last executing test programs:

6m58.535452623s ago: executing program 1 (id=10):
ioctl$sock_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x2000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
getpid()
r1 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f00000000c0)=<r2=>0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0xf3a, 0x0)
write$binfmt_misc(r5, &(0x7f0000000980), 0xfdef)
timer_settime(r2, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read$FUSE(r4, &(0x7f0000000980)={0x2020}, 0x2020)

6m57.181491711s ago: executing program 1 (id=12):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
open(0x0, 0x2000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x24)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000004c00)=""/102392, 0x18ff8)
openat$binfmt_format(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c010000190001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000aa4e220000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000104000000000000feffffffffffffff030000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000008400050020010000000000000000000000000000000000002b00000000000000000000000000000000000000000500000000000002000700000000000000000000000000e00000020000000000000000000000004000000033"], 0x13c}}, 0x20040880)
sendmmsg$inet6(r2, &(0x7f0000000a80)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x4d7, @rand_addr=' \x01\x00', 0x3}, 0x1c, &(0x7f0000000900)=[{0x0}], 0x1}}], 0x1, 0x4c040)

6m55.035204991s ago: executing program 1 (id=14):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)

6m51.477654501s ago: executing program 4 (id=18):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000100)='romfs\x00', 0x18001, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'virt_wifi0\x00'})
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, 0x0)
socket(0x15, 0x5, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x92)
mknodat(r2, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
chdir(&(0x7f0000000080)='./bus\x00')
renameat2(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000200)='./bus/file0\x00', 0x0)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
getdents(r3, 0x0, 0x0)

6m50.619681749s ago: executing program 1 (id=19):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
open(0x0, 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
openat$binfmt_format(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c010000190001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000aa4e220000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000104000000000000feffffffffffffff030000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000008400050020010000000000000000000000000000000000002b00000000000000000000000000000000000000000500000000000002000700000000000000000000000000e00000020000000000000000000000004000000033"], 0x13c}}, 0x20040880)
sendmmsg$inet6(r1, &(0x7f0000000a80)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x4d7, @rand_addr=' \x01\x00', 0x3}, 0x1c, &(0x7f0000000900)=[{&(0x7f0000000400)="fc", 0x1}], 0x1}}], 0x1, 0x4c040)

6m49.575508563s ago: executing program 4 (id=20):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
landlock_create_ruleset(&(0x7f0000000040)={0x501a, 0x3, 0x3}, 0x18, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

6m49.526204264s ago: executing program 1 (id=22):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
open(0x0, 0x2000, 0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x24)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
openat$binfmt_format(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c010000190001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000aa4e220000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000104000000000000feffffffffffffff030000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000008400050020010000000000000000000000000000000000002b000000000000000000000000000000000000000005000000000000020007000000000000000000"], 0x13c}}, 0x20040880)
sendmmsg$inet6(r1, &(0x7f0000000a80)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x4d7, @rand_addr=' \x01\x00', 0x3}, 0x1c, &(0x7f0000000900)=[{&(0x7f0000000400)="fc", 0x1}], 0x1}}], 0x1, 0x4c040)

6m47.038550928s ago: executing program 1 (id=25):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
open(0x0, 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
openat$binfmt_format(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[], 0x13c}}, 0x20040880)
sendmmsg$inet6(r1, &(0x7f0000000a80)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x4d7, @rand_addr=' \x01\x00', 0x3}, 0x1c, &(0x7f0000000900)=[{&(0x7f0000000400)="fc", 0x1}], 0x1}}], 0x1, 0x4c040)

6m41.374012959s ago: executing program 4 (id=30):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
landlock_create_ruleset(&(0x7f0000000040)={0x501a, 0x3, 0x3}, 0x18, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

6m37.610842216s ago: executing program 4 (id=34):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000100)='romfs\x00', 0x18001, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'virt_wifi0\x00'})
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, 0x0)
socket(0x15, 0x5, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010, 0x2, 0x39d}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x92)
mknodat(r4, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
chdir(&(0x7f0000000080)='./bus\x00')
renameat2(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000200)='./bus/file0\x00', 0x0)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
getdents(r5, 0x0, 0x0)

