last executing test programs:

9.324352298s ago: executing program 3 (id=6679):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
write$char_usb(0xffffffffffffffff, &(0x7f0000000040)="e2", 0x2250)
r2 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0xc95e})
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x1ef6e3}], 0x100000000000011a)

8.34499482s ago: executing program 3 (id=6685):
r0 = socket$kcm(0xa, 0x1, 0x106)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000140))
sendmsg$BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f0000004340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4804}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000011)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x2}, 0xff32, 0x0}, 0xe07e872420dfefca)
sendmsg$kcm(r0, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x4000800)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {0xe}}, './file0\x00'})
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="1400000023000b6c8cfffdfccabb00f90429fc60", 0x14}], 0x1}, 0x2400c000)

8.266920692s ago: executing program 0 (id=6687):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
ioctl(r0, 0x3, &(0x7f0000000100)="82980c2761cada12a4706c242ff37d9c4b14b9b9f3fe9ffcc60337ba33126e1a31725bf8b47556fb73dee569a8a89b3c9aa110a133dd5e8357bf2b613ef66b8a47bf6fa07221defab073c05dff673737d22a4787bf4fb0052bd0070b03c550fffd1721086809f0f9bae95386efd3414c0e4cf4288114b2b5652de4e105ce9241b2d3455dc7b449ee1cc96374647e887bfab38db828d6048dad687e5692746c57fc5527bf419f9266b67f0ef00d520a62d77aeb0ac4737a55673c5646da7fd68d6015572971ce7ba025d032c5abea9c9a06d67f5835f4248a81a9bc120076")

7.793210368s ago: executing program 0 (id=6688):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0xd8, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x4, 0x2}, {0x0, 0x1}, {0x0, 0xfff1}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_RATE={0x6, 0x5, {0x8, 0x81}}, @filter_kind_options=@f_bpf={{0x8}, {0x9c, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x84, 0x1, [@m_simple={0x30, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_connmark={0x50, 0x15, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x9, 0xfffffffb, 0x6, 0x9f32, 0x80000001}, 0x7}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}]}, 0xd8}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

7.320100426s ago: executing program 0 (id=6690):
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000005c0), 0x2000) (async)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000005c0), 0x2000)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000002140)={'syztnl2\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x4, 0x4, 0x9, 0x402, 0x5e, @private0, @loopback={0x0, 0xffff8881114a4aa8}, 0x700, 0x0, 0xfffffffc, 0x1000c00}}) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000002140)={'syztnl2\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x4, 0x4, 0x9, 0x402, 0x5e, @private0, @loopback={0x0, 0xffff8881114a4aa8}, 0x700, 0x0, 0xfffffffc, 0x1000c00}})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$inet6_udplite(0xa, 0x2, 0x88) (async)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x38, r2, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0xf4, 0x2b}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}]]}, 0x38}, 0x1, 0x0, 0x0, 0xd37697ff280d3c0e}, 0x0)
r6 = syz_usb_connect(0x5, 0x3f, &(0x7f0000000240)=ANY=[@ANYBLOB="12010003ac9bcc20d118af1ebb5a0102030109022d00010700800b0904bb06033ae5040009050402b3030fd3040905070020000500ce090503021000750102"], &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x5e, &(0x7f0000000280)=ANY=[@ANYBLOB="5e03964ff9500000af52d77fc121612c8199ce373c4ffde359a484db6247424128c5768e8a45c00f55a193e06689b6f8c1355cd4f549e3d1a65337b205eae6738d2ec799e4fde450797f7ef5ecd9e79a3e3fb157c8371c7d0fda3d44f244"]}]})
syz_usb_control_io(r6, 0x0, &(0x7f0000000e80)={0x84, &(0x7f0000000a00)={0x40, 0xd, 0x4, "def0adc8"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) (async)
r7 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r7, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r7, 0x7a5, &(0x7f00000000c0)={{@my=0x1, 0x8}, 0x1, 0x0, 0x8}) (async)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r7, 0x7a5, &(0x7f00000000c0)={{@my=0x1, 0x8}, 0x1, 0x0, 0x8})
ioctl$FS_IOC_GETFLAGS(r0, 0x80046601, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100)=<r8=>0x0)
sched_setaffinity(r8, 0x0, 0x0)
r9 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
socket$nl_route(0x10, 0x3, 0x0) (async)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYRES32, @ANYRES16=r12, @ANYRES16=r10, @ANYRES32, @ANYBLOB='l\x00^'], 0x234}}, 0x88c1) (async)
sendmsg$NL80211_CMD_SET_CQM(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYRES32, @ANYRES16=r12, @ANYRES16=r10, @ANYRES32, @ANYBLOB='l\x00^'], 0x234}}, 0x88c1)
sendmsg$nl_route(r10, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000040)=@newnexthop={0x28, 0x68, 0x1, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x4, 0x0, 0x4}, [@NHA_ID={0x8, 0x1, 0x2}, @NHA_GROUP={0x4}, @NHA_FDB={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x4000000)
ioctl$vim2m_VIDIOC_S_CTRL(r9, 0xc008561c, &(0x7f0000000040)={0xf0f071, 0x11})
r13 = eventfd(0xf635)
writev(r13, &(0x7f0000000bc0)=[{&(0x7f0000000b00)="73a8240cc653b09ae3", 0x9}], 0x1) (async)
writev(r13, &(0x7f0000000bc0)=[{&(0x7f0000000b00)="73a8240cc653b09ae3", 0x9}], 0x1)
r14 = socket(0x10, 0x3, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
write(r14, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d) (async)
write(r14, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d)
ptrace$ARCH_MAP_VDSO_X32(0x1e, 0x0, 0x80000001, 0x2001)

6.821479546s ago: executing program 4 (id=6694):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'bridge_slave_0\x00'})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x34}}, 0x0)

6.737258362s ago: executing program 4 (id=6695):
syz_io_uring_setup(0x6866, &(0x7f00000003c0)={0x0, 0x0, 0x4}, 0x0, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, 0x0, 0x0, 0xeeee0000})
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f00000006c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ioctl$AUTOFS_IOC_SETTIMEOUT(0xffffffffffffffff, 0x80049367, &(0x7f0000000280)=0x3)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing', 0x0, 0x0)
lseek(r1, 0x4a, 0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x40000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x5000aea5, &(0x7f0000000080)=ANY=[])
syz_usb_connect$cdc_ncm(0x5, 0x6e, &(0x7f0000000080)=ANY=[@ANYBLOB="12015002020000092505a1a440000102030109025c0002010860100904000001020d00000524060001052400f8ff0d240f0100000000010000000606241a0f0010090581030002062c070904010000020d00000904010102020d000009058202400090076709050302ff03f7dd07"], &(0x7f0000000240)={0x0, 0x0, 0x19, &(0x7f0000000040)=ANY=[@ANYBLOB="050f5110d808c94829948567d3286b14020036164bfdcbc9ad023758a5f64217"]})

6.23355096s ago: executing program 3 (id=6696):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
write$char_usb(0xffffffffffffffff, &(0x7f0000000040)="e2", 0x2250)
r2 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0xc95e})
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x1ef6e3}], 0x100000000000011a)

5.277647587s ago: executing program 3 (id=6699):
userfaultfd(0x801)
r0 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e20, 0x9c000000, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x1df}}, 0x80, 0x0, 0x0, &(0x7f0000001240)=ANY=[@ANYBLOB="100000001001000001"], 0x10}, 0x40)
recvmsg(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x20012142)
r1 = openat$audio(0xffffff9c, &(0x7f0000000000), 0x400, 0x0)
ioctl$SOUND_MIXER_READ_DEVMASK(r1, 0x80044dfe, &(0x7f0000000980))
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$EXT4_IOC_SETFSUUID(r2, 0x4008662c, &(0x7f0000000040))
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x7, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000180)={0x1, 0xaa4, 0x0, &(0x7f0000000340)})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg(r5, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000440)="1db75f663ced5edaf061597fe162a1e4b0fef484b258a724f320b2182413745a816a8c05eb527199dd388d69d0290f9f49a464a33189192f2b064c8e0e7b26125231b64696a47b01890eec092d056333c66e03489ecc8bfc032ef27c7541cd032c617a5bc22b4f92a1915283df46d20e3e", 0x71}, {&(0x7f00000004c0)="f44778acaf5b9f02dcc846a264019f2103e0b1e452fa62a7933b471dfb76156f5d30400713438b533daff0842381b22b107706dcf569dd220ea68d2e330f8db132cabe012dcd98267c469b4e75cb65e6e41b2b99dbaef129cd9c5b1210f3164ecc1f1719f51299fda729f77efba48912d3d31619768e232f393654a1f451eb11d9aaabf2be1bcdfdc0094bf00888377ddaf500914f7d7a5469e658dc11f4484cbf7c9899c2267f2fad1d637abd4785182551deffe1430d82f3ff1558661de6f2d82f065f26f3f8fb1e42aabb34bb69aa2a855123ff5dbb69b8bf9f99d7dd2c51d51a3fd64cc63d06", 0xe8}, {&(0x7f00000005c0)="8d22fe4df4e18b5a97a972f33a932c52c838605a03ec1ba8b2258cfc8b0e966776eff36a02dc790715aecc049f53d06f0a3539a9fc3757980a6e166464f05897d9fc7f17a370d1ebc3a42f2f45dcb0d87b2417d3dc12bb27312689bf97e5a8c665874ff0c8255b64ced98b88dd991d58bd665f4f313a3ede4d02be3469fe5396e94aa2d27962316f7d26d0ec437effe9bab85851b42a768d10ba06263b25336c47d1fda1d086ed151655bd8dc643d59a201b3c54a3629e5886203711bc55be31f1eaac13edd64431a9dbecf59ec1dc6cbad1eb84feccc9bb27c40ba674f442ca3f7b6a1d38440d", 0xe7}, {&(0x7f00000006c0)="96cc22ff9765250cbbe59ae15fa2e1f87e8cf770f931bc503644683e34f43037a5461f69c783988b1683004c89b04db75c8a184d0886d333c56646555eb586ebb3f6cdb51e35b11a54969c8bf6a9321bfa5b121b7ae2c13beb803fa1b35822195a1f9269538c5e48ffc7b670fccdeff197aca586aab305dd9e729508614ec8c2790c9fddb7b705662c38e40f9e081329798d65a5e0bfbdbe06815312ec2230476466c7a5467092605f1130a9a23982c1b1242af36f840d3b6a84622c31538379972834e2b2619f575eafd49a44ef42e4ede40a0cdf2310ec802239be8d3734351260df58b0d141e500fbdf0cee5d26bb74e9", 0xf2}, {&(0x7f00000007c0)="5b675e5bfd57d1e2e331b5e83be0ab48e4bf91677bf7e3f0ff6a7fc0948c2c4a876dae4438c08fe1f1f15e73d2f6dec9d643b0988303e4d6cdb756b7d5f33ccd4241df112fa9512b889291c5de7e176260edf119b73e755bbddb7ae4ae140f60d96a6d84fec122dd19a990d76413d2ba13ba9f673d565ae089a5e85761443151e1ae5d95f4a941ca937661e5d13fd2d973ec6637a25fb1b1147355bf041a35452da6f8d12e145e16b4b6e02d19e13515ebf5f76803b9aaaaf7", 0xb9}, {&(0x7f0000000880)="c956203d1f6c11770382019566deb1f0f600dacceaa8240e47961e5362790c392f0ddca917e9ef4727d52ffe12c8cd6ccb7d28659d896f3bb25d779ddb3af3697b5f32ef9a1ce3b7795e117c6b83f7a7b8689bb17313c0b00f28ce5ff39d37db246013178fb5bc333801e5f80655270d86d862c66ba2a902e89a5fe8681128702f28b40fbbc0f0c3865a471680a8a34b5597cfa987132c6410fb720c534d9d373ad2c0e2a2db570e51fb4b22", 0xac}, {&(0x7f0000000300)="4606adab7585e525531edf20c4be11271cced50d037663f0e3d07b8a4f10c14b2e77cb0cb5e96dc5e0954033f1184bd3ecfe1e4759ada6b1cc7df7bd6638ff264b8cba396bf648fb8f6eba0b0749cfb03c40345b18d726e177a8a46c03cd10eb673e32aaac9b676cd92d737ece8458755e96", 0x72}, {&(0x7f00000009c0)="d1c84797a450f86c1c25f218d80cc494ae7e15272c367337123c425bd1715ee8225b90f18fc4499acd229e593021a5a281fa7cf5e723004bff2c351bd2acd720bfaf7e44123b5921e26d356010061375b7e7146c07d346d43aea430b1893b785d65723cc3ba728961c9e23884f87d98650a0c1eba39248a53d3b1d8de81d502b10e66e2abbe1de553e0936d817e5", 0x8e}, {&(0x7f0000000c00)="3343d30535ec4b8c3f7107d333f832e3332a5d13aec112b51d84fa12ac9ee44727fb73e7b552580667782021b4984ef7c87ff489e76cbb83a9809f8294a415d4bbc0690bf3537b42b2e3d4609c1a12d563ccfa503d71d348d9a7154f13ee6ed2768e1ecd0284f6a8b5684dac70848b5bf9fd60836e3e1245e53d479d68561e7b3700e9f655018e43000000000000f23ba74f443c8b4c27edf36a5b33078649dd193e47ac11f306bd72b631a9e4e215dda1585ce6bef50d9b0af981705cc11126ec077b6402921761a16ca54ab511abb12db84b0ee02b82efac881b310407c1e0ab734ba498fd3965e2209accaf601a749769eb8ac6151a6ae0e5218ef4fc8d47c19b8a312d475549eb8a60a080b829230d8eebdfc8192b2a57009ef6f25f4d1068ff55d9d14a4a3fe031dbbbef28debf8c332ebb7290a2065a14e9c772f56bc3ef6c1edff834499b89fad17692678b9dea589e940c5e", 0x156}], 0x9, &(0x7f0000001280)=ANY=[@ANYRESDEC=r3], 0x12f4}, 0x40040)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r6, 0x4188aec6, &(0x7f0000000040))
openat$sw_sync_info(0xffffff9c, &(0x7f0000000940), 0x88800, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
socket$igmp6(0xa, 0x3, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = syz_io_uring_setup(0x24f6, &(0x7f0000000240)={0x0, 0xc3d, 0x0, 0x0, 0x337}, &(0x7f0000000100)=<r8=>0x0, &(0x7f0000000140))
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r9, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r9, 0x0)
syz_io_uring_submit(r8, 0x0, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x40, 0x0, 0xffffffffffffffff, &(0x7f00000002c0)={0xa}, r2, 0x3, 0x0, 0x1})
io_uring_enter(r7, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
close(0x4)
recvmmsg(r2, &(0x7f0000008740)=[{{0x0, 0x0, &(0x7f0000000400)=[{0x0}, {&(0x7f0000000a80)=""/165, 0xa5}], 0x2}, 0x101}], 0x1, 0x1, 0x0)

