last executing test programs:

17m6.996154416s ago: executing program 1 (id=251):
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000640)=[{0x6, 0x0, 0x0, 0xea}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000280)="ea6d177f4bca9fdd116cfe98efd4953a9819c23df89e1915ca87034640e03a455bc243e90b1abb18f2907a0741170177e74f7c883ffacb823f2db3515b8e6aa8a863eae7ac1773e9dd0213bd2742121b65b50995549076c9053cda2e6e3ddbb32ccf7e412a918d9678f0c14dceff81869199bbb78b0924f83081c310971a9f7022b66741f1d374e0288348a3669c277bc4da04fe3b113afe9ca8e5d085795d3b78d4cb78f48d37b113e200bcd56a2f892326882a27f6ecf8a3ab9db8f1d61f4131cbb288ce3e8c8aaefd62", 0xcb}], 0x1}}], 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
sendto$inet(r0, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)

17m6.857759489s ago: executing program 1 (id=255):
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x49, 0x0, &(0x7f0000000000)=0x3d)

17m5.227585075s ago: executing program 1 (id=260):
r0 = io_uring_setup(0x61d8, &(0x7f0000000a40)={0x0, 0x5, 0x800, 0xfffffffe, 0x40003be})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180))
io_getevents(0x0, 0xfffe, 0x0, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

17m3.536993096s ago: executing program 1 (id=265):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1)
ioctl$TCGETS2(r0, 0x802c542a, &(0x7f00000000c0))

17m2.372142527s ago: executing program 1 (id=270):
close(0xffffffffffffffff)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x20, r0, 0x0, 0x0)

17m1.062762295s ago: executing program 1 (id=277):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48050}, 0x40004)

16m45.983496529s ago: executing program 32 (id=277):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48050}, 0x40004)

10m58.757547353s ago: executing program 3 (id=1244):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b000000000000000400000000000000000000002e522bf3c804603be88aa67ec32b0f4f0f050200ac779384a129a91046d1873cb993c619ae15fb4c98ff283ce0000df968b140b9", @ANYRES32=0x0, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r8 = memfd_secret(0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x16}, 0x48)
r10 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r9, r8, 0x2e, 0x4608, @void}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000080)=r10, 0x4)
close_range(r7, 0xffffffffffffffff, 0x0)
splice(r5, 0x0, r6, 0x0, 0xf3c, 0x8)
tee(0xffffffffffffffff, r6, 0x8f5, 0x100000000000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xd, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000b7020000180000007b2af8ff00000000b509000000000000c38af8ff50000000bf86000000000000070805000000ffffbfa400000000000007040000f0ffffffc70200000800000018220000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0}, 0x94)

10m57.567273774s ago: executing program 3 (id=1248):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={[], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
socket(0x1e, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
chdir(&(0x7f00000003c0)='./bus\x00')
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000001fc0)=""/184, 0x20002078)

10m53.132835129s ago: executing program 3 (id=1249):
syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
r0 = socket$inet(0xa, 0x801, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
listen(r0, 0xfffffffd)
syz_emit_ethernet(0x1fe, &(0x7f0000000300)=ANY=[@ANYBLOB], &(0x7f0000000040)={0x0, 0x2, [0x13c, 0xf3c, 0xeb0, 0x4cf]})
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vxcan0\x00'})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000580)={0x1ff, 0x0, 0x0, 0x1000, &(0x7f0000456000/0x1000)=nil})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"])
add_key(&(0x7f0000000140)='asymmetric\x00', 0x0, &(0x7f00000001c0)="df", 0x1, 0xfffffffffffffffb)

10m50.233679453s ago: executing program 3 (id=1258):
r0 = syz_usb_connect(0x4, 0x24, &(0x7f0000000400)=ANY=[@ANYRES64], 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
close(0xffffffffffffffff)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3d, 0x3d, 0x3, [@func={0xa, 0x0, 0x0, 0xc, 0x5}, @datasec={0x4, 0x3, 0x0, 0xf, 0x1, [{0x5, 0xffff4e55, 0x6}, {0x4, 0x5, 0xfffffff9}, {0x2, 0x4197, 0x3}], '\f'}]}, {0x0, [0x1]}}, &(0x7f0000000180)=""/12, 0x5b, 0xc, 0x0, 0x8001}, 0x28)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x637a, 0x0, &(0x7f00000003c0), 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r5, &(0x7f00000001c0), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r5, 0x84, 0xb, &(0x7f00000000c0)={0x0, 0x4, 0xfe, 0xfe, 0x4, 0x0, 0x5, 0x7, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8}, 0xe)
shutdown(r5, 0x1)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000098000000060a010400000000000000000100000008000b400000000070000480340001800b000100657874686472000025000280080001400000000c080003400000000008000440000000220500020007000000380001800c0001006269747769736500280002800800034000000002080001400000001408000240000000120400058008000640000000010900010073797a3000000000140000"], 0x10c}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000480)={'wlan0\x00'})
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x28, 0x33, 0x107, 0x0, 0x25dfdbfb, {0x1, 0x7c}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@typed={0x4, 0x18, 0x0, 0x0, @binary}]}]}, 0x28}}, 0x4010)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r8, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000440)={0x3c, r9, 0x1, 0x70bd2c, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x20, 0x11d, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc2}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}]}]}, 0x3c}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)

10m40.682256542s ago: executing program 3 (id=1279):
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
r0 = syz_open_dev$dri(&(0x7f0000000d40), 0x0, 0x101200)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r0, 0xc01064ac, &(0x7f00000011c0)={0x0, 0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002300)=@newtaction={0x10c4, 0x30, 0x1}, 0x10c4}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x9a0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r5, r5)
ptrace(0x10, r5)
ptrace$cont(0x20, r5, 0x1000000ffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0)
fanotify_init(0x200, 0x0)

10m38.324518548s ago: executing program 3 (id=1282):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1541, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
writev(r0, &(0x7f0000000700)=[{&(0x7f0000000740)="89e7ee2c78dad9b4b473fec96558", 0xe}, {&(0x7f0000000600)="c4090bcb2d86a89c", 0x8}], 0x2)

10m23.163092304s ago: executing program 33 (id=1282):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1541, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
writev(r0, &(0x7f0000000700)=[{&(0x7f0000000740)="89e7ee2c78dad9b4b473fec96558", 0xe}, {&(0x7f0000000600)="c4090bcb2d86a89c", 0x8}], 0x2)

9m15.320700381s ago: executing program 6 (id=1426):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
preadv2(r3, 0x0, 0x0, 0x6, 0x10000, 0x3)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, r4, 0x303, 0x0, 0x25dfdbfd, {0x3d}}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x17, 0x0, 0x1300)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)

9m14.285439982s ago: executing program 6 (id=1428):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000005c0)={'#! ', './file1/../file0', [{0x20, 'cgroup.stat\x00'}]}, 0x21)
write$UHID_INPUT(r1, 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000480)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x8, 0x10000000000, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc5e3e06e00d96072081000000000000002000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a03c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x6, 0x200000000]}})

9m12.478452926s ago: executing program 6 (id=1432):
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000000480))
connect$unix(r1, &(0x7f0000000400)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000002c0)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
open(0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff})
sendfile(r5, r4, 0x0, 0x2)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)

9m10.691393433s ago: executing program 6 (id=1434):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) (async)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) (async)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffdbe}]}) (async)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fspick(r0, &(0x7f0000000000)='.\x00', 0x0) (async)
chdir(&(0x7f0000000080)='./file1\x00') (async)
r1 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, 0x0) (async)
truncate(&(0x7f00000000c0)='./file0\x00', 0xb77) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
setpgid(0x0, r1)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901) (async)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000b80), 0x181283, 0x0)
vmsplice(r3, 0x0, 0x0, 0x2) (async)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x10)
utimes(&(0x7f0000000000)='./file0\x00', 0x0) (async)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) (async)
syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)

9m9.715894641s ago: executing program 6 (id=1437):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x2)
r2 = socket$rds(0x15, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x89fb, &(0x7f0000000040)={'bond0\x00', 0x0})
openat$mixer(0xffffffffffffff9c, &(0x7f0000000080), 0x101403, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=ANY=[@ANYBLOB="120000000b000000080000000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000001000"/21], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r4}, &(0x7f0000000180), &(0x7f0000000280)=r3}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002000)=""/102400, 0x19000)
socket$nl_route(0x10, 0x3, 0x0)
getcwd(0x0, 0xfffffffffffffe7d)

9m7.479958892s ago: executing program 6 (id=1445):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f00000000c0)={0x2, 0xf0}, 0x2)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0}, 0x18)
symlink(0x0, &(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@lowerdir={'lowerdir', 0x3d, './file1/file0'}}]})
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x154}, 0x1, 0x0, 0x0, 0x41}, 0x0)
pipe2$9p(0x0, 0x80000)
creat(&(0x7f0000000000)='./file0\x00', 0x135)
ioctl$BTRFS_IOC_BALANCE(0xffffffffffffffff, 0x5000940c, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x94, &(0x7f0000000700)=ANY=[@ANYBLOB, @ANYRESHEX])
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r4, 0x4b72, &(0x7f0000000040)={0x0, 0xfffffffc, 0x8, 0xd, 0x200, 0x0})
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f00000001c0)=""/239)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f0000000940)=0x200000000)
write$vhost_msg_v2(0xffffffffffffffff, &(0x7f0000001f00)={0x2, 0x0, {&(0x7f0000000440)=""/110, 0x8a983a38b59710a7, 0x0, 0x3, 0x2}}, 0x48)

9m6.230011954s ago: executing program 34 (id=1445):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f00000000c0)={0x2, 0xf0}, 0x2)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0}, 0x18)
symlink(0x0, &(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@lowerdir={'lowerdir', 0x3d, './file1/file0'}}]})
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x154}, 0x1, 0x0, 0x0, 0x41}, 0x0)
pipe2$9p(0x0, 0x80000)
creat(&(0x7f0000000000)='./file0\x00', 0x135)
ioctl$BTRFS_IOC_BALANCE(0xffffffffffffffff, 0x5000940c, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x94, &(0x7f0000000700)=ANY=[@ANYBLOB, @ANYRESHEX])
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r4, 0x4b72, &(0x7f0000000040)={0x0, 0xfffffffc, 0x8, 0xd, 0x200, 0x0})
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f00000001c0)=""/239)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f0000000940)=0x200000000)
write$vhost_msg_v2(0xffffffffffffffff, &(0x7f0000001f00)={0x2, 0x0, {&(0x7f0000000440)=""/110, 0x8a983a38b59710a7, 0x0, 0x3, 0x2}}, 0x48)

1m4.875998233s ago: executing program 7 (id=2562):
openat$sndseq(0xffffffffffffff9c, 0x0, 0x20605)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r6 = dup(r5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200001f, 0x38011, r6, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000002680)=[0x0], 0x4000024b})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet_int(r6, 0x0, 0x3, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r7, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r8, 0x0, 0x0, 0x0, <r9=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r7, 0x3b85, &(0x7f0000000180)={0x28, 0x2, r8, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x100000000})
ioctl$IOMMU_HWPT_ALLOC$NONE(r7, 0x3b89, &(0x7f0000000000)={0x28, 0x2, r9, r8, 0x0, 0x0, 0x0, 0x0, 0x0})

1m3.246871277s ago: executing program 7 (id=2567):
r0 = syz_usb_connect(0x4, 0x24, &(0x7f0000000400)=ANY=[@ANYRES64], 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
close(0xffffffffffffffff)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3d, 0x3d, 0x3, [@func={0xa, 0x0, 0x0, 0xc, 0x5}, @datasec={0x4, 0x3, 0x0, 0xf, 0x1, [{0x5, 0xffff4e55, 0x6}, {0x4, 0x5, 0xfffffff9}, {0x2, 0x4197, 0x3}], '\f'}]}, {0x0, [0x1]}}, &(0x7f0000000180)=""/12, 0x5b, 0xc, 0x0, 0x8001}, 0x28)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x637a, 0x0, &(0x7f00000003c0), 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r5, &(0x7f00000001c0), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r5, 0x84, 0xb, &(0x7f00000000c0)={0x0, 0x4, 0xfe, 0xfe, 0x4, 0x0, 0x5, 0x7, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8}, 0xe)
shutdown(r5, 0x1)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB], 0x10c}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000480)={'wlan0\x00'})
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x28, 0x33, 0x107, 0x0, 0x25dfdbfb, {0x1, 0x7c}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@typed={0x4, 0x18, 0x0, 0x0, @binary}]}]}, 0x28}}, 0x4010)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r8, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000440)={0x3c, r9, 0x1, 0x70bd2c, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x20, 0x11d, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc2}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}]}]}, 0x3c}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)

59.35852197s ago: executing program 7 (id=2575):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000400000000000008000000180001801400020073797a5f74756e0000000000000000001c0002800400010014000380"], 0x48}, 0x1, 0x0, 0x0, 0x20004084}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xa, 0xcd, &(0x7f00000000c0)="44936d850e5ec6234697", &(0x7f0000000100)=""/205, 0xffff, 0x0, 0xee, 0xf5, &(0x7f0000000380)="171218b113b467515e7493cc9f5821546391b96bb9e18014385705bee6f410c237dc8e2aff6f1c92dbf5d505c4ef85f486c3d769666c72b79b8743ff675e76f844e95b66a8479d0ce7bfdcfafdbfbed6145767cecca2d90853d9bd82c0169e5cf3d1754dcb26a6ec7b4ef11bf56907fb98c9f5c44cd828574ceb01b9f17c185aaf6067a43c8406ff07e81c0313698599c566a630318a56580c6e70de92f62e2ba097947878c72d546eb215402a137bdcb4af6d1aeb36dfb60916341d58d44bdbb81a324b5b01c35ca304dd4a681026bd8134e9632789a32a80df3c6def167d8dd4f3eea1f25b363f6678d1a86d3a", &(0x7f0000000480)="830429964fc2069238cc69ae4728bea8f5a1c3c12df183152b745b3a8e3763e1d9ed3acf6b9d507c823dbf0a3d25aa32626446bc451bc5f0b01f86fc8b56b7182119278098611df4d893cbaf0ad67ad137f9afa9cde0105fcbf155fcace8e3e0930a6af8349e996917bb4ad43a7cfcb912925897cda9c30f774cc29c81303cfdcab02f6ee5d3393b64d97f3d2f17c25724a984fd23d0a3117553eee1bee42efb9de2e33ecef0f68f9b187efa484e2bcae2e2cb6e50f2667dd9d8d652817c40c76eebc4c51da6bae24c6eb3ffcb2a3074ecd70152cf038acfe0074837f58218ff54cae9056c78daa85d1d44ccdb1fd0aab31a333323", 0x2}, 0x50)
setsockopt$WPAN_WANTLQI(r1, 0x0, 0x3, &(0x7f0000000000)=0x1, 0x4)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x1, 0x0, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x0, 0x3, {@ip4=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
write(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)
r8 = accept(r0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r8)

56.484067242s ago: executing program 7 (id=2578):
socket$netlink(0x10, 0x3, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x8b}, 0x0)
getrlimit(0xe, &(0x7f00000000c0))
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x33}, 0x9c)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x29, 0x111500)
ioctl$USBDEVFS_CLAIMINTERFACE(r4, 0x8004550f, &(0x7f0000000140)=0x5)
syz_open_dev$dri(0x0, 0x1ff, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r5, 0x4b3a, 0x1)

53.965228967s ago: executing program 7 (id=2584):
r0 = syz_usb_connect(0x4, 0x24, &(0x7f0000000400)=ANY=[@ANYRES64], 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
close(0xffffffffffffffff)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3d, 0x3d, 0x3, [@func={0xa, 0x0, 0x0, 0xc, 0x5}, @datasec={0x4, 0x3, 0x0, 0xf, 0x1, [{0x5, 0xffff4e55, 0x6}, {0x4, 0x5, 0xfffffff9}, {0x2, 0x4197, 0x3}], '\f'}]}, {0x0, [0x1]}}, &(0x7f0000000180)=""/12, 0x5b, 0xc, 0x0, 0x8001}, 0x28)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x637a, 0x0, &(0x7f00000003c0), 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r5, &(0x7f00000001c0), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r5, 0x84, 0xb, &(0x7f00000000c0)={0x0, 0x4, 0xfe, 0xfe, 0x4, 0x0, 0x5, 0x7, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8}, 0xe)
shutdown(r5, 0x1)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000480)={'wlan0\x00'})
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x28, 0x33, 0x107, 0x0, 0x25dfdbfb, {0x1, 0x7c}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@typed={0x4, 0x18, 0x0, 0x0, @binary}]}]}, 0x28}}, 0x4010)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r8, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000440)={0x3c, r9, 0x1, 0x70bd2c, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x20, 0x11d, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc2}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}]}]}, 0x3c}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)

50.268967748s ago: executing program 7 (id=2590):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000280), 0x24042, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=@ipv6_getaddr={0x34, 0x16, 0x0, 0x70bd2b, 0x25dfdbff, {0xa, 0x1, 0x2, 0xfe}, [@IFA_CACHEINFO={0x14, 0x6, {0x9, 0x80, 0x6, 0x100}}, @IFA_TARGET_NETNSID={0x8, 0xa, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x5)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmmsg$alg(r4, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x20000253)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x18}, 0x1, 0x0, 0x0, 0x40880}, 0x24040800)
openat$tun(0xffffffffffffff9c, 0x0, 0x4080, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102368, 0x18fe0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="0200"], 0x10)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073727a3100000000080041007369770014003300626f6e6430"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)

34.148149262s ago: executing program 35 (id=2590):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000280), 0x24042, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=@ipv6_getaddr={0x34, 0x16, 0x0, 0x70bd2b, 0x25dfdbff, {0xa, 0x1, 0x2, 0xfe}, [@IFA_CACHEINFO={0x14, 0x6, {0x9, 0x80, 0x6, 0x100}}, @IFA_TARGET_NETNSID={0x8, 0xa, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x5)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmmsg$alg(r4, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x20000253)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x18}, 0x1, 0x0, 0x0, 0x40880}, 0x24040800)
openat$tun(0xffffffffffffff9c, 0x0, 0x4080, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102368, 0x18fe0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="0200"], 0x10)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073727a3100000000080041007369770014003300626f6e6430"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)

20.004642444s ago: executing program 5 (id=2654):
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000093c0)={0x2020}, 0x2020)

19.972679355s ago: executing program 5 (id=2656):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000540)=0x9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7e)

19.862846122s ago: executing program 5 (id=2657):
syz_io_uring_setup(0x497, &(0x7f0000000000)={0x0, 0x286f, 0x800, 0x2, 0x3bb}, &(0x7f0000000340)=<r0=>0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r2, &(0x7f0000000000)=[{&(0x7f00000004c0)='4', 0x1}], 0x1)
syz_io_uring_submit(r0, r1, &(0x7f0000000200)=@IORING_OP_SYMLINKAT={0x26, 0x2c, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})

19.628116387s ago: executing program 5 (id=2661):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
chdir(&(0x7f0000000280)='./file0/file0/..\x00')
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
lsetxattr$trusted_overlay_nlink(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f0000000480), 0x0, 0x0, 0x3)

19.500547027s ago: executing program 5 (id=2663):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f00000000c0)='hugetlb.2MB.rsvd.limit_in_bytes\x00', 0x2, 0x0)
write$cgroup_int(r1, &(0x7f0000000100)=0x4f7, 0x12)

18.811471659s ago: executing program 5 (id=2666):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001440))
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)

18.326064549s ago: executing program 36 (id=2666):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001440))
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)

12.557326837s ago: executing program 2 (id=2708):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
sendmsg$NL80211_CMD_SET_BEACON(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000003700)={0x14, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {{}, {@void, @void}}}, 0x14}}, 0x0)
recvmsg$can_raw(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f000001a4c0)=[{&(0x7f00000192c0)=""/158, 0x9e}], 0x1}, 0x2)

11.702949173s ago: executing program 2 (id=2713):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, 0x0, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})

10.59988884s ago: executing program 2 (id=2723):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb34902, 0x1000006, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
pipe(&(0x7f0000000000))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

3.496144861s ago: executing program 0 (id=2774):
socket$inet_udp(0x2, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140), 0x8800, 0x0)
dup(r0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=r1, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f"], 0x6c}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r2, &(0x7f0000000140), 0x4924b68, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

3.246016649s ago: executing program 0 (id=2778):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000280)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x8a, &(0x7f0000001200)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd608a96460054060000000000000000000000000000000000fe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYBLOB="5007000090"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

3.070172327s ago: executing program 0 (id=2782):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x5c}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x100088c2}, 0x80)

2.911395603s ago: executing program 0 (id=2785):
mkdir(&(0x7f0000000040)='./file1\x00', 0x1c7)
mount$fuse(0x0, 0x0, 0x0, 0x1930bd, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
statfs(&(0x7f0000001140)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000680)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, 0x0)

