494.467615][ T5916] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  494.540118][ T5916] usb 5-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  494.592795][ T5916] as10x_usb: error during firmware upload part1
[  494.596365][ T8196] random: crng reseeded on system resumption
[  494.605253][ T8197] overlayfs: workdir and upperdir must reside under the same mount
[  495.023962][ T5916] Registered device Sky IT Digital Key (green led)
[  495.045746][ T5946] IPVS: starting estimator thread 0...
[  495.153645][ T8212] IPVS: using max 29 ests per chain, 69600 per kthread
[  495.217584][ T8218] fuse: Bad value for 'fd'
[  496.215123][ T5988] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  496.531482][ T5988] usb 3-1: Using ep0 maxpacket: 8
[  496.631242][ T5988] usb 3-1: New USB device found, idVendor=0abf, idProduct=3370, bcdDevice= 3.0e
[  496.678440][ T5988] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  496.854315][ T5988] usb 3-1: config 0 descriptor??
[  498.482776][ T5915] usb 3-1: USB disconnect, device number 18
[  498.506390][ T5988] usb 5-1: USB disconnect, device number 17
[  499.147839][ T8227] FAULT_INJECTION: forcing a failure.
[  499.147839][ T8227] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  499.157214][ T5917] usb 4-1: USB disconnect, device number 17
[  499.167002][ T8227] CPU: 0 UID: 0 PID: 8227 Comm: syz.1.354 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  499.167023][ T8227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  499.167033][ T8227] Call Trace:
[  499.167039][ T8227]  <TASK>
[  499.167045][ T8227]  dump_stack_lvl+0x189/0x250
[  499.167068][ T8227]  ? __lock_acquire+0xaac/0xd20
[  499.167089][ T8227]  ? __pfx_dump_stack_lvl+0x10/0x10
[  499.167108][ T8227]  ? __pfx__printk+0x10/0x10
[  499.167128][ T8227]  ? __might_fault+0xb0/0x130
[  499.167162][ T8227]  should_fail_ex+0x414/0x560
[  499.167190][ T8227]  _copy_from_user+0x2d/0xb0
[  499.167211][ T8227]  memdup_user+0x5e/0xd0
[  499.167231][ T8227]  strndup_user+0x68/0xd0
[  499.167250][ T8227]  __se_sys_request_key+0x12b/0x340
[  499.167266][ T8227]  ? lockdep_hardirqs_on+0x9c/0x150
[  499.167286][ T8227]  ? __pfx___se_sys_request_key+0x10/0x10
[  499.167315][ T8227]  do_syscall_64+0xf6/0x210
[  499.167334][ T8227]  ? asm_sysvec_call_function_single+0x1a/0x20
[  499.167359][ T8227]  ? clear_bhb_loop+0x45/0xa0
[  499.167378][ T8227]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.167394][ T8227] RIP: 0033:0x7f21c998e969
[  499.167409][ T8227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  499.167423][ T8227] RSP: 002b:00007f21ca75f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  499.167440][ T8227] RAX: ffffffffffffffda RBX: 00007f21c9bb6160 RCX: 00007f21c998e969
[  499.167452][ T8227] RDX: 00002000000002c0 RSI: 0000200000000280 RDI: 00002000000013c0
[  499.167464][ T8227] RBP: 00007f21ca75f090 R08: 0000000000000000 R09: 0000000000000000
[  499.167474][ T8227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  499.167484][ T8227] R13: 0000000000000000 R14: 00007f21c9bb6160 R15: 00007ffe974a4158
[  499.167511][ T8227]  </TASK>
[  499.355226][    C0] vkms_vblank_simulate: vblank timer overrun
[  499.705360][ T5988] Unregistered device Sky IT Digital Key (green led)
[  499.706858][ T5988] as10x_usb: device has been disconnected
[  500.033775][ T5915] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  500.646175][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  501.368096][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  501.378345][ T5915] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  501.408083][ T5915] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.420278][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  501.427123][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  501.428040][ T5915] usb 3-1: config 0 descriptor??
[  501.819354][ T5878] Bluetooth: min 0 < 6
[  502.359829][ T5915] cp2112 0003:10C4:EA90.0002: unknown main item tag 0x0
[  502.361039][ T8257] xt_socket: unknown flags 0x8
[  502.476353][ T5915] cp2112 0003:10C4:EA90.0002: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0
[  502.575335][ T5915] cp2112 0003:10C4:EA90.0002: Part Number: 0x82 Device Version: 0xFE
[  502.783415][ T5915] cp2112 0003:10C4:EA90.0002: error requesting SMBus config
[  502.847461][ T5915] cp2112 0003:10C4:EA90.0002: probe with driver cp2112 failed with error -71
[  502.960931][ T5915] usb 3-1: USB disconnect, device number 19
[  504.803320][ T5878] Bluetooth: hci3: command 0x0406 tx timeout
[  506.981007][ T8300] netlink: 'syz.4.373': attribute type 4 has an invalid length.
[  507.023975][ T8300] netlink: 20 bytes leftover after parsing attributes in process `syz.4.373'.
[  507.200390][ T8300] bridge0: port 3(batadv0) entered disabled state
[  507.580507][ T5841] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  507.788995][ T8300] bridge_slave_1: left allmulticast mode
[  507.840933][ T8300] bridge_slave_1: left promiscuous mode
[  507.871372][ T8300] bridge0: port 2(bridge_slave_1) entered disabled state
[  507.923668][ T5841] usb 1-1: Using ep0 maxpacket: 8
[  507.933692][ T5841] usb 1-1: unable to get BOS descriptor or descriptor too short
[  507.946390][ T8300] bridge_slave_0: left allmulticast mode
[  507.964304][ T5841] usb 1-1: unable to read config index 0 descriptor/start: -71
[  507.971891][ T5841] usb 1-1: can't read configurations, error -71
[  507.978663][ T8300] bridge_slave_0: left promiscuous mode
[  507.995054][ T8300] bridge0: port 1(bridge_slave_0) entered disabled state
[  509.010385][ T8319] FAULT_INJECTION: forcing a failure.
[  509.010385][ T8319] name failslab, interval 1, probability 0, space 0, times 0
[  509.068193][ T8319] CPU: 1 UID: 0 PID: 8319 Comm: syz.2.380 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  509.068218][ T8319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  509.068229][ T8319] Call Trace:
[  509.068235][ T8319]  <TASK>
[  509.068242][ T8319]  dump_stack_lvl+0x189/0x250
[  509.068270][ T8319]  ? __pfx_dump_stack_lvl+0x10/0x10
[  509.068290][ T8319]  ? __pfx__printk+0x10/0x10
[  509.068318][ T8319]  ? __pfx___might_resched+0x10/0x10
[  509.068352][ T8319]  should_fail_ex+0x414/0x560
[  509.068379][ T8319]  should_failslab+0xa8/0x100
[  509.068404][ T8319]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  509.068426][ T8319]  ? security_capable+0x7e/0x2e0
[  509.068441][ T8319]  ? __alloc_skb+0x112/0x2d0
[  509.068462][ T8319]  __alloc_skb+0x112/0x2d0
[  509.068484][ T8319]  netlink_sendmsg+0x5c6/0xb30
[  509.068501][ T8319]  ? is_bpf_text_address+0x26/0x2b0
[  509.068527][ T8319]  ? __pfx_netlink_sendmsg+0x10/0x10
[  509.068550][ T8319]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  509.068567][ T8319]  ? __pfx_netlink_sendmsg+0x10/0x10
[  509.068583][ T8319]  __sock_sendmsg+0x219/0x270
[  509.068608][ T8319]  ____sys_sendmsg+0x505/0x830
[  509.068632][ T8319]  ? __pfx_____sys_sendmsg+0x10/0x10
[  509.068659][ T8319]  ? import_iovec+0x74/0xa0
[  509.068680][ T8319]  ___sys_sendmsg+0x21f/0x2a0
[  509.068701][ T8319]  ? __pfx____sys_sendmsg+0x10/0x10
[  509.068751][ T8319]  ? __fget_files+0x2a/0x420
[  509.068776][ T8319]  ? __fget_files+0x3a0/0x420
[  509.068808][ T8319]  __x64_sys_sendmsg+0x19b/0x260
[  509.068829][ T8319]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  509.068864][ T8319]  ? do_syscall_64+0xba/0x210
[  509.068885][ T8319]  do_syscall_64+0xf6/0x210
[  509.068904][ T8319]  ? clear_bhb_loop+0x45/0xa0
[  509.068922][ T8319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.068937][ T8319] RIP: 0033:0x7f7ed978e969
[  509.068952][ T8319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  509.068967][ T8319] RSP: 002b:00007f7eda50f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  509.068984][ T8319] RAX: ffffffffffffffda RBX: 00007f7ed99b5fa0 RCX: 00007f7ed978e969
[  509.068996][ T8319] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  509.069007][ T8319] RBP: 00007f7eda50f090 R08: 0000000000000000 R09: 0000000000000000
[  509.069017][ T8319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  509.069027][ T8319] R13: 0000000000000000 R14: 00007f7ed99b5fa0 R15: 00007ffc5d89df48
[  509.069053][ T8319]  </TASK>
[  509.947487][ T8323] FAULT_INJECTION: forcing a failure.
[  509.947487][ T8323] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  510.126328][ T8323] CPU: 0 UID: 0 PID: 8323 Comm: syz.3.383 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  510.126354][ T8323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  510.126364][ T8323] Call Trace:
[  510.126371][ T8323]  <TASK>
[  510.126378][ T8323]  dump_stack_lvl+0x189/0x250
[  510.126407][ T8323]  ? __pfx_dump_stack_lvl+0x10/0x10
[  510.126428][ T8323]  ? __pfx__printk+0x10/0x10
[  510.126464][ T8323]  should_fail_ex+0x414/0x560
[  510.126493][ T8323]  _copy_to_user+0x31/0xb0
[  510.126515][ T8323]  put_timespec64+0xc0/0x120
[  510.126535][ T8323]  ? __pfx_put_timespec64+0x10/0x10
[  510.126564][ T8323]  poll_select_finish+0x484/0x5f0
[  510.126590][ T8323]  ? __pfx_poll_select_finish+0x10/0x10
[  510.126616][ T8323]  ? set_user_sigmask+0xc7/0x1b0
[  510.126638][ T8323]  ? __pfx_set_user_sigmask+0x10/0x10
[  510.126671][ T8323]  __se_sys_ppoll+0x213/0x260
[  510.126695][ T8323]  ? __pfx___se_sys_ppoll+0x10/0x10
[  510.126724][ T8323]  ? do_syscall_64+0xba/0x210
[  510.126741][ T8323]  ? __x64_sys_ppoll+0x20/0xc0
[  510.126764][ T8323]  do_syscall_64+0xf6/0x210
[  510.126782][ T8323]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  510.126798][ T8323]  ? clear_bhb_loop+0x45/0xa0
[  510.126818][ T8323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.126834][ T8323] RIP: 0033:0x7feb6038e969
[  510.126849][ T8323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  510.126864][ T8323] RSP: 002b:00007feb5e1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  510.126882][ T8323] RAX: ffffffffffffffda RBX: 00007feb605b5fa0 RCX: 00007feb6038e969
[  510.126894][ T8323] RDX: 0000200000000280 RSI: 0000000000000001 RDI: 0000200000000180
[  510.126905][ T8323] RBP: 00007feb5e1f6090 R08: 0000000000000000 R09: 0000000000000000
[  510.126915][ T8323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  510.126925][ T8323] R13: 0000000000000000 R14: 00007feb605b5fa0 R15: 00007ffd6e6811e8
[  510.126952][ T8323]  </TASK>
[  510.370612][   T30] kauditd_printk_skb: 32 callbacks suppressed
[  510.370626][   T30] audit: type=1326 audit(1746678274.987:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8327 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c998e969 code=0x7ffc0000
[  510.417736][   T30] audit: type=1326 audit(1746678275.027:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8327 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c998e969 code=0x7ffc0000
[  510.441776][   T30] audit: type=1326 audit(1746678275.027:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8327 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f21c998e969 code=0x7ffc0000
[  510.464686][   T30] audit: type=1326 audit(1746678275.027:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8327 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c998e969 code=0x7ffc0000
[  510.486411][   T30] audit: type=1326 audit(1746678275.027:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8327 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f21c998e969 code=0x7ffc0000
[  510.508936][   T30] audit: type=1326 audit(1746678275.027:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8327 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c998e969 code=0x7ffc0000
[  510.530613][   T30] audit: type=1326 audit(1746678275.027:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8327 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21c998e969 code=0x7ffc0000
[  510.553479][   T30] audit: type=1326 audit(1746678275.027:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8327 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c998e969 code=0x7ffc0000
[  510.576047][   T30] audit: type=1326 audit(1746678275.027:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8327 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21c998e969 code=0x7ffc0000
[  510.606475][   T30] audit: type=1326 audit(1746678275.027:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8327 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21c998e969 code=0x7ffc0000
[  511.180971][ T8340] netlink: 'syz.4.387': attribute type 4 has an invalid length.