4.137649371s ago: executing program 3 (id=6707):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = openat$vicodec1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$binfmt_aout(r2, 0x0, 0x6b1)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000580), 0x400, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r3, 0x80044d08, &(0x7f00000005c0))
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000a72b7a104c05e102c8e201020301090224000100000000090471020216fa1f0009051402100000fa0009058202"], 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0xc2a)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r4, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_JOIN_GROUP(r4, 0x29, 0x2a, &(0x7f0000000040)={0x7, {{0xa, 0x4e24, 0x2, @mcast1, 0x1}}}, 0x88)
r5 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0x1, &(0x7f0000000240)=0x1, 0x4)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x7d)
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(r6, &(0x7f0000000240)=[{&(0x7f0000001640)="0ae1b3e87bfd5dfe1a61c82e56234ce023ca7ded19d823c1001112217a2317bae1af0bb4a6f78f68a68938b336701b6e1194cf0c851954592094c60edae451296daa5c68d57140222ff0324b0478dc4a42cd090534f901fa06aca3da3c9948c7d7e880d3706ab51a44ee52c898b53592b054ae39b3a2bd13a4ec93824c2600d9e84fcc16b9c106335e32f1c59bcefb3ee427183968950658e37c0cf70af9b3924045270ef159bcc8aff59102576aa3f9cdb1319cadb25182e2ee2efa7e509b56017ce835596eeb3e22e9f508588b324681ad5976fb20bf014af30c3d120bb5ad0a8a30a9f23778ad13b4318cb18e273d61e0f98f3dd3adb340c6b317496ac294f5501eb32b3d747e9866fa0a103ed7ed6dc6bb70759d372693868761b1c35958beb4712ca5b2a4cb49813213a8b53b0a27573e4468f7ea0dd5983136be26ab08017fcce0d98ca5c78b49d11f397e65532f860b14a9e69c80a67b7be240090a91c254f6b26c620745ddc377940eea9fd24ee514b3a8ecdf9563dccd4992d7b732e441b078040d163de5cf955ad948c5bc026a84337b6a943a63df3dc09b728f8a47d7f6fb01c9c72eee37f97bb040396bdc0e2bade4d28c40d97479e222927cf330e42db4c8441a7f73499e310f9b6503a30f11053d5e1e3a94148b1bb08d49d4daae5b9cf16ed623692af28572458d069addf42c55ae9fc9da4f0322b76e4663465f55917e072e3040009791a2508fea2f0699ffa424af0b671b451631514b053bbcf6b737b7474eedd03d2c4a50f1ff4920a8d4aafe6a2139d81331efc00b85f6c701579a37dc6e01dab658df500b8e9bcca316c013857839b1245092202b7034e36e861207e5b7e26faad1068dea2d5b3f410f8b90240757f0e5f2b826a581825a99baaa3754851f9c8f04baad46c8c6b44e3592586636d2abde6f3f2a7233675ed35aa4bb8dc32b952a413877bdd25750dc2bf403c4cdda92123514f80810545ce19b179aecd02e2c3d129758252d48de1de1568558bf6c06cbea580f754d527026cbc643917c6c86da27e9accc2efcf2e8c331f8c7baa07521fc7e26d7cd4cc2ece68611774ebf6b515a8d5a67141478fc0344d089101e6ffb15e23ea79067183cf26d8f62d2f45c239ea16498cdb39433f1d8f6b99241f90d4f3800fdfc8979c99b0b23ab7dd66a65c5c017fe6d65f0573e2b48eb1c34b5f100c3a1e401dfb97fce5434911edf34bb358e6a0d9836ef53e3234a2e783d6ad15b955fe5a8e2cd6ce7c1305b6d8989048da8f331ccd8c19f02b19445291e50d34e2a65b64848929427c23820f280a4cb17eea57da1b972737c41413c343fa6786a4a420980264d03498dfb48a19152272120b4cb57f6680f8988f63050adfc76cfe94e8b0a6ff85722ee6cc33e8e0161a4331ecc77b8d6a3a2365b7ef55ba946759a79361306f2ede98df926b6f199f0d23cb891b4dc786fd1b8125150c3384e74ed0a4d98f8422cc4485e50fd5abda10bb048414ba0791d79508ccaf6e78078d42ceb39727c0e302560af1a22bc337e8095c60797d97ea61e4aaaed85ccd98d1c33077a45cdbb81d54659792c1dcb469450528c140878b923f30440f839254bec87da7048552ca78a9b6b981b497b961bab865e2fc88ba117e52c5294469cbbf34eb3792794d91839398e024604d5a8b29e36f35114eba9543b47b159a3a4f45d381915b18528f9858426f81fa3ea787ef7357064c0685d8edab103a0927744e048c5354db19022bac1dc7c4fec3c00307d2f1751bebd2ee97b55a396ea6d71a1cfa65133d68b31485dc31ea98b85ea7eed584b8e64e21ee2ed51c7014904cf05cb44c9e510bd13866ca4e37f7d004ae6cd123795761624824aa01dbc0325a8f91b269693bbc744e4bde208367cc1a86280f819356464d2621d2869ba98de2ffda66d94545ac6652c2fc1f9acf11e331b779b1b8fbdc9bec6a5d06a989b19e029d2f7e2f32c446b27b355d635555dc3ec501fa723dd881e808154fdd91457cbcf1ca982e8a89226ac3b90a928ffac617c0a4c21de17eb18438225aa37fbf5d56b548337d30b94b9fd89cc66908e5eda83c845b24ca1d80c1ccfb29f368974450edddddd52322c4f1fbf351f8c299605ecd479910d0e5092d44f06069b9fbf8b2b9533775fe453e5f0229b48233ab5845f464d470ba64a0873899af75e5003f035c0f6d872db672cabde36f359537026efb9969bbf4d20469c7d9cf4907cf3d03434581ca78dcd3812ef0edfacbe65cadc17e89e4e6a5e697a3f3bd763e0c23742dbb70c1f28524e5f5c44de5b5489b06cb5382170ccc9971d3f8111bce43f932025c43314d1e98d0625f5cdc4553c2491711342826c4abdbcb37d4cbdb6ce31efd78a9124320dad7f2f9c77ba0d92d7609523405c674eb07057281675018cc895838591ee9999c15e9dfc51c802428a25bee0983f4bc4b8ac01cac49fb5d94b615d388e07784963a78868cde9b12090f1943b0ca6ddd344354b11ca6629e58953a04da126e7278acc63514c0a7048722a6189858c4a8ea72038d3f5ebc82f13bc795bfecc339fcf8c9982b99a48c881e86a315b98da39f6065de2d685d098516eb4efe44c5070db0879faece1cd7c234e634caadb64bbb7b36892a4c91930069a82691b75da9ba6c73e5ee462e9cb41249a2745700246353cb02346285f238f7bb07f1d322ee05003c222018fbd2f2560335d5aaa2bf56cd8a742b2d1eafd3640b807a6fd49b12f7b9ebbb4c97f5e31b2e8f1bff6890570cba798570f993d907ecd2a779b22cc7be03150d4089435a740319f144fb75860672f0894ece1e36b5c1da0d4c583b7eb6b02d8ff1afc79c69c80055c6b9097c9e5fc8642e1407cefac9a1723b53804807fc6f439c9128b6194a0c12cb911ff6b0cf10e88470045b4c7ad985c9020048b31ed9e63834aa2b2db022ca8a0a53fbb9f3e39b8420f8ed65fc548848dc52a58b53c7d6fff1bd68525e846fcf29de2452a0e7f968ca158a8b982dbab8f2e4aacd94eb0b6df7f9e904ce7ca74c1bfe20e306135bd3566d900011b739921d72ff21472a37d9998861248124c3e6b53757ccea0b6b37d828e635ab95004e87863085be686ef7136b5d94e285656105cb32c6eb7761f948cb6a10d69f411e749d864cc0f86f3ab984aa946b6ef9a4364bae9ba61430db9482756cd0465b3e538455e855dfccce9290675dd705f23410f41739fe94f95b5e82d699e26112a8e793d16f88273404f7417dd85cfdb748b03e974d7a8dc6a3b56db21e41932afc652d35e090842d68b8a8a6b72a846d8a855d9b18dfbb23e195d95031014913320e908e744080c226a639f7f6b9ad2ee6161095fa4c706e399e5a4292673896ce31a27aea87c5a8a06d4138209430768f61dd66be4ac439b7e0f925b0aa8e696a7618f6ea8b31bd006fde7c26b33760b745ace3650f748294d32eaf4c737f6998fdc2e7df5c98d9880faa5dcc7a7642b69a32f1770ee8b5009a23c4f5bb744cc30ac", 0x9c1}, {&(0x7f0000000380)}, {&(0x7f0000000040)="045ec6b8", 0x4}, {&(0x7f0000003640)="bedff1894520227536a640bb2972e5421b17af14390da2716bcd3d4c45998159d047d14ab96cb9464902efe96623c6026b0c7d41a57db13fb2ce4553a57e02c62b0d9c837f9c38327505639fc8d9f8588fb9ac9fed1a65df12188ceacbc730d7ab1b3e184b711731d4fc7566fa6a320b5e7f9488c41e45d744604d7cb83db1da1ae40c791834cd623c876c45152f38c16c729b0eff2763610f85608dcf1aae64537a870aaa3613eab37084a39be937817f4b3f11db3fe88540d4d462025ae2fa04e991e83cba19d752bd74b47a61ec94f9a5e39bc4aa3940065b62e173294a2475222e2a86764de906151f905bf8f6234523b94854358de0c3adb963a31a49f349e6578675bda18d7f821e3aea6b81dca7fe0f2db7090de0cb6bdd7eb9a55f31109e7879f544df50cc19fad6888d862e12a49bc0561aec5b09b127247f9cb3cfef31811a20fe1493e21d7bd1ae8645e1c3dce4210d430ad5b5eb25761919019c7bb4fe0e72dd19b23b01ceafc2a8c16ac4957a5f1a4aad8aa2e9c9686f4bd08a6253c527c1b73058d2cddde11f13ab5f1b1a83da79ba7650558bc6079466fed3d34bcdf2dabb00890036d360d609efdad31133cf08d559359835dfd7d724b240918744a945e5603fd80ec8a52a6c7df8a7315e460d279df43d3b8fc5d2b50625abfeb827e3e246cdac1edfee454c0210d09986564537955a6b5cbc776bcef16c53a05743de6d9ec30ca3038fa56c029434a3e8ba2aa03094ef3eb43f1c612fb68431c028b40ee4ccd905ef9cdd8cfab45d15fd3f31c993c22bdf8c38a2b9904502d34b1cb97371ef42f4164719227d976ed2444d6b62e7b4cdb8e21787365b6c8904c1b56629422fb8417cf6a64fe9fe5b1db32bc9371b154e8480784e1349440292b295df33cbd390f78c91d2308b354e3b96e0946aa572f7e3261820836021dad76cb79d0376b2eceb55b92b8ee18dbe8d8c7febba0c409b12a18c209f2806e09af6112a7e4120072d320e9bd941093011bf251008c88bbca49f258a81e3db4798dcb4ab767bda89da7baa81a5f50b767297470cb84e474356520dabaf09f4b1568a58a3308c592248caefff5861a34f71b793b13383c6f3df98e00606ea8867077ec68b24754477825163f22ea108f5285c67cd84d2ed4eeb273be762c528b06fd68b3f83b57fb39ad74a70e73199dcd569bb1ca0514653349cfc58b9626316c7b89cd4e11f89414c3a015271a1dd483003d0e21d33500f84ac5a7460f548306cbb2ca4bf7cfa661a9d7a4fd6a1cf7215374e55364eb82f9aa8b4b652cc3e043e6d18fab569b906d900a2e9ce0aa6039db351d9ab468188a2d67b3044a7e22939418a8d5d9826f3d6146f3ce347ea71a52f707144c9eeaaa916fc760a2511939365854cd1c0f9e38f717d07a9948e3a63b2608f2530f12bdf6641b1160bf3de4abe6539e7744ed0448c266e82b8f8ce8568bd28ac06e68fbb7eaac6d67d14e3e0f9fc3cf618e306cbed6086307368800e39dc0d994c1338b5bee128c5e3a72ea127158eb16718bafb0907292cafc73980085ce185bb4bd91ef694c2dcb623052f75c0fffa0ef00a5fd7a08cfd2565f84a6ba057fe814f1d318aee416ed3d094cc62c3f8962b181ce9899bf651eceffc8e81b86bd58810bc91fa29b3f190311574e8826a0ea9c0a7728ebffccf754a11498bd87ae26a3671e9f187d8453b93aac552197b1bdbffc204987cca194302ffdd640bc2a973e6ab734f638386274a7c233a0fa43c185ae6373be92c0240734d2a73faf0f244b8dc0aa7920067cb6e65a71b506305d71ddc819892d093a3c9816acaa92046280f6172d0acc596889993c596923c69cc0d13c1c9198408dfad25a30609050481d488a5f177e1690cba005dc3e4528874d5eeb46040861ed05a1ac5e934ceddf8aa6f0d09b5b63221611ec3d9ac8c6edfdd93a40df5ec237f0594bcc227f382c101cfa240dea676858c6c7610f6c5cc43f9d26f947d1de277c8f9f1342f47ca847a03432470febb7a9c5ed219c13b21543baa94dc6a11e58a6c077e300523bc55fdf4446fe7785f328b12c9e660ba996bac83abea43f9792384c3ad953536ae6beb836e5e0cddbf61736fbb0909ca3ea3d90149ee9f3a25569a5fb4719045f3f448f48eebf13bf94044b1ba426daf59ab4a92ddad91610b0ecf0c18f9f4fba9865fbfb3fcc8d67776cd03c3f55807b86c1be676e20d900d81f93ec23507d7065876b62abd4024a91a73408b2853dac5fd6564f922f82176f7471db2bd5209827a9fb455f612569212aea5d82a221b422cc8effb3477376f2bf0e68681015892546e98114ed4cb693762e58db9ff1d0b65c7cdbc03c60f19de059ba5521d9011e07baf9150bd430089a56a2006c2e0aee33e750d4a4d9dad83b31d672ffb46f66c2e59a0289e47c708909c7c3f2f0031ac5f5dcce4fbe49ec42ad57d6a3d5e3be989dd0e9a2bb2cc4ab85125718ecc61c787d40d0a555ec9ae5e01f07475de524e606bfb73a190ca576b0f4836dc9fefb39cba834de7c0b043528e3d93bd4f19901c33836585d79c9eb8945f31740fd7a949645730c6e11a7a76aa68ceb7017a9e188e36d96693b757fe1d79d2da44f0603eadf213ea42641c689db48519451e7dda700c8c2360ede55dee38032058e09f57204de7c6a5f95b93196f824a6944528d3abfa8f90ec008beb57d18be6a259f682f622bd3dcab175d06ec97be049fe0ed6dbe34e5301bd4df625f89a4a604e6ce300fd1d7db135ba36b5354d4a0d959524c7fc30080be0fa176f614bb6a25d400d2679514c2c7cd9d4d5fa432b1c2337b029eaa8b71692b30a1e6742f09a135bbf8718cb70e2a9543a98555b95950dccbcbf87d0810d8660d311bb1b096338ef8f4476685871b365eea3f4d5a98f5eca7e1296ac646f33b561b759d4d56bbc513c81ec75efffb2162662a9568237bc22cb8c2640d85438de931b47198f6a4549f617cd5148bea51b7b28e0918cd393855cd99e34fe383a9ce22e0213473f0690fb71d9eed2e6ebcf275e82dffcadf405f0a1c15be3e1bc65f560ec78902d65f38031dcd38078fba4681eb84f0c4c39c5692eda3507cf71f58e82e3f7184020544e790b7565b2762f19220b1922721a49b2326212769eec1007c96767017cca1484e80f6fb6fabaef528f8f86d4ebf946c12213b617ef92ab32b065ec13e178900380565b9a5506fc7d6f3030440e91de44c492ecfb897d00064af4836673d8f52d815461ab6948b83746017f8a70362e7991ce6ad4c8facd2db296f4e8b45544a73c6244e650b1e11d386b2fc893f44a322634a792b49b37288d7b961caea039739c218c2d633a28fdaa62950eb4405bf9bd41e66dee25560ffe96aa90781d6f2d81b80a40027d6380bb69d704e030d9c931ca3758acd275152a75c3cd67428a4b63be3f7d8b99171c825c5c804a1eeee6fdd", 0x99a}, {&(0x7f0000000200)="26f640", 0x3}], 0x5, 0x8)
ioctl$sock_inet_udp_SIOCINQ(r6, 0x541b, 0x0)
syz_emit_ethernet(0x35, &(0x7f00000002c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @broadcast, @val={@val={0x88a8, 0x2, 0x1, 0x1}, {0x8100, 0x5, 0x1, 0x2}}, {@arp={0x806, @generic={0x313, 0x201, 0x6, 0x1, 0x8, @local, "a8", @random="758201f95753", "1041d2849cb124847155"}}}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="300000000101010300000000000000000a000000100001800c00028005000100010000000c0019800800010008080000b0138a41c883fe39fcb5ecbea16906a5a37582fc8f755604b0fe1ec6aa13cc66742b2793eb0528b6b7b4942531f5d60b3914b094"], 0x30}}, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32], 0x0)
prctl$PR_SET_MM(0x4e, 0x2, &(0x7f00002d5000/0x1000)=nil)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r8, r8, 0x0, 0x200000)
fsetxattr$trusted_overlay_upper(r1, &(0x7f0000000200), &(0x7f0000000500)=ANY=[@ANYBLOB="00fb1546e5145d755c2b752cb13a8c38a0"], 0x15, 0x1)

3.946333444s ago: executing program 0 (id=6711):
r0 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r0, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="0212000902000000e4a17c45c856", 0xe}, {&(0x7f00000001c0)="e491", 0x2}], 0x2}, 0x0) (fail_nth: 1)

3.519751398s ago: executing program 4 (id=6715):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000007a00)=[{{0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f0000000340)=""/237, 0xed}], 0x1}, 0x4}], 0x1, 0x2, 0x0)

3.449810681s ago: executing program 0 (id=6716):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000500)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000580)="02042700ea0e0000000000001eafbcf706e105000000000000001104ee1606d4b8bf4a828bda305775c43824cee8440000", 0x31}, {&(0x7f0000000100)="126873159fca3fa38fb198e9a6", 0xd}], 0x2}, 0x40000)

3.084176862s ago: executing program 4 (id=6717):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x141e42, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000006c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x1, 0x8000, 0x40024e}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000180)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r9=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r9, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x103a42, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r10 = socket(0x400000000010, 0x3, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
r13 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r14=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r14, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x6e6a, 0xd, 0x401, 0x5b11f4d1, 0x4, 0x93, 0x5, 0x2c3, 0xfcd8}}}}]}, 0x58}}, 0x4000)
sendmsg$nl_route_sched(r10, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001340)=@newtfilter={0x3c, 0x2c, 0xd2b, 0x800, 0x25dfdbfb, {0x0, 0x0, 0x0, r12, {0x9}, {}, {0x7, 0xf}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x1, 0x7}}]}}]}, 0x3c}}, 0x24044094)
syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_MSG_RING={0x28, 0x40, 0x0, r5, 0x1, 0x0, 0x41, 0x2})
io_uring_enter(r5, 0x4000627, 0x1996, 0x43, 0x0, 0x0)
semget$private(0x0, 0x1, 0x20)
r15 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r15, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100020000396806674d867b26e86a7660000000730000d0000000000500000000000000"])
close_range(r0, 0xffffffffffffffff, 0x0)

3.009649977s ago: executing program 0 (id=6718):
migrate_pages(0x0, 0x4, &(0x7f00000002c0)=0x7f, &(0x7f0000000300)=0xa)
setsockopt$MRT6_DEL_MIF(0xffffffffffffffff, 0x29, 0xcb, 0x0, 0x0)
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0xd3, &(0x7f0000000000)=""/125, &(0x7f0000000100)=0x7d)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000340)=<r0=>0x0)
r1 = syz_open_procfs(r0, &(0x7f0000000280)='numa_maps\x00')
ioctl$KDGKBMETA(0xffffffffffffffff, 0x4b62, &(0x7f0000000240))
preadv(r1, &(0x7f0000000540)=[{&(0x7f0000000140)=""/205, 0xcd}], 0x1, 0xfffffffb, 0xbf6b)
read$FUSE(r1, &(0x7f0000001b40)={0x2020}, 0x2020)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x2}, 0x1c)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000183b9220b113420016580102030109021b00010000000009040000012e459e00090504", @ANYRESDEC], 0x0)

2.597424729s ago: executing program 1 (id=6720):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x141e42, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x40000073, 0x0, 0x5}]})
close_range(r0, 0xffffffffffffffff, 0x0)

2.406969259s ago: executing program 2 (id=6721):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x141e42, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x40000073, 0x0, 0x5}]})
close_range(r0, 0xffffffffffffffff, 0x0) (fail_nth: 1)

2.260326812s ago: executing program 1 (id=6722):
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xd, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x0, 0x84)
socket(0x10, 0x3, 0x6)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$netlink(0x10, 0x3, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r0 = socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket(0xa, 0x805, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c00000010001ffe00989837a182138b00268f1c", @ANYRES32, @ANYBLOB="ff7f000080000000140012800a00010076786c616e0000000400028008000a00", @ANYRES64], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001e00)={0x0, 0x41, 0x0, 0x0, 0x0, 0x0, 0x40400c0}, 0x0)
prctl$PR_SET_IO_FLUSHER(0x43, 0x4)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet6_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000100))
r2 = syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = open_tree(r2, &(0x7f00000001c0)='./file0\x00', 0x8901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

1.913697604s ago: executing program 4 (id=6723):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, r1, 0x1, 0x8001, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x40800) (fail_nth: 1)

1.873917268s ago: executing program 2 (id=6724):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, r1, 0x1, 0x8001, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x40800)

1.493307496s ago: executing program 4 (id=6725):
fsopen(&(0x7f0000000000)='udf\x00', 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x8})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000010c0), 0x802, 0x0)
write$uinput_user_dev(r1, &(0x7f0000000080)={'syz0\x00', {0x1}, 0x42, [0x0, 0x3, 0x403, 0x100000, 0x6, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, 0xffffffff, 0x0, 0x0, 0x0, 0xeed1, 0x3, 0xffffffc, 0x8, 0x0, 0x0, 0xed9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000a, 0x0, 0x1, 0x80000007, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3, 0x0, 0x4, 0x0, 0xffffffff], [0x0, 0xa82, 0x0, 0x3, 0x2, 0x733, 0x3, 0xedc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2000000, 0x0, 0x0, 0x80000, 0x0, 0xfffffff8, 0x0, 0x1, 0x79, 0xfffffffd, 0x0, 0x0, 0x0, 0x2, 0x47, 0x10000, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x7fff0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x28220be6, 0x401, 0x0, 0x2, 0xfffffffc, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x20], [0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0xfcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x7, 0x0, 0x0, 0xfffffffe, 0x0, 0xfffffffd, 0x800, 0x0, 0x0, 0x400, 0x0, 0xffffffff, 0x89, 0x0, 0x800, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x80008000, 0x0, 0xfffffffe, 0xfffffffc, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x351e, 0x0, 0xd, 0x0, 0x0, 0x6492, 0x8], [0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xd2a, 0x200000, 0x0, 0x0, 0x10, 0x0, 0x0, 0x804, 0x0, 0xf, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x2, 0x0, 0x4, 0x0, 0xfd32, 0x6, 0x0, 0x6, 0x0, 0x2, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, 0x0, 0xfffffffc, 0x0, 0x8000006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x1, 0x0, 0x0, 0x100000]}, 0x45c)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x5)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
pwritev(r2, &(0x7f00000001c0)=[{&(0x7f0000000280)="be", 0x1}, {0x0, 0x3e}], 0x2, 0xfffffffe, 0x0)
ioctl$UI_SET_SWBIT(r1, 0x4004556d, 0x3)
ioctl$UI_DEV_CREATE(r1, 0x5501)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)
close_range(r0, r0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000060a0b04000000000000000002000000200004801c0001800b00010072656a65637400000c00028008000140000000010900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x74}}, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_PASTESEL(r4, 0x4b52, 0x0)

1.237603696s ago: executing program 1 (id=6726):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newsa={0xec, 0x10, 0x200, 0x70bd28, 0x0, {{@in=@initdev={0xac, 0x1e, 0x9, 0x0}, @in=@local, 0x4e23, 0x1, 0x0, 0x2000, 0xa, 0x0, 0x0, 0x33}, {@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x32}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', {0x0, 0x0, 0x8, 0x100000001, 0x6}, {0x0, 0x0, 0x2, 0xfffffffffffffffc}, {0xc, 0xfffffffc}, 0x70bd27, 0x0, 0x2, 0x0, 0x2}}, 0xec}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000000)={{0x2, 0xfffd, 0x3}, 'syz0\x00', 0x3c})
r0 = syz_io_uring_setup(0x3380, &(0x7f0000000180)={0x0, 0xa2c2, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[@ANYBLOB='5'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x41, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x21, 0x1, {0x1}})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f000000060027000000000008000a00a8"], 0x6c}}, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r5, &(0x7f0000000140), 0x4924b68, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r7 = syz_open_dev$video4linux(&(0x7f00000001c0), 0x5, 0x80842)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r7, 0x4020565b, &(0x7f0000000300)={0x4, 0x2, 0x5})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_BSS(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010001800000fddbdf251900000008000300", @ANYRES32=r9, @ANYBLOB="0c1a9900b52100005200000005001d0001000000"], 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x40800)

