last executing test programs:

23m52.582341023s ago: executing program 4 (id=1525):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0xf, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x4, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
listen(0xffffffffffffffff, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0xe5}]}, 0x8)
sendto$inet(0xffffffffffffffff, &(0x7f00000012c0), 0x0, 0x11, 0x0, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x5885, 0x80, 0x10000000}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_DEV_CREATE(r5, 0x5501)
write$uinput_user_dev(r5, &(0x7f0000000500)={'syz1\x00', {0x7, 0x1, 0x4, 0x15}, 0x31, [0x0, 0x1, 0x7, 0x2, 0x9, 0x5, 0x0, 0x858, 0x5, 0x2, 0xcdb9, 0xc8c, 0x4, 0x9, 0x3, 0x5, 0x6, 0x3b8, 0xfffffff8, 0x7, 0x8000, 0x82, 0x10001, 0x1, 0xe, 0x8, 0x8, 0x1, 0x0, 0x4b0e880e, 0x80000000, 0xb, 0xbd92, 0x81, 0x7, 0x2, 0x6, 0x3e18b6be, 0x2, 0x7, 0x5b98, 0x1ff, 0x4, 0x6, 0x1, 0x1, 0x7ff, 0xffffff01, 0x8001, 0x8000, 0x2, 0xf8000000, 0x654, 0x729e4a8b, 0x1, 0x8, 0xffffffff, 0x6, 0x8, 0x3, 0xfffffffe, 0xffff43d0, 0x5, 0x400], [0x4, 0x4, 0x70, 0x3, 0x1, 0x6, 0x1, 0x5, 0x454, 0x80, 0x1, 0x6, 0x10000, 0x7, 0x9, 0x9, 0xffffff7f, 0x9, 0x6, 0x3, 0x5, 0x8, 0x2, 0x80000001, 0x1ff, 0x411, 0x201, 0x3, 0x9, 0x8001, 0x8, 0x100, 0x3, 0x3099, 0x374, 0x0, 0x40, 0x7ff, 0x3, 0x8, 0x9, 0xfa, 0x5, 0xce81, 0xd, 0x9, 0x1, 0x0, 0x7f, 0x10, 0x4f3b7fa9, 0x6, 0x4a8, 0x6, 0x0, 0x2, 0xeb, 0x0, 0x9, 0x7fff, 0xf, 0x1001, 0x401, 0x1], [0x81, 0x6, 0xd, 0x9, 0x1, 0x9, 0xfffff23f, 0x2, 0x401, 0x8, 0x2, 0xa9, 0x622, 0xb, 0x8, 0x3ff, 0xfffffffa, 0x7, 0x8, 0xffff8000, 0x200, 0x1, 0x0, 0x4, 0x3, 0x200, 0x1a40, 0xac22, 0x4, 0xe, 0xffffffff, 0x9, 0x4, 0x81, 0x6, 0xff, 0x4, 0x3, 0x3, 0x6, 0x5, 0x5b04a85a, 0x1, 0x5, 0x9, 0xfffffff7, 0x6, 0x1, 0xfffffffb, 0xffff, 0x8, 0x2, 0x2, 0x800, 0x0, 0x8, 0x3, 0x80000001, 0x7, 0xfffff939, 0x2, 0x2, 0xb3, 0x9], [0x1, 0x2, 0x7fff, 0x3f1, 0x7, 0x8ba8, 0x40, 0x0, 0xfffffffd, 0xf4, 0x4, 0xdee, 0x5, 0x1, 0x1c, 0xa9bf, 0xffff8000, 0x0, 0x8, 0x40, 0xe, 0xfffffffd, 0x8, 0x3290, 0x5, 0x1, 0x0, 0x6, 0x4, 0x2, 0x4, 0xf, 0x4, 0x4dc, 0x6, 0xfffffff8, 0x200, 0x72, 0x4, 0xfffffffc, 0x3, 0xb, 0x37f, 0x4, 0x9, 0x3, 0x20, 0xfa91, 0x7, 0x401, 0x5, 0x81, 0x20000000, 0x603, 0x0, 0x2, 0x2, 0xd, 0xa, 0x7, 0x5, 0x627b6092, 0x6, 0x6]}, 0x45c)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f00000001c0)={0x3, &(0x7f0000000040)=[{0x50, 0x0, 0x0, 0x806a}, {0x20, 0x0, 0x2, 0xfffff034}, {0x6, 0xfc, 0x0, 0x4}]}, 0x10)
write$binfmt_aout(r6, &(0x7f0000000000)=ANY=[], 0xfdef)
r8 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r8, 0x4008af00, &(0x7f0000000940)=0x200000000)
write$vhost_msg_v2(r8, &(0x7f0000002080)={0x2, 0x0, {&(0x7f0000001f80)=""/152, 0x98, 0x0, 0x3, 0x2}}, 0x48)

23m50.614763321s ago: executing program 4 (id=1531):
syz_open_dev$evdev(0x0, 0x2, 0x862b01)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffe, 0x1a6c42)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, 0x0)

23m50.547957758s ago: executing program 4 (id=1532):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0xfcbe}], 0x2, &(0x7f0000000040)=[@ip_tos_u8={{0x11, 0x0, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}], 0x38}, 0x40010)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, 0x0, 0x4000080)

23m49.533230526s ago: executing program 4 (id=1533):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000ff0000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c000280050003001b000000080002400000001108000440000000040900010073797a30000000000900020073797a32"], 0x80}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_xfrm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="540100001a001307000000000000001cac141400"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff0000000000000000000000000000000032000000ac141417000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c"], 0x154}}, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x1)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x2000, 0x0)
r5 = epoll_create(0x6)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000040))
close(0x3)
quotactl_fd$Q_QUOTAON(r3, 0xffffffff80000200, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_emit_ethernet(0x76, &(0x7f0000001b40)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x40, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}, @loopback={0x0, 0xffffac1414aa}, [@dstopts={0x73, 0x0, '\x00', [@generic={0x7}]}]}}}}}}}, 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
getdents(r3, &(0x7f0000000080)=""/95, 0x5f)
chdir(&(0x7f0000000340)='./file0\x00')
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r3, &(0x7f0000000940)={&(0x7f0000000180), 0xc, &(0x7f0000000400)={&(0x7f0000000500)={0x218, r6, 0x4, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x7, 0x64}}}}, [@NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x7}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x4}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x108, 0x3, 0x0, 0x1, [{0x104, 0x0, 0x0, 0x1, @NL80211_PKTPAT_MASK={0xfe, 0x1, "563d82d195dd581475ca6516d853b2ed6e5ce10efb8798ebc09b0cdc0e414b1439418eec022f14543a223c76182c0a868113d65be2abe225277ff82fd92c429200f8d74cb3a696f8326194c20e014cf312258e4cedce45185f6d9fe5bd30630da27288ac0825a01281840b01b10d87be76d6837b1fefc2846a8a5de42139ef62d5c405764ccd96ff2be58ccb34f81821fc1ed4e385e5c1f097150d8da493aecb03abac11b859000e7db4dcf8e0cc242415dc381fcf8639c4feee2d8065765de5de7868be783fbdbd5ae0a8d3772ed2295539669699390e893a86073ba5b9db35e309273b4ecdbaa7061096a2a7d670a630849b6132d13804589a"}}]}, @NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x1}, @NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x7fffffff}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0xbc, 0x3, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, @NL80211_PKTPAT_MASK={0x1d, 0x1, "f958853977d84a40e4244ece1cf72da91c48e84dd966d27004"}}, {0x88, 0x0, 0x0, 0x1, @NL80211_PKTPAT_MASK={0x84, 0x1, "92e8b718d39350c9bed6e98fe61b8ee9f6c2d6aacd55d864e9e6198bd02f7cbde7c69dbee104b6ca6ac0720c8f89d78415dcfdcf872f8fead1ec218ea48b3a80592524d91197583e5bf6c78aeaf332f2acc38cdcb35ac52c3f2ccb927cf4331f32cce07edbeb9c12c8cd3ac5492b29058ec6bda71ea97045a381008f95bf9370"}}, {0xc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x7}}]}, @NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x7}]}, 0x218}, 0x1, 0x0, 0x0, 0x4010}, 0x20000800)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x0, 0x0)
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xffffffffffffffff, r0, 0x0, 0x0)

23m49.052105233s ago: executing program 4 (id=1536):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpgid(0xffffffffffffffff)
ioctl$BINDER_GET_FROZEN_INFO(0xffffffffffffffff, 0xc00c620f, &(0x7f00000000c0)={r0})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x5, &(0x7f00000027c0)=ANY=[@ANYRESOCT=r1], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_exit\x00', r2}, 0x10)
getrusage(0x1, &(0x7f0000000300))
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x109000, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
ioctl$FBIO_WAITFORVSYNC(r3, 0x40044620, 0x0)

23m47.65051402s ago: executing program 4 (id=1541):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x300)
keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0xfffffffffffffff9)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
socket$tipc(0x1e, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0x51cfa, 0x0, 0x8000008, 0x3, 0xfffffffe, 0x1, 0x0, 0x7cce8c743ee810df}) (fail_nth: 1)

23m46.039764702s ago: executing program 32 (id=1541):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x300)
keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0xfffffffffffffff9)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
socket$tipc(0x1e, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0x51cfa, 0x0, 0x8000008, 0x3, 0xfffffffe, 0x1, 0x0, 0x7cce8c743ee810df}) (fail_nth: 1)

23.235848438s ago: executing program 5 (id=4716):
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000000)=0x639)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000340)=""/98, 0x62}], 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
pread64(r2, &(0x7f0000000180)=""/81, 0x51, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket(0x29, 0xa, 0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)={0x18, 0x41, 0x107, 0x0, 0x7, {0x2, 0x7c}, [@nested={0x4, 0x31}]}, 0x18}}, 0x4010)
prlimit64(0x0, 0x4, &(0x7f0000000140)={0x3, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))

14.59611501s ago: executing program 5 (id=4734):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
connect$packet(0xffffffffffffffff, 0x0, 0x0)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x229ffa1c4ce5369, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$vim2m(0x0, 0x8, 0x2)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r3, 0x8983, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f0000000440)={r2, 0x2000, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe78b39843d601010000000000080d0ec0c1b4e9b1c4369d03741250ceaac50104000041dd17c18e8438ef2a565ef1e833236500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a0193b3e8772fd29f35239d200", "24431a1e77a68e174f000000000000000010e200"}})
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="3cfb6d1600", @ANYBLOB="7facbe4573e3dbf0a2c2b6d92610225724beb00a83705a2f19ebb38735221240ff4c7022e2aead7211adb864e0a72b113c86e9b0c4fee8b36ffe2de82a862dded781429938a3966bc8c3e44b9cc98f6f09cc5c81a363f9854a237c75b29ded7c01d5dea29449009fd2d07e3dc993f258d825ec62c62c840d47ca3a545794b439382d6d62d40a6535c60a122057b25e4897e8bc779cf0d5d60948bd0ee6dca8b3837f0ca03cfc245309bdaa498d444ef7a6183b19b6121e4df8d4da964d39a85cb2c7176669462d28a78506", @ANYBLOB="00000000000000001c001a80180004801400068008", @ANYRES8=r1, @ANYRESOCT], 0x3c}}, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "c4915c7f49541ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a5fd03"}, 0x38)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="30000000030805000000000000000000000000000c0004800800014000000000060002400000000005000300ff"], 0x30}}, 0x0)
recvmmsg(r0, &(0x7f0000003600), 0x58, 0x10020, 0x0)

12.440628011s ago: executing program 0 (id=4738):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r0, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000e00)={@in6={{0xa, 0x40, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}}, 0x0, 0x0, 0x44, 0x0, "e541bd3d3aa6a2bf75e9671e8abcb31c134f3a9db8f52e7300fe6e079f35ac63186c7244fc3b3801e79f15ced9fd7e55d0345bce05c13ed90158fbdeb70322ea3188f81890e3db00"}, 0xd8)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000300)={0x1, &(0x7f0000000000)=[{0x6, 0x40, 0x0, 0x7ffffffe}]})
r3 = dup(r2)
ioctl$VHOST_SET_FEATURES(r3, 0x40082103, 0x0)
syz_emit_ethernet(0x4a, 0x0, 0x0)
signalfd(r1, &(0x7f0000000140)={[0x9]}, 0x8)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r4, 0x800448d4, &(0x7f0000000040)={0x43, 0xd, "0100", 0xc, 0x3})
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r6, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r7, &(0x7f0000000840)=[{0x0}], 0x1)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
sync()

10.895485384s ago: executing program 3 (id=4741):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000180)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x98, 0x0, &(0x7f00000005c0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}, @reply_sg={0x40486312, {0x2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
r5 = mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000002c0)={0x60, 0x0, &(0x7f0000000240)=[@increfs_done={0x40106308, 0x1}, @free_buffer={0x40086303, r5}, @acquire_done={0x40106309, 0x3}, @register_looper, @increfs={0x40046304, 0x3}, @enter_looper, @increfs, @exit_looper, @clear_death={0x400c630f, 0x3}], 0x0, 0x0, 0x0})

10.848365535s ago: executing program 0 (id=4742):
socket$kcm(0x10, 0x400000002, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_SECURITY_KEYRING(r4, 0x110, 0x2, &(0x7f0000000540)='string\x00\xa2\xb5\xbf4\x04`P\xfb\b}\xd6\xe1\"\xf9\xae\xa4N\x10\x13!\x04\x00\x97\xb6\x94\xc2\x0f8\x997Vg\xa2\xeb\xb4RU|\x99t\xe0N\x1c\xf4-\t\x80?\x10\xf7J\',\xd1Bxq\x16R\xe4\x88\x02\xfd\x81q<5n^.izR*\xcfL\xb7Q\xb8\xf2e\xbb\xd3r>\x86\x14\x963\xc0N\x18\x1cm%\x01w\xba*\xd1\xfa\xf8\xa3\xfabP\xaf\x9a\x0e\x9fjZ\xcaX\xdaV\x88<A\r\xe6\xe5\xb8u\x10Q\x13\xef\xfe>`\xac\xe4\x86(\xfd\x0f\x96\xffd9;\xb5\xdd?\xbcc#\x17\xea\\\xc1\x12\xa2\xdcb\fB\xddk\xb3\x14=T\xcb\xe0\v\xeb\x18!_\xa6\x06\xb5*_^ns\xd7\xfe\xc1t\'\x1bJ4V\rV\xf0\xabP]\x18\x8c\xe3\xb0@\xe0A:', 0xca)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socket$unix(0x1, 0x5, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000540))
lseek(r6, 0xa, 0x4)
r7 = userfaultfd(0x801)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0))
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newtfilter={0x44, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xfff0, 0xe}, {}, {0x7}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x172ed}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x0)

10.842873439s ago: executing program 5 (id=4743):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x100)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_i', @ANYRESDEC=0x0])
setxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='system.posix_acl_access\x00', 0x0, 0x0, 0x2)
syz_fuse_handle_req(r0, &(0x7f0000004300)="e05acff62a41134e0f28a6ba227995b05776c837ab3a066a329e33b775d4586b7a0c48f3471ede96c5e03e1f347acdb576b1b8c75ad4fe76f3ceb2331adb9676968ebcc8bc70b50acd984f9067e2499ec9e28061d978efb1ebbb90d82d973c7b4bdadf6dcf1cd1ba8a4b8882779ab3c5a956791fcf5097ee4b0da8d910938b1edf34fbb493d106ad0270110e14f0c94d02e722ba66bc7e3d90197f4fc676d18723513482dbaa39e68b3a4c0d23f9706f67f76202f16de2f3a40b48a2de184a15f89b2935a65017dbd8783a3d9153c275b72470d0fc15920a659c531d6ca85c36012deb6bf650f9d0a598707c1798a3636b7339a0a5b0a3a62073dbc94eaeecccc58722b8d76d0a447fe0ec7c122ee5d028f5dd17813e62da599f209c621c06c98e0440c008b8678dd65ec6ae2b0b659d6883ff1170ff904db86d0748e8dd1e870c6255ddfc90cbb5aba594c593f64f518d69ab7e02425299303d7d37d5ed28afde8fa2daa4627855dba7c4ab12209d5a836ea0c4592cba568dabd5453382eb5f7e6ce5bd0489b876d4d1dabe18f0440190f5898675bff139d7e8c953abb31383b932a67808cc2a2f67cb714b9a2c8e75f68c21fbe56ecb49f39136b7a0b7b6a53a93f33f9987fb7e7437a0852b9194cb75bb84f3b40f4617ae8ce9a8da6ca74d4e7c737bbc5126b0b8bd0c86f4fb861fea02fd7b8649fb1c0523b30f28a24bd7f58495f29cd2e092f5b6ff29f4de5ce56894fbd9fa78df0fb93efe2192e966e14bc9bd4671b0a2c6873d7750773a8aef7f1d35cad742e64664dcd277b2d604f564fdc519911c0749575c7136226cd68f2ec02a1563c727c1eac916cc426da130ac5c5fd6c0169161c2d7f79fb16b9d8025a6c74e14abccaaf30e5e39806a8b1866cc62e8e238c38036cbcb0abf003861103634409202ffac458605f599ae67db8f4cbd45f72ac9bfd126783135f552dd6639937ff0f77e15ebf8a49fe3d6a7da4fd6faf018b62956957c13ae52537c5ffbb4b2c28f3076468b1d11b018b6af74ff706f17c4babd4987bf9afe98a4b9aa357137d9383b8fb6ca370dd2fdc582aa701e85d926bf3087565231d6089911b2cf578786607ec5849d3d58dd423ff4558092c9a22a1153b787f37c9075555e1d06bc99b95b03bb0862da5be4f8d4718b1c6b892c1ad1138cded558e910553a70699e9d6ac935c227bd3326bfe40f389b16517801826d0ba7a1d74528fa273eca268a74e11423f0ea00e2745abbb7342c846566cf067b38a308babc8a45e607f39b66ddd2e772867cee3e14b3e7dd8844c3651330d15db8aa51d94c98ece900f4443bcbbf8849c3fafd4e5d4e1e5ea4306c081438e1694c59bdafa3b6bf80302b48f09a541dd30db6026ac247303db3facce171b64b48a74a1865db29a15db73f6989f7e5d6b6f39431511246b2ac2873dcdbea3fa5636af6813c83a7fe8b3b7936911a6a47f10823188d0ad18dbf3e4c45c296210e5bfc3abc3dc3836fd60a691005857db271290243709c57fc1ca3ad9a7938550b81b473c66e614fdf7ff35b8e19e60f7616ed19af91e4818c5b2c30f5ff903a3da9c7b7debc5d1b9e41f4a12f122a727a627cc5e6a0f8d81161088a93e4d0e592b7e977287833ec9446a6b44aba303e12ecc19c7fda316f6049db6bf1617f6fefeebcded95f75371fbd6db605ed7b77f8f91ea27468a68e068d1aad50a4118bd619aa85d1f5ee0eb9bbdfcad7335628e3ae1340681ce824204a9997f8aad87c8ce0534482cd748148689ec331002203b94af4ecd11d5b75d80838478c26cfee0fa076c5baaa82483b04898ead705bdb37247956ee25db667ea6668a4f3082332070489da02c3b5d25091e3a00f884265185a28757cdeedb3a1e4a0ada801d4a386fbab0c1de6f35fbb6c7d81fd15370909a387eabd3415f146129647a13f20ccfa69e436ce067ed1a9e0dfb877c85f0b8032e64f5379a9f5a92967533f9b45584ce1a04b962306d2d707e0e462d9d2ce94dbf4c52835c2bc005d1c21fd4e64b0f2578a072d8c442c49bb9450a8fcb49a4b2167912ff1f5946585983087deffee403a0c079ba90a0b644584137c58626afc604ab684650aac5ede8632f3e035da41c511bfb25a62d0a283e35fdd67dc0ef135d428297805b5fd0ad62294531f46171f546c61eb6475fd9fc7c8357e65737d39a741417f8a0a7e035f696c1a83d44837e360592db9ae7afd2ae7be9859f062d274b0862746c9ad804eb1c72aecf6ef9cfbbed33f68f38f25eb493d165f3012c04ec02d42421e2232aa4b30910f9d4fb91b9ba2e7b40ea4fdb60f6957e3afed8cab6d076b2f5ac59ea53bd1e9d944cb53deaa2b8ba097664fca77ab97666c6add05e7556b92d8ad11d19887e83a8ae9dc086bbb4d23cabb3615fdc05e35c61fc3e28315659509df1cbaf449ac909f36c69f5366f1bbe9b3bf9899533f06a6161c986607292a202bfcfeb2508aa18dd993d2d239b32e4f06ba1321d607c154965b9d1f52c940777e69430967d456cafabf236a2f8cea019cc87b350a5bc2aed7f1469ae6cadbcd579864d2194e3bc71e2596c690226b15c86aa0c2aede98cec57c4e752edb6fbe58046ca59546511805a71aa187ce4bcd5399c36eb3f76681a63e5a1d948a9cf98703aebda62c0759477f1be96841d60256bb2d7140fe4481d4d5180df9595fae750da2a9178c89fab47766ae30cd3d8ffcb94eb4b4245ef19ee3d95b89094f528c16ed7289703afd5805e923ce48bb5e451a93ceadbef1443e61b6b59fc13e79ed418dc73cf12b302ff40aa09994374eeabec532bc98b820c21d15f2cd10f755132b12c824a8875387c6682e991dfc01280ce1619c23593659de590b080c7f2eac12ec00704ab8b3bc2052ba9ba6f59a2312b9ebf62c6ea1ec5250435c25215f87350903140a4a12d8e3f8e233f0d63002dbbbd12a7ba9282768dc2b2b9aceb9e45e9da4a2d4a8da83e72bf0cf91bc12324b544a1d6145525dd9cf44199d7448d839bc67b1d33d7da10a9abc08f8f08a894edbd42c1baf8482feb06d68f25c4405a624998bd4c28cb9b845712ba307ca9b9ff56131617ceccd2927ecd57796eb103b6b15dfa12b3e8e9aa2ac8af20cde7877501a98d8b04dbd96d606661066dd80ef55d45fbd5c410d4a0d59ad53cfe3779350e71f109118bccb61121bb8eefced8feaa72c95ed737490c7318e7db86d94eda2ce5f9b04f2308dadbd8a2be6991309a56959c6be4312623a04483bd72a64c210bc6ea600d887aeb3781030a0c4a6ee06f38896bb95688ba5c735180ed50f1fce6c321aa0503f714a000b6e10f22d019e0c5bdbf982bc0a3b15ee59e9c573f77073ac64394f3610f68eca10092a7b7544bc1e643c30017133fec103af1111536ec6b37472157ef7a57186d4b64812ee20f51257d2cdaa19b5508fc40824aeb678c368149387f9083d645c9b616fdf08459aa792897293e7dabfab1144ea74d39a2f0d3632d16ce1b1973717eb83d217250646903207ccd9804e584c12bd98be5096c2a43f21161547f6b2fcf244f12a3c6863a90b45901379a1df5948dba63c34aedb7b877c675dec404acdc0348482502c3e9a886d0829a17c06457a2bb3b6c843285b1aecb4c917d9d586b5b47be2895dad99e620cc824f4d0c577f8b737c20c39c40b77db27e8e72d83c6d220011e7e304c97e281697afe31e077f490f0e632a3fb5125351051543125d7895e86007e0be5527f57f98db8235bfaa3c4d25514ae88d06289261b49013f25326461a5672c0fd975af977d9e9725d14c923decf5b60cb800a267644e0fb5e8dfc734c5b1ba810ff276f24f8fd0608bda3ab335252fbfce4e75c533bf44d2f6a2d14314b5bf24ab3d3dc0794a120379264d2bdfb4111e614b4f68d36f930b4802863bd47dc7b8520f8e95b9673a9bac79dd4e68b7dd9e095d87eb8004f19763459171142145ff6ba160709fa7732579c48bbd4ace904fed83603de20179c6d230b1b098b2800749c1836b222b52da56a2d47dcd9a87e4ea2a2fc3da46b05fb446d1b6e134d5979c43c1e79b00ce0909a020fa2e0377e19bbbeb5c4453a0f04a09242a477bcf0fdf824b58b196d7ee987ed68092c6696cf2dbf942310ed22d674512a4428e9e194127eb44828f9a812c762460486889d715dc6dc4377e557834f31cab1db1b276a5e3c14618c233ae523f1e3f3c0078fe150354855b3c31d0f333928efff70c7383cf65880420cf7ec307b708307fed0745032cb81891b85d67fb55303a30da8f4b3bedeabddc6bd38d92edeec80aff10f0d29f116cfe31f1b1a96962a713300635329c04977ab606e50b93cb1305f5a82c826febf41318f1ddb7e6fd0eaf37936f6950f841c8853bf1acbb96ba04dcc4fa5a23d8eb8e5b22fea5b5784453d51799442c665df83b45ed6fa99401ceec8e0f62b89fab9fadaa0d51e845fcf2ec20676b3d867304b7f893054490af7a0080bdaacfddd54fee4349e03dff156c9f08ceffa31e3701d333251f7cd4b07c52a9901d4fd32bb01261544c7842df78b420b99645e7c2695fcc6dc4e402ddc0ac039bdaf4129a4ae70b37b1c61ebd47e6cb7d6dfde13e7e972c74b706e8a3ad7fddd50cf581d2055ff5b127695d6f5c8fc67df49aaa56afb789a9fa384125f13d928feea35139cd9153b254c6b39f838c0f0367c5efa13c5fbdcbec5c9f88d7d2ff54aaf8d0c4db4cada8b74ea780d32aa0e66942e936061692182be3c5b21fcd99dfbfd22467d4d3ce3d78e88f1481bc2ed388f0dc3f262a079bdcf41d2f21f1de75202fac6b4f8f9f8a7ee0bdb646ce582f6fd358461fc4266f980f33138c41daa3c8a82088eccb8a2944b6dc432f8149414115f209282945e51e5d0a999d518a32fec37e64e8618879f7d65e088514efed5104ead3fab91c017447a645575a50dba5f28a3a6359a9d591ee2c7eadd08b86e733a6a8723880890d3158e527b4d9a676b02ef0faabff71865c487641c6c104c15178106d878c6cd588b2c6f834a4a2ebb9d129ab28eb7dc6a556f3d868e2765034bb146c7be493d19302b31881a11257ed202bd20d53f05d7b5c96954b55cfb933fcf0945a10b460bf7e276ddb6fa313225b7bee647e8e6d5c1ef68dae19d4cca98f00d3a860602b66b09a1392ad01739a5ddb7117dcb0053e9c31602727101225c627225674aa1e49f3c3abeffada9f5ac76b5f10a2de55951de24b1fb144f4c1eae80e27bc36e5da70e01ff37ca465190180644a27eb9a96a15d6fb4eace5e652176a02d4ef8228bd72df5142351a6f1b08981a5c66eeab943983277c1bb192b668ff25cecae19229da67e2d8e3655c409f597b68260c70c47c5843082d94a94e72fc42ed11eed5a0cc5c9eb57de53947d2823cedbd9e417682b7b19ed3be8d27b3a887795b062c88317a0dc04bd6a62cf05fb78b2955af0514a99e3fe0e0f382c9fc2ff820af6451e0915722162c53b060250890c381ebe2edbb63359643ebd780a32770e78c6af810f341f3e07781ee25c92275ab427de063326239514c6623c9a3a2ee2c80da4c77404607cd208e2e9a273cfff2cf9c6cac6ed4cd6641d8890ce82f229cec11b483db0e4fe70161829bebcdc65351e75eef29d4ec70495415927aa6be603dfb8c5c34f4d2a0afe0bd0700540b8ccd9e0421efb4d449225fe38cf4ea8145e7e1ecdcfda0c1b8a6439b3535a7c853065f665cd28c86fcf4b47ce321edc9ba1bed1a6e4160e62819cc8f9d0914ca7c8f54c6392d9b8d8a9e23e6877e240cf50208b5dc085cbf5932d730dde94314d269f8e4730e72c62ebf1100b423e7c02c0c7b3d579fe738a75bf3d29264bc27009673ebc5fd0d777e2b43d4b738addf5e1c1d084270f5ad6441d10e723331ef5d41d1da2597817968e3c33324fd876bb2c4829921fb5c835ed01e78d0fa88d1f4043693a5cbf592f350505d37efd84845feb77ed38a25df0e98678047f320080972ae011d5ecc9b9cb1aa519fc661c3c909ccf1002844a4f3a9ff21dcb3e861cec427cea26eb765e3d30c532f3c67aead616cca4ed0ef627e3edec6a98e0f0866af49b0019ef8c50104b4e21c17b17b36b0bd5d785c0a46dd5e84dc7327d46c73637602f159900ddc1e6bd3f9afddf45ca54cc7958a6fc0a7e9b93c7e91da8afba0a63238f3847860ebe9403ff3b80e067493d34c55e7562b8b0fb06a2f8c1ddc9cd0f785aa9814cd40aa66ded541de15e647303864b27b5cb7631666f4166b6daf929fbff41fd95bf16994a6f9bc8ce579da13442357cd500f10c392ec78b0c161c99742c03b4d745262d86500e2a981586627350cfe1bcf4710b0824070abca21e1a53a36bfbc12ea7fe8336f741784746abef46f52ad131eafd02ac24c1d1636fa30337251a5f169cdb8c57fa214f2a900af0ee866748661f1a67a6c2c6a6e49ce1939139e45a456c7dbbec8a09be48853cd9b1feeefc6729740dde9de04dd1e0f9c774d387a902174274729e6349a7effd237e63c40bdbccb72e44dab5ac1eab96eb75a6ea8f2f7dd362159131072dd8d733fe9c54d1ea4771e85e7cc0b0455dae0a5c8ece44aeff7e2d247e94639c9a74f48e690c02e89d0377fe3afce5d6abc706dd3e23d19809dfa948b010b6d66556ea81ca3690c3322478dfa1e9ef6de5e4d21b6e9867c611fc4e78abc94bd3c9f112739f8d2996834f54d1137f34ff5442c2432746c37031bc7e9201fdeb7d73a24163fe423fdf3e8e22b655ec159664e905675d8bb80d651d4dda22dfed198d02c2b8ff5b0760fd2aea35e519619393cb66b048b59d4e6cf398652a4726925c8a1936ee29cde1bd70fdeeec0aa1e9289711c57ab8ba170c427173fada71e9a1f0fc4cbe23c248f5340db3f9ba4f8c23da230ef4c1013ba0ffaaf5bfc58cc2eb5084f96bcdce7c1ce76c4206189bfbc9d8f1238aed641c39693363762f2cbb1b3433cb01fba42dfbc7b1aa6a46cb9bfcc98a8d8f46cde8a5dc9d74de7fc73aa22420acd949a26c2bd0c8c6f05fcac03a88e622c851454f583623b35f825038ab1aaa3091d05018c2179f473a889219e3414bbbf4eb62333df13ca9eef4dd987358c90d6bdc113aa2972cbff9b7d7e5a76fa182609401567889febe7f2443b338982c3be4328caa199f4b14652ff609b3012fc66cd7a02d8e837bf85f7d2ee7f5061b359104a90e5a74179f6fe7ea44acaf2e8531b05875e041a7f42f6551e89518dd06f04ceaa5140fee9535cc3de18ca42721661d395e23828b07d449e4e09614c8aa753d28215608a56dbb66a929a47fe1beddc6123afad8d4f64cc5602138a289ef1287548d914647d144c3010cb5e3a90753aafebb70703a4f0eb4edbb991f47ed529b219a9fd421782a8a9d73d18e9ac69768791f408ee65af8f78ca3986e878276993c8dc140949f7410c8aee7b57739ffd57e5096ef3c1edc9d242d8ed7d0b5c8f7d4ff37b4ef76a6d4ca8960793508313c751a194ce0dcd0b08e3c3b91f06cb9f158347af1689fa86e9229970ab49bd44bf99da76818f7deb102bffbc575cf53966e247ce3558f77937d822ab74a437c5575dbcbd907199d5b645ee6ee122dc77090960302f8fce044fcb5d19a803b92a95950c262ea117522e6cbe44f5c277d6d7e36890eb7702136dc78abfdc5105f138b9415ee6ed0b4e1f805b3bdb5d0e7aba7d0aaf7c6c100edae89b8496804a7cc9e61d002ba42abb6ada2fdb12f672a15f2f3ef7d23330a5d411195bd2e3caf54d7c29a4ac9e13db64d88c35587059465e59507acd1ed7393f3557b8991116fdbb675f7f4a30acfa0cce3e31b817834a3037a18479aa764a83820f7186460fb96e07adcd529cdf66d0f6dad80260f51d3a9a1ebe213d03b9b71c9c522b4b8bdfe40b06a9da4c722f9a73d43423b456b2464bbb546b0527f71cbe600478169bab6caab15b98d4383552cf0dbf3c4b5208d901873f79901d174410ccd887073c1c9c6091f01c1772123f8354efdd6646d1e5373ef0e7750406b2c9acc1315c9fe1e9b0dba050717ee4f1ed17fc73357150921e5092c8edeb79f25a5b5e142e6813f20871252ebf52752d643a2965058509271b370bf98ef0fe8983a4725d39685647416757b85f87cef3ed7265d67a479d7752dcb3fb78447e6dff107a51365cba79fdf6edba21db2d3b52bf70579a398c36847bb3ec5e8ced0ad82c68c22d422335f73ea5297a95c5263d2403e06b7fb1d30804efd4d535894e0e0fb4747bd77caf3e92fd23d0bc8c73e08374ca42b52fa8c02f1ff3d19d8eaa78ef2ba7b3b1bea75faabf2658cf0a49f59bdd1fc49618fb60260053033184ede8c6a10fbf5f295a8a96553d469b160b17d9dbef52a651afd41fa87a169e5b34c8f3f0299aab066bcfadb07055502432b285f42e369606c4217f10f947fab6bd24889ca0aafad8be5ecbf11462b3a1cfd0c93c80e0a5611d6248a0a4fcc3a2307a7de22d1e301aae233155bd10d11f6b37d89a34c5104049bfe242ceba72e5968ead5ec6ec6b7056c8a1c390f6c6640ec92afbd76fb1072784ad7349ca30b605d6e755f0a21703724394a7681709f7b73aa34f6f44dea15264ef10e86a1079d64f98f6f7bb50bd2e0caca18df8b09a51ca436834ddc235d60fa9500bfb09fbb1dba93c95e1406086f83f6950a0cb9a4cd8ba97333b0de1e658d42469ac93529c596712231f8e0410992d789d326a127bc8c0d901f4dc99b36948c782410052229769f5177b328a6ca68df9e4fc4638cf090d17a4704cf142271418c5a85c7cd292b6fe1ac9e1f2a1858d17e5318d4d75cad3c4e7f2b3d3da458e4581217a07b28ca94043cd0d31d1af5264b8170ef325855a5b5863f01541dd1428cac12793e9080919f6d4b6f9f1255032b44daf64d2ae7b1084384d0d9eb76b7aa18c70b8ce5a174f2a3f73b31f98a9dc329c3f5e1a4ff04c6b85ab3e2eb95f8e265915937b5bad0088c7ab15e2c9cc97707039045758b56f613f58d8100ab0a829c2672e99624494ae81983c23dced6381e718454e714c00d6df6d76f502bc2bc7dd8dd67279418cc4855e33d9250dfd9eff61c98fb06d578d92d1510c1589025dc2bba8208b8d4554d9718bc846666c984ecd7442c60c3437dc9adb4a8bb671cb828ae0a1be34a4db662ef440fce64a6194a296726e7fd6c2b0d2dd52c785d01b26c66b363c6be384471c0e5e60aacb8c1c47751f8c689892ea1ead15f157dc7b567243cc298583e5f37a6bd4ff9d947e2ae56a466f0c27408cdb8b2b7036598aaef45c995b4b1bcb7f110b5c5aa87fdd652e30998796982fcfa0911558395ec8f63e7fc898221d6a9b904951600f1caf077870db43f5e1c59907e4d5c50c9b51e365cf82f4a77c5bccbfaf90b1ce51aef03675e7c45e2bf46f98bfc0d140273dc2ad2e1c25c74ca2edd2efca89aa1432d1c5450125b8a0c19326b0a8c845e657bf69481918a75502de4fff5db8c706fb0e6d0d7263f3b213171f478b71a67257924a8f5ffbf29215783d21d379f50722972cd7c96c4577dfd958155d15214fe704e73effd98092f640b4e376804013028539422407156de850d0cf7797383d0c9c7e7a0c79718003d5748b5393eb3cd8c18f314cd94139f432f4bc82f908533cdaa7c80d0d6d26e1228f8d00a8882b9b07fc6a177d20231e7f42eb40eaa029a1576cd0cd32d7da652d01824077bcf175d7f9540522f38a815aa0e2267588d9ddc6ab5188e45decb68c93091a3607c0d8f158387e0e152bb4a8da4e66fc3c6fde1fb8f4d00f03885b7822a8587abd72c36d10c77e1c7222d24e2bf1992a17c07d586540a0ae2631687cb9197a655fb66690c3b0a0de8808945ba66ffa1e60e0d9623d067fc6f8a233ab53332478d538597fd798f0abfcc97182ff22249f95bce4a07d9f410ae919fd3e0d313a5b12c03f58de66ff5d211e25c791c108ff82ade5be2d59cdb15c6a4759dca915ddf3c07bda00b13018bdb95caea0bf170a15b6cf53a230ef717e1c90233735b9693379e7ef711a367ce42fd7c3ffe25496789342517332a68350a46a3a8da15bfbb63c45f8dc7c5d25db7ab473da177398443857e81bb58d9aa6d97e0bc685e1b40a0704c330e1c0850b9e799207be79508f927fcd5df193b929e0aad5a426990f7c19c50c50427c66a73347fc0937f091c98668f1ece95fa029dcce72977d51a836b6d7e5c93084968ffbca70619eee8700b1a9cc5056b5485ae3d5440b4711b8600fd10fd814cadde2ed11cc6b241464a002fb06ade3ceb7e89fb74462c9abdeb3d88eb9e57eb4f9abbabd23fea5f970417a7fa8a0e78f96b233ec75c6ff89c0068dac52bbafbdc1636f8156a1681acc405b52c65960ad32bac32189c074390c11385dec2b6bad34e95de5e848845adab92a7edf2e60f3c70fda609cb76662a4b98b187b93a739bbe139054b09f5488428b2c8b462e8f5cea5df40290f2dab5ed51cf9e719688ecec4ab1c72b8497efa1746d1bc9b3dff2dabfcb1092f1856f17c2a9a7c37656eb3ec485ffdb0f51149391d6131dd1d8554310c60598e49afad834f5e5255f21c432abb377f54cdf2ea82148d73475214e28346785d797bc4e657d9a2f1f4ce54da741f8caf8262335e284e2f8a04a823de564e553474c39ec1e763700bce1bf030eacaedd345fbe3c3af2120f3fa962ceb2b1427663d791b5936a80b336941c6079f468f92d5c10deab0dfefe9593b76b673a71ad499c5d0fff4a9db2a5f5a0caa0c2c5620abf503deb905d8cb7b6c66865ee69bf31982ef6d9ae8834d361dce14d535a2025db065f5429f3945d5615886163892e1e41fd34c44949cd97592f1a378027de0e81637c11594609c1808da0cdb64de43a871b2b2640f2642d6c1aae34d83b0b0eb73aedf94ce7c1daeddf8cf684672edaf1ce0c7757f163dae3a4350cef5803a60f1e1f3d5eb277a17d38cc32ca8b6fdf536720ce186e7be6507d720810ce8801be2cc5488c7a6f0e398878ebb2ee530d62b61bf67fd4a7fdc811ecb119e4a6e7c6555685850656cf52dbc2a1da93d8550a7941a8a7716fa348f2cbcd6f58489051bf01c0ad0745b8a1e9a10fb748a9ae9f7897dfa81efc7fe240959a3857385f8be3a8102efb0791e1e01e539b370b8ea57d3b7b747bfce3a206612410c0a9aa9130320d80a912434c5a47048c1ab6901e7806c72fef1f4f59322bbf5a79f444a0eec2397a76ae63a22c5bc76a98c4e65212258f963709c07c54dc36ac15d16d7f34c6becd2de54a3ca98babdbe1068275e18585abd3a1fb4e889ea087d918ce2e791098a3e337926a408e9301f2e8f681c50b700cfc240d2a692516e491b7f4774309953b34372fc5425832d4206079872e4387f2343de66525c63c71b1c9625e7649adcc92f279d51d55fc771f7c8b81c02e8a7a6b2bb6f0170d6e5552882434382163f07ea5e4c5971bff35f530e04ca0247f5bdd27929eee90e2078141cfd2d45a1cc2a1bf47012025fa808b9e849978011e482fb7e851e5efcb02796b6a4ce2b72e8e83bba54670b912668723803b", 0x2000, &(0x7f00000003c0)={&(0x7f00000002c0)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x29, 0x25c17c22, 0x40000, 0x2, 0x3, 0x9, 0x0, 0x0, 0x0, 0x0, 0x6838}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