[  511.225408][ T8340] netlink: 20 bytes leftover after parsing attributes in process `syz.4.387'.
[  512.309710][ T5878] Bluetooth: hci0: unexpected cc 0x203e length: 2 > 1
[  512.369482][ T8355] tipc: Started in network mode
[  512.374498][ T8355] tipc: Node identity fe800000000000000000000000000013, cluster identity 4711
[  512.383899][ T8355] tipc: Enabled bearer <udp:syz0>, priority 10
[  512.448668][ T5878] Bluetooth: hci0: unexpected event for opcode 0x203e
[  513.503521][ T5980] tipc: Node number set to 4269801491
[  513.524448][ T5915] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  513.725798][ T5915] usb 2-1: Using ep0 maxpacket: 16
[  513.729529][ T8377] FAULT_INJECTION: forcing a failure.
[  513.729529][ T8377] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  513.815162][ T5915] usb 2-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  513.832005][ T8377] CPU: 1 UID: 0 PID: 8377 Comm: syz.3.396 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  513.832029][ T8377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  513.832039][ T8377] Call Trace:
[  513.832047][ T8377]  <TASK>
[  513.832055][ T8377]  dump_stack_lvl+0x189/0x250
[  513.832083][ T8377]  ? __pfx_dump_stack_lvl+0x10/0x10
[  513.832104][ T8377]  ? __pfx__printk+0x10/0x10
[  513.832140][ T8377]  should_fail_ex+0x414/0x560
[  513.832171][ T8377]  _copy_to_user+0x31/0xb0
[  513.832192][ T8377]  simple_read_from_buffer+0xe1/0x170
[  513.832219][ T8377]  proc_fail_nth_read+0x1df/0x250
[  513.832238][ T8377]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  513.832258][ T8377]  ? rw_verify_area+0x258/0x650
[  513.832278][ T8377]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  513.832296][ T8377]  vfs_read+0x1fd/0x980
[  513.832323][ T8377]  ? __pfx___mutex_lock+0x10/0x10
[  513.832343][ T8377]  ? __pfx_vfs_read+0x10/0x10
[  513.832365][ T8377]  ? __fget_files+0x2a/0x420
[  513.832390][ T8377]  ? __fget_files+0x3a0/0x420
[  513.832409][ T8377]  ? __fget_files+0x2a/0x420
[  513.832437][ T8377]  ksys_read+0x145/0x250
[  513.832457][ T8377]  ? __pfx_ksys_read+0x10/0x10
[  513.832480][ T8377]  ? do_syscall_64+0xba/0x210
[  513.832501][ T8377]  do_syscall_64+0xf6/0x210
[  513.832520][ T8377]  ? clear_bhb_loop+0x45/0xa0
[  513.832541][ T8377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.832557][ T8377] RIP: 0033:0x7feb6038d37c
[  513.832572][ T8377] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  513.832585][ T8377] RSP: 002b:00007feb5e1f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  513.832603][ T8377] RAX: ffffffffffffffda RBX: 00007feb605b5fa0 RCX: 00007feb6038d37c
[  513.832615][ T8377] RDX: 000000000000000f RSI: 00007feb5e1f60a0 RDI: 0000000000000004
[  513.832626][ T8377] RBP: 00007feb5e1f6090 R08: 0000000000000000 R09: 0000000000000000
[  513.832637][ T8377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  513.832647][ T8377] R13: 0000000000000000 R14: 00007feb605b5fa0 R15: 00007ffd6e6811e8
[  513.832677][ T8377]  </TASK>
[  513.899208][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  513.900628][    C1] vkms_vblank_simulate: vblank timer overrun
[  513.913247][ T5915] usb 2-1: Product: syz
[  514.300972][ T8383] netlink: 8 bytes leftover after parsing attributes in process `syz.0.397'.
[  514.339069][ T8383] netlink: 28 bytes leftover after parsing attributes in process `syz.0.397'.
[  514.512745][ T5915] usb 2-1: Manufacturer: syz
[  514.517914][ T5915] usb 2-1: SerialNumber: syz
[  514.626431][ T5915] usb 2-1: config 0 descriptor??
[  514.902172][ T8385] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  515.044855][ T5915] as10x_usb: device has been detected
[  515.051519][ T5915] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  515.062081][ T8388] batadv_slave_1: entered promiscuous mode
[  515.355258][ T8361] random: crng reseeded on system resumption
[  516.025265][ T5915] usb 2-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  517.633522][ T5915] as10x_usb: error during firmware upload part1
[  517.640486][ T5915] Registered device Sky IT Digital Key (green led)
[  519.438693][ T5878] Bluetooth: hci2: unexpected cc 0x203e length: 2 > 1
[  519.452393][ T5878] Bluetooth: hci2: unexpected event for opcode 0x203e
[  519.622570][ T8410] netlink: 'syz.4.404': attribute type 4 has an invalid length.
[  519.622744][ T5915] usb 2-1: USB disconnect, device number 13
[  519.650228][ T5915] Unregistered device Sky IT Digital Key (green led)
[  519.652035][ T5915] as10x_usb: device has been disconnected
[  519.711832][ T8405] ..
@ÿ: renamed from bond_slave_0 (while UP)
[  519.722028][ T8406] tipc: Started in network mode
[  519.726989][ T8406] tipc: Node identity fe800000000000000000000000000013, cluster identity 4711
[  519.736529][ T8406] tipc: Enabled bearer <udp:syz0>, priority 10
[  519.816628][ T8410] netlink: 20 bytes leftover after parsing attributes in process `syz.4.404'.
[  520.013642][ T5914] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  520.510422][ T5914] usb 3-1: Using ep0 maxpacket: 8
[  520.657737][ T5914] usb 3-1: device descriptor read/all, error -71
[  520.991098][ T5916] tipc: Node number set to 4269801491
[  521.684051][   T30] kauditd_printk_skb: 26 callbacks suppressed
[  521.684067][   T30] audit: type=1326 audit(1746678285.567:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8425 comm="syz.2.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ed978e969 code=0x7ffc0000
[  521.753575][   T30] audit: type=1326 audit(1746678285.567:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8425 comm="syz.2.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ed978e969 code=0x7ffc0000
[  521.776047][   T30] audit: type=1326 audit(1746678285.567:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8425 comm="syz.2.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f7ed978e969 code=0x7ffc0000
[  521.798098][   T30] audit: type=1326 audit(1746678285.567:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8425 comm="syz.2.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ed978e969 code=0x7ffc0000
[  521.832767][   T30] audit: type=1326 audit(1746678285.577:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8425 comm="syz.2.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ed978e969 code=0x7ffc0000
[  521.907770][   T30] audit: type=1326 audit(1746678285.577:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8425 comm="syz.2.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7ed978e969 code=0x7ffc0000
[  521.933302][   T30] audit: type=1326 audit(1746678285.577:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8425 comm="syz.2.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ed978e969 code=0x7ffc0000
[  522.493317][   T30] audit: type=1326 audit(1746678285.577:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8425 comm="syz.2.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ed978e969 code=0x7ffc0000
[  522.958081][ T5878] Bluetooth: hci0: unexpected cc 0x203e length: 2 > 1
[  522.965633][ T5878] Bluetooth: hci0: unexpected event for opcode 0x203e
[  523.010782][ T8446] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  523.825930][ T8443] netlink: 'syz.4.417': attribute type 3 has an invalid length.
[  524.298583][ T5915] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  524.503632][ T5915] usb 2-1: Using ep0 maxpacket: 8
[  524.519772][ T5915] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  524.663686][ T5915] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  524.692455][ T5915] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  524.722297][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  524.735195][ T5915] usb 2-1: Product: syz
[  524.739387][ T5915] usb 2-1: Manufacturer: syz
[  524.759184][ T5915] usb 2-1: SerialNumber: syz
[  525.251723][ T5915] usb 2-1: cannot find UAC_HEADER
[  525.364467][ T5915] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[  525.388796][ T8471] ALSA: mixer_oss: invalid index 40000
[  525.438801][ T5915] usb 2-1: USB disconnect, device number 14
[  525.522668][ T7586] udevd[7586]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  526.978771][ T8498] fuse: Bad value for 'user_id'
[  526.984383][ T8498] fuse: Bad value for 'user_id'
[  526.992188][ T8498] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  527.877641][ T8503] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  527.895714][ T5878] Bluetooth: hci4: unexpected cc 0x203e length: 2 > 1
[  527.902692][ T5878] Bluetooth: hci4: unexpected event for opcode 0x203e
[  529.144723][ T5878] Bluetooth: hci4: unexpected event for opcode 0x0400
[  530.077121][ T8524] bridge0: port 2(bridge_slave_1) entered disabled state
[  530.084512][ T8524] bridge0: port 1(bridge_slave_0) entered disabled state
[  530.093685][ T8524] bridge0: entered allmulticast mode
[  530.548079][ T8530] netlink: 'syz.0.439': attribute type 1 has an invalid length.
[  530.993418][ T5915] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  531.063289][ T5988] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  531.154017][ T5915] usb 4-1: Using ep0 maxpacket: 8
[  531.168625][ T5915] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  531.194424][ T5915] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  531.203622][ T5988] usb 1-1: device descriptor read/64, error -71
[  531.377722][ T5915] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  531.403458][ T5915] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  531.455241][ T8544] netem: change failed
[  531.507048][ T5878] Bluetooth: hci4: unexpected cc 0x203e length: 2 > 1
[  531.514215][ T5878] Bluetooth: hci4: unexpected event for opcode 0x203e
[  531.580443][ T8546] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  531.909839][ T5988] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  531.926342][ T5915] usb 4-1: Product: syz
[  531.930542][ T5915] usb 4-1: Manufacturer: syz
[  531.936401][ T5915] usb 4-1: SerialNumber: syz
[  532.146641][ T5988] usb 1-1: device descriptor read/64, error -71
[  532.174585][ T5915] usb 4-1: cannot find UAC_HEADER
[  532.207363][ T5915] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22
[  532.233524][ T5981] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  532.241721][ T5915] usb 4-1: USB disconnect, device number 18
[  532.256823][ T5988] usb usb1-port1: attempt power cycle
[  532.316348][ T7586] udevd[7586]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  532.393419][ T5981] usb 2-1: Using ep0 maxpacket: 16
[  532.564361][ T5981] usb 2-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  532.575867][ T5981] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  532.583967][ T5981] usb 2-1: Product: syz
[  532.588159][ T5981] usb 2-1: Manufacturer: syz
[  532.592766][ T5981] usb 2-1: SerialNumber: syz
[  532.602365][ T5981] usb 2-1: config 0 descriptor??