1.128003307s ago: executing program 2 (id=6727):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000007a00)=[{{0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f0000000340)=""/237, 0xed}], 0x1}, 0x4}], 0x1, 0x2, 0x0)

915.794121ms ago: executing program 2 (id=6728):
socket$kcm(0x2, 0xa, 0x2)
write$tun(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
syz_extract_tcp_res$synack(&(0x7f00000002c0)={0x41424344, <r1=>0x41424344}, 0x1, 0x0)
syz_emit_ethernet(0x7b, &(0x7f0000000800)={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2d}, @void, {@ipv4={0x800, @tcp={{0x8, 0x4, 0x1, 0x3a, 0x6d, 0x65, 0x0, 0x2, 0x6, 0x0, @rand_addr=0x64010102, @remote, {[@timestamp={0x44, 0xc, 0x85, 0x0, 0x2, [0x6, 0xffffffff]}]}}, {{0x4e20, 0x4e23, 0x41424344, r1, 0x1, 0x0, 0x5, 0x80, 0x3c6, 0x0, 0x5}, {"039b218ba5d517d9ec736c16e7522792f0221c1017193f0fcb28f7199f19237c4e78519eafbf4c49f38695082a9f6afe7bb5abca134f9c0c35"}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, r1, 0x0, 0x6, 0x5}}}}}}, 0x0)

857.400443ms ago: executing program 1 (id=6729):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0xd8, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x4, 0x2}, {0x0, 0x1}, {0x0, 0xfff1}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_RATE={0x6, 0x5, {0x8, 0x81}}, @filter_kind_options=@f_bpf={{0x8}, {0x9c, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x84, 0x1, [@m_simple={0x30, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_connmark={0x50, 0x15, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xeee4, 0x2, 0x6, 0xc, 0x6}, 0x12}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}]}, 0xd8}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

774.653948ms ago: executing program 2 (id=6730):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000ec0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000004c0)="1e", 0x1}], 0x1}}], 0x1, 0x60cd894)

736.013588ms ago: executing program 1 (id=6731):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="3400000011000100000000000000000007000000", @ANYRES32=r2], 0x34}}, 0x0)

609.969645ms ago: executing program 2 (id=6732):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6(0xa, 0x2, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x8a00, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x42, 0x0)
r1 = accept4$unix(0xffffffffffffffff, 0x0, &(0x7f00000000c0), 0x80000)
connect$unix(r1, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x104)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000001100)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f00000010c0)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r3, &(0x7f00000093c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000004200)={0x50, 0xfffffffffffffffe, r4, {0x7, 0x1f, 0x0, 0x2066002, 0x1}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
getdents64(r5, 0x0, 0x0)
write$FUSE_NOTIFY_DELETE(r3, &(0x7f0000000080)={0x2a, 0x6, 0x0, {0x1, 0x200000000004, 0x1, 0x2, '\x00', 0x8}}, 0x2a)
syz_fuse_handle_req(r3, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)={0x10}, 0x0, 0x0, 0x0})
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)

556.316841ms ago: executing program 1 (id=6733):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
write$char_usb(0xffffffffffffffff, &(0x7f0000000040)="e2", 0x2250)
r2 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0xc95e})
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x1ef6e3}], 0x100000000000011a)

0s ago: executing program 3 (id=6734):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = socket(0x1, 0x803, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="44000000100003040000", @ANYRES32=0x0, @ANYBLOB="0000000000000000150012800b0001006970766c616e00000400028708000500", @ANYRES32=r1], 0x44}}, 0x8000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bond0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="780000001000010400"/20, @ANYRES32=r4, @ANYBLOB="60300300001400005800128009000100626f6e6400000000480002802c0008"], 0x78}}, 0x0)

kernel console output (not intermixed with test programs):

