last executing test programs:

21.611034201s ago: executing program 1 (id=2908):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x44, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x14, 0x4, @local}}}]}]}, 0x44}}, 0x0)

21.548269441s ago: executing program 1 (id=2910):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x7ffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, &(0x7f0000000040)=0x54)
socket$l2tp6(0xa, 0x2, 0x73)
clock_adjtime(0x0, &(0x7f0000000100)={0x363, 0x6a, 0x55cd, 0x8000000000000001, 0x48c, 0x5, 0xd, 0x424, 0x2, 0xfffffffffffffffe, 0xf423f, 0xfffffffffffffff9, 0x7, 0x2, 0x1000000081, 0x5, 0x0, 0x5, 0x2, 0x9220000000000000, 0x3, 0x0, 0x80000001, 0x0, 0x5, 0x7})
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300f400000091fe10001280080001006873720004000280"], 0x30}, 0x1, 0x0, 0x0, 0x44010}, 0x8000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x40)
process_mrelease(0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
bind$unix(r3, &(0x7f0000003000)=@file={0x1, './file0\x00'}, 0x6e)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
pread64(r4, &(0x7f0000000100)=""/165, 0xa5, 0x84)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
fsopen(&(0x7f0000000240)='jfs\x00', 0x1)

18.551680603s ago: executing program 1 (id=2923):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000000400)={0x33, "1729392d39e510e718f7d2f3e79657a4208bc603c765ab35268fb42f5ef0157efc067efc2fce68e396089c87bb6ef08f778b3059bbe6be9d7a658b5626581a765fa9f86f54b99ace83422573c2fbfad2441e4eae4b4f80b9a9e20b41462e9c105d91266a2093d94a0b7dda17408f76cab583b120cff158ad5e1922bd6981ce63d3f339542e7ca9334599dc36b66b27453981ed158e408094fb00af66311a4b36b113f855ef41702eebd4d0a009510ad20b236ccf54d586a6e4e3449b51be4c2195b9d83505622f1141c4b38a00e662350342fc4752f3626f7c928bae5311e85850a50bf68bda390631f8abcaabd4d9fa577a7671e810c5b8cff89b24f28366ac43a925887bb9460e0f7eb7e1a277f62ef7e676f366241bfd9648551351d718ae544be5b79ba395e46ae9f4d620e1c5bccff10e50b969254b0abdfe4901a8b46426647d0de471e9b295ce70c49f4ec7a16bee9f6079d3a9049070ee8b378d44aa9b1ddab42bdd42c13d31b1702b0978b054aa94dcda32cf6b2cd8c99759af683949b9696630e9cc0a0a476eba229b0cda7a8d2f1b2d3b5fe4b298a032212e1149d2420fccb3bca644584562fbccc5f6cf4c8e37c039203e193eff6d02e496393618765a5288e4f21cb64ce3d48992bb97418ef7bbbcc7ffd75de9c4168ad3dfe3d01e9404055d58970c7533e042032f42faaed54c77e23bf9e821d9bc4968f9dc"})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
arch_prctl$ARCH_GET_XCOMP_GUEST_PERM(0x1024, &(0x7f0000000000))
r1 = socket(0x10, 0x3, 0x6)
r2 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000)
r4 = syz_open_procfs(0x0, &(0x7f0000001180)='net/vlan/vlan1\x00')
pread64(r4, &(0x7f0000002240)=""/237, 0xed, 0x4eb)
getsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, &(0x7f0000000240), &(0x7f00000002c0)=0x4)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r6 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x1, 0x13580, 0x0, 0x1ff}, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={{0x14}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r9 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/igmp\x00')
pread64(r9, &(0x7f0000000180)=""/15, 0xfffffe9c, 0xb6)
syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_TEE={0x21, 0x7, 0x0, @fd=r6, 0x0, 0x0, 0x7, 0x0, 0x0, {0x0, 0x0, r5}})
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000000180)={0x1, 0x14, 0x4, 0xfffd, 0x0, 0x40, 0x0})
r10 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={0x0, r10}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x50, r6, 0x0)
io_uring_enter(r6, 0x55, 0x84a23, 0xf, 0x0, 0x0)

18.377856611s ago: executing program 1 (id=2926):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000f40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670800000000005601000000ff07ad6706000002000000070300000ee60000bf250000000000002d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56600a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8ddaf2cdad3d1a74a2f078aa6402483856a6e495408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae06e394c9639564f000fc3cdd05a157544d0200000000000000ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f88e80ef80c6ed3e1ff91ff111000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcbacec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0ddd932d838ff651023853d42210642986f8bbc7340bc8393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d68124674478186edd036f15bf847c33f79e1a0ad3d2b5080ecb01420c9f1b534e969fce97ffff07000009000000bfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861220799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a823e28f359608ea326c77a1aa17318f392a0ec6c188916f4149c503027feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe481a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8e68f076c659f56d6c7f97a94d604f45cfe88b30c170000000001000000ef931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db223f0400000000000000d23b48bb38b31a14ffcddd92c38f6b6d86a0e56d47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f1300007d6072f0cf120ad2ba519afdd43a14000000000000000000000000007ef2f3c58d045f0700000094069acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d000000000000000000007758b1267669ded883b5867c5916a74843b784955108f750c57744c76a09629dd0aaca5cb0f14f49db80a1aa2692c18fbb31cbdb3f2e138e6d5ba3491fc3617b511f24bad26466407e39000000000000d7a1bf4624d31c13a6840f45a7f4e01a50d790132abb36915e35b1ac35bf3921357f638684bba17b8fe1e2123153ecd6d1f76820d4f8fa0b96b50c457ae8d5f2351cdb7bc8170380557bc11cf6ee3395974e37018a2a7473312cb32affb8ff72a253e0d36099e460f13694b9891af526d9608271838e83d17103887f34210dd4c0cf60dec608b4ca5ba2f3037bf381e7b5d5b27820000000000000000000000b719bd34f3244730f708fdd532640edc6b82dd4ad72ecbaccafef806f5447aba2246d56a601bbd8c24ba1e16dda3296ce10de6830"], &(0x7f0000000100)='GPL\x00'}, 0x48)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[0x0], 0x1, 0x80000, 0x0, <r0=>0xffffffffffffffff})
ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000500)=ANY=[])
ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0xd)
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, r1)
socket$rxrpc(0x21, 0x2, 0xa)
r2 = openat$dsp(0xffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$SOUND_MIXER_READ_DEVMASK(r2, 0x80044dfe, &(0x7f00000002c0))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r3, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40186f40, &(0x7f0000000440)=0x1f)
r5 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000000140)={0x0, 0x0, r6})
userfaultfd(0x80001)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x1, 0x4ee59ce4, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c00000029000b00ffffffff0000000005000000180001"], 0x2c}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond0\x00'})

16.567357277s ago: executing program 1 (id=2929):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000200000f6ffffffffffffff0000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xa, &(0x7f00000005c0)=@raw=[@btf_id={0x18, 0x6, 0x3, 0x0, 0x3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x4}, @map_fd={0x18, 0xa, 0x1, 0x0, r0}, @cb_func={0x18, 0x5, 0x4, 0x0, 0x6}, @generic={0x8, 0x4, 0xf, 0x4, 0x8000}, @generic={0xff, 0x4, 0x9, 0x5, 0x89d0}], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2916b260225193ac, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, &(0x7f0000000300)={0x6, 0x0, &(0x7f00000002c0)=[0x0, 0x0, 0x0, <r1=>0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000380)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000000400)={&(0x7f00000003c0)=[0x0, 0x0], 0x2, 0x0, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000004c0)={r1, r2, r3, 0x0, 0x0, 0x1, &(0x7f0000000480)=[0x0]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x5bb1065a250dc928, './file0\x00'}, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-blowfish-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000140)="2c385aa3", 0x4)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r8 = bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x10000, @value=r8}, 0x28)
r9 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x862b01)
syz_open_dev$evdev(&(0x7f0000000280), 0x0, 0x0)
r10 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read$hiddev(r10, &(0x7f0000002300)=""/102, 0x66)
write$char_usb(r9, &(0x7f0000000040)="e2", 0x2250)

13.290270204s ago: executing program 1 (id=2934):
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f00000021c0), 0xffffffffffffffff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
creat(&(0x7f0000000000)='./file0\x00', 0xecf86c37d53049cc) (async)
r2 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x0, 0xcf6, 0x59455247, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x2}}) (async)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) (async)
setsockopt$MRT6_TABLE(0xffffffffffffffff, 0x29, 0xcf, &(0x7f0000000380)=0xff, 0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount$fuse(0x0, 0x0, 0x0, 0x2018081, 0x0) (async)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, 0x0, 0x0)
listen(r7, 0x4000)
close(r7) (async)
socketpair$unix(0x1, 0x2, 0x0, 0x0)

11.385970072s ago: executing program 0 (id=2942):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
syz_emit_ethernet(0x52, &(0x7f0000000000)={@local, @random="e38f6cc55385", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x1c, 0x6, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, {[], {{0xfffe, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, {[@generic={0xfe, 0x6, "e6673fcf"}]}}}}}}}}, 0x0)
accept4$rose(0xffffffffffffffff, &(0x7f0000000080)=@full={0xb, @dev, @remote, 0x0, [@default, @null, @netrom, @bcast, @rose, @rose]}, 0x0, 0x80000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0xfffb}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000300), 0xc2002, 0x0)
sendfile(r1, r1, 0x0, 0x40000f63c)
syz_usb_ep_write$ath9k_ep2(0xffffffffffffffff, 0x83, 0x12, &(0x7f0000000340)=@conn_svc_rsp={0x0, 0x0, 0xa, "e0c72fd9", {0x3, 0x2, 0x0, 0xd, 0x8, 0x70, 0x95}})

9.809476441s ago: executing program 0 (id=2946):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
clock_nanosleep(0x8, 0x1, &(0x7f0000000080), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xe)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x200000000000000)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x400, 0x1, 0xbfdffffc}, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)
listen(0xffffffffffffffff, 0xfffffff7)
openat$pfkey(0xffffff9c, 0x0, 0x14000, 0x0)
unshare(0x6e060000)
r5 = getpid()
rt_sigqueueinfo(r5, 0x3b, &(0x7f0000000240)={0x10, 0x1, 0x3})

8.960612446s ago: executing program 3 (id=2949):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
readv(r0, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/214, 0xd6}], 0x1)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100001e0001eb25bd7000000000"], 0x114}], 0x1}, 0x0)

8.773032615s ago: executing program 3 (id=2951):
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x10842, 0x0)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
listen(r2, 0x5)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
close_range(r2, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r4, &(0x7f0000000280)=""/239, 0xef)
read$char_usb(r4, 0x0, 0x0)
ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f00000003c0)=""/188)
syz_usb_disconnect(r1)
ioctl$FS_IOC_GETFSUUID(r0, 0x80111500, &(0x7f0000000100))
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="00012dbd7000fddbdf2510000000080031000180000008003a00940b000008000300", @ANYRES32=r6, @ANYBLOB="08000b00ff7f00000695cabfe1c88a0fb3c506f62700"], 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x80)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f00000016c0), r0)
r9 = socket$inet6(0xa, 0x80002, 0x88)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(0xffffffffffffffff, 0x110, 0x3)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r0, 0xc01064c1, &(0x7f00000004c0))
setsockopt$inet6_udp_int(r9, 0x11, 0xa, &(0x7f0000000480)=0x40805, 0x4)
sendmsg$DEVLINK_CMD_RATE_GET(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r8, @ANYBLOB="b5432cbd7000fcdbdf050000ff00fa8e6cb7e7a722c188ae01f5c273fbcdab6963391ff431579180f4baf8881c13fecaffffffffffffffffe13b6cacd9aa3ed5fbf5d5880c7f8bf60b26b9ed3da254f0b56113ef8d4ee7a5dfb473830d2ba6e6c84699c2c126245d87098509e36548d4f767c8b7eac2a2bbaf9bf869789629cdaa869af94f3073b32c780252e06d67e5545e36a9b84f62f5106842e93f21070000000a78cd838f684d7729914fd0ad2298d641b286609e78ef72bee8"], 0x14}}, 0x40)
syz_usb_connect$uac1(0x2, 0xa6, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000106b1d01010000000003010902940003010040000904000000010100000a2401000000020102132406000006000000281ab0ab2c90619b34000000000000000000000924030000000000000924050000f8211cfd0924030500000004000724050401"], 0x0)

6.514521676s ago: executing program 2 (id=2956):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r4, 0x4068aea3, &(0x7f0000000100)={0xbe, 0x0, 0x1})
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000003c0)=ANY=[@ANYBLOB="0100000000f95ff012"])
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/xfrm_stat\x00')
pread64(r6, &(0x7f0000000240)=""/124, 0x7c, 0x20003)
write$FUSE_NOTIFY_RESEND(r6, &(0x7f0000000000)={0x14}, 0x14)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r8 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r8, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r8, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x400}, 0x1c)
syz_io_uring_setup(0x5b0f, 0x0, &(0x7f00000002c0), &(0x7f0000ff4000))
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r9 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r9, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_genetlink_get_family_id$fou(&(0x7f0000000180), 0xffffffffffffffff)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet6(r8, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
connect$inet(r7, &(0x7f0000000340)={0x2, 0x4e24, @loopback}, 0x10)

5.536151047s ago: executing program 3 (id=2958):
syz_open_dev$dri(0x0, 0x40100001, 0x189002)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c80)={&(0x7f0000000bc0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum64={0x3, 0x0, 0x0, 0x13, 0x1, 0x1}]}}, &(0x7f0000000c40)=""/3, 0x26, 0x3, 0x1, 0x1}, 0x28)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
r5 = fanotify_init(0xf00, 0x1000)
fanotify_mark(r5, 0x105, 0x5000003a, r4, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x42, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
epoll_create(0x6)
read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020}, 0x2020)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x18, 0x1401, 0x1, 0x70bd25, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x18}, 0x1, 0x0, 0x0, 0x44}, 0x4044080)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)

5.26468523s ago: executing program 2 (id=2959):
r0 = syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0xff, 0x20, 0x8, [{{0x9, 0x4, 0x0, 0xfd, 0x1, 0x7, 0x1, 0x1, 0x5, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0x4, 0x0, 0xb}}}}}]}}]}}, 0x0)
syz_usb_control_io$printer(r0, &(0x7f0000001100)={0x14, 0x0, &(0x7f0000000300)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_ep_read(r0, 0x1, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, &(0x7f0000001680)="f315", 0x2)

4.507369424s ago: executing program 0 (id=2960):
syz_open_dev$dri(0x0, 0x40100001, 0x189002)
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/xfrm_stat\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, 0x0, 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x125)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x17)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0x4}, {0x6, 0xfd, 0x0, 0x7ffffcb9}]})
pread64(r1, &(0x7f0000000480)=""/124, 0x7c, 0x20003)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000cc0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REQ_SET_REG(r5, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="01002cbd7000fcdbdf251b000000"], 0x14}}, 0x48090)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYRES32=r5], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r7, 0x0, 0x4ab}, 0x18)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000280), 0x0)
r10 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/handlers\x00', 0x0, 0x0)
preadv2(r10, &(0x7f0000000840)=[{&(0x7f0000000640)=""/215, 0xd7}], 0x1, 0x2b, 0x0, 0x0)
ioctl$int_in(r9, 0x5452, &(0x7f0000000000)=0x5)
close_range(r8, 0xffffffffffffffff, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002940), 0x40000000000017d, 0x811)

4.503727117s ago: executing program 3 (id=2961):
syz_open_dev$swradio(&(0x7f00000046c0), 0x1, 0x2)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x80080)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000300), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c020000330007010000000000000000017c00000800018004001880"], 0x1c}, 0x1, 0x0, 0x0, 0xc091}, 0xc010)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r2, 0x4b47, 0x0)
syz_io_uring_setup(0x98b, &(0x7f0000000440)={0x0, 0x9bee, 0x8, 0xfffffffd, 0x25d}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x68, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40000020, 0x1, {0x2}})
mkdir(&(0x7f0000000000)='./file1\x00', 0x74)
r5 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f00000000c0)={@dev, 0x800, 0x0, 0xaa5dc4dea9c30bbf, 0x6}, 0x20)
setsockopt$inet6_int(r5, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
setsockopt$inet6_int(r5, 0x29, 0x24, &(0x7f0000000500)=0x40, 0x4)
io_uring_enter(0xffffffffffffffff, 0x22e6, 0xf62e, 0x71, 0x0, 0x0)

3.748652295s ago: executing program 0 (id=2963):
syz_open_dev$dri(0x0, 0x40100001, 0x189002)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c80)={&(0x7f0000000bc0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum64={0x3, 0x0, 0x0, 0x13, 0x1, 0x1}]}}, &(0x7f0000000c40)=""/3, 0x26, 0x3, 0x1, 0x1}, 0x28)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
r5 = fanotify_init(0xf00, 0x1000)
fanotify_mark(r5, 0x105, 0x5000003a, r4, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x42, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
epoll_create(0x6)
read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020}, 0x2020)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x18, 0x1401, 0x1, 0x70bd25, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x18}, 0x1, 0x0, 0x0, 0x44}, 0x4044080)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) (fail_nth: 1)

3.216613018s ago: executing program 3 (id=2964):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000140), 0x8)
socket$nl_audit(0x10, 0x3, 0x9)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRES16=0x0], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000cc0)={'sit0\x00', &(0x7f0000000c80)=@ethtool_sset_info={0xa}})
r4 = syz_io_uring_setup(0x1ee6, &(0x7f0000000380)={0x0, 0xfbc6, 0x10100, 0x8000003, 0x35f, 0x0, r2}, &(0x7f00000001c0)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x230}})
io_uring_enter(r4, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
readv(r7, &(0x7f0000000080)=[{&(0x7f0000002600)=""/46, 0x2e}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x18)
r8 = io_uring_setup(0x64b2, &(0x7f00000002c0)={0x0, 0x4d49, 0x40, 0x5, 0x1ed})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r8, 0x13, &(0x7f0000000080)=[0x7ff, 0x2], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ffad53010000000000840400000000000005000000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa7664012d42961e1445ce83def332233b081df18961d6822d133bf72a4de1cc0800004537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5bb6f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767030090a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a976774"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0xffcf}, 0x48)
prctl$PR_SCHED_CORE(0x4d, 0x0, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x800, 0x7fff)
prctl$PR_SET_PDEATHSIG(0x1, 0x41)
socket$inet_sctp(0x2, 0x1, 0x84)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680))
openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f00000000c0), 0x1000)
r9 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'veth0_to_bond\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_EVICT_TIMEOUT={0x8, 0x6, 0x3}]}}]}, 0x38}}, 0x4000)

3.076817245s ago: executing program 4 (id=2965):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x15)
socket$unix(0x1, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$SIOCGSTAMP(r1, 0x8906, &(0x7f00000001c0))
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3)
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x5)
open(&(0x7f0000000100)='./bus\x00', 0x1c3142, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0x8d2dc, 0x0, 0xffffffff}, 0x0, &(0x7f0000000180)=<r7=>0x0)
syz_io_uring_submit(0x0, r7, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r6, 0x0, 0x0, 0x0, 0x80000})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f00000000c0)={&(0x7f0000000000)=[0x0, 0x0, 0x0], 0x3, 0x0, <r8=>0x0})
ioctl$DRM_IOCTL_MODE_DIRTYFB(r6, 0xc01864b1, &(0x7f0000000180)={r8, 0x1, 0xfffffffa, 0x3, &(0x7f0000000040)=[{0x9, 0xe5f, 0x5, 0x3}, {0x4, 0xe, 0x5, 0x800}, {0x1000, 0x2, 0x232b, 0xe}]})

2.268730794s ago: executing program 0 (id=2966):
r0 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x8901)
r1 = memfd_create(&(0x7f0000000640)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\xfd\x89\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\rW\xef\x10\xd6d#\xf2\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8\x1f\xb2C\xf8\'?]\x16C\x166\xc0\xbcJT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8', 0x2)
pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000600)='\x00', 0x1}], 0x1, 0x7fffff, 0x8)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x58)
r3 = accept$alg(r2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0x7, &(0x7f0000000300)=0x4, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000080)=0x2, 0x4)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
shutdown(r5, 0x1)
r6 = socket(0x10, 0x3, 0x0)
sendto$inet6(r6, &(0x7f00000007c0)="7800000018002502b9409b02ffff48000203be04020406050a08040c5c000900580004000a0000000d0085a168d0bf46d32345653600648d270005000a00000049935ade4a460c89b6ec0cff3959547f509058ba86c902007a000f4a32000407160012000a0000000000e000e218d1dd3b6ed538f2523250", 0x78, 0x0, 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sendfile(r3, r1, 0x0, 0x2000081)
r7 = fsopen(&(0x7f0000000000)='erofs\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r7, 0x2, &(0x7f0000000040)='dax\x00', &(0x7f00000004c0)="b071", 0x2)
ioctl$CEC_RECEIVE(r0, 0xc0386106, &(0x7f0000000080)={0x4, 0x3, 0x4, 0x7fffffff, 0x4, 0xc9, "35a724415f79eb1d55516f62640e4497", 0x2, 0x7, 0x2, 0x4, 0x9, 0xb, 0x22})
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/resume_offset', 0x410000, 0x4)
gettid()
r8 = epoll_create(0x20003fd)
r9 = eventfd(0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r9, &(0x7f0000000000)={0x2})

2.152532876s ago: executing program 4 (id=2967):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r2}, 0x10)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8)
close(r4)
r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='./file0\x00'}, 0x18)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
pipe(&(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r9=>0x0)
io_submit(r9, 0xf000, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r7, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r8, &(0x7f00000001c0)='m', 0xfffffdfc}])
r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000440)=@generic={&(0x7f0000000400)='./file0\x00', 0x0, 0x18}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x11, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x100}}, @generic={0x6, 0x4, 0x6, 0xaf1, 0xa0}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x3}, @alu={0x7, 0x0, 0x2, 0x2, 0x4, 0xffffffffffffffc0, 0x1}, @map_fd={0x18, 0x3, 0x1, 0x0, 0x1}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0xc3, &(0x7f0000000280)=""/195, 0x40f00, 0x4, '\x00', 0x0, 0x25, r4, 0x8, &(0x7f0000000080)={0x3, 0x5}, 0x8, 0x10, &(0x7f00000000c0)={0x1, 0xa, 0xd181ba0, 0x101}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000480)=[r5, r6, r8, 0xffffffffffffffff, r10], &(0x7f00000004c0)=[{0x3, 0x5, 0x9, 0x6}, {0x4, 0x5, 0x2}, {0x3, 0x4, 0xb, 0x9}, {0x0, 0x5, 0xf, 0x8}, {0x2, 0x1, 0x8000000, 0xa}, {0x20000, 0x3, 0x5, 0x2}, {0x5, 0x3, 0x7, 0x3}, {0x2, 0x3, 0x3, 0x9}], 0x10, 0xd0}, 0x94)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x1c, r1, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x7}]}, 0x1c}}, 0x0)

1.994102432s ago: executing program 4 (id=2968):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

1.927529503s ago: executing program 2 (id=2969):
r0 = openat$vmci(0xffffff9c, &(0x7f0000000800), 0x2, 0x0)
ioctl$IOCTL_VMCI_GET_CONTEXT_ID(r0, 0x7b3, &(0x7f0000000840))

1.893793438s ago: executing program 2 (id=2970):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x13, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c0000000000002020207b0000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000070000001700000095f871ed0630fa5368707018ca067bf51111d3f3163c80e866707bb1eeb44910643d04a0122722f5a3c947f1ce8d33a0b7365ae9fe9d31169a4fceb18d853424a5f43a457e4efc47f4a111bc35300611551f7c6d0b19499fc0c1db9233993aca3b8a5d1a341ace"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYRES64], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_setup(0x10000, &(0x7f0000000800)=<r0=>0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
getsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000000c0), 0x10)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
io_setup(0x4, &(0x7f0000000000))
io_cancel(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x34, 0x0, 0x3}, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400010bce)
r6 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = fsopen(&(0x7f00000001c0)='binder\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r7, 0x7, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x4f, 0x0, 0x0)
getsockopt$sock_buf(r2, 0x1, 0x1f, 0x0, &(0x7f0000000240))
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1.824144854s ago: executing program 4 (id=2971):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x45, 0x2, 0x2}, {0x61}, {}, {0x6}]})
r0 = openat$vmci(0xffffff9c, &(0x7f0000000800), 0x2, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000080)='./file1\x00', 0x5f)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
clock_nanosleep(0xb, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
r1 = open(&(0x7f0000000580)='./file0\x00', 0x80342, 0x1df2a23c5997fa9f)
write$FUSE_CREATE_OPEN(r1, 0x0, 0x0)
ioctl$IOCTL_VMCI_GET_CONTEXT_ID(r0, 0x7b3, &(0x7f0000000000))