[  532.613585][ T5988] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  532.623798][ T5981] as10x_usb: device has been detected
[  532.630130][ T5981] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  532.651953][ T5988] usb 1-1: device descriptor read/8, error -71
[  532.692593][ T5981] usb 2-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  532.722741][ T5981] as10x_usb: error during firmware upload part1
[  532.750104][ T5981] Registered device Sky IT Digital Key (green led)
[  532.868479][ T8549] random: crng reseeded on system resumption
[  532.905563][ T5988] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  532.960309][ T5988] usb 1-1: device descriptor read/8, error -71
[  534.323894][ T5988] usb usb1-port1: unable to enumerate USB device
[  536.071550][ T5878] Bluetooth: hci1: unexpected event for opcode 0x0400
[  537.674027][ T5988] usb 2-1: USB disconnect, device number 15
[  537.774966][ T8576] fuse: Bad value for 'user_id'
[  537.779989][ T8576] fuse: Bad value for 'user_id'
[  537.794691][ T8576] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  538.762160][ T5988] Unregistered device Sky IT Digital Key (green led)
[  538.771724][ T5988] as10x_usb: device has been disconnected
[  538.795558][ T8585] bridge_slave_1: left allmulticast mode
[  538.833946][ T8585] bridge_slave_1: left promiscuous mode
[  538.840009][ T8585] bridge0: port 2(bridge_slave_1) entered disabled state
[  539.445157][ T8585] bridge_slave_0: left allmulticast mode
[  539.451493][ T8585] bridge_slave_0: left promiscuous mode
[  539.459745][ T8585] bridge0: port 1(bridge_slave_0) entered disabled state
[  540.892785][ T8609] netlink: 24 bytes leftover after parsing attributes in process `syz.2.461'.
[  540.902714][ T5981] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  540.903273][ T5988] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  541.059220][ T5981] usb 4-1: Using ep0 maxpacket: 8
[  541.073092][ T5878] Bluetooth: hci4: unexpected event for opcode 0x0400
[  541.084757][ T5981] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  541.103208][ T5981] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  541.103654][ T5988] usb 2-1: Using ep0 maxpacket: 8
[  541.121041][ T5981] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  541.133241][ T5981] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  541.247745][ T5981] usb 4-1: Product: syz
[  541.251945][ T5981] usb 4-1: Manufacturer: syz
[  541.256602][ T5981] usb 4-1: SerialNumber: syz
[  541.273412][ T5988] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  541.987720][ T5988] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  542.019995][ T8617] netlink: 36 bytes leftover after parsing attributes in process `syz.4.463'.
[  542.052735][ T5988] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  542.076308][ T5988] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  542.111255][ T8617] Bluetooth: hci0: load_link_keys: too big key_count value 49152
[  542.114480][ T8619] netlink: 4 bytes leftover after parsing attributes in process `syz.2.464'.
[  542.129967][ T5988] usb 2-1: Product: syz
[  542.138544][ T5988] usb 2-1: Manufacturer: syz
[  542.145699][ T5988] usb 2-1: SerialNumber: syz
[  542.428344][ T8628] FAULT_INJECTION: forcing a failure.
[  542.428344][ T8628] name failslab, interval 1, probability 0, space 0, times 0
[  542.442746][ T8628] CPU: 0 UID: 0 PID: 8628 Comm: syz.2.467 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  542.442770][ T8628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  542.442779][ T8628] Call Trace:
[  542.442785][ T8628]  <TASK>
[  542.442791][ T8628]  dump_stack_lvl+0x189/0x250
[  542.442819][ T8628]  ? __pfx_dump_stack_lvl+0x10/0x10
[  542.442838][ T8628]  ? __pfx__printk+0x10/0x10
[  542.442860][ T8628]  ? __pfx___might_resched+0x10/0x10
[  542.442881][ T8628]  ? fs_reclaim_acquire+0x7d/0x100
[  542.442901][ T8628]  should_fail_ex+0x414/0x560
[  542.442929][ T8628]  should_failslab+0xa8/0x100
[  542.442951][ T8628]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[  542.442973][ T8628]  ? __kmalloc_cache_noprof+0x230/0x3d0
[  542.442993][ T8628]  ? v9fs_session_init+0xaf/0x19a0
[  542.443008][ T8628]  ? legacy_get_tree+0xfa/0x1a0
[  542.443020][ T8628]  ? vfs_get_tree+0x8f/0x2b0
[  542.443043][ T8628]  kstrdup+0x42/0x100
[  542.443061][ T8628]  v9fs_session_init+0xaf/0x19a0
[  542.443099][ T8628]  ? __pfx_v9fs_session_init+0x10/0x10
[  542.443120][ T8628]  ? v9fs_mount+0xb2/0xa10
[  542.443140][ T8628]  ? __kasan_kmalloc+0x93/0xb0
[  542.443163][ T8628]  ? v9fs_mount+0xb2/0xa10
[  542.443180][ T8628]  v9fs_mount+0xc8/0xa10
[  542.443198][ T8628]  ? __pfx_v9fs_mount+0x10/0x10
[  542.443212][ T8628]  ? rcu_is_watching+0x15/0xb0
[  542.443230][ T8628]  ? cap_capable+0x11f/0x460
[  542.443246][ T8628]  legacy_get_tree+0xfa/0x1a0
[  542.443257][ T8628]  ? __pfx_v9fs_mount+0x10/0x10
[  542.443274][ T8628]  vfs_get_tree+0x8f/0x2b0
[  542.443295][ T8628]  do_new_mount+0x24a/0xa40
[  542.443323][ T8628]  __se_sys_mount+0x317/0x410
[  542.443349][ T8628]  ? __pfx___se_sys_mount+0x10/0x10
[  542.443373][ T8628]  ? do_syscall_64+0xba/0x210
[  542.443390][ T8628]  ? __x64_sys_mount+0x20/0xc0
[  542.443413][ T8628]  do_syscall_64+0xf6/0x210
[  542.443431][ T8628]  ? clear_bhb_loop+0x45/0xa0
[  542.443451][ T8628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.443467][ T8628] RIP: 0033:0x7f7ed978e969
[  542.443481][ T8628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  542.443495][ T8628] RSP: 002b:00007f7eda50f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  542.443512][ T8628] RAX: ffffffffffffffda RBX: 00007f7ed99b5fa0 RCX: 00007f7ed978e969
[  542.443524][ T8628] RDX: 00002000000002c0 RSI: 0000200000000280 RDI: 0000200000000100
[  542.443536][ T8628] RBP: 00007f7eda50f090 R08: 0000200000000300 R09: 0000000000000000
[  542.443547][ T8628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  542.443556][ T8628] R13: 0000000000000000 R14: 00007f7ed99b5fa0 R15: 00007ffc5d89df48
[  542.443590][ T8628]  </TASK>
[  542.895192][ T5981] usb 4-1: cannot find UAC_HEADER
[  543.473587][ T5916] IPVS: starting estimator thread 0...
[  543.565888][ T5981] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22
[  543.585830][ T8634] IPVS: using max 30 ests per chain, 72000 per kthread
[  543.599138][ T5988] usb 2-1: cannot find UAC_HEADER
[  543.609818][ T5981] usb 4-1: USB disconnect, device number 19
[  543.669174][ T5988] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[  544.502529][ T5988] usb 2-1: USB disconnect, device number 16
[  544.593992][ T5916] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  544.758629][ T5916] usb 5-1: Using ep0 maxpacket: 16
[  544.807152][ T5916] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  544.913264][ T5916] usb 5-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[  545.004925][ T5916] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  545.382385][ T5860] udevd[5860]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  545.555926][   T56] Bluetooth: hci5: command 0xfc11 tx timeout
[  546.963407][ T5878] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  546.980636][ T8632] sp0: Synchronizing with TNC
[  547.331892][ T5916] usb 5-1: string descriptor 0 read error: -71
[  547.539798][ T5916] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  547.557386][ T8656] netlink: 40 bytes leftover after parsing attributes in process `syz.3.474'.
[  547.585731][ T5860] udevd[5860]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  547.632041][ T5916] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  547.663426][ T5916] usb 5-1: can't set config #1, error -71
[  547.673435][ T5916] usb 5-1: USB disconnect, device number 18
[  547.742538][ T8660] syz_tun: entered allmulticast mode
[  547.785057][ T8664] tmpfs: Group quota block hardlimit too large.
[  547.820024][ T8657] syz_tun: left allmulticast mode
[  547.855047][ T8666] FAULT_INJECTION: forcing a failure.
[  547.855047][ T8666] name failslab, interval 1, probability 0, space 0, times 0
[  547.893333][ T8666] CPU: 0 UID: 0 PID: 8666 Comm: syz.0.476 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  547.893355][ T8666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  547.893366][ T8666] Call Trace:
[  547.893373][ T8666]  <TASK>
[  547.893380][ T8666]  dump_stack_lvl+0x189/0x250
[  547.893409][ T8666]  ? __pfx_dump_stack_lvl+0x10/0x10
[  547.893430][ T8666]  ? __pfx__printk+0x10/0x10
[  547.893456][ T8666]  ? __pfx___might_resched+0x10/0x10
[  547.893479][ T8666]  ? fs_reclaim_acquire+0x7d/0x100
[  547.893501][ T8666]  should_fail_ex+0x414/0x560
[  547.893531][ T8666]  should_failslab+0xa8/0x100
[  547.893556][ T8666]  __kmalloc_noprof+0xcb/0x4f0
[  547.893577][ T8666]  ? tomoyo_encode+0x28b/0x550
[  547.893599][ T8666]  tomoyo_encode+0x28b/0x550
[  547.893622][ T8666]  tomoyo_realpath_from_path+0x58d/0x5d0
[  547.893643][ T8666]  ? tomoyo_domain+0xda/0x130
[  547.893667][ T8666]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  547.893683][ T8666]  tomoyo_path_number_perm+0x1e8/0x5a0
[  547.893702][ T8666]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  547.893732][ T8666]  ? __lock_acquire+0xaac/0xd20
[  547.893769][ T8666]  ? __fget_files+0x2a/0x420
[  547.893796][ T8666]  ? __fget_files+0x3a0/0x420
[  547.893815][ T8666]  ? __fget_files+0x2a/0x420
[  547.893840][ T8666]  security_file_ioctl+0xcb/0x2d0
[  547.893859][ T8666]  __se_sys_ioctl+0x47/0x170
[  547.893880][ T8666]  do_syscall_64+0xf6/0x210
[  547.893900][ T8666]  ? clear_bhb_loop+0x45/0xa0
[  547.893919][ T8666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.893935][ T8666] RIP: 0033:0x7f8565d8e969
[  547.893950][ T8666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  547.893964][ T8666] RSP: 002b:00007f8566cb1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  547.893982][ T8666] RAX: ffffffffffffffda RBX: 00007f8565fb6080 RCX: 00007f8565d8e969
[  547.893994][ T8666] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  547.894004][ T8666] RBP: 00007f8566cb1090 R08: 0000000000000000 R09: 0000000000000000
[  547.894014][ T8666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  547.894023][ T8666] R13: 0000000000000001 R14: 00007f8565fb6080 R15: 00007fff56103488
[  547.894051][ T8666]  </TASK>
[  547.896595][ T8666] ERROR: Out of memory at tomoyo_realpath_from_path.
[  548.583645][ T5917] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  548.927409][ T8685] FAULT_INJECTION: forcing a failure.