er pn533_usb failed with error -90
[ 2257.741296][T16770] usb 5-1: Product: syz
[ 2257.745550][T16770] usb 5-1: Manufacturer: syz
[ 2257.782132][T29469] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 2257.813952][T16770] usb 5-1: SerialNumber: syz
[ 2257.997309][T16770] usb 5-1: config 0 descriptor??
[ 2258.027893][    C1] usb 5-1: NFC: Urb failure (status -71)
[ 2258.048259][T16770] usb 5-1: NFC: Unable to get FW version
[ 2258.101420][T16770] pn533_usb 5-1:0.113: probe with driver pn533_usb failed with error -90
[ 2258.116486][T29651] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2258.127967][T29651] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2258.661881][T29658] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2258.806892][T29644] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2258.826998][T29658] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2258.850830][T29644] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2258.869020][T29469] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2259.284672][T29469] 8021q: adding VLAN 0 to HW filter on device team0
[ 2259.704588][T16014] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2259.711819][T16014] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2259.799248][T16014] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2259.806556][T16014] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2260.638443][T29469] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2260.707179][T16628] usb 3-1: USB disconnect, device number 119
[ 2260.885740][T29469] veth0_vlan: entered promiscuous mode
[ 2260.911953][T29469] veth1_vlan: entered promiscuous mode
[ 2260.975582][T29469] veth0_macvtap: entered promiscuous mode
[ 2260.999725][T29469] veth1_macvtap: entered promiscuous mode
[ 2261.111513][T29469] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2261.190016][T29469] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2261.244187][T29469] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2261.274668][T29469] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2261.293735][T29469] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2261.351400][T29469] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2261.468481][T16628] usb 5-1: USB disconnect, device number 70
[ 2261.595127][ T9844] usb 4-1: USB disconnect, device number 48
[ 2262.045977][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2262.065569][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2262.098316][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2262.411387][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2262.824319][T29702] netlink: 44 bytes leftover after parsing attributes in process `syz.4.6388'.
[ 2265.847592][ T9844] usb 4-1: new full-speed USB device number 49 using dummy_hcd
[ 2266.030454][ T9844] usb 4-1: config 0 has an invalid interface number: 113 but max is 0
[ 2266.044042][ T9844] usb 4-1: config 0 has no interface number 0
[ 2266.175612][ T9844] usb 4-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 2266.187960][T16628] usb 5-1: new full-speed USB device number 71 using dummy_hcd
[ 2266.303581][ T9844] usb 4-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2266.338735][ T9844] usb 4-1: config 0 interface 113 has no altsetting 0
[ 2266.370853][ T9844] usb 4-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 2266.381306][ T9844] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2266.402866][ T9844] usb 4-1: Product: syz
[ 2266.419728][ T9844] usb 4-1: Manufacturer: syz
[ 2266.431528][ T9844] usb 4-1: SerialNumber: syz
[ 2266.439014][T16628] usb 5-1: config 0 has an invalid interface number: 113 but max is 0
[ 2266.448592][T16628] usb 5-1: config 0 has no interface number 0
[ 2266.462680][T16628] usb 5-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 2266.503691][ T9844] usb 4-1: config 0 descriptor??
[ 2266.571814][    C0] usb 4-1: NFC: Urb failure (status -71)
[ 2266.580940][ T9844] usb 4-1: NFC: Unable to get FW version
[ 2266.597415][ T9844] pn533_usb 4-1:0.113: probe with driver pn533_usb failed with error -90
[ 2266.662500][T16628] usb 5-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2266.723243][T10210] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2267.002042][T16628] usb 5-1: config 0 interface 113 has no altsetting 0
[ 2267.035375][T16628] usb 5-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 2267.048232][T16628] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2267.227494][T16628] usb 5-1: Product: syz
[ 2267.242365][T16628] usb 5-1: Manufacturer: syz
[ 2267.268777][T16628] usb 5-1: SerialNumber: syz
[ 2267.298426][T16628] usb 5-1: config 0 descriptor??
[ 2267.327646][    C0] usb 5-1: NFC: Urb failure (status -71)
[ 2267.333714][T16628] usb 5-1: NFC: Unable to get FW version
[ 2267.379420][T29775] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2267.388149][T16628] pn533_usb 5-1:0.113: probe with driver pn533_usb failed with error -90
[ 2267.458251][T29775] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2267.629976][T10210] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2268.061980][T10210] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2268.731462][T10210] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2268.744411][T29779] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2268.791101][T29779] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2269.594356][T16628] usb 4-1: USB disconnect, device number 49
[ 2269.741603][T10210] bridge_slave_1: left allmulticast mode
[ 2269.773222][T10210] bridge_slave_1: left promiscuous mode
[ 2269.799465][T10210] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2269.861738][T10210] bridge_slave_0: left allmulticast mode
[ 2269.889941][T10210] bridge_slave_0: left promiscuous mode
[ 2269.917462][T10210] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2270.099750][T15895] Bluetooth: hci2: command 0x0406 tx timeout
[ 2270.318465][   T24] usb 4-1: new full-speed USB device number 50 using dummy_hcd
[ 2270.623262][   T24] usb 4-1: config 0 has an invalid interface number: 113 but max is 0
[ 2270.685303][   T24] usb 4-1: config 0 has no interface number 0
[ 2270.709483][   T24] usb 4-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 2270.734549][   T24] usb 4-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2270.760031][   T24] usb 4-1: config 0 interface 113 has no altsetting 0
[ 2270.781082][   T24] usb 4-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 2270.790557][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2270.799107][   T24] usb 4-1: Product: syz
[ 2270.810231][   T24] usb 4-1: Manufacturer: syz
[ 2270.835033][   T24] usb 4-1: SerialNumber: syz
[ 2270.875854][   T24] usb 4-1: config 0 descriptor??
[ 2270.923214][    C1] usb 4-1: NFC: Urb failure (status -71)
[ 2270.931154][   T24] usb 4-1: NFC: Unable to get FW version
[ 2270.951662][   T24] pn533_usb 4-1:0.113: probe with driver pn533_usb failed with error -90
[ 2270.953375][T15895] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 2270.978703][T15895] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 2271.001400][T15895] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 2271.010260][T15895] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 2271.039232][T15895] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 2271.293064][T29825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6409'.
[ 2271.352365][T29825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6409'.
[ 2271.410526][T29825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6409'.
[ 2271.451347][T29827] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6409'.
[ 2271.565759][T29827] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6409'.
[ 2271.680994][T29828] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2271.693724][T29828] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2272.109597][T10210] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2272.128556][T10210] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2272.183702][T10210] bond0 (unregistering): Released all slaves
[ 2272.218367][   T24] usb 5-1: USB disconnect, device number 71
[ 2272.330663][T29830] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6410'.
[ 2273.160851][T15895] Bluetooth: hci4: command tx timeout
[ 2274.043285][T10210] hsr_slave_0: left promiscuous mode
[ 2274.060281][T10210] hsr_slave_1: left promiscuous mode
[ 2274.085347][T10210] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2274.136942][T10210] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2274.196741][T10210] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2274.234985][T10210] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2274.320331][T14366] usb 4-1: USB disconnect, device number 50
[ 2274.525550][T10210] veth1_macvtap: left promiscuous mode
[ 2274.563624][T10210] veth0_macvtap: left promiscuous mode
[ 2274.585324][T10210] veth1_vlan: left promiscuous mode
[ 2274.605181][T10210] veth0_vlan: left promiscuous mode
[ 2274.936749][T29873] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6419'.
[ 2275.217509][T15895] Bluetooth: hci4: command tx timeout
[ 2275.572572][T10210] team0 (unregistering): Port device team_slave_1 removed
[ 2275.636923][T10210] team0 (unregistering): Port device team_slave_0 removed
[ 2276.226186][   T24] usb 4-1: new full-speed USB device number 51 using dummy_hcd
[ 2276.442380][   T24] usb 4-1: config 0 has an invalid interface number: 113 but max is 0
[ 2276.452388][   T24] usb 4-1: config 0 has no interface number 0
[ 2276.465850][   T24] usb 4-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 2276.484194][   T24] usb 4-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2276.498795][   T24] usb 4-1: config 0 interface 113 has no altsetting 0
[ 2276.532862][   T24] usb 4-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 2276.546792][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2276.561261][   T24] usb 4-1: Product: syz
[ 2276.566892][   T24] usb 4-1: Manufacturer: syz
[ 2276.571888][   T24] usb 4-1: SerialNumber: syz
[ 2276.596559][   T24] usb 4-1: config 0 descriptor??
[ 2276.605724][    C1] usb 4-1: NFC: Urb failure (status -71)
[ 2276.614900][   T24] usb 4-1: NFC: Unable to get FW version
[ 2276.636987][   T24] pn533_usb 4-1:0.113: probe with driver pn533_usb failed with error -90
[ 2276.685173][T29851] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6415'.
[ 2277.316114][T15895] Bluetooth: hci4: command tx timeout
[ 2277.333267][T29893] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2277.407206][T29898] loop6: detected capacity change from 0 to 7
[ 2277.414596][T29893] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2277.426752][T29898] Dev loop6: unable to read RDB block 7
[ 2277.460949][T29898]  loop6: AHDI p1 p2
[ 2277.469875][T29898] loop6: partition table partially beyond EOD, truncated
[ 2277.519487][T29898] loop6: p1 start 926365495 is beyond EOD, truncated
[ 2277.537076][T29824] chnl_net:caif_netlink_parms(): no params data found
[ 2278.610262][T29824] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2278.630001][T29824] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2278.647351][T29824] bridge_slave_0: entered allmulticast mode
[ 2278.664828][T29824] bridge_slave_0: entered promiscuous mode
[ 2278.689898][T29824] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2278.717052][T29824] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2278.737373][T29824] bridge_slave_1: entered allmulticast mode
[ 2278.759129][T29824] bridge_slave_1: entered promiscuous mode
[ 2278.871332][T29824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2278.917492][T29824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2279.150298][T29925] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6426'.
[ 2279.168472][T29824] team0: Port device team_slave_0 added
[ 2279.436817][T15895] Bluetooth: hci4: command tx timeout
[ 2279.447563][T29824] team0: Port device team_slave_1 added
[ 2279.619336][T29824] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2279.632080][T29824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2279.699299][T29824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2279.742814][T29824] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2279.767115][T29824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2279.833772][T29824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2280.249475][T29824] hsr_slave_0: entered promiscuous mode
[ 2280.387344][T29824] hsr_slave_1: entered promiscuous mode
[ 2280.406442][T29824] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2280.448774][T29824] Cannot create hsr debugfs directory
[ 2280.514061][T16628] usb 4-1: USB disconnect, device number 51
[ 2283.380945][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 2283.391512][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 2283.876815][T16628] usb 3-1: new full-speed USB device number 120 using dummy_hcd
[ 2284.081698][T16628] usb 3-1: config 0 has an invalid interface number: 113 but max is 0
[ 2284.090987][T16628] usb 3-1: config 0 has no interface number 0
[ 2284.121093][T16628] usb 3-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 2284.175566][T16628] usb 3-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2284.220421][T16628] usb 3-1: config 0 interface 113 has no altsetting 0
[ 2284.250409][T16628] usb 3-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 2284.263972][T16628] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2284.275002][T16628] usb 3-1: Product: syz
[ 2284.315598][T16628] usb 3-1: Manufacturer: syz
[ 2284.331713][T16628] usb 3-1: SerialNumber: syz
[ 2284.379795][T29984] loop6: detected capacity change from 0 to 7
[ 2284.541353][T16628] usb 3-1: config 0 descriptor??
[ 2284.571498][    C0] usb 3-1: NFC: Urb failure (status -71)
[ 2284.578047][T16628] usb 3-1: NFC: Unable to get FW version
[ 2284.584357][T16628] pn533_usb 3-1:0.113: probe with driver pn533_usb failed with error -90
[ 2284.630812][T29824] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 2284.693303][T29984] Dev loop6: unable to read RDB block 7
[ 2284.709081][T29984]  loop6: AHDI p1 p2
[ 2284.715002][T29984] loop6: partition table partially beyond EOD, truncated
[ 2284.804606][T29824] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 2284.858039][T29984] loop6: p1 start 926365495 is beyond EOD, truncated
[ 2284.890150][T29824] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 2285.386854][T29824] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 2285.401803][T26819] udevd[26819]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[ 2285.872850][T29992] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2285.959192][T29992] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2286.622182][T29824] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2286.740673][T29824] 8021q: adding VLAN 0 to HW filter on device team0
[ 2286.839796][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2286.847002][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2286.942532][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2286.949855][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2287.301896][T29824] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2287.443589][T29824] veth0_vlan: entered promiscuous mode
[ 2287.539787][T14366] usb 3-1: USB disconnect, device number 120
[ 2287.570463][T29824] veth1_vlan: entered promiscuous mode
[ 2288.035378][T29824] veth0_macvtap: entered promiscuous mode
[ 2288.078499][T29824] veth1_macvtap: entered promiscuous mode
[ 2288.199731][T29824] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2288.253122][T29824] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2288.302168][T29824] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2288.373558][T29824] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2288.434323][T29824] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2288.484942][T29824] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2288.938690][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2288.998941][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2289.177838][T16014] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2289.196899][T16014] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2293.986208][T28401] usb 3-1: new full-speed USB device number 121 using dummy_hcd
[ 2294.081934][T30103] loop6: detected capacity change from 0 to 7
[ 2294.160612][T26819] Dev loop6: unable to read RDB block 7
[ 2294.170824][T26819]  loop6: AHDI p1 p2
[ 2294.174786][T26819] loop6: partition table partially beyond EOD, truncated
[ 2294.264638][T26819] loop6: p1 start 926365495 is beyond EOD, truncated
[ 2294.292837][T28401] usb 3-1: config 0 has an invalid interface number: 113 but max is 0
[ 2294.336152][T28401] usb 3-1: config 0 has no interface number 0
[ 2294.431015][T28401] usb 3-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 2294.491399][T30103] Dev loop6: unable to read RDB block 7
[ 2294.502581][T30103]  loop6: AHDI p1 p2
[ 2294.508682][T30103] loop6: partition table partially beyond EOD, truncated
[ 2294.527242][T30103] loop6: p1 start 926365495 is beyond EOD, truncated
[ 2294.925450][T28401] usb 3-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2295.138173][T28401] usb 3-1: config 0 interface 113 has no altsetting 0
[ 2295.278181][T30106] kthread_run failed with err -4
[ 2295.380916][T26819] udevd[26819]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[ 2295.386734][T28401] usb 3-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 2295.411199][T28401] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2295.446552][T28401] usb 3-1: Product: syz
[ 2295.451345][T28401] usb 3-1: Manufacturer: syz
[ 2295.476080][T28401] usb 3-1: SerialNumber: syz
[ 2295.492276][T28401] usb 3-1: config 0 descriptor??
[ 2295.537279][    C1] usb 3-1: NFC: Urb failure (status -71)
[ 2295.543416][T28401] usb 3-1: NFC: Unable to get FW version
[ 2295.549693][T28401] pn533_usb 3-1:0.113: probe with driver pn533_usb failed with error -90
[ 2296.189421][T30095] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2296.201658][T30095] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2297.789745][T30131] kthread_run failed with err -4
[ 2298.524389][T14366] usb 3-1: USB disconnect, device number 121
[ 2300.288585][T30173] loop6: detected capacity change from 0 to 7
[ 2300.299207][T30173] Dev loop6: unable to read RDB block 7
[ 2300.304910][T30173]  loop6: AHDI p1 p2
[ 2300.420707][T30173] loop6: partition table partially beyond EOD, truncated
[ 2300.454371][T30173] loop6: p1 start 926365495 is beyond EOD, truncated
[ 2300.636132][T28401] usb 4-1: new full-speed USB device number 52 using dummy_hcd
[ 2300.873849][T28401] usb 4-1: config 0 has an invalid interface number: 113 but max is 0
[ 2300.904762][T28401] usb 4-1: config 0 has no interface number 0
[ 2300.948611][T28401] usb 4-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 2301.342843][T28401] usb 4-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2301.366124][T28401] usb 4-1: config 0 interface 113 has no altsetting 0
[ 2301.408260][T28401] usb 4-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 2301.477473][T28401] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2301.517995][T28401] usb 4-1: Product: syz
[ 2301.531331][T28401] usb 4-1: Manufacturer: syz
[ 2301.577013][T28401] usb 4-1: SerialNumber: syz
[ 2301.616783][T28401] usb 4-1: config 0 descriptor??
[ 2301.629217][    C1] usb 4-1: NFC: Urb failure (status -71)
[ 2301.655764][T28401] usb 4-1: NFC: Unable to get FW version
[ 2301.685126][T28401] pn533_usb 4-1:0.113: probe with driver pn533_usb failed with error -90
[ 2302.253471][T30184] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2302.322368][T30184] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2303.523628][T30196] loop6: detected capacity change from 0 to 7
[ 2303.543115][T30196] Dev loop6: unable to read RDB block 7
[ 2303.549466][T30196]  loop6: AHDI p1 p2
[ 2303.553525][T30196] loop6: partition table partially beyond EOD, truncated
[ 2303.561552][T30196] loop6: p1 start 926365495 is beyond EOD, truncated
[ 2304.361713][ T9844] usb 4-1: USB disconnect, device number 52
[ 2305.088062][T30216] loop6: detected capacity change from 0 to 7
[ 2305.133978][T30216] Dev loop6: unable to read RDB block 7
[ 2305.144926][T30216]  loop6: AHDI p1 p2
[ 2305.151291][T30216] loop6: partition table partially beyond EOD, truncated
[ 2305.180420][T30216] loop6: p1 start 926365495 is beyond EOD, truncated
[ 2307.226619][ T9844] usb 5-1: new full-speed USB device number 72 using dummy_hcd
[ 2307.413086][ T9844] usb 5-1: config 0 has an invalid interface number: 113 but max is 0
[ 2307.442536][ T9844] usb 5-1: config 0 has no interface number 0
[ 2307.478665][ T9844] usb 5-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 2307.530124][ T9844] usb 5-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2307.572107][ T9844] usb 5-1: config 0 interface 113 has no altsetting 0
[ 2307.904183][T30241] loop6: detected capacity change from 0 to 7
[ 2308.066251][T30241] Dev loop6: unable to read RDB block 7
[ 2308.072188][T30241]  loop6: AHDI p1 p2
[ 2308.152555][ T9844] usb 5-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 2308.166569][ T9844] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2308.174626][ T9844] usb 5-1: Product: syz
[ 2308.216630][ T9844] usb 5-1: Manufacturer: syz
[ 2308.231790][ T9844] usb 5-1: SerialNumber: syz
[ 2308.260781][ T9844] usb 5-1: config 0 descriptor??
[ 2308.289848][    C0] usb 5-1: NFC: Urb failure (status -71)
[ 2308.299555][ T9844] usb 5-1: NFC: Unable to get FW version
[ 2308.314822][ T9844] pn533_usb 5-1:0.113: probe with driver pn533_usb failed with error -90
[ 2308.324399][T30241] loop6: partition table partially beyond EOD, truncated
[ 2308.356803][T30241] loop6: p1 start 926365495 is beyond EOD, truncated
[ 2308.783091][T26819] udevd[26819]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[ 2308.939280][T30233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2308.997205][T30233] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2309.494934][T30248] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[ 2309.536775][T30248] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[ 2309.615759][T30248] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[ 2309.645180][T30248] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[ 2309.665763][T30248] geneve2: entered promiscuous mode
[ 2309.671400][T30248] geneve2: entered allmulticast mode
[ 2311.446668][T30266] kthread_run failed with err -4
[ 2311.828903][   T24] usb 5-1: USB disconnect, device number 72
[ 2312.366665][T30277] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6488'.
[ 2312.560595][T30282] loop6: detected capacity change from 0 to 7
[ 2312.677451][T26819] Dev loop6: unable to read RDB block 7
[ 2312.683119][T26819]  loop6: AHDI p1 p2
[ 2312.693298][T26819] loop6: partition table partially beyond EOD, truncated
[ 2312.715553][T26819] loop6: p1 start 926365495 is beyond EOD, truncated
[ 2312.741911][T30282] Dev loop6: unable to read RDB block 7
[ 2312.748111][T30282]  loop6: AHDI p1 p2
[ 2312.760745][T30282] loop6: partition table partially beyond EOD, truncated
[ 2312.770374][T30282] loop6: p1 start 926365495 is beyond EOD, truncated
[ 2312.925418][T30294] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.6492'.
[ 2312.995643][T30298] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.6494'.
[ 2313.040424][T30301] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.6493'.
[ 2316.478596][T30324] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.6497'.
[ 2317.846829][ T9849] usb 2-1: new full-speed USB device number 65 using dummy_hcd
[ 2318.108477][ T9849] usb 2-1: config 0 has an invalid interface number: 113 but max is 0
[ 2318.221006][ T9849] usb 2-1: config 0 has no interface number 0
[ 2318.251161][ T9849] usb 2-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 2318.273973][ T9849] usb 2-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2318.294258][T30342] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6502'.
[ 2318.305329][ T9849] usb 2-1: config 0 interface 113 has no altsetting 0
[ 2318.611139][ T9849] usb 2-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 2318.622688][ T9849] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2318.725107][ T9849] usb 2-1: Product: syz
[ 2318.743821][ T9849] usb 2-1: Manufacturer: syz
[ 2318.830477][ T9849] usb 2-1: SerialNumber: syz
[ 2318.952494][T30345] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[ 2318.989487][T30345] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[ 2319.000369][ T9849] usb 2-1: config 0 descriptor??
[ 2319.015230][T30345] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[ 2319.058327][T30345] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[ 2319.089033][    C0] usb 2-1: NFC: Urb failure (status -71)
[ 2319.095094][T30345] geneve2: entered promiscuous mode
[ 2319.101483][T30345] geneve2: entered allmulticast mode
[ 2319.109076][ T9849] usb 2-1: NFC: Unable to get FW version
[ 2319.120260][ T9849] pn533_usb 2-1:0.113: probe with driver pn533_usb failed with error -90
[ 2319.886980][T30335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2319.896413][T30335] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2321.434328][T30366] syz_tun (unregistering): left allmulticast mode
[ 2321.442488][T30366] syz_tun (unregistering): left promiscuous mode
[ 2321.454395][T30366] bridge0: port 3(syz_tun) entered disabled state
[ 2321.741195][   T49] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 2322.110631][   T49] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 2322.371444][   T49] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 2322.427900][   T24] usb 2-1: USB disconnect, device number 65
[ 2322.524654][   T49] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 2323.119132][   T49] bridge_slave_1: left allmulticast mode
[ 2323.133428][   T49] bridge_slave_1: left promiscuous mode
[ 2323.150333][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2323.197517][   T49] bridge_slave_0: left allmulticast mode
[ 2323.205093][   T49] bridge_slave_0: left promiscuous mode