896.564531ms ago: executing program 4 (id=2972):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x6, 0x7ffc0002}]})
socket$unix(0x1, 0x5, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000000c0), 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000001280)="b7f2288a9119", 0x6)
ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f00000002c0)={0x14, 0x10, 0x3, 0xb, 0x4, 0x2, 0x3, 0x84, 0x1})
accept$alg(r4, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='highspeed\x00', 0xa)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/igmp\x00')
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x7000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0}, 0x68)
read$FUSE(r6, &(0x7f0000000280)={0x2020}, 0x2020)
sendmmsg$alg(r6, 0x0, 0x0, 0x200480c4)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1})

888.382406ms ago: executing program 2 (id=2973):
bpf$MAP_CREATE(0x0, &(0x7f00000027c0)=@base={0x4, 0x4, 0x4, 0x10005}, 0x48) (fail_nth: 1)

765.958949ms ago: executing program 2 (id=2974):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x3, 0x0, 0x0, 0x7ffc0002}]})
personality(0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x3, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000001c0), 0x13f, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000000000000000005000600060000000800090001000000050007"], 0x44}}, 0x0)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x0, 0x891018, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffdd5}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
socket$nl_xfrm(0x10, 0x3, 0x6)

86.426808ms ago: executing program 0 (id=2975):
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x1)
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_open_dev$vbi(&(0x7f00000000c0), 0x1, 0x2)
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
r2 = syz_open_dev$radio(&(0x7f00000005c0), 0x3, 0x2)
r3 = getpid()
sendmmsg$unix(r1, &(0x7f0000000c00)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000280)="bbf87c9a1a80a3422c4401471e50340dc9628cb52f876ac942202493c52b769bc0acf682bf22cd0b07efa8db1ceee6789fe59f3f1f9f0e2d279547f2b811963eae1ae52cd14cf8dfb99d35809008720c93ac587351cda46cfeb2ff5d966e62e45297db1d", 0x64}, {&(0x7f0000000380)="e52f42dea251bf2931917264d50de5a10dd9186e0a4020acd9c9282e63964b6c116ec8fce521a6a32b69d109284103a89d0ce6307b9cee01afe0872580b5642f60bb75602a16e8cb5c43d687ee6400ed08269d2c8da6bbe82d78eb281645432054ececeb464dde8119c1d160a634c5e5ff43fdf8a49dbbc358cbc7d7442d1da78223cd7d4645e1cc3bdeafc7c4c6c7a032c1312cf5855a44283ddfed1fb52add8514d5fc4da920307b0204495053b1f87a84405972b74e", 0xb7}, {&(0x7f0000000540)="a57cf119eb8a954a5508195421aadffbbf2f64a190200077fa7dca407cad361a9fb91755bc8ae4fb29656d570f33003730d50cacfffe36347c8c50811d01dc03771e", 0x42}, {&(0x7f0000000600)="639ebe681f37912b2165c12b25fe4643775dc3315fcfbd4585", 0x19}, {&(0x7f0000000640)="655c16ffdb37098cc6f7b55eb509becbfb4266a8b8020677101dbc673c867449df630a863a6b486b9cf3481360ecbeb56a7f1e7a7aedb5601a26", 0x3a}], 0x5, &(0x7f0000002e80)=ANY=[@ANYRESDEC=r1, @ANYRESDEC=r1, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYRESHEX=r3, @ANYRES32=0xee00, @ANYBLOB="08cae75a09b16397b771c187171948b34364c201e412227f32f7d8e5da1db033284e55a77313f8e594b5066e9e96d2689e13ed09fc47d3b3908d1d778a1d6826aa4f37d8e530391a46c6ad78f83bc7a1f1bc4ab8f1cd61d407c1d7ab5416db1f6d4e9ebca834d804b9894f1d54f447229d141cb4b4f25f47e1bd0de11964634193a340315577bac5f08f852aa0a696745adf09559d03a54631226ed1d0bd21f70c6d362259370914ce96651628c57af07c549d7a866c893a9ba9a54a01149f2addbb26af8f847bbf0205cc97d54311ce0409f39b0b754f768513d0cd4fc4e4451d4cdb690e59654e0dcceb2d0969033c7351600ef1e2133a9b621a9091ccdf8aa3658479421a2acfd9438d810fca2697bcef0faec115845fe54d58736ef51b1e17068acb4e67aa0b78294a8660ea4dc35ea2e027a55437875cf3ae7a835ee6a5f9ffffff3c2e01238ac4beadb3810ca7036ca110d2f7e9b6ea50ef820e4e51d2d12e6ce294c4a94564b2511a23b641aa4d40de24ffecd6bf23e33bb856239783a1618e8d16d5c52891102bb75cc9c123811a941a55e4fda5419e8a36c7ee67f91735b3d4572be7fda36cda007eb5a53cf9c867778e175c9ee5558db7186faa5b113bccf7cb8bcb3211afb9f4360be54128d80ada7386e2a601de0dea35e26b84a585d20ca3ca1f02da791768451c469a4500d7d96b8d92b8fcdaaf9f2497a6ef29165f759c8a5105b6d8a5710181e025d3580f2efb71bf356d3a391fa3fc519ee322f6bd8f60411dcb8ad7ee26650530096658fff162d6de34f841fde1b0dece8791ee048f8a480311e6b346615a2429a5b68e31eb88889370b32653b6b7971572eac6abc2368ea027abd8079b56019536943051f4b743dc3d3d972c38d3ea69f9a2e85137f8d26a742a51d94e288b35978f6a8bd5ea8856b5af88b5d5c5ef6c72b9f2794b8ffe446bee1783718f8f59b662eda5a2b800efbe7a182f1759d4138b98840fab671c15283572e2ab5f92486f2eef81e92ad3acf01f91d2599a4d79e4680a60522d4bd3358708ad91cb56c564aeda700f49105124484be825661453077c23311175a2604e62f1d7659e882344c691e5e126c4ecae5c23a786a1abbde0f9089eb27631c23b3ad20f62b4cb56a8d7be0233dfd7c6309b5726b20bab237de4cf675857b0e3aa1f264a67e4ed511fe7a0e0e6a3c4e3662b76451340e5c88e292fd14c165861d6fd35361ddc4f5405819988c1479574ee7f1f46fdb774189bc15f7eb89fc2bc0588c3f8178696480cd9ca8da66f7f2e5e23a4d43835cd6acd4faaa6b9d60e131a745c3b37e26cf2d914cac5713446e8955b7025d1c3616088234482694cfd65a110953be55804225469bc84fc81263ff863edc90542e334a9febb0556af5264bd1bd7ed9c1bbdce947882604450d28d71c0bdd09bf8c56dfa1883319cf646b3bdfe49c99ecba30d1b6ff3b2486d1387b5db1909470ff9995e11be5c71ac59d69c685059b26be2d496ead47b25951c32a1482507f1cd3970dc7ae362cc52e1b14048049d43f9a5f02454be3af4eb0fadbe59be4ae20ed417687f5d3c6a38a97bbc0c9d78c7f365b9209e572a420c4bc69b101dd8326f7b3376fc3f28e9026460fec56d46ab03e87d7ef4c150e18e7ef6b44685a5a9f6541edafbdd5a18ef739014116a062f5c5f73205c81962f42697ec740c712f3cef7dedd9fc08cfbffd56e946d630c7bd25998f5b8743839ad283ba2383dce0fcfc2fdc43cbbf47cceec9b6a4a3d3cf191787bc3148991efdf05081346d1acb38c882f8887f2cdf042953e7b88432f5f2a517ccfe8bd26ea9ce6052dd52e602372de2ea6a07f9f1965833cbc28bec569da5869c74d92a78644594af62d3baaf3ffe5c73ca14a27a8716852baa9f6b7d347939d1fb6ebf3abdca306fa8c302904574cad6c4785cfaf974b5d0faf3123e96a3119def9653f632e2457d7dfb3231973b146b2293c0aa174ce87006e207f8dfdc6230a35fe7208c0c995fc56ec2051562665624e5c19a792722816da91ed8a964874067adbc4fddcd2dabc8b577d461424ee9c4f2dcdac87a3407cfc77e4ef4222fc60762881d49073c3edb4b360c4f0ebf45a54362dd8fc692ec365305454a618ced68eca6263fcfd4abe0f1e7572bffb45cb6eba4367fdf2207c7081088e1f7e6144524c6402362b2a9aecad14f3c08bd99f136a2672e8018715c21113b92894329863247b2140a47b9faaf2c3084c0e01678353e857d9a91665cd1bd8c6b1ce7940bf018f777bfed912787a91af99b58db5a3e887eaf29061044356cef5a865671c60f9ce3dc31e013929b87833e204902a9c55d6ebbd05c1c02838668ffc47483187a4629fbda66fcf2675114dc66ea29dee97cac5e9710add00f33019f7474bba21885004b63f3082d52473fb5eaeb0f363b745fca6588ee65a031f71acce458cf47a70daf84d3f5099d5a9546a7699f89f9f118438f172895bfa5f63ac6d6ae91ba518bc56f31e74490ad94aa8c4f2c9b3e8e251d68d125c29154ed1d1321ca24c05ea85d17cba60438375d786fd5c0004de4763d8a4c097fdf929e74c598092144ca4d39b23a3bf529021e37b25596f5357a14a0ddc0fc6dce7e35481c8d216f11443c85de1bd5c377ace644ee15600338df2d10db97a6255a7d9bc0115847573cad224d0f7bd3733a47941d3d60c079bff1333c0ffdb2af7ef21528b4cccdebc44dc1b4407fbeefcd32c6675c384e97cae4dd3080f6119c6dd4959e1638e5889e243a769ef6b960e2af88766a5b49240f038e750144fe0b3f90edd2d778ca958a21b7421fe2f6e9a7e1c9223f2806ec9fe1be4a87f4ead701962a71a8d80cef711a7d24ecdeec8767c4cb58a11d0b845344caa2e7f0af805379470931ccb6da478e5bf23b0499db4a65c63f6bfcf6bd01ab1712811f8b6d82872b8fa835dd32986b2d8d79b92744b5dbd19d241b3d5c94125a13dc9e709f0a7e5c7fb49fce73ab5bb9d48579b1ee55259a350c79340d1347c41ba7d5d2dde3f09ede3af25a94d979029fd375467106a9b9a47dbb598e0993dba25570c8049465da1d6066e6f2c172054d83c9e851cbbf76e618db44f31a59bb5c55b6dc80ad499de35ef0443eb0b26c8d2e221d993578de20e6e19324111cc3537caf4afeddd1fa0edcdc1148b0f2dfc06524e78982b2cf0e2bea229ff2f8ed879e2be58a7010e19da6b2408132b9ed88b174f742382672916bd2b6f66c1d6914358abeebca69643fcd5ccf141963903ea5f01df1d7833f31e43102f25ea748c17b297a4a0d31808313b4cc3e640f4aabf6861928c827cdd2e937cfd723a0aebca4a25ee6eaac169873c2ace7ae1fe7c945b3e3014c9f28d8cee12afd01d06922a5ab3c43433232ad66c69df45bbb94dbd74dea0b054178feb3fb02a8895fb68cdbdce51603951e7f3c86dcae4856dd8dec9175f116a29d8c72f76c2c7ce622d30e8027b6d000f783633a4a564746df89682b8a443d838e7bf8cef37d1dddd33824c4477816d138ff893e48cfc14359d2df5022854661ef377f9d55d139f43eefbe17c4567ba7eb83dae9c5e6ddb4bd3e074d1ba2bd36784dd5e54a0b760ffa6e8ec3115526ddb488da516b552a9693f81afefb919b52dfce9b1670ce2797e8a18393fb4d82b56606babed68d2405e958a47203223bd663bfbb2a918c201259c2a0e16d2acee29976baf62730e1a0c59b9b8129b6bbb5f4b7b58f57003c78c2cfb9e544367a93a85aa585bb728b6dd2a4374f7686b909619eaa5d839f9f72de25eb62bb6c8230c11134912d9b03b6dd30360311aaf1e532429a79d370b0a26aaa2c5d30707f6322522c317b078826cab85cc06e7cdc6a4603fc97475dae1b52875f3b097e44cc61b96e5353ccf6106da6bd6b454e11c075b6aad2bc52639ce5af53a754c6eb108f5f9e668027534f31c2a9a6799015e29e046f2fecd030891102f4d3ddb8fc4b29c73e1a240abdd28d1880ac5c46ddf4feab7a6d757c61edfa00a765fdc9738551acaaac5f31c107684dc66b1d8e0051c391e0dd5ec986019d877499fc73331d640a61fbabc4261dab0b47982395413184054971fc935e5ac50b164a7cf4102ff5c21484936063dca768cfc7e71bc9a9c59c8bb8781a19c42f5dddb19973b8399c8553769be7aeea2ec4ac049b73845003ba58f468514bb26381d294fa0c47088da61547517180986bb06e0f5e7d1f984bf133573e8cd7e15970539913a1af1f17acca9a9ba30932e739c539461ebfbdcb25b460fbdd1cac9d4983a27148e3204fb23d877104a9312ad240c9987b6988acf256fa830d1d86224042c16d49910d76014ea97634271012793e7f280b4c7ab71286219731e8911ab1ecd814632816e477d9b33d36bfbbc0c950d9eb343b52bcd14a008d9925ffe716659ac19935ebe5ae7bb6c42c8e334f94c4804ca9b9bb5b49ffbc0711d4108c39de68fd5a7305ca5e56a4c71739e242e00a11ec0846ffee80d89542cb084c7e2afccb1579d13fb0804b52359c20031cd3cfe0d3c55a1be947afe4d2cc09f8bccfa6192f5a662dd6ceb070255a02114dff130c4bb5b24bc033256c478dea436815a5a245d910b7e2f176fed9b9eaba9580cfca1fccbb10bdc20a4e2a3b15d758d2ac80a5d84f80ceffc6e1fc0f93f9dcd35c954d733e1572da2c00f831b713eb572f713a07ee9bdad923c2020b23d83e8f10b13e39b3d711729885f7144f899771b437fd6cd7be341565e9fe8d524637c81d221636339dcd9f5a961590d3a56b1460b590d654cab25b37ca27e0e867b280bcef2ad77bc3f044ce5896f4b59f463478a24938f4d372895413b6c4f451391cd63abfdb4f61a134bbcc21290523e2fa4607eb5f9da8ac992d37d703c2609a44961a4915cba4c1a15d9a2bcbadbd8a916dcc6406d2ce265b434bb8f8d9a503f467d9ae708bea332030ad1383b4c72c64498ff06bd5a80de4b7c8dcab6a91bc37ed8cbe1f82d6447ea9ef08e37e1a087332594dd80647960138a635d91534ac04e738043a38534b17e43f3347c1f78bbf6856a1848bbbbb88117d8288da12c449668dfe59a03a8d0e20525ee9fc8d5882182452ed58db83dc0d3429005736c36cbb0a46bd1a92e3e88661c71b39ef9fbb6a9e7b095673500b26cbaaced20e77abde0930fa5f01bd0945cac735670aa7f5521a38cbe4f1c53eee449cbe04c81874b390ad85b3abf608bafb559f561f0325e4faadd7e233e98af7f902e0e4c5fd43c4313c26b25a79e699bac10d03b976ffef57a38f01a1434d5811c6a9feed525f11aa761dc23e0816075a6d8d0965dee25d65242176563889d4f7b44d65f7a726862598475bc428e67a0a93d4f7d8ccb8f2f2f69f5f33669fd0ef8b28f69aedd854161ea7f3ef8f35f60b623fc1c204521e16826a580f11fb98199935590ff69ebbb40c53c05bfee0f4690b7cdc423879ebbc570f01832bf3fcfa1c4994920e185c37f11dfe169d8e2a376f4ee7b0096fed50d2964de982aaca72615b0516c2fc50a801a91ed95d7c1c2efd51d2bd55971d18111f9629dae0db47c5fb1d9589b8a69053eca2f6646dc4e558dc47ac49ccbca0fd7533f7c16bf2a988a7e59dd720580b20d165bfd334210d89e6864fda6e09550790e164a5a1b0b19ba964b63a33df0a2f2f52f1f601a5ef167c394521caf16ad36af134c75c39ce1f51ee4272b52d1d307383278af455f620b97158f1fd2e718535eff85d562e411e5645822d52c33c18c23410d4b439fca", @ANYRES32=r0, @ANYRES64=r0, @ANYRES32, @ANYRES32, @ANYRES64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32=0x0, @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000024000000000000000100000001000000", @ANYBLOB="eca20d158e986ef27c3d4357710000000c0000d780c91808c5aab263f403980000", @ANYRES32, @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYBLOB="1c000000000000000100000002000000", @ANYRES32, @ANYRES32=r2, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRESDEC, @ANYBLOB="146f33287f17b35b50f380c4334c2468e5f3cc8a89c098e6d7c643ffd7f779d04c59914c28"], 0x118, 0x4040004}}, {{&(0x7f0000000a80)=@abs={0xbf8322d2e059b653, 0x0, 0x4e21}, 0x6e, &(0x7f0000000b00), 0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="43fe00000b9e60f69121ec87774c6607", @ANYBLOB="0d640011ed981a3cb2af254584a60d2cfdfabc46d9b9984cca459daa3a42da8bfcac14fd7b46fccb5afe2064aa81f1e223ada5fbf8fd136017da3dbf8fb06269efdfa762f7774ddc12076a49994e46eba42f25a2c4ecd863ab787a2d7aa861bfe4dc072a11fb8e5eb161d615c258f4d016b9b32c488e1c4540d3007f33ca3646d59068e8d57b1578cad520dcd8eaaec76f2827515cf9ebcf1c067b8d22b2391bf022f7c61392c7f83d23fb91d81c7c7c532c3d59f91f881f33d20fa3b6604138ee0803d267e257a20978df6d43589a4365bd6155b6eb893ab323e7b7468cbf29da696241e312c14d9f66c27afbd7ce8047bb29ba751e06fd13c1759f8d01d4a3ab4217c111d17fd2ebb458c80d0a8e7df06a563097db8d9e321129bfcd76812fae6e7fcf850aa46f06f99fd145541ff61743b224d1f9667d0b0a81fb5541253de3d604ae68be2f1446d07cec492c60f1381bb0188f5fc51eadc4e347b957dd4d3a093bb9a164d252263fe42aed8136c1f3cc4564209f4cb6e1ab2287dc5b04ff9272470171a908bfb630e57b33437d000f1c048860bd0a5f0a1d619e6678ec8a5890e048c82d3af30fb50c909b64482db1bfe9e6e97b31af0969d64e666180e5557916214f48b6c48073eff4dc14e2b414718cb19aa6b07b806a8a2dca8bde5f8fb1c60bb54a6cc68c9c64e6abe8c40b9b77a46136120f051222643a1dc5a1ba21e75de4d1f153ee2df1dd3aa88218d8f5b12a00356fca07712d91921a6a8fdf3afe6d978292553b30adaf63b6e74a547977fa6d2d369b6893fbb93e6d60b6cbe097a823688043e78c2dd189b37bf075ef4f3a7271b8d59af913a5da082d1b6e55392d9db1a99b77ced30968eec783da48f65014723ab19d98c4e91e6cc80d326e07c9c0ab1d6ba6b40110cd08ce3d27ad386e3ffe8409209af4f0742b95ac6de0b77ffc00ae991d667467fbedad6490ba7e33a534a091e56c8ae38639fc242c09b9eafae278d9e210e07e98a75a32969f08a65eb06b8df79881f323bf125ab8447c59622db01e7a51a047621879534e88b6032205a01a88cd082a8699e504b52e933db7f3fe0b4c280eb33c569a41f5e65f4056045a1086c03c94949beaba06e1f98392e28d12d480519bd5ebb5adf59d9b5324830bcd085e1865f6ef751024bddbb8dd80ee833ace5675b4153ce0fd8609511d416e7e57a902cc5e8b871f9bb706104b43f18bc14f52dcb2e497ab0cd8ab6ac5793f48ce89f792d7de70f63149c8c6d51e17a9b79737952f738cbe2476202b9bba119a77b136fd650e2e0b21feb1e6d7fe2d994ff016e039a18c86e58991d00e5bc5cc46e24abc2052cafa9e9af537d40907f2b72450b4d1086fbe17f84f1d0a9a2e2ebb8e33675bf4ab5ac409e60a1707b92a44277dfc26663d1369d54905ba20380f2998b33faddb0403abdf68ffcb4f3f94293ed999c5ebe113b575177a273325ad15b6fe5c199dd680966efc818f9fbb1f91fab03170a87d9ece776eaa1e389208923e0b7f6561c9143da763a7086eefd259a5c3fe10deb481ac9c613defef90f4955c32909379b7f602e4e4ee230f955cab48863d75e0a360144de20646bb0ef8fdefe0e4f61c7477e60a4643ec58ce7a797c395a49be29c470a84336f30bb97f3db25076038f29589ebc1f44941cfdf827a482c0b0e1fea4fb703823578fd4c7926295f1e967bdfadc1fb72f81b8f73d9a1aecb2abe8d5a54395ea09aa0ebaa58a7b0e6e209915a22c1fc210c82705d5e2bd9e00702931d307fd7725089c10d9c43818f228bb13abf32154450668b955759dffae2c5a3f94bd2a120d346be12500b3215fd2c2100d1d6e5f125c9f0d07bef534960474cf6d1f9f145b31fb2db2b712eed3f0830336e34bd1d1d8ce570d5a33856d97dfb4179df3aa86ada988789f62d04997f6e269af3fda1931eefbdc1ca3106fe72dbbacdd62253af27e201c1de8dd1bd85f9baa420dd074e8d3cde2794e8ab5cfacca6914815e6ac6f825d7d991e12f49becf4e814c6120b7e28ff44d9328048c3f7027dfa80d3d85029a55a22971e14b38009a5b01818467491a9516e43f48d58113c9d387897ca8c100c6c691acc3911bde07ef0c5bbf28c1b8723cc2113de2ad583a194d4b5dcadac17c8618ba030e9f3553d1b8e34e24363560cadb195194b542f83485f162a1cb350037bf5a2000f755dd2fb262e6173b5d984a5067f368428028056c8c6aac8bcec895f15d908ab0ce947605a92b63ea2571da350f14392e966d0b2c518bf110dd80a50d7233499be25ff605f275d5ed3db1b679fb9635780998dfc6ba024c569c10921b00290dbead521adae3b5d9ad9db117cd194dc356fe6a22b1b8efad7bdc5f2184cdf01699c10711782867d9b6ca7f7d9d8ff20efd407bebe389501047d625518024bb7e4336720cc396314c1b5f459d2867e6c1ef9914e73d08c73f75411785f7c9356449f8f9d419cb76d4763c7942ffecf682badf4eb032424fcbe141f6258c3815cc0c05f6f63891df7ac8d3e82009d86be50d4330c30adb3bdef8fec8c360cc03b951b01e17ebb4731b9909cf1a24710608d69c997219bc0df5d2e1e81458bf888c7de4ad47c87d5591b260b08634f1cdb9bc83d591ee2bb2c874c4eaaaf22738d04dd98a8e5f7258f4ab66531ea5bb9e8e8830a08a081326e1b7123e65d8d8ce58458526073ed916a25a5d5a05c7b2059edc2bcdf12f3514b0066055c405a00ad1c68ce1b5f38290be05883692a6f164cfcab15efbbbfed511612e69e14de726e8f167f0bbc6fdba3f0b24f3c961f00be93aef13d431fe89af6c377d2e7a433f465c9adb22b8b2f09b0c58ba650fac99e22fb30d7a3384926efa4e160b232f35b55109619a1153f9315bd68f894d91c4553c33e49f047517e2141e751292eb24a3e5a79f32458e4384f88d15ac02a8a184cc1b83a6a1685c341c5fcf61c7e70221e7dd8ba5ced9e4ceae441eaa2596a135e4b8fdfa9226482f532ee7c94038006cef0f558d743d4fe8fdd48ec5c344bced13450e0f7fc2142329ab9e1279c5bc95e4665f52ecef2a623f4f5d8ecdcb4010d96d8b9393a985a27022f34b62573cb56c71a2d29b5b98ffd6783a8ad31ada386734980e077f74a09c862d4405da3b00b22aa763ed31d4c24f13e5e2dde31c9ff18946b775c84a10db1cb70fca8bfdca978c0aedb7e7d7374c1e4e4a47c8079545c7bc8cdaa8606b786c793e3200c333a337c485a39a5d483879cbb39a153d33f5ccf4452462644008802710ae0910088baf3fa73535c232425abb9e7979ad133cfa8fdc3a0ccdb9c610120c76380deb7dc6ef9d72173cd37195a1cf4dbd6abd01358dbee71da5c510a469abe33a63ad3adbaf368b72a011023c4ff1a2ac1d0db020d36069b01b47e7c597ef92c7fd0d9e325df9c3f2ddad2df9c6c2847fce92327dd9790ef9e4fc442764b64e5558bef486b55410e83b370220a9273d3011f939420290fe4d230dc3c0222cb20cea2712f1c2f8805f731f06efa5d300a368c33152b4b07614138bd58d79bebbab3b6225179085908c6aa46e35217ec1cf29daf5647e3923cc98de97a1e253eb5299ce22277db00f6a6666f4afff203097cf8de40133808479acbe77a25a189ac1fd2e9be588ba42dea27064fc498900baf24bf89f8470a5bfe42f69bf8836e2b9bf09ad181c488f2ba8da11817522b8101a3d9e8a4122210485362187a0c4fe8372bbc663d09f12e14e009b9f2db63da78fa0e11f7bb3aca355b42f784fe1dcc64f03b54f5318eead3413d5fc729997344bca2922d8fe622027f90cfc5b8eaa87a1b56fbe22a752f2c8924062d1894cf08a3d77f280477a58178e66eaeaea5f3d9d01098fcf77cd4e3621e15286e6706ef9fd6d200141ba95839dcba5011e99bc394c2a91a4a19fa17752db321b4689fcbb15d0b1ab242e152fdac7618184d6fe84964b98371a95bccb6e57d12bb66dc68a0102ba35842f840b02ec21f304fa6c9881b78c6520b2583cfbd25c8538fcb760eeb8e19cfd838cef7d8c1b0b1314fd8489d8028d3c587df6314eb80ad0ffe94e05d16aa5f6f0f09720478abfa8227b43bd74630fe4bd7e4dbeb0ec3b3bda3cb76888bba9f40277215780c3afdcc04db01b4f20c6b1e86ed5970fea16c95a89da8cfd452c8e25bc66fb23e808e9d2a41fc99018bf4a169ef3988fadcca94b1444a2ebfd7d0ac4f7b8d836aa0db5c4af9dc51926280cba1b691acbb6db8c967d4b4d21ddef3928e8961de6794118ad6e7c982fcb19c4349842b0969267869e674e6cca030ab39b849dbb7a3fe86a9be2bbb09b8505bb0c694d31fb7089bfb5e8f7bed84e283568b8c98f2f79fedec258ee9df3c5b2b6e4a3a412f192f5f3a8632fc9d46c3cdb35c5e412884b1b41e33819850649672c8aed305db3ae9acce23ed87aed573cb008f05c8ed2300bf52299b8712c4e1ab56156568bd046abf040f20927bea7e3945e693dc4610b05d6fcd76b524e1076ebd3a4e78653c94caf96b299a8bad4916c70cd9e3f569821f8821a9388a4198dbbb9ce96777c990ac1f9ece1be53d23be14f9cd514203072ca2cbecf0b06bc9c90eb13f8537864614b5c544f7ee494d9d4af0fd098921b98b853e680019d75f5dde65dfc6c1a5912d94cf938a5ba08c97ce55b924fadf120110d3f1dbe2aedaa5da56316dd1e4cc9355a261f32a21ccd801424f8b31ce65ae8fd52e9014da8c6f6849ed9aae1b5606e4cbc565cbdf4066d4b68406fb7f3b08eafe2af595b780edc7cad18bf45a492a43d9f4de936b16d9642b9c8f8be353271ca67d423122571d16cd45fb360fee779bcad9abb2c61d24a396d5943adc34ba55cd873c1b323c896ec9b651021e643018d5dc62334ea0ef978c22274a25fdd60ad1a3c71ab4710e9e967feecf7606820e2d12064f24a107dac51efde023c422d3d3daa562163b7f95f9c5a85015b6b4c07e32758c7afb19f070d6a7817274021980d709f9fab45c24385a7df83a8e4f2422e727d46c9031b994d5820542342e57d6bc2c9bd7a53e01ad8f321fc799a6c2652e208bba7f76f555e3c4d882c018de5f7ec3859cb29879b7e3fc469f872f16548a00bde3ce2eedf1abcc02323ce0edcc9548627d7b93b058e19d7011f794ff5fe4e7a5d652ca9601a6892ff2e0e2d87f94fe86e3c6d79008febc46847f4e759c225ad723b5bd98a35638e2d5edcaad2aa4a8d80de18b7eddd7f4bd5a2b7f4098ca2472ef0fffe5bd1aded5c3c282639a7e2cd6c9b1799e7a91fd5223d2bc09f85942ac8e7f818d946f5d11d03568ab99b424cb20cff71d402ddbf25ad2d831f476568fe05f715639d60bc9007316824723675683d9b8444ef94be4263d7d7d432b52a733017b690e2c4fe77a4a1660dd5b61797d485bde930c4d4ba5fe53cd15f2a169bf95ba37cf0ed14526f44c72bf65de8c55837e3824db2b4b1e9775ee23576d0cd339fd8976b17d1df01b0c6d7e64a3d80d419c84cdc87d71936fc1a08156e0f8ef1539e9698ddc6c82230878e12bc786707c3d20c77f887dec8636854a62cf2053cbc819ef84207aac330f13a43c472553832df7863e045448dcc296628060781874c631f2e4d373e863067d6b9e6fdc03ccc7cab7390f291eee165c68691197fd9315952afa1de0b55aef62773a9a64f39b964ec39fa56cf057c123854566eae855638de2e458b8370538a5c9308198cc79ce4b0c8ad82a3d408bfc5ea956a5f763613476664361d1fc484f110a36072831901", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r3, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00045c00080f00000000", @ANYRES32, @ANYRES32=r2], 0x58}}], 0x2, 0x20004014)
recvmmsg(r0, &(0x7f00000000c0), 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x82002}, 0xc, &(0x7f0000000b00)={&(0x7f0000001d00)=ANY=[@ANYBLOB="3f0300b1ba2a55c9a7e9c308c4bfff7f0c00", @ANYRES16=0x0, @ANYBLOB="10002dbd7000fcdbdf250e000000f40002801c000380080002003b04000008000200ffffff7f0800020001000000080002000000000014000380080002000100000008000200060000002c000380080002000400000008000200020000000800020009000000080002000200000008000200d40000004c0003800800010071070000080002000c00000008000100090000000800020000800000080002000600000008000200ffffffff0800010005000000080002000308000008000100040000000c00038008000100090000002c0003800800020008000000080001001000000008000200010000000800010069000000080002004f000000080002000100008090000680080006000d000000790003006c0f3178df9b4efd516627010f15d05ca49224a819b29ccd8bea7d56e1f71b974a0b00e51a495c48916d4d3ba6d9f79239ae3e6d919d4044e87f382254d98d3fc4b5f15fb61dec6ff5b4be0ec60fefffd0661bdb565c736a8d9fda22147ca0743335350d87f7e8d1e493bae333939daf0849b34aed0000000800060006000000f000048014000780080002000900000008000400600d00000900010073797a3100000000140007800800030000e00a0d08000400040000003c00078008000200060000000800030005000000080001001e00000008000200020000000800040004000000080001000b000000080002000100000044000780080003000100000008000100000000000800010009000000080004000700000008000100190000000800020003000000080003000900000008000400040000002400078008000200000000000800040000000000080002000700000008000200040000001300010062726f6164636173742d6c696e6b00004800028024000380080002000800000008000100ffff000008000200070000000800020002000000080002000e000000040004000800010004000000080002000400000004000400700002800800010001000000080002000c0000003400038008000200080000000800020004000000080001000f000000080001000100000008000200000000800800010001000000040004002400038008000200010000000800020008000000080001000000000008000100020000001400078008000200040000000800020003000000"], 0x354}}, 0x20000001)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb47, 0x9, 0x8, 0x80000001, 0x3}, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539esp(adiantum(lrw(serpent),aes-asm,ghash-ce-sync),sha512_m'}, 0x58)
ioctl$TIOCMGET(r4, 0x541e, &(0x7f0000000040))
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x101002)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r6, 0xc0a85320, &(0x7f0000000180)={{0x80}, 'port0\x00', 0x7e, 0xa1c07, 0x6, 0x0, 0x100000})
r7 = epoll_create(0x101)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000080)={0x40000014})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
socket$inet(0x2, 0x2, 0x0)
rt_sigqueueinfo(0x0, 0xe, &(0x7f00000004c0)={0x22, 0x6, 0x7})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
fsopen(&(0x7f0000000000)='autofs\x00', 0x0)
socket$alg(0x2d, 0x5, 0x0)
clock_settime(0x0, &(0x7f0000000000)={0x77359400})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="500000000101010200000000000000000a0000000c0019800800010026040000300001802c0001"], 0x50}, 0x1, 0x0, 0x0, 0x8000850}, 0x0)