2.771399545s ago: executing program 9 (id=2787):
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000080)=0x80000003)
r1 = dup2(r0, r0)
syz_fuse_handle_req(r1, &(0x7f0000000280)="0d1c409c14b8ddbbe2423ac75d732f3d0e9cd37b375b9673cb39c6b35cbb85c4ba83de9d23bbcdd53a9f0d7c92b66f6d872096b32f4bdac32a6136c86365cfd42c3b0a25fac76123b6d700d3ba70cc138bc435d3b1fcee2545c3a421119087bddbbfd0418488219343819cf0a6780d54166d2769a719b207136357ff3f505fc1d6144239ba630b15e7f8aeef7be5cb8c9e738faec0d1ab79d34b994e098323b94d32926bc3b0fd88c13cc781a0fc3da7c4d83fbaf3288fabe01685a3422570fa4cba7e840bd0a01e995c91c5aba51ca15461dc1916bde9e70c66f3aae48475e95aea1f8e6c6f10104d64f767b7f9b7909f5caa5fd61ec7bc7392bfb7fe4f1d1d0528601a87f9248693f31a0f2ea07a0f33e670bad3ba0c648266195c6d9a76cd973a9da6016d1f5e0d49122f64da8933cfcf6a970d11767279a9e8e37a30a007e6ea473e146069e72894fcd378e17d4fa761999c128492a0321c3153edf7b28d0cddd78758f5192a924fbe2e8c594cf35aeffc635b14903d134fc5f7857218f99266c64be16e5f4ad76a8b5f6d39ca2451afcdcb0cf42322a5166becc90621f99f28e42bb2cb610039c45e54cc4bb8e8210e612a3f1ac93366b7bd77410af8b4b3eb03085354c9f8d12cc62da82eff96a006dab656c10e1bf210124b0ed6841158ec70981a399ba7c406f3014bf77553be6197d79dc1d31ac4c598bdbd007578d50f00ce85810e0759e91505549c70005a5f923aba20d8e05d0b764680b9ea259c8fa71f1ee36b71da662b825019c07aade7db363662103887079dea43ca30c32e4f0d9ff043720541633157a3ff1dc055ac1db5b25765b7ef2e338c104db28b6be7fdae54f04075e26ce38ec71d35c029df580ee3ef68e46359031aea121d0776398d1f1e28e9cbdc20cb58adf5dfa01a2819f697bb3189ac0d32eec43c0ef75f5bd4c7926d18daf9a6e9265c961aadbed4fb9627a1f0a6c3dde66fe5530993a7f150e5b361ad0db403a864ef4f5e0f21db55aa22055bdc5b282b057d07efd6abe23f941a62d6f613a1ff8d31da632284e89a3069c6b26ef35e55fc846fb1c28651cc5a879a4994568c4639b9fba8395014c9f4f6152cee1ddf8d582bc496bcbad8e39e0a5a3e713deed021eb9d5b3f8679a8bddc08ca77d7cd101006c5021b65cc7648a646735d9d7f6e54e4fb5bcf1fd9aee4beb700e597011a2fa6c01d22e9b6c7a5afd7def8ab0a3e612d8a5ce571dba2d0696155c3dbfcc851293eebccfac6855a7b024d762e768867f57446ecd6e1d09a31959a6374c50445884dfcc68a62662e5701a25a1da8e0abd0428bb558f9f7e74c250d4af62afad71e0f23268a955c548b41cc83f6810c72c832476383a355abfa449fc05c7afa2ed70849f175e826361882503246e688983f472c418578ae4c893d847c0c7f8ec99352d3024a69134dfccbc6ec3351b321483c57d2d1e77c0c7551cdaf4c14038844b1b05c25541d1d48bf0dfd1ae40c35872a5b37c2958e3a60187531814f3adff870aeb42cf611c3f777b08f7dcacf5c087b19c17dfca413097a603823363c2c55597330de20a73465ccbe5acfad066fcb17c177827cf081c588b73c042150bf1a18aff97518fbc1b4d5d22f29077e186ae9b998b4d6fdbcbc8c3bd57dcc61cc322537743ce480c1dea39adcc6a51da745a60e5272a7181986bcb992895035f0f882cdf79c56a84cd88c9bf0b7dab9c1f453cf4c05e2a33f43f4252fdcf99cf785e639bd9d11c374d4e3107ce128d2a823b6a8631a8fdebdf14a0bfc3f79d44cd54d3e8b9c5a3f41b9a1187e23f5a5eb5fadff92d746ff3befec7189ca19c1987551d0fec321cc306d235f82b3f479f3d7a3c1d2377afe3f22a49c682646e9893d7700061a0229a99d360f89d281dc6bb95b92329cc7277b89a9e6a3edd3c753cbb93e9f1249572bae520fb7c46970f527fd93c445a8159d4992badc395c05313462d37c4f651afbdb04f9f42ad4433c5c765735731ed6d8c97e4ca9fd3a1885de6c051e652a1ea40230e9d854ec2145c78ef5574deac83e78df8932dde1d5c46862c9f808394dc7f064b5649cc7b2627a55683ed33f2712ad2d4f77ec7f2be200e01fca138b3d1f42916a54a66561916bcbd3109f6eacf5096e478442e56e5af61f7c32c681bd35bf94a429a52024a48f6002978594418b66c6eb0fa91dccc4fa83d48927349b8a7cbb70670bd78b8acbbcb554a219cdc6740de4bbfcad2250fc219436ba5db017c172d6e24eaedf29d169b8867fc84eb2e721b31b08604a6fbd8d5edd9bb0152346509619f4a0f41090228b10868f56cd7d7c025cccc8f2b4a7d85ab91862c65d5d578fd5c046928c5c8f999611dea07a1451357b4365b33bac0a2a842b84e2cd4f790dca74cc962000f72d821b093e271e63680c0e9019769f3abed377f51f2e0a373958dfe351a1db29da4b74f9ba1250a8a0b985ed86cd7a2a4ede57ce00dbe77f5c797e6b9896ccb978d3a01047f9ac7d66e820073193b6a3400ff41f2f8a98a44a0d2a608db3000571efdade9a44f278272e7ada101d275c589fed2ee0191801b7a2ea62dec117c9cfd96ccb73de7fa2eb4d60a7ce1170047a5266668da1aa8489c6e4ce564607a485afc6991ba262cd6f155c23fbb47610f555e0be090854ffa0d610ae4baa1dbd1f36249beb0510b8d96132b6396a6261214f3153bfc4f0dcfeb55046bcca5868aa913316a2e802f9bfb51caacfd0045d96b3983b883db123da07fc20d06c973e3dc74c53006c77361cfa9d3b2062da3f9740cc7335ec792d1b2c767e86417433fe047c8d9368c0c51373b5e5158503afa52ab08ef49616499ccb8dc829e343d25fc1fc2ea6c95933295ab397f07703d1d8defebeb44a2a9556bbd5414cf921abfa8df9bc5ea76922d728ef0024f516c9fd7a2927a68ba9a7dcc4f52c3d8b72909b2bde14408e476778a3221644dfa13794e365a9ebb670eaf691b3c2393adc441519c1125b960ff109ccab52294c6584d74b3084cfda3707f7153681c88a1578a77be9224a70ce400f4af3dd72452df147476abf2668c1801fe538be40042717b6c468fe1a33d1d597fb637396b8ebed9f64eee42e645bd8dc0e63fbd3a139bce3157ce7ed6f5f643ee26847908efaf61cd977627647bc0e4f119b924bb185664f1dcf2240b2697c89e8f569332d19ceec176642ebf0bf509bd3b9477272159d45b708510908e74cc5e0304104d5ed6e578b46dffcf64367fe9d274ab8f16f3154f3e83ce6d3ae92a2644ceeb8ec33e07f728319eb69dfa37bb70b40a1001ff0157173e33af633496062b17cfab8b5c06ef2fadfef280da4e1f70fbbac10981a0b35f3ada39733d7d31798e455f0dd1c530939f09df43b5aff342c39052a51d773b22acbc8c1525f3572ef469eefe66d1895a9ca3c637286e3f9acd29e890ffccbb313dd9da50aacce808d06d0b109a16a1c2bf69fc4b85b9b7cc9b9ba9e5d709c65fd0a879032caee38315eb049b12f11c4d485ef426fff3a4f91b4f1ad4c192c4074636787ff966f82c8d4fcad13a7b581718ee7318f6731da2eb1338c95c35f1f2e082bedea7f05b87d891876cfab51ddf2908ebb2bc153c20001ae9c142b35a3de474b732c5f629bd948ac9230067120671d296001cabe19e3d2302c1f32e4fcff1681ab2ef216309c21c6a5afc51ac500687a5140d015ee2bda5f3d8a15826a21a0a9495b36fe958fff32afe270f809f3a8f8cd2d8992a859e5de779bd8aa4dc6979807171282ef34502f1bf34f529cdad15671692f232a9f2dd2107f8198f7a9ea5883cbeb2a060ff1b13fc1a4df315dff940e8f013e8142c640acf51ebb2b2f878dafb6c12747cef3061f2235bccceacce4bf9829df24b9f9e9c5c259aafbe61ff6be827e492e2c03fa1e9f936196ff9acb28081f7ca74109d823c5c96b1e808bc2b8072763954ec5691f7935284e045c6d86c5c68d69b4502a5132b3c1cdc5e000ed1f6aa4bc0a9090a8923004ac05558e08827c71fd2e24f931f880244143a8d092dc8bb2b48317ff49fa0b494b3fea0741fbcac6cf780f93db42f47d23170a70619d06b0462f2fb04dabe2a0c94a1d97ecb159d426df47f0a1e13764e045d97ba75fd0eede9711d112581b4a2e66b10077aa92c98e30d6504f0c08c0c68015c88abbc991d5a799e588d1ee7492d699126627ace339c1bb024a59ccd9d3df0197c8e56219d76698b61ec94927f41ccc7bc80ab6f65380d31d58f796e7e697b28e371ecd9ccf6b58e9cf32daee54c5228268446677f600ca8d091b6a4774749d40d6d4d6a009ae12bae1c530e6961420507a13a2a32c4f0863c790159a26588bed9f50b4ffbfc8649adc8144779653b4226fed5ab93570fb3edcc1be70780f6ddc8d9ef1ff39d22bd20cd8ae0195d02ada60fa0d65e065b7a3950d5a2b77546ad8f1c1018344589085638793d26fb4a5c59c23f1c9b148ddcbc478e1867e109590c44c14f5ad6e8cda21a75358cbfe6f397c711eead2b1c73df1453d184a44e85c2f6ac0c266b0f67b001426cec02efb66085bd1b8bcaf06d6709d545895337fe36e9d26417238f36be5ba51d5cd7cd7cec452780b72bc441052f67496ed8bb4d393db8da52aa3b0ef10a74a33c2b7ee24f76642f83bfc3e686951cbd1983f1ea54d536f6c86e8b20a4eaefb9ca57308abcfd81357e3d0eebeb0ff805c151ea1d0063c3bea7120562886fc4ce284f33d4a85c830d8b9b9b1295c352c3f5db54973a5ed3788e5396a1add7022546f13db95e4ad1a994142aa4f98d644cd822192e3e1875da3b4a6cfd61cca36a82fd4c1f09db84f6b379483e2b81749609750b493e406c8add341d8855ef47d8e8cd49e9d1340be1223d268bed3a2cc949b74cf01160723d26de9b11138fd8e8957354c2a58fa30903b7544d2bdf49249e5ca9f5d030f0c17e7ec605482523d1da3b3ca6c94c8724c20b929954c1c1f321ba7f77e2e954056a2838e57696e40a2fc9f8c2b7e25a41cd500f4fffb196810b3d77f79dfc1f7179fd4e2c63957c65da8325185cdfa37a82d42ebfc631a87ce7ba60ad09132f1eabe7b870c88fa277578e19a6adabd328e6b453dae201ce4327a378174695264ff4411a3815c362480058038b1b70b652e89b0c7743548b897c80c53b16aba4d244753fd8c14c8bcdbe2a2710df7842a8af2bd0a966632655c01bbc2604151b80e349b2f5f63fc8fdfb34c7223803fc0fd1dcf7fb5471c65f59ef9b02c3c0440f7e44fa4759782a46165c64e2ffc246d0438248c461e932806ddc20d3eeb597d74e9cbfba85951c601fd8b903c80f5d8bd5fc5b824cd63d9bc2d38438eb8a8bd1fbbad944b3ca074eb318ae074ef4d7f12076ac1809ca6868be7e5fcbb953ee70bcccb7cf51422e8293faf3e88d4b179b4c7a6ab53638eb05c902715c023f33ba9e121aed0b7b5f0544b5275cf22093e64a7038cda03fc9014002cb52d4568625d321b344e566b50a7e9695c79daab4aa0fc82790cd32708bdc0242686052677eb163cba152231e45d0ad1b8238a7d1230f43612ae8b9525d1f98372774a326e9baa48e69093b215ea503e054729722a71c7e6c58b958f3cec95fdbf1811b7c8a53787e95d266a70d408798e94d9579e813a8e9e3d4bdb4f2682f7aa30b659c722aa07faa911543c57db9fb3abf73ac5b4096cadb4bfa2b25e51b11e754348a2abff384a16194af26590ccd657cf76bae1f1246b67ee0834105f008cf77b1320ecfcb87bfa7d2b2fdec1330f54b6c6cf2280119e39e9a66ccef3df0c4297e1c861a027fa2ea5a1ab530f5b94a98895405c620bb6faecd7e80bfb42d1a4646360e0e8355af548439f8db48d583352ea84385e271b3067bf7b047e69e23c3bd2c3ea74df48b3649985b0ef12a9f3803ccfa52e01381d30a9005f0415a149557b67d0ac7c439ba8b20a9eb293ee4d357cc1d9e1e7f707ad77e58f22d2b26f9a8e726e826b6722c2b910416dcdaf772476e55256fefb1fa5de0139e15c2bf84e267be5d5381bb30607b731c8f305a1b4e1e4bae0b59e61dc77b13d129dfff4fdaf48f95038cc11b14e8266aac4d59fb40346c07a7fee92327e40905e40f8135b0f6e9e31969902e9926a99d7ae30891be917581189ff998ea5310da0cf72faae333ab8ee7cb9f78bb0a8695a841b8d37709e2826594cc8927f5dd98c53ea4c5246b5fc09f756f29b61c21996dcb6c0f1e476674aa9b6f69ccfcf8672b048ee723af55104da1c2f5250e8bbb3bdf2b7edb4878a902032ab4115f516d804d2cde7bce6b0c6dcd1f0d321fe4bb279e4c45294df0fd33956469839c70bcb68c033b597daf3f515354e72fd1ecff87e4b8d1ae52e6ef0fc773a49ca76d0659454b59e9c62fc8e10131e50893c0c0a997fb5766157701ce8e6a6482bd8b0b53a6b4fd4227d8e02c6453114f161017b18e52867282010df15c361a0ed3b17636adce6567ca97d4864dc15fca353490aecd5d26af991a92dcfd3e4dd38b8ed9181dee7e2e20cc2600c3211eecafd0dac537a693573e843259c30789a3d0ef91b78f95ed5da1c9e61716f651284e4eea663aab9c30d28a620745e44fbcf71221a23d332d411d17220c5a43321cbae90ba8104ffb4415d7563a21406d6be1fdc9abfff8998b51628b28b4ed84ded6804726cae5b62281949bb7cd7bec7bb2dfa8d831d4928b274c7452d2e9f8a37c67c98239b121d3acf381a10469d0dee019d38dbba865fdecfa34e39b0dcd4cf7a66e30f87d4f26d4190fdc62d44c850e94121ace3d531de3204ed5f838f5953c98b44a387a0cc95fc5e76facdf3a9f98183d32d887fb7d997a37b4737861bb12ea8e412e1015d3cceff7b448381f3fedd35a535e524f9e6df67e14882d9ec956a81e1972392c8c79cec77fe6d0f88a00710aaab4878187d6c387cf1ade1c61ca3b9bef117ad621c9a971d4f04a2e45314422f9f7606c932ab593db97747d7666948d04aacee1ceb6ae2fb205f32d953d94e5f2c7cb332eefa4bf11c999fb67e287960b64c36fa37de3c81fe53e057abc6f5575cb900a117242340126f721f8ad4c3d744440f2d9e1abf71fb24ca6f5abd392ce1110d4d138cd312373f99eef5a9b55a2a92a73be76860c380e5f2f1c9e5526ab5dc6f91d81d086dcfb70165c69b9bba0670366910ed053d43a61bc8215e95f304d73d38a689f174ac4940f1c7c87a011fbaa364e54887a0f38281509282943c38c77f9dbf385d0f8f62d30b300ae7ce24eb5b855057fc4fc8efcb05c4451fbc4de6f8b545559fb2bd2f8200eaa2822990d4afa0398e4c4d40534ece023306239bd86e2a0b9ae2fbfa640046379c1e2f0471e0005bdbd929119e54808f53fbc9ae318fd128aecaee2e314efcd76085a1da95b1261a321fe8229434dcc57844f15914221116d53faef06466643b996d5802167c0dcabe44979e576b4290aceee7aa771820fe113b85162e45961dea78ba31e0c54faa89ef75263d15580dd144745ab42b5d510f1beb115832df59ce57be19113f97aa21d984448e7fbc92c1291fd84f98e9ddd832336be330528e9df7b88f17f47708dfa401ba49562ef3650155bca61a81348896c151d05651caf865a3c40dbaecde5036233dd42a23f5712c93b2fa1c3ab754445bd258491fcf508ac344eeb38db1a4cb9980b1d97b826d76b0b10f8b8937dd0a9385c66ffffdab1819049c35aaf90b15267f7c58ff236c425414286bc7dfc3bd22abea8aeaeb113592ed41fa566d1426c85c3db9ef04e70b31ea52ae2f9352ae1195035b517f7e36350906773fabaef38fb29348b9797ec90cce08e0afb923fcfe0fe62ed2abd97d39949993048ae10c5be54808986f6c4aa437e413b449f57b0b0fc6f393808631fac191af623b8e90193ef2b0dda64f26b4771ab256bccd61ebf4b7ad099156986d64e77d37039d4a2e5836528a10c8c9d9ca9c640804dbf2db4154384cd8a8c02ce863e102ea944c17a643c120361d631b7f349f920ae6bd06db3e3af1bf902c3204e8632d27bd928701ee206a7d64448f9a81265a17a31878e3c1a2a044fc6f956b557471d1bf7dfe160716028191e851e18439f4e3561aa589528889090a3b673f70aebc1edb12861277f04f300acd8278e5f640ac0dc7e4f8df3ea39186119b0599f3e7bedfa0ee65e4d25d8586a2d10e773182d98ea9eef3b3d9805697adce7daf083b8a934c0d9c6467be25a6a22b6b246abcb355d03b8c3345dff9f40e253ae80a2de668dd9da044a2b90bc5788b0fe3a2c6387b3c817ea456eb7713a728caf4287d15006500435ff93eb6803e42e57c087c483e23605d9dcd6f758883fbb990eb0f91f351191956ac451e1c1d1ae113c03311057f5e70d8231bef8edb7c2cbecc4ab3e46b02945afbcdb2e8b005819dd141055af1fd6a3240af08751cd3a78ff92e39bba4d3c23aef960646512b3b86d6a8fa6880cfce6d58e1fbe734ac5f9b7018451a7a5879b3767dfb359eee615bab65116237e5de5b96bf9fbacd11702c73a8e478a64895d15ac0110737c3ab91222bc4c87326b5d5e3cf089da0a76d43222a8eeeb5286a4cb2fced98ebc2f6e876e8ff48b6f8f8264e52cf5b38906d657bd8d0d91e2d7846224ac60526f878e8189d80957a73a0fb95223842fb819286234d742c0aee14c75ed069411f7631aaa3e2a011fe75e67131a51733b9d2dc7981935d559a08a965363cdbc02dbadfcc4435040cff61df0cea2dcc5017deab9076fcc1a11ebe5020b6c96a16425397df15881815cf60b942648c234a5614ecffd4d5de50884934bdbd5177d24ee76f0c97fd0a2b97e527fa86c73ec672398f1d88c03d467f2712908d8fff5e02b4e1fe2d7bff02205597b3a5360e2767a3d7c488d222a3ea39d3fec61423e349689297868a4bfcf08a0938729fbc819ca2181f03f4ea42c7892dccd76560f1ef812ba7380681a8943e7bf2d6bb0729002a33a4a595c411cec870e8757e5d9cddb17563a627e598bd170cb6eab4d0d8a02c926bd0d67d2084df5873591ba8da1309f9c309fcdb1e1afea2ed48b467170f9d2539e62e75ed1e9ad94e2f574bba5e25f7473534e82e91263cef442f31e9e568a3eafa2b9de2a99fa681c6f6f245db26c24d56ae77fe239c63a70c2edd113f0d48bf5c2a887e1512bfb2801a0c628d3b91f57b1d1401b0e5e6012d32dafacd08775b1b28f15c44b03cd340a4e45be0534c4f5099c5bda5ef0035ab7d1ddbdb2e73ad49e15f6a04b5b09280581ebe2ce940a8058e2d14a0556c14adce8a40b6f0f78cc6bf46f0d0b2c4f9ce79e60eadd828eec8fd5c6b1196f685add24c959d4f1c9cbf7d21fb010df2f26fd1f1a5186186de0ab6f7fbf7ac2406a815382aad4edde90c8aa08ce053e86777fcbb089b4cbeb596949ff04739b53c4262b84881814c1cee97eb9147854b54ea354d53d906869c21e5772be517c127a0feb3844acb8b721f060e065b096d5f390b3557e25d50bb887ac018564a9b3ca3fe38eec76dace59bcadb81ed3764c177766ffc8770b7eca1fd3c87f3fc84f157974dc6356ab41388d973ae0a5a4a1d3d08f207b4add5bb902034f0be23bd27010cf5fb3a8ce4c34b123be47bf50fb6ff1593602e720d893561f72fcabdf7141ea4a274d319e9157ee4deb55dd412296525a1d82726fc8e8ad1ebddd6f7ac4ac10d3f59473cf5b0ae0644db9224268415ad314e4a7f4e4a17be80425198c097287ef95948ef260eb02d59e235caabeb1bcbf8829240e5637358879016ea8b5b06337d58aab36bc1a981d7667974068ca1a353a8caad2885236f407fcfc277210ff15f4d7d0caa2b31e5f745f455ff36a5fd9a9036c02f319a049ecb1d67c057130ae3d68374c82191059b44f8aebdf4574cd84cf7c031b6e177e8f5808f25ac76df8d7f9aada99e1a16ea5b22cc4bb349a352aceb2cb1ea47710704d446498f4d6ff2d8705797cfe62e03de9064a5831df451d021fcd93a71c3105f81df9d1ce5dc27d26d77326ab4bedf0c428a70772f2b0630b0640f643292e68e9b44d53f5c401f6ee09f8217b77b2d308e13cbedefa56920ad948b464a74c3e9ca9259d10132880d7dbd2c972c772985f7022a41ef473c254289982b9cde41f937a1de59b9a50caf728accac23ba485842dae35ad4ed412a31d2a134bf05ede9fc70fab45fee38f1f7e749e803446b418cc1b5e7f2019777ae03eab5e129e1eef2195ca84cde2848df14a93bbc3a917f1e06ce3753cf127f2241295fb630f6e27eadeaff570f955ace44dd204dcc082f7bcbe310e2c33267852049cb839142d072e3f3ebb1fc289c78769fd0f05578630e42a5829b82c6d535c012204aa74659282ba0498156e2183ecee174054d45fd97e5a0159255d8af432563d367f045d209c67cc70f7cf13b9a6578983ea640f0e8e66113484f48d41cb65b1338eb6cec534b3acdf9e5a1a3ac9157d75986583edfda4958e79593b6808b4762f823a6f442ee1749e592bc103f2b9e16107b939ece49cb447e5a7d34d66f18567d0e981f4fef25a467144689662783503a03e1800d22f40f61903d8270453161a68386bdd94d59dd66eb5ae067d4129be23a0b17b89d0478734460bb88c5771d9444caa769aa62d56bd128bc328e03d2e18d966f5784398ca2aab86007f7ca00908d4bd7f2f3ecf3024110b073304c7bb17bd73725721a99e94c8d5e5da7a839d58f2196cace99b98d7f584a49fee2a426e6ec3f08e520f7965aa2dad97084c2ebed43c58dbc9116f420d4735decc47dea514b689f5479c56b6128dd684c4fbf0945aa15363276af833b27b82cb48541413bc9fc51f9ce57c14bb6c39f86cbc99b69e5d91e7cf72f340f67012eb2f5fb21d830e97eb3664674ecc36c754f90d1a8f6092fe3a48827849ec95ed35887cfd2ab3f26331bdc154ad034f31ef26ecec5feedac1367f4f642e99ebb409ddd5dd8d0087ebf048e4924a2119c69ff00af79233443b897f7bd1d80f4d34555719bd8dd9c0d824d0437c2adfc598fd4c2c2d8cf7693e05238987bdb9bb04751dfcd44fbced899a7dadef499b9bfb45ee52ea59369c950821a667712946c7207e36473660f3f9c9906ed889ffe7a8c735e98d41cc96aecf3e577072cb4711eb690d28ff41dbe9070cd73da26875994a7b8480f2d21bd4b92402bc293fea154071c401581a9b858dcb4113149105d793fd4d0e98894f228f24250ada364f49180fbd116e0677cbfbe928a840dbfab2791865cec67ab39affa7b76c266285ed2ede7ce77e9e6f21545b8d177cc73e5142e6bbfbb3e9793716de8d6faeb74e18475cac7541e3ccd875cc0dc8bd5a01e468700d5817fc44b6dd64d74dbe0b351c80815102a0dc2038c83dc75189bb4ca425eabeeaa70fcebfda8f16c4b083762811325fdc6b94f84b6d4629929b85d0cf678b28651cab8a825f28440ca4e7a2193c6f9c769b0aa226754fa8eabd7cd1d31ea2478a83e0d79eaff6f72bfb05c31098f4640256b8c21ef25808821c08cbc68e8b6205fdbcb10b17d63cfb5ead7fb8ae1", 0x2000, &(0x7f0000002cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