[ 2323.227274][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2323.274471][T18381] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2323.285684][T18381] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2323.318454][T18381] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2323.382150][T18381] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2323.396478][T18381] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2324.128865][T15895] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 2324.147446][T15895] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 2324.157320][T15895] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 2324.167886][T15895] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 2324.183244][T15895] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 2324.804527][   T49] bond0 (unregistering): (slave bridge0): Releasing backup interface
[ 2325.549139][T15895] Bluetooth: hci1: command tx timeout
[ 2326.347418][T15895] Bluetooth: hci4: command tx timeout
[ 2326.446565][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2326.497435][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2326.522405][   T49] bond0 (unregistering): Released all slaves
[ 2327.103322][T30429] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6523'.
[ 2327.123487][T30429] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6523'.
[ 2327.155781][T30429] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6523'.
[ 2327.209662][T30432] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6523'.
[ 2327.256977][T30432] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6523'.
[ 2327.465585][T30443] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6525'.
[ 2327.477776][   T49] hsr_slave_0: left promiscuous mode
[ 2327.507362][   T49] hsr_slave_1: left promiscuous mode
[ 2327.514071][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2327.551145][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2327.616964][T15895] Bluetooth: hci1: command tx timeout
[ 2328.185715][T30458] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6529'.
[ 2328.224474][T30458] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6529'.
[ 2328.235068][T30458] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6529'.
[ 2328.293503][T30461] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6529'.
[ 2328.507637][T15895] Bluetooth: hci4: command tx timeout
[ 2329.726465][T15895] Bluetooth: hci1: command tx timeout
[ 2330.477001][   T49] team0 (unregistering): Port device team_slave_1 removed
[ 2330.586181][T15895] Bluetooth: hci4: command tx timeout
[ 2330.722850][   T49] team0 (unregistering): Port device team_slave_0 removed
[ 2331.790473][T15895] Bluetooth: hci1: command tx timeout
[ 2332.135937][T30487] __nla_validate_parse: 1 callbacks suppressed
[ 2332.154555][T30487] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6536'.
[ 2332.696417][T15895] Bluetooth: hci4: command tx timeout
[ 2332.764720][T30409] chnl_net:caif_netlink_parms(): no params data found
[ 2332.990847][T30391] chnl_net:caif_netlink_parms(): no params data found
[ 2333.195904][T30507] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6539'.
[ 2333.246728][T30409] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2333.254185][T30409] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2333.306564][T30409] bridge_slave_0: entered allmulticast mode
[ 2333.326334][T30409] bridge_slave_0: entered promiscuous mode
[ 2333.673939][   T49] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2333.720669][T30409] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2333.740288][T30409] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2333.915595][T30409] bridge_slave_1: entered allmulticast mode
[ 2333.938158][T30409] bridge_slave_1: entered promiscuous mode
[ 2334.251824][   T49] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2334.411878][T18381] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2334.425100][T18381] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2334.463996][T18381] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2334.500918][T18381] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2334.535819][T18381] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2334.552223][   T49] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2334.811536][T30409] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2335.190862][T30528] kthread_run failed with err -4
[ 2335.235264][   T49] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2335.248270][T30534] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6542'.
[ 2335.298345][T30409] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2335.596589][T30391] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2335.603832][T30391] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2335.621500][T30391] bridge_slave_0: entered allmulticast mode
[ 2335.628706][T30539] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6543'.
[ 2335.642593][T30391] bridge_slave_0: entered promiscuous mode
[ 2335.655612][T30391] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2335.665215][T30391] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2335.676500][T30391] bridge_slave_1: entered allmulticast mode
[ 2335.684701][T30391] bridge_slave_1: entered promiscuous mode
[ 2335.730151][   T30] audit: type=1400 audit(1750719033.020:146): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=30538 comm="syz.2.6543"
[ 2335.782372][T30409] team0: Port device team_slave_0 added
[ 2335.855168][T30409] team0: Port device team_slave_1 added
[ 2335.915369][T30391] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2335.936699][ T9844] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[ 2335.993323][T30391] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2336.034069][T30548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6545'.
[ 2336.045194][T30548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6545'.
[ 2336.059509][T30409] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2336.067477][T30409] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2336.098440][T30548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6545'.
[ 2336.108827][T30409] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2336.113080][T30549] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6545'.
[ 2336.130654][ T9844] usb 5-1: Using ep0 maxpacket: 32
[ 2336.132811][T30409] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2336.143332][T30549] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6545'.
[ 2336.162378][ T9844] usb 5-1: config 8 has an invalid interface number: 203 but max is 0
[ 2336.163557][T30409] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2336.173696][ T9844] usb 5-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[ 2336.218597][ T9844] usb 5-1: config 8 has no interface number 0
[ 2336.223912][T30409] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2336.248966][ T9844] usb 5-1: config 8 interface 203 altsetting 1 has an endpoint descriptor with address 0x93, changing to 0x83
[ 2336.281263][ T9844] usb 5-1: config 8 interface 203 altsetting 1 bulk endpoint 0x83 has invalid maxpacket 1024
[ 2336.304646][ T9844] usb 5-1: config 8 interface 203 altsetting 1 endpoint 0x8B has invalid wMaxPacketSize 0
[ 2336.322258][ T9844] usb 5-1: config 8 interface 203 altsetting 1 bulk endpoint 0x8B has invalid maxpacket 0
[ 2336.334299][ T9844] usb 5-1: config 8 interface 203 altsetting 1 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2336.389860][ T9844] usb 5-1: config 8 interface 203 has no altsetting 0
[ 2336.394548][T30391] team0: Port device team_slave_0 added
[ 2336.409352][T30391] team0: Port device team_slave_1 added
[ 2336.423767][ T9844] usb 5-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a
[ 2336.441139][ T9844] usb 5-1: New USB device strings: Mfr=1, Product=66, SerialNumber=3
[ 2336.451425][ T9844] usb 5-1: Product: syz
[ 2336.462109][ T9844] usb 5-1: Manufacturer: syz
[ 2336.468727][ T9844] usb 5-1: SerialNumber: syz
[ 2336.492445][T30542] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 2336.631397][T30391] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2336.639702][T30391] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2336.666686][T15895] Bluetooth: hci3: command tx timeout
[ 2336.676339][T30391] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2336.692069][T30391] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2336.703197][T30391] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2336.734916][T30391] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2336.737637][T30542] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2336.755858][T30409] hsr_slave_0: entered promiscuous mode
[ 2336.765832][T30542] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2336.782458][T30409] hsr_slave_1: entered promiscuous mode
[ 2336.810778][T30542] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2336.838517][T30542] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2336.870447][T15895] Bluetooth: hci2: unexpected event for opcode 0x041b
[ 2336.909632][ T9844] port100 5-1:8.203: NFC: Could not find bulk-in or bulk-out endpoint
[ 2336.913574][   T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2336.948932][ T9844] usb 5-1: USB disconnect, device number 73
[ 2337.214698][   T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2337.270530][T30569] loop6: detected capacity change from 0 to 7
[ 2337.279737][T30569] Dev loop6: unable to read RDB block 7
[ 2337.285554][T30569]  loop6: AHDI p1 p2
[ 2337.293014][T30569] loop6: partition table partially beyond EOD, truncated
[ 2337.314572][T30569] loop6: p1 start 926365495 is beyond EOD, truncated
[ 2337.541032][   T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2337.594518][T30391] hsr_slave_0: entered promiscuous mode
[ 2337.602568][T30391] hsr_slave_1: entered promiscuous mode
[ 2337.618635][T30391] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2337.627242][T30391] Cannot create hsr debugfs directory
[ 2337.642062][T30529] chnl_net:caif_netlink_parms(): no params data found
[ 2337.675827][   T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2337.937617][ T9844] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[ 2337.999930][T30529] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2338.009424][T30529] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2338.017566][T30529] bridge_slave_0: entered allmulticast mode
[ 2338.025078][T30529] bridge_slave_0: entered promiscuous mode
[ 2338.058522][T30529] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2338.069893][T30529] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2338.078749][T30529] bridge_slave_1: entered allmulticast mode
[ 2338.093904][T30529] bridge_slave_1: entered promiscuous mode
[ 2338.106833][ T9844] usb 5-1: Using ep0 maxpacket: 16
[ 2338.114151][ T9844] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 2338.136564][ T9844] usb 5-1: config 128 has an invalid interface number: 147 but max is 0
[ 2338.145191][ T9844] usb 5-1: config 128 has no interface number 0
[ 2338.163780][ T9844] usb 5-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=9f.d1
[ 2338.173919][ T9844] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2338.182794][ T9844] usb 5-1: Product: syz
[ 2338.187851][ T9844] usb 5-1: Manufacturer: syz
[ 2338.192498][ T9844] usb 5-1: SerialNumber: syz
[ 2338.380925][T30529] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2338.419712][T30577] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2338.430552][T30577] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2338.512689][T30529] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2338.550702][T30588] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2338.567428][T30588] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2338.698731][   T49] bridge_slave_1: left allmulticast mode
[ 2338.704583][   T49] bridge_slave_1: left promiscuous mode
[ 2338.755340][T15895] Bluetooth: hci3: command tx timeout
[ 2338.794065][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2338.904604][   T49] bridge_slave_0: left allmulticast mode
[ 2338.932027][   T49] bridge_slave_0: left promiscuous mode
[ 2338.942746][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2338.960978][   T49] bridge_slave_1: left allmulticast mode
[ 2339.023837][   T49] bridge_slave_1: left promiscuous mode
[ 2339.030233][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2339.250018][   T49] bridge_slave_0: left allmulticast mode
[ 2339.267757][   T49] bridge_slave_0: left promiscuous mode
[ 2339.273788][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2340.137742][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2340.154022][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2340.164957][   T49] bond0 (unregistering): Released all slaves
[ 2340.551185][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2340.563220][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2340.579491][   T49] bond0 (unregistering): Released all slaves
[ 2340.756073][T30529] team0: Port device team_slave_0 added
[ 2340.826312][T15895] Bluetooth: hci3: command tx timeout
[ 2340.875461][T30529] team0: Port device team_slave_1 added
[ 2341.099998][T30529] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2341.114601][T30529] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2341.151817][T30529] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2341.252834][T30529] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2341.275936][T30529] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2341.313679][T30529] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2341.583246][T30529] hsr_slave_0: entered promiscuous mode
[ 2341.617877][T30529] hsr_slave_1: entered promiscuous mode
[ 2341.628062][T30529] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2341.635810][T30529] Cannot create hsr debugfs directory
[ 2341.647655][T28401] usb 5-1: USB disconnect, device number 74
[ 2341.654728][T28401] f81534a_ctrl 5-1:128.147: failed to set register 0x116: -19
[ 2341.698654][T18381] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2341.700381][T28401] f81534a_ctrl 5-1:128.147: failed to enable ports: -19
[ 2341.721283][T18381] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2341.735763][T18381] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2341.754250][T18381] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2341.767569][T18381] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2341.806627][   T49] hsr_slave_0: left promiscuous mode
[ 2341.812853][   T49] hsr_slave_1: left promiscuous mode
[ 2341.833524][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2341.849360][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2341.881175][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2341.892242][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2341.913989][   T49] hsr_slave_0: left promiscuous mode
[ 2341.924191][   T49] hsr_slave_1: left promiscuous mode
[ 2341.932180][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2341.944608][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2341.954147][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2341.962555][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2342.051335][   T49] veth1_macvtap: left promiscuous mode
[ 2342.057830][   T49] veth0_macvtap: left promiscuous mode
[ 2342.064036][   T49] veth1_vlan: left promiscuous mode
[ 2342.070631][   T49] veth0_vlan: left promiscuous mode
[ 2342.089442][   T49] veth1_macvtap: left promiscuous mode
[ 2342.095082][   T49] veth0_macvtap: left promiscuous mode
[ 2342.110715][   T49] veth1_vlan: left promiscuous mode
[ 2342.117045][   T49] veth0_vlan: left promiscuous mode
[ 2342.908059][T18381] Bluetooth: hci3: command tx timeout
[ 2342.967528][   T49] team0 (unregistering): Port device team_slave_1 removed
[ 2343.023303][   T49] team0 (unregistering): Port device team_slave_0 removed
[ 2343.867094][T18381] Bluetooth: hci0: command tx timeout
[ 2344.113514][   T49] team0 (unregistering): Port device team_slave_1 removed
[ 2344.180135][   T49] team0 (unregistering): Port device team_slave_0 removed
[ 2344.822365][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 2344.829427][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 2345.262606][T30409] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 2345.322979][T30409] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 2345.433558][T30409] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 2345.498937][T30409] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 2345.936889][T18381] Bluetooth: hci0: command tx timeout
[ 2346.524683][T30611] chnl_net:caif_netlink_parms(): no params data found
[ 2346.673161][   T49] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 2346.818593][T30659] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6560'.
[ 2346.829776][T30409] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2346.878214][   T49] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 2347.003925][   T49] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 2347.051079][T30611] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2347.070706][T30611] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2347.079732][T30611] bridge_slave_0: entered allmulticast mode
[ 2347.091320][T30611] bridge_slave_0: entered promiscuous mode
[ 2347.139147][T30611] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2347.160689][T30611] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2347.179863][T30611] bridge_slave_1: entered allmulticast mode
[ 2347.197997][T30611] bridge_slave_1: entered promiscuous mode
[ 2347.253120][   T49] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 2347.460829][T30409] 8021q: adding VLAN 0 to HW filter on device team0
[ 2347.510744][T30611] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2347.533766][T30611] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2347.555722][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2347.563033][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2347.588328][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2347.595582][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2347.855370][T30611] team0: Port device team_slave_0 added
[ 2347.959123][T30611] team0: Port device team_slave_1 added
[ 2348.028130][T18381] Bluetooth: hci0: command tx timeout
[ 2348.068843][T30611] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2348.075888][T30611] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2348.108744][T30611] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2348.130276][T30611] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2348.141586][T30611] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2348.173034][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2348.187555][T30611] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2348.222005][   T49] bridge_slave_1: left allmulticast mode
[ 2348.230179][   T49] bridge_slave_1: left promiscuous mode
[ 2348.236047][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2348.267626][   T49] bridge_slave_0: left allmulticast mode
[ 2348.273324][   T49] bridge_slave_0: left promiscuous mode
[ 2348.280391][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2348.355834][T30681] FAULT_INJECTION: forcing a failure.
[ 2348.355834][T30681] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 2348.374465][T30681] CPU: 1 UID: 0 PID: 30681 Comm: syz.4.6563 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2348.374496][T30681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2348.374517][T30681] Call Trace:
[ 2348.374526][T30681]  <TASK>
[ 2348.374536][T30681]  dump_stack_lvl+0x189/0x250
[ 2348.374574][T30681]  ? __pfx____ratelimit+0x10/0x10
[ 2348.374606][T30681]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2348.374637][T30681]  ? __pfx__printk+0x10/0x10
[ 2348.374660][T30681]  ? __might_fault+0xb0/0x130
[ 2348.374693][T30681]  should_fail_ex+0x414/0x560
[ 2348.374723][T30681]  _copy_from_user+0x2d/0xb0
[ 2348.374744][T30681]  do_ipv6_getsockopt+0x2b0/0x2300
[ 2348.374785][T30681]  ? __pfx_do_ipv6_getsockopt+0x10/0x10
[ 2348.374819][T30681]  ? aa_label_sk_perm+0x413/0x560
[ 2348.374849][T30681]  ? __pfx_aa_label_sk_perm+0x10/0x10
[ 2348.374893][T30681]  ? __pfx___might_resched+0x10/0x10
[ 2348.374928][T30681]  ? rcu_read_lock_any_held+0xb3/0x120
[ 2348.374949][T30681]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 2348.374978][T30681]  ? aa_sk_perm+0x81e/0x950
[ 2348.375005][T30681]  ipv6_getsockopt+0xbd/0x290
[ 2348.375040][T30681]  ? __pfx_ipv6_getsockopt+0x10/0x10
[ 2348.375069][T30681]  ? aa_sock_opt_perm+0x74/0x110
[ 2348.375096][T30681]  ? sock_common_getsockopt+0x2d/0xb0
[ 2348.375120][T30681]  do_sock_getsockopt+0x360/0x650
[ 2348.375147][T30681]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 2348.375174][T30681]  ? __fget_files+0x2a/0x420
[ 2348.375195][T30681]  ? __fget_files+0x3a0/0x420
[ 2348.375216][T30681]  ? __fget_files+0x2a/0x420
[ 2348.375247][T30681]  __ia32_sys_getsockopt+0x1a5/0x250
[ 2348.375282][T30681]  __do_fast_syscall_32+0xb6/0x2b0
[ 2348.375303][T30681]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2348.375336][T30681]  do_fast_syscall_32+0x34/0x80
[ 2348.375356][T30681]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2348.375427][T30681] RIP: 0023:0xf70ae539
[ 2348.375449][T30681] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2348.375468][T30681] RSP: 002b:00000000f509e55c EFLAGS: 00000206 ORIG_RAX: 000000000000016d
[ 2348.375489][T30681] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[ 2348.375503][T30681] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000080000280
[ 2348.375516][T30681] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2348.375528][T30681] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2348.375540][T30681] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2348.375569][T30681]  </TASK>
[ 2348.625896][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2348.908255][T30688] FAULT_INJECTION: forcing a failure.
[ 2348.908255][T30688] name failslab, interval 1, probability 0, space 0, times 1
[ 2348.921688][T30688] CPU: 0 UID: 0 PID: 30688 Comm: syz.4.6565 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2348.921715][T30688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2348.921728][T30688] Call Trace:
[ 2348.921737][T30688]  <TASK>
[ 2348.921747][T30688]  dump_stack_lvl+0x189/0x250
[ 2348.921783][T30688]  ? __pfx____ratelimit+0x10/0x10
[ 2348.921814][T30688]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2348.921845][T30688]  ? __pfx__printk+0x10/0x10
[ 2348.921872][T30688]  ? __pfx___might_resched+0x10/0x10
[ 2348.921901][T30688]  ? fs_reclaim_acquire+0x7d/0x100
[ 2348.921929][T30688]  should_fail_ex+0x414/0x560
[ 2348.921960][T30688]  should_failslab+0xa8/0x100
[ 2348.921983][T30688]  __kmalloc_noprof+0xcb/0x4f0
[ 2348.922001][T30688]  ? kfree+0x4d/0x440
[ 2348.922028][T30688]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2348.922063][T30688]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2348.922093][T30688]  ? tomoyo_domain+0xd9/0x130
[ 2348.922141][T30688]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 2348.922164][T30688]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 2348.922192][T30688]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2348.922236][T30688]  ? __lock_acquire+0xab9/0xd20
[ 2348.922286][T30688]  ? __fget_files+0x2a/0x420
[ 2348.922315][T30688]  ? __fget_files+0x3a0/0x420
[ 2348.922336][T30688]  ? __fget_files+0x2a/0x420
[ 2348.922362][T30688]  security_file_ioctl_compat+0xcb/0x2d0
[ 2348.922389][T30688]  __ia32_compat_sys_ioctl+0x128/0x840
[ 2348.922424][T30688]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 2348.922455][T30688]  ? __fget_files+0x3a0/0x420
[ 2348.922484][T30688]  ? fput+0xa0/0xd0
[ 2348.922509][T30688]  ? ksys_write+0x22a/0x250
[ 2348.922537][T30688]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2348.922569][T30688]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2348.922601][T30688]  __do_fast_syscall_32+0xb6/0x2b0
[ 2348.922622][T30688]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2348.922656][T30688]  do_fast_syscall_32+0x34/0x80
[ 2348.922676][T30688]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2348.922701][T30688] RIP: 0023:0xf70ae539
[ 2348.922720][T30688] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2348.922738][T30688] RSP: 002b:00000000f509e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 2348.922759][T30688] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004008ae6a
[ 2348.922772][T30688] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000
[ 2348.922784][T30688] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2348.922796][T30688] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2348.922809][T30688] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2348.922838][T30688]  </TASK>
[ 2348.922848][T30688] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2349.342689][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2349.353465][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2349.363990][   T49] bond0 (unregistering): Released all slaves
[ 2349.384290][   T49] bond1 (unregistering): Released all slaves
[ 2349.441045][T30391] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2349.504115][T30391] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2349.558950][T30391] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2349.632888][T30391] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2349.730465][T30611] hsr_slave_0: entered promiscuous mode
[ 2349.742714][T30611] hsr_slave_1: entered promiscuous mode
[ 2349.751942][T30611] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2349.761715][T30611] Cannot create hsr debugfs directory
[ 2350.214936][T18381] Bluetooth: hci0: command tx timeout
[ 2350.349606][T30529] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 2350.370042][T30529] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 2350.382421][T30529] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 2350.414285][T30529] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 2350.458408][   T49] hsr_slave_0: left promiscuous mode
[ 2350.575879][   T49] hsr_slave_1: left promiscuous mode
[ 2350.585679][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2350.594178][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2351.759569][   T49] team0 (unregistering): Port device team_slave_1 removed
[ 2351.878066][   T49] team0 (unregistering): Port device team_slave_0 removed
[ 2353.040863][T30409] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2353.239774][T30391] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2353.440296][T30391] 8021q: adding VLAN 0 to HW filter on device team0