16.708532ms ago: executing program 4 (id=2976):
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x70, 0x30, 0x9, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_skbedit={0x58, 0x1, 0x0, 0x0, {{0xc}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0xff03}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x2}}, @TCA_SKBEDIT_PTYPE={0x6, 0xa}]}, {0x4}, {0xc, 0x5}, {0xc, 0x9, {0x4c}}}}]}]}, 0x70}}, 0x0) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000038000000030a01040000000000000000010000010900ea0073797a32000000000c00024000000000000000010900010073797a30"], 0xac}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f00000003c0)={0x0, 0x0, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) (async)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, 0x0, 0x0)

0s ago: executing program 3 (id=2977):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000180)=0x4)
write$dsp(r3, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) (fail_nth: 1)

kernel console output (not intermixed with test programs):

adm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  758.893946][ T7253] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  758.931183][   T30] audit: type=1400 audit(1752289217.570:1824): avc:  denied  { execute } for  pid=14815 comm="syz.0.2597" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=39872 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  759.541704][ T7253] usb 2-1: Using ep0 maxpacket: 32
[  759.548433][ T7253] usb 2-1: config 0 has no interfaces?
[  759.556380][ T7253] usb 2-1: New USB device found, idVendor=6615, idProduct=0012, bcdDevice=11.66
[  759.566844][ T7253] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  759.575511][ T7253] usb 2-1: Product: syz
[  759.580584][ T7253] usb 2-1: Manufacturer: syz
[  759.585178][ T7253] usb 2-1: SerialNumber: syz
[  759.610501][ T7253] usb 2-1: config 0 descriptor??
[  760.298013][T14842] FAULT_INJECTION: forcing a failure.
[  760.298013][T14842] name failslab, interval 1, probability 0, space 0, times 0
[  760.389219][T14842] CPU: 0 UID: 0 PID: 14842 Comm: syz.3.2606 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  760.389237][T14842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  760.389244][T14842] Call Trace:
[  760.389248][T14842]  <TASK>
[  760.389253][T14842]  dump_stack_lvl+0x16c/0x1f0
[  760.389272][T14842]  should_fail_ex+0x512/0x640
[  760.389286][T14842]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  760.389303][T14842]  should_failslab+0xc2/0x120
[  760.389319][T14842]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  760.389332][T14842]  ? __alloc_skb+0x2b2/0x380
[  760.389348][T14842]  __alloc_skb+0x2b2/0x380
[  760.389361][T14842]  ? __pfx___alloc_skb+0x10/0x10
[  760.389374][T14842]  ? find_held_lock+0x2b/0x80
[  760.389392][T14842]  alloc_skb_with_frags+0xe0/0x860
[  760.389411][T14842]  sock_alloc_send_pskb+0x7fb/0x990
[  760.389425][T14842]  ? avc_has_perm+0x11a/0x1c0
[  760.389440][T14842]  ? __pfx_avc_has_perm+0x10/0x10
[  760.389457][T14842]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  760.389475][T14842]  ? avc_has_perm_noaudit+0x149/0x3b0
[  760.389493][T14842]  ? sock_has_perm+0x259/0x2f0
[  760.389505][T14842]  ? __pfx_sock_has_perm+0x10/0x10
[  760.389518][T14842]  hci_sock_sendmsg+0x1c7/0x25f0
[  760.389536][T14842]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  760.389555][T14842]  sock_write_iter+0x4fc/0x5b0
[  760.389566][T14842]  ? __pfx_sock_write_iter+0x10/0x10
[  760.389580][T14842]  ? bpf_lsm_file_permission+0x9/0x10
[  760.389597][T14842]  ? security_file_permission+0x71/0x210
[  760.389612][T14842]  ? rw_verify_area+0xcf/0x680
[  760.389626][T14842]  vfs_write+0x6c7/0x1150
[  760.389639][T14842]  ? __pfx_sock_write_iter+0x10/0x10
[  760.389650][T14842]  ? __pfx_vfs_write+0x10/0x10
[  760.389662][T14842]  ? find_held_lock+0x2b/0x80
[  760.389683][T14842]  ksys_write+0x1f8/0x250
[  760.389696][T14842]  ? __pfx_ksys_write+0x10/0x10
[  760.389712][T14842]  do_syscall_64+0xcd/0x4c0
[  760.389728][T14842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  760.389739][T14842] RIP: 0033:0x7fe3c658e929
[  760.389748][T14842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  760.389758][T14842] RSP: 002b:00007fe3c74c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  760.389769][T14842] RAX: ffffffffffffffda RBX: 00007fe3c67b5fa0 RCX: 00007fe3c658e929
[  760.389776][T14842] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004
[  760.389782][T14842] RBP: 00007fe3c74c3090 R08: 0000000000000000 R09: 0000000000000000
[  760.389789][T14842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  760.389795][T14842] R13: 0000000000000000 R14: 00007fe3c67b5fa0 R15: 00007fff7e075db8
[  760.389808][T14842]  </TASK>
[  761.427405][T14859] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  761.445853][T14859] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  761.453182][T14859] IPv6: NLM_F_CREATE should be set when creating new route
[  761.460535][T14859] IPv6: NLM_F_CREATE should be set when creating new route
[  761.467806][T14859] IPv6: NLM_F_CREATE should be set when creating new route
[  761.542093][T11191] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  761.596414][T14850] ALSA: mixer_oss: invalid OSS volume ''
[  761.634522][ T9850] usb 2-1: USB disconnect, device number 63
[  761.802122][T14861] FAULT_INJECTION: forcing a failure.
[  761.802122][T14861] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  761.852005][T11191] usb 3-1: Using ep0 maxpacket: 16
[  761.884734][T11191] usb 3-1: config 5 has no interfaces?
[  761.891915][T14861] CPU: 1 UID: 0 PID: 14861 Comm: syz.1.2614 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  761.891943][T14861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  761.891953][T14861] Call Trace:
[  761.891959][T14861]  <TASK>
[  761.891966][T14861]  dump_stack_lvl+0x16c/0x1f0
[  761.891996][T14861]  should_fail_ex+0x512/0x640
[  761.892023][T14861]  _copy_from_user+0x2e/0xd0
[  761.892046][T14861]  copy_msghdr_from_user+0x98/0x160
[  761.892068][T14861]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  761.892093][T14861]  ? __lock_acquire+0xb8a/0x1c90
[  761.892117][T14861]  ___sys_sendmsg+0xfe/0x1d0
[  761.892142][T14861]  ? __pfx____sys_sendmsg+0x10/0x10
[  761.892195][T14861]  __sys_sendmsg+0x16d/0x220
[  761.892219][T14861]  ? __pfx___sys_sendmsg+0x10/0x10
[  761.892258][T14861]  do_syscall_64+0xcd/0x4c0
[  761.892283][T14861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  761.892301][T14861] RIP: 0033:0x7f0f56d8e929
[  761.892314][T14861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  761.892330][T14861] RSP: 002b:00007f0f57c09038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  761.892347][T14861] RAX: ffffffffffffffda RBX: 00007f0f56fb5fa0 RCX: 00007f0f56d8e929
[  761.892358][T14861] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  761.892368][T14861] RBP: 00007f0f57c09090 R08: 0000000000000000 R09: 0000000000000000
[  761.892378][T14861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  761.892387][T14861] R13: 0000000000000000 R14: 00007f0f56fb5fa0 R15: 00007ffea560e218
[  761.892410][T14861]  </TASK>
[  761.893628][T11191] usb 3-1: New USB device found, idVendor=0af9, idProduct=0010, bcdDevice=38.99
[  761.918586][T14864] netlink: 'syz.4.2615': attribute type 1 has an invalid length.
[  761.943220][T11191] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  762.091435][T11191] usb 3-1: Product: syz
[  762.095755][T11191] usb 3-1: Manufacturer: syz
[  762.100363][T11191] usb 3-1: SerialNumber: syz
[  763.213228][T14881] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  763.245098][T14881] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  763.454499][T14881] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  763.670668][T14881] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  763.792388][T14881] Invalid source name
[  763.808901][T14893] xt_CT: You must specify a L4 protocol and not use inversions on it
[  763.818650][T14881] UBIFS error (pid: 14881): cannot open "/dev/sg0", error -22
[  764.056461][ T5917] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  764.199047][ T9850] usb 1-1: new high-speed USB device number 76 using dummy_hcd
[  764.211650][ T5917] usb 2-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  764.220737][ T5917] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  764.229318][ T5917] usb 2-1: Product: syz
[  764.233513][ T5917] usb 2-1: Manufacturer: syz
[  764.240573][ T5917] usb 2-1: SerialNumber: syz
[  764.259826][ T5917] usb 2-1: config 0 descriptor??
[  764.342007][ T9850] usb 1-1: Using ep0 maxpacket: 32
[  764.360703][ T9850] usb 1-1: config 0 has no interfaces?
[  764.375603][ T9850] usb 1-1: New USB device found, idVendor=6615, idProduct=0012, bcdDevice=11.66
[  764.386166][ T9850] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  764.395075][ T9850] usb 1-1: Product: syz
[  764.399992][ T9850] usb 1-1: Manufacturer: syz
[  764.404714][ T9850] usb 1-1: SerialNumber: syz
[  764.411559][ T9850] usb 1-1: config 0 descriptor??
[  764.657921][ T9850] usb 1-1: USB disconnect, device number 76
[  764.887387][ T5954] usb 3-1: USB disconnect, device number 53
[  765.390981][ T5917] asix 2-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  765.991035][T14911] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  766.000874][T14911] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  766.021186][T14893] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  766.039211][T14893] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  766.059504][ T5917] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  766.075532][ T5917] asix 2-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  766.086549][ T5917] asix 2-1:0.0: probe with driver asix failed with error -71
[  766.101331][ T5917] usb 2-1: USB disconnect, device number 64
[  766.332731][ T5954] usb 4-1: new high-speed USB device number 77 using dummy_hcd
[  766.504295][ T5954] usb 4-1: Using ep0 maxpacket: 32
[  766.510758][ T5954] usb 4-1: config 7 has an invalid interface number: 66 but max is 0
[  766.518957][ T9850] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  766.526623][ T5954] usb 4-1: config 7 has no interface number 0
[  766.534594][ T5954] usb 4-1: config 7 interface 66 altsetting 4 bulk endpoint 0x82 has invalid maxpacket 8
[  766.545928][ T5954] usb 4-1: config 7 interface 66 has no altsetting 0
[  766.554949][ T5954] usb 4-1: New USB device found, idVendor=0471, idProduct=081e, bcdDevice=7e.90
[  766.565249][T14920] netlink: 120 bytes leftover after parsing attributes in process `syz.0.2629'.
[  766.566186][ T5954] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  766.583238][ T5954] usb 4-1: Product: syz
[  766.589804][ T5954] usb 4-1: Manufacturer: syz
[  766.595003][ T5954] usb 4-1: SerialNumber: syz
[  766.612063][T14913] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  766.695193][ T9850] usb 3-1: Using ep0 maxpacket: 32
[  766.703748][ T9850] usb 3-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  766.744617][ T9850] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  766.836630][ T5954] spcp8x5 4-1:7.66: SPCP8x5 converter detected
[  766.854193][ T9850] usb 3-1: config 0 descriptor??
[  766.881136][ T9850] as10x_usb: device has been detected
[  766.887162][ T5954] usb 4-1: SPCP8x5 converter now attached to ttyUSB0
[  766.932756][ T9850] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  766.949584][ T5954] usb 4-1: USB disconnect, device number 77
[  766.994145][ T5954] SPCP8x5 ttyUSB0: SPCP8x5 converter now disconnected from ttyUSB0
[  767.015830][ T9850] usb 3-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  767.036245][ T5954] spcp8x5 4-1:7.66: device disconnected
[  767.064569][T14918] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  767.114222][T14918] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  767.194165][ T9850] as10x_usb: error during firmware upload part1
[  767.200553][   T30] audit: type=1400 audit(1752289226.253:1825): avc:  denied  { firmware_load } for  pid=9850 comm="kworker/0:2" path="/lib/firmware/as102_data1_st.hex" dev="sda1" ino=297 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  767.226466][ T9850] Registered device nBox DVB-T Dongle
[  767.658285][ T5954] usb 3-1: USB disconnect, device number 54
[  767.684006][ T5954] Unregistered device nBox DVB-T Dongle
[  767.733111][ T5954] as10x_usb: device has been disconnected
[  767.843294][T14932] FAULT_INJECTION: forcing a failure.
[  767.843294][T14932] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  767.894942][T14932] CPU: 0 UID: 0 PID: 14932 Comm: syz.3.2634 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  767.894969][T14932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  767.894979][T14932] Call Trace:
[  767.894986][T14932]  <TASK>
[  767.894990][T14932]  dump_stack_lvl+0x16c/0x1f0
[  767.895009][T14932]  should_fail_ex+0x512/0x640
[  767.895026][T14932]  _copy_from_user+0x2e/0xd0
[  767.895042][T14932]  copy_msghdr_from_user+0x98/0x160
[  767.895059][T14932]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  767.895079][T14932]  ___sys_sendmsg+0xfe/0x1d0
[  767.895097][T14932]  ? __pfx____sys_sendmsg+0x10/0x10
[  767.895116][T14932]  ? __lock_acquire+0x622/0x1c90
[  767.895161][T14932]  __sys_sendmsg+0x16d/0x220
[  767.895181][T14932]  ? __pfx___sys_sendmsg+0x10/0x10
[  767.895214][T14932]  do_syscall_64+0xcd/0x4c0
[  767.895236][T14932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  767.895252][T14932] RIP: 0033:0x7fe3c658e929
[  767.895264][T14932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  767.895278][T14932] RSP: 002b:00007fe3c74c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  767.895293][T14932] RAX: ffffffffffffffda RBX: 00007fe3c67b5fa0 RCX: 00007fe3c658e929
[  767.895304][T14932] RDX: 0000000000000000 RSI: 0000200000000b40 RDI: 0000000000000004
[  767.895312][T14932] RBP: 00007fe3c74c3090 R08: 0000000000000000 R09: 0000000000000000
[  767.895321][T14932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  767.895330][T14932] R13: 0000000000000000 R14: 00007fe3c67b5fa0 R15: 00007fff7e075db8
[  767.895350][T14932]  </TASK>
[  768.480598][T14940] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2635'.
[  769.332869][   T43] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  769.370017][T14956] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2643'.
[  769.428230][T14956] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2643'.
[  769.963640][   T43] usb 3-1: Using ep0 maxpacket: 32
[  769.980687][   T43] usb 3-1: config 0 has no interfaces?
[  770.054242][   T43] usb 3-1: New USB device found, idVendor=6615, idProduct=0012, bcdDevice=11.66
[  770.070892][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  770.094884][   T43] usb 3-1: Product: syz
[  770.099566][   T43] usb 3-1: Manufacturer: syz
[  770.104166][   T43] usb 3-1: SerialNumber: syz
[  770.117247][   T43] usb 3-1: config 0 descriptor??
[  770.415265][T14963] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  770.497199][T11418] usb 3-1: USB disconnect, device number 55
[  770.552838][T14969] FAULT_INJECTION: forcing a failure.
[  770.552838][T14969] name failslab, interval 1, probability 0, space 0, times 0
[  770.566517][T14969] CPU: 1 UID: 0 PID: 14969 Comm: syz.4.2646 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  770.566537][T14969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  770.566546][T14969] Call Trace:
[  770.566551][T14969]  <TASK>
[  770.566556][T14969]  dump_stack_lvl+0x16c/0x1f0
[  770.566579][T14969]  should_fail_ex+0x512/0x640
[  770.566596][T14969]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  770.566618][T14969]  should_failslab+0xc2/0x120
[  770.566639][T14969]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  770.566657][T14969]  ? create_new_namespaces+0x30/0xa90
[  770.566681][T14969]  create_new_namespaces+0x30/0xa90
[  770.566705][T14969]  __do_sys_setns+0x229/0x1920
[  770.566726][T14969]  ? __pfx___do_sys_setns+0x10/0x10
[  770.566742][T14969]  ? ksys_write+0x1ac/0x250
[  770.566766][T14969]  do_syscall_64+0xcd/0x4c0
[  770.566787][T14969]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.566801][T14969] RIP: 0033:0x7f174c38e929
[  770.566813][T14969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  770.566826][T14969] RSP: 002b:00007f174d18b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000134
[  770.566840][T14969] RAX: ffffffffffffffda RBX: 00007f174c5b5fa0 RCX: 00007f174c38e929
[  770.566850][T14969] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  770.566859][T14969] RBP: 00007f174d18b090 R08: 0000000000000000 R09: 0000000000000000
[  770.566867][T14969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  770.566875][T14969] R13: 0000000000000000 R14: 00007f174c5b5fa0 R15: 00007fff33d9bc28
[  770.566895][T14969]  </TASK>
[  770.896848][T14976] FAULT_INJECTION: forcing a failure.
[  770.896848][T14976] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  770.917799][T14977] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2648'.
[  770.941401][T14977] netlink: 'syz.4.2648': attribute type 1 has an invalid length.
[  770.949482][T14977] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2648'.
[  770.986979][T14976] CPU: 0 UID: 0 PID: 14976 Comm: syz.3.2649 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  770.986995][T14976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  770.987007][T14976] Call Trace:
[  770.987012][T14976]  <TASK>
[  770.987016][T14976]  dump_stack_lvl+0x16c/0x1f0
[  770.987034][T14976]  should_fail_ex+0x512/0x640
[  770.987051][T14976]  _copy_from_user+0x2e/0xd0
[  770.987067][T14976]  copy_msghdr_from_user+0x98/0x160
[  770.987082][T14976]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  770.987102][T14976]  ___sys_sendmsg+0xfe/0x1d0
[  770.987117][T14976]  ? __pfx____sys_sendmsg+0x10/0x10
[  770.987129][T14976]  ? __lock_acquire+0x622/0x1c90
[  770.987157][T14976]  __sys_sendmsg+0x16d/0x220
[  770.987171][T14976]  ? __pfx___sys_sendmsg+0x10/0x10
[  770.987194][T14976]  do_syscall_64+0xcd/0x4c0
[  770.987209][T14976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.987220][T14976] RIP: 0033:0x7fe3c658e929
[  770.987229][T14976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  770.987239][T14976] RSP: 002b:00007fe3c74c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  770.987250][T14976] RAX: ffffffffffffffda RBX: 00007fe3c67b5fa0 RCX: 00007fe3c658e929
[  770.987257][T14976] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000005
[  770.987263][T14976] RBP: 00007fe3c74c3090 R08: 0000000000000000 R09: 0000000000000000
[  770.987269][T14976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  770.987275][T14976] R13: 0000000000000000 R14: 00007fe3c67b5fa0 R15: 00007fff7e075db8
[  770.987288][T14976]  </TASK>
[  771.288003][T14990] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2650'.
[  771.570963][T14998] netlink: 'syz.3.2651': attribute type 10 has an invalid length.
[  771.578870][T14998] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2651'.
[  771.588188][T14998] dummy0: entered promiscuous mode
[  771.596680][T14998] bridge0: port 3(dummy0) entered blocking state
[  771.603820][T14998] bridge0: port 3(dummy0) entered disabled state
[  771.610844][T14998] dummy0: entered allmulticast mode
[  771.625368][T14998] bridge0: port 3(dummy0) entered blocking state
[  771.631797][T14998] bridge0: port 3(dummy0) entered forwarding state
[  771.675209][T14998] random: crng reseeded on system resumption
[  771.774705][   T30] audit: type=1400 audit(1752289230.956:1826): avc:  denied  { append } for  pid=14988 comm="syz.3.2651" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  771.931614][   T30] audit: type=1400 audit(1752289230.956:1827): avc:  denied  { open } for  pid=14988 comm="syz.3.2651" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  772.122763][T15006] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  772.523933][ T9850] usb 1-1: new high-speed USB device number 77 using dummy_hcd
[  772.620579][T15008] futex_wake_op: syz.3.2656 tries to shift op by 144; fix this program
[  772.783176][ T9850] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  772.794569][ T9850] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  772.803756][ T9850] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  772.817494][ T9850] usb 1-1: config 0 descriptor??
[  773.513662][ T9850] keytouch 0003:0926:3333.000E: fixing up Keytouch IEC report descriptor
[  773.525927][ T9850] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.000E/input/input25
[  773.631856][ T9850] keytouch 0003:0926:3333.000E: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  773.810852][T15021] FAULT_INJECTION: forcing a failure.
[  773.810852][T15021] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  773.829668][T15021] CPU: 1 UID: 0 PID: 15021 Comm: syz.2.2660 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  773.829693][T15021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  773.829703][T15021] Call Trace:
[  773.829709][T15021]  <TASK>
[  773.829716][T15021]  dump_stack_lvl+0x16c/0x1f0
[  773.829744][T15021]  should_fail_ex+0x512/0x640
[  773.829771][T15021]  _copy_from_user+0x2e/0xd0
[  773.829797][T15021]  copy_msghdr_from_user+0x98/0x160
[  773.829822][T15021]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  773.829856][T15021]  ___sys_sendmsg+0xfe/0x1d0
[  773.829881][T15021]  ? __pfx____sys_sendmsg+0x10/0x10
[  773.829902][T15021]  ? __lock_acquire+0x622/0x1c90
[  773.829950][T15021]  __sys_sendmsg+0x16d/0x220
[  773.829974][T15021]  ? __pfx___sys_sendmsg+0x10/0x10
[  773.830017][T15021]  do_syscall_64+0xcd/0x4c0
[  773.830043][T15021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  773.830062][T15021] RIP: 0033:0x7fe1a2f8e929
[  773.830076][T15021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  773.830093][T15021] RSP: 002b:00007fe1a3d25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  773.830109][T15021] RAX: ffffffffffffffda RBX: 00007fe1a31b5fa0 RCX: 00007fe1a2f8e929
[  773.830120][T15021] RDX: 0000000000000010 RSI: 0000200000000200 RDI: 0000000000000003
[  773.830130][T15021] RBP: 00007fe1a3d25090 R08: 0000000000000000 R09: 0000000000000000
[  773.830140][T15021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  773.830151][T15021] R13: 0000000000000000 R14: 00007fe1a31b5fa0 R15: 00007ffdb6150258
[  773.830180][T15021]  </TASK>
[  774.221560][T15016] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  774.237496][T15016] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  774.459714][ T9850] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[  774.551614][T11418] usb 1-1: USB disconnect, device number 77
[  774.648317][ T9850] usb 2-1: Using ep0 maxpacket: 32
[  774.673892][ T9850] usb 2-1: config 0 has no interfaces?
[  774.683674][ T9850] usb 2-1: New USB device found, idVendor=6615, idProduct=0012, bcdDevice=11.66
[  774.710547][ T9850] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  774.736080][ T9850] usb 2-1: Product: syz
[  774.754157][T15039] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2664'.
[  774.764296][T15039] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2664'.
[  774.773759][T15039] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2664'.
[  774.783250][ T9850] usb 2-1: Manufacturer: syz