[  548.927409][ T8685] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  548.950277][ T5917] usb 5-1: Using ep0 maxpacket: 8
[  548.982178][ T5917] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  548.992473][ T8685] CPU: 1 UID: 0 PID: 8685 Comm: syz.2.482 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  548.992495][ T8685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  548.992505][ T8685] Call Trace:
[  548.992512][ T8685]  <TASK>
[  548.992519][ T8685]  dump_stack_lvl+0x189/0x250
[  548.992548][ T8685]  ? __pfx_dump_stack_lvl+0x10/0x10
[  548.992569][ T8685]  ? __pfx__printk+0x10/0x10
[  548.992605][ T8685]  should_fail_ex+0x414/0x560
[  548.992635][ T8685]  _copy_to_user+0x31/0xb0
[  548.992658][ T8685]  simple_read_from_buffer+0xe1/0x170
[  548.992686][ T8685]  proc_fail_nth_read+0x1df/0x250
[  548.992706][ T8685]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  548.992726][ T8685]  ? rw_verify_area+0x258/0x650
[  548.992745][ T8685]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  548.992763][ T8685]  vfs_read+0x1fd/0x980
[  548.992789][ T8685]  ? __pfx___mutex_lock+0x10/0x10
[  548.992809][ T8685]  ? __pfx_vfs_read+0x10/0x10
[  548.992831][ T8685]  ? __fget_files+0x2a/0x420
[  548.992858][ T8685]  ? __fget_files+0x3a0/0x420
[  548.992879][ T8685]  ? __fget_files+0x2a/0x420
[  548.992911][ T8685]  ksys_read+0x145/0x250
[  548.992929][ T8685]  ? rcu_is_watching+0x15/0xb0
[  548.992953][ T8685]  ? __pfx_ksys_read+0x10/0x10
[  548.992977][ T8685]  ? do_syscall_64+0xba/0x210
[  548.992999][ T8685]  do_syscall_64+0xf6/0x210
[  548.993018][ T8685]  ? clear_bhb_loop+0x45/0xa0
[  548.993038][ T8685]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.993053][ T8685] RIP: 0033:0x7f7ed978d37c
[  548.993068][ T8685] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  548.993082][ T8685] RSP: 002b:00007f7eda50f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  548.993099][ T8685] RAX: ffffffffffffffda RBX: 00007f7ed99b5fa0 RCX: 00007f7ed978d37c
[  548.993112][ T8685] RDX: 000000000000000f RSI: 00007f7eda50f0a0 RDI: 0000000000000005
[  548.993122][ T8685] RBP: 00007f7eda50f090 R08: 0000000000000000 R09: 0000000000000000
[  548.993132][ T8685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  548.993141][ T8685] R13: 0000000000000000 R14: 00007f7ed99b5fa0 R15: 00007ffc5d89df48
[  548.993170][ T8685]  </TASK>
[  549.208288][ T5917] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  549.274868][ T5917] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  549.286574][ T5917] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.295105][ T5917] usb 5-1: Product: syz
[  549.299292][ T5917] usb 5-1: Manufacturer: syz
[  549.303966][ T5917] usb 5-1: SerialNumber: syz
[  549.353281][ T5915] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  550.987590][ T5917] usb 5-1: cannot find UAC_HEADER
[  551.499835][ T5915] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  551.511446][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  551.735407][ T5915] usb 2-1: Product: syz
[  551.742476][ T5915] usb 2-1: Manufacturer: syz
[  551.844758][ T5915] usb 2-1: SerialNumber: syz
[  551.866887][ T5917] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[  551.869453][ T5915] usb 2-1: config 0 descriptor??
[  552.016011][ T5915] usb 2-1: can't set config #0, error -71
[  552.016331][ T5917] usb 5-1: USB disconnect, device number 19
[  552.109320][ T5915] usb 2-1: USB disconnect, device number 17
[  552.117113][ T5860] udevd[5860]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  554.093247][ T5916] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  554.609663][ T5917] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  555.833118][ T5916] usb 4-1: Using ep0 maxpacket: 16
[  556.663254][ T5917] usb 1-1: Using ep0 maxpacket: 16
[  556.854601][ T5917] usb 1-1: unable to read config index 0 descriptor/start: -71
[  556.862747][ T5917] usb 1-1: can't read configurations, error -71
[  556.935567][ T5916] usb 4-1: string descriptor 0 read error: -71
[  556.952999][ T5916] usb 4-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  557.145273][ T5916] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  557.168208][ T5916] usb 4-1: config 0 descriptor??
[  557.188721][ T5916] usb 4-1: can't set config #0, error -71
[  557.215573][ T8748] 9pnet_fd: Insufficient options for proto=fd
[  557.218698][ T5916] usb 4-1: USB disconnect, device number 20
[  557.468417][ T8755] 9pnet_fd: Insufficient options for proto=fd
[  557.537075][ T8757] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  557.557152][ T8757] batman_adv: batadv0: Removing interface: batadv_slave_0
[  557.623914][ T5916] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  557.783358][ T5916] usb 4-1: Using ep0 maxpacket: 8
[  557.815059][ T5916] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  557.886979][ T5916] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  558.270210][ T5916] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  558.313227][ T5916] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  558.341975][ T5916] usb 4-1: Product: syz
[  558.354352][ T5916] usb 4-1: Manufacturer: syz
[  558.376816][ T5916] usb 4-1: SerialNumber: syz
[  558.614187][ T5916] usb 4-1: cannot find UAC_HEADER
[  558.871159][ T5876] Bluetooth: hci3: unexpected cc 0x203e length: 2 > 1
[  558.878167][ T5876] Bluetooth: hci3: unexpected event for opcode 0x203e
[  558.948193][ T8775] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  559.233297][ T5876] Bluetooth: hci4: command 0x0406 tx timeout
[  559.688055][ T5916] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22
[  559.733714][ T5916] usb 4-1: USB disconnect, device number 21
[  559.750030][   T30] audit: type=1326 audit(1746678324.357:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8770 comm="syz.1.504" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f21c998e969 code=0x0
[  560.304474][ T8783] netlink: 'syz.1.504': attribute type 4 has an invalid length.
[  560.312364][ T8783] netlink: 17 bytes leftover after parsing attributes in process `syz.1.504'.
[  560.440963][ T7586] udevd[7586]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  560.763363][ T5915] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  561.113234][ T5915] usb 4-1: Using ep0 maxpacket: 16
[  561.153240][ T5915] usb 4-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  561.162303][ T5915] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  561.203252][ T5915] usb 4-1: Product: syz
[  561.212433][ T5915] usb 4-1: Manufacturer: syz
[  561.240606][ T5915] usb 4-1: SerialNumber: syz
[  561.276675][ T5915] usb 4-1: config 0 descriptor??
[  561.310332][ T5915] as10x_usb: device has been detected
[  561.334040][ T5915] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  561.392438][ T5915] usb 4-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  561.526244][ T8784] random: crng reseeded on system resumption
[  562.837338][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  562.843864][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  564.088089][ T5915] as10x_usb: error during firmware upload part1
[  564.187159][ T5915] Registered device Sky IT Digital Key (green led)
[  564.202649][ T5915] usb 4-1: USB disconnect, device number 22
[  564.308688][ T8809] x_tables: ip6_tables: NETMAP.0 target: invalid size 40 (kernel) != (user) 0
[  564.349884][ T5915] Unregistered device Sky IT Digital Key (green led)
[  564.369416][ T5915] as10x_usb: device has been disconnected
[  564.408893][ T8814] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  564.415578][ T8814] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  564.857170][ T8814] vhci_hcd vhci_hcd.0: Device attached
[  564.990304][ T8815] vhci_hcd: connection closed
[  564.991858][   T54] vhci_hcd: stop threads
[  565.001650][   T54] vhci_hcd: release socket
[  565.007947][   T54] vhci_hcd: disconnect device
[  565.027121][ T5917] vhci_hcd: vhci_device speed not set
[  565.059586][ T8823] netlink: 'syz.2.519': attribute type 4 has an invalid length.
[  565.069427][ T8823] netlink: 20 bytes leftover after parsing attributes in process `syz.2.519'.
[  565.093244][ T8823] bridge0: port 3(batadv0) entered disabled state
[  565.102307][ T8823] bridge_slave_1: left allmulticast mode
[  565.109191][ T8823] bridge_slave_1: left promiscuous mode
[  565.119589][ T5914] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  565.135234][ T8823] bridge0: port 2(bridge_slave_1) entered disabled state
[  565.193301][ T8823] bridge_slave_0: left allmulticast mode
[  565.200333][ T8823] bridge_slave_0: left promiscuous mode
[  565.212498][ T8823] bridge0: port 1(bridge_slave_0) entered disabled state
[  565.344886][ T5914] usb 5-1: Using ep0 maxpacket: 8
[  565.463568][ T5914] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  565.476825][ T5914] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  565.633174][ T5914] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  565.643595][ T5914] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  565.651602][ T5914] usb 5-1: Product: syz
[  565.699580][ T5914] usb 5-1: Manufacturer: syz
[  565.706132][ T5914] usb 5-1: SerialNumber: syz
[  565.996317][   T30] audit: type=1326 audit(1746678330.387:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8829 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8565d8e969 code=0x7ffc0000
[  566.605087][   T30] audit: type=1326 audit(1746678330.387:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8829 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8565d8e969 code=0x7ffc0000
[  566.627156][   T30] audit: type=1326 audit(1746678330.387:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8829 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8565d8e969 code=0x7ffc0000
[  566.648803][   T30] audit: type=1326 audit(1746678330.387:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8829 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8565d8e969 code=0x7ffc0000
[  566.671615][   T30] audit: type=1326 audit(1746678330.387:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8829 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8565d8e969 code=0x7ffc0000
[  566.754323][   T30] audit: type=1326 audit(1746678330.387:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8829 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8565d8e969 code=0x7ffc0000
[  566.878289][ T5914] usb 5-1: cannot find UAC_HEADER
[  566.911360][   T30] audit: type=1326 audit(1746678330.387:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8829 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8565d8e969 code=0x7ffc0000
[  566.961129][   T30] audit: type=1326 audit(1746678330.397:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8829 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7f8565d8e969 code=0x7ffc0000
[  566.988260][ T5914] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[  567.003701][ T5914] usb 5-1: USB disconnect, device number 20
[  567.128547][   T30] audit: type=1326 audit(1746678330.397:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8829 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8565d8e969 code=0x7ffc0000
[  567.172479][ T7586] udevd[7586]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  567.180194][   T30] audit: type=1326 audit(1746678330.397:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8829 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f8565d8e969 code=0x7ffc0000
[  567.735732][ T8836] Can't find ip_set type hash:n
[  567.929135][ T5876] Bluetooth: hci0: unexpected event for opcode 0x0400
[  568.506845][ T8849] fuse: Unknown parameter 'fd0x0000000000000009'
[  568.534800][ T8849] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  569.963010][ T5806] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  570.004429][ T5988] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  570.086507][ T8865] netlink: 28 bytes leftover after parsing attributes in process `syz.2.529'.
[  570.233248][ T5988] usb 5-1: Using ep0 maxpacket: 16
[  570.839607][ T5806] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  570.944508][ T5806] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  571.140130][ T5988] usb 5-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  571.151402][ T5806] usb 2-1: config 0 descriptor??
[  571.159633][ T5988] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  571.189491][ T5806] cp210x 2-1:0.0: cp210x converter detected
[  571.195225][ T5988] usb 5-1: Product: syz
[  571.215905][ T5988] usb 5-1: Manufacturer: syz
[  571.226509][ T5988] usb 5-1: SerialNumber: syz
[  571.262975][ T5988] usb 5-1: config 0 descriptor??
[  571.288011][ T5988] as10x_usb: device has been detected
[  571.314602][ T5988] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  571.572159][ T8856] random: crng reseeded on system resumption
[  571.654459][ T5914] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  572.560531][ T8857] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  572.624645][ T8857] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  572.908324][ T5914] usb 4-1: Using ep0 maxpacket: 16
[  573.190066][ T5806] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32
[  573.456272][ T5806] cp210x 2-1:0.0: failed to get vendor val 0x370c size 73: -121
[  573.590901][ T5806] cp210x 2-1:0.0: GPIO initialisation failed: -121
[  573.956841][ T8878] netlink: 'syz.2.534': attribute type 4 has an invalid length.
[  574.001485][ T5988] usb 5-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  574.147441][ T8878] netlink: 20 bytes leftover after parsing attributes in process `syz.2.534'.