10.46328518s ago: executing program 5 (id=4746):
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='attr\x00')
fstat(r0, &(0x7f0000000140))
r1 = socket$netlink(0x10, 0x3, 0xc)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000000)={'\x00', @link_local})
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x9c, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_PROTOINFO={0x30, 0x4, 0x0, 0x1, @CTA_PROTOINFO_TCP={0x2c, 0x1, 0x0, 0x1, [@CTA_PROTOINFO_TCP_FLAGS_REPLY={0x6, 0x5, {0x66, 0x6}}, @CTA_PROTOINFO_TCP_FLAGS_ORIGINAL={0x6, 0x4, {0xe, 0x3}}, @CTA_PROTOINFO_TCP_STATE={0x5, 0x1, 0xf}, @CTA_PROTOINFO_TCP_WSCALE_ORIGINAL={0x5, 0x2, 0x5}, @CTA_PROTOINFO_TCP_WSCALE_ORIGINAL={0x5, 0x2, 0x5}]}}, @CTA_PROTOINFO={0x48, 0x4, 0x0, 0x1, @CTA_PROTOINFO_TCP={0x44, 0x1, 0x0, 0x1, [@CTA_PROTOINFO_TCP_FLAGS_REPLY={0x6, 0x5, {0xe, 0x3}}, @CTA_PROTOINFO_TCP_FLAGS_REPLY={0x6, 0x5, {0xd0, 0x10}}, @CTA_PROTOINFO_TCP_STATE={0x5, 0x1, 0xa}, @CTA_PROTOINFO_TCP_FLAGS_REPLY={0x6, 0x5, {0x4, 0x7}}, @CTA_PROTOINFO_TCP_WSCALE_REPLY={0x5, 0x3, 0x9}, @CTA_PROTOINFO_TCP_WSCALE_REPLY={0x5, 0x3, 0xba}, @CTA_PROTOINFO_TCP_STATE={0x5, 0x1, 0x7f}, @CTA_PROTOINFO_TCP_WSCALE_ORIGINAL={0x5, 0x2, 0x1}]}}, @CTA_TIMEOUT={0x8}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x1}]}, 0x9c}}, 0x0)
syz_emit_ethernet(0x3ef, &(0x7f0000000100)={@random="c75e21b409a3", @random="f95eb2648602", @void, {@ipv6={0x86dd, @udp={0x5, 0x6, "4a8b3f", 0x0, 0x11, 0x0, @dev={0xfe, 0x80, '\x00', 0x35}, @private2, {[@fragment={0x2b, 0x0, 0x8, 0x0, 0x0, 0x9, 0x68}, @routing={0x8, 0x0, 0x3, 0x2}, @srh={0x28, 0x0, 0x4, 0x0, 0x5, 0x10, 0xf, [@mcast1, @loopback, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, @ipv4={'\x00', '\xff\xff', @empty}, @remote, @mcast2, @remote, @private1={0xfc, 0x1, '\x00', 0x1}]}], {0x4e24, 0x4e20, 0x0, 0x0, @wg=@initiation={0x1, 0x3, "dc2cd52b6e4122618f88bf7d3b3163ad99a5ceb2374ade131a4bfbb53bbd22b3", "4603d95a89b2d338c0c72f7c2483c1478a6d62853bdf69a4bf5d9cf99c238d67b2caea58dd1ad4cd24bbe04d8f498eca", "67f3055636b76fd988c2e14c1b3314245bce4b10996acf22eca65db0", {"11b170dce96c933a845ee52d24f1bfa2", "1044f2fd781cf672e6e6bc7bbd09fcae"}}}}}}}}, 0x0)

10.444902593s ago: executing program 3 (id=4747):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
r2 = getpid()
connect$ax25(r1, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x55779000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
socket$inet6_mptcp(0xa, 0x1, 0x106)
madvise(&(0x7f0000304000/0x3000)=nil, 0x3000, 0x9)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
socket$inet_mptcp(0x2, 0x1, 0x106)
accept(r5, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, 0x0, 0x0)
sendmmsg$unix(r6, &(0x7f00000023c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000800}}], 0x1, 0x2100)

10.08471387s ago: executing program 5 (id=4748):
capset(&(0x7f0000000000)={0x20080522}, 0x0)
shmat(0x0, &(0x7f0000ff9000/0x1000)=nil, 0x5000)

6.609211415s ago: executing program 3 (id=4749):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r3=>0x0})
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000001c0)="c744240077dd0000c74424027fbe0000c7442406000000000f011c24b8010000000f01c1450f01ca470f01f866baf80cb8e4f61882ef66bafc0c66b8795966ef40250000000066b8de000f00d02e0f005ffa0f01c92e640fc71f", 0x5a}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x10, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$KVM_SET_GUEST_DEBUG(r6, 0x4048ae9b, &(0x7f0000000080)={0x80001, 0x0, [0xc0, 0x7fffffffffffffff, 0xc9, 0x9, 0x6, 0x0, 0x8, 0x8]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="05000007000000000000060000000800010039fd889a683085cc90fa8b41e2e4bde7e647c509", @ANYRES32=r3, @ANYBLOB="0800050008000000"], 0x24}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_INITMSG(r9, 0x84, 0x2, &(0x7f00000003c0), &(0x7f0000000400)=0x8)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_CONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000240)={'filter\x00', 0xb001, 0x4, 0x3a8, 0x0, 0x1d0, 0x0, 0x2c0, 0x2c0, 0x2c0, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d0}}, {{@uncond, 0xc0, 0xe8, 0x0, {0x0, 0x1e03}}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x46e, 0xfffc}}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f8)

6.552545559s ago: executing program 5 (id=4751):
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r2, 0x29, 0x37, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x8)
setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, 0x0, 0x0)
openat$audio(0xffffff9c, 0x0, 0x80, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="01002adf7000fcdbdf25012300"], 0x14}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0xee24, 0xffffffffffffffff, 0x0, 0x3}, 0x0)
r5 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000080)='iocharset', &(0x7f0000000200)='io#harset', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000001100)='iocharset', &(0x7f0000001140)='\xe0^@&&}\'\x00', 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000080), 0x8, 0x2)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000040)={0x0, <r9=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r7, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001880)={0x38, 0x2e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r9}, @nested={0xb, 0x0, 0x0, 0x1, [@generic="976b6408686030"]}, @nested={0x14, 0x1, 0x0, 0x1, [@generic="0d42af6425759db93efa660587014163"]}]}, 0x38}], 0x1}, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./cgroup/cgroup.procs\x00', &(0x7f0000000240), &(0x7f00000002c0)=@v3={0x3000000, [{0x1, 0x7}, {0x2, 0xffffffc0}]}, 0x18, 0x0)
lchown(&(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x0, 0xee01)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(0xffffffffffffffff, 0x3ba0, &(0x7f00000002c0)={0x48})
io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x5d50, 0x0, 0x0, 0x8003c1})
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)

6.551451986s ago: executing program 1 (id=4752):
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
r2 = syz_io_uring_setup(0xa0, &(0x7f00000002c0)={0x0, 0x89b8, 0x8, 0x0, 0x207}, 0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x1, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x12})
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

6.487833767s ago: executing program 0 (id=4753):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r0, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000e00)={@in6={{0xa, 0x40, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}}, 0x0, 0x0, 0x44, 0x0, "e541bd3d3aa6a2bf75e9671e8abcb31c134f3a9db8f52e7300fe6e079f35ac63186c7244fc3b3801e79f15ced9fd7e55d0345bce05c13ed90158fbdeb70322ea3188f81890e3db00"}, 0xd8)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000300)={0x1, &(0x7f0000000000)=[{0x6, 0x40, 0x0, 0x7ffffffe}]})
r3 = dup(r2)
ioctl$VHOST_SET_FEATURES(r3, 0x40082103, 0x0)
syz_emit_ethernet(0x4a, 0x0, 0x0)
signalfd(r1, &(0x7f0000000140)={[0x9]}, 0x8)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r4, 0x800448d4, &(0x7f0000000040)={0x43, 0xd, "0100", 0xc, 0x3})
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r6, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r7, &(0x7f0000000840)=[{0x0}], 0x1)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
sync()

5.227303968s ago: executing program 2 (id=4754):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000000080)='./file1\x00', 0x0, 0x1)
renameat2(r0, &(0x7f0000000180)='./file1\x00', r0, &(0x7f0000000040)='./file0\x00', 0x5)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000008f02"])
unlinkat(r1, &(0x7f00000000c0)='./file1\x00', 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
r6 = accept4(r5, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000200)="ad56b6cc0400aeb995298992ea5400c2", 0x10)
recvfrom$inet(r6, 0x0, 0x10, 0x1, 0x0, 0x0)
open(&(0x7f0000000080)='./file1\x00', 0x141142, 0x0)

5.197520818s ago: executing program 0 (id=4755):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
close(r2)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000001300)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x3, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r4 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r4, &(0x7f0000000200)={&(0x7f0000000340)={0x2, 0x4001, @empty}, 0x10, 0x0}, 0x3000c085)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)

5.153662866s ago: executing program 3 (id=4756):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
fcntl$getown(r1, 0x9)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(r2, 0x0, &(0x7f0000000200)=0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
fanotify_mark(0xffffffffffffffff, 0x105, 0x40009975, r5, 0x0)
r6 = syz_open_dev$video4linux(&(0x7f0000000080), 0x6d6b, 0x480)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r6, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x2})
ioctl$VIDIOC_QUERYMENU(r6, 0xc008561c, &(0x7f0000000000)={0x980900, 0x81, @value=0x327})

4.945722173s ago: executing program 1 (id=4757):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000180)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x98, 0x0, &(0x7f00000005c0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}, @reply_sg={0x40486312, {0x2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
r5 = mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000002c0)={0x60, 0x0, &(0x7f0000000240)=[@increfs_done={0x40106308, 0x1}, @free_buffer={0x40086303, r5}, @acquire_done={0x40106309, 0x3}, @register_looper, @increfs={0x40046304, 0x3}, @enter_looper, @increfs, @exit_looper, @clear_death={0x400c630f, 0x3}], 0x0, 0x0, 0x0})

4.186074361s ago: executing program 0 (id=4758):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8919, &(0x7f0000000000)={{0x2, 0x0, @multicast2}, {0x1, @local}, 0x1d, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x80}}, 'wg2\x00'})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000083ef0840e07d6e67db77000000030902120001000000000904000000ef01"], 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r5)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_ASSOCIATE(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x2c, r6, 0x1, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_VHT_CAPABILITY={0x10, 0x9d, {0x10, {0x2, 0x6, 0x40, 0x101}}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000815}, 0x850)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10)
prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r10 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r9}, 0x8)
close(r10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r11 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000001300)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r11, 0x0, 0x3, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r12 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r12, &(0x7f0000000200)={&(0x7f0000000340)={0x2, 0x4001, @empty}, 0x10, 0x0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

4.151801695s ago: executing program 3 (id=4759):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
r2 = getpid()
connect$ax25(r1, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x55779000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
socket$inet6_mptcp(0xa, 0x1, 0x106)
madvise(&(0x7f0000304000/0x3000)=nil, 0x3000, 0x9)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
socket$inet_mptcp(0x2, 0x1, 0x106)
accept(r5, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x0, 0x0}, 0x10)
sendmmsg$unix(r6, &(0x7f00000023c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000800}}], 0x1, 0x2100)

3.984337752s ago: executing program 1 (id=4760):
socket$packet(0x11, 0xa, 0x300)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
chdir(0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(generic-gcm-aesni)\x00'}, 0x58)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x9, 0xbc49}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
setsockopt$inet_tcp_int(r3, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r3, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
sendto$inet(r3, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0)
splice(r3, 0x0, r2, 0x0, 0xfea8, 0xa)
r4 = socket$kcm(0x10, 0x2, 0x4)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0xf)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file1\x00', 0x81c0, 0x0)
sendmsg$kcm(r4, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x44000)
syz_emit_ethernet(0x6a, &(0x7f0000000640)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x34, 0x3c, 0xff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, {[@hopopts={0x33, 0x3, '\x00', [@calipso={0x7, 0x8}, @calipso={0x7, 0x8}, @ra]}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

3.832018783s ago: executing program 2 (id=4761):
capset(&(0x7f0000000000)={0x20080522}, 0x0)
shmat(0x0, &(0x7f0000ff9000/0x1000)=nil, 0x5000)

3.108802814s ago: executing program 3 (id=4762):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0200000004000000080012b881c0992ddb6d00000100000007000000", @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[], &(0x7f00000006c0)=""/237, 0x44, 0xed, 0x1, 0x0, 0x0, @void, @value}, 0x28)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f0000000840), &(0x7f0000000880)="22cff58056ac", 0xffd7, 0x1)
removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00')

3.050652702s ago: executing program 2 (id=4763):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3b071, 0xffffffffffffffff, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1f00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000e9f30000000000000000000000000000c52b14e1a5f75b65b655f7dbc50109210b9888ae2270c5cfc1413770298d7909e4c4ee784d4bf874481a2126c25298f84eeeed2f73d94e230ce1bfb95c71a41157bf7afb47d9b38a7e90d313ab3edfdd84cd9392a7aa575daa8662c6a11dbc2185e438393f99bc21de6fac850f0b72a3c7f222f904d65a7b3697af9ca6bd"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x1b, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x4, 0x1020, &(0x7f0000002a00)=""/4128, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
ppoll(&(0x7f0000000340)=[{r0}], 0x1, &(0x7f0000000380)={0x0, 0x989680}, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
listen(r1, 0x6) (async)
ioctl$FIBMAP(r1, 0x1, &(0x7f0000000080)=0x7ff) (async)
socket$tipc(0x1e, 0x2, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x3, &(0x7f0000000000)=ANY=[@ANYRESDEC=r0], &(0x7f0000000100)='syzkaller\x00', 0x401, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) (async)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>r2, {0x7, 0x1d}}, './file0\x00'})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4) (async, rerun: 64)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) (async, rerun: 64)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r5, 0x0) (async)
syz_emit_ethernet(0x62, &(0x7f00000005c0)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "eb3700", 0x2c, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0xc2, 0x0, 0x0, 0x87, {[@mptcp=@ack={0x1e, 0xc, 0x48, 0x4, "10b64ca4b680a100"}, @timestamp={0x8, 0xa, 0x5, 0x7d}]}}}}}}}}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000000c0)={{0x2, 0x0, 0x1ff, 0x3, 0x1}})
r6 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xfffffffffffffd79)
writev(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f0000000000)="c65a697dc193404fa0e2f58f60b4a27b59b6ba2ced2a80952f4742cd184015cfff3ea1491931aa", 0x27}], 0x1) (async, rerun: 64)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201100153a42908f00a71729188010203010902240001060000000904020002ffffff000905"], 0x0) (async, rerun: 64)
ioctl$TCSETSW2(r6, 0x402c542c, &(0x7f0000000040)={0x9, 0x6, 0x0, 0x2, 0x3, "888345ffcda3929865788dc16746c60b0f10a5", 0x6, 0xffffdfd7})