[  774.796203][ T9850] usb 2-1: SerialNumber: syz
[  774.802191][T15039] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2664'.
[  774.824132][ T9850] usb 2-1: config 0 descriptor??
[  774.832499][T15039] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2664'.
[  774.932695][T15039] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2664'.
[  774.943072][T15039] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2664'.
[  774.954166][T15039] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2664'.
[  775.002976][T15039] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2664'.
[  775.911693][T15049] block device autoloading is deprecated and will be removed.
[  776.019289][   T43] usb 2-1: USB disconnect, device number 65
[  776.367107][T15060] __nla_validate_parse: 28 callbacks suppressed
[  776.367124][T15060] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2671'.
[  776.852085][T15060] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2671'.
[  777.179131][   T30] audit: type=1400 audit(1752289236.731:1828): avc:  denied  { listen } for  pid=15072 comm="syz.2.2677" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  777.199394][T11191] usb 4-1: new high-speed USB device number 78 using dummy_hcd
[  777.962597][   T30] audit: type=1400 audit(1752289237.550:1829): avc:  denied  { accept } for  pid=15072 comm="syz.2.2677" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  778.057585][   T43] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  778.095800][T11191] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  778.106649][T11191] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  778.124949][T11191] usb 4-1: config 0 descriptor??
[  778.133234][T11191] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  778.195708][   T43] usb 2-1: device descriptor read/64, error -71
[  778.223162][T15087] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  778.238513][ T5917] usb 3-1: new full-speed USB device number 56 using dummy_hcd
[  778.251141][   T30] audit: type=1400 audit(1752289237.854:1830): avc:  denied  { ioctl } for  pid=15086 comm="syz.0.2680" path="socket:[42358]" dev="sockfs" ino=42358 ioctlcmd=0x54c8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  778.255523][T15087] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  778.275827][    C0] vkms_vblank_simulate: vblank timer overrun
[  778.289122][T15087] IPv6: NLM_F_CREATE should be set when creating new route
[  778.296328][T15087] IPv6: NLM_F_CREATE should be set when creating new route
[  778.303529][T15087] IPv6: NLM_F_CREATE should be set when creating new route
[  778.426991][ T5917] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  778.436871][ T5917] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  778.447398][ T5917] usb 3-1: config 0 has no interface number 0
[  778.458444][   T43] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  778.477405][ T5917] usb 3-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  778.490484][ T5917] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  778.501549][ T5917] usb 3-1: Product: syz
[  778.505783][ T5917] usb 3-1: Manufacturer: syz
[  778.510413][ T5917] usb 3-1: SerialNumber: syz
[  778.538630][ T5917] usb 3-1: config 0 descriptor??
[  778.553010][ T9850] usb 1-1: new high-speed USB device number 78 using dummy_hcd
[  778.554447][ T5917] imon 3-1:0.2: unable to register, err -19
[  778.591032][   T43] usb 2-1: device descriptor read/64, error -71
[  778.695737][   T43] usb usb2-port1: attempt power cycle
[  778.742920][T11418] usb 3-1: USB disconnect, device number 56
[  778.750727][ T9850] usb 1-1: Using ep0 maxpacket: 8
[  778.759704][ T9850] usb 1-1: config index 0 descriptor too short (expected 178, got 18)
[  778.769705][ T9850] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=95.0d
[  778.778828][ T9850] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  778.787898][ T9850] usb 1-1: Product: syz
[  778.792908][ T9850] usb 1-1: Manufacturer: syz
[  778.797507][ T9850] usb 1-1: SerialNumber: syz
[  778.805046][ T9850] usb 1-1: config 0 descriptor??
[  779.021240][T11191] usb 4-1: USB disconnect, device number 78
[  779.028877][   T43] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  779.058133][   T43] usb 2-1: device descriptor read/8, error -71
[  779.369790][   T43] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  779.907268][   T43] usb 2-1: device descriptor read/8, error -71
[  780.086936][   T43] usb usb2-port1: unable to enumerate USB device
[  781.503348][T15113] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  781.554192][ T9850] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  781.660651][ T9850] dvb_usb_af9015 1-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  781.766007][T15113] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  781.845735][ T9850] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  781.863493][ T9850] dvb_usb_af9035 1-1:0.0: probe with driver dvb_usb_af9035 failed with error -22
[  781.879753][ T9850] usb 1-1: USB disconnect, device number 78
[  782.257671][ T5954] usb 2-1: new full-speed USB device number 70 using dummy_hcd
[  782.356397][T15134] IPVS: set_ctl: invalid protocol: 59 127.0.0.1:20002
[  782.511172][ T5954] usb 2-1: config 1 interface 0 has no altsetting 0
[  782.526614][ T5954] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  782.537048][ T5954] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  782.552028][ T5954] usb 2-1: Product: syz
[  782.996366][ T5954] usb 2-1: Manufacturer: syz
[  783.001036][ T5954] usb 2-1: SerialNumber: syz
[  783.324618][ T7253] usb 4-1: new high-speed USB device number 79 using dummy_hcd
[  783.391562][   T43] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[  783.726624][ T7253] usb 4-1: device descriptor read/64, error -71
[  783.793551][T15159] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  783.800621][   T43] usb 1-1: Using ep0 maxpacket: 16
[  783.816383][   T43] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  783.828169][   T43] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  783.844983][   T43] usb 1-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  783.862266][   T43] usb 1-1: config 0 interface 0 has no altsetting 0
[  783.869439][   T43] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  783.879662][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  783.908092][   T43] usb 1-1: config 0 descriptor??
[  783.962897][ T7253] usb 4-1: new high-speed USB device number 80 using dummy_hcd
[  784.095974][ T7253] usb 4-1: device descriptor read/64, error -71
[  784.210186][ T7253] usb usb4-port1: attempt power cycle
[  784.297058][T15164] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2703'.
[  784.353248][   T43] hid (null): global environment stack underflow
[  784.360667][   T43] hid (null): usage index exceeded
[  784.366013][   T43] hid (null): invalid report_count -2066043067
[  784.372681][   T43] hid (null): unknown global tag 0xc
[  784.534124][ T7253] usb 4-1: new high-speed USB device number 81 using dummy_hcd
[  784.575632][ T7253] usb 4-1: device descriptor read/8, error -71
[  784.703252][   T43] usb 1-1: USB disconnect, device number 79
[  784.810924][ T7253] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[  784.839208][ T7253] usb 4-1: device descriptor read/8, error -71
[  784.931120][ T5954] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 70 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  784.944544][ T5954] usb 2-1: USB disconnect, device number 70
[  784.950960][ T7253] usb usb4-port1: unable to enumerate USB device
[  784.962004][ T5954] usblp0: removed
[  786.213360][T15199] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2709'.
[  786.303817][T15202] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  786.847509][   T30] audit: type=1400 audit(1752289246.883:1831): avc:  denied  { watch_sb } for  pid=15217 comm="syz.2.2716" path="/578" dev="tmpfs" ino=3263 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  787.277257][ T7253] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  787.286246][ T5954] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[  787.326554][T15227] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  787.383631][T15227] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  787.390919][T15227] IPv6: NLM_F_CREATE should be set when creating new route
[  787.398585][T15227] IPv6: NLM_F_CREATE should be set when creating new route
[  787.405893][T15227] IPv6: NLM_F_CREATE should be set when creating new route
[  787.468925][ T7253] usb 3-1: Using ep0 maxpacket: 16
[  787.500546][ T7253] usb 3-1: unable to get BOS descriptor or descriptor too short
[  787.562318][ T7253] usb 3-1: unable to read config index 0 descriptor/start: -71
[  787.645795][ T7253] usb 3-1: can't read configurations, error -71
[  787.728115][ T5954] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  787.763843][ T5954] usb 2-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  787.807519][ T5954] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  787.868787][ T5954] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  787.934854][ T5954] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  787.988626][ T5954] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -2
[  788.508734][T15239] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.2720'.
[  788.518289][T15239] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  788.526685][T15239] openvswitch: netlink: Duplicate key (type 0).
[  789.030566][T15242] futex_wake_op: syz.0.2720 tries to shift op by 144; fix this program
[  789.394159][T15244] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2722'.
[  789.404416][T15244] netlink: 'syz.2.2722': attribute type 1 has an invalid length.
[  789.412557][T15244] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2722'.
[  789.474974][   T43] usb 2-1: USB disconnect, device number 71
[  789.846911][ T5954] usb 1-1: new high-speed USB device number 80 using dummy_hcd
[  790.315465][ T5954] usb 1-1: device descriptor read/64, error -71
[  791.216754][T15224] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  791.346422][T15266] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  791.469485][ T5954] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[  791.734416][T15262] FAULT_INJECTION: forcing a failure.
[  791.734416][T15262] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  791.747531][T15262] CPU: 1 UID: 0 PID: 15262 Comm: syz.2.2729 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  791.747546][T15262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  791.747552][T15262] Call Trace:
[  791.747557][T15262]  <TASK>
[  791.747561][T15262]  dump_stack_lvl+0x16c/0x1f0
[  791.747579][T15262]  should_fail_ex+0x512/0x640
[  791.747595][T15262]  _copy_from_user+0x2e/0xd0
[  791.747611][T15262]  copy_msghdr_from_user+0x98/0x160
[  791.747626][T15262]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  791.747647][T15262]  ___sys_sendmsg+0xfe/0x1d0
[  791.747661][T15262]  ? __pfx____sys_sendmsg+0x10/0x10
[  791.747674][T15262]  ? __lock_acquire+0x622/0x1c90
[  791.747715][T15262]  __sys_sendmsg+0x16d/0x220
[  791.747730][T15262]  ? __pfx___sys_sendmsg+0x10/0x10
[  791.747752][T15262]  do_syscall_64+0xcd/0x4c0
[  791.747770][T15262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  791.747781][T15262] RIP: 0033:0x7fe1a2f8e929
[  791.747790][T15262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  791.747800][T15262] RSP: 002b:00007fe1a3d25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  791.747810][T15262] RAX: ffffffffffffffda RBX: 00007fe1a31b5fa0 RCX: 00007fe1a2f8e929
[  791.747816][T15262] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000009
[  791.747823][T15262] RBP: 00007fe1a3d25090 R08: 0000000000000000 R09: 0000000000000000
[  791.747829][T15262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  791.747835][T15262] R13: 0000000000000000 R14: 00007fe1a31b5fa0 R15: 00007ffdb6150258
[  791.747848][T15262]  </TASK>
[  791.748384][T15262] wg1 speed is unknown, defaulting to 1000
[  791.763208][ T5954] usb 1-1: device descriptor read/64, error -71
[  791.771550][T15262] wg1 speed is unknown, defaulting to 1000
[  791.932487][T15262] wg1 speed is unknown, defaulting to 1000
[  791.943891][T15262] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  791.960061][T15262] wg1 speed is unknown, defaulting to 1000
[  791.966577][T15262] wg1 speed is unknown, defaulting to 1000
[  791.973911][T15262] wg1 speed is unknown, defaulting to 1000
[  791.980423][T15262] wg1 speed is unknown, defaulting to 1000
[  791.986965][T15262] wg1 speed is unknown, defaulting to 1000
[  794.033043][T15266] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  794.040382][T15266] IPv6: NLM_F_CREATE should be set when creating new route
[  794.047775][T15266] IPv6: NLM_F_CREATE should be set when creating new route
[  794.055141][T15266] IPv6: NLM_F_CREATE should be set when creating new route
[  794.173262][ T5954] usb usb1-port1: attempt power cycle
[  795.178577][T15288] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2735'.
[  795.188053][T15288] netlink: 'syz.4.2735': attribute type 1 has an invalid length.
[  795.195805][T15288] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2735'.
[  795.206398][T15286] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  796.047982][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  796.104152][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  796.342193][T15307] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2740'.
[  796.585558][T15318] FAULT_INJECTION: forcing a failure.
[  796.585558][T15318] name failslab, interval 1, probability 0, space 0, times 0
[  796.607527][T15318] CPU: 1 UID: 0 PID: 15318 Comm: syz.4.2738 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  796.607551][T15318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  796.607562][T15318] Call Trace:
[  796.607569][T15318]  <TASK>
[  796.607576][T15318]  dump_stack_lvl+0x16c/0x1f0
[  796.607605][T15318]  should_fail_ex+0x512/0x640
[  796.607626][T15318]  ? fs_reclaim_acquire+0xae/0x150
[  796.607646][T15318]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  796.607687][T15318]  should_failslab+0xc2/0x120
[  796.607713][T15318]  __kmalloc_noprof+0xd2/0x510
[  796.607741][T15318]  tomoyo_realpath_from_path+0xc2/0x6e0
[  796.607767][T15318]  ? tomoyo_profile+0x47/0x60
[  796.607796][T15318]  tomoyo_path_number_perm+0x245/0x580
[  796.607816][T15318]  ? tomoyo_path_number_perm+0x237/0x580
[  796.607839][T15318]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  796.607861][T15318]  ? find_held_lock+0x2b/0x80
[  796.607906][T15318]  ? find_held_lock+0x2b/0x80
[  796.607926][T15318]  ? hook_file_ioctl_common+0x145/0x410
[  796.607948][T15318]  ? __fget_files+0x20e/0x3c0
[  796.607976][T15318]  security_file_ioctl+0x9b/0x240
[  796.608001][T15318]  __x64_sys_ioctl+0xb7/0x210
[  796.608022][T15318]  do_syscall_64+0xcd/0x4c0
[  796.608049][T15318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  796.608066][T15318] RIP: 0033:0x7f174c38e929
[  796.608081][T15318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  796.608097][T15318] RSP: 002b:00007f174d149038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  796.608114][T15318] RAX: ffffffffffffffda RBX: 00007f174c5b6160 RCX: 00007f174c38e929
[  796.608126][T15318] RDX: 0000200000000080 RSI: 000000004008ae8a RDI: 0000000000000009
[  796.608137][T15318] RBP: 00007f174d149090 R08: 0000000000000000 R09: 0000000000000000
[  796.608148][T15318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  796.608158][T15318] R13: 0000000000000000 R14: 00007f174c5b6160 R15: 00007fff33d9bc28
[  796.608181][T15318]  </TASK>
[  796.608207][T15318] ERROR: Out of memory at tomoyo_realpath_from_path.
[  796.711988][T15319] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2743'.
[  796.758693][    C0] vkms_vblank_simulate: vblank timer overrun
[  796.858962][ T7253] usb 1-1: new high-speed USB device number 83 using dummy_hcd
[  797.002175][ T7253] usb 1-1: Using ep0 maxpacket: 16
[  797.058839][T11191] usb 4-1: new high-speed USB device number 83 using dummy_hcd
[  797.672718][ T7253] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  797.687777][ T7253] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.695823][ T7253] usb 1-1: Product: syz
[  797.700617][ T7253] usb 1-1: Manufacturer: syz
[  797.705212][ T7253] usb 1-1: SerialNumber: syz
[  797.712259][ T7253] r8152-cfgselector 1-1: Unknown version 0x0000
[  797.719564][ T7253] r8152-cfgselector 1-1: config 0 descriptor??
[  797.815195][T11191] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  797.824473][T11191] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.840049][T11191] usb 4-1: Product: syz
[  797.845290][T11191] usb 4-1: Manufacturer: syz
[  797.850213][T11191] usb 4-1: SerialNumber: syz
[  797.884558][T11191] usb 4-1: config 0 descriptor??
[  798.032645][T11191] ch341 4-1:0.0: ch341-uart converter detected
[  798.752608][ T5954] r8152-cfgselector 1-1: USB disconnect, device number 83
[  798.889284][T15344] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2749'.
[  798.898766][T15344] netlink: 'syz.0.2749': attribute type 1 has an invalid length.
[  798.906477][T15344] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2749'.
[  799.143193][T11191] ch341-uart ttyUSB0: failed to read break control: -71
[  799.150476][T11191] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  799.176964][T11191] usb 4-1: USB disconnect, device number 83
[  799.279547][T11191] ch341 4-1:0.0: device disconnected
[  799.369507][T15355] netlink: 'syz.0.2751': attribute type 10 has an invalid length.
[  799.383614][T15355] veth0_vlan: left promiscuous mode
[  799.395450][T15355] veth0_vlan: entered promiscuous mode
[  799.407848][T15355] team0: Device veth0_vlan failed to register rx_handler
[  799.568155][T15358] FAULT_INJECTION: forcing a failure.
[  799.568155][T15358] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  799.713754][T15358] CPU: 1 UID: 0 PID: 15358 Comm: syz.4.2752 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  799.713782][T15358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  799.713792][T15358] Call Trace:
[  799.713797][T15358]  <TASK>
[  799.713804][T15358]  dump_stack_lvl+0x16c/0x1f0
[  799.713833][T15358]  should_fail_ex+0x512/0x640
[  799.713859][T15358]  _copy_from_user+0x2e/0xd0
[  799.713884][T15358]  __sys_bpf+0x21d/0x4d80
[  799.713909][T15358]  ? __pfx___sys_bpf+0x10/0x10
[  799.713932][T15358]  ? ksys_write+0x190/0x250
[  799.713958][T15358]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  799.713994][T15358]  ? fput+0x70/0xf0
[  799.714009][T15358]  ? ksys_write+0x1ac/0x250
[  799.714028][T15358]  ? __pfx_ksys_write+0x10/0x10
[  799.714052][T15358]  __x64_sys_bpf+0x78/0xc0
[  799.714073][T15358]  ? lockdep_hardirqs_on+0x7c/0x110
[  799.714095][T15358]  do_syscall_64+0xcd/0x4c0
[  799.714120][T15358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  799.714137][T15358] RIP: 0033:0x7f174c38e929
[  799.714150][T15358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  799.714165][T15358] RSP: 002b:00007f174d149038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  799.714181][T15358] RAX: ffffffffffffffda RBX: 00007f174c5b6160 RCX: 00007f174c38e929
[  799.714191][T15358] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  799.714202][T15358] RBP: 00007f174d149090 R08: 0000000000000000 R09: 0000000000000000
[  799.714212][T15358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  799.714222][T15358] R13: 0000000000000000 R14: 00007f174c5b6160 R15: 00007fff33d9bc28
[  799.714245][T15358]  </TASK>
[  800.252961][ T5954] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[  800.441397][ T5954] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  800.470337][ T5954] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  800.497852][ T5954] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  800.526095][ T5954] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  800.554442][ T5954] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  800.577821][ T5954] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  800.606771][ T5954] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  800.630723][ T5954] usb 4-1: Product: syz
[  800.634952][ T5954] usb 4-1: Manufacturer: syz
[  800.668024][ T5954] cdc_wdm 4-1:1.0: skipping garbage
[  800.674388][ T5954] cdc_wdm 4-1:1.0: skipping garbage
[  800.688503][ T5954] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  800.694439][ T5954] cdc_wdm 4-1:1.0: Unknown control protocol
[  801.366980][    C0] cdc_wdm 4-1:1.0: wdm_int_callback - 7 bytes
[  803.255690][ T5900] usb 4-1: USB disconnect, device number 84
[  803.475399][T15394] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2761'.
[  803.915882][T15399] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2763'.
[  804.142414][T15411] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  804.186611][T15411] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  804.556694][T15413] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.2766'.
[  804.566115][T15413] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  804.574390][T15413] openvswitch: netlink: Duplicate key (type 0).
[  804.634594][T15416] futex_wake_op: syz.2.2766 tries to shift op by 144; fix this program
[  804.641906][T15415] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.2767'.
[  804.652267][T15415] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  804.660508][T15415] openvswitch: netlink: Duplicate key (type 0).
[  804.686007][T15416] tipc: Started in network mode
[  804.691542][T15416] tipc: Node identity ac141425, cluster identity 4711
[  804.702624][T15416] tipc: New replicast peer: 0.0.0.0
[  804.708822][T15416] tipc: Enabled bearer <udp:syz2>, priority 10
[  805.010414][T15417] futex_wake_op: syz.0.2767 tries to shift op by 144; fix this program
[  805.032680][T15417] tipc: New replicast peer: 0.0.0.0
[  805.041020][T15417] tipc: Enabled bearer <udp:syz2>, priority 10
[  805.411000][T15420] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  805.490228][T15420] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  805.785237][ T5954] tipc: Node number set to 2886997029
[  805.893956][T15425] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  805.940041][T15422] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  806.087160][   T30] audit: type=1400 audit(1752289267.084:1832): avc:  denied  { listen } for  pid=15423 comm="syz.1.2770" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  806.162111][T15432] FAULT_INJECTION: forcing a failure.
[  806.162111][T15432] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  806.411833][T15432] CPU: 1 UID: 0 PID: 15432 Comm: syz.3.2772 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  806.411860][T15432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  806.411871][T15432] Call Trace:
[  806.411877][T15432]  <TASK>
[  806.411888][T15432]  dump_stack_lvl+0x16c/0x1f0
[  806.411917][T15432]  should_fail_ex+0x512/0x640
[  806.411944][T15432]  _copy_from_user+0x2e/0xd0
[  806.411969][T15432]  copy_msghdr_from_user+0x98/0x160
[  806.411993][T15432]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  806.412019][T15432]  ? __lock_acquire+0xb8a/0x1c90
[  806.412044][T15432]  ___sys_sendmsg+0xfe/0x1d0