6m34.212637818s ago: executing program 4 (id=37):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x103802, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000003, 0x50032, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_generic(r0, 0x0, 0xc000)

6m31.682632065s ago: executing program 32 (id=25):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
open(0x0, 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
openat$binfmt_format(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[], 0x13c}}, 0x20040880)
sendmmsg$inet6(r1, &(0x7f0000000a80)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x4d7, @rand_addr=' \x01\x00', 0x3}, 0x1c, &(0x7f0000000900)=[{&(0x7f0000000400)="fc", 0x1}], 0x1}}], 0x1, 0x4c040)

6m29.592588888s ago: executing program 4 (id=42):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
open(0x0, 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
openat$binfmt_format(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="0002"], 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c010000190001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000aa4e220000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000104000000000000feffffffffffffff030000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000008400050020010000000000000000000000000000000000002b00000000000000000000000000000000000000000500000000000002000700000000000000000000000000e00000020000000000000000000000004000000033"], 0x13c}}, 0x20040880)
sendmmsg$inet6(r1, &(0x7f0000000a80)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x4d7, @rand_addr=' \x01\x00', 0x3}, 0x1c, &(0x7f0000000900)=[{&(0x7f0000000400)="fc", 0x1}], 0x1}}], 0x1, 0x4c040)

6m13.260192344s ago: executing program 33 (id=42):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
open(0x0, 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
openat$binfmt_format(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="0002"], 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c010000190001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000aa4e220000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000104000000000000feffffffffffffff030000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000008400050020010000000000000000000000000000000000002b00000000000000000000000000000000000000000500000000000002000700000000000000000000000000e00000020000000000000000000000004000000033"], 0x13c}}, 0x20040880)
sendmmsg$inet6(r1, &(0x7f0000000a80)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x4d7, @rand_addr=' \x01\x00', 0x3}, 0x1c, &(0x7f0000000900)=[{&(0x7f0000000400)="fc", 0x1}], 0x1}}], 0x1, 0x4c040)

17.664750859s ago: executing program 5 (id=767):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
landlock_create_ruleset(&(0x7f0000000040)={0x501a, 0x3, 0x3}, 0x18, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000100)={0x2, 0x40000105, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

14.602562674s ago: executing program 5 (id=773):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x9, 0x2)
r1 = syz_open_dev$ndb(0x0, 0x0, 0x200)
r2 = dup3(r1, r0, 0x80000)
ioctl$NBD_DO_IT(r2, 0xab03)

14.270114628s ago: executing program 5 (id=775):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = io_uring_setup(0x5e8a, &(0x7f0000000180)={0x0, 0xc05b, 0x20900, 0x2, 0x2f3})
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x100)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="a3063b9f5d4e4337af4be0561ab54bf7b0dd5732e306d916b9e3eb5318e74f658d97b02cc81311e310c86a3871c257f604e83523bca1c26e9eab4097f0126e5fd2525160fbee4eaecb63b6"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='tlb_flush\x00', r3}, 0x10)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r2, 0x40045542, &(0x7f0000000640)=0x2)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r1, 0xe, &(0x7f00000005c0)={0x7dc7, 0x0, &(0x7f0000000540)=[{&(0x7f0000000340)=""/220, 0xdc}, {&(0x7f0000000280)=""/86, 0x56}, {&(0x7f0000000440)=""/105, 0x69}, {&(0x7f0000000600)=""/33, 0x21}, {&(0x7f00000004c0)=""/92, 0x5c}, {&(0x7f0000000680)=""/152, 0x98}], &(0x7f0000000100)=[0x7, 0x3fffc000000, 0x4fa, 0xaab, 0x81, 0x800000000001], 0x6}, 0x20)
setsockopt$inet6_tcp_buf(r0, 0x6, 0xd, &(0x7f0000000080)='>', 0x1)
setsockopt$sock_int(r0, 0x1, 0x44, &(0x7f0000000140)=0xfffffffd, 0x4)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000040)=0x90000)
syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
r5 = gettid()
prlimit64(r5, 0xb, &(0x7f0000000140)={0x1000000000008, 0x9c78}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x12, 0xffffffffffffffff, 0xcc53d000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000740)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000300)={{@hyper, 0x800000}, @my=0x1, 0x0, 0x0, 0x2, 0xfffffffffffffffe})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f00000000c0)={{@hyper, 0xffffffff}, @host, 0x0, 0x0, 0x1, 0x4})
close(r4)
syz_usb_connect(0x3, 0x146, &(0x7f0000000200)=ANY=[@ANYBLOB="12010002a4b4b708b40402005ce2010203010902340102050930020904340a0395f125000a2401060052020102052404040907240501c3451d072408039c0d0109050a0808000008f809050e01ff03030208090505"], 0x0)