[ 2353.528457][T27901] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2353.535722][T27901] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2353.570146][T30409] veth0_vlan: entered promiscuous mode
[ 2353.663463][T27901] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2353.670714][T27901] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2353.788605][T30529] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2353.798560][T30409] veth1_vlan: entered promiscuous mode
[ 2353.940461][T30391] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 2354.007442][T30529] 8021q: adding VLAN 0 to HW filter on device team0
[ 2354.032172][T10210] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2354.039552][T10210] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2354.078271][T30409] veth0_macvtap: entered promiscuous mode
[ 2354.124592][T10210] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2354.132071][T10210] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2354.258524][T30409] veth1_macvtap: entered promiscuous mode
[ 2354.371038][T30391] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2354.570035][T30611] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2354.612762][T30409] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2354.660880][T30611] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2354.683395][T30611] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2354.740551][T30611] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2354.928647][T30409] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2355.051839][T30529] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2355.063889][T30409] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2355.080873][T30409] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2355.094768][T30409] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2355.105156][T30409] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2355.257398][T30391] veth0_vlan: entered promiscuous mode
[ 2355.412279][T30391] veth1_vlan: entered promiscuous mode
[ 2355.733132][T30529] veth0_vlan: entered promiscuous mode
[ 2355.799846][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2355.816349][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2355.898004][T30391] veth0_macvtap: entered promiscuous mode
[ 2356.061585][T30611] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2356.082321][T27901] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2356.085840][T30391] veth1_macvtap: entered promiscuous mode
[ 2356.096404][T27901] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2356.109656][T30529] veth1_vlan: entered promiscuous mode
[ 2356.206500][T30611] 8021q: adding VLAN 0 to HW filter on device team0
[ 2356.259234][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2356.266493][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2356.372198][T30391] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2356.440433][T10206] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2356.447629][T10206] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2356.495662][T30391] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2356.540854][T30768] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.6514'.
[ 2356.667350][T30529] veth0_macvtap: entered promiscuous mode
[ 2356.970915][T30391] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2357.080207][T30391] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2357.141669][T30391] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2357.159565][T30391] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2357.223893][T30529] veth1_macvtap: entered promiscuous mode
[ 2357.493212][T30529] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2357.580140][T30529] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2357.652492][T30529] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2357.666648][T30529] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2357.675530][T30529] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2357.696795][T30529] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2357.794486][T30611] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2357.857279][T10206] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2357.865177][T10206] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2357.984928][T10206] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2357.998489][T10206] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2358.346687][ T9833] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[ 2358.358236][T10210] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2358.377658][T10210] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2358.785450][T30611] veth0_vlan: entered promiscuous mode
[ 2358.879495][ T9833] usb 5-1: config 0 has no interfaces?
[ 2358.911748][ T9833] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2358.930831][T30795] loop6: detected capacity change from 0 to 7
[ 2358.958385][ T9833] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2358.971053][ T9833] usb 5-1: Product: syz
[ 2358.975286][ T9833] usb 5-1: Manufacturer: syz
[ 2358.982390][T30795] Dev loop6: unable to read RDB block 7
[ 2358.989103][T30611] veth1_vlan: entered promiscuous mode
[ 2359.001792][T30795]  loop6: AHDI p1 p2
[ 2359.005812][T30795] loop6: partition table partially beyond EOD, truncated
[ 2359.027744][T23673] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2359.044565][ T9833] usb 5-1: SerialNumber: syz
[ 2359.053965][T23673] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2359.070107][ T9833] usb 5-1: config 0 descriptor??
[ 2359.076516][T30795] loop6: p1 start 926365495 is beyond EOD, truncated
[ 2359.165760][T30611] veth0_macvtap: entered promiscuous mode
[ 2359.252756][T30611] veth1_macvtap: entered promiscuous mode
[ 2359.333770][T30783] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6574'.
[ 2359.360514][T30783] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6574'.
[ 2359.386275][T30611] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2359.442308][T30611] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2359.465845][T30801] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6537'.
[ 2359.576960][T30801] hsr_slave_1 (unregistering): left promiscuous mode
[ 2359.683410][T30611] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2359.692677][T30611] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2359.841927][T30611] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2359.883881][T30611] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2360.417430][T30809] program syz.1.6575 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2360.432125][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2360.476278][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2360.725618][T23673] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2360.747377][T23673] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2360.779081][T28401] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[ 2360.931642][ T9844] usb 5-1: USB disconnect, device number 75
[ 2360.986310][T28401] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x92, changing to 0x82
[ 2361.054143][T28401] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 2361.555014][T28401] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.4b
[ 2361.586955][T28401] usb 2-1: New USB device strings: Mfr=0, Product=64, SerialNumber=0
[ 2361.622868][T28401] usb 2-1: Product: syz
[ 2361.672630][T28401] usb 2-1: config 0 descriptor??
[ 2361.905497][T28401] ath6kl: Failed to submit usb control message: -71
[ 2361.923956][T28401] ath6kl: unable to send the bmi data to the device: -71
[ 2362.011003][T28401] ath6kl: Unable to send get target info: -71
[ 2362.350138][T28401] ath6kl: Failed to init ath6kl core: -71
[ 2362.382326][T28401] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 2362.422029][T28401] usb 2-1: USB disconnect, device number 66
[ 2363.341068][T30854] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6582'.
[ 2363.766740][T30857] netlink: 'syz.1.6581': attribute type 4 has an invalid length.
[ 2363.774688][T30857] netlink: 17 bytes leftover after parsing attributes in process `syz.1.6581'.
[ 2364.096637][ T9844] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[ 2364.334591][   T30] audit: type=1800 audit(1750719061.620:147): pid=30870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6585" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 2364.389295][ T9844] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2364.400759][ T9844] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 2364.434075][ T9844] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2364.511926][ T9844] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2364.578692][ T9844] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2364.645559][ T9844] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 2364.712562][ T9844] usb 2-1: invalid MIDI out EP 0
[ 2365.595296][ T9844] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2365.645703][ T9844] usb 2-1: USB disconnect, device number 67
[ 2365.858224][T30897] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.6589'.
[ 2368.536140][ T9829] usb 3-1: new high-speed USB device number 122 using dummy_hcd
[ 2368.601695][T30929] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6596'.
[ 2368.710772][ T9829] usb 3-1: too many configurations: 9, using maximum allowed: 8
[ 2368.749372][ T9829] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2368.778859][ T9829] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2368.806159][ T9829] usb 3-1: config 0 interface 0 has no altsetting 0
[ 2368.867332][ T9829] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2368.890764][ T9829] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2368.965764][ T9829] usb 3-1: config 0 interface 0 has no altsetting 0
[ 2369.203072][ T9829] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2369.241843][ T9829] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2369.278691][ T9829] usb 3-1: config 0 interface 0 has no altsetting 0
[ 2369.534886][ T9829] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2369.575285][ T9829] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2369.616270][ T9829] usb 3-1: config 0 interface 0 has no altsetting 0
[ 2369.636829][ T9829] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2369.658766][ T9829] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2369.756077][ T9829] usb 3-1: config 0 interface 0 has no altsetting 0
[ 2369.768411][T30945] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6599'.
[ 2369.795237][ T9829] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2369.827482][ T9829] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2369.893216][ T9829] usb 3-1: config 0 interface 0 has no altsetting 0
[ 2369.923219][ T9829] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2369.948347][ T9829] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2370.154561][ T9829] usb 3-1: config 0 interface 0 has no altsetting 0
[ 2370.228669][ T9829] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2370.279157][ T9829] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2370.354535][ T9829] usb 3-1: config 0 interface 0 has no altsetting 0
[ 2370.383119][ T9829] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 2370.394843][ T9829] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 2370.479430][ T9829] usb 3-1: Product: syz
[ 2370.488444][ T9829] usb 3-1: Manufacturer: syz
[ 2370.493179][ T9829] usb 3-1: SerialNumber: syz
[ 2370.531374][ T9829] usb 3-1: config 0 descriptor??
[ 2370.555377][ T9829] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0
[ 2370.759879][ T9829] usb 3-1: USB disconnect, device number 122
[ 2370.782461][ T9829] yurex 3-1:0.0: USB YUREX #0 now disconnected
[ 2371.296401][ T9829] usb 3-1: new high-speed USB device number 123 using dummy_hcd
[ 2371.508584][ T9829] usb 3-1: too many configurations: 9, using maximum allowed: 8
[ 2371.567409][ T9829] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2371.628530][ T9829] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2371.690773][ T9829] usb 3-1: config 0 interface 0 has no altsetting 0
[ 2371.853281][ T9829] usb 3-1: unable to read config index 1 descriptor/start: -71
[ 2371.884982][ T9829] usb 3-1: can't read configurations, error -71
[ 2373.952218][T31002] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6608'.
[ 2373.992437][T31000] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6607'.
[ 2374.757141][ T9844] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[ 2374.779973][T31018] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6612'.
[ 2374.939017][ T9844] usb 4-1: Using ep0 maxpacket: 32
[ 2374.964976][ T9844] usb 4-1: config index 0 descriptor too short (expected 12306, got 18)
[ 2374.994101][ T9844] usb 4-1: config 52 has too many interfaces: 48, using maximum allowed: 32
[ 2375.018504][ T9844] usb 4-1: config 52 has an invalid descriptor of length 52, skipping remainder of the config
[ 2375.036542][ T9844] usb 4-1: config 52 has 0 interfaces, different from the descriptor's value: 48
[ 2375.082601][ T9844] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 2375.095900][ T9844] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2375.115521][ T9844] usb 4-1: Product: syz
[ 2375.134725][ T9844] usb 4-1: Manufacturer: syz
[ 2375.153994][ T9844] usb 4-1: SerialNumber: syz
[ 2376.388017][T31022] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6613'.
[ 2376.413223][T31022] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6613'.
[ 2377.818363][ T9844] usb 4-1: USB disconnect, device number 53
[ 2378.158449][T31055] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6619'.
[ 2379.776622][T14366] usb 2-1: new full-speed USB device number 68 using dummy_hcd
[ 2380.004361][T14366] usb 2-1: config 0 has an invalid interface number: 113 but max is 0
[ 2380.083868][T14366] usb 2-1: config 0 has no interface number 0
[ 2380.125230][T14366] usb 2-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 2380.227759][T14366] usb 2-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2380.245821][T31102] FAULT_INJECTION: forcing a failure.
[ 2380.245821][T31102] name failslab, interval 1, probability 0, space 0, times 0
[ 2380.278658][T14366] usb 2-1: config 0 interface 113 has no altsetting 0
[ 2380.307332][T31102] CPU: 0 UID: 0 PID: 31102 Comm: syz.0.6627 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2380.307363][T31102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2380.307377][T31102] Call Trace:
[ 2380.307386][T31102]  <TASK>
[ 2380.307396][T31102]  dump_stack_lvl+0x189/0x250
[ 2380.307435][T31102]  ? __pfx____ratelimit+0x10/0x10
[ 2380.307467][T31102]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2380.307499][T31102]  ? __pfx__printk+0x10/0x10
[ 2380.307529][T31102]  ? __pfx___might_resched+0x10/0x10
[ 2380.307560][T31102]  ? fs_reclaim_acquire+0x7d/0x100
[ 2380.307591][T31102]  should_fail_ex+0x414/0x560
[ 2380.307622][T31102]  should_failslab+0xa8/0x100
[ 2380.307647][T31102]  __kmalloc_noprof+0xcb/0x4f0
[ 2380.307666][T31102]  ? kfree+0x4d/0x440
[ 2380.307700][T31102]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2380.307742][T31102]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2380.307774][T31102]  ? tomoyo_domain+0xd9/0x130
[ 2380.307810][T31102]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 2380.307834][T31102]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 2380.307861][T31102]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2380.307906][T31102]  ? __lock_acquire+0xab9/0xd20
[ 2380.307957][T31102]  ? __fget_files+0x2a/0x420
[ 2380.307986][T31102]  ? __fget_files+0x3a0/0x420
[ 2380.308008][T31102]  ? __fget_files+0x2a/0x420
[ 2380.308036][T31102]  security_file_ioctl_compat+0xcb/0x2d0
[ 2380.308062][T31102]  __ia32_compat_sys_ioctl+0x128/0x840
[ 2380.308099][T31102]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 2380.308131][T31102]  ? __fget_files+0x3a0/0x420
[ 2380.308161][T31102]  ? fput+0xa0/0xd0
[ 2380.308188][T31102]  ? ksys_write+0x22a/0x250
[ 2380.308216][T31102]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2380.308249][T31102]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2380.308282][T31102]  __do_fast_syscall_32+0xb6/0x2b0
[ 2380.308303][T31102]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2380.308337][T31102]  do_fast_syscall_32+0x34/0x80
[ 2380.308358][T31102]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2380.308383][T31102] RIP: 0023:0xf7fe8539
[ 2380.308402][T31102] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2380.308421][T31102] RSP: 002b:00000000f510655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 2380.308443][T31102] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004068aea3
[ 2380.308459][T31102] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[ 2380.308472][T31102] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2380.308483][T31102] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2380.308496][T31102] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2380.308528][T31102]  </TASK>
[ 2380.309217][T31102] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2381.036262][T14366] usb 2-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 2381.114017][T14366] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2381.142575][T14366] usb 2-1: Product: syz
[ 2381.160731][T14366] usb 2-1: Manufacturer: syz
[ 2381.202905][T14366] usb 2-1: SerialNumber: syz
[ 2381.263189][T14366] usb 2-1: config 0 descriptor??
[ 2381.350665][    C0] usb 2-1: NFC: Urb failure (status -71)
[ 2381.364838][T14366] usb 2-1: NFC: Unable to get FW version
[ 2381.393650][T14366] pn533_usb 2-1:0.113: probe with driver pn533_usb failed with error -90
[ 2381.739315][T31087] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2381.758272][T31087] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2382.286072][T14366] usb 3-1: new high-speed USB device number 125 using dummy_hcd
[ 2382.446019][T14366] usb 3-1: Using ep0 maxpacket: 32
[ 2382.465232][T14366] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64
[ 2382.479700][T14366] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024
[ 2382.516699][T14366] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2382.526667][T14366] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2382.549428][T14366] usb 3-1: Product: ⠁
[ 2382.561765][T14366] usb 3-1: Manufacturer: 걇ⱪ착䐢ﯴ澐䞆钔Ṷ龂會춐呰戊赦蝩픗袊汻⁏㷃᠉崪ᆚ㖮쏀鐁෩⺅㄁욄+ઘꡛ铼㽴䎮犾Ƌℽ⿼睹쓽䯨臰䅾㡽櫂紆닔鿕씡⭧
[ 2382.625709][T14366] usb 3-1: SerialNumber: syz
[ 2383.146520][T16628] usb 2-1: USB disconnect, device number 68
[ 2383.176205][T14366] cdc_ncm 3-1:1.0: bind() failure
[ 2383.190293][T14366] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[ 2383.228647][T14366] cdc_ncm 3-1:1.1: bind() failure
[ 2383.271094][T14366] usb 3-1: USB disconnect, device number 125
[ 2384.025340][T31130] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6634'.
[ 2384.397116][T31143] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6639'.
[ 2384.506663][T31140] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6635'.
[ 2384.661410][T16628] usb 3-1: new full-speed USB device number 126 using dummy_hcd
[ 2384.863571][T16628] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 2384.895585][T16628] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[ 2384.922591][T16628] usb 3-1: New USB device found, idVendor=046a, idProduct=0023, bcdDevice= 0.00
[ 2384.942379][T16628] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2384.964891][T16628] usb 3-1: config 0 descriptor??
[ 2384.985445][T31142] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 2384.996132][   T24] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[ 2384.996265][T31163] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6647'.
[ 2385.091796][T31166] netlink: 316 bytes leftover after parsing attributes in process `syz.3.6650'.
[ 2385.105732][T31168] FAULT_INJECTION: forcing a failure.
[ 2385.105732][T31168] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2385.122905][T31166] netlink: 316 bytes leftover after parsing attributes in process `syz.3.6650'.
[ 2385.126723][T31168] CPU: 0 UID: 0 PID: 31168 Comm: syz.0.6649 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2385.126756][T31168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2385.126770][T31168] Call Trace:
[ 2385.126781][T31168]  <TASK>
[ 2385.126791][T31168]  dump_stack_lvl+0x189/0x250
[ 2385.126836][T31168]  ? __pfx____ratelimit+0x10/0x10
[ 2385.126872][T31168]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2385.126908][T31168]  ? __pfx__printk+0x10/0x10
[ 2385.126947][T31168]  should_fail_ex+0x414/0x560
[ 2385.126983][T31168]  _copy_to_user+0x31/0xb0
[ 2385.127010][T31168]  simple_read_from_buffer+0xe1/0x170
[ 2385.127041][T31168]  proc_fail_nth_read+0x1df/0x250
[ 2385.127073][T31168]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2385.127104][T31168]  ? rw_verify_area+0x258/0x650
[ 2385.127138][T31168]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2385.127167][T31168]  vfs_read+0x1fd/0x980
[ 2385.127209][T31168]  ? __pfx___mutex_lock+0x10/0x10
[ 2385.127246][T31168]  ? __pfx_vfs_read+0x10/0x10
[ 2385.127283][T31168]  ? __fget_files+0x2a/0x420
[ 2385.127315][T31168]  ? __fget_files+0x3a0/0x420
[ 2385.127340][T31168]  ? __fget_files+0x2a/0x420
[ 2385.127384][T31168]  ksys_read+0x145/0x250
[ 2385.127423][T31168]  ? __pfx_ksys_read+0x10/0x10
[ 2385.127461][T31168]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2385.127497][T31168]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2385.127533][T31168]  __do_fast_syscall_32+0xb6/0x2b0
[ 2385.127562][T31168]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2385.127599][T31168]  do_fast_syscall_32+0x34/0x80
[ 2385.127621][T31168]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2385.127648][T31168] RIP: 0023:0xf7fe8539
[ 2385.127668][T31168] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2385.127690][T31168] RSP: 002b:00000000f5106590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[ 2385.127714][T31168] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5106620
[ 2385.127731][T31168] RDX: 000000000000000f RSI: 00000000f7472ff4 RDI: 0000000000000000
[ 2385.127746][T31168] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 2385.127759][T31168] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2385.127774][T31168] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2385.127807][T31168]  </TASK>
[ 2385.386286][   T24] usb 5-1: Using ep0 maxpacket: 32
[ 2385.398020][   T24] usb 5-1: config 0 interface 0 has no altsetting 0
[ 2385.419580][   T24] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 2385.429090][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2385.437217][   T24] usb 5-1: Product: syz
[ 2385.444287][   T24] usb 5-1: Manufacturer: syz
[ 2385.449320][   T24] usb 5-1: SerialNumber: syz
[ 2385.458174][   T24] usb 5-1: config 0 descriptor??
[ 2385.492609][T31176] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6653'.
[ 2385.623788][T16628] usbhid 3-1:0.0: can't add hid device: -71
[ 2385.632545][T16628] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 2385.668896][T16628] usb 3-1: USB disconnect, device number 126
[ 2385.881324][T31190] FAULT_INJECTION: forcing a failure.
[ 2385.881324][T31190] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2385.943278][T31190] CPU: 1 UID: 0 PID: 31190 Comm: syz.3.6658 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2385.943310][T31190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2385.943324][T31190] Call Trace:
[ 2385.943333][T31190]  <TASK>
[ 2385.943342][T31190]  dump_stack_lvl+0x189/0x250
[ 2385.943383][T31190]  ? __pfx____ratelimit+0x10/0x10
[ 2385.943414][T31190]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2385.943446][T31190]  ? __pfx__printk+0x10/0x10
[ 2385.943469][T31190]  ? __might_fault+0xb0/0x130
[ 2385.943501][T31190]  should_fail_ex+0x414/0x560
[ 2385.943532][T31190]  _copy_from_user+0x2d/0xb0
[ 2385.943561][T31190]  sk_setsockopt+0x276/0x2d30
[ 2385.943585][T31190]  ? __pfx___might_resched+0x10/0x10
[ 2385.943620][T31190]  ? rcu_read_lock_any_held+0xb3/0x120
[ 2385.943641][T31190]  ? __pfx_sk_setsockopt+0x10/0x10
[ 2385.943672][T31190]  ? aa_sk_perm+0x81e/0x950
[ 2385.943702][T31190]  ? __pfx_aa_sk_perm+0x10/0x10
[ 2385.943724][T31190]  ? __lock_acquire+0xab9/0xd20
[ 2385.943756][T31190]  ? aa_sock_opt_perm+0x74/0x110
[ 2385.943785][T31190]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 2385.943816][T31190]  do_sock_setsockopt+0x201/0x3e0
[ 2385.943844][T31190]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 2385.943866][T31190]  ? __fget_files+0x2a/0x420
[ 2385.943895][T31190]  ? __fget_files+0x3a0/0x420
[ 2385.943914][T31190]  ? __fget_files+0x2a/0x420
[ 2385.943944][T31190]  __ia32_sys_setsockopt+0x18b/0x220
[ 2385.943976][T31190]  __do_fast_syscall_32+0xb6/0x2b0
[ 2385.943997][T31190]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2385.944031][T31190]  do_fast_syscall_32+0x34/0x80
[ 2385.944051][T31190]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2385.944077][T31190] RIP: 0023:0xf705e539
[ 2385.944095][T31190] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2385.944113][T31190] RSP: 002b:00000000f504e55c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[ 2385.944136][T31190] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000001
[ 2385.944149][T31190] RDX: 000000000000001a RSI: 0000000080000040 RDI: 0000000000000008
[ 2385.944162][T31190] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2385.944174][T31190] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2385.944187][T31190] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2385.944217][T31190]  </TASK>
[ 2386.333844][T31200] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6661'.
[ 2386.739826][   T24] gs_usb 5-1:0.0: Couldn't get device config: (err=-110)
[ 2386.750355][   T24] gs_usb 5-1:0.0: probe with driver gs_usb failed with error -110
[ 2387.431215][T31220] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6666'.
[ 2387.809895][ T9829] usb 5-1: USB disconnect, device number 76
[ 2388.339931][T14366] usb 2-1: new full-speed USB device number 69 using dummy_hcd
[ 2388.553800][T14366] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 2388.584947][T14366] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 46, changing to 4
[ 2388.686194][ T9829] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[ 2388.726084][ T9844] usb 3-1: new high-speed USB device number 127 using dummy_hcd