2.602507446s ago: executing program 0 (id=2789):
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000b00)={0xb, {{0xa, 0x0, 0x0, @mcast2}}, 0x0, 0x2, [{{0xa, 0x0, 0x0, @remote}}, {{0xa, 0xfffc, 0x0, @remote}}]}, 0x190)
syz_emit_ethernet(0x52, &(0x7f00000005c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd60003a04001c3a00fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0)

2.330154868s ago: executing program 0 (id=2792):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
sendmsg$tipc(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4010}, 0x8820)
sendmsg$tipc(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x4088840)

1.808645047s ago: executing program 37 (id=2792):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
sendmsg$tipc(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4010}, 0x8820)
sendmsg$tipc(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x4088840)

1.797928673s ago: executing program 9 (id=2794):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x5c}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x100088c2}, 0x80)

1.675060359s ago: executing program 9 (id=2796):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_GET_REGS(r2, 0x8090ae81, &(0x7f00000000c0))

1.48808372s ago: executing program 8 (id=2797):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000580)={0x4, 0x2, 0x0, 0x1000, &(0x7f0000456000/0x1000)=nil})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"])

1.453813491s ago: executing program 4 (id=2798):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
getsockopt$inet6_int(r0, 0x29, 0x1, 0x0, &(0x7f0000000140))

1.422273466s ago: executing program 9 (id=2799):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
close_range(r0, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
open(&(0x7f00009e1000)='./file1\x00', 0x8160, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, r1, 0x4}, 0x38)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
close(r2)
ioctl$SIOCSIFHWADDR(r2, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\x00\x00\x00\x00\x00 '})

1.22008759s ago: executing program 4 (id=2800):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x5, 0x0, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, &(0x7f0000000000)={0xbe, 0x0, 0x1})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.186701771s ago: executing program 8 (id=2801):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, 0x0, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000b00)={0xb, {{0xa, 0x0, 0x0, @mcast2}}, 0x0, 0x2, [{{0xa, 0x0, 0x0, @remote}}, {{0xa, 0xfffc, 0x0, @remote}}]}, 0x190)
syz_emit_ethernet(0x52, &(0x7f00000005c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd60003a04001c3a00fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0)

1.164518274s ago: executing program 9 (id=2802):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000180)={0x0, 0x98a, 0x1, "c2"}, 0x9)
sendto$inet6(r0, &(0x7f0000000040)="e85f", 0x2, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0xd, @dev={0xfe, 0x80, '\x00', 0x3e}, 0x1c}, 0x1c)

851.838073ms ago: executing program 4 (id=2803):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x7, @mcast1, 0x6}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

825.808661ms ago: executing program 8 (id=2804):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x6, 0x7f, 0x2, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0xa, 0xfffffffa, 0xffff2d33, 0x1dd2, 0x6, 0x7, 0x0, 0x80000000, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x3, 0x3, 0x107fff, 0x4c74, 0xfbf5, 0x0, 0xb, 0xa, 0x0, 0x71, 0x7, 0x2000007, 0x103, 0x0, 0x5, 0x3c, 0x91, 0x6, 0x6, 0x3, 0x4, 0x4, 0x8, 0x0, 0x7f, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x8000, 0x10, 0x8, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x6c9, 0xfffff000, 0xfffffffe, 0x8, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0xa, 0x4, 0x0, 0x8000, 0x9, 0x400, 0x1, 0x6, 0xfffffffd, 0xff, 0x1005, 0x801, 0x8, 0x4, 0x0, 0x106, 0x2, 0x8, 0x4, 0x9, 0x8, 0x9, 0x6, 0x5, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x83, 0x9, 0x5, 0x10003, 0x4, 0x1, 0x7, 0xd, 0x9, 0x48c93690, 0x2, 0xff], [0x7, 0x4, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x387d, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x10000009, 0x3e7, 0xb, 0x5, 0x2, 0x80002, 0xf, 0x8, 0x4, 0x6d01, 0x5, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2, 0x0, 0xa2, 0x7, 0x53cf697b, 0x20005, 0x6, 0x54fe12d2, 0xbf, 0x200, 0x3, 0x400002, 0xfffffff9, 0x0, 0x6, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x6, 0x9, 0x2000008, 0x2], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce5, 0x1fd, 0x6, 0x5, 0x5, 0x40000003, 0x100, 0x10000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0xffffffff, 0x60a7, 0x6, 0x5, 0xffffffff, 0x7ffffffb, 0x5, 0x8, 0xc8, 0x3, 0x3, 0x80ffff, 0x200003, 0x5, 0x80000000, 0x9602, 0xa, 0x2, 0x4, 0x10, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c1b, 0x3, 0x8, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
write$char_usb(0xffffffffffffffff, &(0x7f0000000040)="e2", 0x918)

655.317592ms ago: executing program 8 (id=2805):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2458a}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x6}, @IFLA_BOND_ACTIVE_SLAVE={0x8}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000004}, 0x40)

655.071208ms ago: executing program 4 (id=2806):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x2, 0x9a6e}]})

468.198351ms ago: executing program 4 (id=2807):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

413.77245ms ago: executing program 2 (id=2734):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x80c80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0x7000, 0x100000, 0x0, 0x0, 0x8, 0x8, 0x0, 0x2, 0x0, 0x6, 0x9, 0x10}, {0x8080000, 0x0, 0xc, 0x8, 0x7c, 0x0, 0x4, 0x0, 0x7, 0x7, 0x0, 0x2}, {0x8000000, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x23, 0x0, 0x0, 0xfc}, {0x4, 0xd000, 0x4, 0x0, 0x0, 0x40, 0xff, 0x0, 0x0, 0x0, 0x4}, {0xeeee8000, 0x3000, 0x0, 0x0, 0xff, 0x4, 0xe, 0xe, 0x0, 0x3c}, {0x0, 0x80a0000, 0xd, 0x7, 0x0, 0x0, 0x2, 0xba, 0x0, 0x0, 0x80}, {0x8080000, 0x0, 0xf, 0x6, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfe}, {0x4000, 0x6000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x26, 0x0, 0x40}, {0x80a0000}, {0xeeef0000}, 0xfdfcffdb, 0x0, 0x0, 0x28, 0xb, 0xc801, 0x0, [0x0, 0x3, 0x1, 0x200000000000000]})

301.596984ms ago: executing program 8 (id=2808):
r0 = openat$comedi(0xffffffffffffff9c, 0x0, 0x181001, 0x0)
ioctl$COMEDI_CMD(r0, 0x80506409, &(0x7f0000000100)={0x1, 0x20, 0x40, 0x6e1, 0x10, 0x9, 0x2, 0x801, 0x80, 0xd, 0x0, 0xc, &(0x7f0000000000)=[0x11], 0x1, 0x0})

192.100658ms ago: executing program 2 (id=2809):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="0f23d266baa00066b86b4266ba420066efc4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0xad}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

165.728633ms ago: executing program 8 (id=2810):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
close_range(r0, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
open(&(0x7f00009e1000)='./file1\x00', 0x8160, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, r1, 0x4}, 0x38)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r2, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\x00\x00\x00\x00\x00 '})

127.956013ms ago: executing program 9 (id=2811):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x40242, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$UI_SET_RELBIT(0xffffffffffffffff, 0x40045566, 0xc)
close_range(r1, r0, 0x2)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r5, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r4, 0x4068aea3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

123.573518ms ago: executing program 4 (id=2812):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, 0x0, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000b00)={0xb, {{0xa, 0x0, 0x0, @mcast2}}, 0x0, 0x2, [{{0xa, 0x0, 0x0, @remote}}, {{0xa, 0xfffc, 0x0, @remote}}]}, 0x190)
syz_emit_ethernet(0x52, &(0x7f00000005c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd60003a04001c3a00fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0)

0s ago: executing program 2 (id=2813):
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
r1 = memfd_create(&(0x7f0000000940)='y\x105\xfb\xf7u\x83%\b\x00\x00\x00\x00\x00\x00\x00\xea_\xccZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x10\x00\x00\x00\x04\x879\xa24\xa9a\b\x00\xb2\xd3\xcbZJ\x7fa\xc4\x1acB\xaa\xc1\xfb Q\x96\xd9xJ2\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea\b\x00\x00\x00\x00\x00\x00\x00\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9V\x01A\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\a\x00\x01vRk\xaabB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\x80\x81\xa0\xa2-g\b\x99\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecn\x02\xc8\xc4\f\x04\x99\xf6\xfc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc8L\xae\x1ff\xcf\xb3\xb65\x12\x89\x02\x82t\x0f\xb0\xe89\x16\fO\x19\x91\xfd\x10\x0e\xa7r\x12\xab\xd4\xd1d\xad\f\x11\xb3\xb3c\xe2\xfe\xcd\x9f7\xa1\x14\xfa\xe2\xdf\x7f\xf4NG\xe3\xeb\x18\xde|\xb3\xf5S\x9a\x04\xb4Lry\xa9\xd6\xfb\xbc\n+N\xf7\xf6\x87\x95\xd9+\xd2sc/\x06\xaa#K3,k\xf3(\xcc\xc7\xb47\xfa\xc3\x1c\x91!\xd3\xd2`-\xa2xrR\x1c\x81i\x87u|29Q\xdf\xed\x10\x9b\x930\xa8v\xa0\x88\xa4t\x17\xb2\xca9\x02\x03\xc9P\xcc\xe0\xb7\x9c\x82\xb4\x03\x83e\xee\x95\xccO\x1b\x83\f\n{\xf3\x12\x90\xcf\x10\xb5>\b3\x80\x8d\xb2%7\x10\xeee\xe4\xc3\xb2^\xad\xb6~\xa2\xbdE\xbf\x91\vqt\x81\xbd\x19\xde\x81\tw\xd4p\xd1\x8aNJ\xb3M\a\xc4\xfa\xb0,$\x81j\xb4Hs\x93>\x16U\xd0t\xe4\xca0T\xb7\xf7\x9d4\b\xd9\xdeps\xec\xa0\nJ\xa5\xfe\xda{(\xee\xb5\x11?\xc3I-\x8bc\xc9\xfb\a\xe5\xab\xf8v1\xdc\xc5\x8c\xebs1\x81\xca\x81l\xa12\xff<\xf5\x12\xcc+\xd4\xab\x84\x16\xa4+\x0e\xd4\x02\xe3\xaa1\xeam\x8ce\xb4r\x0eo&3wff\xe6\x91\x7f\xba\xad\x05\xdd\xc0+\"\xa5\x80\'#\xfd\x9dA&\xee \x18\xe5\x17\x1bd\xd0\xb9\x90\xde\xec\xe4M\xe5\x06\x03r\fc\x8c\x10\x99x\xec`e`\xc3F\xdf\xbc\xa8\xff\x05\xe6\xea\xc3u\xd7\t\x88<\"\xf7!\xd6\x0e\xbbE^\xcd\xb0\x15g\xe6\xf2?y1\x9f\xd3\x95\xc4E\xd0\xb4\x16`r\x14\xad\x02\x17\x9a\x86I]\x02f\xd3\xc9\xe1H\xd7c\xcaQ\x8cE7\xcc\xcf=\xf3\xf7\xb9\xf6s\x88\bZi\b*w\xc5;\x88\r\xab\xa1\t\xf1\x02)5\x00\x84', 0xb)
ftruncate(r1, 0xffff)
fcntl$addseals(r1, 0x409, 0x7)
r2 = ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f00000002c0)={r1, 0x0, 0x0, 0x8000})
fcntl$dupfd(r2, 0x0, r2)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fffff83}]})
close_range(r3, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