2.289380208s ago: executing program 2 (id=4764):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x23, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x100)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r4, &(0x7f00000020c0)="5b095762e4ceba7d280612b7511913c90df9e94f4e38e6e5dd2dac0bd4683a92d758ad90f9e2842073d15a2d5baa4db0b69c47e278e3f50f394189dd7fce63890ce3ed1f24e67a79c1cbc5eae3984e9d3e8759a9229593ad412b129b68928ed908711b6d1213f9355ff80c2579fa58ced926b267a2264063dd3fdea384c58f4ac5bf66c361e8ec046ddf824495c5b6947ebab4e24257d117313fd45b6873262073e64e3da2431276466d75447ae3eb562d00423b8edb3729fa059a5f004010d551edb43813821d27006eb0eefa536590139123f218b3b0e2d994953269636885ffa849a905e62cfe5f64cd04940568809738ed7306e2430d382667d87f54013a5cee43dae2ee75111ed33350d86c757a8362a81375befca2d0f555cfcc58af87c184bf154694ebb8f0b6ef09f13370833a44cedd5b3091768bbbbfa1d0859a114ea6b4d9f25c11d9f3f45db19fa5586d36bb6a8a15f9d55210caaeb983f1d2e6688e107b6de6cca9d9c640afab7620dc440e93f9d5e920e8fe7e74bbf8754a7195110fedcd8269be84a945305ee09de4997a5a2796f5090d2f9ee3bc0b2228c389ecb6468c24d2c5699dc30e2c9ad71ab272e16a4a645516458bb1f2a92b6ff06bf697503a43205473baf112ffe468a9c727ace967ad603d335ac634db4534540ef15611f113ca28c3a3cbc7f6c96945bdf291cf39a5bae0277b51e959dcd26d1117ff63f1bf748c845b7641905f83f6a0e468c75f88fd74d36ca638e5fb055dbd55c14fe30813e2518e390dc65db7372755306779d7fb13fb9403578fe91422cdb8dc8db0cbbc986369ff7780afab5755a039b37364347d73835c96389288b3768e1d4e59cf77fd58228100d397badfdf52dd5eb453ccaad785d21418e509f734f19e8cdb5a0993ba59abcf654625000eddf387d0c291a3000e87c4fec269a9c787997e0d106fcbd9f488c75559c0664be295d8dc20d214f17c392ba0bb73df8bcde0f47e449ab40f51b02bec01fa48171e5e39777aa7fd94525e76d78e2f2e692eea0ed254b2ce1db59e5cfa91d9b30ec2d39868c32afc6797ff333b1ce9dd2c0b3034124b1c004d9dc0cbcd4432006d54528e3e28e96e911eba7681a035d4e4551c7b497cb0fde2845ba18c4b8b19efe147d90394ebed77e7c0a3702fe2b6df71ff354ea5d55a77c899975df86aab5abb2ce370f3d8f4bfcb417ecb82ea0746997a1ca1e9765251a6d33402ad0c0c151fa1930d557248f2aef24e59821f7c649f6824f3a00cbc60c78fc3478969443b03cff9bd6dd1944f79fa7b55005874a7c3b6e6e4e19c84975dbf266a572fa0653111af78e2637f9588ae0cb8283f29f55b5e03bfa9caabdb322be5a2c097b8ed1fc6b5de9e2d9833840da9a036738f5a260b2bbbe0392ba7d982bd567573c9a8c3558103dc62e16c0072a97e2355629fc50960bc3b89949a2aa52bce12379c500e767a986762628cff8f69f73d359ef604a48dd15e7d5c298330ba5be94afcfc913f8329aabae358a9b936e6c19f9a0a45f239eccebcae9143aeb66dda74a0a9714038db0986fcd6c8b2f27330657cc35a1e1da3e4805d4f360cd2de4f798bebaf60daa49e5e4abef7dfb930080bc962d66f859c2138c3d72cbbb8ab11ba47d19406e2fbefb30751631e1fad5cab36fc18907fc4790534fe4ef07b2b0058ae14e0762a4a185f1008f4f4f7b8f30aa62f83806a7ff0e0bca2178981a472071f7bd2ba12578b53a131ad4643caacb8cba98caca210e732e7f2df5373f0c637826c4daedcee4d8439392e9e817fc01f3b504142639273a73cd6f5c8c8033e8aa145359ee6808e4f7b10d35646e642f1c2693002f4bf321c72b33d2a7c6bf1864cbc543d1b07785c12ae87f908498a18b32be69f11d8db79d899f605b4c8bf74ae5cdedd5bfd17cb24469076e9d357b7a0abd9a55384f70ad49997948037a630d2d016e85d468c53127b09ac8d7314245ee0082aaa56559c41ce1a986b04bc21fbabaab0731a870eb0aa98d02ce78ec899b8d1ca5488d0492ad0eafb7c17170806f229fb01739d6ec50040cdbcfe16089e478ffc1713c06bb0b7db29f6a5c5ff20c5d1168ec0f138d36a9465e304c3ef6bbee4f6adb26348b469c0718ecd34f0f4ce7886690fe17c8160ec5ba873483ade45233392be8ad11c97f95509d8ae60846c62f0ba45f5f23cc4840280f043677ffda3385d8f4a3a2bad3bb8f9077dfadfe230e6e093eccb4ff6c0e7cab3df81e073c880f9fc41a404ec3144507ebc53c0778068a3ed3abce5d90ba084d71d221373663e9a9686ab654eecbc45fb0bf308ae22543ebbe65996d329018bbd6d4426d774a4babcc3e97c95acc40877bd1120f0208b54541138f4eb88517e2ca4562b409de39c41d636a0f3594f3d065c2e710af90aa55d0ecd20f383dd6fac7c93cc6011469fe5f4fabefc0c12ac0b77a1f44da769a1b6720a29a7969459feb18f61f73457b2aff8b410ff264d10f4be0ac000c4c6f29d656b9a1887df1eeb786bed0c5ff84be315167ad0506786a9cbf64fbebb4d7eab1d9bd9108bf10dfce2559007edcd6fab26b195534e06a6f3f862e351b7b68fe9e3eb6bd9f47f83a6bf49a36c8ed2f6c8c5d3bd2f4a33d791ea61ee2e21a46e46807add328bb3c3109ef7a402b9e3fa16957693dba1d4a4c361bf6848114cbe29e601bb38a532a387edcd5c39b1171471d8590dd4fda56c7d43b9007b1490ab3219d598048fb50d9290713c079031642fcee9d2ebf03c193ea152b30a1ef9e1b30cfb7c3069432295befdd94bb04c8e9d67e367b787031515dc4f64e3496e8c2c390676c7a89a85c02fd681fc7851c0f652b3d9444002991620ac3a0ba7a77139bea95fa8d053359fbc58c392cb194ec3e6903b841404f735f37e5d1608606be851db16bb9d0d659cb16a3edebbd3613f16cd52b5398196d3fc031a611e7b8d61e4f91c2ab9310a6ae26321c7486568f23298552b4a824cb797b3171bf2f7e2d8444734aa8af3a720cbc8a61161b462f9189c11d687948b7271226406f37429ef09d13b17dd21c4e72be1bc0b816fdc096312aff7f19f3a2181ccb08d1f92aa003c284fcebcc8584cfe242dc8fb0e8cedd71dc2ca48df33c9e650e8bc6f331f9eecb4c2de8b75133760b4c51948b990675e724a68ecae3f2d88c7abfc9bee0875f7feb691b813c1825a0326d887032b5016b69c228cb01243d150c6a188cca6d22f469e6195bf2f3d6d4cedd8ef43e9486f5e9cb9f70e5a92cd2e62bd9c70775d900784bf6283b074c9c0df6e5da7465fe30fd723cd4918dd3da6b7e5475c89d34a4075e94a938047625efa4fb8d02b8616f4f84378ca26c875a364e68e3a02ce5dccb0dc0b686ec52384c076133ddbf7eebf178411109c72171a87625ee0607f94f1ad9dc795906ec7012a51d3621f4fa19f25891d8415bc4a0e3273c21159bff5ceeba3767445fa6a24383e5f165a6fd4fa579a02935943aded524f6d6a540d67b44f4d7d0cefd1c08a53a1a06a4ab5157f8f64b22f3875f6c9fdd76507e277691aaaef9a90352cfbe5005d13b35fe0ce04d3b3362590053c5a7e3b6932364426aeba2bd79943a2b50d5856d3ecfc74bc02318f9eaffdd08f20560bd1d0f7f643ec8e05fc19a3188fa77913092b0ddf40f8be0cc278998dc32da328ddead37f6659d780bd530a48b4bfa230370853db872385b5ece3a9a1f39c69a2f7290ae92f769cc996ad69e22038352fffddfde95f9951c4e0029e6244809bc8d77f262cd3057ab49277ad4edc55f94235c01f774de6a7e61f5e688d71e26348cd61c30348bdc9debb28eff7206bd67bd92b038b584afa3526c32cdcad81402b3642ee9fb608a4e18da9b4250c54feb404cf636caa798bd7e1087f60f424904616c959548650976d8577176356b2d47f46417f00000000000000b1b7f9ac7220efbdb49c081dd38f7c8f718f2969237a49f6200d62e879030b0b6229f39dcac78af38be9287fe0bd04b2e65e8555399ec5613856688d547bb43b472ce03ba3190112a004def789771f83faf390ea062a2b093aea35027c6331d097db997a612bfddeda832226851a751b2116ede07459e6e1717a47cb2f93d7f140361183f5d2a0773b8ef0e458b3489176672223eff9701ddf0a3caa2848feaa54ebf4943b409fbe9369b8c2d0f27a9fa6caeb6c321b19f9e7daf7410142a8e1f1649a855165b6dbfa61570926069d94894f616ef85469113add5fce8db6f22a1bcc3f93b75d94644ff75e5716536c727747621e7664a93519faf3acdab5f29b346172892697909f01051474bb8811d4cf1bdb32ead2364a2d89965fb7d523d5d31f7c7bb891e49d0387c2b235f610fadc23b4463f6a31d4a8a068b8e392ed3d27dd27832c9fa6a7d9a170137cef0bea684311e098b6cc60f36e09b1abc09cb089364e0e256f5d624e6098f02e53fc74724ce9f1d13517fa53968554b523c973ecb03643ec452addd7b566d6d12cad7a0acfdd8a97fffeae567c87aff01b2be11e3a95c54bcce3449c4564132be69c08f309ab97c57349f29a1b8d3d78bcd623409966550e294523e21750930b97f012c4129dd0b55142b4c559fba8cd07083cf6cdd0fd36cfd38f3e0de2da821f2d9f79f82239d6ec1db4dc9dde063e35b1d5ffe929c56744c56c3862b8bd8b95dee19254cd480500c2942b594f0eaae14c3eb07d9d1c5d201425e9e3923b41457fd7fbdf747b2fbc61480aad014d8917ff8f5bd048458c55348b292ff00026690a04a07e90fc0373e1b6ed62ba81af0bc4bda161ef8400887481fcfb8cdc4127500e3fb2a071896f657d6fb04912f3395e5f9e66eab3b85c28a2e37b156511bad5b0d2720670e2b1a762333f42ba528668fda6ea0a80a398129eb3347310260f9f26d5ae249bef77d51d2ed248e0775cb634e48c830cc2c2512376bc411258edd8f73a2d7adbaef40ab79d2ae37f27e2893048d59693a355c87e43b53d545c16997fa318f1bff6a7edb29a7ab80a2381ca828b6d8c5d7976abb11d955faef8b8d5589fea555be1803eac4730a4b9ff3477cf462dda1fadbbdbbcf6826276144875d58e12eb9670c6324f0249b220f1336f9ba43b732bd8c421b040680417a1f68977d6beefbfa9358a4d861cdbcab618043e661208b6939313e2bb01d77509c1df93d87d94da5737d2a10a935b44b264fd232dbc2e59036e0d690431627e0903343b8352ac291eea31d1424c34f9f8fff7fd8df9f6330f88598004a353bfaa5e71d039b8caa33770f9050dbce61ed1c2c0285d23bd4a0b4cd9237ec7c2773474d02881cd7d5541dabca4bafb11f7362160c4a871716720d8d2e26c0400b4abd45c93ff25602d93a1031ffaca642d6f88f8b7ba38de3d8cdaeb89f8fe8de3f0c089bd8b360552d1c26845ccabd2d86acedb16f20640648527a420c497c4af51ef463ce1e3fd8f70f06fa016f12b307e1d846ca35e0f22654456705ce42334401fd2e993c6744918f578fe4d1e6e434d53cb8960008357036ea2c3b03ed9676094fa9693345b0db656273e350b10815755ff9010769af2fb6c5cbc859cce9c8a313cf802a2375d1664b61716067fec9609928f0ccb97397f52765a00334c5a620203977c1df6f9a6f13e46e3be2503ca6e1b1332293dcb2babf2f6019a99274621d0ffdafd9447ba70c948d4c8d9b5b093d36f8e6b8136b16a7da020cf6022b10cd13237aee15319c83b0522aebf523b13ca037d0aa604c5a53fb6536edb8a3d0fafcd66dfd4cdb461f8195c41df043fa6f46e490f43c71422e6de020dbe2ac543c516446ce1ee5890df424ba716eb91da1f8e127777a0e4396fb35654468747179d2884951e06c952f7f1ea15ee46b60aa15e562023eebfc3a79693adcd67fb23ab6b74b55b65d8421be9f454f8d89bd76340c46d5309c892121dc19f8124cacd2b8da3fc0c0ab92dbb5e0537bdbfcffacce03376cd10223815f7801b1e20e32080694dfc8a416e0aa0fc76dcfd037366406aaa84d48a8cbad3fa48ba342ec4aa02f391c6039403fd4dfd8a5cdf4b8c4345febc085798b5c7dace7a3646e2b9e4cf57c13b959f21e33bbfec54c85922a8095f2c2de1f1db72493fa9756d69b0ace403bc48adde75bfaa4d723a8dac4dfd370cf02329df1a8e8576e11fb8137910cf753cc76585a2d1c7a0da1304f44c26076d87b5d402c72a724b464b5cc2c0ee6d1fb472a40a41e858697dbb82b6103fce576063d2aae0b4dcefef78f8de0640c82d955c72f5b1280973410100000000000000b419e18c7c62e080b8034ac7e1134524c1fcc4f93833280fecd0ff424e39cfecb21e714e0f9e1843296cfddea2e35fa6a7bfe6069b366316ef5e6b73aea9e069d1538eaf11cd503b50435e976dfdd39e05918be1b4f91005583c8b84c33b13692bb8ff005fb9d29958f9697cc83c48a0f3666dfc6cdff0d5f923ddeb4c74db22597414f1973d3cf339af2b5b2640857c232788e21ab92cfecf7938d7ccc0162cf913d88967b5abe80c61d3ce1efd120a856ae450e4d7593ebad568a74c7f5ee1bdfd17ef1f72e7703b36b5001e593f1c6908edcb023095fa059e97d68af2ea295b766aaf819eacd85946bfc5bf0c35363530870cd8ce3931ce7c3885fbae123dd924871797070b80ff914b7bfaed7d0a54a372716bbead8797a49524e77025bd9b62e1fd69ec8a7d55741716df76be640ab8e7c44600882d316f220780013a80ca957fa9ad31c910e3565a8e1e1a1e96c5362bd0cbfac2a53328df35fbadc141f10e5a1ef3d1bbaf877d0659b051de0f7636712cbbbebf095718c96349a96fbe6e0389a511635f0cf31906fd6bb6c2d7ad9be31e9293b418f13c22929c90eb0950aeb343b61401e632fe3de3dabf51dd308d17d6d6643f08c757ee17131cb91b611d20ab2ab35190859d8e4d76a44199765c1efa2bdf5e3c3994585e0a7d866dfe5be4601442da0b686f4f44ba8dae33d639ec2a5acf11e6650593bdfdcbfc5860144a15734eaf58e9e2f5495471ead9a25ec659df37e11e84f4dd7283687533de576a9de4b705f9e35964849206259862a5a4c956d26945ff0b8456e536d72136b4989ca135f00026107662cfae9696f2bf46a8b3207330961c8b31c8bb8dd2b0a6c3a833ab7b7aa97df0c14941d1833db60892511ce0a77f87bf54927f3d912de88581cbd301e87554f76b46a850177e550924db74794f6b5f8db5a74c1f932b3b4bf4ece2cf045c4fd490906f2ff09bdc8f683cc61a5923be82011fed297c962f8d7690a9fe980130d4b6545cbdad82ce198c8a1b884bb36288dac252c69b0d8a4eb53767d297eb64ef7e9f90faa994863efe194040a984a1461b04d1baa746afc353e006b71d4839d4b2ba10d681c344642fedeb8d6a2d518a42c9b252a7d6ba4ee5cbc7a81d543af5fccbc284df3ccc226dcd79b20b987b30ef767d2f810fcc55266802abc38cbed144621a6c0c52bec0706bda66bf7d5e957210e2eb6fba79d7deafbea073c1e298861f46c6e17523182f67e133121f3ea2d8316ffe6de51fb3717edc99361c979e9ecb51e3474a15accb8254003358975b786d81281bacfdffb655a5855da5c5edabcfc5e3e5ca570c16efae87032d3b85cf3d52b020fef5fa8339f776a2d629173252fefc9fb2085b49354fb255b0ca941d60c41a2cb10c742af0ea277b65b960f49184297336f1a8e049eb80c3d40ef78b0e8a9a4b5848caf5131b2773a7c18421db56afea355d869ab81f0f7e753651e8ce742c379ee4f08fe23e7c1307bb9f00e60a4cc804f4b47ac42903e1b1ad99ff795130833a202c36afa8851a7ae7c0eb7d25b006bafbf6b0f579e910c9207bce105f73cd219dd352af1b3250a273a7eae3fbbb8ece80d2b61591dd25679e541bef9579a538e0c0fde66ddb176c84c235de570860128ae90a44e8219841a1ed84d5a3721afce3b24e0173542644cffa2b2603171bdbf3a5b2d7c9d51b7a31f7b6675d98938c8e003fc26a2931811dfcce100fd5eed707884c9f1a9ff629967eaab2908f2988378a271c373828a9a836dbc6b1db9881bb30509f693a92daf26f0741b01855af81e594c318f0dd13a89e87fb3d7b3527e7b007bb2e744a322ac3a40e05d24619c3d41643b6b811af49eda5448c21af06b8707baa6b8a2f7690966152ada65a5253aaece296c1ef46a12b399074fbc40a791f4677f05109bbc103c5bd37ccf7b67e4fd6b6ad97314a9dd236dee6e1371186ccc03d4d8560a22cb6709c35a391481d659d7ebeae325f5c9a20de7374b6715b4d8e77997873929d7339b20ed8172d68b0510defabae5712e5509e41afc5d8bc531e296832d285d9410a0d1173d194b3d15571773c97fd12b817fc2d3e0eb6a4bd6720f57d487023f52e3e0f7dbb0e8a7807283951bc8dc7344afb95d8d93f34020d7b1d6b90bf0520a35cefcc8895807286f624c7df58c89d3fcc2495e3acbb98d4424b1c1d199878dcd9ac5e7a2b216aeaff32d04b74495d16a20aa5854e750c0a66f60c69db44674d695eb8d3bb7ae36065d1e6efe9d68527e57c21dc4bfb33f4d8625a95fe3d2d3ac42abf540dd46e32619e63f9cb40e2de1b6c2102553c1907f6c62c0c689c85a1aa0b1e801b0115aeffb9618d1b412d9d7be9fda786fc9729c6819f60dff95c14720ef7afd69e92fd36fcb3f25b5388f15e621593132418a5caf60074ced3e1f6b0120fd162ac0e13395cb8d4462dc32406c9a04252666ae7e74e9da335522da7ac76d377ee77a1a4d4fb0ceacc3259d486466f8f45f795bcf04ad2935d7a4b0aed6eafd4bcf1830480d044af5fba3146a7730aa87b3b33494fcc3f4111507f059c65b82171acfb5a3f6c7c9d3b156788ecaf9b3581b36d0a059e28fae2f3f40fa631342dbdd89c28429e1eb511121f2dff45f73a8eebca82caa064c1e158dec6d8fed2d05e3090f70cc8406d3d9cc429783f60e63bbddb2a61d6e995238ee4f0e3eeb23bc529535dbdafd7db565541ca2dccba24388c7cbf1989e9d71eb2a3804b224350fa30e979c08871e5010a32ec886ed30128f6e509ed87056fb45e1845282b5acb1262fbcf5361284a12a009c0dc914a20572e6c4c61bfbc5a01fd9e605aa95ae85fb704e8a59580fc00d0720c1b212c44d33c05193d4c6f9f87406c0be25e5d9cf7f548a2ab9cf829a543cbea4c9d338790100fac6cb3a3c989a1c53f581b459e5b4d90a4c08b633d54c9687b33da736ec62f141b50bcb4ecc13044a598696ba9c0f9bb9644565ab5c2163df0a47f0b7362c0e51746ad2fdebb31b57c1ccbcd8dbb0071c0a69280bd8a7e97abeb6ee17e8cf704d24229e55905b5799ed5d7b98b08a6a7da5c31225edf80a487fb897301b0d134b953c918b320bda3ab29e69f759f1bece2910079d3aea3da89fd6cff8e4c2e24c1dc1a1d6f222f45f61747c2e0d5962846a85180d0b0963d33b24a2daf082b69f2957f6e90e69841b4cbfa1166226cdd6c06c24dd89c2e9b1a495851e1e5f7e1cb6944f660f65ce5e41b12d003e365393b15f13fcaf21031ca6ef8f270c0109b1298ac11c6fc87397bfd5b6e96339f2449082488e9f74cc5cb08f85d9705c53477f25d2f988f817014f2065261e568d3e8175da7811f1a05cbeb07f9b0a156b6abe016e9b8300e212b5e5453c765e5c466e88a5d8f98ec785df0267349c8ee49c18de6d3910d09843310a390522b8751433ebfc6206f6c3e654e710d3a3f76b1ac79842c0451d4904bb82fb631d94dfa7658727f2ac53feaa2f120202d616a9db782f5c25a2b8c6ab387cf3c5dbfdc2631891d875a0ce758bd35772efd9eb1c18a1d92e7a45f958721216585f2d85b8826a16c5bc4e528626e80851f49f29e2cf7f6ef9a6b8b3faee63c8da84b12ce71a153db2af86b29496e52ef13f9f9c86f05001b61f3290b565af6c8c404d2bbdfee74c1f623660647150d487bc5c4a0ec8509c47e89e795ad207463e1bd4f0aadda0d735a2f69028e8b361e4b259eeb81113587fc2fc28c26e82949a3f0a6e9f86247d8408ffbfbf96dc892dce4d8759130198b54e6305d2cd07835c5cf9659920a4cf024285b7584b70e831256813fa3a200f3ab8851b411d6cfb91bce34fb0cf503d439ee1b8fc434cac3a318f1bf65402487503b5c7bbb076ebeaddb2ed22b444902b24cd9c3375621684dc854c4af685b6f768c1085862e94ef0337a4458b1dbb3ff0c724041c82aa956636c40d15dbf0ba1f7b8188d48b5520fbbe65df81bdf86fc2480f65c8ac523b1cf57a37904ebb704b4c27b01f60b514cfe990220f187943ec138a673e08a52477cc2f3cad746ee251ddbba7ba13101eae9d32a20df248569d1ab882aff778c544c7b530d5171f04d3518b4ee6a99e07212f8bd72697037551ef3ff35794e01cba640041fc910e599e3d163577f6c837280f84fdbf9a54a1744b32f62834c9d5cdcb94cbd184687b89b3a9cb8a76be61e5f8bf5528baffa774cba2577ffddec869bc24eaa6ec0cec8c6afc3cba22891e8b09fdb5254dca8117e927d4d8ac2ee20775ca7793b82a1d94c0555df748fab1ba794fa608ed282190e5f84eebd49fa12943ad56f205a2e843429bb550d5b160c74083be846d4d70e4e5bb6c2bc5ac764e5c29029604b2bac9eed579184f7b8f98dbd1a168196b42cb57347f6e55d8e4126e9a51ac2daa61e74ba71188606e2a175028b8634fe1c9a636061e163b993068a13c5e9904e1e2c128596768eb842111569526d128f249fc3f7ad4bc3999b1001af8faffe9b264697bfa964e4d5ca4218d1fe0307052057c04435e4a853f44fdedb07083c85fd32a5ce0e0179d97ab921cd541a5def8c3aaf2b63857c195098783e340675e41fbd73657c83fa94781b910a61d4ceec44d7b8865f5a983b56503647f8fe63fd81f67484753a550e1f3b19ecf5c82e0a84e45ef36da1506cb0c083cb8f24808e1d4a9e2990a25ba8dbb6f5d3eb94bf5d9dcd65ed15fea1a995578b8ffe8ffa8f59eab41607774998459527c2f5447e0076506a3b10dd03ab7c858ed9f800ac489e1cedbddbaae0245dc1bb7b3256e686c9b280c50c49333f6d461db5d3e945309014528bfdbaa6b5c94efce80be1b9174a42bd08d2113bb26a0168c8d25758c993e9623ef9a35724e689a903c0712792d9e76f3e2399ff371d47151c9cd559f53a3e338acfe715ba3ede12f8fbe62cb1ffceee3de90d78f63db72474caa58c4e2cc1436419de2f6c8b738125b0ad76ad393eb162aae5d1fc501e6ba51a2ae5a47628a92bdddec71bbde7587613e293be04d6a9a3e6f886f25aebf4569a0e1ea5b3102efbbc051d368b005c791e0ad48b0569f4c3918080383f7789447e5a658e26646d39a8c827339255e766e2535ca2a0c87d3153823a27b8ccf1cf4c30c71fd9b265b00a955caeb7241a894a86e32e51ac7c729c98f4ea46e1fc90da62b1150afdec4c1a0994594bd14e59ae2abe2c4eee60194eba156e1aaf118d017c2ce4b3e92004aa6718e4abf7ce72df63fe0ce6496cba35df00d5760d634e1e934bd", 0x2000, &(0x7f0000000680)={&(0x7f0000000340)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x40508800, 0x0, 0x0, 0x2, 0xffffffff}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='system.posix_acl_access\x00', 0x0, 0x0, 0x2)
syz_fuse_handle_req(r4, &(0x7f0000004300)="e05acff62a41134e0f28a6ba227995b05776c837ab3a066a329e33b775d4586b7a0c48f3471ede96c5e03e1f347acdb576b1b8c75ad4fe76f3ceb2331adb9676968ebcc8bc70b50acd984f9067e2499ec9e28061d978efb1ebbb90d82d973c7b4bdadf6dcf1cd1ba8a4b8882779ab3c5a956791fcf5097ee4b0da8d910938b1edf34fbb493d106ad0270110e14f0c94d02e722ba66bc7e3d90197f4fc676d18723513482dbaa39e68b3a4c0d23f9706f67f76202f16de2f3a40b48a2de184a15f89b2935a65017dbd8783a3d9153c275b72470d0fc15920a659c531d6ca85c36012deb6bf650f9d0a598707c1798a3636b7339a0a5b0a3a62073dbc94eaeecccc58722b8d76d0a447fe0ec7c122ee5d028f5dd17813e62da599f209c621c06c98e0440c008b8678dd65ec6ae2b0b659d6883ff1170ff904db86d0748e8dd1e870c6255ddfc90cbb5aba594c593f64f518d69ab7e02425299303d7d37d5ed28afde8fa2daa4627855dba7c4ab12209d5a836ea0c4592cba568dabd5453382eb5f7e6ce5bd0489b876d4d1dabe18f0440190f5898675bff139d7e8c953abb31383b932a67808cc2a2f67cb714b9a2c8e75f68c21fbe56ecb49f39136b7a0b7b6a53a93f33f9987fb7e7437a0852b9194cb75bb84f3b40f4617ae8ce9a8da6ca74d4e7c737bbc5126b0b8bd0c86f4fb861fea02fd7b8649fb1c0523b30f28a24bd7f58495f29cd2e092f5b6ff29f4de5ce56894fbd9fa78df0fb93efe2192e966e14bc9bd4671b0a2c6873d7750773a8aef7f1d35cad742e64664dcd277b2d604f564fdc519911c0749575c7136226cd68f2ec02a1563c727c1eac916cc426da130ac5c5fd6c0169161c2d7f79fb16b9d8025a6c74e14abccaaf30e5e39806a8b1866cc62e8e238c38036cbcb0abf003861103634409202ffac458605f599ae67db8f4cbd45f72ac9bfd126783135f552dd6639937ff0f77e15ebf8a49fe3d6a7da4fd6faf018b62956957c13ae52537c5ffbb4b2c28f3076468b1d11b018b6af74ff706f17c4babd4987bf9afe98a4b9aa357137d9383b8fb6ca370dd2fdc582aa701e85d926bf3087565231d6089911b2cf578786607ec5849d3d58dd423ff4558092c9a22a1153b787f37c9075555e1d06bc99b95b03bb0862da5be4f8d4718b1c6b892c1ad1138cded558e910553a70699e9d6ac935c227bd3326bfe40f389b16517801826d0ba7a1d74528fa273eca268a74e11423f0ea00e2745abbb7342c846566cf067b38a308babc8a45e607f39b66ddd2e772867cee3e14b3e7dd8844c3651330d15db8aa51d94c98ece900f4443bcbbf8849c3fafd4e5d4e1e5ea4306c081438e1694c59bdafa3b6bf80302b48f09a541dd30db6026ac247303db3facce171b64b48a74a1865db29a15db73f6989f7e5d6b6f39431511246b2ac2873dcdbea3fa5636af6813c83a7fe8b3b7936911a6a47f10823188d0ad18dbf3e4c45c296210e5bfc3abc3dc3836fd60a691005857db271290243709c57fc1ca3ad9a7938550b81b473c66e614fdf7ff35b8e19e60f7616ed19af91e4818c5b2c30f5ff903a3da9c7b7debc5d1b9e41f4a12f122a727a627cc5e6a0f8d81161088a93e4d0e592b7e977287833ec9446a6b44aba303e12ecc19c7fda316f6049db6bf1617f6fefeebcded95f75371fbd6db605ed7b77f8f91ea27468a68e068d1aad50a4118bd619aa85d1f5ee0eb9bbdfcad7335628e3ae1340681ce824204a9997f8aad87c8ce0534482cd748148689ec331002203b94af4ecd11d5b75d80838478c26cfee0fa076c5baaa82483b04898ead705bdb37247956ee25db667ea6668a4f3082332070489da02c3b5d25091e3a00f884265185a28757cdeedb3a1e4a0ada801d4a386fbab0c1de6f35fbb6c7d81fd15370909a387eabd3415f146129647a13f20ccfa69e436ce067ed1a9e0dfb877c85f0b8032e64f5379a9f5a92967533f9b45584ce1a04b962306d2d707e0e462d9d2ce94dbf4c52835c2bc005d1c21fd4e64b0f2578a072d8c442c49bb9450a8fcb49a4b2167912ff1f5946585983087deffee403a0c079ba90a0b644584137c58626afc604ab684650aac5ede8632f3e035da41c511bfb25a62d0a283e35fdd67dc0ef135d428297805b5fd0ad62294531f46171f546c61eb6475fd9fc7c8357e65737d39a741417f8a0a7e035f696c1a83d44837e360592db9ae7afd2ae7be9859f062d274b0862746c9ad804eb1c72aecf6ef9cfbbed33f68f38f25eb493d165f3012c04ec02d42421e2232aa4b30910f9d4fb91b9ba2e7b40ea4fdb60f6957e3afed8cab6d076b2f5ac59ea53bd1e9d944cb53deaa2b8ba097664fca77ab97666c6add05e7556b92d8ad11d19887e83a8ae9dc086bbb4d23cabb3615fdc05e35c61fc3e28315659509df1cbaf449ac909f36c69f5366f1bbe9b3bf9899533f06a6161c986607292a202bfcfeb2508aa18dd993d2d239b32e4f06ba1321d607c154965b9d1f52c940777e69430967d456cafabf236a2f8cea019cc87b350a5bc2aed7f1469ae6cadbcd579864d2194e3bc71e2596c690226b15c86aa0c2aede98cec57c4e752edb6fbe58046ca59546511805a71aa187ce4bcd5399c36eb3f76681a63e5a1d948a9cf98703aebda62c0759477f1be96841d60256bb2d7140fe4481d4d5180df9595fae750da2a9178c89fab47766ae30cd3d8ffcb94eb4b4245ef19ee3d95b89094f528c16ed7289703afd5805e923ce48bb5e451a93ceadbef1443e61b6b59fc13e79ed418dc73cf12b302ff40aa09994374eeabec532bc98b820c21d15f2cd10f755132b12c824a8875387c6682e991dfc01280ce1619c23593659de590b080c7f2eac12ec00704ab8b3bc2052ba9ba6f59a2312b9ebf62c6ea1ec5250435c25215f87350903140a4a12d8e3f8e233f0d63002dbbbd12a7ba9282768dc2b2b9aceb9e45e9da4a2d4a8da83e72bf0cf91bc12324b544a1d6145525dd9cf44199d7448d839bc67b1d33d7da10a9abc08f8f08a894edbd42c1baf8482feb06d68f25c4405a624998bd4c28cb9b845712ba307ca9b9ff56131617ceccd2927ecd57796eb103b6b15dfa12b3e8e9aa2ac8af20cde7877501a98d8b04dbd96d606661066dd80ef55d45fbd5c410d4a0d59ad53cfe3779350e71f109118bccb61121bb8eefced8feaa72c95ed737490c7318e7db86d94eda2ce5f9b04f2308dadbd8a2be6991309a56959c6be4312623a04483bd72a64c210bc6ea600d887aeb3781030a0c4a6ee06f38896bb95688ba5c735180ed50f1fce6c321aa0503f714a000b6e10f22d019e0c5bdbf982bc0a3b15ee59e9c573f77073ac64394f3610f68eca10092a7b7544bc1e643c30017133fec103af1111536ec6b37472157ef7a57186d4b64812ee20f51257d2cdaa19b5508fc40824aeb678c368149387f9083d645c9b616fdf08459aa792897293e7dabfab1144ea74d39a2f0d3632d16ce1b1973717eb83d217250646903207ccd9804e584c12bd98be5096c2a43f21161547f6b2fcf244f12a3c6863a90b45901379a1df5948dba63c34aedb7b877c675dec404acdc0348482502c3e9a886d0829a17c06457a2bb3b6c843285b1aecb4c917d9d586b5b47be2895dad99e620cc824f4d0c577f8b737c20c39c40b77db27e8e72d83c6d220011e7e304c97e281697afe31e077f490f0e632a3fb5125351051543125d7895e86007e0be5527f57f98db8235bfaa3c4d25514ae88d06289261b49013f25326461a5672c0fd975af977d9e9725d14c923decf5b60cb800a267644e0fb5e8dfc734c5b1ba810ff276f24f8fd0608bda3ab335252fbfce4e75c533bf44d2f6a2d14314b5bf24ab3d3dc0794a120379264d2bdfb4111e614b4f68d36f930b4802863bd47dc7b8520f8e95b9673a9bac79dd4e68b7dd9e095d87eb8004f19763459171142145ff6ba160709fa7732579c48bbd4ace904fed83603de20179c6d230b1b098b2800749c1836b222b52da56a2d47dcd9a87e4ea2a2fc3da46b05fb446d1b6e134d5979c43c1e79b00ce0909a020fa2e0377e19bbbeb5c4453a0f04a09242a477bcf0fdf824b58b196d7ee987ed68092c6696cf2dbf942310ed22d674512a4428e9e194127eb44828f9a812c762460486889d715dc6dc4377e557834f31cab1db1b276a5e3c14618c233ae523f1e3f3c0078fe150354855b3c31d0f333928efff70c7383cf65880420cf7ec307b708307fed0745032cb81891b85d67fb55303a30da8f4b3bedeabddc6bd38d92edeec80aff10f0d29f116cfe31f1b1a96962a713300635329c04977ab606e50b93cb1305f5a82c826febf41318f1ddb7e6fd0eaf37936f6950f841c8853bf1acbb96ba04dcc4fa5a23d8eb8e5b22fea5b5784453d51799442c665df83b45ed6fa99401ceec8e0f62b89fab9fadaa0d51e845fcf2ec20676b3d867304b7f893054490af7a0080bdaacfddd54fee4349e03dff156c9f08ceffa31e3701d333251f7cd4b07c52a9901d4fd32bb01261544c7842df78b420b99645e7c2695fcc6dc4e402ddc0ac039bdaf4129a4ae70b37b1c61ebd47e6cb7d6dfde13e7e972c74b706e8a3ad7fddd50cf581d2055ff5b127695d6f5c8fc67df49aaa56afb789a9fa384125f13d928feea35139cd9153b254c6b39f838c0f0367c5efa13c5fbdcbec5c9f88d7d2ff54aaf8d0c4db4cada8b74ea780d32aa0e66942e936061692182be3c5b21fcd99dfbfd22467d4d3ce3d78e88f1481bc2ed388f0dc3f262a079bdcf41d2f21f1de75202fac6b4f8f9f8a7ee0bdb646ce582f6fd358461fc4266f980f33138c41daa3c8a82088eccb8a2944b6dc432f8149414115f209282945e51e5d0a999d518a32fec37e64e8618879f7d65e088514efed5104ead3fab91c017447a645575a50dba5f28a3a6359a9d591ee2c7eadd08b86e733a6a8723880890d3158e527b4d9a676b02ef0faabff71865c487641c6c104c15178106d878c6cd588b2c6f834a4a2ebb9d129ab28eb7dc6a556f3d868e2765034bb146c7be493d19302b31881a11257ed202bd20d53f05d7b5c96954b55cfb933fcf0945a10b460bf7e276ddb6fa313225b7bee647e8e6d5c1ef68dae19d4cca98f00d3a860602b66b09a1392ad01739a5ddb7117dcb0053e9c31602727101225c627225674aa1e49f3c3abeffada9f5ac76b5f10a2de55951de24b1fb144f4c1eae80e27bc36e5da70e01ff37ca465190180644a27eb9a96a15d6fb4eace5e652176a02d4ef8228bd72df5142351a6f1b08981a5c66eeab943983277c1bb192b668ff25cecae19229da67e2d8e3655c409f597b68260c70c47c5843082d94a94e72fc42ed11eed5a0cc5c9eb57de53947d2823cedbd9e417682b7b19ed3be8d27b3a887795b062c88317a0dc04bd6a62cf05fb78b2955af0514a99e3fe0e0f382c9fc2ff820af6451e0915722162c53b060250890c381ebe2edbb63359643ebd780a32770e78c6af810f341f3e07781ee25c92275ab427de063326239514c6623c9a3a2ee2c80da4c77404607cd208e2e9a273cfff2cf9c6cac6ed4cd6641d8890ce82f229cec11b483db0e4fe70161829bebcdc65351e75eef29d4ec70495415927aa6be603dfb8c5c34f4d2a0afe0bd0700540b8ccd9e0421efb4d449225fe38cf4ea8145e7e1ecdcfda0c1b8a6439b3535a7c853065f665cd28c86fcf4b47ce321edc9ba1bed1a6e4160e62819cc8f9d0914ca7c8f54c6392d9b8d8a9e23e6877e240cf50208b5dc085cbf5932d730dde94314d269f8e4730e72c62ebf1100b423e7c02c0c7b3d579fe738a75bf3d29264bc27009673ebc5fd0d777e2b43d4b738addf5e1c1d084270f5ad6441d10e723331ef5d41d1da2597817968e3c33324fd876bb2c4829921fb5c835ed01e78d0fa88d1f4043693a5cbf592f350505d37efd84845feb77ed38a25df0e98678047f320080972ae011d5ecc9b9cb1aa519fc661c3c909ccf1002844a4f3a9ff21dcb3e861cec427cea26eb765e3d30c532f3c67aead616cca4ed0ef627e3edec6a98e0f0866af49b0019ef8c50104b4e21c17b17b36b0bd5d785c0a46dd5e84dc7327d46c73637602f159900ddc1e6bd3f9afddf45ca54cc7958a6fc0a7e9b93c7e91da8afba0a63238f3847860ebe9403ff3b80e067493d34c55e7562b8b0fb06a2f8c1ddc9cd0f785aa9814cd40aa66ded541de15e647303864b27b5cb7631666f4166b6daf929fbff41fd95bf16994a6f9bc8ce579da13442357cd500f10c392ec78b0c161c99742c03b4d745262d86500e2a981586627350cfe1bcf4710b0824070abca21e1a53a36bfbc12ea7fe8336f741784746abef46f52ad131eafd02ac24c1d1636fa30337251a5f169cdb8c57fa214f2a900af0ee866748661f1a67a6c2c6a6e49ce1939139e45a456c7dbbec8a09be48853cd9b1feeefc6729740dde9de04dd1e0f9c774d387a902174274729e6349a7effd237e63c40bdbccb72e44dab5ac1eab96eb75a6ea8f2f7dd362159131072dd8d733fe9c54d1ea4771e85e7cc0b0455dae0a5c8ece44aeff7e2d247e94639c9a74f48e690c02e89d0377fe3afce5d6abc706dd3e23d19809dfa948b010b6d66556ea81ca3690c3322478dfa1e9ef6de5e4d21b6e9867c611fc4e78abc94bd3c9f112739f8d2996834f54d1137f34ff5442c2432746c37031bc7e9201fdeb7d73a24163fe423fdf3e8e22b655ec159664e905675d8bb80d651d4dda22dfed198d02c2b8ff5b0760fd2aea35e519619393cb66b048b59d4e6cf398652a4726925c8a1936ee29cde1bd70fdeeec0aa1e9289711c57ab8ba170c427173fada71e9a1f0fc4cbe23c248f5340db3f9ba4f8c23da230ef4c1013ba0ffaaf5bfc58cc2eb5084f96bcdce7c1ce76c4206189bfbc9d8f1238aed641c39693363762f2cbb1b3433cb01fba42dfbc7b1aa6a46cb9bfcc98a8d8f46cde8a5dc9d74de7fc73aa22420acd949a26c2bd0c8c6f05fcac03a88e622c851454f583623b35f825038ab1aaa3091d05018c2179f473a889219e3414bbbf4eb62333df13ca9eef4dd987358c90d6bdc113aa2972cbff9b7d7e5a76fa182609401567889febe7f2443b338982c3be4328caa199f4b14652ff609b3012fc66cd7a02d8e837bf85f7d2ee7f5061b359104a90e5a74179f6fe7ea44acaf2e8531b05875e041a7f42f6551e89518dd06f04ceaa5140fee9535cc3de18ca42721661d395e23828b07d449e4e09614c8aa753d28215608a56dbb66a929a47fe1beddc6123afad8d4f64cc5602138a289ef1287548d914647d144c3010cb5e3a90753aafebb70703a4f0eb4edbb991f47ed529b219a9fd421782a8a9d73d18e9ac69768791f408ee65af8f78ca3986e878276993c8dc140949f7410c8aee7b57739ffd57e5096ef3c1edc9d242d8ed7d0b5c8f7d4ff37b4ef76a6d4ca8960793508313c751a194ce0dcd0b08e3c3b91f06cb9f158347af1689fa86e9229970ab49bd44bf99da76818f7deb102bffbc575cf53966e247ce3558f77937d822ab74a437c5575dbcbd907199d5b645ee6ee122dc77090960302f8fce044fcb5d19a803b92a95950c262ea117522e6cbe44f5c277d6d7e36890eb7702136dc78abfdc5105f138b9415ee6ed0b4e1f805b3bdb5d0e7aba7d0aaf7c6c100edae89b8496804a7cc9e61d002ba42abb6ada2fdb12f672a15f2f3ef7d23330a5d411195bd2e3caf54d7c29a4ac9e13db64d88c35587059465e59507acd1ed7393f3557b8991116fdbb675f7f4a30acfa0cce3e31b817834a3037a18479aa764a83820f7186460fb96e07adcd529cdf66d0f6dad80260f51d3a9a1ebe213d03b9b71c9c522b4b8bdfe40b06a9da4c722f9a73d43423b456b2464bbb546b0527f71cbe600478169bab6caab15b98d4383552cf0dbf3c4b5208d901873f79901d174410ccd887073c1c9c6091f01c1772123f8354efdd6646d1e5373ef0e7750406b2c9acc1315c9fe1e9b0dba050717ee4f1ed17fc73357150921e5092c8edeb79f25a5b5e142e6813f20871252ebf52752d643a2965058509271b370bf98ef0fe8983a4725d39685647416757b85f87cef3ed7265d67a479d7752dcb3fb78447e6dff107a51365cba79fdf6edba21db2d3b52bf70579a398c36847bb3ec5e8ced0ad82c68c22d422335f73ea5297a95c5263d2403e06b7fb1d30804efd4d535894e0e0fb4747bd77caf3e92fd23d0bc8c73e08374ca42b52fa8c02f1ff3d19d8eaa78ef2ba7b3b1bea75faabf2658cf0a49f59bdd1fc49618fb60260053033184ede8c6a10fbf5f295a8a96553d469b160b17d9dbef52a651afd41fa87a169e5b34c8f3f0299aab066bcfadb07055502432b285f42e369606c4217f10f947fab6bd24889ca0aafad8be5ecbf11462b3a1cfd0c93c80e0a5611d6248a0a4fcc3a2307a7de22d1e301aae233155bd10d11f6b37d89a34c5104049bfe242ceba72e5968ead5ec6ec6b7056c8a1c390f6c6640ec92afbd76fb1072784ad7349ca30b605d6e755f0a21703724394a7681709f7b73aa34f6f44dea15264ef10e86a1079d64f98f6f7bb50bd2e0caca18df8b09a51ca436834ddc235d60fa9500bfb09fbb1dba93c95e1406086f83f6950a0cb9a4cd8ba97333b0de1e658d42469ac93529c596712231f8e0410992d789d326a127bc8c0d901f4dc99b36948c782410052229769f5177b328a6ca68df9e4fc4638cf090d17a4704cf142271418c5a85c7cd292b6fe1ac9e1f2a1858d17e5318d4d75cad3c4e7f2b3d3da458e4581217a07b28ca94043cd0d31d1af5264b8170ef325855a5b5863f01541dd1428cac12793e9080919f6d4b6f9f1255032b44daf64d2ae7b1084384d0d9eb76b7aa18c70b8ce5a174f2a3f73b31f98a9dc329c3f5e1a4ff04c6b85ab3e2eb95f8e265915937b5bad0088c7ab15e2c9cc97707039045758b56f613f58d8100ab0a829c2672e99624494ae81983c23dced6381e718454e714c00d6df6d76f502bc2bc7dd8dd67279418cc4855e33d9250dfd9eff61c98fb06d578d92d1510c1589025dc2bba8208b8d4554d9718bc846666c984ecd7442c60c3437dc9adb4a8bb671cb828ae0a1be34a4db662ef440fce64a6194a296726e7fd6c2b0d2dd52c785d01b26c66b363c6be384471c0e5e60aacb8c1c47751f8c689892ea1ead15f157dc7b567243cc298583e5f37a6bd4ff9d947e2ae56a466f0c27408cdb8b2b7036598aaef45c995b4b1bcb7f110b5c5aa87fdd652e30998796982fcfa0911558395ec8f63e7fc898221d6a9b904951600f1caf077870db43f5e1c59907e4d5c50c9b51e365cf82f4a77c5bccbfaf90b1ce51aef03675e7c45e2bf46f98bfc0d140273dc2ad2e1c25c74ca2edd2efca89aa1432d1c5450125b8a0c19326b0a8c845e657bf69481918a75502de4fff5db8c706fb0e6d0d7263f3b213171f478b71a67257924a8f5ffbf29215783d21d379f50722972cd7c96c4577dfd958155d15214fe704e73effd98092f640b4e376804013028539422407156de850d0cf7797383d0c9c7e7a0c79718003d5748b5393eb3cd8c18f314cd94139f432f4bc82f908533cdaa7c80d0d6d26e1228f8d00a8882b9b07fc6a177d20231e7f42eb40eaa029a1576cd0cd32d7da652d01824077bcf175d7f9540522f38a815aa0e2267588d9ddc6ab5188e45decb68c93091a3607c0d8f158387e0e152bb4a8da4e66fc3c6fde1fb8f4d00f03885b7822a8587abd72c36d10c77e1c7222d24e2bf1992a17c07d586540a0ae2631687cb9197a655fb66690c3b0a0de8808945ba66ffa1e60e0d9623d067fc6f8a233ab53332478d538597fd798f0abfcc97182ff22249f95bce4a07d9f410ae919fd3e0d313a5b12c03f58de66ff5d211e25c791c108ff82ade5be2d59cdb15c6a4759dca915ddf3c07bda00b13018bdb95caea0bf170a15b6cf53a230ef717e1c90233735b9693379e7ef711a367ce42fd7c3ffe25496789342517332a68350a46a3a8da15bfbb63c45f8dc7c5d25db7ab473da177398443857e81bb58d9aa6d97e0bc685e1b40a0704c330e1c0850b9e799207be79508f927fcd5df193b929e0aad5a426990f7c19c50c50427c66a73347fc0937f091c98668f1ece95fa029dcce72977d51a836b6d7e5c93084968ffbca70619eee8700b1a9cc5056b5485ae3d5440b4711b8600fd10fd814cadde2ed11cc6b241464a002fb06ade3ceb7e89fb74462c9abdeb3d88eb9e57eb4f9abbabd23fea5f970417a7fa8a0e78f96b233ec75c6ff89c0068dac52bbafbdc1636f8156a1681acc405b52c65960ad32bac32189c074390c11385dec2b6bad34e95de5e848845adab92a7edf2e60f3c70fda609cb76662a4b98b187b93a739bbe139054b09f5488428b2c8b462e8f5cea5df40290f2dab5ed51cf9e719688ecec4ab1c72b8497efa1746d1bc9b3dff2dabfcb1092f1856f17c2a9a7c37656eb3ec485ffdb0f51149391d6131dd1d8554310c60598e49afad834f5e5255f21c432abb377f54cdf2ea82148d73475214e28346785d797bc4e657d9a2f1f4ce54da741f8caf8262335e284e2f8a04a823de564e553474c39ec1e763700bce1bf030eacaedd345fbe3c3af2120f3fa962ceb2b1427663d791b5936a80b336941c6079f468f92d5c10deab0dfefe9593b76b673a71ad499c5d0fff4a9db2a5f5a0caa0c2c5620abf503deb905d8cb7b6c66865ee69bf31982ef6d9ae8834d361dce14d535a2025db065f5429f3945d5615886163892e1e41fd34c44949cd97592f1a378027de0e81637c11594609c1808da0cdb64de43a871b2b2640f2642d6c1aae34d83b0b0eb73aedf94ce7c1daeddf8cf684672edaf1ce0c7757f163dae3a4350cef5803a60f1e1f3d5eb277a17d38cc32ca8b6fdf536720ce186e7be6507d720810ce8801be2cc5488c7a6f0e398878ebb2ee530d62b61bf67fd4a7fdc811ecb119e4a6e7c6555685850656cf52dbc2a1da93d8550a7941a8a7716fa348f2cbcd6f58489051bf01c0ad0745b8a1e9a10fb748a9ae9f7897dfa81efc7fe240959a3857385f8be3a8102efb0791e1e01e539b370b8ea57d3b7b747bfce3a206612410c0a9aa9130320d80a912434c5a47048c1ab6901e7806c72fef1f4f59322bbf5a79f444a0eec2397a76ae63a22c5bc76a98c4e65212258f963709c07c54dc36ac15d16d7f34c6becd2de54a3ca98babdbe1068275e18585abd3a1fb4e889ea087d918ce2e791098a3e337926a408e9301f2e8f681c50b700cfc240d2a692516e491b7f4774309953b34372fc5425832d4206079872e4387f2343de66525c63c71b1c9625e7649adcc92f279d51d55fc771f7c8b81c02e8a7a6b2bb6f0170d6e5552882434382163f07ea5e4c5971bff35f530e04ca0247f5bdd27929eee90e2078141cfd2d45a1cc2a1bf47012025fa808b9e849978011e482fb7e851e5efcb02796b6a4ce2b72e8e83bba54670b912668723803b", 0x2000, &(0x7f00000003c0)={&(0x7f00000002c0)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x29, 0x25c17c22, 0x40000, 0x2, 0x3, 0x9, 0x0, 0x0, 0x0, 0x0, 0x6838}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
process_vm_writev(r1, &(0x7f0000001a00)=[{&(0x7f0000000500)=""/247, 0xf7}, {0x0}, {&(0x7f00000003c0)=""/63, 0x3f}, {&(0x7f00000006c0)=""/82, 0x52}, {&(0x7f0000000740)=""/204, 0xcc}, {&(0x7f00000009c0)=""/249, 0xf9}], 0x6, &(0x7f0000001dc0)=[{0x0}, {&(0x7f0000001c40)=""/122, 0x7a}, {&(0x7f0000006300)=""/4103, 0x1007}, {&(0x7f0000000900)=""/175, 0xaf}], 0x4, 0x0)