[  806.412068][T15432]  ? __pfx____sys_sendmsg+0x10/0x10
[  806.412089][T15432]  ? __lock_acquire+0x622/0x1c90
[  806.412135][T15432]  __sys_sendmsg+0x16d/0x220
[  806.412159][T15432]  ? __pfx___sys_sendmsg+0x10/0x10
[  806.412197][T15432]  do_syscall_64+0xcd/0x4c0
[  806.412224][T15432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.412242][T15432] RIP: 0033:0x7fe3c658e929
[  806.412257][T15432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  806.412273][T15432] RSP: 002b:00007fe3c74c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  806.412290][T15432] RAX: ffffffffffffffda RBX: 00007fe3c67b5fa0 RCX: 00007fe3c658e929
[  806.412301][T15432] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000008
[  806.412312][T15432] RBP: 00007fe3c74c3090 R08: 0000000000000000 R09: 0000000000000000
[  806.412321][T15432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  806.412330][T15432] R13: 0000000000000000 R14: 00007fe3c67b5fa0 R15: 00007fff7e075db8
[  806.412350][T15432]  </TASK>
[  807.385800][T15455] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2777'.
[  807.726115][T15461] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  808.097710][T15476] fuse: Bad value for 'fd'
[  808.389848][T15470] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  808.398919][T15470] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  808.407949][T15470] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  808.566080][T15470] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  808.575339][T15470] geneve3: entered promiscuous mode
[  808.580615][T15470] geneve3: entered allmulticast mode
[  811.384134][ T5917] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[  811.551877][T15506] FAULT_INJECTION: forcing a failure.
[  811.551877][T15506] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  811.565928][ T5917] usb 2-1: Using ep0 maxpacket: 16
[  811.571165][T15506] CPU: 1 UID: 0 PID: 15506 Comm: syz.0.2792 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  811.571190][T15506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  811.571201][T15506] Call Trace:
[  811.571207][T15506]  <TASK>
[  811.571215][T15506]  dump_stack_lvl+0x16c/0x1f0
[  811.571248][T15506]  should_fail_ex+0x512/0x640
[  811.571274][T15506]  _copy_from_user+0x2e/0xd0
[  811.571300][T15506]  copy_msghdr_from_user+0x98/0x160
[  811.571324][T15506]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  811.571360][T15506]  ___sys_sendmsg+0xfe/0x1d0
[  811.571385][T15506]  ? __pfx____sys_sendmsg+0x10/0x10
[  811.571407][T15506]  ? __lock_acquire+0x622/0x1c90
[  811.571454][T15506]  __sys_sendmsg+0x16d/0x220
[  811.571477][T15506]  ? __pfx___sys_sendmsg+0x10/0x10
[  811.571516][T15506]  do_syscall_64+0xcd/0x4c0
[  811.571544][T15506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.571562][T15506] RIP: 0033:0x7f67f038e929
[  811.571576][T15506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  811.571592][T15506] RSP: 002b:00007f67f1254038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  811.571610][T15506] RAX: ffffffffffffffda RBX: 00007f67f05b5fa0 RCX: 00007f67f038e929
[  811.571621][T15506] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003
[  811.571632][T15506] RBP: 00007f67f1254090 R08: 0000000000000000 R09: 0000000000000000
[  811.571642][T15506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  811.571653][T15506] R13: 0000000000000000 R14: 00007f67f05b5fa0 R15: 00007fffe003a3b8
[  811.571676][T15506]  </TASK>
[  811.818168][ T5917] usb 2-1: config 0 has an invalid interface number: 251 but max is 0
[  811.822847][T15509] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2793'.
[  811.828209][ T5917] usb 2-1: config 0 has no interface number 0
[  811.842971][ T5917] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  811.853719][ T5917] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  811.926611][ T5917] usb 2-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  811.928606][T15514] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  811.935802][ T5917] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  811.949029][T15514] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  811.959890][ T5917] usb 2-1: Product: syz
[  811.964137][ T5917] usb 2-1: Manufacturer: syz
[  811.970139][ T5917] usb 2-1: SerialNumber: syz
[  811.987964][ T5954] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[  811.989199][ T5917] usb 2-1: config 0 descriptor??
[  812.043299][T15488] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  812.053079][T15488] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  812.088774][ T5900] usb 1-1: new high-speed USB device number 84 using dummy_hcd
[  812.184823][ T5954] usb 5-1: Using ep0 maxpacket: 16
[  812.214284][ T5954] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  812.229708][ T5954] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8
[  812.301632][ T5900] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  812.311434][ T5900] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  812.323729][T15488] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  812.323837][ T5900] usb 1-1: Product: syz
[  812.341233][ T5954] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  812.352364][ T5954] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  812.362208][ T5900] usb 1-1: Manufacturer: syz
[  812.362602][T15488] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  812.375097][ T5900] usb 1-1: SerialNumber: syz
[  812.380475][ T5954] usb 5-1: SerialNumber: syz
[  812.435925][T15504] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  812.463379][ T5900] usb 1-1: config 0 descriptor??
[  812.479553][T15504] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  812.492783][ T5900] ch341 1-1:0.0: ch341-uart converter detected
[  813.831743][ T5900] usb 1-1: failed to receive control message: -110
[  813.861778][ T5900] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -110
[  813.890884][T15522] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  813.914494][ T5917] asix 2-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  813.954964][ T5917] asix 2-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -71
[  813.976197][ T5917] asix 2-1:0.251: probe with driver asix failed with error -5
[  814.006307][ T5917] usb 2-1: USB disconnect, device number 72
[  814.176786][T15530] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  814.247986][T15522] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  814.266932][T15531] misc userio: Invalid payload size
[  814.316782][T15529] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2797'.
[  815.118400][ T5954] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[  815.140139][ T5954] cdc_acm 5-1:1.0: ttyACM0: USB ACM device
[  815.141756][ T5917] usb 1-1: USB disconnect, device number 84
[  815.152697][ T5954] usb 5-1: USB disconnect, device number 70
[  815.195932][ T5917] ch341 1-1:0.0: device disconnected
[  815.275452][T15542] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  815.496810][   T30] audit: type=1400 audit(1752289276.963:1833): avc:  denied  { setattr } for  pid=15549 comm="syz.0.2808" name="video0" dev="devtmpfs" ino=930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  815.651067][ T5954] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[  815.836985][ T5954] usb 5-1: Using ep0 maxpacket: 16
[  815.843388][T15558] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  815.863719][ T5954] usb 5-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  815.881567][T12414] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  815.892112][T12414] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  815.899909][ T5954] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  815.908861][T12414] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  815.910046][T15556] mkiss: ax0: crc mode is auto.
[  815.919177][ T5954] usb 5-1: Product: syz
[  815.925557][ T5954] usb 5-1: Manufacturer: syz
[  815.930506][ T5954] usb 5-1: SerialNumber: syz
[  815.936708][T12414] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  815.944888][T12414] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  815.955371][ T5954] usb 5-1: config 0 descriptor??
[  815.963219][ T5954] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  815.971928][   T30] audit: type=1400 audit(1752289277.457:1834): avc:  denied  { mounton } for  pid=15559 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  815.996159][T15559] dummy0 speed is unknown, defaulting to 1000
[  815.996587][T15558] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2809'.
[  816.003538][T15559] wg1 speed is unknown, defaulting to 1000
[  816.022046][   T30] audit: type=1400 audit(1752289277.520:1835): avc:  denied  { setopt } for  pid=15555 comm="syz.3.2809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  816.119748][   T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  816.166174][ T5954] gp8psk: usb in 128 operation failed.
[  816.179288][ T5954] gp8psk: usb in 137 operation failed.
[  816.194050][ T5954] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  816.211293][   T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  816.214043][ T5954] dvbdev: DVB: registering new adapter (Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver)
[  816.238093][ T5954] usb 5-1: media controller created
[  816.252537][T15559] chnl_net:caif_netlink_parms(): no params data found
[  816.260222][ T5954] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  816.302681][ T5954] gp8psk_fe: Frontend revision 1 attached
[  816.310673][ T5954] usb 5-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  816.319384][ T5954] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  816.518832][   T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  817.377944][T15571] input: syz1 as /devices/virtual/input/input28
[  817.566509][ T5954] gp8psk: usb in 138 operation failed.
[  817.594215][ T5954] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver successfully initialized and connected.
[  817.609339][ T5954] gp8psk: found Genpix USB device pID = 201 (hex)
[  817.752912][   T43] wg1 speed is unknown, defaulting to 1000
[  817.759309][   T43] syz0: Port: 1 Link DOWN
[  817.784425][ T5954] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[  817.803703][   T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  817.840263][T15579] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2813'.
[  817.908527][T12414] Bluetooth: hci3: command tx timeout
[  817.928443][T15559] bridge0: port 1(bridge_slave_0) entered blocking state
[  817.949968][T15559] bridge0: port 1(bridge_slave_0) entered disabled state
[  817.965852][T15559] bridge_slave_0: entered allmulticast mode
[  817.979764][T15559] bridge_slave_0: entered promiscuous mode
[  818.015736][T15559] bridge0: port 2(bridge_slave_1) entered blocking state
[  818.023514][T15559] bridge0: port 2(bridge_slave_1) entered disabled state
[  818.030991][T15559] bridge_slave_1: entered allmulticast mode
[  818.039369][T15559] bridge_slave_1: entered promiscuous mode
[  818.119473][   T43] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[  818.394134][   T43] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  818.459989][ T5954] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  818.468628][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  818.473658][ T5954] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  818.491116][   T43] usb 4-1: Product: syz
[  818.501470][   T43] usb 4-1: Manufacturer: syz
[  818.503397][ T5954] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  818.510265][   T43] usb 4-1: SerialNumber: syz
[  818.515741][ T5954] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  818.528664][ T5954] usb 2-1: SerialNumber: syz
[  818.559591][T15559] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  818.570071][   T43] usb 4-1: config 0 descriptor??
[  818.580714][T15559] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  818.595889][   T43] ch341 4-1:0.0: ch341-uart converter detected
[  818.669286][T15559] team0: Port device team_slave_0 added
[  818.683721][T15559] team0: Port device team_slave_1 added
[  818.750502][   T13] bridge_slave_1: left allmulticast mode
[  818.759156][   T13] bridge_slave_1: left promiscuous mode
[  818.767500][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  818.780512][   T13] bridge_slave_0: left allmulticast mode
[  818.786581][   T13] bridge_slave_0: left promiscuous mode
[  818.792317][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  819.028301][   T10] usb 5-1: USB disconnect, device number 71
[  819.103054][T15589] misc userio: Invalid payload size
[  819.124554][   T10] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receive successfully deinitialized and disconnected.
[  819.243484][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  819.252453][   T13] bond_slave_0: left allmulticast mode
[  819.261993][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  819.271004][   T13] bond_slave_1: left allmulticast mode
[  819.277512][   T13] bond0 (unregistering): Released all slaves
[  819.360043][   T13] bond1 (unregistering): Released all slaves
[  819.374520][   T13] bond2 (unregistering): Released all slaves
[  819.391349][T15559] batman_adv: batadv0: Adding interface: batadv_slave_0
[  819.399379][T15559] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  819.425273][    C0] vkms_vblank_simulate: vblank timer overrun
[  819.434865][T15559] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  819.479326][T15559] batman_adv: batadv0: Adding interface: batadv_slave_1
[  819.486661][T15559] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  819.515140][T15559] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  819.534834][   T13] tipc: Disabling bearer <udp:syz2>
[  819.543291][   T13] tipc: Left network mode
[  819.675388][T15559] hsr_slave_0: entered promiscuous mode
[  819.683297][T15559] hsr_slave_1: entered promiscuous mode
[  819.694828][   T43] ch341-uart ttyUSB0: failed to read break control: -71
[  819.725704][ T5954] usb 2-1: 0:2 : does not exist
[  819.727643][   T43] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  819.745477][ T5954] usb 2-1: unit 5: unexpected type 0x0b
[  819.801553][ T5954] usb 2-1: USB disconnect, device number 73
[  819.841808][   T43] usb 4-1: USB disconnect, device number 85
[  819.908564][ T5845] Bluetooth: hci3: command tx timeout
[  819.970545][   T30] audit: type=1400 audit(1752289281.625:1836): avc:  denied  { mount } for  pid=15598 comm="syz.1.2817" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  819.995408][   T43] ch341 4-1:0.0: device disconnected
[  820.054676][ T6655] udevd[6655]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  820.301313][T15603] FAULT_INJECTION: forcing a failure.
[  820.301313][T15603] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  820.315890][T15603] CPU: 0 UID: 0 PID: 15603 Comm: syz.3.2818 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  820.315915][T15603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  820.315926][T15603] Call Trace:
[  820.315932][T15603]  <TASK>
[  820.315939][T15603]  dump_stack_lvl+0x16c/0x1f0
[  820.315968][T15603]  should_fail_ex+0x512/0x640
[  820.315993][T15603]  _copy_from_user+0x2e/0xd0
[  820.316017][T15603]  copy_msghdr_from_user+0x98/0x160
[  820.316042][T15603]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  820.316068][T15603]  ___sys_sendmsg+0xfe/0x1d0
[  820.316083][T15603]  ? __pfx____sys_sendmsg+0x10/0x10
[  820.316096][T15603]  ? __lock_acquire+0x622/0x1c90
[  820.316124][T15603]  __sys_sendmsg+0x16d/0x220
[  820.316138][T15603]  ? __pfx___sys_sendmsg+0x10/0x10
[  820.316161][T15603]  do_syscall_64+0xcd/0x4c0
[  820.316177][T15603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  820.316188][T15603] RIP: 0033:0x7fe3c658e929
[  820.316197][T15603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  820.316207][T15603] RSP: 002b:00007fe3c74c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  820.316218][T15603] RAX: ffffffffffffffda RBX: 00007fe3c67b5fa0 RCX: 00007fe3c658e929
[  820.316224][T15603] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[  820.316231][T15603] RBP: 00007fe3c74c3090 R08: 0000000000000000 R09: 0000000000000000
[  820.316237][T15603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  820.316243][T15603] R13: 0000000000000000 R14: 00007fe3c67b5fa0 R15: 00007fff7e075db8
[  820.316256][T15603]  </TASK>
[  820.479083][    C0] vkms_vblank_simulate: vblank timer overrun
[  820.487466][ T5954] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[  820.487686][   T13] hsr_slave_0: left promiscuous mode
[  820.502764][   T13] hsr_slave_1: left promiscuous mode
[  820.526689][   T13] veth1_macvtap: left promiscuous mode
[  820.532732][   T13] veth0_macvtap: left promiscuous mode
[  820.541388][   T13] veth1_vlan: left promiscuous mode
[  820.546996][   T13] veth0_vlan: left promiscuous mode
[  820.610607][   T30] audit: type=1400 audit(1752289282.328:1837): avc:  denied  { write } for  pid=15604 comm="syz.3.2819" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  820.651407][ T5954] usb 2-1: Using ep0 maxpacket: 16
[  820.658179][ T5954] usb 2-1: config 3 has an invalid interface number: 71 but max is 0
[  820.666495][ T5954] usb 2-1: config 3 has no interface number 0
[  820.673595][ T5954] usb 2-1: config 3 interface 71 has no altsetting 0
[  820.682487][   T30] audit: type=1400 audit(1752289282.412:1838): avc:  denied  { shutdown } for  pid=15604 comm="syz.3.2819" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  820.702709][ T5954] usb 2-1: New USB device found, idVendor=1943, idProduct=2250, bcdDevice= 0.01
[  820.720498][ T5954] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  820.730909][ T5954] usb 2-1: Product: syz
[  820.735078][ T5954] usb 2-1: Manufacturer: syz
[  820.739751][ T5954] usb 2-1: SerialNumber: syz
[  821.585946][   T30] audit: type=1400 audit(1752289282.948:1839): avc:  denied  { remount } for  pid=15598 comm="syz.1.2817" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  821.613275][ T5954] go7007 2-1:3.71: Sensoray 2250 found
[  821.628435][ T5954] go7007 2-1:3.71: probe with driver go7007 failed with error -12
[  821.653772][ T5954] usb 2-1: USB disconnect, device number 74
[  821.852614][ T5845] Bluetooth: hci3: command tx timeout
[  822.384609][   T13] team0 (unregistering): Port device team_slave_1 removed
[  822.576330][   T13] team0 (unregistering): Port device team_slave_0 removed
[  822.990983][T15632] FAULT_INJECTION: forcing a failure.
[  822.990983][T15632] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  823.009905][T15632] CPU: 0 UID: 0 PID: 15632 Comm: syz.0.2825 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  823.009931][T15632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  823.009942][T15632] Call Trace:
[  823.009948][T15632]  <TASK>
[  823.009956][T15632]  dump_stack_lvl+0x16c/0x1f0
[  823.009985][T15632]  should_fail_ex+0x512/0x640
[  823.010011][T15632]  _copy_from_user+0x2e/0xd0
[  823.010036][T15632]  copy_msghdr_from_user+0x98/0x160
[  823.010061][T15632]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  823.010084][T15632]  ? trace_sched_exit_tp+0xde/0x130
[  823.010121][T15632]  ___sys_sendmsg+0xfe/0x1d0
[  823.010145][T15632]  ? __pfx____sys_sendmsg+0x10/0x10
[  823.010166][T15632]  ? __lock_acquire+0x622/0x1c90
[  823.010212][T15632]  __sys_sendmsg+0x16d/0x220
[  823.010236][T15632]  ? __pfx___sys_sendmsg+0x10/0x10
[  823.010258][T15632]  ? fput+0x70/0xf0
[  823.010289][T15632]  do_syscall_64+0xcd/0x4c0
[  823.010316][T15632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  823.010334][T15632] RIP: 0033:0x7f67f038e929
[  823.010349][T15632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  823.010366][T15632] RSP: 002b:00007f67f1254038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  823.010383][T15632] RAX: ffffffffffffffda RBX: 00007f67f05b5fa0 RCX: 00007f67f038e929
[  823.010394][T15632] RDX: 0000000000000080 RSI: 0000200000000840 RDI: 0000000000000003
[  823.010405][T15632] RBP: 00007f67f1254090 R08: 0000000000000000 R09: 0000000000000000
[  823.010415][T15632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  823.010426][T15632] R13: 0000000000000000 R14: 00007f67f05b5fa0 R15: 00007fffe003a3b8
[  823.010447][T15632]  </TASK>
[  823.182133][    C0] vkms_vblank_simulate: vblank timer overrun
[  823.276211][   T30] audit: type=1400 audit(1752289285.132:1840): avc:  denied  { unmount } for  pid=5825 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  823.383321][T15637] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  823.463421][T15638] misc userio: Invalid payload size
[  823.610445][T15641] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  823.670169][T15641] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  823.861945][ T5845] Bluetooth: hci3: command tx timeout
[  823.972414][T15643] netlink: 203516 bytes leftover after parsing attributes in process `syz.4.2829'.
[  823.981776][T15643] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  823.990014][T15643] openvswitch: netlink: Duplicate key (type 0).
[  824.053425][T15644] futex_wake_op: syz.4.2829 tries to shift op by 144; fix this program
[  824.400864][T15644] tipc: Started in network mode
[  824.407105][T15644] tipc: Node identity ac141425, cluster identity 4711
[  824.426862][T15644] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  824.504078][T15648] FAULT_INJECTION: forcing a failure.
[  824.504078][T15648] name failslab, interval 1, probability 0, space 0, times 0
[  824.550994][   T30] audit: type=1326 audit(1752289286.476:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15651 comm="syz.4.2833" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f174c38e929 code=0x0
[  824.575360][T15648] CPU: 1 UID: 0 PID: 15648 Comm: syz.0.2831 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  824.575386][T15648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  824.575397][T15648] Call Trace:
[  824.575403][T15648]  <TASK>
[  824.575410][T15648]  dump_stack_lvl+0x16c/0x1f0
[  824.575437][T15648]  should_fail_ex+0x512/0x640
[  824.575457][T15648]  ? fs_reclaim_acquire+0xae/0x150
[  824.575474][T15648]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  824.575496][T15648]  should_failslab+0xc2/0x120
[  824.575519][T15648]  __kmalloc_noprof+0xd2/0x510
[  824.575543][T15648]  tomoyo_realpath_from_path+0xc2/0x6e0
[  824.575565][T15648]  ? tomoyo_profile+0x47/0x60
[  824.575589][T15648]  tomoyo_path_number_perm+0x245/0x580
[  824.575605][T15648]  ? tomoyo_path_number_perm+0x237/0x580
[  824.575625][T15648]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  824.575644][T15648]  ? find_held_lock+0x2b/0x80
[  824.575682][T15648]  ? find_held_lock+0x2b/0x80
[  824.575704][T15648]  ? hook_file_ioctl_common+0x145/0x410
[  824.575722][T15648]  ? __fget_files+0x20e/0x3c0
[  824.575746][T15648]  security_file_ioctl+0x9b/0x240
[  824.575767][T15648]  __x64_sys_ioctl+0xb7/0x210
[  824.575786][T15648]  do_syscall_64+0xcd/0x4c0
[  824.575808][T15648]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  824.575824][T15648] RIP: 0033:0x7f67f038e929
[  824.575837][T15648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  824.575855][T15648] RSP: 002b:00007f67f1254038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  824.575870][T15648] RAX: ffffffffffffffda RBX: 00007f67f05b5fa0 RCX: 00007f67f038e929