[ 2388.936113][T14366] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 65535, setting to 1023
[ 2388.955552][T14366] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 2388.965036][T14366] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2388.979211][T31243] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6674'.
[ 2388.979404][T14366] usb 2-1: Product: syz
[ 2389.005779][T14366] usb 2-1: Manufacturer: syz
[ 2389.012079][T14366] usb 2-1: SerialNumber: syz
[ 2389.101383][ T9829] usb 5-1: config 0 has no interfaces?
[ 2389.111945][ T9829] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2389.123294][ T9829] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2389.172816][ T9829] usb 5-1: Product: syz
[ 2389.177664][ T9829] usb 5-1: Manufacturer: syz
[ 2389.182483][ T9829] usb 5-1: SerialNumber: syz
[ 2389.186390][ T9844] usb 3-1: device descriptor read/64, error -71
[ 2389.220447][T14366] usb 2-1: config 0 descriptor??
[ 2389.232897][ T9829] usb 5-1: config 0 descriptor??
[ 2389.241463][T14366] em28xx 2-1:0.0: New device syz syz @ 12 Mbps (2040:0264, interface 0, class 0)
[ 2389.294972][T14366] em28xx 2-1:0.0: Device initialization failed.
[ 2389.312349][T14366] em28xx 2-1:0.0: Device must be connected to a high-speed USB 2.0 port.
[ 2389.321715][T31245] FAULT_INJECTION: forcing a failure.
[ 2389.321715][T31245] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2389.431635][T31245] CPU: 0 UID: 0 PID: 31245 Comm: syz.3.6675 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2389.431669][T31245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2389.431683][T31245] Call Trace:
[ 2389.431692][T31245]  <TASK>
[ 2389.431703][T31245]  dump_stack_lvl+0x189/0x250
[ 2389.431741][T31245]  ? __pfx____ratelimit+0x10/0x10
[ 2389.431772][T31245]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2389.431804][T31245]  ? __pfx__printk+0x10/0x10
[ 2389.431841][T31245]  should_fail_ex+0x414/0x560
[ 2389.431873][T31245]  _copy_to_user+0x31/0xb0
[ 2389.431896][T31245]  simple_read_from_buffer+0xe1/0x170
[ 2389.431924][T31245]  proc_fail_nth_read+0x1df/0x250
[ 2389.431953][T31245]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2389.431982][T31245]  ? rw_verify_area+0x258/0x650
[ 2389.432012][T31245]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2389.432049][T31245]  vfs_read+0x1fd/0x980
[ 2389.432086][T31245]  ? __pfx___mutex_lock+0x10/0x10
[ 2389.432118][T31245]  ? __pfx_vfs_read+0x10/0x10
[ 2389.432150][T31245]  ? __fget_files+0x2a/0x420
[ 2389.432178][T31245]  ? __fget_files+0x3a0/0x420
[ 2389.432199][T31245]  ? __fget_files+0x2a/0x420
[ 2389.432238][T31245]  ksys_read+0x145/0x250
[ 2389.432272][T31245]  ? __pfx_ksys_read+0x10/0x10
[ 2389.432305][T31245]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2389.432337][T31245]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2389.432370][T31245]  __do_fast_syscall_32+0xb6/0x2b0
[ 2389.432391][T31245]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2389.432426][T31245]  do_fast_syscall_32+0x34/0x80
[ 2389.432446][T31245]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2389.432471][T31245] RIP: 0023:0xf705e539
[ 2389.432489][T31245] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2389.432508][T31245] RSP: 002b:00000000f504e590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[ 2389.432530][T31245] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f504e620
[ 2389.432545][T31245] RDX: 000000000000000f RSI: 00000000f73c2ff4 RDI: 0000000000000000
[ 2389.432558][T31245] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 2389.432571][T31245] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2389.432584][T31245] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2389.432615][T31245]  </TASK>
[ 2389.443276][T31240] FAULT_INJECTION: forcing a failure.
[ 2389.443276][T31240] name failslab, interval 1, probability 0, space 0, times 0
[ 2389.446604][ T9844] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 2389.646103][ T9844] usb 3-1: device descriptor read/64, error -71
[ 2389.706117][T31240] CPU: 1 UID: 0 PID: 31240 Comm: syz.4.6671 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2389.706152][T31240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2389.706168][T31240] Call Trace:
[ 2389.706178][T31240]  <TASK>
[ 2389.706189][T31240]  dump_stack_lvl+0x189/0x250
[ 2389.706230][T31240]  ? __pfx____ratelimit+0x10/0x10
[ 2389.706265][T31240]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2389.706310][T31240]  ? __pfx__printk+0x10/0x10
[ 2389.706342][T31240]  ? __pfx___might_resched+0x10/0x10
[ 2389.706402][T31240]  should_fail_ex+0x414/0x560
[ 2389.706443][T31240]  should_failslab+0xa8/0x100
[ 2389.706470][T31240]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 2389.706507][T31240]  ? getname_flags+0xb8/0x540
[ 2389.706540][T31240]  getname_flags+0xb8/0x540
[ 2389.706572][T31240]  user_path_at+0x24/0x60
[ 2389.706605][T31240]  __se_sys_inotify_add_watch+0x182/0xf10
[ 2389.706642][T31240]  ? fput+0xa0/0xd0
[ 2389.706671][T31240]  ? ksys_write+0x22a/0x250
[ 2389.706696][T31240]  ? __pfx___se_sys_inotify_add_watch+0x10/0x10
[ 2389.706730][T31240]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2389.706766][T31240]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2389.706799][T31240]  __do_fast_syscall_32+0xb6/0x2b0
[ 2389.706823][T31240]  do_fast_syscall_32+0x34/0x80
[ 2389.706840][T31240]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2389.706863][T31240] RIP: 0023:0xf70ae539
[ 2389.706879][T31240] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2389.706910][T31240] RSP: 002b:00000000f505c55c EFLAGS: 00000206 ORIG_RAX: 0000000000000124
[ 2389.706930][T31240] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000800004c0
[ 2389.706943][T31240] RDX: 0000000000000144 RSI: 0000000000000000 RDI: 0000000000000000
[ 2389.706954][T31240] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2389.706965][T31240] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2389.706976][T31240] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2389.707001][T31240]  </TASK>
[ 2390.026596][ T9844] usb usb3-port1: attempt power cycle
[ 2390.306561][T31250] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6677'.
[ 2390.321150][T31250] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6677'.
[ 2390.331292][T31250] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6677'.
[ 2390.359078][T31250] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6677'.
[ 2390.370935][T31250] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6677'.
[ 2390.452635][T31252] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6678'.
[ 2390.486152][ T9844] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[ 2390.506806][ T9844] usb 3-1: device descriptor read/8, error -71
[ 2390.756089][ T9844] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[ 2390.784885][ T9844] usb 3-1: device descriptor read/8, error -71
[ 2390.900049][ T9844] usb usb3-port1: unable to enumerate USB device
[ 2391.190091][ T9844] usb 2-1: USB disconnect, device number 69
[ 2391.494009][ T9829] usb 5-1: USB disconnect, device number 77
[ 2391.614740][T31271] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6686'.
[ 2391.656207][T31271] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6686'.
[ 2391.677031][T31271] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6686'.
[ 2391.867626][T28144] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[ 2391.877805][T31277] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6686'.
[ 2392.046179][T14366] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[ 2392.059209][T28144] usb 2-1: config 0 has no interfaces?
[ 2392.075146][T28144] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2392.084337][T28144] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2392.095198][T28144] usb 2-1: Product: syz
[ 2392.099443][T28144] usb 2-1: Manufacturer: syz
[ 2392.104305][T28144] usb 2-1: SerialNumber: syz
[ 2392.130880][T28144] usb 2-1: config 0 descriptor??
[ 2392.179001][T31282] FAULT_INJECTION: forcing a failure.
[ 2392.179001][T31282] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2392.196773][T31282] CPU: 0 UID: 0 PID: 31282 Comm: syz.4.6689 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2392.196797][T31282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2392.196807][T31282] Call Trace:
[ 2392.196813][T31282]  <TASK>
[ 2392.196821][T31282]  dump_stack_lvl+0x189/0x250
[ 2392.196850][T31282]  ? __pfx____ratelimit+0x10/0x10
[ 2392.196872][T31282]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2392.196963][T31282]  ? __pfx__printk+0x10/0x10
[ 2392.196980][T31282]  ? __might_fault+0xb0/0x130
[ 2392.197002][T31282]  should_fail_ex+0x414/0x560
[ 2392.197024][T31282]  _copy_from_user+0x2d/0xb0
[ 2392.197040][T31282]  sk_setsockopt+0x276/0x2d30
[ 2392.197057][T31282]  ? __pfx___might_resched+0x10/0x10
[ 2392.197084][T31282]  ? rcu_read_lock_any_held+0xb3/0x120
[ 2392.197099][T31282]  ? __pfx_sk_setsockopt+0x10/0x10
[ 2392.197120][T31282]  ? aa_sk_perm+0x81e/0x950
[ 2392.197142][T31282]  ? __pfx_aa_sk_perm+0x10/0x10
[ 2392.197158][T31282]  ? __lock_acquire+0xab9/0xd20
[ 2392.197181][T31282]  ? aa_sock_opt_perm+0x74/0x110
[ 2392.197201][T31282]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 2392.197224][T31282]  do_sock_setsockopt+0x201/0x3e0
[ 2392.197244][T31282]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 2392.197260][T31282]  ? __fget_files+0x2a/0x420
[ 2392.197279][T31282]  ? __fget_files+0x3a0/0x420
[ 2392.197294][T31282]  ? __fget_files+0x2a/0x420
[ 2392.197316][T31282]  __ia32_sys_setsockopt+0x18b/0x220
[ 2392.197338][T31282]  __do_fast_syscall_32+0xb6/0x2b0
[ 2392.197353][T31282]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2392.197377][T31282]  do_fast_syscall_32+0x34/0x80
[ 2392.197391][T31282]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2392.197409][T31282] RIP: 0023:0xf70ae539
[ 2392.197422][T31282] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2392.197435][T31282] RSP: 002b:00000000f509e55c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[ 2392.197451][T31282] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000001
[ 2392.197461][T31282] RDX: 0000000000000012 RSI: 0000000080000500 RDI: 0000000000000004
[ 2392.197470][T31282] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2392.197479][T31282] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2392.197487][T31282] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2392.197508][T31282]  </TASK>
[ 2392.535666][T14366] usb 3-1: config 0 has an invalid interface number: 113 but max is 0
[ 2392.544731][T14366] usb 3-1: config 0 has no interface number 0
[ 2392.551564][T14366] usb 3-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 2392.563392][T14366] usb 3-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2392.574464][T14366] usb 3-1: config 0 interface 113 has no altsetting 0
[ 2392.598524][T14366] usb 3-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 2392.607803][T14366] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2392.615813][T14366] usb 3-1: Product: syz
[ 2392.620173][T14366] usb 3-1: Manufacturer: syz
[ 2392.624795][T14366] usb 3-1: SerialNumber: syz
[ 2392.631701][T14366] usb 3-1: config 0 descriptor??
[ 2392.647843][    C0] usb 3-1: NFC: Urb failure (status -71)
[ 2392.654094][T14366] usb 3-1: NFC: Unable to get FW version
[ 2392.660591][T14366] pn533_usb 3-1:0.113: probe with driver pn533_usb failed with error -90
[ 2393.113503][T31273] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2393.190377][T31273] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2393.556084][T14366] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[ 2393.706106][T14366] usb 5-1: Invalid ep0 maxpacket: 9
[ 2394.236394][T14366] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[ 2394.365377][T28144] usb 2-1: USB disconnect, device number 70
[ 2394.406424][T14366] usb 5-1: Invalid ep0 maxpacket: 9
[ 2394.420648][T14366] usb usb5-port1: attempt power cycle
[ 2394.555042][T31306] FAULT_INJECTION: forcing a failure.
[ 2394.555042][T31306] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2394.572380][T31306] CPU: 1 UID: 0 PID: 31306 Comm: syz.1.6698 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2394.572411][T31306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2394.572425][T31306] Call Trace:
[ 2394.572434][T31306]  <TASK>
[ 2394.572444][T31306]  dump_stack_lvl+0x189/0x250
[ 2394.572481][T31306]  ? __pfx____ratelimit+0x10/0x10
[ 2394.572512][T31306]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2394.572544][T31306]  ? __pfx__printk+0x10/0x10
[ 2394.572567][T31306]  ? __might_fault+0xb0/0x130
[ 2394.572599][T31306]  should_fail_ex+0x414/0x560
[ 2394.572630][T31306]  _copy_from_user+0x2d/0xb0
[ 2394.572652][T31306]  get_compat_msghdr+0xad/0x4a0
[ 2394.572677][T31306]  ? __lock_acquire+0xab9/0xd20
[ 2394.572711][T31306]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 2394.572740][T31306]  ? get_pid_task+0x20/0x1f0
[ 2394.572772][T31306]  ___sys_recvmsg+0x17f/0x510
[ 2394.572806][T31306]  ? __pfx____sys_recvmsg+0x10/0x10
[ 2394.572859][T31306]  ? __fget_files+0x3a0/0x420
[ 2394.572892][T31306]  __sys_recvmsg+0x161/0x220
[ 2394.572920][T31306]  ? __pfx___sys_recvmsg+0x10/0x10
[ 2394.572969][T31306]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2394.573000][T31306]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2394.573032][T31306]  __do_fast_syscall_32+0xb6/0x2b0
[ 2394.573053][T31306]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2394.573087][T31306]  do_fast_syscall_32+0x34/0x80
[ 2394.573107][T31306]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2394.573132][T31306] RIP: 0023:0xf703e539
[ 2394.573149][T31306] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2394.573167][T31306] RSP: 002b:00000000f502e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000174
[ 2394.573188][T31306] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300
[ 2394.573203][T31306] RDX: 0000000040010100 RSI: 0000000000000000 RDI: 0000000000000000
[ 2394.573217][T31306] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2394.573228][T31306] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2394.573241][T31306] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2394.573272][T31306]  </TASK>
[ 2394.846150][T14366] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[ 2394.881775][T16770] usb 3-1: USB disconnect, device number 5
[ 2394.905639][T14366] usb 5-1: Invalid ep0 maxpacket: 9
[ 2394.976436][T31312] FAULT_INJECTION: forcing a failure.
[ 2394.976436][T31312] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2395.003813][T31312] CPU: 0 UID: 0 PID: 31312 Comm: syz.1.6700 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2395.003842][T31312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2395.003855][T31312] Call Trace:
[ 2395.003863][T31312]  <TASK>
[ 2395.003872][T31312]  dump_stack_lvl+0x189/0x250
[ 2395.003918][T31312]  ? __pfx____ratelimit+0x10/0x10
[ 2395.003950][T31312]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2395.003982][T31312]  ? __pfx__printk+0x10/0x10
[ 2395.004002][T31312]  ? lock_acquire+0x175/0x360
[ 2395.004047][T31312]  should_fail_ex+0x414/0x560
[ 2395.004077][T31312]  _copy_from_user+0x2d/0xb0
[ 2395.004099][T31312]  get_compat_msghdr+0xad/0x4a0
[ 2395.004131][T31312]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 2395.004172][T31312]  ___sys_sendmsg+0x193/0x2a0
[ 2395.004201][T31312]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2395.004264][T31312]  ? __fget_files+0x2a/0x420
[ 2395.004288][T31312]  ? __fget_files+0x3a0/0x420
[ 2395.004322][T31312]  __sys_sendmsg+0x164/0x220
[ 2395.004351][T31312]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2395.004391][T31312]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2395.004423][T31312]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2395.004454][T31312]  __do_fast_syscall_32+0xb6/0x2b0
[ 2395.004474][T31312]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2395.004507][T31312]  do_fast_syscall_32+0x34/0x80
[ 2395.004525][T31312]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2395.004549][T31312] RIP: 0023:0xf703e539
[ 2395.004568][T31312] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2395.004586][T31312] RSP: 002b:00000000f502e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 2395.004608][T31312] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800002c0
[ 2395.004623][T31312] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2395.004654][T31312] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2395.004667][T31312] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2395.004680][T31312] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2395.004709][T31312]  </TASK>
[ 2395.299596][T31320] FAULT_INJECTION: forcing a failure.
[ 2395.299596][T31320] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2395.314167][T31320] CPU: 1 UID: 0 PID: 31320 Comm: syz.2.6703 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2395.314199][T31320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2395.314213][T31320] Call Trace:
[ 2395.314223][T31320]  <TASK>
[ 2395.314233][T31320]  dump_stack_lvl+0x189/0x250
[ 2395.314273][T31320]  ? __pfx____ratelimit+0x10/0x10
[ 2395.314305][T31320]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2395.314339][T31320]  ? __pfx__printk+0x10/0x10
[ 2395.314365][T31320]  ? __might_fault+0xb0/0x130
[ 2395.314399][T31320]  should_fail_ex+0x414/0x560
[ 2395.314431][T31320]  _copy_from_user+0x2d/0xb0
[ 2395.314453][T31320]  get_compat_msghdr+0xad/0x4a0
[ 2395.314480][T31320]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 2395.314511][T31320]  ___sys_sendmsg+0x193/0x2a0
[ 2395.314535][T31320]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2395.314590][T31320]  ? __fget_files+0x2a/0x420
[ 2395.314609][T31320]  ? __fget_files+0x3a0/0x420
[ 2395.314636][T31320]  __sys_sendmsg+0x164/0x220
[ 2395.314658][T31320]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2395.314690][T31320]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2395.314716][T31320]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2395.314743][T31320]  __do_fast_syscall_32+0xb6/0x2b0
[ 2395.314759][T31320]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2395.314786][T31320]  do_fast_syscall_32+0x34/0x80
[ 2395.314802][T31320]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2395.314831][T31320] RIP: 0023:0xf7f04539
[ 2395.314845][T31320] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2395.314860][T31320] RSP: 002b:00000000f502655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 2395.314878][T31320] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080007dc0
[ 2395.314890][T31320] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2395.314899][T31320] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2395.314909][T31320] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2395.314919][T31320] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2395.314942][T31320]  </TASK>
[ 2395.524506][T14366] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[ 2395.561904][T14366] usb 5-1: Invalid ep0 maxpacket: 9
[ 2395.567971][T14366] usb usb5-port1: unable to enumerate USB device
[ 2395.965309][T31339] FAULT_INJECTION: forcing a failure.
[ 2395.965309][T31339] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2395.982382][T31339] CPU: 0 UID: 0 PID: 31339 Comm: syz.0.6711 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2395.982412][T31339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2395.982426][T31339] Call Trace:
[ 2395.982435][T31339]  <TASK>
[ 2395.982445][T31339]  dump_stack_lvl+0x189/0x250
[ 2395.982481][T31339]  ? __pfx____ratelimit+0x10/0x10
[ 2395.982514][T31339]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2395.982553][T31339]  ? __pfx__printk+0x10/0x10
[ 2395.982577][T31339]  ? __might_fault+0xb0/0x130
[ 2395.982609][T31339]  should_fail_ex+0x414/0x560
[ 2395.982641][T31339]  _copy_from_user+0x2d/0xb0
[ 2395.982663][T31339]  get_compat_msghdr+0xad/0x4a0
[ 2395.982696][T31339]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 2395.982736][T31339]  ___sys_sendmsg+0x193/0x2a0
[ 2395.982766][T31339]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2395.982829][T31339]  ? __fget_files+0x2a/0x420
[ 2395.982851][T31339]  ? __fget_files+0x3a0/0x420
[ 2395.982885][T31339]  __sys_sendmsg+0x164/0x220
[ 2395.982913][T31339]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2395.982952][T31339]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2395.982985][T31339]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2395.983017][T31339]  __do_fast_syscall_32+0xb6/0x2b0
[ 2395.983038][T31339]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2395.983071][T31339]  do_fast_syscall_32+0x34/0x80
[ 2395.983090][T31339]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2395.983116][T31339] RIP: 0023:0xf7fe8539
[ 2395.983133][T31339] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2395.983152][T31339] RSP: 002b:00000000f510655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 2395.983173][T31339] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080003780
[ 2395.983187][T31339] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2395.983199][T31339] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2395.983211][T31339] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2395.983224][T31339] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2395.983253][T31339]  </TASK>
[ 2396.265346][T14366] usb 4-1: new full-speed USB device number 54 using dummy_hcd
[ 2396.444672][T14366] usb 4-1: config 0 has an invalid interface number: 113 but max is 0
[ 2396.445741][T31344] FAULT_INJECTION: forcing a failure.
[ 2396.445741][T31344] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2396.453129][T14366] usb 4-1: config 0 has no interface number 0
[ 2396.453180][T14366] usb 4-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 2396.453210][T14366] usb 4-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2396.453236][T14366] usb 4-1: config 0 interface 113 has no altsetting 0
[ 2396.525367][T14366] usb 4-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 2396.549160][T14366] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2396.555875][T31344] CPU: 1 UID: 0 PID: 31344 Comm: syz.1.6714 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2396.555911][T31344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2396.555931][T31344] Call Trace:
[ 2396.555941][T31344]  <TASK>
[ 2396.555952][T31344]  dump_stack_lvl+0x189/0x250
[ 2396.555995][T31344]  ? __pfx____ratelimit+0x10/0x10
[ 2396.556030][T31344]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2396.556063][T31344]  ? __pfx__printk+0x10/0x10
[ 2396.556090][T31344]  ? __might_fault+0xb0/0x130
[ 2396.556125][T31344]  should_fail_ex+0x414/0x560
[ 2396.556158][T31344]  _copy_from_user+0x2d/0xb0
[ 2396.556183][T31344]  get_old_timespec32+0x88/0x130
[ 2396.556215][T31344]  ? __pfx_get_old_timespec32+0x10/0x10
[ 2396.556259][T31344]  __ia32_compat_sys_ppoll_time32+0x14f/0x300
[ 2396.556289][T31344]  ? fput+0xa0/0xd0
[ 2396.556322][T31344]  ? __pfx___ia32_compat_sys_ppoll_time32+0x10/0x10
[ 2396.556357][T31344]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2396.556392][T31344]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2396.556427][T31344]  __do_fast_syscall_32+0xb6/0x2b0
[ 2396.556450][T31344]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2396.556496][T31344]  do_fast_syscall_32+0x34/0x80
[ 2396.556518][T31344]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2396.556546][T31344] RIP: 0023:0xf703e539
[ 2396.556566][T31344] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2396.556585][T31344] RSP: 002b:00000000f502e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000135
[ 2396.556611][T31344] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[ 2396.556625][T31344] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[ 2396.556640][T31344] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2396.556653][T31344] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2396.556668][T31344] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2396.556700][T31344]  </TASK>
[ 2397.411013][T14366] usb 4-1: Product: syz
[ 2397.415318][T14366] usb 4-1: Manufacturer: syz
[ 2397.420127][T14366] usb 4-1: SerialNumber: syz
[ 2397.438823][T14366] usb 4-1: config 0 descriptor??
[ 2397.450416][    C0] usb 4-1: NFC: Urb failure (status -71)
[ 2397.516549][T14366] usb 4-1: NFC: Unable to get FW version
[ 2397.528001][T14366] pn533_usb 4-1:0.113: probe with driver pn533_usb failed with error -90
[ 2398.000765][T31369] FAULT_INJECTION: forcing a failure.
[ 2398.000765][T31369] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2398.046304][T31369] CPU: 1 UID: 0 PID: 31369 Comm: syz.4.6723 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2398.046335][T31369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2398.046345][T31369] Call Trace:
[ 2398.046351][T31369]  <TASK>
[ 2398.046358][T31369]  dump_stack_lvl+0x189/0x250
[ 2398.046396][T31369]  ? __pfx____ratelimit+0x10/0x10
[ 2398.046418][T31369]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2398.046441][T31369]  ? __pfx__printk+0x10/0x10
[ 2398.046457][T31369]  ? __might_fault+0xb0/0x130
[ 2398.046480][T31369]  should_fail_ex+0x414/0x560
[ 2398.046503][T31369]  _copy_from_user+0x2d/0xb0
[ 2398.046518][T31369]  get_compat_msghdr+0xad/0x4a0
[ 2398.046542][T31369]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 2398.046571][T31369]  ___sys_sendmsg+0x193/0x2a0
[ 2398.046592][T31369]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2398.046638][T31369]  ? __fget_files+0x2a/0x420
[ 2398.046654][T31369]  ? __fget_files+0x3a0/0x420
[ 2398.046677][T31369]  __sys_sendmsg+0x164/0x220
[ 2398.046697][T31369]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2398.046726][T31369]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2398.046749][T31369]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2398.046772][T31369]  __do_fast_syscall_32+0xb6/0x2b0
[ 2398.046787][T31369]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2398.046811][T31369]  do_fast_syscall_32+0x34/0x80
[ 2398.046825][T31369]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2398.046844][T31369] RIP: 0023:0xf70ae539
[ 2398.046857][T31369] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2398.046869][T31369] RSP: 002b:00000000f509e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 2398.046884][T31369] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[ 2398.046894][T31369] RDX: 0000000000040800 RSI: 0000000000000000 RDI: 0000000000000000