2.246769846s ago: executing program 1 (id=4765):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$sock_ifreq(r0, 0x89f0, &(0x7f00000000c0)={'bond0\x00', @ifru_names='gre0\x00'})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r2, 0x8914, &(0x7f0000000000))
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r3, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x6, @null, @bpq0, 0x3, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
ioctl$sock_rose_SIOCADDRT(r3, 0x890b, &(0x7f00000007c0)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x3, @bcast, @bpq0, 0x5, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x8001, r5, 0x0}])
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBDIACR(r7, 0x4bfa, &(0x7f0000000180)=""/231)
syz_emit_ethernet(0x0, 0x0, 0x0)
accept$ax25(0xffffffffffffffff, &(0x7f0000000080)={{0x3, @default}, [@null, @bcast, @rose, @netrom, @rose, @bcast, @rose, @null]}, &(0x7f0000000100)=0x48)
ioctl$VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000000)={0xf0f03c, 0x5})
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0xc00, 0x0)

1.303966446s ago: executing program 2 (id=4766):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r3=>0x0})
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000001c0)="c744240077dd0000c74424027fbe0000c7442406000000000f011c24b8010000000f01c1450f01ca470f01f866baf80cb8e4f61882ef66bafc0c66b8795966ef40250000000066b8de000f00d02e0f005ffa0f01c92e640fc71f", 0x5a}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x10, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$KVM_SET_GUEST_DEBUG(r6, 0x4048ae9b, &(0x7f0000000080)={0x80001, 0x0, [0xc0, 0x7fffffffffffffff, 0xc9, 0x9, 0x6, 0x0, 0x8, 0x8]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="05000007000000000000060000000800010039fd889a683085cc90fa8b41e2e4bde7e647c509", @ANYRES32=r3, @ANYBLOB="0800050008000000"], 0x24}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_INITMSG(r9, 0x84, 0x2, &(0x7f00000003c0), &(0x7f0000000400)=0x8)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_CONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000240)={'filter\x00', 0xb001, 0x4, 0x3a8, 0x0, 0x1d0, 0x0, 0x2c0, 0x2c0, 0x2c0, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d0}}, {{@uncond, 0xc0, 0xe8, 0x0, {0x0, 0x1e03}}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x46e, 0xfffc}}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f8)

1.241001059s ago: executing program 1 (id=4767):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000001c0)={0x40, r5, 0x1, 0x0, 0x25dfdbff, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x8, 0xbd, [0x9, 0xd4]}, @NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x2}, @NL80211_ATTR_MESH_PEER_AID={0x6, 0xed, 0x60a}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x4020000)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="00f6ff0000000000"], 0x8)
r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r6, 0x4010640d, &(0x7f0000000000)={0x2, 0x2})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, 0x0}], 0x1, 0xe8, 0x0, 0x0)
getsockopt$MRT(0xffffffffffffffff, 0x0, 0xce, 0x0, 0x0)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="020000000400000008000000ae8b0000807f0000", @ANYRES32=0x0, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES16=0x0, @ANYBLOB="00000000000000000000dc960000000000000ce5fff02651019c00008516b9c7baccdfd93673fd91b77233b6da5bca3f189ed77c93c5033ff7a51de6ddcc564534fa7f14ae0fce7c29d4556576aa6d9b92ccad904f1db25883435b1a9479b90f6cd275159462f57c840ee513fbc3333cee6eef7dc60274a3aceba3794147d464042735b52e54365e9f4854bc276df330d21c7894a19471566fb6e5d22bd6bff018cd1558ff0612afe12a5a23d557feb78273e3fa88a4e68105ad41e023f4b97c568d4be580c0534ae4699c8611c006147e2c757cc00a84c3eb63ccd4f9ce77b3b127c9afe28ef198ab003905ed7af1ced34bf0e7615d0fd8a32cec9f3fef1fe0ebae25ca09530454be179bc029c2f24e0bf9d25061da8068a5319c5ce61c1430b6576f25f3a7cba7c5c39cef2defa32706edb06e90b569d26e9f7f6539e9c41b20cf88f6c1d0c9272d5ea2cec6bae92486da2056fdefd788334dd15fb2654b6edc4ed85eaef1c63cdca32e214165b0b744c36fdea1493ba1ccd5b15dbf7e5bd7be2ab3c60484a4fcf2831de5e36847d8de8f9e161185355ac0aa217ec4e96320bc17a70c67e9440ebc6bb564fe7b0ef2bf6a70779e52e5730c5093a878a340c55a85555d99f95b06ef13b2c54fa18577bdb3e69dec41f9bda248d57b161c1e278c5abb90b617ec0a0bb8dcd00fb95a3636acb3cbffc5ddef54"], 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, r10}, 0x38)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge0\x00'})
socket$inet_tcp(0x2, 0x1, 0x0)

201.382421ms ago: executing program 2 (id=4768):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50032, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000540)=[&(0x7f0000ffc000/0x4000)=nil], 0x0, &(0x7f0000001180), 0x0)
r0 = socket(0x1d, 0x2, 0x6)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, 0x0, 0x0)
r1 = syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000bff000/0x400000)=nil)
syz_kvm_add_vcpu$x86(r1, &(0x7f00000000c0)={0x0, &(0x7f0000000500)=[@uexit={0x0, 0x18, 0x2}, @code={0x1, 0x4e, {"6766450f38819000000080400f20e367f30fc7750466b886000f00d8420fc72a663e460f0118c48185f12500a0000036470f0058de36470f01ca0f01d1"}}, @cpuid={0x2, 0x18, {0x8, 0x4}}, @uexit={0x0, 0x18, 0x12}, @uexit={0x0, 0x18, 0x6}, @uexit={0x0, 0x18, 0xd60}, @cpuid={0x2, 0x18, {0x400, 0xf}}, @code={0x1, 0x7b, {"0f013066baf80cb880a8978eef66bafc0cb8fcfa0000efc4227d18f6b9ad0a00000f32430f01c2b805000000b9007000000f01d9c744240084000000c7442402aa480000ff1c24c4617b2c59ed48b805000000000000000f23c00f21f835020000000f23f8c4227d13f0"}}, @cpuid={0x2, 0x18, {0x5}}, @uexit={0x0, 0x18, 0x8000000000000000}, @cpuid={0x2, 0x18, {0x1ff, 0x4}}, @code={0x1, 0x6c, {"c403297e315d0f01ca3e6466440f61ae8603d21465660f3880ba3f5c0000440f789d3e899c6e430f07f0003505000000f30f01abf3f1cda466baf80cb87e29c58bef66bafc0cec66baf80cb85a814a8aef66bafc0c66b8000066ef"}}, @code={0x1, 0x52, {"c1d5000fc77cbbbdc401a57c14bf66450f38829b0700000066400f38802ab9860a0000b807000000ba000000000f30420fc7b09ad400000f01cb66ba4200eddae9"}}, @cpuid={0x2, 0x18, {0x2, 0x3}}, @uexit={0x0, 0x18, 0x9}, @cpuid={0x2, 0x18, {0x401, 0x1}}, @code={0x1, 0x55, {"f30f1efb66b813018ec8660fc734c9430f00d6b946080000b803000000ba000000000f30430b765ef0836e90d9660f38808c624500000065420f01c465672e66470ff421"}}, @uexit={0x0, 0x18, 0x17b}, @code={0x1, 0x40, {"660f3882b803000000440f72f15f0f0645dbe0f2400f01bf06000000470f320f78254e3a74fdf2410f08470f350f35"}}, @cpuid={0x2, 0x18, {0x8, 0x4cec}}, @uexit={0x0, 0x18, 0x10}, @code={0x1, 0x5c, {"26f30fa7c8440f01c4c4219171d60bc4e1ff2d4905660f0665660fc7b3bd000000c7442400577f47ddc74424023ad2d3bec7442406000000000f011424410f79d466440f38282484430f77"}}, @code={0x1, 0x56, {"e1cd2e4d0fc71f66baf80cb8439e008eef66bafc0cb0d7ee460f32660f381cba00900000b965080000b873000000ba000000000f300f07440f4b4d2e65460f35c46225053e"}}, @uexit={0x0, 0x18, 0x480000000}, @cpuid={0x2, 0x18, {0x9, 0x2}}, @uexit={0x0, 0x18, 0x6}, @cpuid={0x2, 0x18, {0x3, 0x8}}], 0x496})
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_sctp(0x2, 0x5, 0x84)
r2 = syz_usb_connect(0x3, 0x24, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000bde5a44070275290f515010203010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r2, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r2, 0x0, &(0x7f00000006c0)={0x44, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
r5 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x40, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r6 = getpid()
r7 = syz_pidfd_open(r6, 0x0)
setns(r7, 0x24020000)
syz_clone(0x120e1100, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002200)='/proc/partitions\x00', 0x0, 0x0)
r9 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r9, r8, &(0x7f0000002080)=0xee, 0x100000000000023b)
poll(&(0x7f00000021c0)=[{r9, 0x8000}], 0x1, 0x10)
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x8040ae9f, &(0x7f0000000100)=@arm64)
mq_getsetattr(r5, 0x0, &(0x7f0000000200))
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae0000000000851000000200000085000000d100000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

200.567399ms ago: executing program 0 (id=4769):
syz_init_net_socket$rose(0xb, 0x5, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r0, 0x8914, &(0x7f0000000000)) (fail_nth: 1)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r1, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r2, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @null}, 0x1c)
connect$rose(r2, &(0x7f00000000c0)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x1, [@null, @bcast, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)

0s ago: executing program 1 (id=4770):
sched_setscheduler(0x0, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
creat(&(0x7f00000005c0)='./file0\x00', 0x0)
r0 = socket(0x80000000000000a, 0x2, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00ba00000000000000004a14cef3defb08a9f42ccbf858d0ed000000"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000059fdffff18110000255562cb9e960bdd1a4937d6747ffcab27fa2de25ccfac5dbba84b09dc4582235d8839e6d6c68704fac7deb232a6e83a977dc006c3b936f6112ce59e4229e50ce62f4da16e76bcd51e7c78c2262ea5b63daf117ca6ff8ce3faa7a68cc1eeb98d092d873703c1c98dd1e5fa36579216c00d69b52714a5f2b2bf2dab8e0b0f1f3d99aed3bd4b34b562ebc0dfdec9f73a6056565974cc7be95e71ea98b2209eb005c77d27c4049d9b60623e3fcdcdb231f2b1863ef193517b4956f68c3bab07a5c928f88fca68569a4e9d9e93d4c0c75d7b329030c65c29ada45431ff1d6f342b2b7fa5e2f8705461b91f0cda780000000000000000000000000000bf8d9cb1e0903ac9e0867df00d73bd0257c7f96ba6e66e14a9c4e857a6a0829393c7d8cdc2215869e2f365670c9db7c266328a38a82606520019fe532ce58db3a11d6458ecc3c147f5fa3e69740eee00da40b1874db74e99b2629b389be8b268c5c0a5dc695aa52edae6235d670ac6e1472e5e4aa2c591f7063ed268dba7a960d51e3ea8e4936e07769e3b172d30d99dc914e94e4f55390985c7d1b1cb88e5b6bb4732d6fdf335d3dac43f", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
connect$pppl2tp(r1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'})
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, 0x0, 0x4000010)
socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r8, 0xffffffffffffffff, 0x0)
r9 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r9, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0xfff}}, {{0xa, 0x0, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xfffffffa}}}, 0x108)

kernel console output (not intermixed with test programs):