[  824.575880][T15648] RDX: 0000200000000480 RSI: 00000000c0306201 RDI: 0000000000000004
[  824.575889][T15648] RBP: 00007f67f1254090 R08: 0000000000000000 R09: 0000000000000000
[  824.575898][T15648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  824.575907][T15648] R13: 0000000000000000 R14: 00007f67f05b5fa0 R15: 00007fffe003a3b8
[  824.575928][T15648]  </TASK>
[  824.576090][T15648] ERROR: Out of memory at tomoyo_realpath_from_path.
[  824.642039][ T5954] usb 2-1: new low-speed USB device number 75 using dummy_hcd
[  824.651359][T15648] binder_alloc: 15647: binder_alloc_buf, no vma
[  824.707212][T15654] netlink: 'syz.3.2832': attribute type 1 has an invalid length.
[  824.817610][T15653] sp0: Synchronizing with TNC
[  824.821172][T15659] FAULT_INJECTION: forcing a failure.
[  824.821172][T15659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  824.861821][T15659] CPU: 0 UID: 0 PID: 15659 Comm: syz.0.2834 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  824.861856][T15659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  824.861866][T15659] Call Trace:
[  824.861872][T15659]  <TASK>
[  824.861879][T15659]  dump_stack_lvl+0x16c/0x1f0
[  824.861907][T15659]  should_fail_ex+0x512/0x640
[  824.861934][T15659]  _copy_from_user+0x2e/0xd0
[  824.861959][T15659]  move_addr_to_kernel+0x65/0x170
[  824.861979][T15659]  __sys_sendto+0x1be/0x520
[  824.862000][T15659]  ? __pfx___sys_sendto+0x10/0x10
[  824.862043][T15659]  ? ksys_write+0x1ac/0x250
[  824.862065][T15659]  ? __pfx_ksys_write+0x10/0x10
[  824.862089][T15659]  __x64_sys_sendto+0xe0/0x1c0
[  824.862110][T15659]  ? do_syscall_64+0x91/0x4c0
[  824.862133][T15659]  ? lockdep_hardirqs_on+0x7c/0x110
[  824.862155][T15659]  do_syscall_64+0xcd/0x4c0
[  824.862180][T15659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  824.862198][T15659] RIP: 0033:0x7f67f038e929
[  824.862212][T15659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  824.862228][T15659] RSP: 002b:00007f67f1254038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  824.862245][T15659] RAX: ffffffffffffffda RBX: 00007f67f05b5fa0 RCX: 00007f67f038e929
[  824.862257][T15659] RDX: 000000000000000e RSI: 0000200000000100 RDI: 0000000000000003
[  824.862267][T15659] RBP: 00007f67f1254090 R08: 0000200000000540 R09: 0000000000000014
[  824.862277][T15659] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  824.862287][T15659] R13: 0000000000000000 R14: 00007f67f05b5fa0 R15: 00007fffe003a3b8
[  824.862310][T15659]  </TASK>
[  825.121373][   T30] audit: type=1400 audit(1752289287.074:1842): avc:  denied  { read } for  pid=15649 comm="syz.3.2832" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  825.137712][ T5954] usb 2-1: Invalid ep0 maxpacket: 64
[  825.222510][T15664] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.2835'.
[  825.231842][T15664] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  825.240090][T15664] openvswitch: netlink: Duplicate key (type 0).
[  825.280380][ T5954] usb 2-1: new low-speed USB device number 76 using dummy_hcd
[  825.350141][T15665] futex_wake_op: syz.0.2835 tries to shift op by 144; fix this program
[  825.385416][   T43] usb 4-1: new full-speed USB device number 86 using dummy_hcd
[  825.604927][T15665] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  825.631642][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 1024, setting to 64
[  825.670716][   T30] audit: type=1400 audit(1752289287.631:1843): avc:  denied  { open } for  pid=15666 comm="syz.4.2836" path="/dev/ptyqd" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  825.700015][ T5954] usb 2-1: Invalid ep0 maxpacket: 64
[  825.701118][   T43] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  825.705626][ T5954] usb usb2-port1: attempt power cycle
[  825.742449][   T43] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  825.778712][   T43] usb 4-1: Product: syz
[  825.782910][   T43] usb 4-1: Manufacturer: syz
[  825.804538][   T43] usb 4-1: SerialNumber: syz
[  825.824012][   T43] usb 4-1: config 0 descriptor??
[  825.829482][T15650] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  825.848512][   T43] hub 4-1:0.0: bad descriptor, ignoring hub
[  825.861903][   T43] hub 4-1:0.0: probe with driver hub failed with error -5
[  825.879442][T15559] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  825.906640][T15671] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2837'.
[  825.906696][T15559] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  825.948653][T15559] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  825.960219][T15559] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  826.091437][ T5954] usb 2-1: new low-speed USB device number 77 using dummy_hcd
[  826.119687][ T5954] usb 2-1: Invalid ep0 maxpacket: 64
[  826.187592][T15559] 8021q: adding VLAN 0 to HW filter on device bond0
[  826.209470][T15559] 8021q: adding VLAN 0 to HW filter on device team0
[  826.220267][ T6135] bridge0: port 1(bridge_slave_0) entered blocking state
[  826.227443][ T6135] bridge0: port 1(bridge_slave_0) entered forwarding state
[  826.239869][ T9862] bridge0: port 2(bridge_slave_1) entered blocking state
[  826.246976][ T9862] bridge0: port 2(bridge_slave_1) entered forwarding state
[  826.271253][   T10] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[  826.279215][ T5954] usb 2-1: new low-speed USB device number 78 using dummy_hcd
[  826.330983][ T5954] usb 2-1: Invalid ep0 maxpacket: 64
[  826.336681][ T5954] usb usb2-port1: unable to enumerate USB device
[  826.366495][T11191] usb 4-1: USB disconnect, device number 86
[  826.416737][T15559] 8021q: adding VLAN 0 to HW filter on device batadv0
[  826.446778][T15559] veth0_vlan: entered promiscuous mode
[  826.456364][T15559] veth1_vlan: entered promiscuous mode
[  826.471010][   T10] usb 5-1: Using ep0 maxpacket: 32
[  826.476955][T15559] veth0_macvtap: entered promiscuous mode
[  826.491344][   T10] usb 5-1: config 0 has an invalid interface number: 126 but max is 0
[  826.503926][   T10] usb 5-1: config 0 has no interface number 0
[  826.513060][   T10] usb 5-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  826.514034][T15559] veth1_macvtap: entered promiscuous mode
[  826.529763][   T10] usb 5-1: config 0 interface 126 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  826.543727][   T10] usb 5-1: config 0 interface 126 has no altsetting 0
[  826.554368][T15559] batman_adv: batadv0: Interface activated: batadv_slave_0
[  826.566712][   T10] usb 5-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[  826.568825][T15559] batman_adv: batadv0: Interface activated: batadv_slave_1
[  826.583774][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  826.591358][T15559] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  826.601578][T15559] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  826.604332][   T10] usb 5-1: Product: syz
[  826.610630][T15559] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  826.623552][   T10] usb 5-1: Manufacturer: syz
[  826.623574][   T10] usb 5-1: SerialNumber: syz
[  826.638269][T15559] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  826.639459][   T10] usb 5-1: config 0 descriptor??
[  826.659473][T15691] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  826.670870][T15684] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  826.725395][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  826.739720][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  826.762253][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  826.770927][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  826.791299][   T30] audit: type=1400 audit(1752289288.827:1844): avc:  denied  { mounton } for  pid=15559 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  826.815273][    C0] vkms_vblank_simulate: vblank timer overrun
[  827.025600][T15699] netlink: 71 bytes leftover after parsing attributes in process `syz.2.2841'.
[  827.078285][   T10] ir_usb 5-1:0.126: required endpoints missing
[  827.109242][   T10] usb 5-1: USB disconnect, device number 72
[  827.172878][T15704] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  827.188266][T15704] overlayfs: missing 'lowerdir'
[  827.326414][T15708] ubi: mtd0 is already attached to ubi31
[  827.364208][T15710] No control pipe specified
[  827.371823][   T30] audit: type=1400 audit(1752289289.436:1845): avc:  denied  { read } for  pid=15709 comm="syz.1.2847" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  827.404605][   T30] audit: type=1400 audit(1752289289.436:1846): avc:  denied  { open } for  pid=15709 comm="syz.1.2847" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  827.453351][   T30] audit: type=1400 audit(1752289289.457:1847): avc:  denied  { ioctl } for  pid=15709 comm="syz.1.2847" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x937d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  827.479976][T15713] netlink: 'syz.2.2845': attribute type 1 has an invalid length.
[  827.653495][T15715] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.2848'.
[  827.662866][T15715] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  827.671102][T15715] openvswitch: netlink: Duplicate key (type 0).
[  827.799775][T15721] futex_wake_op: syz.1.2848 tries to shift op by 144; fix this program
[  827.964320][T15721] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  828.013861][   T43] usb 1-1: new high-speed USB device number 85 using dummy_hcd
[  828.257369][   T43] usb 1-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=b9.bf
[  828.318770][T15733] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  828.322337][   T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  828.333395][T15734] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2853'.
[  828.355644][   T43] usb 1-1: Product: syz
[  828.392040][   T43] usb 1-1: Manufacturer: syz
[  828.457575][   T43] usb 1-1: SerialNumber: syz
[  828.480690][T15733] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  828.487970][T15733] IPv6: NLM_F_CREATE should be set when creating new route
[  828.493572][   T43] usb 1-1: config 0 descriptor??
[  828.495238][T15733] IPv6: NLM_F_CREATE should be set when creating new route
[  828.503256][   T43] usb 1-1: Waiting for MOTU Microbook II to boot up...
[  828.507332][T15733] IPv6: NLM_F_CREATE should be set when creating new route
[  828.532430][   T43] usb 1-1: failed setting the sample rate for Motu MicroBook II: -22
[  828.538314][   T30] audit: type=1400 audit(1752289290.602:1848): avc:  denied  { bind } for  pid=15727 comm="syz.3.2852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  828.541390][T15735] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2852'.
[  828.559767][    C0] vkms_vblank_simulate: vblank timer overrun
[  828.591776][   T43] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -22
[  828.842531][   T10] usb 2-1: new high-speed USB device number 79 using dummy_hcd
[  828.898027][T15741] No control pipe specified
[  828.928296][T15744] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  829.088564][   T10] usb 2-1: Using ep0 maxpacket: 16
[  829.097767][   T10] usb 2-1: config 200 has an invalid descriptor of length 1, skipping remainder of the config
[  829.109390][   T10] usb 2-1: config 200 has 0 interfaces, different from the descriptor's value: 1
[  829.119545][   T10] usb 2-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  829.539640][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  830.019057][   T10] usb 2-1: string descriptor 0 read error: -71
[  830.034925][   T10] usb 2-1: USB disconnect, device number 79
[  830.097585][ T5954] usb 1-1: USB disconnect, device number 85
[  830.233240][ T5900] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[  830.751116][T15762] ubi: mtd0 is already attached to ubi31
[  830.785391][ T5900] usb 4-1: Using ep0 maxpacket: 32
[  830.792029][ T5900] usb 4-1: config 0 has an invalid interface number: 126 but max is 0
[  830.800295][ T5900] usb 4-1: config 0 has no interface number 0
[  830.806504][ T5900] usb 4-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  830.817171][ T5900] usb 4-1: config 0 interface 126 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  830.830304][ T5900] usb 4-1: config 0 interface 126 has no altsetting 0
[  830.838821][ T5900] usb 4-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[  830.848216][ T5900] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  830.859741][ T5900] usb 4-1: Product: syz
[  830.864697][ T5900] usb 4-1: Manufacturer: syz
[  830.869293][ T5900] usb 4-1: SerialNumber: syz
[  830.876611][ T5900] usb 4-1: config 0 descriptor??
[  830.882257][T15755] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  830.925626][T15764] netlink: 'syz.1.2862': attribute type 1 has an invalid length.
[  831.687906][ T5900] ir_usb 4-1:0.126: required endpoints missing
[  831.698822][ T5900] usb 4-1: USB disconnect, device number 87
[  833.415081][T11191] usb 2-1: new high-speed USB device number 80 using dummy_hcd
[  833.464894][T15792] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.2872'.
[  833.474441][T15792] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  833.482743][T15792] openvswitch: netlink: Duplicate key (type 0).
[  833.557483][T11191] usb 2-1: device descriptor read/64, error -71
[  833.558266][T15794] futex_wake_op: syz.3.2872 tries to shift op by 144; fix this program
[  833.672151][T15794] tipc: New replicast peer: 0.0.0.0
[  833.680766][T15794] tipc: Enabled bearer <udp:syz2>, priority 10
[  834.882998][ T5900] tipc: Node number set to 748494488
[  834.983023][T11191] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[  837.635735][   T30] audit: type=1326 audit(1752289300.209:1849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15833 comm="syz.2.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  837.659532][   T10] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[  837.772537][T15838] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  837.950896][T15836] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  837.966476][   T30] audit: type=1326 audit(1752289300.209:1850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15833 comm="syz.2.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  838.122260][T15846] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  838.202986][T15846] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  838.368333][   T10] usb 5-1: Using ep0 maxpacket: 8
[  838.387525][   T10] usb 5-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=c4.6d
[  838.396775][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  838.411869][   T30] audit: type=1326 audit(1752289300.534:1851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15833 comm="syz.2.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  838.440368][   T10] usb 5-1: Product: syz
[  838.449961][   T10] usb 5-1: Manufacturer: syz
[  838.455149][   T10] usb 5-1: SerialNumber: syz
[  838.462099][   T10] usb 5-1: config 0 descriptor??
[  838.467722][   T30] audit: type=1326 audit(1752289300.544:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15833 comm="syz.2.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  838.505449][   T10] gspca_main: sonixj-2.14.0 probing 0c45:614a
[  838.541060][   T30] audit: type=1326 audit(1752289300.544:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15833 comm="syz.2.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  838.606779][T15850] ubi: mtd0 is already attached to ubi31
[  838.617271][   T30] audit: type=1326 audit(1752289300.586:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15833 comm="syz.2.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  838.641105][   T30] audit: type=1326 audit(1752289300.586:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15833 comm="syz.2.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f795118e963 code=0x7ffc0000
[  838.726930][   T30] audit: type=1326 audit(1752289300.586:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15833 comm="syz.2.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f795118e963 code=0x7ffc0000
[  838.759239][   T30] audit: type=1326 audit(1752289300.586:1857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15833 comm="syz.2.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  838.794023][T15851] netlink: 'syz.1.2888': attribute type 1 has an invalid length.
[  839.155150][   T30] audit: type=1326 audit(1752289300.586:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15833 comm="syz.2.2883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  839.178805][T15825] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  839.187677][   T10] gspca_sonixj: reg_r err -110
[  839.192740][   T10] sonixj 5-1:0.0: probe with driver sonixj failed with error -110
[  839.196263][T15825] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  839.208353][   T43] usb 3-1: new full-speed USB device number 59 using dummy_hcd
[  839.280006][T15858] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2890'.
[  839.557813][   T10] usb 4-1: new high-speed USB device number 88 using dummy_hcd
[  839.700518][   T10] usb 4-1: Using ep0 maxpacket: 32
[  839.737427][   T10] usb 4-1: config 0 has an invalid interface number: 126 but max is 0
[  839.747729][   T10] usb 4-1: config 0 has no interface number 0
[  839.754513][   T10] usb 4-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  839.765693][   T10] usb 4-1: config 0 interface 126 altsetting 16 endpoint 0x82 has invalid wMaxPacketSize 0
[  839.775874][   T10] usb 4-1: config 0 interface 126 has no altsetting 0
[  839.796263][   T10] usb 4-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[  839.811770][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  839.821938][   T10] usb 4-1: Product: syz
[  839.826909][   T10] usb 4-1: Manufacturer: syz
[  839.831616][   T10] usb 4-1: SerialNumber: syz
[  839.855002][   T10] usb 4-1: config 0 descriptor??
[  839.860689][T15860] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  840.271171][ T5954] usb 5-1: USB disconnect, device number 73
[  840.280861][   T10] ir_usb 4-1:0.126: required endpoints missing
[  840.301448][   T10] usb 4-1: USB disconnect, device number 88
[  840.908695][T15887] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  840.929663][T15887] autofs: Unknown parameter ''
[  841.251594][T15896] netlink: 188 bytes leftover after parsing attributes in process `syz.1.2901'.
[  841.849616][T15906] FAULT_INJECTION: forcing a failure.
[  841.849616][T15906] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  842.176175][T15908] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  842.200101][T15906] CPU: 0 UID: 0 PID: 15906 Comm: syz.0.2904 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  842.200121][T15906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  842.200128][T15906] Call Trace:
[  842.200132][T15906]  <TASK>
[  842.200136][T15906]  dump_stack_lvl+0x16c/0x1f0
[  842.200155][T15906]  should_fail_ex+0x512/0x640
[  842.200172][T15906]  _copy_from_user+0x2e/0xd0
[  842.200188][T15906]  copy_msghdr_from_user+0x98/0x160
[  842.200203][T15906]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  842.200216][T15906]  ? __schedule+0x1181/0x5de0
[  842.200236][T15906]  ___sys_sendmsg+0xfe/0x1d0
[  842.200251][T15906]  ? __pfx____sys_sendmsg+0x10/0x10
[  842.200263][T15906]  ? __lock_acquire+0x622/0x1c90
[  842.200285][T15906]  ? fget_raw+0x40/0x50
[  842.200303][T15906]  __sys_sendmsg+0x16d/0x220
[  842.200317][T15906]  ? __pfx___sys_sendmsg+0x10/0x10
[  842.200340][T15906]  do_syscall_64+0xcd/0x4c0
[  842.200355][T15906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  842.200367][T15906] RIP: 0033:0x7f67f038e929
[  842.200376][T15906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  842.200386][T15906] RSP: 002b:00007f67f1254038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  842.200396][T15906] RAX: ffffffffffffffda RBX: 00007f67f05b5fa0 RCX: 00007f67f038e929
[  842.200403][T15906] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000003
[  842.200409][T15906] RBP: 00007f67f1254090 R08: 0000000000000000 R09: 0000000000000000
[  842.200416][T15906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  842.200422][T15906] R13: 0000000000000000 R14: 00007f67f05b5fa0 R15: 00007fffe003a3b8
[  842.200435][T15906]  </TASK>
[  842.371939][    C0] vkms_vblank_simulate: vblank timer overrun
[  842.513909][   T30] kauditd_printk_skb: 23 callbacks suppressed
[  842.513926][   T30] audit: type=1400 audit(1752289305.332:1882): avc:  denied  { write } for  pid=15905 comm="syz.3.2905" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  842.888815][T15929] netlink: 'syz.4.2913': attribute type 1 has an invalid length.
[  842.896854][T15929] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2913'.
[  843.217108][T15939] netlink: 'syz.2.2912': attribute type 1 has an invalid length.
[  843.224942][T15939] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2912'.
[  844.045855][T15945] trusted_key: syz.0.2914 sent an empty control message without MSG_MORE.
[  844.256729][T15964] FAULT_INJECTION: forcing a failure.
[  844.256729][T15964] name failslab, interval 1, probability 0, space 0, times 0
[  844.276583][T15964] CPU: 0 UID: 0 PID: 15964 Comm: syz.2.2920 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  844.276606][T15964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  844.276617][T15964] Call Trace:
[  844.276623][T15964]  <TASK>
[  844.276630][T15964]  dump_stack_lvl+0x16c/0x1f0
[  844.276658][T15964]  should_fail_ex+0x512/0x640
[  844.276680][T15964]  ? fs_reclaim_acquire+0xae/0x150
[  844.276700][T15964]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  844.276724][T15964]  should_failslab+0xc2/0x120
[  844.276749][T15964]  __kmalloc_noprof+0xd2/0x510
[  844.276777][T15964]  tomoyo_realpath_from_path+0xc2/0x6e0
[  844.276810][T15964]  ? tomoyo_profile+0x47/0x60
[  844.276839][T15964]  tomoyo_path_number_perm+0x245/0x580
[  844.276857][T15964]  ? tomoyo_path_number_perm+0x237/0x580
[  844.276879][T15964]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  844.276901][T15964]  ? find_held_lock+0x2b/0x80
[  844.276947][T15964]  ? find_held_lock+0x2b/0x80
[  844.276967][T15964]  ? hook_file_ioctl_common+0x145/0x410
[  844.276989][T15964]  ? __fget_files+0x20e/0x3c0
[  844.277016][T15964]  security_file_ioctl+0x9b/0x240
[  844.277041][T15964]  __x64_sys_ioctl+0xb7/0x210
[  844.277064][T15964]  do_syscall_64+0xcd/0x4c0
[  844.277090][T15964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  844.277107][T15964] RIP: 0033:0x7f795118e929
[  844.277122][T15964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  844.277139][T15964] RSP: 002b:00007f7951f26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  844.277156][T15964] RAX: ffffffffffffffda RBX: 00007f79513b5fa0 RCX: 00007f795118e929
[  844.277168][T15964] RDX: 0000200000000180 RSI: 00000000c03864bc RDI: 000000000000000d
[  844.277179][T15964] RBP: 00007f7951f26090 R08: 0000000000000000 R09: 0000000000000000
[  844.277188][T15964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  844.277197][T15964] R13: 0000000000000000 R14: 00007f79513b5fa0 R15: 00007ffd828a17a8
[  844.277221][T15964]  </TASK>
[  844.279078][T15964] ERROR: Out of memory at tomoyo_realpath_from_path.
[  844.428204][    C0] vkms_vblank_simulate: vblank timer overrun
[  844.492683][   T10] usb 4-1: new high-speed USB device number 89 using dummy_hcd