[ 2398.046903][T31369] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2398.046911][T31369] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2398.046920][T31369] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2398.046941][T31369]  </TASK>
[ 2398.282962][T31329] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2398.291780][T31329] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2398.531929][T31381] input: syz0 as /devices/virtual/input/input21
[ 2399.305378][   T30] audit: type=1326 audit(1750719096.580:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31405 comm="syz.2.6732" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04539 code=0x7ffc0000
[ 2399.343468][   T30] audit: type=1326 audit(1750719096.580:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31405 comm="syz.2.6732" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04539 code=0x7ffc0000
[ 2399.368928][   T30] audit: type=1326 audit(1750719096.580:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31405 comm="syz.2.6732" exe="/root/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7f04539 code=0x7ffc0000
[ 2399.392199][   T30] audit: type=1326 audit(1750719096.590:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31405 comm="syz.2.6732" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04539 code=0x7ffc0000
[ 2399.434795][   T30] audit: type=1326 audit(1750719096.590:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31405 comm="syz.2.6732" exe="/root/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7f04539 code=0x7ffc0000
[ 2399.503070][   T30] audit: type=1326 audit(1750719096.590:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31405 comm="syz.2.6732" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04539 code=0x7ffc0000
[ 2399.535035][   T30] audit: type=1326 audit(1750719096.590:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31405 comm="syz.2.6732" exe="/root/syz-executor" sig=0 arch=40000003 syscall=353 compat=1 ip=0xf7f04539 code=0x7ffc0000
[ 2399.558021][   T30] audit: type=1326 audit(1750719096.590:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31405 comm="syz.2.6732" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04539 code=0x7ffc0000
[ 2399.613076][   T30] audit: type=1326 audit(1750719096.590:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31405 comm="syz.2.6732" exe="/root/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f04539 code=0x7ffc0000
[ 2399.665519][   T30] audit: type=1326 audit(1750719096.590:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31405 comm="syz.2.6732" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04539 code=0x7ffc0000
[ 2399.816817][T28144] usb 4-1: USB disconnect, device number 54
[ 2399.889926][T31418] __nla_validate_parse: 1 callbacks suppressed
[ 2399.889948][T31418] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6734'.
[ 2400.184475][T31427] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6736'.
[ 2400.233363][T31427] FAULT_INJECTION: forcing a failure.
[ 2400.233363][T31427] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2400.266189][T31427] CPU: 1 UID: 0 PID: 31427 Comm: syz.0.6736 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2400.266220][T31427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2400.266233][T31427] Call Trace:
[ 2400.266241][T31427]  <TASK>
[ 2400.266250][T31427]  dump_stack_lvl+0x189/0x250
[ 2400.266286][T31427]  ? __pfx____ratelimit+0x10/0x10
[ 2400.266314][T31427]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2400.266345][T31427]  ? __pfx__printk+0x10/0x10
[ 2400.266366][T31427]  ? __might_fault+0xb0/0x130
[ 2400.266395][T31427]  should_fail_ex+0x414/0x560
[ 2400.266426][T31427]  _copy_from_user+0x2d/0xb0
[ 2400.266447][T31427]  __sys_sendto+0x25c/0x520
[ 2400.266472][T31427]  ? __pfx___sys_sendto+0x10/0x10
[ 2400.266492][T31427]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 2400.266537][T31427]  ? __fget_files+0x3a0/0x420
[ 2400.266581][T31427]  ? ksys_write+0x22a/0x250
[ 2400.266610][T31427]  __ia32_sys_sendto+0xdd/0x100
[ 2400.266639][T31427]  __do_fast_syscall_32+0xb6/0x2b0
[ 2400.266659][T31427]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2400.266693][T31427]  do_fast_syscall_32+0x34/0x80
[ 2400.266712][T31427]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2400.266737][T31427] RIP: 0023:0xf7fe8539
[ 2400.266756][T31427] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2400.266774][T31427] RSP: 002b:00000000f510655c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[ 2400.266796][T31427] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000000
[ 2400.266810][T31427] RDX: 0000000000000000 RSI: 00000000200007fd RDI: 0000000080e68000
[ 2400.266824][T31427] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000
[ 2400.266836][T31427] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2400.266849][T31427] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2400.266878][T31427]  </TASK>
[ 2400.578333][T31434] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6739'.
[ 2400.711320][T31439] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6737'.
[ 2400.731488][T31441] FAULT_INJECTION: forcing a failure.
[ 2400.731488][T31441] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2400.750664][T31441] CPU: 1 UID: 0 PID: 31441 Comm: syz.0.6740 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2400.750696][T31441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2400.750709][T31441] Call Trace:
[ 2400.750718][T31441]  <TASK>
[ 2400.750727][T31441]  dump_stack_lvl+0x189/0x250
[ 2400.750766][T31441]  ? __pfx____ratelimit+0x10/0x10
[ 2400.750798][T31441]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2400.750831][T31441]  ? __pfx__printk+0x10/0x10
[ 2400.750856][T31441]  ? __might_fault+0xb0/0x130
[ 2400.750888][T31441]  should_fail_ex+0x414/0x560
[ 2400.750920][T31441]  _copy_from_user+0x2d/0xb0
[ 2400.750942][T31441]  get_compat_msghdr+0xad/0x4a0
[ 2400.750976][T31441]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 2400.751017][T31441]  ___sys_sendmsg+0x193/0x2a0
[ 2400.751047][T31441]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2400.751111][T31441]  ? __fget_files+0x2a/0x420
[ 2400.751135][T31441]  ? __fget_files+0x3a0/0x420
[ 2400.751179][T31441]  __sys_sendmsg+0x164/0x220
[ 2400.751209][T31441]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2400.751250][T31441]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2400.751282][T31441]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2400.751316][T31441]  __do_fast_syscall_32+0xb6/0x2b0
[ 2400.751337][T31441]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2400.751370][T31441]  do_fast_syscall_32+0x34/0x80
[ 2400.751391][T31441]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2400.751417][T31441] RIP: 0023:0xf7fe8539
[ 2400.751436][T31441] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2400.751454][T31441] RSP: 002b:00000000f510655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 2400.751477][T31441] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[ 2400.751492][T31441] RDX: 0000000000000014 RSI: 0000000000000000 RDI: 0000000000000000
[ 2400.751505][T31441] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2400.751516][T31441] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2400.751529][T31441] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2400.751558][T31441]  </TASK>
[ 2400.816268][T18381] Bluetooth: hci2: command 0x0406 tx timeout
[ 2400.976453][ T9844] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[ 2400.988574][ T9844] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[ 2401.181038][   T24] IPVS: starting estimator thread 0...
[ 2401.191688][T31453] IPVS: set_ctl: invalid protocol: 94 224.0.0.2:0
[ 2401.200393][T31446] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 2401.276574][T31452] IPVS: using max 24 ests per chain, 57600 per kthread
[ 2401.326309][T16770] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[ 2401.480157][T16770] usb 2-1: device descriptor read/64, error -71
[ 2401.760090][T16770] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[ 2401.919742][T16770] usb 2-1: device descriptor read/64, error -71
[ 2402.042100][T16770] usb usb2-port1: attempt power cycle
[ 2402.406530][T16770] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[ 2402.437559][T16770] usb 2-1: device descriptor read/8, error -71
[ 2402.688824][T16770] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[ 2402.717076][T16770] usb 2-1: device descriptor read/8, error -71
[ 2402.833575][T16770] usb usb2-port1: unable to enumerate USB device
[ 2403.306212][T18381] Bluetooth: hci1: command 0x0c1a tx timeout
[ 2403.312431][ T9844] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[ 2403.318613][ T9844] Bluetooth: hci1: Error when powering off device on rfkill (-110)
[ 2405.377275][T18381] Bluetooth: hci4: command 0x0c1a tx timeout
[ 2405.377392][ T9844] Bluetooth: hci4: Opcode 0x0c1a failed: -110
[ 2405.389746][ T9844] Bluetooth: hci4: Error when powering off device on rfkill (-110)
[ 2406.268851][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 2406.275310][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 2407.456234][T18381] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2407.456406][ T9844] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[ 2407.469607][ T9844] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[ 2409.536120][ T9844] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[ 2409.536219][T18381] Bluetooth: hci0: command 0x0c1a tx timeout
[ 2409.542262][ T9844] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[ 2467.700206][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 2467.706874][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 2529.139040][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 2529.145701][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 2559.860739][   T31] INFO: task kworker/0:11:9844 blocked for more than 143 seconds.
[ 2559.868866][   T31]       Not tainted 6.16.0-rc3-syzkaller #0
[ 2559.874784][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2559.883735][   T31] task:kworker/0:11    state:D stack:20712 pid:9844  tgid:9844  ppid:2      task_flags:0x4208060 flags:0x00004000
[ 2559.896132][   T31] Workqueue: events rfkill_op_handler
[ 2559.901678][   T31] Call Trace:
[ 2559.905015][   T31]  <TASK>
[ 2559.908211][   T31]  __schedule+0x16f5/0x4d00
[ 2559.912982][   T31]  ? __lock_acquire+0xab9/0xd20
[ 2559.917996][   T31]  ? schedule+0x165/0x360
[ 2559.922417][   T31]  ? __pfx___schedule+0x10/0x10
[ 2559.927621][   T31]  ? schedule+0x91/0x360
[ 2559.931932][   T31]  schedule+0x165/0x360
[ 2559.936334][   T31]  schedule_preempt_disabled+0x13/0x30
[ 2559.941868][   T31]  __mutex_lock+0x724/0xe80
[ 2559.946479][   T31]  ? __lock_acquire+0xab9/0xd20
[ 2559.951493][   T31]  ? __mutex_lock+0x51b/0xe80
[ 2559.956478][   T31]  ? nfc_rfkill_set_block+0x50/0x2e0
[ 2559.961828][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 2559.970729][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2559.977175][   T31]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 2559.983169][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2559.993464][   T31]  ? kobject_uevent_env+0x36b/0x8c0
[ 2559.999747][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 2560.005544][   T31]  nfc_rfkill_set_block+0x50/0x2e0
[ 2560.014726][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 2560.021687][   T31]  rfkill_set_block+0x1cf/0x440
[ 2560.030436][   T31]  rfkill_epo+0x7e/0x180
[ 2560.034792][   T31]  rfkill_op_handler+0x84/0x240
[ 2560.039750][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 2560.045534][   T31]  process_scheduled_works+0xae1/0x17b0
[ 2560.052367][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2560.058537][   T31]  worker_thread+0x8a0/0xda0
[ 2560.063316][   T31]  kthread+0x70e/0x8a0
[ 2560.067909][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 2560.073417][   T31]  ? __pfx_kthread+0x10/0x10
[ 2560.078127][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2560.083487][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2560.092402][   T31]  ? __pfx_kthread+0x10/0x10
[ 2560.097588][   T31]  ret_from_fork+0x3fc/0x770
[ 2560.102265][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 2560.111378][   T31]  ? __switch_to_asm+0x39/0x70
[ 2560.116285][   T31]  ? __switch_to_asm+0x33/0x70
[ 2560.121126][   T31]  ? __pfx_kthread+0x10/0x10
[ 2560.130601][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2560.135586][   T31]  </TASK>
[ 2560.138754][   T31] INFO: task kworker/0:0:14366 blocked for more than 143 seconds.
[ 2560.146783][   T31]       Not tainted 6.16.0-rc3-syzkaller #0
[ 2560.152724][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2560.165266][   T31] task:kworker/0:0     state:D stack:21416 pid:14366 tgid:14366 ppid:2      task_flags:0x4208060 flags:0x00004000
[ 2560.181513][   T31] Workqueue: events rfkill_global_led_trigger_worker
[ 2560.188883][   T31] Call Trace:
[ 2560.192206][   T31]  <TASK>
[ 2560.195179][   T31]  __schedule+0x16f5/0x4d00
[ 2560.203493][   T31]  ? schedule+0x165/0x360
[ 2560.208078][   T31]  ? __pfx___schedule+0x10/0x10
[ 2560.213103][   T31]  ? schedule+0x91/0x360
[ 2560.221967][   T31]  schedule+0x165/0x360
[ 2560.226305][   T31]  schedule_preempt_disabled+0x13/0x30
[ 2560.231825][   T31]  __mutex_lock+0x724/0xe80
[ 2560.241086][   T31]  ? look_up_lock_class+0x74/0x170
[ 2560.246337][   T31]  ? __mutex_lock+0x51b/0xe80
[ 2560.251089][   T31]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[ 2560.264885][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 2560.271384][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 2560.285526][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 2560.291496][   T31]  rfkill_global_led_trigger_worker+0x27/0xd0
[ 2560.298888][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 2560.304741][   T31]  process_scheduled_works+0xae1/0x17b0
[ 2560.311052][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2560.317363][   T31]  worker_thread+0x8a0/0xda0
[ 2560.322106][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2560.328959][   T31]  ? __kthread_parkme+0x7b/0x200
[ 2560.333959][   T31]  kthread+0x70e/0x8a0
[ 2560.338315][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 2560.343502][   T31]  ? __pfx_kthread+0x10/0x10
[ 2560.348334][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2560.353592][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2560.359006][   T31]  ? __pfx_kthread+0x10/0x10
[ 2560.363776][   T31]  ret_from_fork+0x3fc/0x770
[ 2560.368767][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 2560.374023][   T31]  ? __switch_to_asm+0x39/0x70
[ 2560.378959][   T31]  ? __switch_to_asm+0x33/0x70
[ 2560.383881][   T31]  ? __pfx_kthread+0x10/0x10
[ 2560.388614][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2560.393644][   T31]  </TASK>
[ 2560.396894][   T31] INFO: task syz.4.6725:31374 blocked for more than 143 seconds.
[ 2560.404763][   T31]       Not tainted 6.16.0-rc3-syzkaller #0
[ 2560.411095][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2560.420246][   T31] task:syz.4.6725      state:D stack:25096 pid:31374 tgid:31374 ppid:28403  task_flags:0x400040 flags:0x20004004
[ 2560.432687][   T31] Call Trace:
[ 2560.436122][   T31]  <TASK>
[ 2560.439122][   T31]  __schedule+0x16f5/0x4d00
[ 2560.443675][   T31]  ? __lock_acquire+0xa91/0xd20
[ 2560.448699][   T31]  ? schedule+0x165/0x360
[ 2560.453265][   T31]  ? __pfx___schedule+0x10/0x10
[ 2560.458393][   T31]  ? schedule+0x91/0x360
[ 2560.462807][   T31]  schedule+0x165/0x360
[ 2560.467126][   T31]  schedule_preempt_disabled+0x13/0x30
[ 2560.472744][   T31]  __mutex_lock+0x724/0xe80
[ 2560.477859][   T31]  ? kobject_put+0x43f/0x480
[ 2560.482883][   T31]  ? __mutex_lock+0x51b/0xe80
[ 2560.487711][   T31]  ? rfkill_unregister+0xc8/0x220
[ 2560.492811][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 2560.498026][   T31]  ? __pfx_device_del+0x10/0x10
[ 2560.503028][   T31]  rfkill_unregister+0xc8/0x220
[ 2560.508060][   T31]  nfc_unregister_device+0x96/0x2a0
[ 2560.513332][   T31]  ? __pfx_virtual_ncidev_close+0x10/0x10
[ 2560.519442][   T31]  virtual_ncidev_close+0x56/0x90
[ 2560.524552][   T31]  __fput+0x44c/0xa70
[ 2560.528785][   T31]  task_work_run+0x1d1/0x260
[ 2560.533435][   T31]  ? __pfx_task_work_run+0x10/0x10
[ 2560.538831][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[ 2560.544377][   T31]  exit_to_user_mode_loop+0xec/0x110
[ 2560.549802][   T31]  __do_fast_syscall_32+0x1f4/0x2b0
[ 2560.555177][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2560.560630][   T31]  do_fast_syscall_32+0x34/0x80
[ 2560.565552][   T31]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2560.572086][   T31] RIP: 0023:0xf70ae539
[ 2560.576420][   T31] RSP: 002b:00000000f756fadc EFLAGS: 00000206 ORIG_RAX: 00000000000001b4
[ 2560.585331][   T31] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 000000000000001e
[ 2560.593432][   T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2560.601609][   T31] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2560.609743][   T31] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2560.617807][   T31] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2560.626074][   T31]  </TASK>
[ 2560.629186][   T31] 
[ 2560.629186][   T31] Showing all locks held in the system:
[ 2560.637251][   T31] 1 lock held by khungtaskd/31:
[ 2560.642162][   T31]  #0: ffffffff8e13ee60 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 2560.652377][   T31] 2 locks held by getty/5589:
[ 2560.657513][   T31]  #0: ffff888033e880a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 2560.667607][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[ 2560.678021][   T31] 4 locks held by kworker/0:11/9844:
[ 2560.683646][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 2560.694962][   T31]  #1: ffffc90003277bc0 ((rfkill_op_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 2560.706146][   T31]  #2: ffffffff8f7eae68 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_epo+0x4c/0x180
[ 2560.715821][   T31]  #3: ffff888034084100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0
[ 2560.725677][   T31] 3 locks held by kworker/0:0/14366:
[ 2560.731172][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 2560.742317][   T31]  #1: ffffc90002ef7bc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 2560.756043][   T31]  #2: ffffffff8f7eae68 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[ 2560.767503][   T31] 2 locks held by kworker/u8:5/23673:
[ 2560.772914][   T31]  #0: ffff8880b8639f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[ 2560.783156][   T31]  #1: ffff8880b8623f08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x314/0x6d0
[ 2560.795247][   T31] 2 locks held by syz.4.6725/31374:
[ 2560.800580][   T31]  #0: ffff888034084100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[ 2560.810542][   T31]  #1: ffffffff8f7eae68 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220
[ 2560.820898][   T31] 
[ 2560.823296][   T31] =============================================
[ 2560.823296][   T31] 
[ 2560.831964][   T31] NMI backtrace for cpu 1
[ 2560.831981][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2560.832002][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2560.832014][   T31] Call Trace:
[ 2560.832021][   T31]  <TASK>
[ 2560.832030][   T31]  dump_stack_lvl+0x189/0x250
[ 2560.832064][   T31]  ? __wake_up_klogd+0xd9/0x110
[ 2560.832089][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2560.832118][   T31]  ? __pfx__printk+0x10/0x10
[ 2560.832152][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[ 2560.832210][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 2560.832235][   T31]  ? _printk+0xcf/0x120
[ 2560.832262][   T31]  ? __pfx__printk+0x10/0x10
[ 2560.832286][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2560.832317][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 2560.832346][   T31]  watchdog+0xfee/0x1030
[ 2560.832377][   T31]  ? watchdog+0x1de/0x1030
[ 2560.832413][   T31]  kthread+0x70e/0x8a0
[ 2560.832441][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2560.832468][   T31]  ? __pfx_kthread+0x10/0x10
[ 2560.832493][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2560.832522][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2560.832550][   T31]  ? __pfx_kthread+0x10/0x10
[ 2560.832574][   T31]  ret_from_fork+0x3fc/0x770
[ 2560.832606][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 2560.832641][   T31]  ? __switch_to_asm+0x39/0x70
[ 2560.832662][   T31]  ? __switch_to_asm+0x33/0x70
[ 2560.832681][   T31]  ? __pfx_kthread+0x10/0x10
[ 2560.832706][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2560.832744][   T31]  </TASK>
[ 2560.832753][   T31] Sending NMI from CPU 1 to CPUs 0:
[ 2560.990329][    C0] NMI backtrace for cpu 0
[ 2560.990347][    C0] CPU: 0 UID: 0 PID: 10210 Comm: kworker/u8:10 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2560.990368][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2560.990380][    C0] Workqueue: events_unbound toggle_allocation_gate
[ 2560.990406][    C0] RIP: 0010:preempt_count_sub+0xf8/0x170
[ 2560.990444][    C0] Code: 75 78 83 3d 1d 77 10 0e 00 75 19 90 48 c7 c7 c0 3f 8a 8b 48 c7 c6 a0 40 8a 8b e8 d3 31 f3 ff 90 0f 0b 90 90 90 e9 6d ff ff ff <48> c7 c1 20 33 a8 99 80 e1 07 80 c1 03 38 c1 0f 8c 1a ff ff ff 89
[ 2560.990460][    C0] RSP: 0018:ffffc9001b497208 EFLAGS: 00000002
[ 2560.990475][    C0] RAX: 0000000000000004 RBX: dffffc0000000000 RCX: 0000000000000000
[ 2560.990487][    C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001
[ 2560.990498][    C0] RBP: ffffc9001b4972b8 R08: ffffffff99ceddcb R09: 1ffffffff339dbb9
[ 2560.990512][    C0] R10: dffffc0000000000 R11: fffffbfff339dbba R12: dffffc0000000000
[ 2560.990525][    C0] R13: ffff88801a459d58 R14: ffffffff99ceddc8 R15: 1ffff92003692e44
[ 2560.990539][    C0] FS:  0000000000000000(0000) GS:ffff888125c51000(0000) knlGS:0000000000000000
[ 2560.990554][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2560.990566][    C0] CR2: 0000561693041660 CR3: 000000000df38000 CR4: 00000000003526f0
[ 2560.990582][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2560.990592][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2560.990604][    C0] Call Trace:
[ 2560.990611][    C0]  <TASK>
[ 2560.990619][    C0]  _raw_spin_unlock_irqrestore+0xad/0x110
[ 2560.990646][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2560.990668][    C0]  ? __lock_acquire+0xab9/0xd20
[ 2560.990698][    C0]  debug_object_activate+0x2e2/0x420
[ 2560.990723][    C0]  enqueue_hrtimer+0x30/0x3a0
[ 2560.990741][    C0]  hrtimer_start_range_ns+0xd10/0x1080
[ 2560.990775][    C0]  start_dl_timer+0x379/0x520
[ 2560.990801][    C0]  update_curr_dl_se+0x3b8/0xa20
[ 2560.990829][    C0]  update_curr+0x3ba/0x8b0
[ 2560.990857][    C0]  dequeue_entity+0x27/0x1690
[ 2560.990887][    C0]  ? __lock_acquire+0xab9/0xd20
[ 2560.990918][    C0]  dequeue_entities+0x1fa/0x1510
[ 2560.990939][    C0]  ? do_raw_spin_lock+0x121/0x290
[ 2560.990966][    C0]  dequeue_task_fair+0x205/0x580
[ 2560.990988][    C0]  __schedule+0x5a7/0x4d00
[ 2560.991017][    C0]  ? do_raw_spin_lock+0x121/0x290
[ 2560.991037][    C0]  ? schedule+0x165/0x360
[ 2560.991060][    C0]  ? __lock_acquire+0xab9/0xd20
[ 2560.991083][    C0]  ? __pfx___schedule+0x10/0x10
[ 2560.991114][    C0]  ? schedule+0x91/0x360
[ 2560.991138][    C0]  schedule+0x165/0x360
[ 2560.991161][    C0]  toggle_allocation_gate+0x159/0x240
[ 2560.991179][    C0]  ? __pfx_toggle_allocation_gate+0x10/0x10
[ 2560.991198][    C0]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 2560.991223][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 2560.991256][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 2560.991282][    C0]  process_scheduled_works+0xae1/0x17b0
[ 2560.991321][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2560.991355][    C0]  worker_thread+0x8a0/0xda0
[ 2560.991394][    C0]  kthread+0x70e/0x8a0
[ 2560.991415][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 2560.991445][    C0]  ? __pfx_kthread+0x10/0x10
[ 2560.991465][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2560.991493][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2560.991517][    C0]  ? __pfx_kthread+0x10/0x10
[ 2560.991537][    C0]  ret_from_fork+0x3fc/0x770
[ 2560.991561][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 2560.991588][    C0]  ? __switch_to_asm+0x39/0x70
[ 2560.991606][    C0]  ? __switch_to_asm+0x33/0x70
[ 2560.991623][    C0]  ? __pfx_kthread+0x10/0x10
[ 2560.991642][    C0]  ret_from_fork_asm+0x1a/0x30
[ 2560.991667][    C0]  </TASK>
[ 2560.993954][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 2561.362055][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 2561.372946][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2561.383578][   T31] Call Trace:
[ 2561.386889][   T31]  <TASK>
[ 2561.389839][   T31]  dump_stack_lvl+0x99/0x250
[ 2561.394458][   T31]  ? __asan_memcpy+0x40/0x70
[ 2561.399072][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2561.404389][   T31]  ? __pfx__printk+0x10/0x10
[ 2561.409065][   T31]  panic+0x2db/0x790
[ 2561.413010][   T31]  ? __pfx_panic+0x10/0x10
[ 2561.418257][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[ 2561.424188][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 2561.430021][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[ 2561.437449][   T31]  watchdog+0x102d/0x1030
[ 2561.442277][   T31]  ? watchdog+0x1de/0x1030
[ 2561.447054][   T31]  kthread+0x70e/0x8a0
[ 2561.451289][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2561.456038][   T31]  ? __pfx_kthread+0x10/0x10
[ 2561.460772][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2561.466633][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2561.472423][   T31]  ? __pfx_kthread+0x10/0x10
[ 2561.477172][   T31]  ret_from_fork+0x3fc/0x770
[ 2561.481831][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 2561.487451][   T31]  ? __switch_to_asm+0x39/0x70
[ 2561.492325][   T31]  ? __switch_to_asm+0x33/0x70
[ 2561.497250][   T31]  ? __pfx_kthread+0x10/0x10
[ 2561.502150][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2561.507637][   T31]  </TASK>
[ 2561.511197][   T31] Kernel Offset: disabled
[ 2561.515649][   T31] Rebooting in 86400 seconds..