0000000000
[ 1920.899917][T21879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1920.899930][T21879] R13: 0000000000000000 R14: 00007ff2581b6160 R15: 00007ffc796a03c8
[ 1920.899975][T21879]  </TASK>
[ 1921.102483][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1921.290101][   T30] audit: type=1326 audit(1748731782.901:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21863 comm="syz.1.4363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689b8e969 code=0x7ffc0000
[ 1921.312515][   T30] audit: type=1326 audit(1748731782.901:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21863 comm="syz.1.4363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff689b8e969 code=0x7ffc0000
[ 1921.334697][   T30] audit: type=1326 audit(1748731782.901:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21863 comm="syz.1.4363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689b8e969 code=0x7ffc0000
[ 1921.356261][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1921.367491][   T30] audit: type=1326 audit(1748731782.901:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21863 comm="syz.1.4363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff689b8e969 code=0x7ffc0000
[ 1921.389008][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1921.672996][   T30] audit: type=1326 audit(1748731782.941:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21863 comm="syz.1.4363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689b8e969 code=0x7ffc0000
[ 1921.896587][T21869] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4363'.
[ 1922.812647][T12979] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[ 1922.862554][T21900] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4374'.
[ 1923.670763][ T8494] usb 6-1: new full-speed USB device number 118 using dummy_hcd
[ 1923.790760][T12979] usb 1-1: Using ep0 maxpacket: 16
[ 1923.987509][ T8494] usb 6-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1923.987610][T12979] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1924.030568][T21904] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4375'.
[ 1924.069853][ T8494] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[ 1924.155017][ T8494] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 30768, setting to 64
[ 1924.156054][T12979] usb 1-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[ 1924.175885][T12979] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1924.185847][T12979] usb 1-1: Product: syz
[ 1924.193073][T12979] usb 1-1: Manufacturer: syz
[ 1924.329519][T12979] usb 1-1: SerialNumber: syz
[ 1924.337277][T12979] usb 1-1: config 0 descriptor??
[ 1924.370045][ T8494] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1924.437201][T12979] hub 1-1:0.0: bad descriptor, ignoring hub
[ 1924.459845][T12979] hub 1-1:0.0: probe with driver hub failed with error -5
[ 1924.465268][ T8494] usb 6-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[ 1924.479114][ T8494] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1924.493602][T12979] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input166
[ 1924.656691][ T8494] usb 6-1: Product: syz
[ 1924.661116][ T8494] usb 6-1: Manufacturer: syz
[ 1924.666667][ T8494] usb 6-1: SerialNumber: syz
[ 1924.685370][ T8494] usb 6-1: config 0 descriptor??
[ 1924.696483][ T8494] input: KB Gear Tablet as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input167
[ 1927.818856][T12979] usb 6-1: USB disconnect, device number 118
[ 1927.819007][    C1] kbtab 6-1:0.0: kbtab_irq - usb_submit_urb failed with result -19
[ 1928.170311][T21926] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4380'.
[ 1928.262127][ T8494] usb 1-1: USB disconnect, device number 28
[ 1928.710941][T12979] usb 6-1: new high-speed USB device number 119 using dummy_hcd
[ 1928.996215][T12979] usb 6-1: Using ep0 maxpacket: 32
[ 1929.240020][T12979] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1929.315226][T12979] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1929.409978][T12979] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1929.419068][T12979] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1929.510963][T12979] usb 6-1: config 0 descriptor??
[ 1929.958611][T21946] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4386'.
[ 1930.113184][T12979] savu 0003:1E7D:2D5A.002E: unknown main item tag 0x0
[ 1930.247963][T12979] savu 0003:1E7D:2D5A.002E: unknown main item tag 0x0
[ 1931.278641][T12979] savu 0003:1E7D:2D5A.002E: unknown main item tag 0x0
[ 1931.457018][T12979] savu 0003:1E7D:2D5A.002E: unknown main item tag 0x0
[ 1931.480045][T12979] savu 0003:1E7D:2D5A.002E: unknown main item tag 0x0
[ 1931.486943][T12979] savu 0003:1E7D:2D5A.002E: unbalanced collection at end of report description
[ 1931.530733][T12979] savu 0003:1E7D:2D5A.002E: parse failed
[ 1931.536479][T12979] savu 0003:1E7D:2D5A.002E: probe with driver savu failed with error -22
[ 1931.581447][T12979] usb 6-1: USB disconnect, device number 119
[ 1933.253108][T21968] FAULT_INJECTION: forcing a failure.
[ 1933.253108][T21968] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1933.266601][T21968] CPU: 1 UID: 0 PID: 21968 Comm: syz.5.4390 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1933.266629][T21968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1933.266641][T21968] Call Trace:
[ 1933.266651][T21968]  <TASK>
[ 1933.266660][T21968]  dump_stack_lvl+0x189/0x250
[ 1933.266691][T21968]  ? __pfx____ratelimit+0x10/0x10
[ 1933.266722][T21968]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1933.266749][T21968]  ? __pfx__printk+0x10/0x10
[ 1933.266769][T21968]  ? __might_fault+0xb0/0x130
[ 1933.266809][T21968]  should_fail_ex+0x414/0x560
[ 1933.266835][T21968]  _copy_from_user+0x2d/0xb0
[ 1933.266863][T21968]  ___sys_sendmsg+0x158/0x2a0
[ 1933.266892][T21968]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1933.266915][T21968]  ? do_raw_spin_lock+0x121/0x290
[ 1933.266995][T21968]  ? __fget_files+0x2a/0x420
[ 1933.267014][T21968]  ? __fget_files+0x3a0/0x420
[ 1933.267044][T21968]  __x64_sys_sendmsg+0x19b/0x260
[ 1933.267075][T21968]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1933.267100][T21968]  ? irqentry_exit+0x74/0x90
[ 1933.267138][T21968]  ? do_syscall_64+0xbe/0x3b0
[ 1933.267175][T21968]  do_syscall_64+0xfa/0x3b0
[ 1933.267199][T21968]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1933.267217][T21968]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1933.267236][T21968]  ? clear_bhb_loop+0x60/0xb0
[ 1933.267259][T21968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1933.267278][T21968] RIP: 0033:0x7ff610b8e969
[ 1933.267296][T21968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1933.267312][T21968] RSP: 002b:00007ff611aa2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1933.267332][T21968] RAX: ffffffffffffffda RBX: 00007ff610db6160 RCX: 00007ff610b8e969
[ 1933.267347][T21968] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005
[ 1933.267359][T21968] RBP: 00007ff611aa2090 R08: 0000000000000000 R09: 0000000000000000
[ 1933.267371][T21968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1933.267383][T21968] R13: 0000000000000000 R14: 00007ff610db6160 R15: 00007ffce4967488
[ 1933.267413][T21968]  </TASK>
[ 1933.476660][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1933.700557][ T8497] usb 1-1: new full-speed USB device number 29 using dummy_hcd
[ 1934.151307][ T8497] usb 1-1: not running at top speed; connect to a high speed hub
[ 1934.179584][ T8497] usb 1-1: config 95 has an invalid interface number: 1 but max is 0
[ 1934.205153][ T8497] usb 1-1: config 95 has no interface number 0
[ 1934.435975][T21981] FAULT_INJECTION: forcing a failure.
[ 1934.435975][T21981] name failslab, interval 1, probability 0, space 0, times 0
[ 1934.450238][T21981] CPU: 1 UID: 0 PID: 21981 Comm: syz.2.4396 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1934.450266][T21981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1934.450280][T21981] Call Trace:
[ 1934.450289][T21981]  <TASK>
[ 1934.450298][T21981]  dump_stack_lvl+0x189/0x250
[ 1934.450332][T21981]  ? __pfx____ratelimit+0x10/0x10
[ 1934.450365][T21981]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1934.450394][T21981]  ? __pfx__printk+0x10/0x10
[ 1934.450420][T21981]  ? __pfx___might_resched+0x10/0x10
[ 1934.450443][T21981]  ? fs_reclaim_acquire+0x7d/0x100
[ 1934.450471][T21981]  should_fail_ex+0x414/0x560
[ 1934.450498][T21981]  should_failslab+0xa8/0x100
[ 1934.450542][T21981]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1934.450570][T21981]  ? io_uring_alloc_task_context+0xa0/0x570
[ 1934.450589][T21981]  ? preempt_schedule_irq+0xde/0x150
[ 1934.450622][T21981]  io_uring_alloc_task_context+0xa0/0x570
[ 1934.450642][T21981]  ? __lock_acquire+0xab9/0xd20
[ 1934.450662][T21981]  ? __pfx_io_uring_alloc_task_context+0x10/0x10
[ 1934.450693][T21981]  __io_uring_add_tctx_node+0x33e/0x4e0
[ 1934.450726][T21981]  ? __pfx___io_uring_add_tctx_node+0x10/0x10
[ 1934.450753][T21981]  ? __fget_files+0x2a/0x420
[ 1934.450782][T21981]  ? __fget_files+0x2a/0x420
[ 1934.450804][T21981]  __io_uring_add_tctx_node_from_submit+0x91/0x120
[ 1934.450836][T21981]  __se_sys_io_uring_enter+0x2505/0x2b20
[ 1934.450863][T21981]  ? rcu_is_watching+0x15/0xb0
[ 1934.450886][T21981]  ? trace_sched_exit_tp+0x38/0x120
[ 1934.450904][T21981]  ? __schedule+0x16c0/0x4cb0
[ 1934.450940][T21981]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[ 1934.450965][T21981]  ? schedule+0x165/0x360
[ 1934.450996][T21981]  ? __pfx___schedule+0x10/0x10
[ 1934.451048][T21981]  ? __x64_sys_io_uring_enter+0x21/0xf0
[ 1934.451070][T21981]  do_syscall_64+0xfa/0x3b0
[ 1934.451091][T21981]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1934.451109][T21981]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1934.451127][T21981]  ? clear_bhb_loop+0x60/0xb0
[ 1934.451150][T21981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1934.451168][T21981] RIP: 0033:0x7ff257f8e969
[ 1934.451185][T21981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1934.451202][T21981] RSP: 002b:00007ff255dd5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1934.451222][T21981] RAX: ffffffffffffffda RBX: 00007ff2581b6160 RCX: 00007ff257f8e969
[ 1934.451236][T21981] RDX: 0000000000000000 RSI: 00000000000047ba RDI: 0000000000000005
[ 1934.451248][T21981] RBP: 00007ff255dd5090 R08: 0000000000000000 R09: 0000000000000000
[ 1934.451261][T21981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1934.451272][T21981] R13: 0000000000000000 R14: 00007ff2581b6160 R15: 00007ffc796a03c8
[ 1934.451302][T21981]  </TASK>
[ 1934.726164][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1935.030181][ T8497] usb 1-1: config 95 interface 1 has no altsetting 0
[ 1935.040836][ T8497] usb 1-1: string descriptor 0 read error: -22
[ 1935.047170][ T8497] usb 1-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[ 1935.191245][ T8497] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1939.190051][ T8497] usb 1-1: can't set config #95, error -71
[ 1939.413766][T21996] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4398'.
[ 1939.680729][ T8497] usb 1-1: USB disconnect, device number 29
[ 1939.974007][T18860] usb 2-1: new high-speed USB device number 87 using dummy_hcd
[ 1940.431135][T18860] usb 2-1: Using ep0 maxpacket: 32
[ 1940.464788][T18860] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[ 1940.486872][T18860] usb 2-1: config 0 has no interface number 0
[ 1940.502044][T18860] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1940.549162][T18860] usb 2-1: config 0 interface 85 has no altsetting 0
[ 1940.576511][T18860] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1940.628928][T18860] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1940.665758][T18860] usb 2-1: Product: syz
[ 1940.686349][T18860] usb 2-1: Manufacturer: syz
[ 1940.751673][T18860] usb 2-1: SerialNumber: syz
[ 1940.768418][T18860] usb 2-1: config 0 descriptor??
[ 1941.946786][T18860] appletouch 2-1:0.85: Geyser mode initialized.
[ 1941.963389][T18860] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input168
[ 1942.358455][T22007] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1942.366095][T22007] overlayfs: failed to set xattr on upper
[ 1942.374028][T22007] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1942.390683][T22007] overlayfs: ...falling back to index=off.
[ 1943.814335][T22036] lo speed is unknown, defaulting to 1000
[ 1943.841284][T12979] usb 2-1: USB disconnect, device number 87
[ 1943.902713][T12979] appletouch 2-1:0.85: input: appletouch disconnected
[ 1945.423249][T22059] netlink: 44 bytes leftover after parsing attributes in process `syz.5.4413'.
[ 1946.423572][T22068] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1946.445071][T22067] loop6: detected capacity change from 0 to 524287999
[ 1946.480136][   T30] kauditd_printk_skb: 18 callbacks suppressed
[ 1946.480154][   T30] audit: type=1326 audit(1748731808.911:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22056 comm="syz.1.4411" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff689b8e969 code=0x0
[ 1946.507213][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1947.830532][T12979] usb 6-1: new high-speed USB device number 120 using dummy_hcd
[ 1948.009416][T22081] FAULT_INJECTION: forcing a failure.
[ 1948.009416][T22081] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1948.022698][T22081] CPU: 1 UID: 0 PID: 22081 Comm: syz.2.4416 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1948.022726][T22081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1948.022736][T22081] Call Trace:
[ 1948.022743][T22081]  <TASK>
[ 1948.022749][T22081]  dump_stack_lvl+0x189/0x250
[ 1948.022775][T22081]  ? __pfx____ratelimit+0x10/0x10
[ 1948.022806][T22081]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1948.022835][T22081]  ? __pfx__printk+0x10/0x10
[ 1948.022856][T22081]  ? __might_fault+0xb0/0x130
[ 1948.022892][T22081]  should_fail_ex+0x414/0x560
[ 1948.022913][T22081]  _copy_from_user+0x2d/0xb0
[ 1948.022934][T22081]  ___sys_sendmsg+0x158/0x2a0
[ 1948.022956][T22081]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1948.023002][T22081]  ? __fget_files+0x2a/0x420
[ 1948.023016][T22081]  ? __fget_files+0x3a0/0x420
[ 1948.023036][T22081]  __x64_sys_sendmsg+0x19b/0x260
[ 1948.023069][T22081]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1948.023100][T22081]  ? do_syscall_64+0xbe/0x3b0
[ 1948.023116][T22081]  do_syscall_64+0xfa/0x3b0
[ 1948.023130][T22081]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1948.023142][T22081]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1948.023155][T22081]  ? clear_bhb_loop+0x60/0xb0
[ 1948.023171][T22081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1948.023185][T22081] RIP: 0033:0x7ff257f8e969
[ 1948.023197][T22081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1948.023209][T22081] RSP: 002b:00007ff255dd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1948.023235][T22081] RAX: ffffffffffffffda RBX: 00007ff2581b6160 RCX: 00007ff257f8e969
[ 1948.023244][T22081] RDX: 0000000000000000 RSI: 000020000000c2c0 RDI: 0000000000000006
[ 1948.023253][T22081] RBP: 00007ff255dd5090 R08: 0000000000000000 R09: 0000000000000000
[ 1948.023261][T22081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1948.023269][T22081] R13: 0000000000000000 R14: 00007ff2581b6160 R15: 00007ffc796a03c8
[ 1948.023288][T22081]  </TASK>
[ 1948.227062][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1948.450197][T12979] usb 6-1: Using ep0 maxpacket: 16
[ 1948.468479][T12979] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1948.508977][T12979] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1948.585157][T12979] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1948.592984][T22088] FAULT_INJECTION: forcing a failure.
[ 1948.592984][T22088] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1948.593959][T12979] usb 6-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1948.655146][T22088] CPU: 1 UID: 0 PID: 22088 Comm: syz.0.4419 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1948.655179][T22088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1948.655193][T22088] Call Trace:
[ 1948.655202][T22088]  <TASK>
[ 1948.655211][T22088]  dump_stack_lvl+0x189/0x250
[ 1948.655246][T22088]  ? __pfx____ratelimit+0x10/0x10
[ 1948.655278][T22088]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1948.655307][T22088]  ? __pfx__printk+0x10/0x10
[ 1948.655328][T22088]  ? __might_fault+0xb0/0x130
[ 1948.655374][T22088]  should_fail_ex+0x414/0x560
[ 1948.655401][T22088]  _copy_from_user+0x2d/0xb0
[ 1948.655431][T22088]  ___sys_sendmsg+0x158/0x2a0
[ 1948.655464][T22088]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1948.655529][T22088]  ? __fget_files+0x2a/0x420
[ 1948.655555][T22088]  ? __fget_files+0x3a0/0x420
[ 1948.655585][T22088]  __x64_sys_sendmsg+0x19b/0x260
[ 1948.655615][T22088]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1948.655653][T22088]  ? __pfx_ksys_write+0x10/0x10
[ 1948.655678][T22088]  ? rcu_is_watching+0x15/0xb0
[ 1948.655707][T22088]  ? do_syscall_64+0xbe/0x3b0
[ 1948.655731][T22088]  do_syscall_64+0xfa/0x3b0
[ 1948.655750][T22088]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1948.655769][T22088]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1948.655789][T22088]  ? clear_bhb_loop+0x60/0xb0
[ 1948.655815][T22088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1948.655834][T22088] RIP: 0033:0x7fb149d8e969
[ 1948.655852][T22088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1948.655869][T22088] RSP: 002b:00007fb14ab60038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1948.655891][T22088] RAX: ffffffffffffffda RBX: 00007fb149fb5fa0 RCX: 00007fb149d8e969
[ 1948.655905][T22088] RDX: 000000000400c000 RSI: 00002000000001c0 RDI: 0000000000000003
[ 1948.655919][T22088] RBP: 00007fb14ab60090 R08: 0000000000000000 R09: 0000000000000000
[ 1948.655932][T22088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1948.655945][T22088] R13: 0000000000000000 R14: 00007fb149fb5fa0 R15: 00007ffdc63f4f18
[ 1948.655976][T22088]  </TASK>
[ 1948.656166][T12979] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1949.932706][T12979] usb 6-1: config 0 descriptor??
[ 1950.513057][T22098] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4422'.
[ 1950.532350][T12979] usbhid 6-1:0.0: can't add hid device: -71
[ 1950.588894][T12979] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1950.657576][T12979] usb 6-1: USB disconnect, device number 120
[ 1951.414555][T22108] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4424'.
[ 1953.781344][T22130] FAULT_INJECTION: forcing a failure.
[ 1953.781344][T22130] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1953.794481][T22130] CPU: 0 UID: 0 PID: 22130 Comm: syz.1.4430 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1953.794507][T22130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1953.794520][T22130] Call Trace:
[ 1953.794529][T22130]  <TASK>
[ 1953.794538][T22130]  dump_stack_lvl+0x189/0x250
[ 1953.794570][T22130]  ? __pfx____ratelimit+0x10/0x10
[ 1953.794601][T22130]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1953.794629][T22130]  ? __pfx__printk+0x10/0x10
[ 1953.794661][T22130]  should_fail_ex+0x414/0x560
[ 1953.794688][T22130]  _copy_to_user+0x31/0xb0
[ 1953.794718][T22130]  simple_read_from_buffer+0xe1/0x170
[ 1953.794752][T22130]  proc_fail_nth_read+0x1df/0x250
[ 1953.794782][T22130]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1953.794807][T22130]  ? rw_verify_area+0x258/0x650
[ 1953.794832][T22130]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1953.794855][T22130]  vfs_read+0x200/0x980
[ 1953.794887][T22130]  ? __pfx___mutex_lock+0x10/0x10
[ 1953.794908][T22130]  ? __pfx_vfs_read+0x10/0x10
[ 1953.794935][T22130]  ? __fget_files+0x2a/0x420
[ 1953.794959][T22130]  ? __fget_files+0x3a0/0x420
[ 1953.794975][T22130]  ? __fget_files+0x2a/0x420
[ 1953.795003][T22130]  ksys_read+0x145/0x250
[ 1953.795032][T22130]  ? __pfx_ksys_read+0x10/0x10
[ 1953.795064][T22130]  ? do_syscall_64+0xbe/0x3b0
[ 1953.795088][T22130]  do_syscall_64+0xfa/0x3b0
[ 1953.795106][T22130]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1953.795135][T22130]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1953.795153][T22130]  ? clear_bhb_loop+0x60/0xb0
[ 1953.795175][T22130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1953.795193][T22130] RIP: 0033:0x7ff689b8d37c
[ 1953.795227][T22130] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1953.795244][T22130] RSP: 002b:00007ff68a9f9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1953.795264][T22130] RAX: ffffffffffffffda RBX: 00007ff689db6160 RCX: 00007ff689b8d37c
[ 1953.795278][T22130] RDX: 000000000000000f RSI: 00007ff68a9f90a0 RDI: 000000000000000b
[ 1953.795290][T22130] RBP: 00007ff68a9f9090 R08: 0000000000000000 R09: 0000000000000000
[ 1953.795303][T22130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1953.795314][T22130] R13: 0000000000000001 R14: 00007ff689db6160 R15: 00007ffcafc37f48
[ 1953.795345][T22130]  </TASK>
[ 1954.589973][T18860] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[ 1954.822132][T18860] usb 1-1: Using ep0 maxpacket: 16
[ 1954.926414][T18860] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1954.969273][T18860] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1955.072648][T22137] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4435'.
[ 1955.099956][T18860] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1955.106629][T18860] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1955.127798][T18860] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1955.358813][T18860] usb 1-1: config 0 descriptor??
[ 1955.512744][T22158] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4437'.
[ 1957.076447][T18860] usb 1-1: USB disconnect, device number 30
[ 1957.686048][T22173] fuse: Bad value for 'fd'
[ 1958.472058][T22182] overlayfs: missing 'workdir'
[ 1958.693354][T22183] bridge3: entered promiscuous mode
[ 1958.698900][T22183] bridge3: entered allmulticast mode
[ 1962.336982][T22217] FAULT_INJECTION: forcing a failure.
[ 1962.336982][T22217] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1962.394623][ T8497] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[ 1963.096445][ T8497] usb 1-1: Using ep0 maxpacket: 16
[ 1963.100685][T22217] CPU: 1 UID: 0 PID: 22217 Comm: syz.5.4453 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1963.100715][T22217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1963.100729][T22217] Call Trace:
[ 1963.100738][T22217]  <TASK>
[ 1963.100766][T22217]  dump_stack_lvl+0x189/0x250
[ 1963.100804][T22217]  ? __pfx____ratelimit+0x10/0x10
[ 1963.100841][T22217]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1963.100872][T22217]  ? __pfx__printk+0x10/0x10
[ 1963.100909][T22217]  should_fail_ex+0x414/0x560
[ 1963.100939][T22217]  _copy_to_user+0x31/0xb0
[ 1963.100971][T22217]  simple_read_from_buffer+0xe1/0x170
[ 1963.101010][T22217]  proc_fail_nth_read+0x1df/0x250
[ 1963.101050][T22217]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1963.101077][T22217]  ? rw_verify_area+0x258/0x650
[ 1963.101105][T22217]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1963.101131][T22217]  vfs_read+0x200/0x980
[ 1963.101166][T22217]  ? __pfx___mutex_lock+0x10/0x10
[ 1963.101189][T22217]  ? __pfx_vfs_read+0x10/0x10
[ 1963.101220][T22217]  ? __fget_files+0x2a/0x420
[ 1963.101247][T22217]  ? __fget_files+0x3a0/0x420
[ 1963.101266][T22217]  ? __fget_files+0x2a/0x420
[ 1963.101298][T22217]  ksys_read+0x145/0x250
[ 1963.101324][T22217]  ? __fget_files+0x3a0/0x420
[ 1963.101346][T22217]  ? __pfx_ksys_read+0x10/0x10
[ 1963.101382][T22217]  ? do_syscall_64+0xbe/0x3b0
[ 1963.101408][T22217]  do_syscall_64+0xfa/0x3b0
[ 1963.101433][T22217]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1963.101452][T22217]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1963.101473][T22217]  ? clear_bhb_loop+0x60/0xb0
[ 1963.101499][T22217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1963.101520][T22217] RIP: 0033:0x7ff610b8d37c
[ 1963.101540][T22217] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1963.101560][T22217] RSP: 002b:00007ff611ae4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1963.101583][T22217] RAX: ffffffffffffffda RBX: 00007ff610db5fa0 RCX: 00007ff610b8d37c
[ 1963.101599][T22217] RDX: 000000000000000f RSI: 00007ff611ae40a0 RDI: 0000000000000005
[ 1963.101614][T22217] RBP: 00007ff611ae4090 R08: 0000000000000000 R09: 0000000000000000
[ 1963.101627][T22217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1963.101639][T22217] R13: 0000000000000000 R14: 00007ff610db5fa0 R15: 00007ffce4967488
[ 1963.101671][T22217]  </TASK>
[ 1963.499335][ T8497] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1963.511959][ T8497] usb 1-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[ 1963.526657][ T8497] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1963.551194][ T8497] usb 1-1: Product: syz
[ 1963.555406][ T8497] usb 1-1: Manufacturer: syz
[ 1963.574563][ T8497] usb 1-1: SerialNumber: syz
[ 1963.588606][ T8497] usb 1-1: config 0 descriptor??
[ 1963.605639][ T8497] hub 1-1:0.0: bad descriptor, ignoring hub
[ 1963.624075][ T8497] hub 1-1:0.0: probe with driver hub failed with error -5
[ 1963.654354][ T8497] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input169
[ 1963.699952][T18860] usb 2-1: new high-speed USB device number 88 using dummy_hcd
[ 1963.855284][T22236] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4458'.
[ 1964.593910][T18860] usb 2-1: Using ep0 maxpacket: 16
[ 1964.640896][T18860] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1964.659951][T18860] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1964.680037][T18860] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1964.686697][T18860] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1964.805677][T18860] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1965.342315][T18860] usb 2-1: config 0 descriptor??
[ 1965.761874][ T8497] usb 1-1: USB disconnect, device number 31
[ 1966.975050][T18860] usb 2-1: USB disconnect, device number 88
[ 1967.036754][T22260] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1970.286703][T22271] usb usb9: usbfs: process 22271 (syz.5.4465) did not claim interface 0 before use
[ 1974.064314][T22283] No control pipe specified
[ 1974.495831][T22320] bond0: (slave gre0): Error: Device type is different from other slaves
[ 1975.487276][T22330] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4477'.
[ 1976.149079][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1976.156248][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1976.253168][T22333] usb usb9: usbfs: process 22333 (syz.0.4479) did not claim interface 0 before use
[ 1976.809972][T18860] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[ 1977.040204][T18860] usb 1-1: Using ep0 maxpacket: 32
[ 1977.056673][T18860] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[ 1977.066158][T18860] usb 1-1: config 0 has no interface number 0
[ 1977.082972][T18860] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1977.111421][T18860] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1977.131711][T22345] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1977.149621][T18860] usb 1-1: Product: syz
[ 1977.155084][T18860] usb 1-1: Manufacturer: syz
[ 1977.163656][T18860] usb 1-1: SerialNumber: syz
[ 1977.176097][T18860] usb 1-1: config 0 descriptor??
[ 1977.290421][   T30] audit: type=1326 audit(1748731839.611:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22340 comm="syz.3.4482" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8b79b8e969 code=0x0
[ 1977.337181][T18860] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1977.703772][T18860] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1977.734796][T18860] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1978.275289][    C0] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1978.275818][ T8494] usb 1-1: USB disconnect, device number 32
[ 1978.751322][ T8494] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1978.767265][T22360] FAULT_INJECTION: forcing a failure.
[ 1978.767265][T22360] name failslab, interval 1, probability 0, space 0, times 0
[ 1978.769771][ T8494] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1978.801366][T22360] CPU: 1 UID: 0 PID: 22360 Comm: syz.1.4487 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1978.801392][T22360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1978.801405][T22360] Call Trace:
[ 1978.801412][T22360]  <TASK>
[ 1978.801421][T22360]  dump_stack_lvl+0x189/0x250
[ 1978.801453][T22360]  ? __pfx____ratelimit+0x10/0x10
[ 1978.801483][T22360]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1978.801510][T22360]  ? __pfx__printk+0x10/0x10
[ 1978.801535][T22360]  ? __pfx___might_resched+0x10/0x10
[ 1978.801556][T22360]  ? fs_reclaim_acquire+0x7d/0x100
[ 1978.801583][T22360]  should_fail_ex+0x414/0x560
[ 1978.801608][T22360]  should_failslab+0xa8/0x100
[ 1978.801639][T22360]  __kmalloc_noprof+0xcb/0x4f0
[ 1978.801665][T22360]  ? kfree+0x4d/0x440
[ 1978.801688][T22360]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1978.801717][T22360]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1978.801744][T22360]  ? tomoyo_domain+0xda/0x130
[ 1978.801775][T22360]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1978.801795][T22360]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1978.801829][T22360]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1978.801864][T22360]  ? __lock_acquire+0xab9/0xd20
[ 1978.801920][T22360]  ? __fget_files+0x2a/0x420
[ 1978.801942][T22360]  ? __fget_files+0x2a/0x420
[ 1978.801958][T22360]  ? __fget_files+0x3a0/0x420
[ 1978.801975][T22360]  ? __fget_files+0x2a/0x420
[ 1978.801997][T22360]  security_file_ioctl+0xcb/0x2d0
[ 1978.802021][T22360]  __se_sys_ioctl+0x47/0x170
[ 1978.802049][T22360]  do_syscall_64+0xfa/0x3b0
[ 1978.802067][T22360]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1978.802085][T22360]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1978.802105][T22360]  ? clear_bhb_loop+0x60/0xb0
[ 1978.802128][T22360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1978.802146][T22360] RIP: 0033:0x7ff689b8e969
[ 1978.802164][T22360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1978.802180][T22360] RSP: 002b:00007ff68aa3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1978.802207][T22360] RAX: ffffffffffffffda RBX: 00007ff689db5fa0 RCX: 00007ff689b8e969
[ 1978.802222][T22360] RDX: 00002000000000c0 RSI: 00000000c02c563a RDI: 0000000000000003
[ 1978.802235][T22360] RBP: 00007ff68aa3b090 R08: 0000000000000000 R09: 0000000000000000
[ 1978.802247][T22360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1978.802259][T22360] R13: 0000000000000000 R14: 00007ff689db5fa0 R15: 00007ffcafc37f48
[ 1978.802290][T22360]  </TASK>
[ 1978.802298][T22360] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1979.106128][ T8494] quatech2 1-1:0.51: device disconnected
[ 1979.200616][T12608] usb 6-1: new high-speed USB device number 121 using dummy_hcd
[ 1979.319354][T22367] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4489'.
[ 1979.365569][T22365] FAULT_INJECTION: forcing a failure.
[ 1979.365569][T22365] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1979.418821][T22365] CPU: 0 UID: 0 PID: 22365 Comm: syz.1.4490 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1979.418852][T22365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1979.418864][T22365] Call Trace:
[ 1979.418873][T22365]  <TASK>
[ 1979.418882][T22365]  dump_stack_lvl+0x189/0x250
[ 1979.418914][T22365]  ? __pfx____ratelimit+0x10/0x10
[ 1979.418944][T22365]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1979.418971][T22365]  ? __pfx__printk+0x10/0x10
[ 1979.418989][T22365]  ? __might_fault+0xb0/0x130
[ 1979.419021][T22365]  should_fail_ex+0x414/0x560
[ 1979.419044][T22365]  _copy_from_user+0x2d/0xb0
[ 1979.419071][T22365]  ___sys_sendmsg+0x158/0x2a0
[ 1979.419100][T22365]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1979.419171][T22365]  ? __fget_files+0x2a/0x420
[ 1979.419187][T22365]  ? __fget_files+0x3a0/0x420
[ 1979.419214][T22365]  __x64_sys_sendmsg+0x19b/0x260
[ 1979.419241][T22365]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1979.419303][T22365]  ? do_syscall_64+0xbe/0x3b0
[ 1979.419327][T22365]  do_syscall_64+0xfa/0x3b0
[ 1979.419347][T22365]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1979.419366][T22365]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1979.419391][T22365]  ? clear_bhb_loop+0x60/0xb0
[ 1979.419413][T22365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1979.419430][T22365] RIP: 0033:0x7ff689b8e969
[ 1979.419448][T22365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1979.419463][T22365] RSP: 002b:00007ff68aa3b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1979.419483][T22365] RAX: ffffffffffffffda RBX: 00007ff689db5fa0 RCX: 00007ff689b8e969