[  574.194794][ T5806] usb 2-1: cp210x converter now attached to ttyUSB0
[  574.235307][ T8880] loop2: detected capacity change from 0 to 7
[  574.516894][ T8880] Dev loop2: unable to read RDB block 7
[  574.631180][ T5806] usb 2-1: USB disconnect, device number 18
[  574.731526][ T8880]  loop2: AHDI p1 p2
[  574.930691][ T8880] loop2: partition table partially beyond EOD, truncated
[  574.939389][ T5914] usb 4-1: device descriptor read/all, error -71
[  575.052687][ T5806] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  575.247347][ T5806] cp210x 2-1:0.0: device disconnected
[  575.397167][ T5988] as10x_usb: error during firmware upload part1
[  575.413825][ T5988] Registered device Sky IT Digital Key (green led)
[  575.416008][ T5988] usb 5-1: USB disconnect, device number 21
[  575.533038][ T5988] Unregistered device Sky IT Digital Key (green led)
[  575.535369][ T5988] as10x_usb: device has been disconnected
[  575.708933][ T5876] Bluetooth: hci0: unexpected event for opcode 0x0400
[  576.623512][ T5917] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  577.110210][ T8918] netlink: 28 bytes leftover after parsing attributes in process `syz.3.541'.
[  577.126034][ T8918] netlink: 28 bytes leftover after parsing attributes in process `syz.3.541'.
[  577.543246][ T5917] usb 1-1: Using ep0 maxpacket: 8
[  577.549961][ T5917] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  577.597924][ T5917] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  577.618444][ T5917] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  577.741793][ T5917] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  577.754722][ T5917] usb 1-1: Product: syz
[  577.758913][ T5917] usb 1-1: Manufacturer: syz
[  577.765546][ T5917] usb 1-1: SerialNumber: syz
[  577.863602][ T5916] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  577.877027][ T8925] ieee802154 phy0 wpan0: encryption failed: -22
[  578.011072][ T5917] usb 1-1: cannot find UAC_HEADER
[  578.037843][ T5916] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 252, changing to 11
[  578.062741][ T5916] usb 2-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  578.074738][ T5917] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22
[  578.097499][ T5916] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  578.117652][ T5917] usb 1-1: USB disconnect, device number 29
[  578.187096][ T5916] usb 2-1: config 0 descriptor??
[  578.206405][ T5988] usb 5-1: new full-speed USB device number 22 using dummy_hcd
[  578.389302][ T7586] udevd[7586]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  578.444289][ T5988] usb 5-1: config 2 has an invalid interface number: 45 but max is 0
[  578.465493][ T5988] usb 5-1: config 2 has no interface number 0
[  578.489965][ T5988] usb 5-1: config 2 interface 45 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 10
[  578.511329][ T5988] usb 5-1: config 2 interface 45 altsetting 0 endpoint 0x1 has invalid maxpacket 255, setting to 64
[  578.557546][ T5988] usb 5-1: New USB device found, idVendor=0d46, idProduct=0078, bcdDevice=82.d2
[  578.576929][ T5988] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  578.593202][ T5988] usb 5-1: Product: syz
[  578.617930][ T5988] usb 5-1: Manufacturer: syz
[  578.622548][ T5988] usb 5-1: SerialNumber: syz
[  578.683769][ T8925] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  578.709403][ T5988] kobil_sct 5-1:2.45: KOBIL USB smart card terminal converter detected
[  578.730425][ T5916] glorious 0003:258A:0036.0003: hidraw0: USB HID v0.01 Device [Glorious Model O] on usb-dummy_hcd.1-1/input0
[  578.783427][ T5988] usb 5-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  578.826541][ T5916] usb 2-1: USB disconnect, device number 19
[  578.839437][ T8940] netlink: 'syz.1.547': attribute type 4 has an invalid length.
[  578.881783][ T8940] netlink: 20 bytes leftover after parsing attributes in process `syz.1.547'.
[  578.936502][ T8940] bridge_slave_1: left allmulticast mode
[  578.960006][ T8940] bridge_slave_1: left promiscuous mode
[  578.973181][ T8940] bridge0: port 2(bridge_slave_1) entered disabled state
[  579.144001][ T8940] bridge_slave_0: left allmulticast mode
[  579.148880][ T8944] fido_id[8944]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  579.165229][ T8940] bridge_slave_0: left promiscuous mode
[  579.182339][ T8940] bridge0: port 1(bridge_slave_0) entered disabled state
[  579.793294][ T5946] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  579.924411][ T8964] FAULT_INJECTION: forcing a failure.
[  579.924411][ T8964] name failslab, interval 1, probability 0, space 0, times 0
[  579.973439][ T5946] usb 1-1: Using ep0 maxpacket: 16
[  579.983211][ T8964] CPU: 0 UID: 0 PID: 8964 Comm: syz.2.551 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  579.983233][ T8964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  579.983244][ T8964] Call Trace:
[  579.983251][ T8964]  <TASK>
[  579.983258][ T8964]  dump_stack_lvl+0x189/0x250
[  579.983287][ T8964]  ? __pfx_dump_stack_lvl+0x10/0x10
[  579.983307][ T8964]  ? __pfx__printk+0x10/0x10
[  579.983332][ T8964]  ? __pfx___might_resched+0x10/0x10
[  579.983352][ T8964]  ? fs_reclaim_acquire+0x7d/0x100
[  579.983373][ T8964]  should_fail_ex+0x414/0x560
[  579.983401][ T8964]  should_failslab+0xa8/0x100
[  579.983426][ T8964]  __kmalloc_noprof+0xcb/0x4f0
[  579.983445][ T8964]  ? tomoyo_encode+0x28b/0x550
[  579.983467][ T8964]  tomoyo_encode+0x28b/0x550
[  579.983490][ T8964]  tomoyo_realpath_from_path+0x58d/0x5d0
[  579.983510][ T8964]  ? tomoyo_domain+0xda/0x130
[  579.983533][ T8964]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  579.983548][ T8964]  tomoyo_path_number_perm+0x1e8/0x5a0
[  579.983567][ T8964]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  579.983603][ T8964]  ? __lock_acquire+0xaac/0xd20
[  579.983642][ T8964]  ? __fget_files+0x2a/0x420
[  579.983669][ T8964]  ? __fget_files+0x3a0/0x420
[  579.983690][ T8964]  ? __fget_files+0x2a/0x420
[  579.983717][ T8964]  security_file_ioctl+0xcb/0x2d0
[  579.983737][ T8964]  __se_sys_ioctl+0x47/0x170
[  579.983759][ T8964]  do_syscall_64+0xf6/0x210
[  579.983779][ T8964]  ? clear_bhb_loop+0x45/0xa0
[  579.983800][ T8964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  579.983815][ T8964] RIP: 0033:0x7f7ed978e969
[  579.983830][ T8964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  579.983845][ T8964] RSP: 002b:00007f7ed75f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  579.983863][ T8964] RAX: ffffffffffffffda RBX: 00007f7ed99b6080 RCX: 00007f7ed978e969
[  579.983875][ T8964] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  579.983885][ T8964] RBP: 00007f7ed75f6090 R08: 0000000000000000 R09: 0000000000000000
[  579.983903][ T8964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  579.983913][ T8964] R13: 0000000000000001 R14: 00007f7ed99b6080 R15: 00007ffc5d89df48
[  579.983942][ T8964]  </TASK>
[  579.983960][ T8964] ERROR: Out of memory at tomoyo_realpath_from_path.
[  580.250978][ T5914] usb 5-1: USB disconnect, device number 22
[  580.261759][ T5914] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  580.275187][ T5946] usb 1-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  580.323247][ T5946] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  580.332144][ T5914] kobil_sct 5-1:2.45: device disconnected
[  580.377838][ T5946] usb 1-1: Product: syz
[  580.391159][ T5946] usb 1-1: Manufacturer: syz
[  580.417098][ T5946] usb 1-1: SerialNumber: syz
[  580.430905][ T5946] usb 1-1: config 0 descriptor??
[  580.459972][ T5946] as10x_usb: device has been detected
[  580.513929][ T5946] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  580.801267][ T8980] netlink: 28 bytes leftover after parsing attributes in process `syz.4.554'.
[  580.811182][ T8980] netlink: 28 bytes leftover after parsing attributes in process `syz.4.554'.
[  580.855385][ T8977] x_tables: duplicate underflow at hook 1
[  580.885427][ T8952] random: crng reseeded on system resumption
[  580.917569][ T8981] netlink: 4 bytes leftover after parsing attributes in process `syz.1.553'.
[  581.768334][ T5946] usb 1-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  582.349885][ T5917] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  582.728099][ T5917] usb 2-1: Using ep0 maxpacket: 32
[  583.952722][ T5917] usb 2-1: unable to get BOS descriptor or descriptor too short
[  584.000335][ T5946] as10x_usb: error during firmware upload part1
[  584.053417][ T5917] usb 2-1: unable to read config index 0 descriptor/start: -71
[  584.125569][ T5946] Registered device Sky IT Digital Key (green led)
[  584.152395][ T5946] usb 1-1: USB disconnect, device number 30
[  584.190638][ T5917] usb 2-1: can't read configurations, error -71
[  584.210875][ T5946] Unregistered device Sky IT Digital Key (green led)
[  584.228317][ T5946] as10x_usb: device has been disconnected
[  585.018892][ T8994] Can't find ip_set type hash:n
[  585.102300][ T9006] syz.2.559: attempt to access beyond end of device
[  585.102300][ T9006] nbd2: rw=0, sector=64, nr_sectors = 1 limit=0
[  585.881210][ T9010] netlink: 'syz.0.561': attribute type 4 has an invalid length.
[  585.903964][ T9006] syz.2.559: attempt to access beyond end of device
[  585.903964][ T9006] nbd2: rw=0, sector=256, nr_sectors = 1 limit=0
[  585.961580][ T9010] netlink: 20 bytes leftover after parsing attributes in process `syz.0.561'.
[  586.003222][ T9015] netlink: 20 bytes leftover after parsing attributes in process `syz.4.562'.
[  586.375843][ T9006] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  586.427077][ T9006] syz.2.559: attempt to access beyond end of device
[  586.427077][ T9006] nbd2: rw=0, sector=512, nr_sectors = 1 limit=0
[  586.514393][ T9006] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  586.547957][ T9006] syz.2.559: attempt to access beyond end of device
[  586.547957][ T9006] nbd2: rw=0, sector=64, nr_sectors = 2 limit=0
[  586.567269][ T9006] syz.2.559: attempt to access beyond end of device
[  586.567269][ T9006] nbd2: rw=0, sector=512, nr_sectors = 2 limit=0
[  586.581349][ T9006] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  586.652466][ T9018] netlink: 12 bytes leftover after parsing attributes in process `syz.4.564'.
[  586.782478][ T9006] syz.2.559: attempt to access beyond end of device
[  586.782478][ T9006] nbd2: rw=0, sector=1024, nr_sectors = 2 limit=0
[  586.800996][ T9006] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  586.828909][ T9006] syz.2.559: attempt to access beyond end of device
[  586.828909][ T9006] nbd2: rw=0, sector=64, nr_sectors = 4 limit=0
[  586.892109][ T9025] fuse: Bad value for 'rootmode'
[  586.902413][ T9025] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  587.333388][ T5914] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  587.613354][ T9006] syz.2.559: attempt to access beyond end of device
[  587.613354][ T9006] nbd2: rw=0, sector=1024, nr_sectors = 4 limit=0
[  587.647853][ T9006] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  587.668530][ T9006] syz.2.559: attempt to access beyond end of device
[  587.668530][ T9006] nbd2: rw=0, sector=2048, nr_sectors = 4 limit=0
[  587.703365][ T5914] usb 4-1: Using ep0 maxpacket: 8
[  587.719262][ T5914] usb 4-1: unable to get BOS descriptor or descriptor too short
[  587.734923][ T9006] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  587.744459][ T5914] usb 4-1: no configurations
[  587.744475][ T5914] usb 4-1: can't read configurations, error -22
[  587.765237][ T9030] FAULT_INJECTION: forcing a failure.