70
[  937.302755][ T5854]  ? __pfx___mutex_lock+0x10/0x10
[  937.302769][ T5854]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  937.302781][ T5854]  ? skb_pull_data+0xfb/0x200
[  937.302807][ T5854]  hci_le_conn_complete_evt+0x187/0x450
[  937.302829][ T5854]  hci_event_packet+0x78c/0x1200
[  937.302854][ T5854]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  937.302873][ T5854]  ? __pfx_hci_event_packet+0x10/0x10
[  937.302898][ T5854]  ? kcov_remote_start+0x4d3/0x7f0
[  937.302920][ T5854]  ? __pfx_warn_bogus_irq_restore+0x10/0x10
[  937.302945][ T5854]  ? hci_send_to_monitor+0xe2/0x570
[  937.302983][ T5854]  hci_rx_work+0x46a/0xe80
[  937.303013][ T5854]  ? process_scheduled_works+0x9ef/0x17b0
[  937.303031][ T5854]  process_scheduled_works+0xade/0x17b0
[  937.303073][ T5854]  ? __pfx_process_scheduled_works+0x10/0x10
[  937.303104][ T5854]  worker_thread+0x8a0/0xda0
[  937.303142][ T5854]  kthread+0x711/0x8a0
[  937.303165][ T5854]  ? __pfx_worker_thread+0x10/0x10
[  937.303181][ T5854]  ? __pfx_kthread+0x10/0x10
[  937.303203][ T5854]  ? _raw_spin_unlock_irq+0x23/0x50
[  937.303224][ T5854]  ? lockdep_hardirqs_on+0x9c/0x150
[  937.303245][ T5854]  ? __pfx_kthread+0x10/0x10
[  937.303266][ T5854]  ret_from_fork+0x3f9/0x770
[  937.303283][ T5854]  ? __pfx_ret_from_fork+0x10/0x10
[  937.303303][ T5854]  ? __switch_to_asm+0x39/0x70
[  937.303321][ T5854]  ? __switch_to_asm+0x33/0x70
[  937.303339][ T5854]  ? __pfx_kthread+0x10/0x10
[  937.303360][ T5854]  ret_from_fork_asm+0x1a/0x30
[  937.303401][ T5854]  </TASK>
[  937.590672][ T5854] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  937.605809][ T5854] Bluetooth: hci0: failed to register connection device
[  939.802220][T14444] macvtap9: entered allmulticast mode
[  939.857753][T14444] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.2127'.
[  939.880813][T14445] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2126'.
[  939.890310][T14445] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2126'.
[  939.970483][T14446] netlink: 'syz.4.2126': attribute type 1 has an invalid length.
[  941.651836][T14461] FAULT_INJECTION: forcing a failure.
[  941.651836][T14461] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  941.665554][T14461] CPU: 0 UID: 0 PID: 14461 Comm: syz.0.2129 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  941.665581][T14461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  941.665593][T14461] Call Trace:
[  941.665601][T14461]  <TASK>
[  941.665608][T14461]  dump_stack_lvl+0x189/0x250
[  941.665635][T14461]  ? __pfx____ratelimit+0x10/0x10
[  941.665664][T14461]  ? __pfx_dump_stack_lvl+0x10/0x10
[  941.665685][T14461]  ? __pfx__printk+0x10/0x10
[  941.665710][T14461]  ? fs_reclaim_acquire+0x7d/0x100
[  941.665738][T14461]  should_fail_ex+0x414/0x560
[  941.665769][T14461]  prepare_alloc_pages+0x213/0x610
[  941.665796][T14461]  __alloc_frozen_pages_noprof+0x123/0x370
[  941.665819][T14461]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  941.665848][T14461]  ? policy_nodemask+0x27c/0x720
[  941.665872][T14461]  ? __lock_acquire+0xab9/0xd20
[  941.665896][T14461]  alloc_pages_mpol+0x232/0x4a0
[  941.665929][T14461]  vma_alloc_folio_noprof+0xe4/0x200
[  941.665960][T14461]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  941.666000][T14461]  folio_prealloc+0x30/0x180
[  941.666029][T14461]  __handle_mm_fault+0x2c88/0x5620
[  941.666075][T14461]  ? __pfx___handle_mm_fault+0x10/0x10
[  941.666119][T14461]  ? find_vma+0xe7/0x160
[  941.666144][T14461]  ? __pfx_find_vma+0x10/0x10
[  941.666174][T14461]  handle_mm_fault+0x2d5/0x7f0
[  941.666210][T14461]  do_user_addr_fault+0x764/0x1390
[  941.666254][T14461]  exc_page_fault+0x76/0xf0
[  941.666283][T14461]  asm_exc_page_fault+0x26/0x30
[  941.666305][T14461] RIP: 0010:put_cmsg+0x201/0x640
[  941.666332][T14461] Code: 89 f6 e8 02 41 74 f8 48 89 df 4c 89 ee e8 f7 40 74 f8 4c 39 eb 0f 82 fd 02 00 00 4c 39 f3 0f 87 f4 02 00 00 0f 01 cb 0f ae e8 <4d> 89 65 00 8b 44 24 08 41 89 45 08 8b 44 24 0c 41 89 45 0c 49 83
[  941.666349][T14461] RSP: 0018:ffffc9000c02f400 EFLAGS: 00050287
[  941.666366][T14461] RAX: ffffffff894be6b9 RBX: 000020000000203c RCX: ffff88807c911e00
[  941.666380][T14461] RDX: 0000000000000000 RSI: 0000200000002000 RDI: 000020000000203c
[  941.666392][T14461] RBP: 000000000000002c R08: ffffc9000c02f560 R09: 0000000000000003
[  941.666418][T14461] R10: 0000000000000003 R11: 0000000000000000 R12: 000000000000003c
[  941.666429][T14461] R13: 0000200000002000 R14: 00007ffffffff000 R15: ffffc9000c02f560
[  941.666451][T14461]  ? put_cmsg+0x1e9/0x640
[  941.666496][T14461]  ipv6_recv_error+0xeb1/0x1490
[  941.666536][T14461]  ? __pfx_ipv6_recv_error+0x10/0x10
[  941.666563][T14461]  ? up_write+0x1c4/0x420
[  941.666591][T14461]  ? process_measurement+0x1640/0x1a40
[  941.666620][T14461]  udpv6_recvmsg+0x221/0x1630
[  941.666645][T14461]  ? __pfx_process_measurement+0x10/0x10
[  941.666661][T14461]  ? tomoyo_check_open_permission+0x16a/0x3b0
[  941.666701][T14461]  ? __pfx_udpv6_recvmsg+0x10/0x10
[  941.666721][T14461]  ? __lock_acquire+0xab9/0xd20
[  941.666745][T14461]  ? __lock_acquire+0xab9/0xd20
[  941.666781][T14461]  ? __pfx_udpv6_recvmsg+0x10/0x10
[  941.666801][T14461]  inet6_recvmsg+0x1ee/0x6b0
[  941.666829][T14461]  ? __pfx_inet6_recvmsg+0x10/0x10
[  941.666845][T14461]  ? __lock_acquire+0xab9/0xd20
[  941.666867][T14461]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  941.666894][T14461]  ? security_socket_recvmsg+0x7e/0x2e0
[  941.666925][T14461]  sock_recvmsg+0x105/0x270
[  941.666961][T14461]  ____sys_recvmsg+0x1c9/0x460
[  941.666997][T14461]  ? __pfx_____sys_recvmsg+0x10/0x10
[  941.667041][T14461]  ? import_iovec+0x74/0xa0
[  941.667067][T14461]  ___sys_recvmsg+0x1b5/0x510
[  941.667099][T14461]  ? __pfx____sys_recvmsg+0x10/0x10
[  941.667154][T14461]  ? __fget_files+0x3a0/0x420
[  941.667185][T14461]  do_recvmmsg+0x307/0x770
[  941.667221][T14461]  ? __pfx_do_recvmmsg+0x10/0x10
[  941.667261][T14461]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  941.667300][T14461]  __x64_sys_recvmmsg+0x190/0x240
[  941.667330][T14461]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  941.667354][T14461]  ? rcu_is_watching+0x15/0xb0
[  941.667383][T14461]  ? do_syscall_64+0xbe/0x3b0
[  941.667411][T14461]  do_syscall_64+0xfa/0x3b0
[  941.667428][T14461]  ? lockdep_hardirqs_on+0x9c/0x150
[  941.667456][T14461]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  941.667494][T14461]  ? clear_bhb_loop+0x60/0xb0
[  941.667519][T14461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  941.667538][T14461] RIP: 0033:0x7f0b59b8e929
[  941.667555][T14461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  941.667572][T14461] RSP: 002b:00007f0b5aa1d038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  941.667592][T14461] RAX: ffffffffffffffda RBX: 00007f0b59db5fa0 RCX: 00007f0b59b8e929
[  941.667607][T14461] RDX: 0000000000000001 RSI: 00002000000066c0 RDI: 0000000000000003
[  941.667620][T14461] RBP: 00007f0b5aa1d090 R08: 0000000000000000 R09: 0000000000000000
[  941.667633][T14461] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000001
[  941.667645][T14461] R13: 0000000000000000 R14: 00007f0b59db5fa0 R15: 00007ffe65f4a9b8
[  941.667677][T14461]  </TASK>
[  944.367068][   T36] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  944.482861][ T5890] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  944.777076][T14493] macvtap6: entered allmulticast mode
[  944.780162][T14497] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.2139'.
[  945.315945][ T5890] usb 5-1: unable to read config index 0 descriptor/start: -61
[  945.325995][ T5890] usb 5-1: can't read configurations, error -61
[  945.973287][ T5890] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  946.058762][T14504] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2142'.
[  946.196185][T14511] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  946.722769][ T5890] usb 5-1: device descriptor read/all, error -71
[  946.741505][ T5890] usb usb5-port1: attempt power cycle
[  948.932655][T10264] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  949.214263][T14537] loop9: detected capacity change from 0 to 7
[  949.240088][T14537] Dev loop9: unable to read RDB block 7
[  949.246078][T14537]  loop9: unable to read partition table
[  949.252699][T14537] loop9: partition table beyond EOD, truncated
[  949.259025][T14537] loop_reread_partitions: partition scan of loop9 (þ£«xüÿÿÿÿÿÿÿ ) failed (rc=-5)
[  950.326277][T14548] netlink: 'syz.4.2153': attribute type 1 has an invalid length.
[  950.339257][T14543] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2151'.
[  950.348359][T14543] nbd: must specify at least one socket
[  950.523442][T14556] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2154'.
[  950.597696][T14550] bond1: (slave ip6gretap2): Enslaving as a backup interface with an up link
[  950.614891][ T3519] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  950.651016][T14553] 8021q: adding VLAN 0 to HW filter on device bond1
[  950.721004][T14562] netlink: 212376 bytes leftover after parsing attributes in process `syz.7.2152'.
[  950.755478][   T12] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  951.226874][T14565] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  952.026274][T14558] bond1 (unregistering): (slave ip6gretap2): Removing an active aggregator
[  952.039485][T14558] bond1 (unregistering): (slave ip6gretap2): Releasing backup interface
[  952.057244][T14558] bond1 (unregistering): Released all slaves
[  952.084931][T14560] macvtap4: entered allmulticast mode
[  952.152814][T10264] usb 3-1: new full-speed USB device number 23 using dummy_hcd
[  952.466883][T10264] usb 3-1: config 0 has an invalid interface number: 224 but max is 0
[  952.482795][T10264] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  952.505103][T10264] usb 3-1: config 0 has no interface number 0
[  952.547903][T10264] usb 3-1: New USB device found, idVendor=0f11, idProduct=2000, bcdDevice=c7.bc
[  952.560335][T10264] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  952.602882][T10264] usb 3-1: Product: syz
[  952.607209][T10264] usb 3-1: Manufacturer: syz
[  952.804838][T10264] usb 3-1: SerialNumber: syz
[  953.450392][T10264] usb 3-1: config 0 descriptor??
[  953.542527][T10264] ldusb 3-1:0.224: Interrupt in endpoint not found
[  953.960695][T14583] _ÐZ`Ô€@: entered promiscuous mode
[  954.043552][T14597] FAULT_INJECTION: forcing a failure.
[  954.043552][T14597] name failslab, interval 1, probability 0, space 0, times 0
[  954.091067][T14597] CPU: 0 UID: 0 PID: 14597 Comm: syz.5.2162 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  954.091102][T14597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  954.091114][T14597] Call Trace:
[  954.091122][T14597]  <TASK>
[  954.091131][T14597]  dump_stack_lvl+0x189/0x250
[  954.091160][T14597]  ? __pfx____ratelimit+0x10/0x10
[  954.091191][T14597]  ? __pfx_dump_stack_lvl+0x10/0x10
[  954.091214][T14597]  ? __pfx__printk+0x10/0x10
[  954.091245][T14597]  ? __pfx___might_resched+0x10/0x10
[  954.091268][T14597]  ? fs_reclaim_acquire+0x7d/0x100
[  954.091295][T14597]  should_fail_ex+0x414/0x560
[  954.091329][T14597]  should_failslab+0xa8/0x100
[  954.091364][T14597]  __kmalloc_cache_noprof+0x70/0x3d0
[  954.091393][T14597]  ? vhost_task_create+0xf6/0x290
[  954.091422][T14597]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  954.091455][T14597]  vhost_task_create+0xf6/0x290
[  954.091482][T14597]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  954.091516][T14597]  ? __pfx_vhost_task_create+0x10/0x10
[  954.091562][T14597]  ? __pfx_vhost_task_fn+0x10/0x10
[  954.091601][T14597]  ? kasan_save_track+0x4f/0x80
[  954.091625][T14597]  ? kasan_save_track+0x3e/0x80
[  954.091656][T14597]  kvm_mmu_post_init_vm+0x147/0x2b0
[  954.091683][T14597]  kvm_arch_vcpu_ioctl_run+0xdc/0x1940
[  954.091720][T14597]  ? __mutex_trylock_common+0x153/0x260
[  954.091757][T14597]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  954.091794][T14597]  ? rcu_is_watching+0x15/0xb0
[  954.091816][T14597]  ? look_up_lock_class+0x74/0x170
[  954.091850][T14597]  ? register_lock_class+0x51/0x320
[  954.091877][T14597]  ? __lock_acquire+0xab9/0xd20
[  954.091942][T14597]  kvm_vcpu_ioctl+0x95c/0xe90
[  954.091975][T14597]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  954.091996][T14597]  ? __lock_acquire+0xab9/0xd20
[  954.092018][T14597]  ? __asan_memset+0x22/0x50
[  954.092041][T14597]  ? smack_file_ioctl+0x302/0x340
[  954.092070][T14597]  ? __pfx_smack_file_ioctl+0x10/0x10
[  954.092107][T14597]  ? __fget_files+0x2a/0x420
[  954.092125][T14597]  ? __fget_files+0x3a0/0x420
[  954.092142][T14597]  ? __fget_files+0x2a/0x420
[  954.092163][T14597]  ? bpf_lsm_file_ioctl+0x9/0x20
[  954.092182][T14597]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  954.092207][T14597]  __se_sys_ioctl+0xf9/0x170
[  954.092236][T14597]  do_syscall_64+0xfa/0x3b0
[  954.092254][T14597]  ? lockdep_hardirqs_on+0x9c/0x150
[  954.092283][T14597]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  954.092302][T14597]  ? clear_bhb_loop+0x60/0xb0
[  954.092327][T14597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  954.092346][T14597] RIP: 0033:0x7f62e5b8e929
[  954.092365][T14597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  954.092382][T14597] RSP: 002b:00007f62e6a83038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  954.092403][T14597] RAX: ffffffffffffffda RBX: 00007f62e5db5fa0 RCX: 00007f62e5b8e929
[  954.092417][T14597] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  954.092429][T14597] RBP: 00007f62e6a83090 R08: 0000000000000000 R09: 0000000000000000
[  954.092441][T14597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  954.092454][T14597] R13: 0000000000000000 R14: 00007f62e5db5fa0 R15: 00007ffdad5800e8
[  954.092486][T14597]  </TASK>
[  954.412081][    C0] vkms_vblank_simulate: vblank timer overrun
[  955.414288][ T5890] usb 3-1: USB disconnect, device number 23
[  955.688725][T14609] FAULT_INJECTION: forcing a failure.
[  955.688725][T14609] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  955.738867][T14609] CPU: 0 UID: 0 PID: 14609 Comm: syz.2.2166 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  955.738899][T14609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  955.738911][T14609] Call Trace:
[  955.738920][T14609]  <TASK>
[  955.738929][T14609]  dump_stack_lvl+0x189/0x250
[  955.738947][T14611] FAULT_INJECTION: forcing a failure.
[  955.738947][T14611] name failslab, interval 1, probability 0, space 0, times 0
[  955.738956][T14609]  ? __pfx____ratelimit+0x10/0x10
[  955.738987][T14609]  ? __pfx_dump_stack_lvl+0x10/0x10
[  955.739005][T14609]  ? __pfx__printk+0x10/0x10
[  955.739030][T14609]  ? __might_fault+0xb0/0x130
[  955.739075][T14609]  should_fail_ex+0x414/0x560
[  955.739116][T14609]  _copy_from_user+0x2d/0xb0
[  955.739144][T14609]  kvm_arch_dev_ioctl+0x2e6/0x8f0
[  955.739178][T14609]  ? __pfx_kvm_arch_dev_ioctl+0x10/0x10
[  955.739221][T14609]  ? smack_log+0xef/0x3f0
[  955.739267][T14609]  ? __pfx_smack_log+0x10/0x10
[  955.739293][T14609]  ? smk_access+0x14c/0x4e0
[  955.739327][T14609]  ? smk_tskacc+0x2fc/0x370
[  955.739361][T14609]  ? smack_file_ioctl+0x2a9/0x340
[  955.739399][T14609]  kvm_dev_ioctl+0x595/0x18e0
[  955.739435][T14609]  ? __fget_files+0x2a/0x420
[  955.739457][T14609]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  955.739479][T14609]  ? __fget_files+0x2a/0x420
[  955.739511][T14609]  ? bpf_lsm_file_ioctl+0x9/0x20
[  955.739533][T14609]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  955.739559][T14609]  __se_sys_ioctl+0xf9/0x170
[  955.739591][T14609]  do_syscall_64+0xfa/0x3b0
[  955.739613][T14609]  ? lockdep_hardirqs_on+0x9c/0x150
[  955.739646][T14609]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  955.739670][T14609]  ? clear_bhb_loop+0x60/0xb0
[  955.739698][T14609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  955.739720][T14609] RIP: 0033:0x7f699cb8e929
[  955.739743][T14609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  955.739762][T14609] RSP: 002b:00007f699da30038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  955.739787][T14609] RAX: ffffffffffffffda RBX: 00007f699cdb5fa0 RCX: 00007f699cb8e929
[  955.739802][T14609] RDX: 00002000000004c0 RSI: 00000000c008ae05 RDI: 0000000000000003
[  955.739818][T14609] RBP: 00007f699da30090 R08: 0000000000000000 R09: 0000000000000000
[  955.739833][T14609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  955.739846][T14609] R13: 0000000000000000 R14: 00007f699cdb5fa0 R15: 00007ffdc8e98e08
[  955.739882][T14609]  </TASK>
[  956.010434][T10673] Bluetooth: hci1: command 0x0406 tx timeout
[  956.023592][T14611] CPU: 1 UID: 0 PID: 14611 Comm: syz.5.2167 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  956.023622][T14611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  956.023635][T14611] Call Trace:
[  956.023643][T14611]  <TASK>
[  956.023652][T14611]  dump_stack_lvl+0x189/0x250
[  956.023680][T14611]  ? __pfx____ratelimit+0x10/0x10
[  956.023712][T14611]  ? __pfx_dump_stack_lvl+0x10/0x10
[  956.023734][T14611]  ? __pfx__printk+0x10/0x10
[  956.023764][T14611]  ? __pfx___might_resched+0x10/0x10
[  956.023786][T14611]  ? fs_reclaim_acquire+0x7d/0x100
[  956.023812][T14611]  should_fail_ex+0x414/0x560
[  956.023857][T14611]  should_failslab+0xa8/0x100
[  956.023889][T14611]  __kmalloc_noprof+0xcb/0x4f0
[  956.023915][T14611]  ? tomoyo_encode+0x28b/0x550
[  956.023940][T14611]  tomoyo_encode+0x28b/0x550
[  956.023967][T14611]  tomoyo_realpath_from_path+0x58d/0x5d0
[  956.023998][T14611]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  956.024027][T14611]  tomoyo_path_number_perm+0x1e8/0x5a0
[  956.024059][T14611]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  956.024104][T14611]  ? lockdep_hardirqs_on+0x9c/0x150
[  956.024140][T14611]  ? rcu_is_watching+0x15/0xb0
[  956.024171][T14611]  ? __lock_acquire+0xab9/0xd20
[  956.024214][T14611]  ? __fget_files+0x2a/0x420
[  956.024237][T14611]  ? __fget_files+0x2a/0x420
[  956.024254][T14611]  ? __fget_files+0x3a0/0x420
[  956.024279][T14611]  ? __fget_files+0x2a/0x420
[  956.024303][T14611]  security_file_ioctl+0xcb/0x2d0
[  956.024337][T14611]  __se_sys_ioctl+0x47/0x170
[  956.024366][T14611]  do_syscall_64+0xfa/0x3b0
[  956.024386][T14611]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  956.024405][T14611]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  956.024424][T14611]  ? clear_bhb_loop+0x60/0xb0
[  956.024446][T14611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  956.024465][T14611] RIP: 0033:0x7f62e5b8e52b
[  956.024484][T14611] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[  956.024500][T14611] RSP: 002b:00007f62e6a82f30 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  956.024521][T14611] RAX: ffffffffffffffda RBX: 0000200000001000 RCX: 00007f62e5b8e52b
[  956.024535][T14611] RDX: 00007f62e6a82f90 RSI: 000000004020ae46 RDI: 0000000000000004
[  956.024548][T14611] RBP: 0000000000000004 R08: 0000000000000000 R09: 0000000000000000
[  956.024558][T14611] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f62e6a82f90
[  956.024570][T14611] R13: 0000000000000000 R14: 00007f62e6a83008 R15: 0000200000017000
[  956.024600][T14611]  </TASK>
[  956.024821][T14611] ERROR: Out of memory at tomoyo_realpath_from_path.
[  959.664126][T14633] netlink: 44 bytes leftover after parsing attributes in process `syz.7.2175'.
[  959.681516][T14633] nbd: must specify at least one socket
[  959.823101][T14646] FAULT_INJECTION: forcing a failure.
[  959.823101][T14646] name failslab, interval 1, probability 0, space 0, times 0
[  959.836584][T14646] CPU: 0 UID: 0 PID: 14646 Comm: syz.5.2178 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  959.836612][T14646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  959.836624][T14646] Call Trace:
[  959.836632][T14646]  <TASK>
[  959.836641][T14646]  dump_stack_lvl+0x189/0x250
[  959.836670][T14646]  ? __pfx____ratelimit+0x10/0x10
[  959.836703][T14646]  ? __pfx_dump_stack_lvl+0x10/0x10
[  959.836726][T14646]  ? __pfx__printk+0x10/0x10
[  959.836757][T14646]  ? trace_fib_table_lookup+0x85/0x200
[  959.836795][T14646]  should_fail_ex+0x414/0x560
[  959.836831][T14646]  should_failslab+0xa8/0x100
[  959.836865][T14646]  kmem_cache_alloc_noprof+0x73/0x3c0
[  959.836894][T14646]  ? dst_alloc+0x105/0x170
[  959.836920][T14646]  ? fib_lookup+0x76/0x440
[  959.836951][T14646]  dst_alloc+0x105/0x170
[  959.836995][T14646]  ip_route_output_key_hash_rcu+0x1482/0x23a0
[  959.837037][T14646]  ? ip_route_output_key_hash+0xde/0x2e0
[  959.837069][T14646]  ip_route_output_key_hash+0x1b9/0x2e0
[  959.837098][T14646]  ? __lock_acquire+0xab9/0xd20
[  959.837120][T14646]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  959.837171][T14646]  ip_route_output_flow+0x2a/0x150
[  959.837197][T14646]  ? security_sk_classify_flow+0x70/0x180
[  959.837230][T14646]  udp_sendmsg+0x1405/0x2300
[  959.837270][T14646]  ? __pfx_udplite_getfrag+0x10/0x10
[  959.837290][T14646]  ? __pfx_udp_sendmsg+0x10/0x10
[  959.837317][T14646]  ? __lock_acquire+0xab9/0xd20
[  959.837345][T14646]  ? register_lock_class+0x51/0x320
[  959.837377][T14646]  ? look_up_lock_class+0x74/0x170
[  959.837411][T14646]  ? register_lock_class+0x51/0x320
[  959.837437][T14646]  ? __lock_acquire+0xab9/0xd20
[  959.837464][T14646]  udpv6_sendmsg+0xc5e/0x2710
[  959.837511][T14646]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  959.837533][T14646]  ? udp_lib_get_port+0x15cc/0x1a60
[  959.837572][T14646]  ? __lock_acquire+0xab9/0xd20
[  959.837612][T14646]  ? __local_bh_enable_ip+0x12d/0x1c0
[  959.837634][T14646]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  959.837664][T14646]  ? inet_send_prepare+0x1b9/0x270
[  959.837695][T14646]  ? inet6_sendmsg+0xe4/0x120
[  959.837719][T14646]  __sock_sendmsg+0xe5/0x270
[  959.837754][T14646]  ____sys_sendmsg+0x52d/0x830
[  959.837787][T14646]  ? __pfx_____sys_sendmsg+0x10/0x10
[  959.837825][T14646]  ? import_iovec+0x74/0xa0
[  959.837853][T14646]  ___sys_sendmsg+0x21f/0x2a0
[  959.837882][T14646]  ? __pfx____sys_sendmsg+0x10/0x10
[  959.837951][T14646]  ? __fget_files+0x2a/0x420
[  959.837969][T14646]  ? __fget_files+0x3a0/0x420
[  959.838008][T14646]  __sys_sendmmsg+0x227/0x430
[  959.838042][T14646]  ? __pfx___sys_sendmmsg+0x10/0x10
[  959.838065][T14646]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  959.838115][T14646]  ? ksys_write+0x22a/0x250
[  959.838147][T14646]  ? __pfx_ksys_write+0x10/0x10
[  959.838172][T14646]  ? rcu_is_watching+0x15/0xb0
[  959.838204][T14646]  __x64_sys_sendmmsg+0xa0/0xc0
[  959.838233][T14646]  do_syscall_64+0xfa/0x3b0
[  959.838251][T14646]  ? lockdep_hardirqs_on+0x9c/0x150
[  959.838281][T14646]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  959.838301][T14646]  ? clear_bhb_loop+0x60/0xb0
[  959.838326][T14646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  959.838347][T14646] RIP: 0033:0x7f62e5b8e929
[  959.838365][T14646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  959.838383][T14646] RSP: 002b:00007f62e6a83038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  959.838406][T14646] RAX: ffffffffffffffda RBX: 00007f62e5db5fa0 RCX: 00007f62e5b8e929
[  959.838421][T14646] RDX: 0000000000000002 RSI: 0000200000000b80 RDI: 0000000000000003
[  959.838434][T14646] RBP: 00007f62e6a83090 R08: 0000000000000000 R09: 0000000000000000
[  959.838446][T14646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  959.838458][T14646] R13: 0000000000000000 R14: 00007f62e5db5fa0 R15: 00007ffdad5800e8
[  959.838491][T14646]  </TASK>
[  960.439434][T14649] loop9: detected capacity change from 0 to 7
[  960.479967][T14649] Dev loop9: unable to read RDB block 7
[  960.486282][T14649]  loop9: unable to read partition table
[  960.497816][T14649] loop9: partition table beyond EOD, truncated
[  960.504529][T14649] loop_reread_partitions: partition scan of loop9 (þ£«xüÿÿÿÿÿÿÿ ) failed (rc=-5)
[  960.694642][T14650] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  961.902630][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  961.902646][   T30] audit: type=1326 audit(1752141223.943:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14647 comm="syz.5.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e5b8e929 code=0x7ffc0000
[  961.930126][    C1] vkms_vblank_simulate: vblank timer overrun
[  962.005805][T14659] FAULT_INJECTION: forcing a failure.
[  962.005805][T14659] name failslab, interval 1, probability 0, space 0, times 0
[  962.025021][   T30] audit: type=1326 audit(1752141224.203:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14647 comm="syz.5.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f62e5b8e929 code=0x7ffc0000
[  962.046567][    C1] vkms_vblank_simulate: vblank timer overrun
[  962.057042][   T30] audit: type=1326 audit(1752141224.203:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14647 comm="syz.5.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e5b8e929 code=0x7ffc0000
[  962.082591][   T30] audit: type=1326 audit(1752141224.203:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14647 comm="syz.5.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f62e5b8e929 code=0x7ffc0000
[  962.104893][T14659] CPU: 1 UID: 0 PID: 14659 Comm: syz.0.2182 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  962.104921][T14659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  962.104933][T14659] Call Trace:
[  962.104941][T14659]  <TASK>
[  962.104949][T14659]  dump_stack_lvl+0x189/0x250
[  962.104976][T14659]  ? __pfx____ratelimit+0x10/0x10
[  962.105006][T14659]  ? __pfx_dump_stack_lvl+0x10/0x10
[  962.105035][T14659]  ? __pfx__printk+0x10/0x10
[  962.105064][T14659]  ? __pfx___might_resched+0x10/0x10
[  962.105086][T14659]  ? fs_reclaim_acquire+0x7d/0x100
[  962.105112][T14659]  should_fail_ex+0x414/0x560
[  962.105145][T14659]  should_failslab+0xa8/0x100
[  962.105178][T14659]  __kmalloc_noprof+0xcb/0x4f0
[  962.105204][T14659]  ? tomoyo_encode+0x28b/0x550
[  962.105229][T14659]  tomoyo_encode+0x28b/0x550
[  962.105257][T14659]  tomoyo_realpath_from_path+0x58d/0x5d0
[  962.105291][T14659]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  962.105320][T14659]  tomoyo_path_number_perm+0x1e8/0x5a0
[  962.105352][T14659]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  962.105400][T14659]  ? __lock_acquire+0xab9/0xd20
[  962.105442][T14659]  ? __fget_files+0x2a/0x420
[  962.105464][T14659]  ? __fget_files+0x2a/0x420
[  962.105480][T14659]  ? __fget_files+0x3a0/0x420
[  962.105497][T14659]  ? __fget_files+0x2a/0x420
[  962.105520][T14659]  security_file_ioctl+0xcb/0x2d0
[  962.105552][T14659]  __se_sys_ioctl+0x47/0x170
[  962.105581][T14659]  do_syscall_64+0xfa/0x3b0
[  962.105599][T14659]  ? lockdep_hardirqs_on+0x9c/0x150
[  962.105627][T14659]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  962.105646][T14659]  ? clear_bhb_loop+0x60/0xb0
[  962.105670][T14659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  962.105689][T14659] RIP: 0033:0x7f0b59b8e929
[  962.105707][T14659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  962.105723][T14659] RSP: 002b:00007f0b5aa1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  962.105744][T14659] RAX: ffffffffffffffda RBX: 00007f0b59db5fa0 RCX: 00007f0b59b8e929
[  962.105758][T14659] RDX: 0000200000001d40 RSI: 0000000000005420 RDI: 0000000000000003
[  962.105770][T14659] RBP: 00007f0b5aa1d090 R08: 0000000000000000 R09: 0000000000000000
[  962.105782][T14659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  962.105793][T14659] R13: 0000000000000000 R14: 00007f0b59db5fa0 R15: 00007ffe65f4a9b8
[  962.105825][T14659]  </TASK>
[  962.105852][T14659] ERROR: Out of memory at tomoyo_realpath_from_path.
[  962.192774][   T30] audit: type=1326 audit(1752141224.203:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14647 comm="syz.5.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e5b8e929 code=0x7ffc0000
[  962.394141][   T30] audit: type=1326 audit(1752141224.203:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14647 comm="syz.5.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f62e5b8e929 code=0x7ffc0000
[  962.469007][   T30] audit: type=1326 audit(1752141224.203:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14647 comm="syz.5.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e5b8e929 code=0x7ffc0000
[  962.496147][   T30] audit: type=1326 audit(1752141224.203:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14647 comm="syz.5.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f62e5b8e929 code=0x7ffc0000
[  962.606879][   T30] audit: type=1326 audit(1752141224.203:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14647 comm="syz.5.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e5b8e929 code=0x7ffc0000
[  963.045916][   T30] audit: type=1326 audit(1752141224.203:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14647 comm="syz.5.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f62e5b8e929 code=0x7ffc0000
[  963.985561][T10264] kernel write not supported for file /421/net/ip_vs_stats (pid: 10264 comm: kworker/0:1)
[  965.471409][T14694] macvtap5: entered allmulticast mode
[  965.530612][T14696] fuse: Unknown parameter '0x0000000000000003'
[  965.677656][T14696] overlayfs: failed to get inode (-116)
[  966.163320][T14696] overlayfs: failed to get inode (-116)
[  966.170963][T14696] overlayfs: failed to get inode (-116)
[  966.222361][T14704] overlayfs: failed to get inode (-116)
[  966.246752][T14704] overlayfs: failed to get inode (-116)
[  966.248686][T14708] FAULT_INJECTION: forcing a failure.
[  966.248686][T14708] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  966.253664][T14696] overlayfs: failed to get inode (-116)
[  966.314987][T14708] CPU: 0 UID: 0 PID: 14708 Comm: syz.0.2196 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  966.315019][T14708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  966.315031][T14708] Call Trace:
[  966.315040][T14708]  <TASK>
[  966.315049][T14708]  dump_stack_lvl+0x189/0x250
[  966.315077][T14708]  ? __pfx____ratelimit+0x10/0x10
[  966.315108][T14708]  ? __pfx_dump_stack_lvl+0x10/0x10
[  966.315132][T14708]  ? __pfx__printk+0x10/0x10
[  966.315158][T14708]  ? __might_fault+0xb0/0x130
[  966.315200][T14708]  should_fail_ex+0x414/0x560
[  966.315236][T14708]  _copy_from_user+0x2d/0xb0
[  966.315261][T14708]  ____sys_sendmsg+0x2fe/0x830
[  966.315295][T14708]  ? __pfx_____sys_sendmsg+0x10/0x10
[  966.315331][T14708]  ? import_iovec+0x74/0xa0
[  966.315360][T14708]  ___sys_sendmsg+0x21f/0x2a0
[  966.315388][T14708]  ? __pfx____sys_sendmsg+0x10/0x10
[  966.315456][T14708]  ? __fget_files+0x2a/0x420
[  966.315474][T14708]  ? __fget_files+0x3a0/0x420
[  966.315504][T14708]  __x64_sys_sendmsg+0x19b/0x260
[  966.315535][T14708]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  966.315573][T14708]  ? __pfx_ksys_write+0x10/0x10
[  966.315597][T14708]  ? rcu_is_watching+0x15/0xb0
[  966.315626][T14708]  ? do_syscall_64+0xbe/0x3b0
[  966.315649][T14708]  do_syscall_64+0xfa/0x3b0
[  966.315666][T14708]  ? lockdep_hardirqs_on+0x9c/0x150
[  966.315697][T14708]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  966.315717][T14708]  ? clear_bhb_loop+0x60/0xb0
[  966.315743][T14708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  966.315775][T14708] RIP: 0033:0x7f0b59b8e929
[  966.315794][T14708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  966.315811][T14708] RSP: 002b:00007f0b5aa1d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  966.315834][T14708] RAX: ffffffffffffffda RBX: 00007f0b59db5fa0 RCX: 00007f0b59b8e929
[  966.315848][T14708] RDX: 0000000024008004 RSI: 00002000000005c0 RDI: 0000000000000003
[  966.315861][T14708] RBP: 00007f0b5aa1d090 R08: 0000000000000000 R09: 0000000000000000
[  966.315874][T14708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  966.315885][T14708] R13: 0000000000000000 R14: 00007f0b59db5fa0 R15: 00007ffe65f4a9b8
[  966.315918][T14708]  </TASK>
[  967.775131][T14723] netlink: 384 bytes leftover after parsing attributes in process `syz.0.2200'.
[  967.785392][T14723] netlink: 'syz.0.2200': attribute type 2 has an invalid length.
[  970.411105][T14741] netlink: 'syz.0.2206': attribute type 1 has an invalid length.
[  970.449666][T14741] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2206'.
[  970.457949][T14743] overlay: Bad value for 'redirect_dir'
[  970.803460][ T5890] usb 1-1: new full-speed USB device number 29 using dummy_hcd
[  970.876125][T14757] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2209'.
[  970.888638][T14753] syz.5.2211 (14753) used obsolete PPPIOCDETACH ioctl
[  970.976896][ T5890] usb 1-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  970.992546][ T5890] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  971.011055][ T5890] usb 1-1: Product: syz
[  971.021265][ T5890] usb 1-1: Manufacturer: syz
[  971.031451][ T5890] usb 1-1: SerialNumber: syz
[  971.058284][ T5890] usb 1-1: config 0 descriptor??
[  971.078162][ T5890] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  971.172665][ T5923] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  971.185256][ T5890] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  971.363902][ T5923] usb 8-1: config 0 has no interfaces?
[  971.572642][ T5923] usb 8-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  971.882178][ T5890] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) error while loading driver (-19)
[  971.929939][ T5923] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  971.939418][ T5923] usb 8-1: Product: syz
[  971.946922][ T5923] usb 8-1: Manufacturer: syz
[  971.951568][ T5923] usb 8-1: SerialNumber: syz
[  971.957220][ T5890] usb 1-1: USB disconnect, device number 29
[  971.964624][ T5923] usb 8-1: config 0 descriptor??
[  972.008111][T14767] FAULT_INJECTION: forcing a failure.
[  972.008111][T14767] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  972.090897][T14767] CPU: 1 UID: 0 PID: 14767 Comm: syz.4.2213 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[  972.090928][T14767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  972.090941][T14767] Call Trace:
[  972.090949][T14767]  <TASK>
[  972.090958][T14767]  dump_stack_lvl+0x189/0x250
[  972.090986][T14767]  ? __pfx____ratelimit+0x10/0x10
[  972.091018][T14767]  ? __pfx_dump_stack_lvl+0x10/0x10
[  972.091040][T14767]  ? __pfx__printk+0x10/0x10
[  972.091067][T14767]  ? __might_fault+0xb0/0x130
[  972.091108][T14767]  should_fail_ex+0x414/0x560
[  972.091143][T14767]  _copy_from_user+0x2d/0xb0
[  972.091169][T14767]  snd_seq_oss_write+0x515/0x930
[  972.091216][T14767]  ? __pfx_snd_seq_oss_write+0x10/0x10
[  972.091250][T14767]  ? rcu_read_lock_any_held+0xb3/0x120
[  972.091275][T14767]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  972.091302][T14767]  ? security_file_permission+0x75/0x290
[  972.091339][T14767]  odev_write+0x5a/0x80
[  972.091363][T14767]  ? __pfx_odev_write+0x10/0x10
[  972.091391][T14767]  vfs_write+0x27e/0xa90
[  972.091429][T14767]  ? __pfx_vfs_write+0x10/0x10
[  972.091467][T14767]  ? __fget_files+0x2a/0x420
[  972.091489][T14767]  ? __fget_files+0x2a/0x420
[  972.091506][T14767]  ? __fget_files+0x3a0/0x420
[  972.091524][T14767]  ? __fget_files+0x2a/0x420
[  972.091553][T14767]  ksys_write+0x145/0x250
[  972.091585][T14767]  ? __pfx_ksys_write+0x10/0x10
[  972.091610][T14767]  ? rcu_is_watching+0x15/0xb0
[  972.091639][T14767]  ? do_syscall_64+0xbe/0x3b0
[  972.091663][T14767]  do_syscall_64+0xfa/0x3b0
[  972.091681][T14767]  ? lockdep_hardirqs_on+0x9c/0x150
[  972.091712][T14767]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  972.091732][T14767]  ? clear_bhb_loop+0x60/0xb0
[  972.091757][T14767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  972.091778][T14767] RIP: 0033:0x7fc7f078e929
[  972.091795][T14767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  972.091812][T14767] RSP: 002b:00007fc7f15c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  972.091835][T14767] RAX: ffffffffffffffda RBX: 00007fc7f09b5fa0 RCX: 00007fc7f078e929
[  972.091850][T14767] RDX: 0000000000000010 RSI: 0000200000000400 RDI: 0000000000000004
[  972.091862][T14767] RBP: 00007fc7f15c0090 R08: 0000000000000000 R09: 0000000000000000
[  972.091875][T14767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  972.091887][T14767] R13: 0000000000000000 R14: 00007fc7f09b5fa0 R15: 00007ffd0838b798
[  972.091920][T14767]  </TASK>
[  972.374831][    T9] usb 8-1: USB disconnect, device number 8
[  973.980133][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  973.980177][   T30] audit: type=1107 audit(1752141236.233:72): pid=14771 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[  976.744408][T14818] macvtap10: entered allmulticast mode
[  977.112651][T10817] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  978.104518][T14831] macvtap6: entered allmulticast mode
[  978.116239][T14831] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.2230'.
[  978.345103][T14830] ptrace attach of "./syz-executor exec"[5841] was attempted by "\x09   
                   Àÿ      Àÿ      Ðÿ      0              ðÿ      °ÿ      Àÿ                 ÿÿÿÿ                                                
                                       memory.current                                                          
                                                              ‹                                                       pagemap                                                         /dev/cpu/#/msr                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
[  979.695222][T14855] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2235'.
[  979.786354][    C1] vkms_vblank_simulate: vblank timer overrun
[  979.983699][T14855] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2235'.
[  980.244057][ T5923] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  980.422732][ T5923] usb 8-1: Using ep0 maxpacket: 8
[  980.596438][ T5923] usb 8-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  980.801337][ T5923] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  980.815099][ T5923] usb 8-1: Product: syz
[  980.820613][ T5923] usb 8-1: Manufacturer: syz
[  980.831294][ T5923] usb 8-1: SerialNumber: syz
[  980.861729][ T5923] usb 8-1: config 0 descriptor??
[  981.176130][ T5923] gspca_main: se401-2.14.0 probing 047d:5003
[  982.379789][   T30] audit: type=1107 audit(1752141244.643:73): pid=14871 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[  982.452685][ T5923] usb 8-1: reset high-speed USB device number 9 using dummy_hcd
[  982.790856][T14893] macvtap11: entered allmulticast mode
[  982.801772][T14893] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.2243'.
[  983.625495][ T5923] gspca_se401: read req failed req 0x06 error -19
[  983.671784][ T5923] usb 8-1: USB disconnect, device number 9
[  984.235754][T14910] netlink: 'syz.7.2248': attribute type 1 has an invalid length.
[  985.127232][T14921] netlink: 248 bytes leftover after parsing attributes in process `syz.7.2249'.
[  986.952946][ T5923] usb 5-1: new full-speed USB device number 29 using dummy_hcd
[  987.382943][ T5923] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  987.443429][ T5923] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  987.553297][ T5923] usb 5-1: New USB device found, idVendor=077d, idProduct=627a, bcdDevice= 0.10
[  987.566992][ T5923] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  987.591195][ T5923] usb 5-1: Product: syz
[  987.599317][ T5923] usb 5-1: Manufacturer: syz
[  987.612605][ T5923] usb 5-1: SerialNumber: syz
[  987.644441][ T5923] usb 5-1: config 0 descriptor??
[  987.677372][ T5923] radioshark2 5-1:0.0: Invalid radioSHARK2 device
[  988.426138][ T5923] radioshark2 5-1:0.0: probe with driver radioshark2 failed with error -22
[  988.435334][ T5923] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  989.378928][T10264] usb 6-1: new full-speed USB device number 26 using dummy_hcd
[  989.560127][T10264] usb 6-1: config 0 has an invalid interface number: 106 but max is 0
[  989.586615][T10264] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  989.597744][T10264] usb 6-1: config 0 has no interface number 0
[  989.633285][T10264] usb 6-1: New USB device found, idVendor=045b, idProduct=024d, bcdDevice=27.16
[  989.643041][T10264] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  989.651437][T10264] usb 6-1: Product: syz
[  989.672930][T10264] usb 6-1: Manufacturer: syz
[  989.678194][T10264] usb 6-1: SerialNumber: syz
[  989.697926][T10264] usb 6-1: config 0 descriptor??
[  990.168962][T14967] tmpfs: Unknown parameter 'qota_block_har'
[  991.266169][ T5890] usb 1-1: new full-speed USB device number 30 using dummy_hcd
[  991.441014][ T5890] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  991.455848][ T5890] usb 1-1: config 0 has no interface number 0
[  991.468506][ T5890] usb 1-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  991.477867][ T5890] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  991.503206][ T5890] usb 1-1: config 0 descriptor??
[  991.524740][ T5890] usb 1-1: selecting invalid altsetting 1
[  991.531445][ T5890] dvb_ttusb_budget: ttusb_init_controller: error
[  991.539089][ T5890] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  991.669954][ T5890] DVB: Unable to find symbol cx22700_attach()
[  991.766823][ T5890] DVB: Unable to find symbol tda10046_attach()
[  991.775821][ T5890] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  991.803255][ T5890] usb 1-1: USB disconnect, device number 30
[  992.523363][ T5890] usb 5-1: USB disconnect, device number 29
[  992.607730][T14962] vlan3: entered promiscuous mode
[  992.615557][T14962] bridge0: entered promiscuous mode
[  993.023331][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  993.029882][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  994.453047][T10264] usb 6-1: USB disconnect, device number 26
[  995.850570][T14999] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2272'.
[  995.886947][T14999] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2272'.
[  995.912811][T14999] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2272'.
[  998.862648][ T5890] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  999.102584][ T5890] usb 3-1: Using ep0 maxpacket: 32
[  999.118061][ T5890] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  999.127392][ T5890] usb 3-1: config 0 has no interface number 0
[  999.142803][ T5890] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  999.178618][ T5890] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  999.206515][ T5890] usb 3-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  999.258135][ T5890] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  999.878368][ T5890] usb 3-1: config 0 descriptor??
[ 1000.253448][    T9] usb 1-1: new full-speed USB device number 31 using dummy_hcd
[ 1000.292676][T10264] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[ 1000.415558][    T9] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1000.434082][    T9] usb 1-1: config 0 has no interface number 0
[ 1000.444680][T10264] usb 5-1: Using ep0 maxpacket: 16
[ 1000.451555][    T9] usb 1-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[ 1000.474211][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1000.482886][T10264] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1000.494410][T10264] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1000.507611][    T9] usb 1-1: config 0 descriptor??
[ 1000.512713][T10264] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1000.528741][    T9] usb 1-1: selecting invalid altsetting 1
[ 1000.534779][    T9] dvb_ttusb_budget: ttusb_init_controller: error
[ 1000.541204][T10264] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1000.551579][    T9] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[ 1000.560325][T10264] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1000.617620][T10264] usb 5-1: config 0 descriptor??
[ 1000.648839][    T9] DVB: Unable to find symbol cx22700_attach()
[ 1000.665366][    T9] DVB: Unable to find symbol tda10046_attach()
[ 1000.672129][    T9] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[ 1000.736730][ T5890] uclogic 0003:28BD:0094.0003: failed retrieving string descriptor #100: -71
[ 1000.751353][    T9] usb 1-1: USB disconnect, device number 31
[ 1000.763019][ T5890] uclogic 0003:28BD:0094.0003: failed retrieving pen parameters: -71
[ 1000.808321][ T5890] uclogic 0003:28BD:0094.0003: pen probing failed: -71
[ 1001.013681][ T5890] uclogic 0003:28BD:0094.0003: failed probing parameters: -71
[ 1001.025233][ T5890] uclogic 0003:28BD:0094.0003: probe with driver uclogic failed with error -71
[ 1001.043414][ T5890] usb 3-1: USB disconnect, device number 24
[ 1001.146606][T15039] netlink: 'syz.4.2281': attribute type 15 has an invalid length.
[ 1001.160522][T15039] 8021q: VLANs not supported on ip6_vti0
[ 1001.167644][T15039] netlink: 'syz.4.2281': attribute type 10 has an invalid length.
[ 1003.785914][T10264] usbhid 5-1:0.0: can't add hid device: -71
[ 1003.791932][T10264] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1003.805317][T10264] usb 5-1: USB disconnect, device number 30
[ 1004.022411][T15068] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2290'.
[ 1004.031874][T15067] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2289'.
[ 1004.076251][T15068] FAULT_INJECTION: forcing a failure.
[ 1004.076251][T15068] name failslab, interval 1, probability 0, space 0, times 0
[ 1004.126246][T15068] CPU: 1 UID: 0 PID: 15068 Comm: syz.5.2290 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[ 1004.126285][T15068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1004.126298][T15068] Call Trace:
[ 1004.126307][T15068]  <TASK>
[ 1004.126316][T15068]  dump_stack_lvl+0x189/0x250
[ 1004.126345][T15068]  ? __pfx____ratelimit+0x10/0x10
[ 1004.126376][T15068]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1004.126400][T15068]  ? __pfx__printk+0x10/0x10
[ 1004.126434][T15068]  ? __pfx___might_resched+0x10/0x10
[ 1004.126456][T15068]  ? fs_reclaim_acquire+0x7d/0x100
[ 1004.126482][T15068]  should_fail_ex+0x414/0x560
[ 1004.126515][T15068]  should_failslab+0xa8/0x100
[ 1004.126538][T15068]  __kmalloc_noprof+0xcb/0x4f0
[ 1004.126558][T15068]  ? kfree+0x4d/0x440
[ 1004.126573][T15068]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1004.126593][T15068]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1004.126609][T15068]  ? tomoyo_domain+0xda/0x130
[ 1004.126629][T15068]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1004.126649][T15068]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1004.126672][T15068]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1004.126693][T15068]  ? __seccomp_filter+0x3cf/0x1a40
[ 1004.126719][T15068]  ? __lock_acquire+0xab9/0xd20
[ 1004.126749][T15068]  ? __fget_files+0x2a/0x420
[ 1004.126764][T15068]  ? __fget_files+0x2a/0x420
[ 1004.126775][T15068]  ? __fget_files+0x3a0/0x420
[ 1004.126787][T15068]  ? __fget_files+0x2a/0x420
[ 1004.126803][T15068]  security_file_ioctl+0xcb/0x2d0
[ 1004.126827][T15068]  __se_sys_ioctl+0x47/0x170
[ 1004.126848][T15068]  do_syscall_64+0xfa/0x3b0
[ 1004.126860][T15068]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1004.126881][T15068]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1004.126895][T15068]  ? clear_bhb_loop+0x60/0xb0
[ 1004.126913][T15068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1004.126926][T15068] RIP: 0033:0x7f62e5b8e929
[ 1004.126939][T15068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1004.126951][T15068] RSP: 002b:00007f62e6a83038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1004.126966][T15068] RAX: ffffffffffffffda RBX: 00007f62e5db5fa0 RCX: 00007f62e5b8e929
[ 1004.126977][T15068] RDX: 0000200000000300 RSI: 00000000c00c643c RDI: 0000000000000007
[ 1004.126987][T15068] RBP: 00007f62e6a83090 R08: 0000000000000000 R09: 0000000000000000
[ 1004.126996][T15068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1004.127004][T15068] R13: 0000000000000000 R14: 00007f62e5db5fa0 R15: 00007ffdad5800e8
[ 1004.127028][T15068]  </TASK>
[ 1004.127035][T15068] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1004.272700][    T9] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[ 1004.414632][T15073] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2292'.
[ 1005.212593][    T9] usb 3-1: Using ep0 maxpacket: 8
[ 1005.222143][    T9] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1005.233265][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1005.241403][    T9] usb 3-1: Product: syz
[ 1005.252174][    T9] usb 3-1: Manufacturer: syz
[ 1005.257228][    T9] usb 3-1: SerialNumber: syz
[ 1005.270619][    T9] usb 3-1: config 0 descriptor??
[ 1005.292528][    T9] gspca_main: se401-2.14.0 probing 047d:5003
[ 1007.807312][    T9] gspca_se401: read req failed req 0x06 error -19
[ 1007.885168][T15106] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1008.262349][T15113] FAULT_INJECTION: forcing a failure.
[ 1008.262349][T15113] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1008.276102][    T9] usb 3-1: USB disconnect, device number 25
[ 1008.293496][T15111] hub 8-0:1.0: USB hub found
[ 1008.306315][T15113] CPU: 0 UID: 0 PID: 15113 Comm: syz.2.2302 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[ 1008.306349][T15113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1008.306362][T15113] Call Trace:
[ 1008.306369][T15113]  <TASK>
[ 1008.306378][T15113]  dump_stack_lvl+0x189/0x250
[ 1008.306407][T15113]  ? __pfx____ratelimit+0x10/0x10
[ 1008.306437][T15113]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1008.306460][T15113]  ? __pfx__printk+0x10/0x10
[ 1008.306498][T15113]  should_fail_ex+0x414/0x560
[ 1008.306531][T15113]  _copy_to_user+0x31/0xb0
[ 1008.306556][T15113]  simple_read_from_buffer+0xe1/0x170
[ 1008.306598][T15113]  proc_fail_nth_read+0x1df/0x250
[ 1008.306621][T15113]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1008.306645][T15113]  ? rw_verify_area+0x258/0x650
[ 1008.306671][T15113]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1008.306699][T15113]  vfs_read+0x200/0x980
[ 1008.306749][T15113]  ? __pfx___mutex_lock+0x10/0x10
[ 1008.306769][T15113]  ? __pfx_vfs_read+0x10/0x10
[ 1008.306798][T15113]  ? __fget_files+0x2a/0x420
[ 1008.306821][T15113]  ? __fget_files+0x3a0/0x420
[ 1008.306838][T15113]  ? __fget_files+0x2a/0x420
[ 1008.306867][T15113]  ksys_read+0x145/0x250
[ 1008.306898][T15113]  ? __pfx_ksys_read+0x10/0x10
[ 1008.306922][T15113]  ? rcu_is_watching+0x15/0xb0
[ 1008.306951][T15113]  ? do_syscall_64+0xbe/0x3b0
[ 1008.306976][T15113]  do_syscall_64+0xfa/0x3b0
[ 1008.306993][T15113]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1008.307021][T15113]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1008.307041][T15113]  ? clear_bhb_loop+0x60/0xb0