[ 1979.419497][T22365] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[ 1979.419509][T22365] RBP: 00007ff68aa3b090 R08: 0000000000000000 R09: 0000000000000000
[ 1979.419521][T22365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1979.419532][T22365] R13: 0000000000000000 R14: 00007ff689db5fa0 R15: 00007ffcafc37f48
[ 1979.419561][T22365]  </TASK>
[ 1979.670171][T12608] usb 6-1: Using ep0 maxpacket: 32
[ 1979.716389][T12608] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1979.970196][T12608] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1979.990638][T12608] usb 6-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[ 1979.999686][T12608] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1980.030574][T12608] usb 6-1: config 0 descriptor??
[ 1980.391161][ T8494] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[ 1981.197164][T12608] hid-u2fzero 0003:10C4:8ACF.0031: hidraw0: USB HID v0.00 Device [HID 10c4:8acf] on usb-dummy_hcd.5-1/input0
[ 1981.210861][T12608] hid-u2fzero 0003:10C4:8ACF.0031: U2F Zero LED initialised
[ 1981.218482][T12608] hid-u2fzero 0003:10C4:8ACF.0031: U2F Zero RNG initialised
[ 1981.360308][T22389] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[ 1981.373640][T22390] lo speed is unknown, defaulting to 1000
[ 1981.382618][ T8494] usb 3-1: config 0 has no interfaces?
[ 1981.400942][ T8494] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1981.419022][ T8494] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1981.427472][ T8494] usb 3-1: Product: syz
[ 1981.441316][T12608] usb 6-1: USB disconnect, device number 121
[ 1981.453721][ T8494] usb 3-1: Manufacturer: syz
[ 1981.474400][ T8494] usb 3-1: SerialNumber: syz
[ 1981.495806][ T8494] usb 3-1: config 0 descriptor??
[ 1981.843126][T14894] usb 2-1: new high-speed USB device number 89 using dummy_hcd
[ 1982.040263][T14894] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1982.098366][T14894] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1982.313664][T22402] FAULT_INJECTION: forcing a failure.
[ 1982.313664][T22402] name failslab, interval 1, probability 0, space 0, times 0
[ 1982.326426][T22402] CPU: 0 UID: 0 PID: 22402 Comm: syz.5.4501 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1982.326444][T22402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1982.326452][T22402] Call Trace:
[ 1982.326457][T22402]  <TASK>
[ 1982.326463][T22402]  dump_stack_lvl+0x189/0x250
[ 1982.326485][T22402]  ? __pfx____ratelimit+0x10/0x10
[ 1982.326506][T22402]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1982.326525][T22402]  ? __pfx__printk+0x10/0x10
[ 1982.326541][T22402]  ? __pfx___might_resched+0x10/0x10
[ 1982.326555][T22402]  ? fs_reclaim_acquire+0x7d/0x100
[ 1982.326573][T22402]  should_fail_ex+0x414/0x560
[ 1982.326590][T22402]  should_failslab+0xa8/0x100
[ 1982.326611][T22402]  __kmalloc_noprof+0xcb/0x4f0
[ 1982.326629][T22402]  ? kfree+0x4d/0x440
[ 1982.326644][T22402]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1982.326665][T22402]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1982.326682][T22402]  ? tomoyo_domain+0xda/0x130
[ 1982.326702][T22402]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1982.326716][T22402]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1982.326731][T22402]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1982.326755][T22402]  ? __lock_acquire+0xab9/0xd20
[ 1982.326782][T22402]  ? __fget_files+0x2a/0x420
[ 1982.326798][T22402]  ? __fget_files+0x2a/0x420
[ 1982.326809][T22402]  ? __fget_files+0x3a0/0x420
[ 1982.326819][T22402]  ? __fget_files+0x2a/0x420
[ 1982.326833][T22402]  security_file_ioctl+0xcb/0x2d0
[ 1982.326856][T22402]  __se_sys_ioctl+0x47/0x170
[ 1982.326875][T22402]  do_syscall_64+0xfa/0x3b0
[ 1982.326886][T22402]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1982.326902][T22402]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1982.326914][T22402]  ? clear_bhb_loop+0x60/0xb0
[ 1982.326930][T22402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1982.326942][T22402] RIP: 0033:0x7ff610b8e969
[ 1982.326954][T22402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1982.326965][T22402] RSP: 002b:00007ff611ac3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1982.326978][T22402] RAX: ffffffffffffffda RBX: 00007ff610db6080 RCX: 00007ff610b8e969
[ 1982.326987][T22402] RDX: 0000200000000140 RSI: 00000000c004743e RDI: 0000000000000003
[ 1982.326996][T22402] RBP: 00007ff611ac3090 R08: 0000000000000000 R09: 0000000000000000
[ 1982.327004][T22402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1982.327011][T22402] R13: 0000000000000000 R14: 00007ff610db6080 R15: 00007ffce4967488
[ 1982.327035][T22402]  </TASK>
[ 1982.327041][T22402] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1982.580951][T14894] usb 2-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 1982.625453][T14894] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1982.780491][ T8494] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[ 1982.782472][T14894] usb 2-1: config 0 descriptor??
[ 1982.944784][ T8494] usb 1-1: Using ep0 maxpacket: 16
[ 1983.049322][ T8494] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1983.071879][T22396] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1983.198858][T22396] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1983.212833][ T8494] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1983.251712][ T8494] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1983.295331][ T8494] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1983.306082][ T8494] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1983.368718][ T8494] usb 1-1: config 0 descriptor??
[ 1983.450125][T22413] usb usb9: usbfs: process 22413 (syz.5.4505) did not claim interface 0 before use
[ 1983.926703][T12611] usb 3-1: USB disconnect, device number 35
[ 1983.930438][T12979] usb 6-1: new high-speed USB device number 122 using dummy_hcd
[ 1984.130792][T12979] usb 6-1: Using ep0 maxpacket: 32
[ 1984.295597][T14894] hid-led 0003:27B8:01ED.0032: hidraw0: USB HID v0.00 Device [HID 27b8:01ed] on usb-dummy_hcd.1-1/input0
[ 1984.310018][T12979] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[ 1984.326857][T12979] usb 6-1: config 0 has no interface number 0
[ 1984.328402][T12611] usb 1-1: USB disconnect, device number 33
[ 1984.925551][T12979] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1984.940891][T14894] hid-led 0003:27B8:01ED.0032: ThingM blink(1) initialized
[ 1985.021676][T12979] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1985.033724][T14894] usb 2-1: USB disconnect, device number 89
[ 1985.039700][T12979] usb 6-1: Product: syz
[ 1985.139021][T12979] usb 6-1: Manufacturer: syz
[ 1985.161200][T12979] usb 6-1: SerialNumber: syz
[ 1985.188871][T12979] usb 6-1: config 0 descriptor??
[ 1985.203247][T12979] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1985.480504][T12979] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1985.513975][T12979] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1986.700494][T21829] Bluetooth: hci4: command 0x0405 tx timeout
[ 1986.762127][T22444] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4513'.
[ 1987.168762][    C0] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1987.173429][T12611] usb 6-1: USB disconnect, device number 122
[ 1987.224609][T12611] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1987.276158][T12611] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1987.301016][T12611] quatech2 6-1:0.51: device disconnected
[ 1988.741711][T12611] usb 2-1: new full-speed USB device number 90 using dummy_hcd
[ 1989.641346][T22488] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1990.008685][T22482] syz.3.4522 (22482): drop_caches: 2
[ 1990.306919][T22492] netlink: 44 bytes leftover after parsing attributes in process `syz.5.4526'.
[ 1992.342797][T22498] FAULT_INJECTION: forcing a failure.
[ 1992.342797][T22498] name failslab, interval 1, probability 0, space 0, times 0
[ 1992.413372][T22498] CPU: 1 UID: 0 PID: 22498 Comm: syz.5.4529 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1992.413401][T22498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1992.413412][T22498] Call Trace:
[ 1992.413420][T22498]  <TASK>
[ 1992.413428][T22498]  dump_stack_lvl+0x189/0x250
[ 1992.413460][T22498]  ? __pfx____ratelimit+0x10/0x10
[ 1992.413487][T22498]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1992.413512][T22498]  ? __pfx__printk+0x10/0x10
[ 1992.413535][T22498]  ? __pfx___might_resched+0x10/0x10
[ 1992.413555][T22498]  ? fs_reclaim_acquire+0x7d/0x100
[ 1992.413580][T22498]  should_fail_ex+0x414/0x560
[ 1992.413604][T22498]  should_failslab+0xa8/0x100
[ 1992.413634][T22498]  __kmalloc_noprof+0xcb/0x4f0
[ 1992.413658][T22498]  ? kfree+0x4d/0x440
[ 1992.413679][T22498]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1992.413707][T22498]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1992.413733][T22498]  ? tomoyo_domain+0xda/0x130
[ 1992.413761][T22498]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1992.413780][T22498]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1992.413801][T22498]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1992.413837][T22498]  ? __lock_acquire+0xab9/0xd20
[ 1992.413875][T22498]  ? __fget_files+0x2a/0x420
[ 1992.413896][T22498]  ? __fget_files+0x2a/0x420
[ 1992.413911][T22498]  ? __fget_files+0x3a0/0x420
[ 1992.413926][T22498]  ? __fget_files+0x2a/0x420
[ 1992.413947][T22498]  security_file_ioctl+0xcb/0x2d0
[ 1992.413976][T22498]  __se_sys_ioctl+0x47/0x170
[ 1992.414003][T22498]  do_syscall_64+0xfa/0x3b0
[ 1992.414020][T22498]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1992.414037][T22498]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1992.414054][T22498]  ? clear_bhb_loop+0x60/0xb0
[ 1992.414076][T22498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1992.414093][T22498] RIP: 0033:0x7ff610b8e969
[ 1992.414110][T22498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1992.414126][T22498] RSP: 002b:00007ff611ae4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1992.414145][T22498] RAX: ffffffffffffffda RBX: 00007ff610db5fa0 RCX: 00007ff610b8e969
[ 1992.414157][T22498] RDX: 0000200000000200 RSI: 00000000c048aeca RDI: 0000000000000007
[ 1992.414168][T22498] RBP: 00007ff611ae4090 R08: 0000000000000000 R09: 0000000000000000
[ 1992.414179][T22498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1992.414189][T22498] R13: 0000000000000000 R14: 00007ff610db5fa0 R15: 00007ffce4967488
[ 1992.414217][T22498]  </TASK>
[ 1992.414226][T22498] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1992.970385][T12608] usb 3-1: new full-speed USB device number 36 using dummy_hcd
[ 1993.570771][T22514] netlink: 140 bytes leftover after parsing attributes in process `syz.2.4530'.
[ 1994.251065][T22511] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4534'.
[ 1996.214617][T12608] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1996.335926][T12608] usb 3-1: unable to read config index 0 descriptor/start: -71
[ 1996.370545][T12608] usb 3-1: can't read configurations, error -71
[ 1996.383774][T22529] FAULT_INJECTION: forcing a failure.
[ 1996.383774][T22529] name failslab, interval 1, probability 0, space 0, times 0
[ 1996.460345][T22529] CPU: 0 UID: 0 PID: 22529 Comm: syz.5.4533 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1996.460376][T22529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1996.460389][T22529] Call Trace:
[ 1996.460398][T22529]  <TASK>
[ 1996.460407][T22529]  dump_stack_lvl+0x189/0x250
[ 1996.460449][T22529]  ? __pfx____ratelimit+0x10/0x10
[ 1996.460504][T22529]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1996.460546][T22529]  ? __pfx__printk+0x10/0x10
[ 1996.460592][T22529]  ? __pfx___might_resched+0x10/0x10
[ 1996.460615][T22529]  ? fs_reclaim_acquire+0x7d/0x100
[ 1996.460642][T22529]  should_fail_ex+0x414/0x560
[ 1996.460670][T22529]  should_failslab+0xa8/0x100
[ 1996.460702][T22529]  __kmalloc_noprof+0xcb/0x4f0
[ 1996.460730][T22529]  ? kfree+0x4d/0x440
[ 1996.460753][T22529]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1996.460785][T22529]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1996.460812][T22529]  ? tomoyo_domain+0xda/0x130
[ 1996.460844][T22529]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1996.460865][T22529]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1996.460889][T22529]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1996.460930][T22529]  ? __lock_acquire+0xab9/0xd20
[ 1996.460974][T22529]  ? __fget_files+0x2a/0x420
[ 1996.460997][T22529]  ? __fget_files+0x2a/0x420
[ 1996.461015][T22529]  ? __fget_files+0x3a0/0x420
[ 1996.461033][T22529]  ? __fget_files+0x2a/0x420
[ 1996.461056][T22529]  security_file_ioctl+0xcb/0x2d0
[ 1996.461081][T22529]  __se_sys_ioctl+0x47/0x170
[ 1996.461110][T22529]  do_syscall_64+0xfa/0x3b0
[ 1996.461130][T22529]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1996.461150][T22529]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1996.461195][T22529]  ? clear_bhb_loop+0x60/0xb0
[ 1996.461220][T22529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1996.461240][T22529] RIP: 0033:0x7ff610b8e969
[ 1996.461258][T22529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1996.461276][T22529] RSP: 002b:00007ff611aa2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1996.461298][T22529] RAX: ffffffffffffffda RBX: 00007ff610db6160 RCX: 00007ff610b8e969
[ 1996.461313][T22529] RDX: 00002000000000c0 RSI: 00000000c004562f RDI: 000000000000000a
[ 1996.461338][T22529] RBP: 00007ff611aa2090 R08: 0000000000000000 R09: 0000000000000000
[ 1996.461351][T22529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1996.461362][T22529] R13: 0000000000000000 R14: 00007ff610db6160 R15: 00007ffce4967488
[ 1996.461391][T22529]  </TASK>
[ 1996.465001][T22529] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1997.211815][T22540] FAULT_INJECTION: forcing a failure.
[ 1997.211815][T22540] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1997.227321][T22540] CPU: 1 UID: 0 PID: 22540 Comm: syz.0.4540 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 1997.227349][T22540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1997.227362][T22540] Call Trace:
[ 1997.227370][T22540]  <TASK>
[ 1997.227379][T22540]  dump_stack_lvl+0x189/0x250
[ 1997.227412][T22540]  ? __pfx____ratelimit+0x10/0x10
[ 1997.227443][T22540]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1997.227471][T22540]  ? __pfx__printk+0x10/0x10
[ 1997.227498][T22540]  ? fs_reclaim_acquire+0x7d/0x100
[ 1997.227529][T22540]  should_fail_ex+0x414/0x560
[ 1997.227554][T22540]  prepare_alloc_pages+0x213/0x610
[ 1997.227594][T22540]  __alloc_frozen_pages_noprof+0x123/0x370
[ 1997.227619][T22540]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1997.227650][T22540]  ? policy_nodemask+0x27c/0x720
[ 1997.227682][T22540]  alloc_pages_mpol+0x232/0x4a0
[ 1997.227715][T22540]  vma_alloc_folio_noprof+0xe4/0x200
[ 1997.227742][T22540]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[ 1997.227771][T22540]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1997.227810][T22540]  folio_prealloc+0x30/0x180
[ 1997.227830][T22540]  __handle_mm_fault+0x2c6a/0x55e0
[ 1997.227874][T22540]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1997.227915][T22540]  ? irqentry_exit+0x74/0x90
[ 1997.227941][T22540]  handle_mm_fault+0x2d5/0x7f0
[ 1997.227976][T22540]  do_user_addr_fault+0xa81/0x1390
[ 1997.228002][T22540]  ? rcu_is_watching+0x15/0xb0
[ 1997.228023][T22540]  ? trace_page_fault_user+0x84/0x1e0
[ 1997.228044][T22540]  exc_page_fault+0x76/0xf0
[ 1997.228074][T22540]  asm_exc_page_fault+0x26/0x30
[ 1997.228105][T22540] RIP: 0033:0x7fb149c5a35b
[ 1997.228122][T22540] Code: 00 00 00 48 8d 3d dd 2b 19 00 48 89 c1 31 c0 e8 db 3c ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 11 2c 19 00 48 89 34 24 48 8b 14 24 48 8b
[ 1997.228156][T22540] RSP: 002b:00007fb14ab1cfb0 EFLAGS: 00010202
[ 1997.228173][T22540] RAX: 0000000000000000 RBX: 00007fb149fb6160 RCX: 0000000000000000
[ 1997.228186][T22540] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000200000000540
[ 1997.228198][T22540] RBP: 00007fb14ab1e090 R08: 0000000000000000 R09: 0000000000000000
[ 1997.228211][T22540] R10: 0000200000000540 R11: 0000000000000000 R12: 0000000000000001
[ 1997.228223][T22540] R13: 0000000000000000 R14: 00007fb149fb6160 R15: 00007ffdc63f4f18
[ 1997.228253][T22540]  </TASK>
[ 1997.454263][T22540] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1997.529959][T12608] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[ 1997.703750][T12608] usb 3-1: Using ep0 maxpacket: 16
[ 1997.716275][T12608] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 1997.730529][T12608] usb 3-1: can't read configurations, error -61
[ 1997.848836][T12608] usb usb3-port1: attempt power cycle
[ 1998.281316][T12608] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[ 1998.521673][T12608] usb 3-1: Using ep0 maxpacket: 16
[ 1999.110901][T12608] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 1999.137823][T12608] usb 3-1: can't read configurations, error -61
[ 1999.198634][T22559] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 1999.300006][T12608] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[ 1999.322102][T22561] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 1999.360862][T12608] usb 3-1: Using ep0 maxpacket: 16
[ 1999.372955][T12608] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 1999.381011][T12608] usb 3-1: can't read configurations, error -61
[ 1999.406666][T12608] usb usb3-port1: unable to enumerate USB device
[ 2001.317167][T22576] FAULT_INJECTION: forcing a failure.
[ 2001.317167][T22576] name failslab, interval 1, probability 0, space 0, times 0
[ 2001.330682][T22576] CPU: 1 UID: 0 PID: 22576 Comm: syz.2.4549 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2001.330709][T22576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2001.330721][T22576] Call Trace:
[ 2001.330730][T22576]  <TASK>
[ 2001.330738][T22576]  dump_stack_lvl+0x189/0x250
[ 2001.330770][T22576]  ? __pfx____ratelimit+0x10/0x10
[ 2001.330808][T22576]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2001.330836][T22576]  ? __pfx__printk+0x10/0x10
[ 2001.330862][T22576]  ? __pfx___might_resched+0x10/0x10
[ 2001.330884][T22576]  ? fs_reclaim_acquire+0x7d/0x100
[ 2001.330911][T22576]  should_fail_ex+0x414/0x560
[ 2001.330936][T22576]  should_failslab+0xa8/0x100
[ 2001.330969][T22576]  __kmalloc_noprof+0xcb/0x4f0
[ 2001.330996][T22576]  ? kfree+0x4d/0x440
[ 2001.331019][T22576]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2001.331051][T22576]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2001.331078][T22576]  ? tomoyo_domain+0xda/0x130
[ 2001.331110][T22576]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 2001.331132][T22576]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 2001.331156][T22576]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2001.331195][T22576]  ? __lock_acquire+0xab9/0xd20
[ 2001.331237][T22576]  ? __fget_files+0x2a/0x420
[ 2001.331259][T22576]  ? __fget_files+0x2a/0x420
[ 2001.331277][T22576]  ? __fget_files+0x3a0/0x420
[ 2001.331295][T22576]  ? __fget_files+0x2a/0x420
[ 2001.331318][T22576]  security_file_ioctl+0xcb/0x2d0
[ 2001.331343][T22576]  __se_sys_ioctl+0x47/0x170
[ 2001.331372][T22576]  do_syscall_64+0xfa/0x3b0
[ 2001.331393][T22576]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2001.331412][T22576]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2001.331431][T22576]  ? clear_bhb_loop+0x60/0xb0
[ 2001.331454][T22576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2001.331473][T22576] RIP: 0033:0x7ff257f8e969
[ 2001.331491][T22576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2001.331509][T22576] RSP: 002b:00007ff255dd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2001.331529][T22576] RAX: ffffffffffffffda RBX: 00007ff2581b6160 RCX: 00007ff257f8e969
[ 2001.331544][T22576] RDX: 0000200000000600 RSI: 00000000c0845657 RDI: 000000000000000b
[ 2001.331557][T22576] RBP: 00007ff255dd5090 R08: 0000000000000000 R09: 0000000000000000
[ 2001.331571][T22576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2001.331583][T22576] R13: 0000000000000000 R14: 00007ff2581b6160 R15: 00007ffc796a03c8
[ 2001.331615][T22576]  </TASK>
[ 2001.331726][T22576] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2002.002399][T22583] loop6: detected capacity change from 0 to 524287999
[ 2002.019368][T22583] buffer_io_error: 6 callbacks suppressed
[ 2002.019481][T22583] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2002.035882][T22583] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2002.046913][T22583] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2002.058125][T22583] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2002.066646][T22583] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2002.078378][T22583] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2002.090017][T22583] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2002.098309][T22583] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2002.107226][T22583] ldm_validate_partition_table(): Disk read failed.
[ 2002.117217][T22583] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2002.127267][T22583] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2002.140079][T22583] Dev loop6: unable to read RDB block 0
[ 2002.158695][T22583]  loop6: unable to read partition table
[ 2002.175013][T22583] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[ 2007.045896][T22637] loop6: detected capacity change from 0 to 524287999
[ 2007.060357][T22637] buffer_io_error: 6 callbacks suppressed
[ 2007.060372][T22637] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2007.077377][T22637] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2007.089959][T22637] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2007.103023][T22637] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2007.116075][T22637] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2007.129913][T22637] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2007.146176][T22637] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2007.160203][T22637] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2007.168337][T22637] ldm_validate_partition_table(): Disk read failed.
[ 2007.178213][T22637] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2007.189960][T22637] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2007.209898][T22637] Dev loop6: unable to read RDB block 0
[ 2007.220284][T22637]  loop6: unable to read partition table
[ 2007.235907][T22637] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[ 2007.560870][T22630] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4562'.
[ 2008.522844][T22650] overlayfs: missing 'workdir'
[ 2009.310089][T14894] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[ 2009.317798][T12979] usb 6-1: new high-speed USB device number 123 using dummy_hcd
[ 2009.620060][T12608] usb 2-1: new high-speed USB device number 91 using dummy_hcd
[ 2010.139437][ T8497] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[ 2010.147251][T12979] usb 6-1: Using ep0 maxpacket: 16
[ 2010.167006][T14894] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 2010.181263][T14894] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2010.189594][T12979] usb 6-1: unable to read config index 0 descriptor/start: -61
[ 2010.200280][T12608] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 2010.203585][T12979] usb 6-1: can't read configurations, error -61
[ 2010.209763][T12608] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2010.216685][T14894] usb 3-1: config 0 descriptor??
[ 2010.320028][ T8497] usb 4-1: Using ep0 maxpacket: 32
[ 2010.330155][ T8497] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2010.352486][ T8497] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2010.366961][ T8497] usb 4-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[ 2010.376678][T12979] usb 6-1: new high-speed USB device number 124 using dummy_hcd
[ 2010.391311][ T8497] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2010.408443][ T8497] usb 4-1: config 0 descriptor??
[ 2010.444219][T22663] fuse: Unknown parameter '000000000000000000000040xffffffffffffffff00000000000000000005'
[ 2010.550045][T12979] usb 6-1: Using ep0 maxpacket: 16
[ 2010.570756][T12979] usb 6-1: unable to read config index 0 descriptor/start: -61
[ 2010.583746][T12979] usb 6-1: can't read configurations, error -61
[ 2010.592211][T12979] usb usb6-port1: attempt power cycle
[ 2010.608719][T22665] netlink: 'syz.1.4569': attribute type 3 has an invalid length.
[ 2010.616372][T12608] udl 2-1:18.0: [drm] Unrecognized vendor firmware descriptor
[ 2010.624305][T22665] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4569'.
[ 2010.664806][T22645] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2010.694315][T12608] [drm:udl_init] *ERROR* Selecting channel failed
[ 2010.704913][T22645] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2010.729808][T14894] ath6kl: Failed to submit usb control message: -71
[ 2010.743752][T14894] ath6kl: unable to send the bmi data to the device: -71
[ 2010.754291][T14894] ath6kl: Unable to send get target info: -71
[ 2010.774505][T14894] ath6kl: Failed to init ath6kl core: -71
[ 2010.788300][T14894] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 2010.789246][T12608] [drm] Initialized udl 0.0.1 for 2-1:18.0 on minor 2
[ 2010.826356][T14894] usb 3-1: USB disconnect, device number 40
[ 2010.862788][ T8497] hid-u2fzero 0003:10C4:8ACF.0034: hidraw0: USB HID v0.00 Device [HID 10c4:8acf] on usb-dummy_hcd.3-1/input0
[ 2010.883714][ T8497] hid-u2fzero 0003:10C4:8ACF.0034: U2F Zero LED initialised
[ 2010.892682][T12608] [drm] Initialized udl on minor 2
[ 2010.892800][ T8497] hid-u2fzero 0003:10C4:8ACF.0034: U2F Zero RNG initialised
[ 2010.932419][T12608] udl 2-1:18.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 2010.950065][T12979] usb 6-1: new high-speed USB device number 125 using dummy_hcd
[ 2010.985826][T12608] udl 2-1:18.0: [drm] Cannot find any crtc or sizes
[ 2011.157708][T22673] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4573'.
[ 2011.222005][T12979] usb 6-1: device not accepting address 125, error -71
[ 2011.236955][T12611] udl 2-1:18.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 2011.300797][T12608] usb 2-1: USB disconnect, device number 91
[ 2011.309590][T12611] udl 2-1:18.0: [drm] Cannot find any crtc or sizes
[ 2011.325498][ T8494] usb 4-1: USB disconnect, device number 15
[ 2011.895435][T22678] FAULT_INJECTION: forcing a failure.
[ 2011.895435][T22678] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2011.908998][T22678] CPU: 1 UID: 0 PID: 22678 Comm: syz.2.4575 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2011.909039][T22678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2011.909052][T22678] Call Trace:
[ 2011.909060][T22678]  <TASK>
[ 2011.909069][T22678]  dump_stack_lvl+0x189/0x250
[ 2011.909101][T22678]  ? __pfx____ratelimit+0x10/0x10
[ 2011.909131][T22678]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2011.909159][T22678]  ? __pfx__printk+0x10/0x10
[ 2011.909178][T22678]  ? __might_fault+0xb0/0x130
[ 2011.909218][T22678]  should_fail_ex+0x414/0x560
[ 2011.909244][T22678]  _copy_from_user+0x2d/0xb0
[ 2011.909271][T22678]  ___sys_sendmsg+0x158/0x2a0
[ 2011.909300][T22678]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2011.909362][T22678]  ? __fget_files+0x2a/0x420
[ 2011.909379][T22678]  ? __fget_files+0x3a0/0x420
[ 2011.909408][T22678]  __x64_sys_sendmsg+0x19b/0x260
[ 2011.909447][T22678]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2011.909481][T22678]  ? __pfx_ksys_write+0x10/0x10
[ 2011.909503][T22678]  ? rcu_is_watching+0x15/0xb0
[ 2011.909529][T22678]  ? do_syscall_64+0xbe/0x3b0
[ 2011.909551][T22678]  do_syscall_64+0xfa/0x3b0
[ 2011.909567][T22678]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2011.909584][T22678]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2011.909602][T22678]  ? clear_bhb_loop+0x60/0xb0
[ 2011.909624][T22678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2011.909641][T22678] RIP: 0033:0x7ff257f8e969
[ 2011.909658][T22678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2011.909673][T22678] RSP: 002b:00007ff258d25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2011.909692][T22678] RAX: ffffffffffffffda RBX: 00007ff2581b5fa0 RCX: 00007ff257f8e969
[ 2011.909705][T22678] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[ 2011.909717][T22678] RBP: 00007ff258d25090 R08: 0000000000000000 R09: 0000000000000000
[ 2011.909728][T22678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2011.909739][T22678] R13: 0000000000000000 R14: 00007ff2581b5fa0 R15: 00007ffc796a03c8
[ 2011.909767][T22678]  </TASK>
[ 2012.202931][T22680] overlayfs: missing 'workdir'
[ 2013.116616][T12608] usb 2-1: new high-speed USB device number 92 using dummy_hcd
[ 2013.286255][T12608] usb 2-1: Using ep0 maxpacket: 16
[ 2013.301748][T12608] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2013.328683][T12608] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2013.343692][T12608] usb 2-1: config 0 interface 0 has no altsetting 0
[ 2013.356165][T12608] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 2013.449492][T12608] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2014.160155][T12608] usb 2-1: config 0 descriptor??
[ 2014.340620][T12608] usb 2-1: can't set config #0, error -71
[ 2014.364000][T12608] usb 2-1: USB disconnect, device number 92
[ 2014.912117][T22713] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 2014.962651][T22714] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4586'.
[ 2015.071950][T14894] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[ 2015.525480][T22710] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4585'.
[ 2015.572558][T12979] usb 2-1: new high-speed USB device number 93 using dummy_hcd
[ 2015.676828][T14894] usb 1-1: Using ep0 maxpacket: 16
[ 2015.702405][T14894] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 2015.710356][T14894] usb 1-1: can't read configurations, error -61
[ 2015.740661][T22719] ip6tnl1: entered promiscuous mode
[ 2015.762960][T12979] usb 2-1: config 181 has an invalid descriptor of length 167, skipping remainder of the config
[ 2015.783173][T12979] usb 2-1: config 181 has 0 interfaces, different from the descriptor's value: 30
[ 2015.814185][T12979] usb 2-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[ 2015.823811][T12979] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2015.835666][T12979] usb 2-1: Product: syz
[ 2015.840703][T22722] FAULT_INJECTION: forcing a failure.
[ 2015.840703][T22722] name failslab, interval 1, probability 0, space 0, times 0
[ 2015.854152][T12979] usb 2-1: Manufacturer: syz
[ 2015.863437][T12979] usb 2-1: SerialNumber: syz
[ 2015.877899][T22722] CPU: 0 UID: 0 PID: 22722 Comm: syz.3.4588 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2015.877924][T22722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2015.877935][T22722] Call Trace:
[ 2015.877943][T22722]  <TASK>
[ 2015.877953][T22722]  dump_stack_lvl+0x189/0x250
[ 2015.877983][T22722]  ? __pfx____ratelimit+0x10/0x10
[ 2015.878009][T22722]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2015.878035][T22722]  ? __pfx__printk+0x10/0x10
[ 2015.878057][T22722]  ? __pfx___might_resched+0x10/0x10
[ 2015.878076][T22722]  ? fs_reclaim_acquire+0x7d/0x100
[ 2015.878099][T22722]  should_fail_ex+0x414/0x560
[ 2015.878123][T22722]  should_failslab+0xa8/0x100
[ 2015.878153][T22722]  __kmalloc_noprof+0xcb/0x4f0
[ 2015.878182][T22722]  ? kfree+0x4d/0x440
[ 2015.878204][T22722]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2015.878251][T22722]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2015.878277][T22722]  ? tomoyo_domain+0xda/0x130
[ 2015.878307][T22722]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 2015.878327][T22722]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 2015.878350][T22722]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2015.878388][T22722]  ? __lock_acquire+0xab9/0xd20
[ 2015.878428][T22722]  ? __fget_files+0x2a/0x420
[ 2015.878450][T22722]  ? __fget_files+0x2a/0x420
[ 2015.878466][T22722]  ? __fget_files+0x3a0/0x420
[ 2015.878483][T22722]  ? __fget_files+0x2a/0x420
[ 2015.878505][T22722]  security_file_ioctl+0xcb/0x2d0
[ 2015.878529][T22722]  __se_sys_ioctl+0x47/0x170
[ 2015.878566][T22722]  do_syscall_64+0xfa/0x3b0
[ 2015.878584][T22722]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2015.878602][T22722]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2015.878621][T22722]  ? clear_bhb_loop+0x60/0xb0
[ 2015.878645][T22722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2015.878663][T22722] RIP: 0033:0x7f8b79b8e969