[  587.765237][ T9030] name failslab, interval 1, probability 0, space 0, times 0
[  587.793786][ T9030] CPU: 1 UID: 0 PID: 9030 Comm: syz.4.568 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  587.793809][ T9030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  587.793819][ T9030] Call Trace:
[  587.793826][ T9030]  <TASK>
[  587.793833][ T9030]  dump_stack_lvl+0x189/0x250
[  587.793861][ T9030]  ? __pfx_dump_stack_lvl+0x10/0x10
[  587.793882][ T9030]  ? __pfx__printk+0x10/0x10
[  587.793912][ T9030]  ? __pfx___might_resched+0x10/0x10
[  587.793938][ T9030]  should_fail_ex+0x414/0x560
[  587.793967][ T9030]  should_failslab+0xa8/0x100
[  587.793992][ T9030]  __kmalloc_cache_noprof+0x70/0x3d0
[  587.794014][ T9030]  ? sctp_association_new+0x89/0x25f0
[  587.794034][ T9030]  ? __asan_memcpy+0x40/0x70
[  587.794055][ T9030]  sctp_association_new+0x89/0x25f0
[  587.794078][ T9030]  ? sctp_do_bind+0x657/0x940
[  587.794105][ T9030]  ? __ipv6_addr_type+0x10c/0x2f0
[  587.794129][ T9030]  sctp_connect_new_asoc+0x2c5/0x690
[  587.794160][ T9030]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  587.794189][ T9030]  ? sctp_inet6_send_verify+0x23a/0x300
[  587.794207][ T9030]  ? sctp_endpoint_lookup_assoc+0xd1/0x260
[  587.794231][ T9030]  __sctp_connect+0x5ba/0xd50
[  587.794262][ T9030]  ? __pfx___sctp_connect+0x10/0x10
[  587.794292][ T9030]  sctp_inet_connect+0x12e/0x1e0
[  587.794315][ T9030]  __sys_connect+0x313/0x440
[  587.794331][ T9030]  ? __fget_files+0x3a0/0x420
[  587.794354][ T9030]  ? __pfx___sys_connect+0x10/0x10
[  587.794388][ T9030]  __x64_sys_connect+0x7a/0x90
[  587.794406][ T9030]  do_syscall_64+0xf6/0x210
[  587.794426][ T9030]  ? clear_bhb_loop+0x45/0xa0
[  587.794446][ T9030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  587.794462][ T9030] RIP: 0033:0x7fbc8158e969
[  587.794476][ T9030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  587.794489][ T9030] RSP: 002b:00007fbc824dd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  587.794506][ T9030] RAX: ffffffffffffffda RBX: 00007fbc817b5fa0 RCX: 00007fbc8158e969
[  587.794518][ T9030] RDX: 000000000000001c RSI: 00002000000002c0 RDI: 0000000000000003
[  587.794529][ T9030] RBP: 00007fbc824dd090 R08: 0000000000000000 R09: 0000000000000000
[  587.794538][ T9030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  587.794547][ T9030] R13: 0000000000000000 R14: 00007fbc817b5fa0 R15: 00007ffe90c54bd8
[  587.794576][ T9030]  </TASK>
[  588.029707][ T9006] syz.2.559: attempt to access beyond end of device
[  588.029707][ T9006] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  588.118988][ T9006] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  588.129001][ T9006] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  588.138769][ T9006] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1)
[  589.022035][ T5917] usb 5-1: new full-speed USB device number 23 using dummy_hcd
[  589.258336][ T5917] usb 5-1: config index 0 descriptor too short (expected 5668, got 36)
[  589.267426][ T5917] usb 5-1: config 3 has too many interfaces: 84, using maximum allowed: 32
[  589.277032][ T5917] usb 5-1: config 3 has 1 interface, different from the descriptor's value: 84
[  589.306215][ T5917] usb 5-1: config 3 has no interface number 0
[  589.338579][ T5917] usb 5-1: config 3 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  589.389824][ T9062] fuse: Bad value for 'rootmode'
[  589.400421][ T9062] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  589.415033][ T5981] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  589.460089][ T5917] usb 5-1: config 3 interface 20 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  589.541862][ T5917] usb 5-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  589.637074][ T5917] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  589.770064][ T5917] usb 5-1: Product: syz
[  589.830532][ T5917] usb 5-1: Manufacturer: syz
[  589.899275][ T5917] usb 5-1: SerialNumber: syz
[  589.981807][ T9038] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  590.202879][ T5917] usb-storage 5-1:3.20: USB Mass Storage device detected
[  590.226336][ T9059] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  590.257344][ T9059] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  590.288038][ T5981] usb 1-1: unable to get BOS descriptor or descriptor too short
[  590.337287][ T5917] usb-storage 5-1:3.20: Quirks match for vid 04e6 pid 000b: 4
[  590.345461][ T5981] usb 1-1: too many configurations: 173, using maximum allowed: 8
[  590.370522][ T5981] usb 1-1: unable to read config index 0 descriptor/start: -71
[  590.399311][ T5981] usb 1-1: can't read configurations, error -71
[  590.415876][ T5917] scsi host1: usb-storage 5-1:3.20
[  590.633560][ T5917] usb 5-1: USB disconnect, device number 23
[  593.137756][ T9124] fuse: Unknown parameter 'user_i00000000000000000000'
[  593.148042][ T9124] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  594.043933][ T9135] netlink: 268 bytes leftover after parsing attributes in process `syz.2.600'.
[  594.070809][ T9135] xt_hashlimit: size too large, truncated to 1048576
[  594.121176][ T5876] Bluetooth: hci0: unexpected event for opcode 0x0400
[  595.191310][ T9145] 
: renamed from bond0 (while UP)
[  595.599377][ T5914] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  595.619363][ T9153] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(15)
[  595.625987][ T9153] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  595.645406][ T9153] vhci_hcd vhci_hcd.0: Device attached
[  595.659904][ T9155] vhci_hcd: connection closed
[  595.661131][ T3523] vhci_hcd: stop threads
[  595.681757][ T3523] vhci_hcd: release socket
[  595.692621][ T3523] vhci_hcd: disconnect device
[  595.774274][ T5914] usb 3-1: Using ep0 maxpacket: 16
[  595.786815][ T5914] usb 3-1: config 5 has an invalid interface number: 168 but max is 0
[  595.802133][ T5914] usb 3-1: config 5 has no interface number 0
[  595.820436][ T5914] usb 3-1: config 5 interface 168 altsetting 7 bulk endpoint 0x4 has invalid maxpacket 1023
[  595.823260][ T5917] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  595.843315][ T5914] usb 3-1: config 5 interface 168 has no altsetting 0
[  595.861431][ T5914] usb 3-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=fc.58
[  595.872678][ T5914] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  595.893049][ T5914] usb 3-1: Product: syz
[  595.905757][ T5914] usb 3-1: Manufacturer: syz
[  595.914591][ T5914] usb 3-1: SerialNumber: syz
[  595.936303][ T9148] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  595.999525][ T5917] usb 5-1: config 0 has an invalid interface number: 117 but max is 0
[  596.015753][ T5917] usb 5-1: config 0 has an invalid descriptor of length 97, skipping remainder of the config
[  596.036443][ T5917] usb 5-1: config 0 has no interface number 0
[  596.043476][ T5917] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has an invalid bInterval 97, changing to 7
[  596.160663][ T5917] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid maxpacket 24929, setting to 1024
[  596.176098][ T5917] usb 5-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  596.224693][ T5917] usb 5-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  596.237705][ T5917] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  596.294922][ T5917] usb 5-1: Product: syz
[  596.309912][ T5917] usb 5-1: Manufacturer: syz
[  596.334095][ T5917] usb 5-1: SerialNumber: syz
[  596.364796][ T5917] usb 5-1: config 0 descriptor??
[  597.530581][ T5916] usb 5-1: USB disconnect, device number 24
[  598.987533][ T5914] pn533_usb 3-1:5.168: NFC: Could not find bulk-in or bulk-out endpoint
[  599.699220][ T5914] usb 3-1: USB disconnect, device number 22
[  599.797305][ T9191] fuse: Unknown parameter 'user_i00000000000000000000'
[  599.808006][ T9191] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  600.683476][ T5981] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  600.873387][ T5981] usb 4-1: Using ep0 maxpacket: 16
[  600.892557][ T5981] usb 4-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  600.906104][ T5981] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.923537][ T5981] usb 4-1: Product: syz
[  600.942137][ T5981] usb 4-1: Manufacturer: syz
[  600.977671][ T5981] usb 4-1: SerialNumber: syz
[  601.142892][ T5981] usb 4-1: config 0 descriptor??
[  601.498204][ T9183] random: crng reseeded on system resumption
[  601.548953][ T5981] as10x_usb: device has been detected
[  601.596554][ T5981] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  606.785659][ T5981] usb 4-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  606.789320][ T5981] as10x_usb: error during firmware upload part1
[  606.789912][ T5981] Registered device Sky IT Digital Key (green led)
[  607.251592][ T5981] usb 4-1: USB disconnect, device number 27
[  607.696512][ T5981] Unregistered device Sky IT Digital Key (green led)
[  607.725003][ T5981] as10x_usb: device has been disconnected
[  607.795486][ T9204] tty tty23: ldisc open failed (-12), clearing slot 22
[  608.455177][ T9238] netlink: 'syz.4.622': attribute type 5 has an invalid length.
[  608.974856][ T9247] bio_check_eod: 2 callbacks suppressed
[  608.974873][ T9247] syz.4.622: attempt to access beyond end of device
[  608.974873][ T9247] loop4: rw=4096, sector=0, nr_sectors = 1 limit=0
[  609.043979][ T9247] XFS (loop4): SB validate failed with error -5.
[  609.452989][ T9261] fuse: Unknown parameter 'user_i00000000000000000000'
[  609.462902][ T9261] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  611.079205][ T5916] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  612.133209][ T5916] usb 1-1: Using ep0 maxpacket: 16
[  612.180838][ T5916] usb 1-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  612.280950][ T5916] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  612.300509][ T5916] usb 1-1: Product: syz
[  612.301647][ T9284] FAULT_INJECTION: forcing a failure.
[  612.301647][ T9284] name failslab, interval 1, probability 0, space 0, times 0
[  612.306799][ T5916] usb 1-1: Manufacturer: syz
[  612.321583][ T9284] CPU: 0 UID: 0 PID: 9284 Comm: syz.1.633 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  612.321605][ T9284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  612.321615][ T9284] Call Trace:
[  612.321622][ T9284]  <TASK>
[  612.321636][ T9284]  dump_stack_lvl+0x189/0x250
[  612.321664][ T9284]  ? __pfx_dump_stack_lvl+0x10/0x10
[  612.321684][ T9284]  ? __pfx__printk+0x10/0x10
[  612.321711][ T9284]  ? __pfx___might_resched+0x10/0x10
[  612.321737][ T9284]  should_fail_ex+0x414/0x560
[  612.321764][ T9284]  should_failslab+0xa8/0x100
[  612.321788][ T9284]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  612.321811][ T9284]  ? __alloc_skb+0x112/0x2d0
[  612.321832][ T9284]  __alloc_skb+0x112/0x2d0
[  612.321852][ T9284]  netlink_sendmsg+0x5c6/0xb30
[  612.321868][ T9284]  ? is_bpf_text_address+0x26/0x2b0
[  612.321895][ T9284]  ? __pfx_netlink_sendmsg+0x10/0x10
[  612.321918][ T9284]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  612.321934][ T9284]  ? __pfx_netlink_sendmsg+0x10/0x10
[  612.321952][ T9284]  __sock_sendmsg+0x219/0x270
[  612.321977][ T9284]  ____sys_sendmsg+0x505/0x830
[  612.322001][ T9284]  ? __pfx_____sys_sendmsg+0x10/0x10
[  612.322027][ T9284]  ? import_iovec+0x74/0xa0
[  612.322050][ T9284]  ___sys_sendmsg+0x21f/0x2a0
[  612.322071][ T9284]  ? __pfx____sys_sendmsg+0x10/0x10
[  612.322122][ T9284]  ? __fget_files+0x2a/0x420
[  612.322144][ T9284]  ? __fget_files+0x3a0/0x420
[  612.322174][ T9284]  __x64_sys_sendmsg+0x19b/0x260
[  612.322195][ T9284]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  612.322229][ T9284]  ? do_syscall_64+0xba/0x210
[  612.322251][ T9284]  do_syscall_64+0xf6/0x210
[  612.322269][ T9284]  ? clear_bhb_loop+0x45/0xa0
[  612.322287][ T9284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  612.322306][ T9284] RIP: 0033:0x7f21c998e969
[  612.322320][ T9284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  612.322334][ T9284] RSP: 002b:00007f21ca7a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  612.322351][ T9284] RAX: ffffffffffffffda RBX: 00007f21c9bb5fa0 RCX: 00007f21c998e969
[  612.322363][ T9284] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[  612.322372][ T9284] RBP: 00007f21ca7a1090 R08: 0000000000000000 R09: 0000000000000000
[  612.322381][ T9284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  612.322390][ T9284] R13: 0000000000000000 R14: 00007f21c9bb5fa0 R15: 00007ffe974a4158
[  612.322416][ T9284]  </TASK>
[  612.458662][ T9286] netlink: 8 bytes leftover after parsing attributes in process `syz.1.634'.