[  844.625673][T15685] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[  844.643949][   T10] usb 4-1: Using ep0 maxpacket: 8
[  844.673875][   T10] usb 4-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  844.690016][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  844.777398][T15685] usb 1-1: Using ep0 maxpacket: 16
[  845.075447][T15685] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  845.101779][   T10] usb 4-1: Product: syz
[  845.111138][   T10] usb 4-1: Manufacturer: syz
[  845.117038][T15685] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  845.126962][   T10] usb 4-1: SerialNumber: syz
[  845.151426][   T10] usb 4-1: config 0 descriptor??
[  845.166558][T15685] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  845.189158][   T10] gspca_main: sq905-2.14.0 probing 2770:9120
[  845.302575][T15973] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  845.453188][T15972] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  845.453799][T15685] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  845.470848][T15685] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  845.500139][T15685] usb 1-1: config 0 descriptor??
[  845.711312][T15982] ubi: mtd0 is already attached to ubi31
[  845.797265][T15985] FAULT_INJECTION: forcing a failure.
[  845.797265][T15985] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  845.832727][T15987] netlink: 'syz.1.2926': attribute type 1 has an invalid length.
[  845.846790][T15985] CPU: 1 UID: 0 PID: 15985 Comm: syz.4.2927 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  845.846816][T15985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  845.846827][T15985] Call Trace:
[  845.846834][T15985]  <TASK>
[  845.846841][T15985]  dump_stack_lvl+0x16c/0x1f0
[  845.846869][T15985]  should_fail_ex+0x512/0x640
[  845.846894][T15985]  _copy_from_user+0x2e/0xd0
[  845.846919][T15985]  copy_msghdr_from_user+0x98/0x160
[  845.846944][T15985]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  845.846979][T15985]  ___sys_sendmsg+0xfe/0x1d0
[  845.847003][T15985]  ? __pfx____sys_sendmsg+0x10/0x10
[  845.847022][T15985]  ? __lock_acquire+0x622/0x1c90
[  845.847070][T15985]  __sys_sendmsg+0x16d/0x220
[  845.847094][T15985]  ? __pfx___sys_sendmsg+0x10/0x10
[  845.847133][T15985]  do_syscall_64+0xcd/0x4c0
[  845.847157][T15985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  845.847175][T15985] RIP: 0033:0x7f174c38e929
[  845.847189][T15985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  845.847205][T15985] RSP: 002b:00007f174d18b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  845.847222][T15985] RAX: ffffffffffffffda RBX: 00007f174c5b5fa0 RCX: 00007f174c38e929
[  845.847233][T15985] RDX: 0000000004048850 RSI: 00002000000001c0 RDI: 0000000000000003
[  845.847244][T15985] RBP: 00007f174d18b090 R08: 0000000000000000 R09: 0000000000000000
[  845.847254][T15985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  845.847264][T15985] R13: 0000000000000000 R14: 00007f174c5b5fa0 R15: 00007fff33d9bc28
[  845.847287][T15985]  </TASK>
[  846.291268][ T5900] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  846.424926][   T10] gspca_sq905: bulk read fail (-22) len 0/4
[  847.013083][   T10] sq905 4-1:0.0: probe with driver sq905 failed with error -5
[  847.435349][T15986] pim6reg1: entered allmulticast mode
[  847.505873][ T5900] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  847.544455][ T5900] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  847.562842][ T5900] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  847.578372][ T5900] usb 3-1: config 0 descriptor??
[  847.588389][   T30] audit: type=1400 audit(1752289309.662:1883): avc:  denied  { ioctl } for  pid=15995 comm="syz.4.2930" path="socket:[45918]" dev="sockfs" ino=45918 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  847.597435][ T5900] pwc: Askey VC010 type 2 USB webcam detected.
[  848.252427][T15685] usbhid 1-1:0.0: can't add hid device: -71
[  848.263261][T15685] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  848.287331][T15685] usb 1-1: USB disconnect, device number 86
[  850.712623][ T5900] pwc: recv_control_msg error -71 req 02 val 2700
[  850.768496][T11418] usb 4-1: USB disconnect, device number 89
[  850.775018][ T5900] pwc: recv_control_msg error -71 req 02 val 2c00
[  850.807313][ T5900] pwc: recv_control_msg error -71 req 04 val 1000
[  850.854277][ T5900] pwc: recv_control_msg error -71 req 04 val 1300
[  850.877921][ T5900] pwc: recv_control_msg error -71 req 04 val 1400
[  850.886314][T16012] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  850.962216][ T5900] pwc: recv_control_msg error -71 req 02 val 2000
[  850.990167][ T5900] pwc: recv_control_msg error -71 req 02 val 2100
[  851.436951][ T5900] pwc: recv_control_msg error -71 req 04 val 1500
[  851.445294][ T5900] pwc: recv_control_msg error -71 req 02 val 2500
[  851.452466][ T5900] pwc: recv_control_msg error -71 req 02 val 2400
[  851.462248][ T5900] pwc: recv_control_msg error -71 req 02 val 2600
[  851.690664][   T30] audit: type=1326 audit(1752289313.819:1884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16008 comm="syz.2.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  851.740667][   T30] audit: type=1326 audit(1752289313.819:1885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16008 comm="syz.2.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  851.742710][ T5900] pwc: recv_control_msg error -71 req 02 val 2900
[  851.802451][   T30] audit: type=1326 audit(1752289313.819:1886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16008 comm="syz.2.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  851.828900][ T5900] pwc: recv_control_msg error -71 req 02 val 2800
[  851.850148][ T5900] pwc: recv_control_msg error -71 req 04 val 1100
[  851.879770][ T5900] pwc: recv_control_msg error -71 req 04 val 1200
[  851.920972][ T5900] pwc: Registered as video103.
[  851.956767][   T30] audit: type=1326 audit(1752289313.819:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16008 comm="syz.2.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  851.961795][ T5900] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input29
[  852.075583][   T30] audit: type=1326 audit(1752289313.819:1888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16008 comm="syz.2.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  852.122270][ T5900] usb 3-1: USB disconnect, device number 60
[  852.360614][   T30] audit: type=1326 audit(1752289313.819:1889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16008 comm="syz.2.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  852.484706][   T30] audit: type=1326 audit(1752289313.819:1890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16008 comm="syz.2.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  852.585164][   T30] audit: type=1326 audit(1752289313.819:1891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16008 comm="syz.2.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  852.671571][   T30] audit: type=1326 audit(1752289313.819:1892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16008 comm="syz.2.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  852.742364][   T30] audit: type=1326 audit(1752289313.819:1893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16008 comm="syz.2.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  852.794976][   T30] audit: type=1326 audit(1752289313.819:1894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16008 comm="syz.2.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  852.868607][   T30] audit: type=1326 audit(1752289313.819:1895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16008 comm="syz.2.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  852.976357][T16052] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  852.989594][T16053] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16053 comm=syz.2.2941
[  853.021563][   T30] audit: type=1326 audit(1752289313.819:1896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16008 comm="syz.2.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  853.083010][T16052] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  853.123975][   T30] audit: type=1326 audit(1752289313.819:1897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16008 comm="syz.2.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  853.226331][   T30] audit: type=1326 audit(1752289313.829:1898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16008 comm="syz.2.2933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795118e929 code=0x7ffc0000
[  853.922722][T16057] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5137 sclass=netlink_route_socket pid=16057 comm=syz.2.2941
[  854.303601][T12414] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  854.321685][T12414] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  854.337394][T12414] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  854.349419][T12414] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  854.362765][T12414] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  854.460472][T16066] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  854.509876][T16066] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  854.628360][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  854.630370][ T6136] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  854.634674][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  854.779751][T16068] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  854.981393][ T6136] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  855.105443][ T6136] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  855.121647][T16068] dummy0 speed is unknown, defaulting to 1000
[  855.405240][T16079] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  855.431162][T16079] autofs: Unknown parameter ''
[  855.526962][ T6136] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  855.582862][T16058] dummy0 speed is unknown, defaulting to 1000
[  856.111172][   T43] usb 4-1: new high-speed USB device number 90 using dummy_hcd
[  856.284463][   T43] usb 4-1: Using ep0 maxpacket: 8
[  856.295469][T12414] Bluetooth: hci0: command tx timeout
[  856.330711][   T43] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  856.338939][   T43] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  856.351206][   T43] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  856.397123][   T43] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  856.607113][   T43] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  856.662435][T16094] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  856.679591][T16094] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  856.929718][   T43] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  856.948089][   T43] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  856.984263][   T43] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  856.999391][   T43] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  857.011341][   T43] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  857.035401][   T43] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  857.042972][   T43] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  857.053057][ T6136] bridge_slave_1: left allmulticast mode
[  857.054293][   T43] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  857.070780][ T6136] bridge_slave_1: left promiscuous mode
[  857.071572][   T43] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  857.089715][   T43] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  857.089951][ T6136] bridge0: port 2(bridge_slave_1) entered disabled state
[  857.111393][   T43] usb 4-1: string descriptor 0 read error: -22
[  857.117688][   T43] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  857.144532][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  857.157604][ T6136] bridge_slave_0: left allmulticast mode
[  857.163569][ T6136] bridge_slave_0: left promiscuous mode
[  857.170285][ T6136] bridge0: port 1(bridge_slave_0) entered disabled state
[  857.313922][   T43] adutux 4-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  857.554148][T16097] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  857.687912][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  857.687926][   T30] audit: type=1400 audit(1752289320.265:1904): avc:  denied  { ioctl } for  pid=16102 comm="syz.4.2957" path="socket:[46037]" dev="sockfs" ino=46037 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  858.275097][T12414] Bluetooth: hci0: command tx timeout
[  858.438138][ T7253] usb 4-1: USB disconnect, device number 90
[  858.479660][ T6136] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  859.242135][ T6136] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  859.253304][ T6136] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  859.263212][ T6136] bond0 (unregistering): Released all slaves
[  859.333792][ T6136] bond1 (unregistering): Released all slaves
[  859.446873][ T6136] tipc: Disabling bearer <udp:syz2>
[  859.466284][ T5900] usb 3-1: new full-speed USB device number 61 using dummy_hcd
[  859.471962][ T6136] tipc: Left network mode
[  859.534614][T16058] chnl_net:caif_netlink_parms(): no params data found
[  859.855561][ T5900] usb 3-1: config 1 interface 0 has no altsetting 0
[  859.868777][ T5900] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  859.886503][ T5900] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  859.961423][ T5900] usb 3-1: Product: syz
[  860.024536][ T5900] usb 3-1: Manufacturer: syz
[  860.078974][ T5900] usb 3-1: SerialNumber: syz
[  860.259274][T12414] Bluetooth: hci0: command tx timeout
[  860.470964][T16124] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  860.541382][T16138] FAULT_INJECTION: forcing a failure.
[  860.541382][T16138] name failslab, interval 1, probability 0, space 0, times 0
[  860.554174][T16138] CPU: 0 UID: 0 PID: 16138 Comm: syz.0.2963 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  860.554198][T16138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  860.554208][T16138] Call Trace:
[  860.554215][T16138]  <TASK>
[  860.554222][T16138]  dump_stack_lvl+0x16c/0x1f0
[  860.554250][T16138]  should_fail_ex+0x512/0x640
[  860.554275][T16138]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  860.554302][T16138]  should_failslab+0xc2/0x120
[  860.554327][T16138]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  860.554349][T16138]  ? trace_sched_exit_tp+0xde/0x130
[  860.554374][T16138]  ? getname_flags.part.0+0x4c/0x550
[  860.554396][T16138]  getname_flags.part.0+0x4c/0x550
[  860.554417][T16138]  getname_flags+0x93/0xf0
[  860.554438][T16138]  do_sys_openat2+0xb8/0x1d0
[  860.554455][T16138]  ? __pfx_do_sys_openat2+0x10/0x10
[  860.554474][T16138]  ? __pfx___schedule+0x10/0x10
[  860.554495][T16138]  ? fdget_pos+0x192/0x370
[  860.554525][T16138]  __x64_sys_openat+0x174/0x210
[  860.554542][T16138]  ? __pfx___x64_sys_openat+0x10/0x10
[  860.554558][T16138]  ? ksys_write+0x1ac/0x250
[  860.554589][T16138]  do_syscall_64+0xcd/0x4c0
[  860.554615][T16138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  860.554633][T16138] RIP: 0033:0x7f67f038e929
[  860.554647][T16138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  860.554664][T16138] RSP: 002b:00007f67f1212038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  860.554681][T16138] RAX: ffffffffffffffda RBX: 00007f67f05b6160 RCX: 00007f67f038e929
[  860.554693][T16138] RDX: 0000000000000000 RSI: 0000200000000300 RDI: ffffffffffffff9c
[  860.554705][T16138] RBP: 00007f67f1212090 R08: 0000000000000000 R09: 0000000000000000
[  860.554716][T16138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  860.554727][T16138] R13: 0000000000000000 R14: 00007f67f05b6160 R15: 00007fffe003a3b8
[  860.554755][T16138]  </TASK>
[  860.757099][T16058] bridge0: port 1(bridge_slave_0) entered blocking state
[  860.778281][T16058] bridge0: port 1(bridge_slave_0) entered disabled state
[  860.786226][T16058] bridge_slave_0: entered allmulticast mode
[  860.794003][T16058] bridge_slave_0: entered promiscuous mode
[  860.829553][T16058] bridge0: port 2(bridge_slave_1) entered blocking state
[  860.837408][T16058] bridge0: port 2(bridge_slave_1) entered disabled state
[  860.845093][T16058] bridge_slave_1: entered allmulticast mode
[  860.852625][T16058] bridge_slave_1: entered promiscuous mode
[  860.941402][T16058] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  860.952994][T16058] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  860.995538][ T6136] hsr_slave_0: left promiscuous mode
[  861.028656][ T6136] hsr_slave_1: left promiscuous mode
[  861.176249][ T6136] veth1_macvtap: left promiscuous mode
[  861.189639][ T6136] veth0_macvtap: left promiscuous mode
[  861.916851][ T6136] veth1_vlan: left promiscuous mode
[  861.944068][ T6136] veth0_vlan: left promiscuous mode
[  862.131452][ T5900] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 61 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  862.146503][ T5900] usb 3-1: USB disconnect, device number 61
[  862.163009][ T5900] usblp0: removed
[  862.253691][T12414] Bluetooth: hci0: command tx timeout
[  862.355007][   T30] audit: type=1326 audit(1752289325.157:1905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16165 comm="syz.4.2971" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f174c38e929 code=0x0
[  862.818866][   T30] audit: type=1400 audit(1752289325.545:1906): avc:  denied  { mount } for  pid=16162 comm="syz.2.2970" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  862.968758][ T6136] team0 (unregistering): Port device team_slave_1 removed
[  863.000611][ T6136] team0 (unregistering): Port device team_slave_0 removed
[  863.180554][   T30] audit: type=1326 audit(1752289326.017:1907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16174 comm="syz.4.2972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f174c38e929 code=0x7ffc0000
[  863.208419][T16177] FAULT_INJECTION: forcing a failure.
[  863.208419][T16177] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  863.221377][   T30] audit: type=1326 audit(1752289326.017:1908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16174 comm="syz.4.2972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f174c38e929 code=0x7ffc0000
[  863.228352][T16177] CPU: 0 UID: 0 PID: 16177 Comm: syz.2.2973 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  863.228373][T16177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  863.228382][T16177] Call Trace:
[  863.228388][T16177]  <TASK>
[  863.228394][T16177]  dump_stack_lvl+0x16c/0x1f0
[  863.228418][T16177]  should_fail_ex+0x512/0x640
[  863.228440][T16177]  _copy_from_user+0x2e/0xd0
[  863.228462][T16177]  __sys_bpf+0x21d/0x4d80
[  863.228492][T16177]  ? __pfx___sys_bpf+0x10/0x10
[  863.228513][T16177]  ? ksys_write+0x190/0x250
[  863.228535][T16177]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  863.228569][T16177]  ? fput+0x70/0xf0
[  863.228586][T16177]  ? ksys_write+0x1ac/0x250
[  863.228604][T16177]  ? __pfx_ksys_write+0x10/0x10
[  863.228626][T16177]  __x64_sys_bpf+0x78/0xc0
[  863.228645][T16177]  ? lockdep_hardirqs_on+0x7c/0x110
[  863.228665][T16177]  do_syscall_64+0xcd/0x4c0
[  863.228686][T16177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  863.228702][T16177] RIP: 0033:0x7f795118e929
[  863.228715][T16177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  863.228729][T16177] RSP: 002b:00007f7951f26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  863.228744][T16177] RAX: ffffffffffffffda RBX: 00007f79513b5fa0 RCX: 00007f795118e929
[  863.228754][T16177] RDX: 0000000000000048 RSI: 00002000000027c0 RDI: 0000000000000000
[  863.228763][T16177] RBP: 00007f7951f26090 R08: 0000000000000000 R09: 0000000000000000
[  863.228772][T16177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  863.228781][T16177] R13: 0000000000000001 R14: 00007f79513b5fa0 R15: 00007ffd828a17a8
[  863.228801][T16177]  </TASK>
[  863.451507][   T30] audit: type=1326 audit(1752289326.038:1909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16174 comm="syz.4.2972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f174c38e929 code=0x7ffc0000
[  863.487812][   T30] audit: type=1326 audit(1752289326.038:1910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16174 comm="syz.4.2972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f174c38e929 code=0x7ffc0000
[  863.606626][   T30] audit: type=1326 audit(1752289326.038:1911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16174 comm="syz.4.2972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f174c38e929 code=0x7ffc0000
[  863.641409][   T30] audit: type=1326 audit(1752289326.038:1912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16174 comm="syz.4.2972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f174c38e929 code=0x7ffc0000
[  863.669287][   T30] audit: type=1326 audit(1752289326.038:1913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16174 comm="syz.4.2972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f174c38e929 code=0x7ffc0000
[  863.701205][   T30] audit: type=1326 audit(1752289326.038:1914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16174 comm="syz.4.2972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f174c38e929 code=0x7ffc0000
[  863.736025][   T30] audit: type=1326 audit(1752289326.038:1915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16174 comm="syz.4.2972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f174c38e929 code=0x7ffc0000
[  863.845714][T16058] team0: Port device team_slave_0 added
[  863.865261][T11191] dummy0 speed is unknown, defaulting to 1000
[  863.921061][T11191] infiniband syz2: ib_query_port failed (-19)
[  863.922871][T16058] team0: Port device team_slave_1 added
[  864.047024][T16189] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818)
[  864.069605][T16189] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2975'.
[  964.104631][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  964.104650][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P16183/1:b..l
[  964.105202][    C1] rcu: 	(detected by 1, t=10504 jiffies, g=71369, q=134 ncpus=2)
[  964.105218][    C1] task:syz.2.2974      state:R  running task     stack:24936 pid:16183 tgid:16180 ppid:15559  task_flags:0x400140 flags:0x00004000
[  964.105272][    C1] Call Trace:
[  964.105279][    C1]  <TASK>
[  964.105290][    C1]  __schedule+0x116a/0x5de0
[  964.105320][    C1]  ? __lock_acquire+0x622/0x1c90
[  964.105347][    C1]  ? __pfx___schedule+0x10/0x10
[  964.105374][    C1]  ? irqentry_exit+0x3b/0x90
[  964.105395][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  964.105421][    C1]  ? preempt_schedule_thunk+0x16/0x30
[  964.105445][    C1]  preempt_schedule_common+0x44/0xc0
[  964.105469][    C1]  preempt_schedule_thunk+0x16/0x30
[  964.105496][    C1]  _raw_spin_unlock+0x3e/0x50
[  964.105524][    C1]  unmap_page_range+0x106b/0x4350
[  964.105573][    C1]  ? __pfx_unmap_page_range+0x10/0x10
[  964.105604][    C1]  ? mas_walk+0x6a6/0x910
[  964.105630][    C1]  unmap_single_vma.constprop.0+0x153/0x240
[  964.105660][    C1]  unmap_vmas+0x218/0x470
[  964.105689][    C1]  ? __pfx_unmap_vmas+0x10/0x10
[  964.105716][    C1]  ? irqentry_exit+0x3b/0x90
[  964.105747][    C1]  ? vms_clear_ptes+0x17a/0x770
[  964.105773][    C1]  vms_clear_ptes+0x41f/0x770
[  964.105799][    C1]  ? __pfx_vms_clear_ptes+0x10/0x10