[ 2015.878680][T22722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2015.878697][T22722] RSP: 002b:00007f8b7aa19038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2015.878717][T22722] RAX: ffffffffffffffda RBX: 00007f8b79db5fa0 RCX: 00007f8b79b8e969
[ 2015.878731][T22722] RDX: 0000200000000c40 RSI: 00000000c1105518 RDI: 0000000000000003
[ 2015.878744][T22722] RBP: 00007f8b7aa19090 R08: 0000000000000000 R09: 0000000000000000
[ 2015.878756][T22722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2015.878767][T22722] R13: 0000000000000000 R14: 00007f8b79db5fa0 R15: 00007ffce8a9c318
[ 2015.878798][T22722]  </TASK>
[ 2016.127226][T22722] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2016.155394][T12979] usb 2-1: rejected 1 configuration due to insufficient available bus power
[ 2016.164753][T14894] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[ 2016.182739][T12979] usb 2-1: no configuration chosen from 1 choice
[ 2016.340180][T14894] usb 1-1: Using ep0 maxpacket: 16
[ 2016.349279][T14894] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 2016.358193][T14894] usb 1-1: can't read configurations, error -61
[ 2016.365815][T14894] usb usb1-port1: attempt power cycle
[ 2016.477906][T22733] FAULT_INJECTION: forcing a failure.
[ 2016.477906][T22733] name failslab, interval 1, probability 0, space 0, times 0
[ 2016.491215][T22733] CPU: 1 UID: 0 PID: 22733 Comm: syz.2.4593 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2016.491240][T22733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2016.491249][T22733] Call Trace:
[ 2016.491255][T22733]  <TASK>
[ 2016.491261][T22733]  dump_stack_lvl+0x189/0x250
[ 2016.491284][T22733]  ? __pfx____ratelimit+0x10/0x10
[ 2016.491306][T22733]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2016.491326][T22733]  ? __pfx__printk+0x10/0x10
[ 2016.491343][T22733]  ? __pfx___might_resched+0x10/0x10
[ 2016.491358][T22733]  ? fs_reclaim_acquire+0x7d/0x100
[ 2016.491377][T22733]  should_fail_ex+0x414/0x560
[ 2016.491395][T22733]  should_failslab+0xa8/0x100
[ 2016.491417][T22733]  __kmalloc_noprof+0xcb/0x4f0
[ 2016.491436][T22733]  ? kfree+0x4d/0x440
[ 2016.491464][T22733]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2016.491485][T22733]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2016.491503][T22733]  ? tomoyo_domain+0xda/0x130
[ 2016.491523][T22733]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 2016.491536][T22733]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 2016.491552][T22733]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2016.491576][T22733]  ? __lock_acquire+0xab9/0xd20
[ 2016.491603][T22733]  ? __fget_files+0x2a/0x420
[ 2016.491617][T22733]  ? __fget_files+0x2a/0x420
[ 2016.491628][T22733]  ? __fget_files+0x3a0/0x420
[ 2016.491639][T22733]  ? __fget_files+0x2a/0x420
[ 2016.491654][T22733]  security_file_ioctl+0xcb/0x2d0
[ 2016.491670][T22733]  __se_sys_ioctl+0x47/0x170
[ 2016.491688][T22733]  do_syscall_64+0xfa/0x3b0
[ 2016.491700][T22733]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2016.491712][T22733]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2016.491725][T22733]  ? clear_bhb_loop+0x60/0xb0
[ 2016.491741][T22733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2016.491753][T22733] RIP: 0033:0x7ff257f8e969
[ 2016.491764][T22733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2016.491776][T22733] RSP: 002b:00007ff258d25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2016.491790][T22733] RAX: ffffffffffffffda RBX: 00007ff2581b5fa0 RCX: 00007ff257f8e969
[ 2016.491799][T22733] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[ 2016.491807][T22733] RBP: 00007ff258d25090 R08: 0000000000000000 R09: 0000000000000000
[ 2016.491815][T22733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2016.491823][T22733] R13: 0000000000000000 R14: 00007ff2581b5fa0 R15: 00007ffc796a03c8
[ 2016.491843][T22733]  </TASK>
[ 2016.491970][T22733] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2016.560108][T12979] usb 6-1: new high-speed USB device number 127 using dummy_hcd
[ 2016.955621][T14894] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[ 2017.123369][T14894] usb 1-1: Using ep0 maxpacket: 16
[ 2017.264305][T14894] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 2017.272022][T14894] usb 1-1: can't read configurations, error -61
[ 2017.278368][T12979] usb 6-1: Using ep0 maxpacket: 16
[ 2017.315634][T12979] usb 6-1: config 0 has an invalid interface number: 251 but max is 0
[ 2017.323975][T12979] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2017.359716][T12979] usb 6-1: config 0 has no interface number 0
[ 2017.374471][T22741] IPv6: Can't replace route, no match found
[ 2017.398864][T12979] usb 6-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 2017.544769][T12979] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2017.572710][T22744] FAULT_INJECTION: forcing a failure.
[ 2017.572710][T22744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2017.613105][T12608] usb 2-1: USB disconnect, device number 93
[ 2018.084460][T22747] lo speed is unknown, defaulting to 1000
[ 2018.239982][T12979] usb 6-1: Product: syz
[ 2018.249036][T12979] usb 6-1: Manufacturer: syz
[ 2018.250850][T22744] CPU: 1 UID: 0 PID: 22744 Comm: syz.0.4597 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2018.250878][T22744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2018.250891][T22744] Call Trace:
[ 2018.250899][T22744]  <TASK>
[ 2018.250908][T22744]  dump_stack_lvl+0x189/0x250
[ 2018.250941][T22744]  ? __pfx____ratelimit+0x10/0x10
[ 2018.250973][T22744]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2018.251000][T22744]  ? __pfx__printk+0x10/0x10
[ 2018.251020][T22744]  ? __might_fault+0xb0/0x130
[ 2018.251060][T22744]  should_fail_ex+0x414/0x560
[ 2018.251085][T22744]  _copy_from_user+0x2d/0xb0
[ 2018.251113][T22744]  ___sys_sendmsg+0x158/0x2a0
[ 2018.251142][T22744]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2018.251204][T22744]  ? __fget_files+0x2a/0x420
[ 2018.251221][T22744]  ? __fget_files+0x3a0/0x420
[ 2018.251250][T22744]  __x64_sys_sendmsg+0x19b/0x260
[ 2018.251279][T22744]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2018.251321][T22744]  ? __pfx_ksys_write+0x10/0x10
[ 2018.251345][T22744]  ? rcu_is_watching+0x15/0xb0
[ 2018.251372][T22744]  ? do_syscall_64+0xbe/0x3b0
[ 2018.251395][T22744]  do_syscall_64+0xfa/0x3b0
[ 2018.251413][T22744]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2018.251431][T22744]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2018.251450][T22744]  ? clear_bhb_loop+0x60/0xb0
[ 2018.251472][T22744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2018.251491][T22744] RIP: 0033:0x7fb149d8e969
[ 2018.251508][T22744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2018.251525][T22744] RSP: 002b:00007fb14ab60038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2018.251545][T22744] RAX: ffffffffffffffda RBX: 00007fb149fb5fa0 RCX: 00007fb149d8e969
[ 2018.251559][T22744] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003
[ 2018.251571][T22744] RBP: 00007fb14ab60090 R08: 0000000000000000 R09: 0000000000000000
[ 2018.251584][T22744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2018.251595][T22744] R13: 0000000000000000 R14: 00007fb149fb5fa0 R15: 00007ffdc63f4f18
[ 2018.251625][T22744]  </TASK>
[ 2018.380148][T12611] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[ 2018.387482][T12979] usb 6-1: SerialNumber: syz
[ 2018.589988][T12611] usb 4-1: Using ep0 maxpacket: 16
[ 2018.597816][T12611] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2018.613609][T12611] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2018.626470][T12611] usb 4-1: config 0 interface 0 has no altsetting 0
[ 2018.637490][T12611] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 2018.646897][T12611] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2018.663263][T12611] usb 4-1: config 0 descriptor??
[ 2019.285369][T12611] usb 4-1: USB disconnect, device number 16
[ 2019.457021][T12979] usb 6-1: config 0 descriptor??
[ 2019.492776][T12979] usb 6-1: can't set config #0, error -71
[ 2019.501099][T12979] usb 6-1: USB disconnect, device number 127
[ 2019.717624][T22760] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4602'.
[ 2019.728405][T14894] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[ 2019.769603][T14894] usb 1-1: Using ep0 maxpacket: 8
[ 2019.787449][T14894] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 2019.821306][T14894] usb 1-1: config 7 has an invalid interface number: 67 but max is 0
[ 2019.858547][T14894] usb 1-1: config 7 has no interface number 0
[ 2019.942521][T14894] usb 1-1: string descriptor 0 read error: -22
[ 2020.583311][T14894] usb 1-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=6b.16
[ 2020.676026][T14894] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2020.741255][T22775] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 2021.027781][T12611] usb 1-1: USB disconnect, device number 37
[ 2022.131300][T14894] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[ 2022.196674][    C0] raw-gadget.0 gadget.3: ignoring, device is not running
[ 2022.329976][T14894] usb 4-1: device descriptor read/64, error -32
[ 2022.612178][T14894] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[ 2022.980636][T14894] usb 4-1: Using ep0 maxpacket: 16
[ 2023.044946][T14894] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 2023.058376][T14894] usb 4-1: can't read configurations, error -61
[ 2023.068074][T14894] usb usb4-port1: attempt power cycle
[ 2023.369248][T22798] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4613'.
[ 2023.588270][T22806] xt_time: invalid argument - start or stop time greater than 23:59:59
[ 2023.629955][T14894] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[ 2024.181108][T14894] usb 4-1: Using ep0 maxpacket: 16
[ 2024.192151][T14894] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 2024.202944][T14894] usb 4-1: can't read configurations, error -61
[ 2024.448273][T14894] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[ 2024.947466][T22815] overlayfs: missing 'workdir'
[ 2025.537024][T22817] bridge4: entered promiscuous mode
[ 2025.542561][T22817] bridge4: entered allmulticast mode
[ 2025.867107][T22818] overlayfs: missing 'workdir'
[ 2025.958309][T14894] usb 4-1: device descriptor read/8, error -71
[ 2026.615452][T14894] usb usb4-port1: unable to enumerate USB device
[ 2027.085123][T22824] overlayfs: missing 'workdir'
[ 2027.229205][T22813] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4618'.
[ 2027.520354][T22813] macsec1: entered promiscuous mode
[ 2027.544118][T22813] syz_tun: entered promiscuous mode
[ 2027.566993][T22813] macsec1: entered allmulticast mode
[ 2027.667734][T22813] syz_tun: entered allmulticast mode
[ 2029.031034][T22842] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4620'.
[ 2029.128767][T22813] syz_tun: left allmulticast mode
[ 2029.199421][T22813] syz_tun: left promiscuous mode
[ 2029.576519][T22847] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4624'.
[ 2030.045251][T22863] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 2030.162479][T21829] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2030.180438][T21829] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2030.195301][T21829] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2030.204980][T21829] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2030.213725][T21829] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2030.379162][T22865] lo speed is unknown, defaulting to 1000
[ 2030.658768][ T1014] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2030.680463][ T8494] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[ 2030.774411][T22862] FAULT_INJECTION: forcing a failure.
[ 2030.774411][T22862] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2030.787837][T22862] CPU: 1 UID: 0 PID: 22862 Comm: syz.3.4628 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2030.787856][T22862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2030.787865][T22862] Call Trace:
[ 2030.787871][T22862]  <TASK>
[ 2030.787878][T22862]  dump_stack_lvl+0x189/0x250
[ 2030.787902][T22862]  ? __pfx____ratelimit+0x10/0x10
[ 2030.787924][T22862]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2030.787943][T22862]  ? __pfx__printk+0x10/0x10
[ 2030.787957][T22862]  ? __might_fault+0xb0/0x130
[ 2030.787986][T22862]  should_fail_ex+0x414/0x560
[ 2030.788004][T22862]  _copy_from_user+0x2d/0xb0
[ 2030.788024][T22862]  __sys_sendto+0x25c/0x520
[ 2030.788043][T22862]  ? __pfx___sys_sendto+0x10/0x10
[ 2030.788058][T22862]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 2030.788082][T22862]  ? __fget_files+0x3a0/0x420
[ 2030.788102][T22862]  ? ksys_write+0x22a/0x250
[ 2030.788123][T22862]  ? __pfx_ksys_write+0x10/0x10
[ 2030.788140][T22862]  ? rcu_is_watching+0x15/0xb0
[ 2030.788159][T22862]  __x64_sys_sendto+0xde/0x100
[ 2030.788178][T22862]  do_syscall_64+0xfa/0x3b0
[ 2030.788192][T22862]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2030.788204][T22862]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2030.788218][T22862]  ? clear_bhb_loop+0x60/0xb0
[ 2030.788234][T22862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2030.788247][T22862] RIP: 0033:0x7f8b79b8e969
[ 2030.788259][T22862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2030.788271][T22862] RSP: 002b:00007f8b7aa19038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 2030.788285][T22862] RAX: ffffffffffffffda RBX: 00007f8b79db5fa0 RCX: 00007f8b79b8e969
[ 2030.788294][T22862] RDX: 000000000000ff04 RSI: 0000200000000140 RDI: 0000000000000003
[ 2030.788303][T22862] RBP: 00007f8b7aa19090 R08: 0000200000000100 R09: 0000000000000010
[ 2030.788312][T22862] R10: 0000000004000815 R11: 0000000000000246 R12: 0000000000000001
[ 2030.788321][T22862] R13: 0000000000000000 R14: 00007f8b79db5fa0 R15: 00007ffce8a9c318
[ 2030.788342][T22862]  </TASK>
[ 2031.061780][ T1014] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2031.232549][ T8494] usb 3-1: Using ep0 maxpacket: 16
[ 2031.241726][ T8494] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 2031.249616][ T8494] usb 3-1: can't read configurations, error -61
[ 2031.384842][ T1014] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2031.400116][ T8494] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[ 2031.522840][ T1014] netdevsim netdevsim5  (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2031.580487][ T8494] usb 3-1: Using ep0 maxpacket: 16
[ 2031.598314][ T8494] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 2031.629937][ T8494] usb 3-1: can't read configurations, error -61
[ 2031.647022][ T8494] usb usb3-port1: attempt power cycle
[ 2032.131080][ T8494] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[ 2032.191763][ T8494] usb 3-1: Using ep0 maxpacket: 16
[ 2032.199989][ T8494] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 2032.207808][ T8494] usb 3-1: can't read configurations, error -61
[ 2032.310077][T21829] Bluetooth: hci3: command tx timeout
[ 2032.378019][T22865] chnl_net:caif_netlink_parms(): no params data found
[ 2032.430097][ T8494] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[ 2032.450485][ T8494] usb 3-1: Using ep0 maxpacket: 16
[ 2032.470592][ T8494] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 2032.478241][ T8494] usb 3-1: can't read configurations, error -61
[ 2032.485318][ T8494] usb usb3-port1: unable to enumerate USB device
[ 2032.744382][ T1014] bridge_slave_1: left allmulticast mode
[ 2032.752226][ T1014] bridge_slave_1: left promiscuous mode
[ 2032.759598][ T1014] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2032.778248][ T1014] bridge_slave_0: left allmulticast mode
[ 2032.785413][ T1014] bridge_slave_0: left promiscuous mode
[ 2032.800115][ T1014] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2033.528112][T22892] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 2034.377612][T21829] Bluetooth: hci3: command tx timeout
[ 2036.060975][ T1014] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2036.111960][ T1014] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2036.137538][ T1014] bond0 (unregistering): Released all slaves
[ 2036.151346][T22906] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4637'.
[ 2036.375649][T22865] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2036.420622][T22865] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2036.427980][T22865] bridge_slave_0: entered allmulticast mode
[ 2036.440000][T21829] Bluetooth: hci3: command tx timeout
[ 2036.457901][T22865] bridge_slave_0: entered promiscuous mode
[ 2036.467547][ T1014] tipc: Left network mode
[ 2036.477865][T22865] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2036.486570][T22865] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2036.501435][T22865] bridge_slave_1: entered allmulticast mode
[ 2036.589877][T22865] bridge_slave_1: entered promiscuous mode
[ 2036.615319][ T1014] IPVS: stopping master sync thread 19501 ...
[ 2036.663919][T22910] TCP: out of memory -- consider tuning tcp_mem
[ 2037.582755][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 2037.589126][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 2037.949208][T22922] binder: BINDER_SET_CONTEXT_MGR already set
[ 2037.974965][T22922] binder: 22921:22922 ioctl 4018620d 200000000040 returned -16
[ 2038.009256][T22925] binder: 22921:22925 ioctl c0306201 2000000002c0 returned -22
[ 2038.520154][T21829] Bluetooth: hci3: command tx timeout
[ 2038.521936][T22865] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2038.990246][T22865] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2039.185748][T22937] loop6: detected capacity change from 0 to 524287999
[ 2039.201185][T22937] buffer_io_error: 6 callbacks suppressed
[ 2039.201221][T22937] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2039.216401][T22937] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2039.225759][T22937] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2039.234652][T22937] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2039.249886][T22937] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2039.263970][T22937] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2039.275786][T22937] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2039.285415][T22937] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2039.298568][T22937] ldm_validate_partition_table(): Disk read failed.
[ 2039.309250][T22937] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2039.318462][T22937] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2039.340032][T22937] Dev loop6: unable to read RDB block 0
[ 2039.427285][T22937]  loop6: unable to read partition table
[ 2039.460069][T22937] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[ 2039.554335][T22938] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4644'.
[ 2039.773958][T22865] team0: Port device team_slave_0 added
[ 2039.782790][T22865] team0: Port device team_slave_1 added
[ 2039.845902][ T1014] hsr_slave_0: left promiscuous mode
[ 2039.869595][T22941] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 2039.888998][ T1014] hsr_slave_1: left promiscuous mode
[ 2039.899226][ T1014] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2039.909799][ T1014] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2039.920269][T22943] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4647'.
[ 2040.028295][ T1014] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2040.043196][ T1014] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2040.088332][ T1014] veth1_macvtap: left promiscuous mode
[ 2040.104407][ T1014] veth0_macvtap: left promiscuous mode
[ 2040.122162][ T1014] veth1_vlan: left promiscuous mode
[ 2040.128207][ T1014] veth0_vlan: left promiscuous mode
[ 2040.350463][T17890] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[ 2040.511731][T17890] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 2040.522782][T17890] usb 1-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[ 2040.532483][T17890] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2040.558085][T17890] gspca_main: stv0680-2.14.0 probing 041e:4007
[ 2040.937563][ T1014] team0 (unregistering): Port device team_slave_1 removed
[ 2041.015044][ T1014] team0 (unregistering): Port device C removed
[ 2041.640620][T17890] stv0680 1-1:4.0: STV(e): camera ping failed!!
[ 2041.651229][T17890] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -32
[ 2041.768250][T17890] stv0680 1-1:4.0: last error: 0,  command = 0x0
[ 2045.072507][T18860] usb 1-1: USB disconnect, device number 38
[ 2045.331003][T22976] binder: 22975:22976 ioctl 4018620d 0 returned -22
[ 2045.344370][T22976] binder: BINDER_SET_CONTEXT_MGR already set
[ 2045.350773][T22976] binder: 22975:22976 ioctl 4018620d 200000000040 returned -16
[ 2045.358727][T22976] binder: 22975:22976 ioctl c0306201 2000000002c0 returned -22
[ 2047.342076][T22865] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2047.349099][T22865] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2047.392177][T22865] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2047.454220][T22865] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2047.462024][T22865] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2047.467380][T22986] FAULT_INJECTION: forcing a failure.
[ 2047.467380][T22986] name failslab, interval 1, probability 0, space 0, times 0
[ 2047.489143][T22865] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2047.507809][T22986] CPU: 0 UID: 0 PID: 22986 Comm: syz.2.4657 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2047.507839][T22986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2047.507851][T22986] Call Trace:
[ 2047.507860][T22986]  <TASK>
[ 2047.507869][T22986]  dump_stack_lvl+0x189/0x250
[ 2047.507904][T22986]  ? __pfx____ratelimit+0x10/0x10
[ 2047.507944][T22986]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2047.507973][T22986]  ? __pfx__printk+0x10/0x10
[ 2047.507999][T22986]  ? __pfx___might_resched+0x10/0x10
[ 2047.508025][T22986]  ? fs_reclaim_acquire+0x7d/0x100
[ 2047.508053][T22986]  should_fail_ex+0x414/0x560
[ 2047.508081][T22986]  should_failslab+0xa8/0x100
[ 2047.508114][T22986]  __kmalloc_noprof+0xcb/0x4f0
[ 2047.508142][T22986]  ? kfree+0x4d/0x440
[ 2047.508167][T22986]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2047.508203][T22986]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2047.508232][T22986]  ? tomoyo_domain+0xda/0x130
[ 2047.508272][T22986]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 2047.508294][T22986]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 2047.508318][T22986]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2047.508359][T22986]  ? __lock_acquire+0xab9/0xd20
[ 2047.508402][T22986]  ? __fget_files+0x2a/0x420
[ 2047.508426][T22986]  ? __fget_files+0x2a/0x420
[ 2047.508444][T22986]  ? __fget_files+0x3a0/0x420
[ 2047.508462][T22986]  ? __fget_files+0x2a/0x420
[ 2047.508486][T22986]  security_file_ioctl+0xcb/0x2d0
[ 2047.508512][T22986]  __se_sys_ioctl+0x47/0x170
[ 2047.508562][T22986]  do_syscall_64+0xfa/0x3b0
[ 2047.508583][T22986]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2047.508602][T22986]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2047.508623][T22986]  ? clear_bhb_loop+0x60/0xb0
[ 2047.508647][T22986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2047.508667][T22986] RIP: 0033:0x7ff257f8e969
[ 2047.508686][T22986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2047.508703][T22986] RSP: 002b:00007ff255df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2047.508725][T22986] RAX: ffffffffffffffda RBX: 00007ff2581b6080 RCX: 00007ff257f8e969
[ 2047.508740][T22986] RDX: 0000200000000140 RSI: 0000000000005423 RDI: 0000000000000004
[ 2047.508753][T22986] RBP: 00007ff255df6090 R08: 0000000000000000 R09: 0000000000000000
[ 2047.508766][T22986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2047.508779][T22986] R13: 0000000000000000 R14: 00007ff2581b6080 R15: 00007ffc796a03c8
[ 2047.508810][T22986]  </TASK>
[ 2047.508852][T22986] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2048.212500][T22990] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 2048.452769][T22865] hsr_slave_0: entered promiscuous mode
[ 2048.485700][T22865] hsr_slave_1: entered promiscuous mode
[ 2048.533918][T22865] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2048.547614][T22865] Cannot create hsr debugfs directory
[ 2048.871011][T22995] overlayfs: missing 'workdir'
[ 2049.608655][T22996] bridge1: entered promiscuous mode
[ 2049.614085][T22996] bridge1: entered allmulticast mode
[ 2051.599387][T23012] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4664'.
[ 2051.710070][T18860] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[ 2051.879910][T18860] usb 3-1: Using ep0 maxpacket: 16
[ 2051.910923][T18860] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 2051.935183][T18860] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[ 2051.950588][T18860] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2051.992123][T18860] usb 3-1: Product: syz
[ 2051.997056][T18860] usb 3-1: Manufacturer: syz
[ 2052.019920][T18860] usb 3-1: SerialNumber: syz
[ 2052.036952][T18860] usb 3-1: config 0 descriptor??
[ 2052.054823][T18860] hub 3-1:0.0: bad descriptor, ignoring hub
[ 2052.089989][T18860] hub 3-1:0.0: probe with driver hub failed with error -5
[ 2052.112056][T18860] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input171
[ 2052.555362][T23022] FAULT_INJECTION: forcing a failure.
[ 2052.555362][T23022] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2052.569229][T23022] CPU: 1 UID: 0 PID: 23022 Comm: syz.1.4666 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2052.569258][T23022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2052.569271][T23022] Call Trace:
[ 2052.569280][T23022]  <TASK>
[ 2052.569290][T23022]  dump_stack_lvl+0x189/0x250
[ 2052.569326][T23022]  ? __pfx____ratelimit+0x10/0x10
[ 2052.569358][T23022]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2052.569388][T23022]  ? __pfx__printk+0x10/0x10
[ 2052.569410][T23022]  ? __might_fault+0xb0/0x130
[ 2052.569453][T23022]  should_fail_ex+0x414/0x560
[ 2052.569487][T23022]  _copy_from_user+0x2d/0xb0
[ 2052.569517][T23022]  __sys_bpf+0x1ed/0x860
[ 2052.569541][T23022]  ? __pfx___sys_bpf+0x10/0x10
[ 2052.569594][T23022]  __x64_sys_bpf+0x7c/0x90
[ 2052.569625][T23022]  do_syscall_64+0xfa/0x3b0
[ 2052.569647][T23022]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2052.569667][T23022]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2052.569687][T23022]  ? clear_bhb_loop+0x60/0xb0
[ 2052.569712][T23022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2052.569732][T23022] RIP: 0033:0x7ff689b8e969
[ 2052.569750][T23022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2052.569769][T23022] RSP: 002b:00007ff68aa1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2052.569791][T23022] RAX: ffffffffffffffda RBX: 00007ff689db6080 RCX: 00007ff689b8e969
[ 2052.569806][T23022] RDX: 0000000000000020 RSI: 0000200000000480 RDI: 0000000000000004
[ 2052.569823][T23022] RBP: 00007ff68aa1a090 R08: 0000000000000000 R09: 0000000000000000
[ 2052.569835][T23022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2052.569847][T23022] R13: 0000000000000000 R14: 00007ff689db6080 R15: 00007ffcafc37f48
[ 2052.569879][T23022]  </TASK>
[ 2052.808457][T18860] input: failed to attach handler mousedev to device input171, error: -5
[ 2052.843978][T22865] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2052.862359][T22865] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2052.874213][T22865] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2052.889143][T22865] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2054.483440][T23033] binder: BINDER_SET_CONTEXT_MGR already set
[ 2054.493263][T23033] binder: 23032:23033 ioctl 4018620d 200000000040 returned -16
[ 2054.532910][T23033] binder: 23032:23033 ioctl c0306201 2000000002c0 returned -22
[ 2055.784997][T23035] usb usb9: usbfs: process 23035 (syz.3.4670) did not claim interface 0 before use
[ 2055.947922][T12979] usb 3-1: USB disconnect, device number 45
[ 2056.076641][T23041] overlayfs: missing 'workdir'
[ 2056.202278][T23042] bridge5: entered promiscuous mode
[ 2056.207841][T23042] bridge5: entered allmulticast mode
[ 2056.817471][T22865] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2056.842054][T22865] 8021q: adding VLAN 0 to HW filter on device team0
[ 2056.896599][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2056.903795][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2056.933160][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2056.940366][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2057.879316][T23050] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4674'.
[ 2057.976978][ T5959] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[ 2058.050211][T23054] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4676'.
[ 2058.175231][ T5959] usb 4-1: Using ep0 maxpacket: 32
[ 2058.192023][ T5959] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2058.243196][ T5959] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2059.079356][ T5959] usb 4-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[ 2059.090767][T23063] loop6: detected capacity change from 0 to 524287999
[ 2059.098485][T23063] buffer_io_error: 6 callbacks suppressed
[ 2059.098509][T23063] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2059.112965][T23063] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2059.121367][T23063] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2059.129669][T23063] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2059.137936][T23063] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2059.147204][T23063] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2059.156526][T23063] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2059.168660][T23063] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2059.179947][T23063] ldm_validate_partition_table(): Disk read failed.
[ 2059.186693][T23063] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2059.194790][T23063] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2059.203361][T23063] Dev loop6: unable to read RDB block 0
[ 2059.211270][T23063]  loop6: unable to read partition table
[ 2059.217926][T23063] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[ 2059.755914][ T5959] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2059.961082][ T5959] usb 4-1: config 0 descriptor??
[ 2060.025375][T14894] libceph: connect (1)[c::]:6789 error -101
[ 2060.037664][ T5959] usb 4-1: can't set config #0, error -71
[ 2060.053710][T14894] libceph: mon0 (1)[c::]:6789 connect error
[ 2060.090950][T23064] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4677'.
[ 2060.112604][ T5959] usb 4-1: USB disconnect, device number 21
[ 2061.715432][T14894] libceph: connect (1)[c::]:6789 error -101
[ 2061.724269][T22865] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2061.747356][T14894] libceph: mon0 (1)[c::]:6789 connect error
[ 2061.867178][T23057] ceph: No mds server is up or the cluster is laggy
[ 2062.354148][ T5959] libceph: connect (1)[c::]:6789 error -101
[ 2062.360830][ T5959] libceph: mon0 (1)[c::]:6789 connect error
[ 2062.452366][T17890] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[ 2063.350168][T17890] usb 3-1: Using ep0 maxpacket: 16
[ 2063.361227][T17890] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 2063.379643][T17890] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[ 2063.389244][T17890] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2063.401752][T17890] usb 3-1: Product: syz
[ 2063.405936][T17890] usb 3-1: Manufacturer: syz
[ 2063.412348][T17890] usb 3-1: SerialNumber: syz
[ 2063.460952][T22865] veth0_vlan: entered promiscuous mode
[ 2063.461745][T17890] usb 3-1: config 0 descriptor??
[ 2063.500859][T22865] veth1_vlan: entered promiscuous mode
[ 2063.527905][T22865] veth0_macvtap: entered promiscuous mode
[ 2063.538413][T22865] veth1_macvtap: entered promiscuous mode
[ 2063.585962][T17890] hub 3-1:0.0: bad descriptor, ignoring hub
[ 2063.608901][T17890] hub 3-1:0.0: probe with driver hub failed with error -5
[ 2063.613905][T22865] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2063.835841][T22865] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2063.848651][T17890] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input172
[ 2063.871692][T22865] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2063.941660][T22865] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2064.171647][T22865] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2064.200239][T22865] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2064.262857][T17890] input: failed to attach handler mousedev to device input172, error: -5