[ 1008.307064][T15113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1008.307083][T15113] RIP: 0033:0x7f699cb8d33c
[ 1008.307101][T15113] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1008.307117][T15113] RSP: 002b:00007f699da30030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1008.307139][T15113] RAX: ffffffffffffffda RBX: 00007f699cdb5fa0 RCX: 00007f699cb8d33c
[ 1008.307153][T15113] RDX: 000000000000000f RSI: 00007f699da300a0 RDI: 0000000000000009
[ 1008.307164][T15113] RBP: 00007f699da30090 R08: 0000000000000000 R09: 0000000000000000
[ 1008.307177][T15113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1008.307189][T15113] R13: 0000000000000000 R14: 00007f699cdb5fa0 R15: 00007ffdc8e98e08
[ 1008.307223][T15113]  </TASK>
[ 1008.372980][T11042] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[ 1008.374913][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1008.557939][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1008.563989][    C0] hrtimer: interrupt took 251561513 ns
[ 1008.664022][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1008.700997][T15115] mmap: syz.5.2303 (15115): VmData 37597184 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[ 1008.850319][T15111] hub 8-0:1.0: 1 port detected
[ 1009.032151][   T65] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1009.611932][T11042] usb 1-1: Using ep0 maxpacket: 16
[ 1009.834791][T11042] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1009.870008][T11042] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1009.890141][T11042] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1009.912604][T11042] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1009.921965][T11042] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1009.960394][T11042] usb 1-1: config 0 descriptor??
[ 1010.654308][T15128] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1010.727952][T15134] netlink: 'syz.0.2299': attribute type 15 has an invalid length.
[ 1010.770754][T15134] 8021q: VLANs not supported on ip6_vti0
[ 1010.783801][T15134] netlink: 'syz.0.2299': attribute type 10 has an invalid length.
[ 1011.259390][T15127] netlink: 212360 bytes leftover after parsing attributes in process `syz.2.2306'.
[ 1011.896748][T15138] siw: device registration error -23
[ 1012.884878][T11042] usbhid 1-1:0.0: can't add hid device: -71
[ 1012.891596][T11042] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1013.002803][T11042] usb 1-1: USB disconnect, device number 32
[ 1013.444120][T15157] syzkaller0: entered promiscuous mode
[ 1013.464001][T15157] syzkaller0: entered allmulticast mode
[ 1013.630839][T15164] FAULT_INJECTION: forcing a failure.
[ 1013.630839][T15164] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1013.644291][T15164] CPU: 1 UID: 0 PID: 15164 Comm: syz.2.2317 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[ 1013.644319][T15164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1013.644331][T15164] Call Trace:
[ 1013.644339][T15164]  <TASK>
[ 1013.644348][T15164]  dump_stack_lvl+0x189/0x250
[ 1013.644383][T15164]  ? __pfx____ratelimit+0x10/0x10
[ 1013.644415][T15164]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1013.644437][T15164]  ? __pfx__printk+0x10/0x10
[ 1013.644464][T15164]  ? __might_fault+0xb0/0x130
[ 1013.644506][T15164]  should_fail_ex+0x414/0x560
[ 1013.644540][T15164]  core_sys_select+0x724/0xa20
[ 1013.644583][T15164]  ? __pfx_core_sys_select+0x10/0x10
[ 1013.644640][T15164]  ? __pfx_set_user_sigmask+0x10/0x10
[ 1013.644675][T15164]  __se_sys_pselect6+0x27a/0x300
[ 1013.644711][T15164]  ? __pfx___se_sys_pselect6+0x10/0x10
[ 1013.644741][T15164]  ? __pfx_ksys_write+0x10/0x10
[ 1013.644785][T15164]  ? __x64_sys_pselect6+0x21/0xf0
[ 1013.644833][T15164]  do_syscall_64+0xfa/0x3b0
[ 1013.644851][T15164]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1013.644880][T15164]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1013.644900][T15164]  ? clear_bhb_loop+0x60/0xb0
[ 1013.644924][T15164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1013.644944][T15164] RIP: 0033:0x7f699cb8e929
[ 1013.644962][T15164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1013.644980][T15164] RSP: 002b:00007f699da0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1013.645001][T15164] RAX: ffffffffffffffda RBX: 00007f699cdb6080 RCX: 00007f699cb8e929
[ 1013.645016][T15164] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[ 1013.645029][T15164] RBP: 00007f699da0f090 R08: 0000000000000000 R09: 0000000000000000
[ 1013.645041][T15164] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[ 1013.645054][T15164] R13: 0000000000000001 R14: 00007f699cdb6080 R15: 00007ffdc8e98e08
[ 1013.645085][T15164]  </TASK>
[ 1013.847182][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1015.700418][T15176] macvtap7: entered allmulticast mode
[ 1016.497946][T15190] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2324'.
[ 1016.532541][ T5937] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[ 1016.713724][ T5937] usb 8-1: Using ep0 maxpacket: 16
[ 1016.743324][ T5937] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1016.771157][ T5937] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1016.801909][ T5937] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1016.852065][ T5937] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1016.885764][ T5937] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1016.939337][ T5937] usb 8-1: config 0 descriptor??
[ 1017.472885][ T3586] usb 6-1: new full-speed USB device number 27 using dummy_hcd
[ 1017.548415][T15215] netlink: 'syz.7.2323': attribute type 15 has an invalid length.
[ 1017.642107][T15217] netlink: 'syz.7.2323': attribute type 10 has an invalid length.
[ 1018.234362][ T3586] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1018.281043][ T3586] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 4
[ 1018.303102][ T3586] usb 6-1: New USB device found, idVendor=046d, idProduct=c29b, bcdDevice= 0.00
[ 1018.312851][ T3586] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1018.394153][ T3586] usb 6-1: config 0 descriptor??
[ 1018.411303][T15205] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1018.891853][T15215] 8021q: VLANs not supported on ip6_vti0
[ 1019.533077][T15227] netlink: 'syz.0.2331': attribute type 1 has an invalid length.
[ 1020.028937][ T3586] usbhid 6-1:0.0: can't add hid device: -71
[ 1020.035613][ T3586] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1020.048009][ T3586] usb 6-1: USB disconnect, device number 27
[ 1020.090237][T15229] comedi comedi1: Minor -2147450880 is invalid!
[ 1020.137538][ T5937] usbhid 8-1:0.0: can't add hid device: -71
[ 1020.161177][ T5937] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 1020.200735][ T5937] usb 8-1: USB disconnect, device number 10
[ 1020.261331][T15232] loop8: detected capacity change from 0 to 7
[ 1020.269979][T15232] Dev loop8: unable to read RDB block 7
[ 1020.277207][T15232]  loop8: unable to read partition table
[ 1020.285983][T15232] loop8: partition table beyond EOD, truncated
[ 1020.292216][T15232] loop_reread_partitions: partition scan of loop8 (þ被x) failed (rc=-5)
[ 1021.492585][ T3586] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[ 1021.796747][ T3586] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1021.825914][ T3586] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1021.835083][ T3586] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1021.860926][ T3586] usb 6-1: config 0 descriptor??
[ 1022.660941][ T3586] keytouch 0003:0926:3333.0004: fixing up Keytouch IEC report descriptor
[ 1022.685193][ T3586] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.0004/input/input51
[ 1023.983059][ T3586] keytouch 0003:0926:3333.0004: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0
[ 1024.042062][T15233] ipip0: entered promiscuous mode
[ 1024.188853][T15233] ipip0: entered allmulticast mode
[ 1024.338973][T15233] QAT: failed to copy from user cfg_data.
[ 1024.361859][T15273] Illegal XDP return value 4294967282 on prog  (id 249) dev N/A, expect packet loss!
[ 1024.441168][T15278] tmpfs: Unknown parameter 'qota_block_har'
[ 1024.971272][T15281] openvswitch: netlink: Tunnel attr 6 has unexpected len 1 expected 0
[ 1025.201896][ T5937] usb 6-1: USB disconnect, device number 28
[ 1025.292959][T15283] FAULT_INJECTION: forcing a failure.
[ 1025.292959][T15283] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1025.332561][T15283] CPU: 1 UID: 0 PID: 15283 Comm: syz.0.2345 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[ 1025.332591][T15283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1025.332604][T15283] Call Trace:
[ 1025.332613][T15283]  <TASK>
[ 1025.332622][T15283]  dump_stack_lvl+0x189/0x250
[ 1025.332651][T15283]  ? __pfx____ratelimit+0x10/0x10
[ 1025.332700][T15283]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1025.332723][T15283]  ? __pfx__printk+0x10/0x10
[ 1025.332764][T15283]  should_fail_ex+0x414/0x560
[ 1025.332798][T15283]  _copy_to_user+0x31/0xb0
[ 1025.332834][T15283]  simple_read_from_buffer+0xe1/0x170
[ 1025.332869][T15283]  proc_fail_nth_read+0x1df/0x250
[ 1025.332895][T15283]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1025.332919][T15283]  ? rw_verify_area+0x258/0x650
[ 1025.332950][T15283]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1025.332973][T15283]  vfs_read+0x200/0x980
[ 1025.333006][T15283]  ? __pfx___mutex_lock+0x10/0x10
[ 1025.333026][T15283]  ? __pfx_vfs_read+0x10/0x10
[ 1025.333055][T15283]  ? __fget_files+0x2a/0x420
[ 1025.333080][T15283]  ? __fget_files+0x3a0/0x420
[ 1025.333097][T15283]  ? __fget_files+0x2a/0x420
[ 1025.333126][T15283]  ksys_read+0x145/0x250
[ 1025.333155][T15283]  ? __pfx_ksys_read+0x10/0x10
[ 1025.333180][T15283]  ? rcu_is_watching+0x15/0xb0
[ 1025.333208][T15283]  ? do_syscall_64+0xbe/0x3b0
[ 1025.333231][T15283]  do_syscall_64+0xfa/0x3b0
[ 1025.333248][T15283]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1025.333278][T15283]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1025.333297][T15283]  ? clear_bhb_loop+0x60/0xb0
[ 1025.333323][T15283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1025.333342][T15283] RIP: 0033:0x7f0b59b8d33c
[ 1025.333360][T15283] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1025.333378][T15283] RSP: 002b:00007f0b5aa1d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1025.333400][T15283] RAX: ffffffffffffffda RBX: 00007f0b59db5fa0 RCX: 00007f0b59b8d33c
[ 1025.333415][T15283] RDX: 000000000000000f RSI: 00007f0b5aa1d0a0 RDI: 0000000000000003
[ 1025.333428][T15283] RBP: 00007f0b5aa1d090 R08: 0000000000000000 R09: 0000000000000000
[ 1025.333440][T15283] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[ 1025.333453][T15283] R13: 0000000000000000 R14: 00007f0b59db5fa0 R15: 00007ffe65f4a9b8
[ 1025.333486][T15283]  </TASK>
[ 1025.724890][T15291] nvme_fabrics: unknown parameter or missing value 'P' in ctrl creation request
[ 1025.927640][T15291] nvme_fabrics: unknown parameter or missing value 'P' in ctrl creation request
[ 1027.030276][T15297] netlink: 'syz.4.2351': attribute type 1 has an invalid length.
[ 1027.446980][ T5937] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[ 1028.026370][T15309] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1028.126401][ T5937] usb 6-1: Using ep0 maxpacket: 16
[ 1028.447196][T15315] tmpfs: Unknown parameter 'qota_block_har'
[ 1029.897845][T15324] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2360'.
[ 1029.998384][ T5937] usb 6-1: unable to read config index 0 descriptor/all
[ 1030.005689][ T5937] usb 6-1: can't read configurations, error -71
[ 1030.852579][ T5890] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[ 1030.890648][T15334] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1031.332805][ T5890] usb 3-1: Using ep0 maxpacket: 32
[ 1031.344209][ T5890] usb 3-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[ 1031.381647][ T5890] usb 3-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[ 1031.382662][ T3586] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[ 1031.420168][ T5890] usb 3-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1031.434986][ T5890] usb 3-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[ 1031.866102][T15358] tmpfs: Unknown parameter 'qota_block_har'
[ 1032.410484][ T5890] usb 3-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[ 1032.424412][ T5890] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1032.426344][ T3586] usb 8-1: Using ep0 maxpacket: 32
[ 1032.432689][ T5890] usb 3-1: Product: syz
[ 1032.432712][ T5890] usb 3-1: Manufacturer: syz
[ 1032.432729][ T5890] usb 3-1: SerialNumber: syz
[ 1032.496926][ T5890] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:155.0/input/input52
[ 1033.421924][ T3586] usb 8-1: config 0 has an invalid interface number: 132 but max is 0
[ 1033.430390][ T3586] usb 8-1: config 0 has no interface number 0
[ 1033.436571][ T3586] usb 8-1: config 0 interface 132 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1033.452975][ T3586] usb 8-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[ 1034.339508][ T3586] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1034.371453][ T3586] usb 8-1: Product: syz
[ 1034.407369][ T5890] imon:send_packet: packet tx failed (-71)
[ 1034.409162][ T3586] usb 8-1: Manufacturer: syz
[ 1034.583086][ T3586] usb 8-1: SerialNumber: syz
[ 1034.792658][ T5890] imon 3-1:155.0: panel buttons/knobs setup failed
[ 1034.799362][ T5890] imon 3-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[ 1034.883903][ T3586] usb 8-1: config 0 descriptor??
[ 1034.900100][ T3586] usb 8-1: can't set config #0, error -71
[ 1034.908242][ T3586] usb 8-1: USB disconnect, device number 11
[ 1035.468737][T15370] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1035.807305][ T5890]  (id 0x00)
[ 1036.142633][ T5890] rc_core: IR keymap rc-imon-pad not found
[ 1036.148667][ T5890] Registered IR keymap rc-empty
[ 1036.216251][ T5890] imon 3-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[ 1036.316971][ T5890] imon 3-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[ 1036.332099][T15384] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2373'.
[ 1036.352177][ T5890] imon:send_packet: packet tx failed (-71)
[ 1036.701895][T15387] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2373'.
[ 1037.311274][ T5890] imon 3-1:155.0: remote input dev register failed
[ 1037.318426][ T5890] imon 3-1:155.0: imon_init_intf0: rc device setup failed
[ 1037.454550][   T30] audit: type=1107 audit(1752141299.703:74): pid=15392 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[ 1037.933055][ T5890] imon 3-1:155.0: unable to initialize intf0, err 0
[ 1037.939746][ T5890] imon:imon_probe: failed to initialize context!
[ 1037.952541][ T5890] imon 3-1:155.0: unable to register, err -19
[ 1037.979810][ T5890] usb 3-1: USB disconnect, device number 26
[ 1038.161500][T15406] netlink: 212376 bytes leftover after parsing attributes in process `syz.7.2378'.
[ 1039.153491][T15422] loop9: detected capacity change from 0 to 7
[ 1039.845784][T15220] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[ 1039.859613][T15422] Dev loop9: unable to read RDB block 7
[ 1039.865403][T15422]  loop9: unable to read partition table
[ 1039.871301][T15422] loop9: partition table beyond EOD, truncated
[ 1039.877646][T15422] loop_reread_partitions: partition scan of loop9 (þ£«xüÿÿÿÿÿÿÿ ) failed (rc=-5)
[ 1040.092592][T15220] usb 5-1: Using ep0 maxpacket: 8
[ 1040.130222][T15220] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1040.349235][T15220] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1040.357988][T15220] usb 5-1: Product: syz
[ 1040.362214][T15220] usb 5-1: Manufacturer: syz
[ 1040.368078][T15220] usb 5-1: SerialNumber: syz
[ 1040.550332][T15429] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1041.180385][ T1085] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1041.196420][T15220] usb 5-1: config 0 descriptor??
[ 1041.260004][T15220] gspca_main: se401-2.14.0 probing 047d:5003
[ 1041.438425][T15431] fuse: Unknown parameter 'fd0x0000000000000007'
[ 1042.955177][   T30] audit: type=1107 audit(1752141305.223:75): pid=15442 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[ 1043.152602][T15220] usb 5-1: reset high-speed USB device number 31 using dummy_hcd
[ 1043.164481][T15220] usb 5-1: device reset changed ep0 maxpacket size!
[ 1043.174803][T15220] gspca_se401: read req failed req 0x06 error -19
[ 1043.183430][T15220] usb 5-1: USB disconnect, device number 31
[ 1043.356137][T15462] macvtap5: entered allmulticast mode
[ 1044.082684][T15220] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[ 1044.242592][T15220] usb 5-1: Using ep0 maxpacket: 32
[ 1044.520715][T15467] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1045.164705][T15473] loop9: detected capacity change from 0 to 7
[ 1045.835943][T15473] Dev loop9: unable to read RDB block 7
[ 1045.841770][T15473]  loop9: unable to read partition table
[ 1045.847830][T15473] loop9: partition table beyond EOD, truncated
[ 1045.854098][T15473] loop_reread_partitions: partition scan of loop9 (þ£«xüÿÿÿÿÿÿÿ ) failed (rc=-5)
[ 1046.026863][T15469] netlink: 52 bytes leftover after parsing attributes in process `syz.5.2398'.
[ 1046.071192][T15220] usb 5-1: unable to read config index 0 descriptor/start: -71
[ 1046.102510][T15220] usb 5-1: can't read configurations, error -71
[ 1046.325089][T15484] fuse: Unknown parameter 'fd0x0000000000000007'
[ 1046.402925][T14880] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[ 1046.721816][T14880] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1046.819578][T14880] usb 1-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice= 9.75
[ 1046.842226][T14880] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1046.850722][T14880] usb 1-1: Product: syz
[ 1046.855607][T14880] usb 1-1: Manufacturer: syz
[ 1046.860434][T14880] usb 1-1: SerialNumber: syz
[ 1046.869645][T14880] usb 1-1: config 0 descriptor??
[ 1046.948925][T15477] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1046.956420][T15477] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1047.003981][T14880] viperboard 1-1:0.0: version 0.00 found at bus 001 address 033
[ 1047.053100][ T5938] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[ 1047.079482][T14880] viperboard-i2c viperboard-i2c.2.auto: error -EIO: failure setting i2c_bus_freq to 100
[ 1047.132488][T14880] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[ 1047.167601][T15498] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2400'.
[ 1047.362963][T15477] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1047.442529][ T5938] usb 6-1: Using ep0 maxpacket: 8
[ 1047.455137][ T5938] usb 6-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1047.470469][ T5938] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1047.480952][ T5938] usb 6-1: Product: syz
[ 1047.489055][ T5938] usb 6-1: Manufacturer: syz
[ 1047.494139][ T5938] usb 6-1: SerialNumber: syz
[ 1047.513831][ T5938] usb 6-1: config 0 descriptor??
[ 1047.604688][T15477] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1047.866019][T15505] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.2405'.
[ 1047.895484][ T5938] gspca_main: se401-2.14.0 probing 047d:5003
[ 1047.975946][T15477] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1047.993249][T15477] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1048.002756][T15477] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1048.011921][T15477] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1048.161726][T15477] macvtap1: left allmulticast mode
[ 1048.170015][T15477] macvtap2: left allmulticast mode
[ 1048.179670][T15477] macvtap3: left allmulticast mode
[ 1048.229718][T15477] macvtap4: left allmulticast mode
[ 1048.235904][T15477] vlan3: left promiscuous mode
[ 1048.240795][T15477] bridge0: left promiscuous mode
[ 1048.247500][T15477] veth0_macvtap: left allmulticast mode
[ 1048.255468][T15477] macvtap5: left allmulticast mode
[ 1048.299752][T15136] usb 1-1: USB disconnect, device number 33
[ 1049.117613][T15508] netlink: 248 bytes leftover after parsing attributes in process `syz.5.2406'.
[ 1049.435511][T15515] tmpfs: Unknown parameter 'qota_block_har'
[ 1049.798387][ T5938] gspca_se401: read req failed req 0x06 error -19
[ 1049.852512][ T5938] usb 6-1: USB disconnect, device number 31
[ 1050.329746][T15527] loop9: detected capacity change from 0 to 7
[ 1051.173504][T15527] Dev loop9: unable to read RDB block 7
[ 1051.179288][T15527]  loop9: unable to read partition table
[ 1051.185520][T15527] loop9: partition table beyond EOD, truncated
[ 1051.191833][T15527] loop_reread_partitions: partition scan of loop9 (þ£«xüÿÿÿÿÿÿÿ ) failed (rc=-5)
[ 1051.837823][T15533] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1053.642566][ T5938] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[ 1053.795513][ T5938] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1053.816081][ T5938] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1053.826224][ T5938] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1053.842205][ T5938] usb 6-1: config 0 descriptor??
[ 1053.852723][ T5937] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[ 1054.022564][ T5937] usb 8-1: Using ep0 maxpacket: 8
[ 1054.056105][T15544] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1054.072951][T15544] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1054.083321][ T5937] usb 8-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1054.143231][ T5937] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1054.167046][ T5937] usb 8-1: Product: syz
[ 1054.177797][ T5937] usb 8-1: Manufacturer: syz
[ 1054.184351][ T5937] usb 8-1: SerialNumber: syz
[ 1054.207724][ T5937] usb 8-1: config 0 descriptor??
[ 1054.270372][ T5937] gspca_main: se401-2.14.0 probing 047d:5003
[ 1054.317785][ T5938] ath6kl: Failed to read usb control message: -71
[ 1054.324444][ T5938] ath6kl: Unable to read the bmi data from the device: -71
[ 1054.380979][ T5938] ath6kl: Unable to recv target info: -71
[ 1054.452329][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.459013][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.477215][ T5938] ath6kl: Failed to init ath6kl core: -71
[ 1054.658819][ T5938] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1054.697971][ T5938] usb 6-1: USB disconnect, device number 32
[ 1054.726885][   T30] audit: type=1107 audit(1752141316.993:76): pid=15554 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[ 1054.861295][T15558] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2419'.
[ 1056.402074][T15574] macvtap6: entered allmulticast mode
[ 1056.407932][T15574] veth0_macvtap: entered allmulticast mode
[ 1056.714250][ T5937] gspca_se401: read req failed req 0x06 error -19
[ 1056.740194][ T5937] usb 8-1: USB disconnect, device number 12
[ 1056.840343][T15573] tmpfs: Unknown parameter 'qota_block_har'
[ 1059.091434][T15598] siw: device registration error -23
[ 1059.652659][T15136] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[ 1060.373064][T15136] usb 8-1: Using ep0 maxpacket: 8
[ 1060.379521][T15611] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2432'.
[ 1060.380540][T15136] usb 8-1: config 150 has an invalid interface number: 204 but max is 1
[ 1060.500665][T15136] usb 8-1: config 150 has no interface number 0
[ 1061.092511][   T30] audit: type=1107 audit(1752141322.723:77): pid=15607 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[ 1061.117786][T15136] usb 8-1: config 150 interface 204 has no altsetting 0
[ 1061.134103][T15136] usb 8-1: config 150 interface 1 has no altsetting 0
[ 1061.147794][T15136] usb 8-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[ 1061.157278][T15136] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1061.184559][T15136] usb 8-1: Product: syz
[ 1061.190004][T15136] usb 8-1: Manufacturer: syz
[ 1061.222798][T15136] usb 8-1: SerialNumber: syz
[ 1061.380557][T14880] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[ 1061.573181][T14880] usb 1-1: Using ep0 maxpacket: 8
[ 1062.146359][T14880] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1062.159894][T14880] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1062.168038][T14880] usb 1-1: Product: syz
[ 1062.172286][T14880] usb 1-1: Manufacturer: syz
[ 1062.180234][T14880] usb 1-1: SerialNumber: syz
[ 1062.236567][T14880] usb 1-1: config 0 descriptor??
[ 1062.256522][T14880] gspca_main: se401-2.14.0 probing 047d:5003
[ 1062.282921][T15136] xr_serial 8-1:150.204: xr_serial converter detected
[ 1063.282617][T15136] xr_serial ttyUSB0: Failed to set reg 0x60: -71
[ 1063.446781][T15636] macvtap2: entered allmulticast mode
[ 1063.492710][T15136] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[ 1063.506183][T15136] usb 8-1: USB disconnect, device number 13
[ 1063.514114][T15136] xr_serial 8-1:150.204: device disconnected
[ 1063.624763][T14880] usb 1-1: reset high-speed USB device number 34 using dummy_hcd
[ 1063.823312][T15644] macvtap12: entered allmulticast mode
[ 1064.557682][T14880] usb 1-1: device descriptor read/64, error -32
[ 1064.759964][T15640] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.2435'.
[ 1064.903432][T14880] usb 1-1: reset high-speed USB device number 34 using dummy_hcd
[ 1064.977181][    C1] raw-gadget.1 gadget.0: ignoring, device is not running
[ 1066.312210][T15658] macvtap7: entered allmulticast mode
[ 1066.846531][T14880] gspca_se401: read req failed req 0x06 error -19
[ 1066.895013][T14880] usb 1-1: USB disconnect, device number 34