[  612.585223][ T9286] netlink: 'syz.1.634': attribute type 20 has an invalid length.
[  612.600104][ T9286] netlink: 'syz.1.634': attribute type 21 has an invalid length.
[  612.743120][ T9288] netlink: 'syz.1.635': attribute type 1 has an invalid length.
[  612.758940][ T9288] netlink: 244 bytes leftover after parsing attributes in process `syz.1.635'.
[  612.841890][ T5916] usb 1-1: SerialNumber: syz
[  612.850815][ T5916] usb 1-1: config 0 descriptor??
[  613.131041][ T9294] fuse: Unknown parameter 'use00000000000000000000'
[  613.147452][ T9294] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  614.192360][ T5914] usb 1-1: USB disconnect, device number 33
[  614.246096][ T5916] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  614.394830][ T9305] netlink: 16 bytes leftover after parsing attributes in process `syz.2.640'.
[  614.433654][ T5916] usb 2-1: Using ep0 maxpacket: 8
[  614.581728][ T5916] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  614.597867][ T5916] usb 2-1: config 179 has no interface number 0
[  614.605081][ T5916] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  614.627073][ T5917] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  614.770203][ T5916] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  615.471641][ T5916] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  615.492963][ T5916] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  615.530768][ T5916] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  615.563718][ T5916] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  615.574811][ T5916] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  615.594642][ T9292] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  615.613829][ T5917] usb 5-1: Using ep0 maxpacket: 8
[  615.703465][ T5981] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  616.233616][ T5917] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  616.286263][ T5917] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  616.314962][ T5917] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  616.344546][ T5917] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  616.357768][ T5914] usb 2-1: USB disconnect, device number 22
[  616.357902][    C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  616.372253][    C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  616.381152][    C1] ==================================================================
[  616.389229][    C1] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x23d/0x290
[  616.397052][    C1] Read of size 4 at addr ffff888023efb05c by task udevd/5189
[  616.404425][    C1] 
[  616.406750][    C1] CPU: 1 UID: 0 PID: 5189 Comm: udevd Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  616.406771][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  616.406781][    C1] Call Trace:
[  616.406787][    C1]  <IRQ>
[  616.406793][    C1]  dump_stack_lvl+0x189/0x250
[  616.406816][    C1]  ? __virt_addr_valid+0x18c/0x540
[  616.406833][    C1]  ? rcu_is_watching+0x15/0xb0
[  616.406851][    C1]  ? __kasan_check_byte+0x12/0x40
[  616.406871][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  616.406888][    C1]  ? rcu_is_watching+0x15/0xb0
[  616.406907][    C1]  ? lock_release+0x4b/0x3e0
[  616.406925][    C1]  ? __virt_addr_valid+0x18c/0x540
[  616.406941][    C1]  ? __virt_addr_valid+0x469/0x540
[  616.406958][    C1]  print_report+0xb4/0x290
[  616.406974][    C1]  ? do_raw_spin_lock+0x23d/0x290
[  616.406987][    C1]  kasan_report+0x118/0x150
[  616.407007][    C1]  ? do_raw_spin_lock+0x23d/0x290
[  616.407024][    C1]  do_raw_spin_lock+0x23d/0x290
[  616.407038][    C1]  ? __wake_up_common_lock+0x2f/0x1f0
[  616.407054][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  616.407071][    C1]  _raw_spin_lock_irqsave+0xb3/0xf0
[  616.407086][    C1]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  616.407099][    C1]  ? kcov_remote_stop+0x78/0x6d0
[  616.407117][    C1]  __wake_up_common_lock+0x2f/0x1f0
[  616.407135][    C1]  __usb_hcd_giveback_urb+0x4d7/0x690
[  616.407156][    C1]  ? usb_hcd_unlink_urb_from_ep+0x2c/0x110
[  616.407177][    C1]  ? __pfx___usb_hcd_giveback_urb+0x10/0x10
[  616.407200][    C1]  ? usb_hcd_giveback_urb+0x10e/0x420
[  616.407220][    C1]  dummy_timer+0x862/0x4550
[  616.407248][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  616.407261][    C1]  ? __lock_acquire+0xaac/0xd20
[  616.407293][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  616.407312][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  616.407330][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  616.407347][    C1]  __hrtimer_run_queues+0x529/0xc60
[  616.407373][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  616.407391][    C1]  ? read_tsc+0x9/0x20
[  616.407409][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  616.407431][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  616.407452][    C1]  handle_softirqs+0x283/0x870
[  616.407471][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  616.407492][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  616.407514][    C1]  __irq_exit_rcu+0xca/0x1f0
[  616.407533][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  616.407556][    C1]  irq_exit_rcu+0x9/0x30
[  616.407573][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  616.407587][    C1]  </IRQ>
[  616.407592][    C1]  <TASK>
[  616.407597][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  616.407612][    C1] RIP: 0010:lock_acquire+0x175/0x360
[  616.407630][    C1] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 4b 12 d4 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[  616.407643][    C1] RSP: 0018:ffffc900031177f8 EFLAGS: 00000206
[  616.407657][    C1] RAX: 29e63f051b520400 RBX: 0000000000000000 RCX: 29e63f051b520400
[  616.407668][    C1] RDX: 0000000000000001 RSI: ffffffff8d921240 RDI: ffffffff8bc0fe60
[  616.407678][    C1] RBP: ffffffff8171a9f5 R08: 0000000000000000 R09: 0000000000000000
[  616.407688][    C1] R10: 0000000000000000 R11: ffffffff8171a9f5 R12: 0000000000000002
[  616.407697][    C1] R13: ffffffff8df3b860 R14: 0000000000000000 R15: 0000000000000246
[  616.407708][    C1]  ? unwind_next_frame+0xa5/0x2390
[  616.407724][    C1]  ? unwind_next_frame+0xa5/0x2390
[  616.407745][    C1]  ? unwind_next_frame+0xa5/0x2390
[  616.407759][    C1]  ? arch_stack_walk+0xe4/0x150
[  616.407775][    C1]  ? unwind_next_frame+0xa5/0x2390
[  616.407789][    C1]  unwind_next_frame+0xc2/0x2390
[  616.407803][    C1]  ? unwind_next_frame+0xa5/0x2390
[  616.407819][    C1]  ? unwind_next_frame+0xa5/0x2390
[  616.407834][    C1]  ? __unwind_start+0xf8/0x760
[  616.407850][    C1]  __unwind_start+0x5b9/0x760
[  616.407867][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  616.407881][    C1]  arch_stack_walk+0xe4/0x150
[  616.407898][    C1]  ? arch_stack_walk+0xe4/0x150
[  616.407915][    C1]  stack_trace_save+0x9c/0xe0
[  616.407927][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  616.407943][    C1]  ? kasan_save_track+0x3e/0x80
[  616.407959][    C1]  ? kasan_save_free_info+0x46/0x50
[  616.407974][    C1]  kasan_save_track+0x3e/0x80
[  616.408013][    C1]  __kasan_kmalloc+0x93/0xb0
[  616.408032][    C1]  __kmalloc_cache_noprof+0x230/0x3d0
[  616.408052][    C1]  ? kmem_cache_free+0x169/0x3f0
[  616.408072][    C1]  ? fput_close_sync+0x119/0x200
[  616.408086][    C1]  kmem_cache_free+0x169/0x3f0
[  616.408106][    C1]  fput_close_sync+0x119/0x200
[  616.408121][    C1]  ? dnotify_flush+0x1db/0x5e0
[  616.408134][    C1]  ? __pfx_fput_close_sync+0x10/0x10
[  616.408149][    C1]  ? do_raw_spin_unlock+0x122/0x240
[  616.408165][    C1]  __x64_sys_close+0x7f/0x110
[  616.408181][    C1]  do_syscall_64+0xf6/0x210
[  616.408197][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  616.408211][    C1]  ? clear_bhb_loop+0x45/0xa0
[  616.408226][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  616.408239][    C1] RIP: 0033:0x7f62293cd407
[  616.408251][    C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  616.408270][    C1] RSP: 002b:00007ffdc0e36b90 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
[  616.408284][    C1] RAX: ffffffffffffffda RBX: 00007f6229341880 RCX: 00007f62293cd407
[  616.408295][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000c
[  616.408304][    C1] RBP: 00007f62293416e8 R08: 0000000000000000 R09: 0000000000000000
[  616.408314][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[  616.408323][    C1] R13: 00000000ffffffff R14: ffffffffffffffff R15: 0000000000000000
[  616.408338][    C1]  </TASK>
[  616.408343][    C1] 
[  616.966565][    C1] Allocated by task 5916:
[  616.970874][    C1]  kasan_save_track+0x3e/0x80
[  616.975539][    C1]  __kasan_kmalloc+0x93/0xb0
[  616.980133][    C1]  __kmalloc_cache_noprof+0x230/0x3d0
[  616.985520][    C1]  xpad_probe+0x41c/0x1ed0
[  616.989924][    C1]  usb_probe_interface+0x641/0xbc0
[  616.995024][    C1]  really_probe+0x26a/0x9a0
[  616.999513][    C1]  __driver_probe_device+0x18c/0x2f0
[  617.004796][    C1]  driver_probe_device+0x4f/0x430
[  617.009818][    C1]  __device_attach_driver+0x2ce/0x530
[  617.015178][    C1]  bus_for_each_drv+0x24e/0x2e0
[  617.020019][    C1]  __device_attach+0x2b8/0x400
[  617.024766][    C1]  bus_probe_device+0x185/0x260
[  617.029606][    C1]  device_add+0x7b6/0xb50
[  617.033920][    C1]  usb_set_configuration+0x1a87/0x20e0
[  617.039369][    C1]  usb_generic_driver_probe+0x8d/0x150
[  617.044815][    C1]  usb_probe_device+0x1c1/0x390
[  617.049657][    C1]  really_probe+0x26a/0x9a0
[  617.054151][    C1]  __driver_probe_device+0x18c/0x2f0
[  617.059429][    C1]  driver_probe_device+0x4f/0x430
[  617.064441][    C1]  __device_attach_driver+0x2ce/0x530
[  617.069816][    C1]  bus_for_each_drv+0x24e/0x2e0
[  617.074666][    C1]  __device_attach+0x2b8/0x400
[  617.079419][    C1]  bus_probe_device+0x185/0x260
[  617.084262][    C1]  device_add+0x7b6/0xb50
[  617.088588][    C1]  usb_new_device+0xa39/0x16c0
[  617.093350][    C1]  hub_event+0x2941/0x4a00
[  617.097759][    C1]  process_scheduled_works+0xadb/0x17a0
[  617.103298][    C1]  worker_thread+0x8a0/0xda0
[  617.107879][    C1]  kthread+0x70e/0x8a0
[  617.111938][    C1]  ret_from_fork+0x4b/0x80
[  617.116338][    C1]  ret_from_fork_asm+0x1a/0x30
[  617.121093][    C1] 
[  617.123403][    C1] Freed by task 5914:
[  617.127361][    C1]  kasan_save_track+0x3e/0x80
[  617.132024][    C1]  kasan_save_free_info+0x46/0x50
[  617.137037][    C1]  __kasan_slab_free+0x62/0x70
[  617.141798][    C1]  kfree+0x193/0x440
[  617.145692][    C1]  xpad_disconnect+0x350/0x480
[  617.150442][    C1]  usb_unbind_interface+0x26b/0x8f0