[ 2064.447614][ T1014] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2064.474738][ T1014] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2064.573516][ T8494] usb 3-1: USB disconnect, device number 46
[ 2065.093158][T20447] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2065.109881][T20447] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2065.111017][T23115] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4686'.
[ 2065.162583][   T30] audit: type=1326 audit(1748731927.591:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23118 comm="syz.1.4687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689b8e969 code=0x7ffc0000
[ 2065.256844][   T30] audit: type=1326 audit(1748731927.591:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23118 comm="syz.1.4687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689b8e969 code=0x7ffc0000
[ 2065.319052][T23124] binder: BINDER_SET_CONTEXT_MGR already set
[ 2065.325335][T23124] binder: 23121:23124 ioctl 4018620d 200000000040 returned -16
[ 2065.339592][T23124] binder: BINDER_SET_CONTEXT_MGR already set
[ 2065.345657][T23124] binder: 23121:23124 ioctl 4018620d 200000000040 returned -16
[ 2065.369198][   T30] audit: type=1326 audit(1748731927.621:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23118 comm="syz.1.4687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7ff689b8e969 code=0x7ffc0000
[ 2065.429869][   T30] audit: type=1326 audit(1748731927.651:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23118 comm="syz.1.4687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff689b8e9a3 code=0x7ffc0000
[ 2065.613864][   T30] audit: type=1326 audit(1748731927.651:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23118 comm="syz.1.4687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff689b8e9a3 code=0x7ffc0000
[ 2065.637389][   T30] audit: type=1326 audit(1748731927.651:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23118 comm="syz.1.4687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689b8e969 code=0x7ffc0000
[ 2065.659675][   T30] audit: type=1326 audit(1748731927.671:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23118 comm="syz.1.4687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff689b8e969 code=0x7ffc0000
[ 2066.068863][T23132] netlink: 'syz.5.4622': attribute type 10 has an invalid length.
[ 2066.106833][T23132] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2066.134288][T23132] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 2066.563591][T23133] bridge2: entered promiscuous mode
[ 2066.569244][T23133] bridge2: entered allmulticast mode
[ 2067.461347][   T30] audit: type=1326 audit(1748731927.671:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23118 comm="syz.1.4687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689b8e969 code=0x7ffc0000
[ 2069.021001][T23137] overlayfs: missing 'workdir'
[ 2069.498199][T23140] bridge3: entered promiscuous mode
[ 2069.503781][T23140] bridge3: entered allmulticast mode
[ 2069.578127][   T30] audit: type=1326 audit(1748731927.671:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23118 comm="syz.1.4687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689b8e969 code=0x7ffc0000
[ 2069.616394][   T30] audit: type=1326 audit(1748731927.671:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23118 comm="syz.1.4687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff689b90887 code=0x7ffc0000
[ 2070.463056][T23152] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4692'.
[ 2072.404016][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 2072.404036][   T30] audit: type=1326 audit(1748731934.842:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23158 comm="syz.1.4696" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff689b8e969 code=0x0
[ 2072.432726][T23170] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4700'.
[ 2074.328282][T23191] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4707'.
[ 2074.412608][T23191] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4707'.
[ 2074.426028][T23191] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4707'.
[ 2074.446013][T23193] binder: 23192:23193 ioctl c0306201 0 returned -14
[ 2074.474826][T23193] binder: BINDER_SET_CONTEXT_MGR already set
[ 2074.493639][T23193] binder: 23192:23193 ioctl 4018620d 200000000040 returned -16
[ 2074.542930][T23199] FAULT_INJECTION: forcing a failure.
[ 2074.542930][T23199] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2074.556645][T23199] CPU: 1 UID: 0 PID: 23199 Comm: syz.0.4709 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2074.556671][T23199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2074.556683][T23199] Call Trace:
[ 2074.556691][T23199]  <TASK>
[ 2074.556699][T23199]  dump_stack_lvl+0x189/0x250
[ 2074.556731][T23199]  ? __pfx____ratelimit+0x10/0x10
[ 2074.556781][T23199]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2074.556811][T23199]  ? __pfx__printk+0x10/0x10
[ 2074.556843][T23199]  ? __might_fault+0xb0/0x130
[ 2074.556883][T23199]  should_fail_ex+0x414/0x560
[ 2074.556908][T23199]  _copy_from_user+0x2d/0xb0
[ 2074.556935][T23199]  ___sys_sendmsg+0x158/0x2a0
[ 2074.556963][T23199]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2074.557025][T23199]  ? __fget_files+0x2a/0x420
[ 2074.557042][T23199]  ? __fget_files+0x3a0/0x420
[ 2074.557070][T23199]  __x64_sys_sendmsg+0x19b/0x260
[ 2074.557098][T23199]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2074.557134][T23199]  ? __pfx_ksys_write+0x10/0x10
[ 2074.557165][T23199]  ? do_syscall_64+0xbe/0x3b0
[ 2074.557196][T23199]  do_syscall_64+0xfa/0x3b0
[ 2074.557213][T23199]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2074.557231][T23199]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2074.557250][T23199]  ? clear_bhb_loop+0x60/0xb0
[ 2074.557273][T23199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2074.557291][T23199] RIP: 0033:0x7fb149d8e969
[ 2074.557308][T23199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2074.557325][T23199] RSP: 002b:00007fb14ab3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2074.557345][T23199] RAX: ffffffffffffffda RBX: 00007fb149fb6080 RCX: 00007fb149d8e969
[ 2074.557359][T23199] RDX: 000000000000c010 RSI: 0000200000000040 RDI: 0000000000000007
[ 2074.557371][T23199] RBP: 00007fb14ab3f090 R08: 0000000000000000 R09: 0000000000000000
[ 2074.557383][T23199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2074.557395][T23199] R13: 0000000000000000 R14: 00007fb149fb6080 R15: 00007ffdc63f4f18
[ 2074.557425][T23199]  </TASK>
[ 2074.950510][T12611] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[ 2075.378377][T12611] usb 3-1: Using ep0 maxpacket: 8
[ 2075.385967][T12611] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 2075.430484][T12611] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 2075.465890][T12611] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 2075.541619][T23208] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4713'.
[ 2075.660664][T12611] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2075.952574][T12611] usb 3-1: USB disconnect, device number 47
[ 2077.224497][T23230] binder: 23229:23230 ioctl c0306201 0 returned -14
[ 2077.263100][T23230] binder: BINDER_SET_CONTEXT_MGR already set
[ 2077.269496][T23230] binder: 23229:23230 ioctl 4018620d 200000000040 returned -16
[ 2077.278662][T23230] binder: 23229:23230 ioctl c0306201 2000000002c0 returned -22
[ 2077.691869][T23233] usb usb9: usbfs: process 23233 (syz.1.4722) did not claim interface 0 before use
[ 2077.993733][T23237] FAULT_INJECTION: forcing a failure.
[ 2077.993733][T23237] name failslab, interval 1, probability 0, space 0, times 0
[ 2078.007413][T23237] CPU: 0 UID: 0 PID: 23237 Comm: syz.2.4723 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2078.007441][T23237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2078.007453][T23237] Call Trace:
[ 2078.007461][T23237]  <TASK>
[ 2078.007469][T23237]  dump_stack_lvl+0x189/0x250
[ 2078.007501][T23237]  ? __pfx____ratelimit+0x10/0x10
[ 2078.007530][T23237]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2078.007556][T23237]  ? __pfx__printk+0x10/0x10
[ 2078.007580][T23237]  ? __pfx___might_resched+0x10/0x10
[ 2078.007601][T23237]  ? fs_reclaim_acquire+0x7d/0x100
[ 2078.007626][T23237]  should_fail_ex+0x414/0x560
[ 2078.007651][T23237]  should_failslab+0xa8/0x100
[ 2078.007680][T23237]  __kmalloc_noprof+0xcb/0x4f0
[ 2078.007705][T23237]  ? kfree+0x4d/0x440
[ 2078.007726][T23237]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2078.007755][T23237]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2078.007780][T23237]  ? tomoyo_domain+0xda/0x130
[ 2078.007809][T23237]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 2078.007836][T23237]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 2078.007862][T23237]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2078.007884][T23237]  ? __pfx___schedule+0x10/0x10
[ 2078.007920][T23237]  ? __lock_acquire+0xab9/0xd20
[ 2078.007958][T23237]  ? __fget_files+0x2a/0x420
[ 2078.007978][T23237]  ? __fget_files+0x2a/0x420
[ 2078.007994][T23237]  ? __fget_files+0x3a0/0x420
[ 2078.008010][T23237]  ? __fget_files+0x2a/0x420
[ 2078.008031][T23237]  security_file_ioctl+0xcb/0x2d0
[ 2078.008054][T23237]  __se_sys_ioctl+0x47/0x170
[ 2078.008080][T23237]  do_syscall_64+0xfa/0x3b0
[ 2078.008100][T23237]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2078.008116][T23237]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2078.008133][T23237]  ? clear_bhb_loop+0x60/0xb0
[ 2078.008156][T23237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2078.008174][T23237] RIP: 0033:0x7ff257f8e969
[ 2078.008190][T23237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2078.008222][T23237] RSP: 002b:00007ff255df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2078.008242][T23237] RAX: ffffffffffffffda RBX: 00007ff2581b6080 RCX: 00007ff257f8e969
[ 2078.008256][T23237] RDX: 0000200000000180 RSI: 0000000000005412 RDI: 0000000000000005
[ 2078.008269][T23237] RBP: 00007ff255df6090 R08: 0000000000000000 R09: 0000000000000000
[ 2078.008281][T23237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2078.008293][T23237] R13: 0000000000000000 R14: 00007ff2581b6080 R15: 00007ffc796a03c8
[ 2078.008323][T23237]  </TASK>
[ 2078.117961][T12611] usb 2-1: new high-speed USB device number 94 using dummy_hcd
[ 2078.268178][T23237] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2078.893945][T12611] usb 2-1: Using ep0 maxpacket: 32
[ 2078.902380][T12611] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[ 2078.912888][T12611] usb 2-1: config 0 has no interface number 0
[ 2078.934941][T12611] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 2078.950580][T12611] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2078.959241][T12611] usb 2-1: Product: syz
[ 2078.964867][T12611] usb 2-1: Manufacturer: syz
[ 2078.974180][T12611] usb 2-1: SerialNumber: syz
[ 2079.070278][T12611] usb 2-1: config 0 descriptor??
[ 2079.106968][T12611] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 2079.319215][T12611] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 2079.372699][T12611] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 2079.527924][T23245] usb usb9: usbfs: process 23245 (syz.3.4726) did not claim interface 0 before use
[ 2081.152465][    C1] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 2081.153030][ T5959] usb 2-1: USB disconnect, device number 94
[ 2081.242825][ T5959] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 2081.296579][ T5959] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 2082.168708][ T5959] quatech2 2-1:0.51: device disconnected
[ 2086.566968][T23288] FAULT_INJECTION: forcing a failure.
[ 2086.566968][T23288] name failslab, interval 1, probability 0, space 0, times 0
[ 2086.579909][T23288] CPU: 0 UID: 0 PID: 23288 Comm: syz.3.4736 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2086.579943][T23288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2086.579966][T23288] Call Trace:
[ 2086.579975][T23288]  <TASK>
[ 2086.579983][T23288]  dump_stack_lvl+0x189/0x250
[ 2086.580032][T23288]  ? __pfx____ratelimit+0x10/0x10
[ 2086.580063][T23288]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2086.580091][T23288]  ? __pfx__printk+0x10/0x10
[ 2086.580116][T23288]  ? __pfx___might_resched+0x10/0x10
[ 2086.580138][T23288]  ? fs_reclaim_acquire+0x7d/0x100
[ 2086.580165][T23288]  should_fail_ex+0x414/0x560
[ 2086.580191][T23288]  should_failslab+0xa8/0x100
[ 2086.580222][T23288]  __kmalloc_noprof+0xcb/0x4f0
[ 2086.580249][T23288]  ? kfree+0x4d/0x440
[ 2086.580272][T23288]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2086.580303][T23288]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2086.580329][T23288]  ? tomoyo_domain+0xda/0x130
[ 2086.580360][T23288]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 2086.580381][T23288]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 2086.580404][T23288]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2086.580441][T23288]  ? __lock_acquire+0xab9/0xd20
[ 2086.580482][T23288]  ? __fget_files+0x2a/0x420
[ 2086.580504][T23288]  ? __fget_files+0x2a/0x420
[ 2086.580521][T23288]  ? __fget_files+0x3a0/0x420
[ 2086.580538][T23288]  ? __fget_files+0x2a/0x420
[ 2086.580560][T23288]  security_file_ioctl+0xcb/0x2d0
[ 2086.580584][T23288]  __se_sys_ioctl+0x47/0x170
[ 2086.580612][T23288]  do_syscall_64+0xfa/0x3b0
[ 2086.580632][T23288]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2086.580651][T23288]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2086.580669][T23288]  ? clear_bhb_loop+0x60/0xb0
[ 2086.580692][T23288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2086.580711][T23288] RIP: 0033:0x7f8b79b8e969
[ 2086.580729][T23288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2086.580746][T23288] RSP: 002b:00007f8b7a9d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2086.580766][T23288] RAX: ffffffffffffffda RBX: 00007f8b79db6160 RCX: 00007f8b79b8e969
[ 2086.580780][T23288] RDX: 0000200000000280 RSI: 00000000c10c5541 RDI: 0000000000000005
[ 2086.580794][T23288] RBP: 00007f8b7a9d7090 R08: 0000000000000000 R09: 0000000000000000
[ 2086.580806][T23288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2086.580817][T23288] R13: 0000000000000000 R14: 00007f8b79db6160 R15: 00007ffce8a9c318
[ 2086.580848][T23288]  </TASK>
[ 2086.580881][T23288] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2087.346925][T23294] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4739'.
[ 2088.008796][T23257] loop6: detected capacity change from 0 to 524287999
[ 2088.177607][T23304] fuse: Unknown parameter 'group_i00000000000000000000'
[ 2088.185701][T23303] binder: BINDER_SET_CONTEXT_MGR already set
[ 2088.207832][T23303] binder: 23299:23303 ioctl 4018620d 200000000040 returned -16
[ 2088.222692][T23303] binder: 23299:23303 ioctl c0306201 2000000002c0 returned -22
[ 2088.332873][T23307] FAULT_INJECTION: forcing a failure.
[ 2088.332873][T23307] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2088.430888][T23307] CPU: 0 UID: 0 PID: 23307 Comm: syz.2.4744 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2088.430921][T23307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2088.430935][T23307] Call Trace:
[ 2088.430944][T23307]  <TASK>
[ 2088.430954][T23307]  dump_stack_lvl+0x189/0x250
[ 2088.430999][T23307]  ? __pfx____ratelimit+0x10/0x10
[ 2088.431032][T23307]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2088.431061][T23307]  ? __pfx__printk+0x10/0x10
[ 2088.431096][T23307]  should_fail_ex+0x414/0x560
[ 2088.431124][T23307]  _copy_to_user+0x31/0xb0
[ 2088.431155][T23307]  simple_read_from_buffer+0xe1/0x170
[ 2088.431191][T23307]  proc_fail_nth_read+0x1df/0x250
[ 2088.431218][T23307]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2088.431244][T23307]  ? rw_verify_area+0x258/0x650
[ 2088.431270][T23307]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2088.431295][T23307]  vfs_read+0x200/0x980
[ 2088.431328][T23307]  ? __pfx___mutex_lock+0x10/0x10
[ 2088.431351][T23307]  ? __pfx_vfs_read+0x10/0x10
[ 2088.431380][T23307]  ? __fget_files+0x2a/0x420
[ 2088.431404][T23307]  ? __fget_files+0x3a0/0x420
[ 2088.431423][T23307]  ? __fget_files+0x2a/0x420
[ 2088.431453][T23307]  ksys_read+0x145/0x250
[ 2088.431483][T23307]  ? __pfx_ksys_read+0x10/0x10
[ 2088.431507][T23307]  ? rcu_is_watching+0x15/0xb0
[ 2088.431537][T23307]  ? do_syscall_64+0xbe/0x3b0
[ 2088.431563][T23307]  do_syscall_64+0xfa/0x3b0
[ 2088.431585][T23307]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2088.431604][T23307]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2088.431624][T23307]  ? clear_bhb_loop+0x60/0xb0
[ 2088.431648][T23307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2088.431667][T23307] RIP: 0033:0x7ff257f8d37c
[ 2088.431686][T23307] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2088.431703][T23307] RSP: 002b:00007ff258d25030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2088.431726][T23307] RAX: ffffffffffffffda RBX: 00007ff2581b5fa0 RCX: 00007ff257f8d37c
[ 2088.431742][T23307] RDX: 000000000000000f RSI: 00007ff258d250a0 RDI: 0000000000000005
[ 2088.431755][T23307] RBP: 00007ff258d25090 R08: 0000000000000000 R09: 0000000000000000
[ 2088.431769][T23307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2088.431781][T23307] R13: 0000000000000000 R14: 00007ff2581b5fa0 R15: 00007ffc796a03c8
[ 2088.431815][T23307]  </TASK>
[ 2094.782828][T23349] binder: BINDER_SET_CONTEXT_MGR already set
[ 2094.873723][T23349] binder: 23346:23349 ioctl 4018620d 200000000040 returned -16
[ 2094.875103][T23350] binder: 23346:23350 ioctl c0306201 2000000002c0 returned -22
[ 2095.978087][T12611] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[ 2096.162975][T12611] usb 1-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db
[ 2096.458112][T12611] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2096.541194][T12611] usb 1-1: config 0 descriptor??
[ 2096.915352][T23380] bond0: (slave gre0): Error: Device type is different from other slaves
[ 2096.933923][T12608] usb 1-1: USB disconnect, device number 39
[ 2098.820242][T23398] FAULT_INJECTION: forcing a failure.
[ 2098.820242][T23398] name failslab, interval 1, probability 0, space 0, times 0
[ 2098.841169][T23398] CPU: 0 UID: 0 PID: 23398 Comm: syz.0.4769 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2098.841198][T23398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2098.841211][T23398] Call Trace:
[ 2098.841219][T23398]  <TASK>
[ 2098.841228][T23398]  dump_stack_lvl+0x189/0x250
[ 2098.841261][T23398]  ? __pfx____ratelimit+0x10/0x10
[ 2098.841291][T23398]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2098.841319][T23398]  ? __pfx__printk+0x10/0x10
[ 2098.841344][T23398]  ? __pfx___might_resched+0x10/0x10
[ 2098.841365][T23398]  ? fs_reclaim_acquire+0x7d/0x100
[ 2098.841392][T23398]  should_fail_ex+0x414/0x560
[ 2098.841418][T23398]  should_failslab+0xa8/0x100
[ 2098.841449][T23398]  __kmalloc_noprof+0xcb/0x4f0
[ 2098.841475][T23398]  ? kfree+0x4d/0x440
[ 2098.841514][T23398]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2098.841559][T23398]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2098.841586][T23398]  ? tomoyo_domain+0xda/0x130
[ 2098.841616][T23398]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 2098.841636][T23398]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 2098.841677][T23398]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2098.841718][T23398]  ? __lock_acquire+0xab9/0xd20
[ 2098.841761][T23398]  ? __fget_files+0x2a/0x420
[ 2098.841785][T23398]  ? __fget_files+0x2a/0x420
[ 2098.841802][T23398]  ? __fget_files+0x3a0/0x420
[ 2098.841821][T23398]  ? __fget_files+0x2a/0x420
[ 2098.841845][T23398]  security_file_ioctl+0xcb/0x2d0
[ 2098.841871][T23398]  __se_sys_ioctl+0x47/0x170
[ 2098.841901][T23398]  do_syscall_64+0xfa/0x3b0
[ 2098.841921][T23398]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2098.841947][T23398]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2098.841968][T23398]  ? clear_bhb_loop+0x60/0xb0
[ 2098.841994][T23398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2098.842013][T23398] RIP: 0033:0x7fb149d8e969
[ 2098.842032][T23398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2098.842050][T23398] RSP: 002b:00007fb14ab60038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2098.842071][T23398] RAX: ffffffffffffffda RBX: 00007fb149fb5fa0 RCX: 00007fb149d8e969
[ 2098.842086][T23398] RDX: 0000200000000000 RSI: 0000000000008914 RDI: 0000000000000007
[ 2098.842100][T23398] RBP: 00007fb14ab60090 R08: 0000000000000000 R09: 0000000000000000
[ 2098.842113][T23398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2098.842125][T23398] R13: 0000000000000000 R14: 00007fb149fb5fa0 R15: 00007ffdc63f4f18
[ 2098.842158][T23398]  </TASK>
[ 2098.842167][T23398] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2099.001640][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 2099.001698][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 2099.219205][T23403] ==================================================================
[ 2099.227305][T23403] BUG: KASAN: slab-use-after-free in rose_send_frame+0x131/0x220
[ 2099.235047][T23403] Write of size 8 at addr ffff88802419bc18 by task syz.0.4769/23403
[ 2099.243036][T23403] 
[ 2099.245371][T23403] CPU: 0 UID: 0 PID: 23403 Comm: syz.0.4769 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2099.245396][T23403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2099.245409][T23403] Call Trace:
[ 2099.245417][T23403]  <TASK>
[ 2099.245425][T23403]  dump_stack_lvl+0x189/0x250
[ 2099.245476][T23403]  ? __virt_addr_valid+0x1c8/0x5c0
[ 2099.245502][T23403]  ? rcu_is_watching+0x15/0xb0
[ 2099.245525][T23403]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2099.245562][T23403]  ? rcu_is_watching+0x15/0xb0
[ 2099.245582][T23403]  ? lock_release+0x4b/0x3e0
[ 2099.245602][T23403]  ? __virt_addr_valid+0x1c8/0x5c0
[ 2099.245624][T23403]  ? __virt_addr_valid+0x4a5/0x5c0
[ 2099.245649][T23403]  print_report+0xd2/0x2b0
[ 2099.245670][T23403]  ? rose_send_frame+0x131/0x220
[ 2099.245695][T23403]  kasan_report+0x118/0x150
[ 2099.245723][T23403]  ? rose_send_frame+0x131/0x220
[ 2099.245753][T23403]  rose_send_frame+0x131/0x220
[ 2099.245781][T23403]  rose_transmit_link+0x471/0x740
[ 2099.245810][T23403]  rose_write_internal+0x11dc/0x1ac0
[ 2099.245831][T23403]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2099.245852][T23403]  ? __pfx_rose_write_internal+0x10/0x10
[ 2099.245880][T23403]  ? rose_route_free_lci+0x140/0x170
[ 2099.245897][T23403]  ? rose_connect+0x775/0x10a0
[ 2099.245922][T23403]  rose_connect+0x8ee/0x10a0
[ 2099.245945][T23403]  ? __pfx_smack_socket_connect+0x10/0x10
[ 2099.245973][T23403]  ? __pfx_rose_connect+0x10/0x10
[ 2099.245998][T23403]  ? tomoyo_socket_connect_permission+0x164/0x290
[ 2099.246026][T23403]  ? bpf_lsm_socket_connect+0x9/0x20
[ 2099.246045][T23403]  __sys_connect+0x313/0x440
[ 2099.246068][T23403]  ? __pfx___sys_connect+0x10/0x10
[ 2099.246095][T23403]  ? rcu_is_watching+0x15/0xb0
[ 2099.246119][T23403]  __x64_sys_connect+0x7a/0x90
[ 2099.246140][T23403]  do_syscall_64+0xfa/0x3b0
[ 2099.246158][T23403]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2099.246175][T23403]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2099.246192][T23403]  ? clear_bhb_loop+0x60/0xb0
[ 2099.246212][T23403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2099.246230][T23403] RIP: 0033:0x7fb149d8e969
[ 2099.246246][T23403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2099.246263][T23403] RSP: 002b:00007fb14ab1e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 2099.246282][T23403] RAX: ffffffffffffffda RBX: 00007fb149fb6160 RCX: 00007fb149d8e969
[ 2099.246295][T23403] RDX: 0000000000000040 RSI: 00002000000000c0 RDI: 0000000000000009
[ 2099.246307][T23403] RBP: 00007fb149e10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 2099.246319][T23403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2099.246330][T23403] R13: 0000000000000000 R14: 00007fb149fb6160 R15: 00007ffdc63f4f18
[ 2099.246350][T23403]  </TASK>
[ 2099.246357][T23403] 
[ 2099.518043][T23403] Allocated by task 22320:
[ 2099.522453][T23403]  kasan_save_track+0x3e/0x80
[ 2099.527135][T23403]  __kasan_kmalloc+0x93/0xb0
[ 2099.531730][T23403]  __kmalloc_cache_noprof+0x230/0x3d0
[ 2099.537100][T23403]  rose_add_node+0x23a/0xde0
[ 2099.541773][T23403]  rose_rt_ioctl+0xa48/0xfb0
[ 2099.546356][T23403]  rose_ioctl+0x3ce/0x8b0
[ 2099.550695][T23403]  sock_do_ioctl+0xd9/0x300
[ 2099.555192][T23403]  sock_ioctl+0x576/0x790
[ 2099.559532][T23403]  __se_sys_ioctl+0xf9/0x170
[ 2099.564115][T23403]  do_syscall_64+0xfa/0x3b0
[ 2099.568607][T23403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2099.574507][T23403] 
[ 2099.576837][T23403] Freed by task 23398:
[ 2099.580897][T23403]  kasan_save_track+0x3e/0x80
[ 2099.585581][T23403]  kasan_save_free_info+0x46/0x50
[ 2099.590637][T23403]  __kasan_slab_free+0x62/0x70
[ 2099.595406][T23403]  kfree+0x18e/0x440
[ 2099.599303][T23403]  rose_rt_device_down+0x66d/0x6c0
[ 2099.604403][T23403]  rose_device_event+0x603/0x6a0
[ 2099.609339][T23403]  notifier_call_chain+0x1b6/0x3e0
[ 2099.614444][T23403]  __dev_notify_flags+0x18d/0x2e0
[ 2099.619464][T23403]  netif_change_flags+0xe8/0x1a0
[ 2099.624397][T23403]  dev_change_flags+0x130/0x260
[ 2099.629245][T23403]  dev_ioctl+0x7b4/0x1150
[ 2099.633573][T23403]  sock_do_ioctl+0x22c/0x300
[ 2099.638160][T23403]  sock_ioctl+0x576/0x790
[ 2099.642493][T23403]  __se_sys_ioctl+0xf9/0x170
[ 2099.647085][T23403]  do_syscall_64+0xfa/0x3b0
[ 2099.651584][T23403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2099.657507][T23403] 
[ 2099.659830][T23403] The buggy address belongs to the object at ffff88802419bc00
[ 2099.659830][T23403]  which belongs to the cache kmalloc-512 of size 512
[ 2099.673881][T23403] The buggy address is located 24 bytes inside of
[ 2099.673881][T23403]  freed 512-byte region [ffff88802419bc00, ffff88802419be00)
[ 2099.687586][T23403] 
[ 2099.689905][T23403] The buggy address belongs to the physical page:
[ 2099.696303][T23403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802419a000 pfn:0x24198
[ 2099.706360][T23403] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 2099.714857][T23403] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 2099.723379][T23403] page_type: f5(slab)
[ 2099.727359][T23403] raw: 00fff00000000240 ffff88801a441c80 ffffea000083e110 ffffea0000be7310
[ 2099.735944][T23403] raw: ffff88802419a000 000000000010000f 00000000f5000000 0000000000000000
[ 2099.744534][T23403] head: 00fff00000000240 ffff88801a441c80 ffffea000083e110 ffffea0000be7310
[ 2099.753211][T23403] head: ffff88802419a000 000000000010000f 00000000f5000000 0000000000000000
[ 2099.761877][T23403] head: 00fff00000000002 ffffea0000906601 00000000ffffffff 00000000ffffffff
[ 2099.770549][T23403] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[ 2099.779237][T23403] page dumped because: kasan: bad access detected
[ 2099.785652][T23403] page_owner tracks the page as allocated
[ 2099.791360][T23403] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5826, tgid 5826 (syz-executor), ts 95964887710, free_ts 95947346104
[ 2099.812723][T23403]  post_alloc_hook+0x240/0x2a0
[ 2099.817490][T23403]  get_page_from_freelist+0x21d1/0x22b0
[ 2099.823056][T23403]  __alloc_frozen_pages_noprof+0x181/0x370
[ 2099.828862][T23403]  alloc_pages_mpol+0x232/0x4a0
[ 2099.833709][T23403]  allocate_slab+0x8a/0x3b0
[ 2099.838212][T23403]  ___slab_alloc+0xbfc/0x1480
[ 2099.842894][T23403]  __kmalloc_noprof+0x305/0x4f0
[ 2099.847755][T23403]  fib6_info_alloc+0x30/0xf0
[ 2099.852369][T23403]  ip6_route_info_create+0x142/0x860
[ 2099.857658][T23403]  ip6_route_add+0x28/0x190
[ 2099.862174][T23403]  addrconf_add_dev+0x24f/0x340
[ 2099.867032][T23403]  addrconf_init_auto_addrs+0x5cf/0xb50
[ 2099.872585][T23403]  addrconf_notify+0xacc/0x1010
[ 2099.877441][T23403]  notifier_call_chain+0x1b6/0x3e0
[ 2099.882565][T23403]  netif_state_change+0x284/0x3a0
[ 2099.887584][T23403]  netif_set_operstate+0x116/0x180
[ 2099.892714][T23403] page last free pid 5817 tgid 5817 stack trace:
[ 2099.899034][T23403]  __free_frozen_pages+0xc65/0xe50
[ 2099.904143][T23403]  __slab_free+0x326/0x400
[ 2099.908577][T23403]  qlist_free_all+0x97/0x140
[ 2099.913180][T23403]  kasan_quarantine_reduce+0x148/0x160
[ 2099.918639][T23403]  __kasan_slab_alloc+0x22/0x80
[ 2099.923487][T23403]  __kmalloc_cache_noprof+0x1be/0x3d0
[ 2099.928878][T23403]  netdevice_event+0x3a1/0x8a0
[ 2099.933644][T23403]  notifier_call_chain+0x1b6/0x3e0
[ 2099.938759][T23403]  __dev_notify_flags+0x18d/0x2e0
[ 2099.943797][T23403]  netif_change_flags+0xe8/0x1a0
[ 2099.948730][T23403]  do_setlink+0xc55/0x41c0
[ 2099.953145][T23403]  rtnl_newlink+0x160b/0x1c70
[ 2099.957818][T23403]  rtnetlink_rcv_msg+0x7cc/0xb70
[ 2099.962755][T23403]  netlink_rcv_skb+0x205/0x470
[ 2099.967518][T23403]  netlink_unicast+0x758/0x8d0
[ 2099.972281][T23403]  netlink_sendmsg+0x805/0xb30
[ 2099.977048][T23403] 
[ 2099.979367][T23403] Memory state around the buggy address:
[ 2099.984991][T23403]  ffff88802419bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2099.993060][T23403]  ffff88802419bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2100.001117][T23403] >ffff88802419bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2100.009169][T23403]                             ^
[ 2100.014034][T23403]  ffff88802419bc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2100.022094][T23403]  ffff88802419bd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2100.030154][T23403] ==================================================================
[ 2100.089072][T23403] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 2100.096290][T23403] CPU: 1 UID: 0 PID: 23403 Comm: syz.0.4769 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2100.108004][T23403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2100.118056][T23403] Call Trace:
[ 2100.121329][T23403]  <TASK>
[ 2100.124269][T23403]  dump_stack_lvl+0x99/0x250
[ 2100.128872][T23403]  ? __asan_memcpy+0x40/0x70
[ 2100.133466][T23403]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2100.138664][T23403]  ? __pfx__printk+0x10/0x10
[ 2100.143255][T23403]  panic+0x2db/0x790
[ 2100.147147][T23403]  ? __pfx_panic+0x10/0x10
[ 2100.151579][T23403]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 2100.157505][T23403]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2100.163843][T23403]  ? print_memory_metadata+0x314/0x400
[ 2100.169311][T23403]  ? rose_send_frame+0x131/0x220
[ 2100.174253][T23403]  check_panic_on_warn+0x89/0xb0
[ 2100.179198][T23403]  ? rose_send_frame+0x131/0x220
[ 2100.184148][T23403]  end_report+0x78/0x160
[ 2100.188394][T23403]  kasan_report+0x129/0x150
[ 2100.192902][T23403]  ? rose_send_frame+0x131/0x220
[ 2100.197861][T23403]  rose_send_frame+0x131/0x220
[ 2100.202646][T23403]  rose_transmit_link+0x471/0x740
[ 2100.207680][T23403]  rose_write_internal+0x11dc/0x1ac0
[ 2100.212965][T23403]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2100.218171][T23403]  ? __pfx_rose_write_internal+0x10/0x10
[ 2100.223802][T23403]  ? rose_route_free_lci+0x140/0x170
[ 2100.229088][T23403]  ? rose_connect+0x775/0x10a0
[ 2100.233855][T23403]  rose_connect+0x8ee/0x10a0
[ 2100.238457][T23403]  ? __pfx_smack_socket_connect+0x10/0x10
[ 2100.244200][T23403]  ? __pfx_rose_connect+0x10/0x10
[ 2100.249246][T23403]  ? tomoyo_socket_connect_permission+0x164/0x290
[ 2100.255661][T23403]  ? bpf_lsm_socket_connect+0x9/0x20
[ 2100.260942][T23403]  __sys_connect+0x313/0x440
[ 2100.265528][T23403]  ? __pfx___sys_connect+0x10/0x10
[ 2100.270666][T23403]  ? rcu_is_watching+0x15/0xb0
[ 2100.275459][T23403]  __x64_sys_connect+0x7a/0x90
[ 2100.280218][T23403]  do_syscall_64+0xfa/0x3b0
[ 2100.284713][T23403]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2100.289898][T23403]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2100.295957][T23403]  ? clear_bhb_loop+0x60/0xb0
[ 2100.300635][T23403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2100.306518][T23403] RIP: 0033:0x7fb149d8e969
[ 2100.310924][T23403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2100.330526][T23403] RSP: 002b:00007fb14ab1e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 2100.338940][T23403] RAX: ffffffffffffffda RBX: 00007fb149fb6160 RCX: 00007fb149d8e969
[ 2100.346906][T23403] RDX: 0000000000000040 RSI: 00002000000000c0 RDI: 0000000000000009
[ 2100.354872][T23403] RBP: 00007fb149e10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 2100.362839][T23403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2100.370808][T23403] R13: 0000000000000000 R14: 00007fb149fb6160 R15: 00007ffdc63f4f18
[ 2100.378787][T23403]  </TASK>
[ 2100.382159][T23403] Kernel Offset: disabled
[ 2100.386485][T23403] Rebooting in 86400 seconds..