[ 1068.164901][   T30] audit: type=1107 audit(1752141330.393:78): pid=15666 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[ 1068.753526][T15680] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2446'.
[ 1069.197274][T15693] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.2448'.
[ 1069.231009][T15692] macvtap3: entered allmulticast mode
[ 1071.356718][T15701] macvtap4: entered allmulticast mode
[ 1072.332833][ T3586] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[ 1073.039137][   T65] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1073.065865][ T3586] usb 1-1: Using ep0 maxpacket: 8
[ 1073.301926][ T3586] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1073.439166][ T3586] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1073.635814][ T3586] usb 1-1: Product: syz
[ 1073.658098][ T3586] usb 1-1: Manufacturer: syz
[ 1073.682548][ T3586] usb 1-1: SerialNumber: syz
[ 1073.696318][ T3586] usb 1-1: config 0 descriptor??
[ 1073.744855][ T3586] gspca_main: se401-2.14.0 probing 047d:5003
[ 1075.626615][   T30] audit: type=1107 audit(1752141337.893:79): pid=15722 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[ 1075.869264][ T3586] gspca_se401: read req failed req 0x06 error -19
[ 1076.053332][ T3586] usb 1-1: USB disconnect, device number 35
[ 1076.176096][T15742] netlink: 'syz.0.2461': attribute type 1 has an invalid length.
[ 1082.086477][T15136] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[ 1082.186520][T15734] bridge0: left allmulticast mode
[ 1082.245049][T15136] usb 6-1: Using ep0 maxpacket: 8
[ 1082.265462][T15136] usb 6-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1082.279764][T15136] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1082.290187][T15136] usb 6-1: Product: syz
[ 1082.299928][T15734] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1082.300390][T15136] usb 6-1: Manufacturer: syz
[ 1082.314283][T15136] usb 6-1: SerialNumber: syz
[ 1082.322220][T15136] usb 6-1: config 0 descriptor??
[ 1082.331324][T15136] gspca_main: se401-2.14.0 probing 047d:5003
[ 1082.342921][T15734] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1082.441916][T15734] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1082.459190][T15734] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1082.468459][T15734] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1082.482777][T15734] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1082.545131][T15734] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1082.554455][T15734] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1082.563443][T15734] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1082.572356][T15734] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1082.590893][T15734] macvtap1: left allmulticast mode
[ 1082.602840][T15734] macvtap2: left allmulticast mode
[ 1082.608810][T15734] vlan3: left promiscuous mode
[ 1082.613850][T15734] bridge0: left promiscuous mode
[ 1082.625041][T15734] macvtap3: left allmulticast mode
[ 1082.632230][T15734] macvtap4: left allmulticast mode
[ 1082.643939][T15734] macvtap5: left allmulticast mode
[ 1082.770528][T15780] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1082.793123][T15734] batman_adv: batadv0: Interface deactivated: macvlan2
[ 1082.878099][T15734] macvtap6: left allmulticast mode
[ 1082.917304][T15734] macvtap7: left allmulticast mode
[ 1082.965749][T15734] macvtap8: left allmulticast mode
[ 1083.009049][T15734] macvtap9: left allmulticast mode
[ 1083.050084][T15734] macvtap10: left allmulticast mode
[ 1083.118058][T15734] macvtap11: left allmulticast mode
[ 1083.129531][T15734] veth0_macvtap: left allmulticast mode
[ 1083.147303][T15734] macvtap12: left allmulticast mode
[ 1084.514395][T15136] gspca_se401: read req failed req 0x06 error -19
[ 1084.661958][T15136] usb 6-1: USB disconnect, device number 33
[ 1085.623066][   T30] audit: type=1107 audit(1752141347.893:80): pid=15794 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[ 1087.099288][T15823] netlink: 'syz.0.2482': attribute type 1 has an invalid length.
[ 1088.972492][ T5938] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[ 1089.524313][ T5938] usb 3-1: Using ep0 maxpacket: 8
[ 1090.056788][ T5938] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1090.073669][ T5938] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1090.283765][ T5938] usb 3-1: Product: syz
[ 1090.288001][ T5938] usb 3-1: Manufacturer: syz
[ 1090.341004][ T5938] usb 3-1: SerialNumber: syz
[ 1090.385911][ T5938] usb 3-1: config 0 descriptor??
[ 1090.408665][ T5938] gspca_main: se401-2.14.0 probing 047d:5003
[ 1090.418977][T15840] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2487'.
[ 1090.612590][ T5937] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[ 1090.774579][ T5937] usb 1-1: Using ep0 maxpacket: 8
[ 1090.811636][ T5937] usb 1-1: config 150 has an invalid interface number: 204 but max is 1
[ 1090.905639][ T5937] usb 1-1: config 150 has no interface number 0
[ 1090.912145][ T5937] usb 1-1: config 150 interface 204 has no altsetting 0
[ 1090.921577][ T5937] usb 1-1: config 150 interface 1 has no altsetting 0
[ 1090.945898][ T5937] usb 1-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[ 1091.695028][ T5937] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1091.731384][ T5937] usb 1-1: Product: syz
[ 1091.753882][ T5937] usb 1-1: Manufacturer: syz
[ 1091.758595][ T5937] usb 1-1: SerialNumber: syz
[ 1092.536874][ T5938] gspca_se401: read req failed req 0x06 error -19
[ 1092.555326][ T5938] usb 3-1: USB disconnect, device number 27
[ 1093.838361][ T5937] xr_serial 1-1:150.204: xr_serial converter detected
[ 1093.865601][ T5937] xr_serial ttyUSB0: Failed to set reg 0x60: -71
[ 1094.041576][ T5937] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[ 1094.053842][ T5937] usb 1-1: USB disconnect, device number 36
[ 1094.062037][ T5937] xr_serial 1-1:150.204: device disconnected
[ 1094.816847][T15883] netlink: 'syz.2.2496': attribute type 1 has an invalid length.
[ 1097.381692][   T30] audit: type=1107 audit(1752141359.643:81): pid=15897 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[ 1098.518026][T15903] siw: device registration error -23
[ 1098.534736][   T30] audit: type=1107 audit(1752141360.793:82): pid=15888 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[ 1098.796003][ T5938] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[ 1099.012533][ T5938] usb 5-1: Using ep0 maxpacket: 8
[ 1099.054310][ T5938] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1099.067706][ T5938] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1099.287152][ T5938] usb 5-1: Product: syz
[ 1099.875274][ T5938] usb 5-1: Manufacturer: syz
[ 1099.953154][ T5938] usb 5-1: SerialNumber: syz
[ 1100.173768][ T5938] usb 5-1: config 0 descriptor??
[ 1100.182349][ T5938] gspca_main: se401-2.14.0 probing 047d:5003
[ 1101.632806][ T5938] usb 5-1: reset high-speed USB device number 34 using dummy_hcd
[ 1103.012712][T15936] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2512'.
[ 1103.022233][T15936] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2512'.
[ 1103.030239][T15940] netlink: 'syz.2.2512': attribute type 1 has an invalid length.
[ 1103.174602][ T5938] usb 5-1: device firmware changed
[ 1103.211058][ T5938] gspca_se401: read req failed req 0x06 error -19
[ 1103.247618][ T5938] usb 5-1: USB disconnect, device number 34
[ 1103.402942][ T5937] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[ 1103.410734][ T5938] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[ 1103.623700][ T5937] usb 6-1: Using ep0 maxpacket: 16
[ 1103.733127][ T5937] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1103.767676][ T5937] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1103.812327][ T5937] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1103.838373][ T5937] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1103.897305][ T5937] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1104.104230][ T5937] usb 6-1: config 0 descriptor??
[ 1105.007573][ T3519] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1105.063910][T15954] netlink: 'syz.5.2513': attribute type 10 has an invalid length.
[ 1106.408030][T15967] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2519'.
[ 1106.417749][T15967] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2519'.
[ 1106.503719][T15968] netlink: 'syz.4.2519': attribute type 1 has an invalid length.
[ 1106.934482][T15136] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[ 1107.106071][T15136] usb 3-1: Using ep0 maxpacket: 8
[ 1107.117155][T15136] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1107.126712][T15136] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1107.134835][T15136] usb 3-1: Product: syz
[ 1107.139035][T15136] usb 3-1: Manufacturer: syz
[ 1107.143758][T15136] usb 3-1: SerialNumber: syz
[ 1107.153629][T15136] usb 3-1: config 0 descriptor??
[ 1107.162226][T15136] gspca_main: se401-2.14.0 probing 047d:5003
[ 1108.514674][T15973] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1108.891549][T15953] 8021q: VLANs not supported on ip6_vti0
[ 1109.052025][T15136] gspca_se401: read req failed req 0x06 error -19
[ 1109.093998][ T5937] usbhid 6-1:0.0: can't add hid device: -71
[ 1109.134150][ T5937] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1109.141472][T15136] usb 3-1: USB disconnect, device number 28
[ 1109.162159][ T5937] usb 6-1: USB disconnect, device number 34
[ 1109.521555][   T30] audit: type=1107 audit(1752141371.783:83): pid=15980 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[ 1110.533617][T15989] siw: device registration error -23
[ 1112.019825][T15997] netlink: 'syz.0.2526': attribute type 1 has an invalid length.
[ 1112.400559][T16001] siw: device registration error -23
[ 1113.203810][ T5937] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[ 1113.251520][T16014] siw: device registration error -23
[ 1113.289970][    T9] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[ 1113.684788][ T5937] usb 3-1: Using ep0 maxpacket: 8
[ 1113.692268][    T9] usb 8-1: Using ep0 maxpacket: 16
[ 1113.734512][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1113.734702][ T5937] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1113.762466][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1113.800035][    T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1113.836866][ T5937] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1113.858147][    T9] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1113.867707][ T5937] usb 3-1: Product: syz
[ 1113.871937][ T5937] usb 3-1: Manufacturer: syz
[ 1113.882767][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1113.892479][ T5937] usb 3-1: SerialNumber: syz
[ 1113.917858][    T9] usb 8-1: config 0 descriptor??
[ 1113.923977][ T5937] usb 3-1: config 0 descriptor??
[ 1113.945596][ T5937] gspca_main: se401-2.14.0 probing 047d:5003
[ 1114.428519][   T30] audit: type=1107 audit(1752141376.583:84): pid=16019 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[ 1114.642945][T16026] netlink: 'syz.7.2532': attribute type 10 has an invalid length.
[ 1115.553114][T16024] fuse: Unknown parameter '0x0000000000000006'
[ 1115.647055][T16032] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2538'.
[ 1115.656713][T16032] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2538'.
[ 1115.918565][T16033] netlink: 'syz.2.2538': attribute type 1 has an invalid length.
[ 1115.978267][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1115.992400][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.371799][ T5937] gspca_se401: read req failed req 0x06 error -19
[ 1116.401949][ T5937] usb 3-1: USB disconnect, device number 29
[ 1119.018616][    T9] usbhid 8-1:0.0: can't add hid device: -32
[ 1119.024769][    T9] usbhid 8-1:0.0: probe with driver usbhid failed with error -32
[ 1119.062268][T16047] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.2541'.
[ 1119.279983][T16016] netdevsim netdevsim0 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1119.288727][T16016] netdevsim netdevsim0 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1119.297255][T16016] netdevsim netdevsim0 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1119.305885][T16016] netdevsim netdevsim0 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1119.348358][T16016] macvtap1: left allmulticast mode
[ 1119.386013][T16016] macvtap2: left allmulticast mode
[ 1119.399547][T16016] macvtap3: left allmulticast mode
[ 1119.406985][T16016] macvtap4: left allmulticast mode
[ 1119.421748][T16016] macvtap5: left allmulticast mode
[ 1119.440575][T16016] macvtap6: left allmulticast mode
[ 1119.451068][T16016] veth0_macvtap: left allmulticast mode
[ 1119.469457][T16016] macvtap7: left allmulticast mode
[ 1119.503330][T16025] 8021q: VLANs not supported on ip6_vti0
[ 1119.650367][ T5904] usb 8-1: USB disconnect, device number 14
[ 1120.246143][T16057] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1121.513282][T16064] siw: device registration error -23
[ 1123.588324][T16072] netlink: 'syz.0.2545': attribute type 1 has an invalid length.
[ 1124.731102][T16082] siw: device registration error -23
[ 1126.717737][T16090] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1126.954831][   T12] wlan1: Trigger new scan to find an IBSS to join
[ 1127.562678][ T5904] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[ 1127.722530][ T5904] usb 3-1: Using ep0 maxpacket: 16
[ 1127.737427][ T5904] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1127.789446][ T5904] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1127.843350][ T5904] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1128.751706][T16111] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2551'.
[ 1128.839487][T16112] netlink: 'syz.0.2551': attribute type 1 has an invalid length.
[ 1129.231586][ T5904] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1129.242796][ T5904] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1129.329138][ T5904] usb 3-1: config 0 descriptor??
[ 1129.339843][T16103] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1129.348928][T16103] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1129.357962][T16103] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1129.366889][T16103] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1129.411850][T16103] macvtap1: left allmulticast mode
[ 1129.421307][T16103] macvtap2: left allmulticast mode
[ 1129.438119][T16103] macvtap3: left allmulticast mode
[ 1129.455084][T16103] veth0_macvtap: left allmulticast mode
[ 1129.462830][T16103] macvtap4: left allmulticast mode
[ 1132.073056][T10817] wlan1: Trigger new scan to find an IBSS to join
[ 1132.252889][ T5904] usbhid 3-1:0.0: can't add hid device: -71
[ 1132.292547][ T5904] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1132.351670][ T5904] usb 3-1: USB disconnect, device number 30
[ 1132.683155][T16134] siw: device registration error -23
[ 1133.843492][T16142] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1133.856502][T16144] netlink: 'syz.4.2561': attribute type 1 has an invalid length.
[ 1134.850607][T16151] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2564'.
[ 1135.084871][T16131] fuse: Unknown parameter '0x0000000000000006'
[ 1135.086002][T10817] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1135.251838][T16158] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1137.098886][   T36] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1137.231605][T16171] netlink: 'syz.7.2567': attribute type 1 has an invalid length.
[ 1137.290417][T16170] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1138.115926][T16186] fuse: Unknown parameter '0x0000000000000006'
[ 1138.852506][    T9] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[ 1139.250456][    T9] usb 3-1: Using ep0 maxpacket: 16
[ 1140.385980][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1140.397041][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1140.415352][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1140.431616][    T9] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1140.444437][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1140.456340][    T9] usb 3-1: config 0 descriptor??
[ 1141.885352][T16203] netlink: 212376 bytes leftover after parsing attributes in process `syz.7.2575'.
[ 1141.904360][T16205] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2576'.
[ 1141.992194][T16210] netlink: 'syz.4.2576': attribute type 1 has an invalid length.
[ 1142.739024][    T9] usbhid 3-1:0.0: can't add hid device: -71
[ 1142.749339][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1142.759641][    T9] usb 3-1: USB disconnect, device number 31
[ 1143.236762][T16216] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1144.349939][T16223] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1146.771628][T16237] netlink: 'syz.7.2584': attribute type 1 has an invalid length.
[ 1148.237366][T16254] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2588'.
[ 1148.497116][T16256] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1148.683807][T16257] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1149.295335][T15136] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[ 1149.582530][T15136] usb 1-1: Using ep0 maxpacket: 16
[ 1149.649526][T16276] siw: device registration error -23
[ 1149.683530][T15136] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1149.903190][T16280] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1150.947522][T15136] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1150.962429][T15136] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1151.155839][T15136] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1151.181277][T15136] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1151.216228][T15136] usb 1-1: config 0 descriptor??
[ 1152.319551][T16290] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2595'.
[ 1152.371055][T16291] netlink: 'syz.4.2595': attribute type 1 has an invalid length.
[ 1153.499988][T15136] usb 1-1: can't set config #0, error -71
[ 1153.525960][T15136] usb 1-1: USB disconnect, device number 37
[ 1154.443058][T16303] macvtap7: entered allmulticast mode
[ 1155.148310][T16314] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2603'.
[ 1159.094493][T16342] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1159.792750][ T3586] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[ 1159.962489][ T3586] usb 5-1: Using ep0 maxpacket: 16
[ 1160.700780][ T3586] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1160.714919][ T3586] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1161.949503][   T12] wlan1: Trigger new scan to find an IBSS to join
[ 1162.864993][T16367] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1163.375986][ T3586] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1163.445078][ T3586] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1163.456516][T16373] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2616'.
[ 1163.475804][ T3586] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1164.243321][   T30] audit: type=1107 audit(1752141426.383:85): pid=16376 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[ 1164.812949][ T3586] usb 5-1: config 0 descriptor??
[ 1164.830135][ T3586] usb 5-1: can't set config #0, error -71
[ 1164.854714][ T3586] usb 5-1: USB disconnect, device number 36
[ 1167.882629][T10817] wlan1: Trigger new scan to find an IBSS to join
[ 1167.889429][ T1099] wlan1: Trigger new scan to find an IBSS to join
[ 1168.466844][ T1099] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1169.982256][T14417] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1169.995701][T14417] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1170.006920][T14417] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1170.017625][T14417] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1170.619080][ T1099] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1170.633503][T14417] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1170.845884][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1171.072485][ T3586] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[ 1171.382457][ T3586] usb 5-1: Using ep0 maxpacket: 8
[ 1171.984595][   T30] audit: type=1107 audit(1752141433.743:86): pid=16443 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=')r0	¾ßú%λ'
[ 1172.018924][ T3586] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1172.318670][ T3586] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1172.332259][ T3586] usb 5-1: Product: syz
[ 1173.303683][T14417] Bluetooth: hci4: command tx timeout
[ 1173.664081][   T13] wlan1: Trigger new scan to find an IBSS to join
[ 1173.670712][ T3586] usb 5-1: Manufacturer: syz
[ 1173.676042][ T3586] usb 5-1: SerialNumber: syz
[ 1173.684492][ T3586] usb 5-1: config 0 descriptor??
[ 1173.695073][ T3586] gspca_main: se401-2.14.0 probing 047d:5003
[ 1175.322522][T14417] Bluetooth: hci4: command tx timeout
[ 1175.646384][ T3586] gspca_se401: read req failed req 0x06 error -19
[ 1175.666876][ T3586] usb 5-1: USB disconnect, device number 37
[ 1176.688010][T16434] chnl_net:caif_netlink_parms(): no params data found
[ 1177.353464][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.656331][T14417] Bluetooth: hci4: command tx timeout
[ 1177.662141][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.960836][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1178.000358][T16492] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0
[ 1178.279122][T16434] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1178.291838][T16434] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1178.323067][T16434] bridge_slave_0: entered allmulticast mode
[ 1178.334190][T16434] bridge_slave_0: entered promiscuous mode
[ 1178.356775][T16434] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1178.372594][T16434] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1178.391334][T16434] bridge_slave_1: entered allmulticast mode
[ 1178.421144][T16434] bridge_slave_1: entered promiscuous mode
[ 1178.620479][T16434] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1178.653061][T16434] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1178.713708][ T3519] bridge_slave_1: left allmulticast mode
[ 1178.725207][ T3519] bridge_slave_1: left promiscuous mode
[ 1178.743270][ T3519] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1178.772300][ T3519] bridge_slave_0: left allmulticast mode
[ 1178.785018][ T3519] bridge_slave_0: left promiscuous mode
[ 1178.790957][ T3519] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1178.853900][T15220] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[ 1179.012585][T15220] usb 5-1: Using ep0 maxpacket: 32
[ 1179.024402][T15220] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1179.034850][T15220] usb 5-1: no configurations
[ 1179.041752][T15220] usb 5-1: can't read configurations, error -22
[ 1179.722935][T14417] Bluetooth: hci4: command tx timeout
[ 1179.822610][    T9] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[ 1179.893397][ T3519] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1179.913208][ T3519] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1179.930669][ T3519] bond0 (unregistering): (slave batadv0): Releasing backup interface
[ 1179.942729][ T3519] bond0 (unregistering): Released all slaves
[ 1179.995522][    T9] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1180.015095][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1180.023933][T16544] xt_hashlimit: size too large, truncated to 1048576
[ 1180.049735][    T9] usb 1-1: Product: syz
[ 1180.067140][    T9] usb 1-1: Manufacturer: syz
[ 1180.080562][T16434] team0: Port device team_slave_0 added
[ 1180.102622][    T9] usb 1-1: SerialNumber: syz
[ 1180.144021][    T9] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1180.274870][ T5937] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1180.287203][T16434] team0: Port device team_slave_1 added
[ 1180.583776][T16434] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1180.590891][T16434] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1180.658679][T16434] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1180.694833][T16434] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1180.707404][T16434] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1180.752576][T16434] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1180.920689][T16559] sch_tbf: burst 4393 is lower than device lo mtu (65550) !
[ 1181.055506][T16556] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1181.073024][T16556] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1181.147575][T16434] hsr_slave_0: entered promiscuous mode
[ 1181.167472][T16434] hsr_slave_1: entered promiscuous mode
[ 1181.183839][T16434] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1181.205627][T14417] Bluetooth: hci2: unexpected event for opcode 0x2016
[ 1181.219136][T16434] Cannot create hsr debugfs directory
[ 1181.381322][ T3519] hsr_slave_0: left promiscuous mode
[ 1181.401585][ T3519] hsr_slave_1: left promiscuous mode
[ 1181.408265][ T5937] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[ 1181.416957][ T3519] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1181.425022][ T5937] ath9k_htc: Failed to initialize the device
[ 1181.436715][ T3519] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1181.450943][ T3519] veth0_macvtap: left allmulticast mode
[ 1181.498082][ T5937] usb 1-1: ath9k_htc: USB layer deinitialized