[  617.155630][    C1]  device_release_driver_internal+0x4d6/0x7c0
[  617.161681][    C1]  bus_remove_device+0x34d/0x410
[  617.166609][    C1]  device_del+0x511/0x8e0
[  617.170921][    C1]  usb_disable_device+0x3e9/0x8a0
[  617.175929][    C1]  usb_disconnect+0x330/0x910
[  617.180588][    C1]  hub_event+0x1cdb/0x4a00
[  617.184991][    C1]  process_scheduled_works+0xadb/0x17a0
[  617.190523][    C1]  worker_thread+0x8a0/0xda0
[  617.195102][    C1]  kthread+0x70e/0x8a0
[  617.199160][    C1]  ret_from_fork+0x4b/0x80
[  617.203561][    C1]  ret_from_fork_asm+0x1a/0x30
[  617.208314][    C1] 
[  617.210619][    C1] The buggy address belongs to the object at ffff888023efb000
[  617.210619][    C1]  which belongs to the cache kmalloc-1k of size 1024
[  617.224656][    C1] The buggy address is located 92 bytes inside of
[  617.224656][    C1]  freed 1024-byte region [ffff888023efb000, ffff888023efb400)
[  617.238439][    C1] 
[  617.240749][    C1] The buggy address belongs to the physical page:
[  617.247152][    C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x23ef8
[  617.255896][    C1] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  617.264391][    C1] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  617.271934][    C1] page_type: f5(slab)
[  617.275904][    C1] raw: 00fff00000000040 ffff88801a041dc0 ffffea0001661800 dead000000000002
[  617.284472][    C1] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  617.293041][    C1] head: 00fff00000000040 ffff88801a041dc0 ffffea0001661800 dead000000000002
[  617.301694][    C1] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  617.310348][    C1] head: 00fff00000000003 ffffea00008fbe01 00000000ffffffff 00000000ffffffff
[  617.319020][    C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  617.327684][    C1] page dumped because: kasan: bad access detected
[  617.334099][    C1] page_owner tracks the page as allocated
[  617.339807][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5937, tgid 5937 (kworker/u8:6), ts 529263018393, free_ts 529129890762
[  617.359245][    C1]  post_alloc_hook+0x1d8/0x230
[  617.364006][    C1]  get_page_from_freelist+0x21c7/0x22a0
[  617.369540][    C1]  __alloc_frozen_pages_noprof+0x181/0x370
[  617.375338][    C1]  alloc_pages_mpol+0x232/0x4a0
[  617.380185][    C1]  allocate_slab+0x8a/0x3b0
[  617.384674][    C1]  ___slab_alloc+0xbfc/0x1480
[  617.389350][    C1]  __kmalloc_noprof+0x305/0x4f0
[  617.394199][    C1]  ieee802_11_parse_elems_full+0x152/0x2b20
[  617.400082][    C1]  ieee80211_ibss_rx_queued_mgmt+0x462/0x2ae0
[  617.406142][    C1]  ieee80211_iface_work+0x806/0xfe0
[  617.411326][    C1]  cfg80211_wiphy_work+0x2dc/0x460
[  617.416425][    C1]  process_scheduled_works+0xadb/0x17a0
[  617.421959][    C1]  worker_thread+0x8a0/0xda0
[  617.426538][    C1]  kthread+0x70e/0x8a0
[  617.430590][    C1]  ret_from_fork+0x4b/0x80
[  617.434989][    C1]  ret_from_fork_asm+0x1a/0x30
[  617.439742][    C1] page last free pid 7586 tgid 7586 stack trace:
[  617.446046][    C1]  __free_frozen_pages+0xb05/0xcd0
[  617.451142][    C1]  __put_partials+0x161/0x1c0
[  617.455805][    C1]  put_cpu_partial+0x17c/0x250
[  617.460553][    C1]  __slab_free+0x2f7/0x400
[  617.464958][    C1]  qlist_free_all+0x9a/0x140
[  617.469534][    C1]  kasan_quarantine_reduce+0x148/0x160
[  617.474979][    C1]  __kasan_slab_alloc+0x22/0x80
[  617.479819][    C1]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  617.485268][    C1]  getname_flags+0xb8/0x540
[  617.489751][    C1]  vfs_fstatat+0x43/0x160
[  617.494061][    C1]  __x64_sys_newfstatat+0x11c/0x1a0
[  617.499240][    C1]  do_syscall_64+0xf6/0x210
[  617.503728][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  617.509604][    C1] 
[  617.511909][    C1] Memory state around the buggy address:
[  617.517523][    C1]  ffff888023efaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  617.525568][    C1]  ffff888023efaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  617.533613][    C1] >ffff888023efb000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  617.541654][    C1]                                                     ^
[  617.548569][    C1]  ffff888023efb080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  617.556623][    C1]  ffff888023efb100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  617.564669][    C1] ==================================================================
[  617.572728][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  617.579908][    C1] CPU: 1 UID: 0 PID: 5189 Comm: udevd Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[  617.591433][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  617.601471][    C1] Call Trace:
[  617.604737][    C1]  <IRQ>
[  617.607567][    C1]  dump_stack_lvl+0x99/0x250
[  617.612149][    C1]  ? __asan_memcpy+0x40/0x70
[  617.616727][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  617.621913][    C1]  ? __pfx__printk+0x10/0x10
[  617.626496][    C1]  panic+0x2db/0x790
[  617.630384][    C1]  ? __pfx_panic+0x10/0x10
[  617.634789][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  617.640665][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  617.646976][    C1]  ? print_memory_metadata+0x314/0x400
[  617.652423][    C1]  ? do_raw_spin_lock+0x23d/0x290
[  617.657432][    C1]  check_panic_on_warn+0x89/0xb0
[  617.662363][    C1]  ? do_raw_spin_lock+0x23d/0x290
[  617.667376][    C1]  end_report+0x78/0x160
[  617.671612][    C1]  kasan_report+0x129/0x150
[  617.676109][    C1]  ? do_raw_spin_lock+0x23d/0x290
[  617.681122][    C1]  do_raw_spin_lock+0x23d/0x290
[  617.685959][    C1]  ? __wake_up_common_lock+0x2f/0x1f0
[  617.691315][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  617.696679][    C1]  _raw_spin_lock_irqsave+0xb3/0xf0
[  617.701864][    C1]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  617.707742][    C1]  ? kcov_remote_stop+0x78/0x6d0
[  617.712671][    C1]  __wake_up_common_lock+0x2f/0x1f0
[  617.717867][    C1]  __usb_hcd_giveback_urb+0x4d7/0x690
[  617.723228][    C1]  ? usb_hcd_unlink_urb_from_ep+0x2c/0x110
[  617.729029][    C1]  ? __pfx___usb_hcd_giveback_urb+0x10/0x10
[  617.734928][    C1]  ? usb_hcd_giveback_urb+0x10e/0x420
[  617.740297][    C1]  dummy_timer+0x862/0x4550
[  617.744803][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  617.750159][    C1]  ? __lock_acquire+0xaac/0xd20
[  617.755007][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  617.759935][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  617.764869][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  617.769799][    C1]  __hrtimer_run_queues+0x529/0xc60
[  617.775002][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  617.780712][    C1]  ? read_tsc+0x9/0x20
[  617.784772][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  617.790570][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  617.795674][    C1]  handle_softirqs+0x283/0x870
[  617.800433][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  617.805190][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  617.810467][    C1]  __irq_exit_rcu+0xca/0x1f0
[  617.815048][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  617.820241][    C1]  irq_exit_rcu+0x9/0x30
[  617.824471][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  617.830091][    C1]  </IRQ>
[  617.833010][    C1]  <TASK>
[  617.835925][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  617.841893][    C1] RIP: 0010:lock_acquire+0x175/0x360
[  617.847171][    C1] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 4b 12 d4 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[  617.866761][    C1] RSP: 0018:ffffc900031177f8 EFLAGS: 00000206
[  617.872814][    C1] RAX: 29e63f051b520400 RBX: 0000000000000000 RCX: 29e63f051b520400
[  617.880775][    C1] RDX: 0000000000000001 RSI: ffffffff8d921240 RDI: ffffffff8bc0fe60
[  617.888736][    C1] RBP: ffffffff8171a9f5 R08: 0000000000000000 R09: 0000000000000000
[  617.896692][    C1] R10: 0000000000000000 R11: ffffffff8171a9f5 R12: 0000000000000002
[  617.904649][    C1] R13: ffffffff8df3b860 R14: 0000000000000000 R15: 0000000000000246
[  617.912607][    C1]  ? unwind_next_frame+0xa5/0x2390
[  617.917709][    C1]  ? unwind_next_frame+0xa5/0x2390
[  617.922811][    C1]  ? unwind_next_frame+0xa5/0x2390
[  617.927906][    C1]  ? arch_stack_walk+0xe4/0x150
[  617.932741][    C1]  ? unwind_next_frame+0xa5/0x2390
[  617.937835][    C1]  unwind_next_frame+0xc2/0x2390
[  617.942755][    C1]  ? unwind_next_frame+0xa5/0x2390
[  617.947853][    C1]  ? unwind_next_frame+0xa5/0x2390
[  617.952950][    C1]  ? __unwind_start+0xf8/0x760
[  617.957702][    C1]  __unwind_start+0x5b9/0x760
[  617.962363][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  617.968505][    C1]  arch_stack_walk+0xe4/0x150
[  617.973179][    C1]  ? arch_stack_walk+0xe4/0x150
[  617.978028][    C1]  stack_trace_save+0x9c/0xe0
[  617.982696][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  617.988054][    C1]  ? kasan_save_track+0x3e/0x80
[  617.992898][    C1]  ? kasan_save_free_info+0x46/0x50
[  617.998082][    C1]  kasan_save_track+0x3e/0x80
[  618.002762][    C1]  __kasan_kmalloc+0x93/0xb0
[  618.007343][    C1]  __kmalloc_cache_noprof+0x230/0x3d0
[  618.012704][    C1]  ? kmem_cache_free+0x169/0x3f0
[  618.017632][    C1]  ? fput_close_sync+0x119/0x200
[  618.022551][    C1]  kmem_cache_free+0x169/0x3f0
[  618.027304][    C1]  fput_close_sync+0x119/0x200
[  618.032058][    C1]  ? dnotify_flush+0x1db/0x5e0
[  618.036805][    C1]  ? __pfx_fput_close_sync+0x10/0x10
[  618.042077][    C1]  ? do_raw_spin_unlock+0x122/0x240
[  618.047265][    C1]  __x64_sys_close+0x7f/0x110
[  618.051925][    C1]  do_syscall_64+0xf6/0x210
[  618.056418][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  618.062552][    C1]  ? clear_bhb_loop+0x45/0xa0
[  618.067212][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  618.073092][    C1] RIP: 0033:0x7f62293cd407
[  618.077496][    C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  618.097119][    C1] RSP: 002b:00007ffdc0e36b90 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
[  618.105547][    C1] RAX: ffffffffffffffda RBX: 00007f6229341880 RCX: 00007f62293cd407
[  618.113516][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000c
[  618.121473][    C1] RBP: 00007f62293416e8 R08: 0000000000000000 R09: 0000000000000000
[  618.129431][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[  618.137387][    C1] R13: 00000000ffffffff R14: ffffffffffffffff R15: 0000000000000000
[  618.145351][    C1]  </TASK>
[  618.148583][    C1] Kernel Offset: disabled
[  618.152891][    C1] Rebooting in 86400 seconds..