[  964.105835][    C1]  ? may_expand_vm+0xe8/0x430
[  964.105857][    C1]  __mmap_region+0x572/0x25e0
[  964.105882][    C1]  ? __pfx___mmap_region+0x10/0x10
[  964.105910][    C1]  ? lock_acquire+0x179/0x350
[  964.105925][    C1]  ? find_held_lock+0x2b/0x80
[  964.105950][    C1]  ? mark_held_locks+0x49/0x80
[  964.105976][    C1]  ? finish_task_switch.isra.0+0x221/0xc10
[  964.105999][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  964.106021][    C1]  ? finish_task_switch.isra.0+0x221/0xc10
[  964.106044][    C1]  ? rcu_is_watching+0x12/0xc0
[  964.106066][    C1]  ? trace_sched_exit_tp+0xde/0x130
[  964.106091][    C1]  ? __schedule+0x1181/0x5de0
[  964.106155][    C1]  mmap_region+0x32b/0x3f0
[  964.106183][    C1]  do_mmap+0xa3e/0x1210
[  964.106205][    C1]  ? __pfx_do_mmap+0x10/0x10
[  964.106222][    C1]  ? __pfx_down_write_killable+0x10/0x10
[  964.106251][    C1]  vm_mmap_pgoff+0x281/0x450
[  964.106282][    C1]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  964.106305][    C1]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  964.106326][    C1]  ? hugetlbfs_get_inode+0x31f/0x730
[  964.106353][    C1]  ksys_mmap_pgoff+0x1c8/0x5c0
[  964.106384][    C1]  __x64_sys_mmap+0x125/0x190
[  964.106412][    C1]  do_syscall_64+0xcd/0x4c0
[  964.106438][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  964.106456][    C1] RIP: 0033:0x7f795118e929
[  964.106471][    C1] RSP: 002b:00007f794efd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  964.106489][    C1] RAX: ffffffffffffffda RBX: 00007f79513b6160 RCX: 00007f795118e929
[  964.106505][    C1] RDX: 0000000001000002 RSI: 0000000000ff5000 RDI: 0000200000000000
[  964.106518][    C1] RBP: 00007f7951210b39 R08: ffffffffffffffff R09: 0000000000000000
[  964.106529][    C1] R10: 000200000005c831 R11: 0000000000000246 R12: 0000000000000000
[  964.106541][    C1] R13: 0000000000000000 R14: 00007f79513b6160 R15: 00007ffd828a17a8
[  964.106566][    C1]  </TASK>
[  964.106573][    C1] rcu: rcu_preempt kthread starved for 10495 jiffies! g71369 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  964.106593][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  964.106602][    C1] rcu: RCU grace-period kthread stack dump:
[  964.106608][    C1] task:rcu_preempt     state:R  running task     stack:28008 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  964.106664][    C1] Call Trace:
[  964.106670][    C1]  <TASK>
[  964.106681][    C1]  __schedule+0x116a/0x5de0
[  964.106709][    C1]  ? __lock_acquire+0x622/0x1c90
[  964.106731][    C1]  ? __pfx___schedule+0x10/0x10
[  964.106758][    C1]  ? find_held_lock+0x2b/0x80
[  964.106780][    C1]  ? schedule+0x2d7/0x3a0
[  964.106804][    C1]  schedule+0xe7/0x3a0
[  964.106825][    C1]  schedule_timeout+0x123/0x290
[  964.106844][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  964.106864][    C1]  ? __pfx_process_timeout+0x10/0x10
[  964.106891][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  964.106913][    C1]  ? prepare_to_swait_event+0xf5/0x480
[  964.106942][    C1]  rcu_gp_fqs_loop+0x1ea/0xb00
[  964.106962][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  964.106981][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  964.107004][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[  964.107020][    C1]  ? rcu_gp_cleanup+0x7c1/0xd90
[  964.107042][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  964.107067][    C1]  rcu_gp_kthread+0x270/0x380
[  964.107085][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  964.107101][    C1]  ? rcu_is_watching+0x12/0xc0
[  964.107123][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  964.107147][    C1]  ? __kthread_parkme+0x19e/0x250
[  964.107185][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  964.107202][    C1]  kthread+0x3c5/0x780
[  964.107221][    C1]  ? __pfx_kthread+0x10/0x10
[  964.107240][    C1]  ? rcu_is_watching+0x12/0xc0
[  964.107261][    C1]  ? __pfx_kthread+0x10/0x10
[  964.107279][    C1]  ret_from_fork+0x5d7/0x6f0
[  964.107303][    C1]  ? __pfx_kthread+0x10/0x10
[  964.107322][    C1]  ret_from_fork_asm+0x1a/0x30
[  964.107352][    C1]  </TASK>
[  964.107358][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  964.107370][    C1] CPU: 1 UID: 0 PID: 5831 Comm: syz-executor Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  964.107391][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  964.107401][    C1] RIP: 0010:its_return_thunk+0x0/0x10
[  964.107419][    C1] Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc <c3> cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 e9 5b dc a0 f5 cc
[  964.107435][    C1] RSP: 0018:ffffc90002ec7748 EFLAGS: 00000293
[  964.107449][    C1] RAX: 0000000000000000 RBX: ffff8880b84421e0 RCX: ffffffff81afd92d
[  964.107460][    C1] RDX: ffff888037a70000 RSI: 0000000000000000 RDI: 0000000000000005
[  964.107470][    C1] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000
[  964.107481][    C1] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000
[  964.107491][    C1] R13: 0000000000000003 R14: ffffed101708843d R15: ffff8880b853b580
[  964.107507][    C1] FS:  0000555587b66500(0000) GS:ffff888124815000(0000) knlGS:0000000000000000
[  964.107525][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  964.107537][    C1] CR2: 000000110c3e153f CR3: 000000005bb5f000 CR4: 00000000003526f0
[  964.107549][    C1] Call Trace:
[  964.107555][    C1]  <TASK>
[  964.107561][    C1]  smp_call_function_many_cond+0xd9d/0x1510
[  964.107584][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  964.107613][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  964.107636][    C1]  ? ldt_dup_context+0x1a2/0x300
[  964.107659][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  964.107681][    C1]  on_each_cpu_cond_mask+0x40/0x90
[  964.107704][    C1]  flush_tlb_mm_range+0x4a0/0x1790
[  964.107726][    C1]  ? find_held_lock+0x2b/0x80
[  964.107748][    C1]  ? dup_mmap+0xf88/0x21d0
[  964.107767][    C1]  ? __pfx_flush_tlb_mm_range+0x10/0x10
[  964.107789][    C1]  ? up_write+0x1b2/0x520
[  964.107810][    C1]  dup_mmap+0xfa2/0x21d0
[  964.107836][    C1]  ? __pfx_dup_mmap+0x10/0x10
[  964.107870][    C1]  copy_process+0x4081/0x7650
[  964.107893][    C1]  ? do_wp_page+0x1aa7/0x4f20
[  964.107918][    C1]  ? __pfx_copy_process+0x10/0x10
[  964.107953][    C1]  kernel_clone+0xfc/0x960
[  964.107977][    C1]  ? __pfx_kernel_clone+0x10/0x10
[  964.108008][    C1]  ? css_rstat_updated+0x9d/0xd30
[  964.108033][    C1]  __do_sys_clone+0xce/0x120
[  964.108055][    C1]  ? __pfx___do_sys_clone+0x10/0x10
[  964.108077][    C1]  ? handle_mm_fault+0x2ab/0xd10
[  964.108107][    C1]  ? do_user_addr_fault+0x843/0x1370
[  964.108139][    C1]  do_syscall_64+0xcd/0x4c0
[  964.108163][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  964.108180][    C1] RIP: 0033:0x7fe3c6585193
[  964.108194][    C1] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[  964.108210][    C1] RSP: 002b:00007fff7e076038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  964.108227][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe3c6585193
[  964.108238][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  964.108249][    C1] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
[  964.108259][    C1] R10: 0000555587b667d0 R11: 0000000000000246 R12: 0000000000000000
[  964.108270][    C1] R13: 0000555587b79590 R14: 00000000000d63fd R15: 00007fff7e0761d0
[  964.108294][    C1]  </TASK>
[ 1096.540438][    C1] watchdog: BUG: soft lockup - CPU#1 stuck for 234s! [syz-executor:5831]
[ 1096.540459][    C1] Modules linked in:
[ 1096.540469][    C1] irq event stamp: 4249690
[ 1096.540475][    C1] hardirqs last  enabled at (4249689): [<ffffffff8b88382b>] irqentry_exit+0x3b/0x90
[ 1096.540505][    C1] hardirqs last disabled at (4249690): [<ffffffff8b88224e>] sysvec_apic_timer_interrupt+0xe/0xc0
[ 1096.540529][    C1] softirqs last  enabled at (4249682): [<ffffffff817ceeae>] handle_softirqs+0x5be/0x8e0
[ 1096.540552][    C1] softirqs last disabled at (4249667): [<ffffffff817cf369>] __irq_exit_rcu+0x109/0x170
[ 1096.540577][    C1] CPU: 1 UID: 0 PID: 5831 Comm: syz-executor Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[ 1096.540598][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1096.540608][    C1] RIP: 0010:smp_call_function_many_cond+0xd7b/0x1510
[ 1096.540630][    C1] Code: e8 6a 19 0c 00 45 85 ed 74 46 48 8b 14 24 49 89 d6 49 89 d5 49 c1 ee 03 41 83 e5 07 4d 01 e6 41 83 c5 03 e8 07 1e 0c 00 f3 90 <41> 0f b6 06 41 38 c5 7c 08 84 c0 0f 85 6f 05 00 00 8b 43 08 31 ff
[ 1096.540645][    C1] RSP: 0018:ffffc90002ec7750 EFLAGS: 00000293
[ 1096.540658][    C1] RAX: 0000000000000000 RBX: ffff8880b84421e0 RCX: ffffffff81afd92d
[ 1096.540668][    C1] RDX: ffff888037a70000 RSI: ffffffff81afd909 RDI: 0000000000000005
[ 1096.540679][    C1] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000
[ 1096.540688][    C1] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000
[ 1096.540698][    C1] R13: 0000000000000003 R14: ffffed101708843d R15: ffff8880b853b580
[ 1096.540709][    C1] FS:  0000555587b66500(0000) GS:ffff888124815000(0000) knlGS:0000000000000000
[ 1096.540726][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1096.540737][    C1] CR2: 000000110c3e153f CR3: 000000005bb5f000 CR4: 00000000003526f0
[ 1096.540747][    C1] Call Trace:
[ 1096.540755][    C1]  <TASK>
[ 1096.540763][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[ 1096.540792][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1096.540814][    C1]  ? ldt_dup_context+0x1a2/0x300
[ 1096.540837][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[ 1096.540858][    C1]  on_each_cpu_cond_mask+0x40/0x90
[ 1096.540879][    C1]  flush_tlb_mm_range+0x4a0/0x1790
[ 1096.540901][    C1]  ? find_held_lock+0x2b/0x80
[ 1096.540922][    C1]  ? dup_mmap+0xf88/0x21d0
[ 1096.540942][    C1]  ? __pfx_flush_tlb_mm_range+0x10/0x10
[ 1096.540963][    C1]  ? up_write+0x1b2/0x520
[ 1096.540983][    C1]  dup_mmap+0xfa2/0x21d0
[ 1096.541009][    C1]  ? __pfx_dup_mmap+0x10/0x10
[ 1096.541065][    C1]  copy_process+0x4081/0x7650
[ 1096.541087][    C1]  ? do_wp_page+0x1aa7/0x4f20
[ 1096.541111][    C1]  ? __pfx_copy_process+0x10/0x10
[ 1096.541145][    C1]  kernel_clone+0xfc/0x960
[ 1096.541168][    C1]  ? __pfx_kernel_clone+0x10/0x10
[ 1096.541200][    C1]  ? css_rstat_updated+0x9d/0xd30
[ 1096.541226][    C1]  __do_sys_clone+0xce/0x120
[ 1096.541247][    C1]  ? __pfx___do_sys_clone+0x10/0x10
[ 1096.541270][    C1]  ? handle_mm_fault+0x2ab/0xd10
[ 1096.541299][    C1]  ? do_user_addr_fault+0x843/0x1370
[ 1096.541329][    C1]  do_syscall_64+0xcd/0x4c0
[ 1096.541354][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1096.541371][    C1] RIP: 0033:0x7fe3c6585193
[ 1096.541385][    C1] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[ 1096.541400][    C1] RSP: 002b:00007fff7e076038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1096.541415][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe3c6585193
[ 1096.541426][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1096.541436][    C1] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
[ 1096.541445][    C1] R10: 0000555587b667d0 R11: 0000000000000246 R12: 0000000000000000
[ 1096.541456][    C1] R13: 0000555587b79590 R14: 00000000000d63fd R15: 00007fff7e0761d0
[ 1096.541479][    C1]  </TASK>
[ 1096.541485][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1096.541509][    C0] NMI backtrace for cpu 0
[ 1096.541518][    C0] CPU: 0 UID: 0 PID: 16189 Comm: syz.0.2975 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[ 1096.541535][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1096.541542][    C0] RIP: 0010:kasan_check_range+0x32/0x1b0
[ 1096.541556][    C0] Code: 84 64 01 00 00 48 89 f8 41 54 44 0f b6 c2 48 01 f0 55 53 0f 82 d7 00 00 00 eb 0f cc cc cc 48 b8 00 00 00 00 00 00 00 ff eb 0a <48> b8 00 00 00 00 00 80 ff ff 48 39 c7 0f 82 b3 00 00 00 4c 8d 54
[ 1096.541568][    C0] RSP: 0018:ffffc90000007d88 EFLAGS: 00000086
[ 1096.541579][    C0] RAX: ffff8880b8427c84 RBX: ffff8880b8427c80 RCX: ffffffff8198d8ad
[ 1096.541588][    C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffff8880b8427c80
[ 1096.541596][    C0] RBP: 1ffff92000000fb6 R08: 0000000000000001 R09: 0000000000000001
[ 1096.541604][    C0] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880b8427c88
[ 1096.541613][    C0] R13: ffff8880b8427c90 R14: ffff888023f9a340 R15: 0000000000000001
[ 1096.541621][    C0] FS:  00007f67f12546c0(0000) GS:ffff888124715000(0000) knlGS:0000000000000000
[ 1096.541636][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1096.541644][    C0] CR2: 000000110c2a06d7 CR3: 00000000741c6000 CR4: 00000000003526f0
[ 1096.541653][    C0] Call Trace:
[ 1096.541657][    C0]  <IRQ>
[ 1096.541663][    C0]  do_raw_spin_lock+0x11d/0x2b0
[ 1096.541678][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1096.541696][    C0]  __hrtimer_run_queues+0x2bc/0xad0
[ 1096.541714][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1096.541728][    C0]  ? read_tsc+0x9/0x20
[ 1096.541745][    C0]  hrtimer_interrupt+0x397/0x8e0
[ 1096.541766][    C0]  __sysvec_apic_timer_interrupt+0x10b/0x3f0
[ 1096.541784][    C0]  sysvec_apic_timer_interrupt+0x9f/0xc0
[ 1096.541801][    C0]  </IRQ>
[ 1096.541805][    C0]  <TASK>
[ 1096.541810][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1096.541824][    C0] RIP: 0010:console_flush_all+0x9a2/0xc60
[ 1096.541841][    C0] Code: 00 e8 32 63 28 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 e0 8d 20 00 48 85 db 0f 85 55 01 00 00 e8 62 92 20 00 fb 4c 89 e0 <48> c1 e8 03 42 80 3c 38 00 0f 84 11 ff ff ff 4c 89 e7 e8 17 6e 87
[ 1096.541852][    C0] RSP: 0018:ffffc90003c6ec28 EFLAGS: 00000283
[ 1096.541862][    C0] RAX: ffffffff8f2ec358 RBX: 0000000000000000 RCX: ffffc90004d32000
[ 1096.541870][    C0] RDX: 0000000000080000 RSI: ffffffff819b64ae RDI: 0000000000000007
[ 1096.541879][    C0] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[ 1096.541887][    C0] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff8f2ec358
[ 1096.541895][    C0] R13: ffffffff8f2ec300 R14: ffffc90003c6ecb8 R15: dffffc0000000000
[ 1096.541908][    C0]  ? console_flush_all+0x99e/0xc60
[ 1096.541925][    C0]  ? console_flush_all+0x99e/0xc60
[ 1096.541943][    C0]  ? __pfx_console_flush_all+0x10/0x10
[ 1096.541961][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[ 1096.541979][    C0]  console_unlock+0xd8/0x210
[ 1096.541994][    C0]  ? __pfx_console_unlock+0x10/0x10
[ 1096.542010][    C0]  ? _printk+0xc7/0x100
[ 1096.542022][    C0]  ? __down_trylock_console_sem+0xb0/0x140
[ 1096.542036][    C0]  vprintk_emit+0x418/0x6d0
[ 1096.542053][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[ 1096.542069][    C0]  ? find_held_lock+0x2b/0x80
[ 1096.542087][    C0]  _printk+0xc7/0x100
[ 1096.542099][    C0]  ? __pfx__printk+0x10/0x10
[ 1096.542113][    C0]  ? __pfx____ratelimit+0x10/0x10
[ 1096.542132][    C0]  __nla_validate_parse+0x751/0x2880
[ 1096.542156][    C0]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1096.542174][    C0]  ? kasan_save_stack+0x42/0x60
[ 1096.542189][    C0]  ? kasan_save_stack+0x33/0x60
[ 1096.542204][    C0]  ? kasan_save_track+0x14/0x30
[ 1096.542219][    C0]  ? __kasan_kmalloc+0xaa/0xb0
[ 1096.542233][    C0]  ? ctnetlink_alloc_filter+0x9f/0xaf0
[ 1096.542247][    C0]  ? ctnetlink_start+0xd4/0x200
[ 1096.542258][    C0]  ? __netlink_dump_start+0x60e/0x990
[ 1096.542277][    C0]  ? ctnetlink_get_conntrack+0x608/0x7d0
[ 1096.542291][    C0]  ? nfnetlink_rcv_msg+0x9f9/0x1200
[ 1096.542305][    C0]  ? netlink_rcv_skb+0x155/0x420
[ 1096.542317][    C0]  ? nfnetlink_rcv+0x1b3/0x430
[ 1096.542330][    C0]  ? netlink_unicast+0x58d/0x850
[ 1096.542343][    C0]  __nla_parse+0x40/0x60
[ 1096.542356][    C0]  ctnetlink_parse_tuple_filter+0x31f/0xa30
[ 1096.542370][    C0]  ? __nla_validate_parse+0x600/0x2880
[ 1096.542390][    C0]  ? __pfx_ctnetlink_parse_tuple_filter+0x10/0x10
[ 1096.542412][    C0]  ? ctnetlink_alloc_filter+0x777/0xaf0
[ 1096.542424][    C0]  ? ctnetlink_alloc_filter+0x585/0xaf0
[ 1096.542436][    C0]  ctnetlink_alloc_filter+0x777/0xaf0
[ 1096.542449][    C0]  ? netlink_lookup+0x24e/0x520
[ 1096.542467][    C0]  ? __pfx_ctnetlink_alloc_filter+0x10/0x10
[ 1096.542482][    C0]  ? __pfx_netlink_lookup+0x10/0x10
[ 1096.542502][    C0]  ctnetlink_start+0xd4/0x200
[ 1096.542516][    C0]  __netlink_dump_start+0x60e/0x990
[ 1096.542536][    C0]  ctnetlink_get_conntrack+0x608/0x7d0
[ 1096.542551][    C0]  ? __pfx_ctnetlink_get_conntrack+0x10/0x10
[ 1096.542566][    C0]  ? __pfx_ctnetlink_start+0x10/0x10
[ 1096.542578][    C0]  ? __pfx_ctnetlink_dump_table+0x10/0x10
[ 1096.542591][    C0]  ? __pfx_ctnetlink_done+0x10/0x10
[ 1096.542613][    C0]  ? find_held_lock+0x2b/0x80
[ 1096.542631][    C0]  nfnetlink_rcv_msg+0x9f9/0x1200
[ 1096.542649][    C0]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1096.542665][    C0]  ? __lock_acquire+0x622/0x1c90
[ 1096.542685][    C0]  ? avc_has_perm_noaudit+0x149/0x3b0
[ 1096.542701][    C0]  netlink_rcv_skb+0x155/0x420
[ 1096.542713][    C0]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1096.542729][    C0]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1096.542746][    C0]  ? ns_capable+0xd7/0x110
[ 1096.542761][    C0]  nfnetlink_rcv+0x1b3/0x430
[ 1096.542781][    C0]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1096.542795][    C0]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1096.542815][    C0]  netlink_unicast+0x58d/0x850
[ 1096.542829][    C0]  ? __pfx_netlink_unicast+0x10/0x10
[ 1096.542844][    C0]  netlink_sendmsg+0x8d1/0xdd0
[ 1096.542859][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1096.542876][    C0]  ____sys_sendmsg+0xa98/0xc70
[ 1096.542890][    C0]  ? copy_msghdr_from_user+0x10a/0x160
[ 1096.542908][    C0]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1096.542922][    C0]  ? try_to_wake_up+0xa2f/0x1680
[ 1096.542941][    C0]  ___sys_sendmsg+0x134/0x1d0
[ 1096.542958][    C0]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1096.542974][    C0]  ? __lock_acquire+0x622/0x1c90
[ 1096.542998][    C0]  __sys_sendmsg+0x16d/0x220
[ 1096.543015][    C0]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1096.543031][    C0]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1096.543056][    C0]  do_syscall_64+0xcd/0x4c0
[ 1096.543074][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1096.543087][    C0] RIP: 0033:0x7f67f038e929
[ 1096.543097][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1096.543109][    C0] RSP: 002b:00007f67f1254038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1096.543121][    C0] RAX: ffffffffffffffda RBX: 00007f67f05b5fa0 RCX: 00007f67f038e929
[ 1096.543130][    C0] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 000000000000000d
[ 1096.543138][    C0] RBP: 00007f67f0410b39 R08: 0000000000000000 R09: 0000000000000000
[ 1096.543146][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1096.543154][    C0] R13: 0000000000000000 R14: 00007f67f05b5fa0 R15: 00007fffe003a3b8
[ 1096.543168][    C0]  </TASK>
[ 1096.543505][    C1] Kernel panic - not syncing: softlockup: hung tasks
[ 1096.543519][    C1] CPU: 1 UID: 0 PID: 5831 Comm: syz-executor Tainted: G             L      6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[ 1096.543543][    C1] Tainted: [L]=SOFTLOCKUP
[ 1096.543550][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1096.543559][    C1] Call Trace:
[ 1096.543566][    C1]  <IRQ>
[ 1096.543573][    C1]  dump_stack_lvl+0x3d/0x1f0
[ 1096.543598][    C1]  panic+0x71c/0x800
[ 1096.543622][    C1]  ? __pfx_panic+0x10/0x10
[ 1096.543645][    C1]  ? __pfx__printk+0x10/0x10
[ 1096.543663][    C1]  ? nmi_backtrace_stall_check+0x6e/0x540
[ 1096.543690][    C1]  ? irq_work_queue+0xce/0x100
[ 1096.543712][    C1]  ? watchdog_timer_fn+0x5f9/0x7d0
[ 1096.543732][    C1]  ? watchdog_timer_fn+0x5ec/0x7d0
[ 1096.543755][    C1]  watchdog_timer_fn+0x60a/0x7d0
[ 1096.543776][    C1]  ? __pfx_watchdog_timer_fn+0x10/0x10
[ 1096.543795][    C1]  __hrtimer_run_queues+0x5ea/0xad0
[ 1096.543820][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1096.543840][    C1]  ? read_tsc+0x9/0x20
[ 1096.543866][    C1]  hrtimer_interrupt+0x397/0x8e0
[ 1096.543896][    C1]  __sysvec_apic_timer_interrupt+0x10b/0x3f0
[ 1096.543914][    C1]  sysvec_apic_timer_interrupt+0x9f/0xc0
[ 1096.543935][    C1]  </IRQ>
[ 1096.543941][    C1]  <TASK>
[ 1096.543949][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1096.543966][    C1] RIP: 0010:smp_call_function_many_cond+0xd7b/0x1510
[ 1096.543988][    C1] Code: e8 6a 19 0c 00 45 85 ed 74 46 48 8b 14 24 49 89 d6 49 89 d5 49 c1 ee 03 41 83 e5 07 4d 01 e6 41 83 c5 03 e8 07 1e 0c 00 f3 90 <41> 0f b6 06 41 38 c5 7c 08 84 c0 0f 85 6f 05 00 00 8b 43 08 31 ff
[ 1096.544002][    C1] RSP: 0018:ffffc90002ec7750 EFLAGS: 00000293
[ 1096.544016][    C1] RAX: 0000000000000000 RBX: ffff8880b84421e0 RCX: ffffffff81afd92d
[ 1096.544032][    C1] RDX: ffff888037a70000 RSI: ffffffff81afd909 RDI: 0000000000000005
[ 1096.544043][    C1] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000
[ 1096.544053][    C1] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000
[ 1096.544064][    C1] R13: 0000000000000003 R14: ffffed101708843d R15: ffff8880b853b580
[ 1096.544082][    C1]  ? smp_call_function_many_cond+0xd9d/0x1510
[ 1096.544102][    C1]  ? smp_call_function_many_cond+0xd79/0x1510
[ 1096.544128][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[ 1096.544156][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1096.544178][    C1]  ? ldt_dup_context+0x1a2/0x300
[ 1096.544201][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[ 1096.544222][    C1]  on_each_cpu_cond_mask+0x40/0x90
[ 1096.544244][    C1]  flush_tlb_mm_range+0x4a0/0x1790
[ 1096.544266][    C1]  ? find_held_lock+0x2b/0x80
[ 1096.544286][    C1]  ? dup_mmap+0xf88/0x21d0
[ 1096.544306][    C1]  ? __pfx_flush_tlb_mm_range+0x10/0x10
[ 1096.544327][    C1]  ? up_write+0x1b2/0x520
[ 1096.544348][    C1]  dup_mmap+0xfa2/0x21d0
[ 1096.544374][    C1]  ? __pfx_dup_mmap+0x10/0x10
[ 1096.544407][    C1]  copy_process+0x4081/0x7650
[ 1096.544429][    C1]  ? do_wp_page+0x1aa7/0x4f20
[ 1096.544453][    C1]  ? __pfx_copy_process+0x10/0x10
[ 1096.544487][    C1]  kernel_clone+0xfc/0x960
[ 1096.544512][    C1]  ? __pfx_kernel_clone+0x10/0x10
[ 1096.544543][    C1]  ? css_rstat_updated+0x9d/0xd30
[ 1096.544568][    C1]  __do_sys_clone+0xce/0x120
[ 1096.544590][    C1]  ? __pfx___do_sys_clone+0x10/0x10
[ 1096.544612][    C1]  ? handle_mm_fault+0x2ab/0xd10
[ 1096.544641][    C1]  ? do_user_addr_fault+0x843/0x1370
[ 1096.544671][    C1]  do_syscall_64+0xcd/0x4c0
[ 1096.544695][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1096.544712][    C1] RIP: 0033:0x7fe3c6585193
[ 1096.544725][    C1] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[ 1096.544739][    C1] RSP: 002b:00007fff7e076038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1096.544755][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe3c6585193
[ 1096.544765][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1096.544775][    C1] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
[ 1096.544785][    C1] R10: 0000555587b667d0 R11: 0000000000000246 R12: 0000000000000000
[ 1096.544796][    C1] R13: 0000555587b79590 R14: 00000000000d63fd R15: 00007fff7e0761d0
[ 1096.544819][    C1]  </TASK>
[ 1097.637700][    C1] Shutting down cpus with NMI
[ 1097.637912][    C1] Kernel Offset: disabled