[ 1181.540634][T15220] usb 1-1: USB disconnect, device number 38
[ 1181.554054][T10673] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1181.566751][T10673] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1181.575430][T10673] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1181.586761][T10673] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1181.594614][T10673] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1181.982264][T16580] netlink: 'syz.4.2675': attribute type 1 has an invalid length.
[ 1182.085912][T16582] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2675'.
[ 1182.258723][ T3519] team0 (unregistering): Port device team_slave_1 removed
[ 1182.312030][ T3519] team0 (unregistering): Port device team_slave_0 removed
[ 1182.870751][T16581] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[ 1182.880409][T16581] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[ 1182.889282][T16581] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[ 1182.898194][T16581] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[ 1182.911338][T16581] bond1: (slave geneve2): making interface the new active one
[ 1182.926357][T16581] bond1: (slave geneve2): Enslaving as an active interface with an up link
[ 1182.942120][T16582] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1183.494679][T16606] 9pnet_virtio: no channels available for device syz
[ 1183.649667][T14417] Bluetooth: hci0: command tx timeout
[ 1183.709598][T16434] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1183.728652][T16434] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1183.741507][T16434] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1183.769934][T16434] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1183.870325][T16573] chnl_net:caif_netlink_parms(): no params data found
[ 1183.947130][T16626] CUSE: unknown device info "ý<±5æç—‘<ZŸj5«�ÿÿ¨ 9ñ$›+‘¤r„0X‰8"
[ 1183.955445][T16626] CUSE: unknown device info "eQïŒÌmÅ€%åãöP;T�ý€ÁÎá38RÝ2ß«JgËé¾Æ$‚O‹³"
[ 1183.964301][T16626] CUSE: DEVNAME unspecified
[ 1184.071214][T16632] tipc: Failed to remove unknown binding: 66,1,1/0:3612969585/3612969587
[ 1184.081866][T16629] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[ 1184.213571][T16573] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1184.220808][T16573] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1184.251560][T16573] bridge_slave_0: entered allmulticast mode
[ 1184.262180][T16573] bridge_slave_0: entered promiscuous mode
[ 1184.292654][T16573] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1184.300716][T16573] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1184.326716][T16573] bridge_slave_1: entered allmulticast mode
[ 1184.351721][T16573] bridge_slave_1: entered promiscuous mode
[ 1184.491752][T16638] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1184.503326][T16640] KVM: debugfs: duplicate directory 16640-5
[ 1184.517533][T16573] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1184.549378][T16573] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1184.684517][T16573] team0: Port device team_slave_0 added
[ 1184.706917][T16434] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1184.726107][T16573] team0: Port device team_slave_1 added
[ 1184.754020][T16644] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1184.823184][T16573] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1184.832005][T16573] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1184.860942][T16573] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1184.879722][T16573] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1184.898199][T16573] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1184.925177][T16573] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1184.955473][T16434] 8021q: adding VLAN 0 to HW filter on device team0
[ 1185.039788][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1185.047149][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1185.069016][T16573] hsr_slave_0: entered promiscuous mode
[ 1185.080554][T16573] hsr_slave_1: entered promiscuous mode
[ 1185.100927][T16573] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1185.111506][T16573] Cannot create hsr debugfs directory
[ 1185.122261][T10817] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1185.129488][T10817] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1185.137376][ T5937] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[ 1185.245985][T14417] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1185.257009][T14417] Bluetooth: hci2: Injecting HCI hardware error event
[ 1185.265856][T10673] Bluetooth: hci2: hardware error 0x00
[ 1185.304302][ T5937] usb 3-1: Using ep0 maxpacket: 16
[ 1185.313950][ T5937] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1185.334811][ T5937] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1185.355515][ T5937] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1185.382891][ T5937] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1185.392130][ T5937] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1185.415399][ T5937] usb 3-1: config 0 descriptor??
[ 1185.706074][T16573] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1185.723613][T14417] Bluetooth: hci0: command tx timeout
[ 1185.737630][T16573] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1185.767031][T16573] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1185.801233][T16573] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1185.855855][ T5937] HID 045e:07da: Invalid code 65791 type 1
[ 1185.879066][ T5937] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0005/input/input60
[ 1185.941291][ T5937] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[ 1186.054103][    T9] usb 3-1: USB disconnect, device number 32
[ 1186.079529][T16573] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1186.119982][T16573] 8021q: adding VLAN 0 to HW filter on device team0
[ 1186.172154][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1186.179447][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1186.237882][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1186.245155][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1186.379663][T16434] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1186.974939][T16573] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1187.326779][T10673] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1187.362169][T16434] veth0_vlan: entered promiscuous mode
[ 1187.406928][T16434] veth1_vlan: entered promiscuous mode
[ 1187.480951][T16434] veth0_macvtap: entered promiscuous mode
[ 1187.514833][T16434] veth1_macvtap: entered promiscuous mode
[ 1187.572077][T16434] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1187.639167][T16434] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1187.674935][T16434] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1187.694230][T16434] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1187.708978][T16434] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1187.719481][T16434] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1187.788241][T16573] veth0_vlan: entered promiscuous mode
[ 1187.803453][T10673] Bluetooth: hci0: command tx timeout
[ 1187.859442][T16573] veth1_vlan: entered promiscuous mode
[ 1187.981917][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1188.012544][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1188.107856][ T1085] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1188.127061][T16573] veth0_macvtap: entered promiscuous mode
[ 1188.163513][ T1085] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1188.177422][T16573] veth1_macvtap: entered promiscuous mode
[ 1188.255914][T16573] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1188.318505][T16573] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1188.357853][T16573] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1188.402624][T16573] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1188.411427][T16573] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1188.432416][T16573] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1189.503589][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1189.511482][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1189.622064][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1189.653011][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1189.894023][T10673] Bluetooth: hci0: command tx timeout
[ 1190.798456][T16776] netlink: 36 bytes leftover after parsing attributes in process `syz.9.2667'.
[ 1191.164512][T14417] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1191.174918][T14417] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1191.183140][T14417] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1191.212221][T14417] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1191.229014][T14417] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1193.322699][T10673] Bluetooth: hci2: command tx timeout
[ 1193.451145][T16805] comedi comedi4: bad chanlist[0]=0x00000011 chan=17 range length=2
[ 1193.971385][T16780] chnl_net:caif_netlink_parms(): no params data found
[ 1194.022588][ T5904] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[ 1194.224081][T16780] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1194.248787][T16780] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1194.256162][ T5904] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1194.270626][T16780] bridge_slave_0: entered allmulticast mode
[ 1194.276638][ T5904] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1194.290342][T16780] bridge_slave_0: entered promiscuous mode
[ 1194.296529][ T5904] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1194.310835][T16780] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1194.322548][T16780] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1194.329783][ T5904] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1194.348272][T16780] bridge_slave_1: entered allmulticast mode
[ 1194.378250][ T5904] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1194.388725][T16780] bridge_slave_1: entered promiscuous mode
[ 1194.407884][ T5904] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1194.434081][ T5904] usb 1-1: config 0 descriptor??
[ 1194.439801][T16817] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1194.537245][T16780] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1194.591644][T16780] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1194.704303][T16846] syz_tun: entered allmulticast mode
[ 1194.720965][T16845] syz_tun: left allmulticast mode
[ 1194.749614][T16780] team0: Port device team_slave_0 added
[ 1194.787649][T16780] team0: Port device team_slave_1 added
[ 1194.865630][ T5904] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1194.890954][ T5904] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1194.911055][ T5904] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1194.919476][T16780] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1194.932817][T16780] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1194.958923][ T5904] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1194.986534][ T5904] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1194.995198][ T5904] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1195.003863][ T5904] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1195.012008][T16780] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1195.025843][ T5904] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1195.064826][T16780] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1195.071828][T16780] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1195.097898][ T5904] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1195.112239][ T5904] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1195.122060][ T5904] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1195.129932][ T5904] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1195.139074][ T5904] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1195.146592][T16780] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1195.157295][ T5904] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1195.180439][ T5904] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[ 1195.209299][ T5904] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[ 1195.250808][ T5904] usb 1-1: USB disconnect, device number 39
[ 1195.309681][T16780] hsr_slave_0: entered promiscuous mode
[ 1195.319641][T16780] hsr_slave_1: entered promiscuous mode
[ 1195.326764][T16780] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1195.334729][T16780] Cannot create hsr debugfs directory
[ 1195.402574][T10673] Bluetooth: hci2: command tx timeout
[ 1195.751626][T16879] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2774'.
[ 1195.791549][T16879] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2774'.
[ 1195.828970][T16882] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1195.848967][T16882] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1196.387553][T10673] Bluetooth: hci3: ACL packet for unknown connection handle 200
[ 1196.607786][T16780] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1196.638843][T16780] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1196.678015][T16780] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1196.794562][T16780] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1196.810991][T16921] Bluetooth: MGMT ver 1.23
[ 1196.879731][T16929] block device autoloading is deprecated and will be removed.
[ 1197.008248][T16780] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1197.033899][T16780] 8021q: adding VLAN 0 to HW filter on device team0
[ 1197.048656][T10817] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1197.055857][T10817] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1197.086845][T10817] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1197.094122][T10817] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1197.483322][T10673] Bluetooth: hci2: command tx timeout
[ 1197.660152][T16780] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1197.770373][T16780] veth0_vlan: entered promiscuous mode
[ 1197.827820][T16780] veth1_vlan: entered promiscuous mode
[ 1197.927703][T16780] veth0_macvtap: entered promiscuous mode
[ 1197.987453][T16780] veth1_macvtap: entered promiscuous mode
[ 1198.073060][T16780] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1198.116611][T16780] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1198.139050][T16780] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1198.148735][T16780] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1198.164153][T16780] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1198.179064][T16780] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1198.187195][T14417] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1198.200985][T14417] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1198.214242][T14417] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1198.224837][T14417] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1198.232728][T14417] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1198.425863][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1198.453855][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1198.550738][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1198.588713][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1198.738461][T16970] bond1: entered promiscuous mode
[ 1198.906894][T16958] chnl_net:caif_netlink_parms(): no params data found
[ 1199.152291][T16984] ------------[ cut here ]------------
[ 1199.158362][T16984] WARNING: CPU: 1 PID: 16984 at ./include/linux/memcontrol.h:371 folio_memcg+0x1a8/0x310
[ 1199.168530][T16984] Modules linked in:
[ 1199.172882][T16984] CPU: 1 UID: 0 PID: 16984 Comm: syz.9.2811 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[ 1199.185732][T16984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1199.198038][T16984] RIP: 0010:folio_memcg+0x1a8/0x310
[ 1199.203977][T16984] Code: 80 3c 28 00 74 08 4c 89 f7 e8 b4 cc 1b 00 4d 8b 36 4c 89 f0 5b 41 5c 41 5d 41 5e 41 5f 5d e9 bf 21 65 09 cc e8 a9 74 ba ff 90 <0f> 0b 90 eb c5 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c fe fe ff ff
[ 1199.224277][T16984] RSP: 0018:ffffc90003f0f250 EFLAGS: 00010287
[ 1199.230822][T16984] RAX: ffffffff8205b0a7 RBX: 0000000000000000 RCX: 0000000000080000
[ 1199.240461][T16984] RDX: ffffc9000cd7b000 RSI: 0000000000001e43 RDI: 0000000000001e44
[ 1199.249848][T16984] RBP: 0000000000000000 R08: ffffea0001deef07 R09: 1ffffd40003bdde0
[ 1199.258291][T16984] R10: dffffc0000000000 R11: fffff940003bdde1 R12: ffffea0001deef30
[ 1199.266559][T16984] R13: dffffc0000000000 R14: ffff888033a15e80 R15: 0000000000000002
[ 1199.274729][T16984] FS:  00007f7f8333f6c0(0000) GS:ffff888125d4f000(0000) knlGS:0000000000000000
[ 1199.283772][T16984] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1199.290405][T16984] CR2: 0000000000000000 CR3: 0000000079dba000 CR4: 00000000003526f0
[ 1199.298499][T16984] Call Trace:
[ 1199.301813][T16984]  <TASK>
[ 1199.304877][T16984]  workingset_activation+0x5f/0x4a0
[ 1199.310124][T16984]  ? folio_mark_accessed+0x2a1/0x4a0
[ 1199.315509][T16984]  folio_mark_accessed+0x3b5/0x4a0
[ 1199.320678][T16984]  kvm_release_page_clean+0x9a/0xe0
[ 1199.326372][T16984]  kvm_tdp_page_fault+0x2dd/0x370
[ 1199.331439][T16984]  kvm_mmu_do_page_fault+0x2c5/0x640
[ 1199.338615][T16984]  ? vmx_vcpu_run+0xd8b/0x25d0
[ 1199.344093][T16984]  ? __pfx_kvm_mmu_do_page_fault+0x10/0x10
[ 1199.350002][T16984]  ? vmx_handle_exit_irqoff+0x29e/0xad0
[ 1199.355756][T16984]  kvm_mmu_page_fault+0x22f/0xb70
[ 1199.360867][T16984]  ? __pfx_handle_ept_violation+0x10/0x10
[ 1199.366686][T16984]  vmx_handle_exit+0x1093/0x18a0
[ 1199.371709][T16984]  ? vcpu_run+0x361c/0x6f70
[ 1199.376326][T16984]  ? rcu_is_watching+0x15/0xb0
[ 1199.381163][T16984]  vcpu_run+0x432e/0x6f70
[ 1199.385654][T16984]  ? vcpu_run+0x361c/0x6f70
[ 1199.390301][T16984]  ? __pfx_vcpu_run+0x10/0x10
[ 1199.395074][T16984]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[ 1199.401623][T16984]  ? rcu_is_watching+0x15/0xb0
[ 1199.406777][T16984]  kvm_arch_vcpu_ioctl_run+0xfc9/0x1940
[ 1199.412471][T16984]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[ 1199.418247][T16984]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[ 1199.424360][T16984]  ? rcu_is_watching+0x15/0xb0
[ 1199.429187][T16984]  ? look_up_lock_class+0x74/0x170
[ 1199.434409][T16984]  ? register_lock_class+0x51/0x320
[ 1199.440492][T16984]  ? __lock_acquire+0xab9/0xd20
[ 1199.446117][T16984]  kvm_vcpu_ioctl+0x95c/0xe90
[ 1199.450882][T16984]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1199.456211][T16984]  ? __lock_acquire+0xab9/0xd20
[ 1199.461122][T16984]  ? __asan_memset+0x22/0x50
[ 1199.465825][T16984]  ? smack_file_ioctl+0x302/0x340
[ 1199.470912][T16984]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 1199.476619][T16984]  ? __fget_files+0x2a/0x420
[ 1199.481352][T16984]  ? __fget_files+0x3a0/0x420
[ 1199.486381][T16984]  ? __fget_files+0x2a/0x420
[ 1199.491040][T16984]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1199.496073][T16984]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1199.501333][T16984]  __se_sys_ioctl+0xf9/0x170
[ 1199.506038][T16984]  do_syscall_64+0xfa/0x3b0
[ 1199.510597][T16984]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1199.515922][T16984]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1199.522034][T16984]  ? clear_bhb_loop+0x60/0xb0
[ 1199.526821][T16984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1199.532834][T16984] RIP: 0033:0x7f7f8258e929
[ 1199.538163][T16984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1199.558484][T16984] RSP: 002b:00007f7f8333f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1199.567257][T16984] RAX: ffffffffffffffda RBX: 00007f7f827b5fa0 RCX: 00007f7f8258e929
[ 1199.575336][T16984] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 1199.583411][T16984] RBP: 00007f7f82610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1199.591434][T16984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1199.592240][T14417] Bluetooth: hci2: command tx timeout
[ 1199.599742][T16984] R13: 0000000000000000 R14: 00007f7f827b5fa0 R15: 00007ffff584f6a8
[ 1199.613125][T16984]  </TASK>
[ 1199.616204][T16984] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1199.623511][T16984] CPU: 1 UID: 0 PID: 16984 Comm: syz.9.2811 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) 
[ 1199.635598][T16984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1199.645678][T16984] Call Trace:
[ 1199.648983][T16984]  <TASK>
[ 1199.651933][T16984]  dump_stack_lvl+0x99/0x250
[ 1199.656557][T16984]  ? __asan_memcpy+0x40/0x70
[ 1199.661178][T16984]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1199.666398][T16984]  ? __pfx__printk+0x10/0x10
[ 1199.671027][T16984]  panic+0x2db/0x790
[ 1199.674947][T16984]  ? __pfx_panic+0x10/0x10
[ 1199.679404][T16984]  __warn+0x31b/0x4b0
[ 1199.683402][T16984]  ? folio_memcg+0x1a8/0x310
[ 1199.688016][T16984]  ? folio_memcg+0x1a8/0x310
[ 1199.692625][T16984]  report_bug+0x2be/0x4f0
[ 1199.696985][T16984]  ? folio_memcg+0x1a8/0x310
[ 1199.701596][T16984]  ? folio_memcg+0x1a8/0x310
[ 1199.706207][T16984]  ? folio_memcg+0x1aa/0x310
[ 1199.710821][T16984]  handle_bug+0x84/0x160
[ 1199.715090][T16984]  exc_invalid_op+0x1a/0x50
[ 1199.719617][T16984]  asm_exc_invalid_op+0x1a/0x20
[ 1199.724487][T16984] RIP: 0010:folio_memcg+0x1a8/0x310
[ 1199.729711][T16984] Code: 80 3c 28 00 74 08 4c 89 f7 e8 b4 cc 1b 00 4d 8b 36 4c 89 f0 5b 41 5c 41 5d 41 5e 41 5f 5d e9 bf 21 65 09 cc e8 a9 74 ba ff 90 <0f> 0b 90 eb c5 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c fe fe ff ff
[ 1199.749461][T16984] RSP: 0018:ffffc90003f0f250 EFLAGS: 00010287
[ 1199.755599][T16984] RAX: ffffffff8205b0a7 RBX: 0000000000000000 RCX: 0000000000080000
[ 1199.763588][T16984] RDX: ffffc9000cd7b000 RSI: 0000000000001e43 RDI: 0000000000001e44
[ 1199.771575][T16984] RBP: 0000000000000000 R08: ffffea0001deef07 R09: 1ffffd40003bdde0
[ 1199.779566][T16984] R10: dffffc0000000000 R11: fffff940003bdde1 R12: ffffea0001deef30
[ 1199.787556][T16984] R13: dffffc0000000000 R14: ffff888033a15e80 R15: 0000000000000002
[ 1199.795559][T16984]  ? folio_memcg+0x1a7/0x310
[ 1199.800188][T16984]  workingset_activation+0x5f/0x4a0
[ 1199.805408][T16984]  ? folio_mark_accessed+0x2a1/0x4a0
[ 1199.810733][T16984]  folio_mark_accessed+0x3b5/0x4a0
[ 1199.815872][T16984]  kvm_release_page_clean+0x9a/0xe0
[ 1199.821106][T16984]  kvm_tdp_page_fault+0x2dd/0x370
[ 1199.826164][T16984]  kvm_mmu_do_page_fault+0x2c5/0x640
[ 1199.831472][T16984]  ? vmx_vcpu_run+0xd8b/0x25d0
[ 1199.836281][T16984]  ? __pfx_kvm_mmu_do_page_fault+0x10/0x10
[ 1199.842140][T16984]  ? vmx_handle_exit_irqoff+0x29e/0xad0
[ 1199.847725][T16984]  kvm_mmu_page_fault+0x22f/0xb70
[ 1199.852787][T16984]  ? __pfx_handle_ept_violation+0x10/0x10
[ 1199.858532][T16984]  vmx_handle_exit+0x1093/0x18a0
[ 1199.863491][T16984]  ? vcpu_run+0x361c/0x6f70
[ 1199.868019][T16984]  ? rcu_is_watching+0x15/0xb0
[ 1199.872819][T16984]  vcpu_run+0x432e/0x6f70
[ 1199.877218][T16984]  ? vcpu_run+0x361c/0x6f70
[ 1199.881789][T16984]  ? __pfx_vcpu_run+0x10/0x10
[ 1199.886495][T16984]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[ 1199.892245][T16984]  ? rcu_is_watching+0x15/0xb0
[ 1199.897054][T16984]  kvm_arch_vcpu_ioctl_run+0xfc9/0x1940
[ 1199.902637][T16984]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[ 1199.908378][T16984]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[ 1199.914382][T16984]  ? rcu_is_watching+0x15/0xb0
[ 1199.919170][T16984]  ? look_up_lock_class+0x74/0x170
[ 1199.924313][T16984]  ? register_lock_class+0x51/0x320
[ 1199.929534][T16984]  ? __lock_acquire+0xab9/0xd20
[ 1199.934430][T16984]  kvm_vcpu_ioctl+0x95c/0xe90
[ 1199.939134][T16984]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1199.944353][T16984]  ? __lock_acquire+0xab9/0xd20
[ 1199.949226][T16984]  ? __asan_memset+0x22/0x50
[ 1199.953851][T16984]  ? smack_file_ioctl+0x302/0x340
[ 1199.958902][T16984]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 1199.964483][T16984]  ? __fget_files+0x2a/0x420
[ 1199.969087][T16984]  ? __fget_files+0x3a0/0x420
[ 1199.973781][T16984]  ? __fget_files+0x2a/0x420
[ 1199.978389][T16984]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1199.983342][T16984]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1199.988582][T16984]  __se_sys_ioctl+0xf9/0x170
[ 1199.993204][T16984]  do_syscall_64+0xfa/0x3b0
[ 1199.997732][T16984]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1200.002962][T16984]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1200.009070][T16984]  ? clear_bhb_loop+0x60/0xb0
[ 1200.013765][T16984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1200.019670][T16984] RIP: 0033:0x7f7f8258e929
[ 1200.024140][T16984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1200.043852][T16984] RSP: 002b:00007f7f8333f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1200.052289][T16984] RAX: ffffffffffffffda RBX: 00007f7f827b5fa0 RCX: 00007f7f8258e929
[ 1200.060288][T16984] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 1200.068281][T16984] RBP: 00007f7f82610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1200.076268][T16984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1200.084261][T16984] R13: 0000000000000000 R14: 00007f7f827b5fa0 R15: 00007ffff584f6a8
[ 1200.092275][T16984]  </TASK>
[ 1200.095456][T16984] Kernel Offset: disabled
[ 1200.099790][T16984] Rebooting in 86400 seconds..