12.049550071s ago: executing program 3 (id=781):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="0500000000000000731130f2000000008510000002000000850000007600000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0xf32}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x5269a79981ff77fb, 0x8031, 0xffffffffffffffff, 0x4a259000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = creat(0x0, 0xecf86c37d53049cc)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
setsockopt$MRT_INIT(r3, 0x0, 0xc8, &(0x7f0000000000), 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
capset(0x0, &(0x7f0000000200)={0x0, 0x7, 0x0, 0x10000000, 0x0, 0x1})
semtimedop(0x0, &(0x7f0000000300)=[{0x3, 0xfff7, 0x1000}], 0x1f4, 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000700), 0x47d, 0x0)
gettid()
timer_settime(0x0, 0x0, 0x0, 0x0)
sendto$unix(0xffffffffffffffff, &(0x7f0000000080)='\x00', 0x1, 0xd1, 0x0, 0x0)
recvfrom$unix(0xffffffffffffffff, 0x0, 0x0, 0x10102, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f00000005c0)={r5, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1e, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
r6 = syz_open_dev$loop(&(0x7f00000001c0), 0x5, 0x88000)
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r6)
syz_open_procfs(0x0, &(0x7f0000002340)='net/igmp\x00')

11.100707634s ago: executing program 6 (id=782):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000780)={0x2, @sliced={0x7ff, [0x7, 0x0, 0xd, 0x1, 0xf, 0x3, 0x7fff, 0x9, 0x7fff, 0x2215, 0xffca, 0x6, 0x8, 0x1ff, 0x7, 0x7ff, 0x2, 0x1ff, 0x2, 0xff19, 0xc, 0x9, 0xffff, 0x12, 0x4, 0x2, 0x7, 0x8, 0x7fff, 0x2, 0x8, 0x8, 0x4, 0x3, 0x7, 0x7, 0x2, 0xf1d, 0x2, 0x3, 0xfff5, 0x2, 0x0, 0x9, 0x6, 0x4, 0x3ff, 0x9], 0x4}})
futex(&(0x7f000000cffc)=0x4, 0xb, 0x4, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0)

10.076964171s ago: executing program 6 (id=783):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
landlock_create_ruleset(&(0x7f0000000040)={0x501a, 0x3, 0x3}, 0x18, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000100)={0x2, 0x40000105, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10.021342425s ago: executing program 5 (id=785):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x9, 0x2)
r1 = syz_open_dev$ndb(0x0, 0x0, 0x200)
r2 = dup3(r1, r0, 0x80000)
ioctl$NBD_DO_IT(r2, 0xab03)

9.823239123s ago: executing program 3 (id=786):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
ioctl$KVM_XEN_HVM_CONFIG(r5, 0x4038ae7a, &(0x7f0000000100)={0x2, 0x40000105, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

9.502261992s ago: executing program 5 (id=788):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f00000003c0)={&(0x7f0000000340)='L', 0x1, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(0xffffffffffffffff, 0xc01864ba, &(0x7f0000000400)={0x25b, 0x0, r3, 0xbbbbbbbb})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
syz_io_uring_setup(0xd5, 0x0, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000080))
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r6, 0x84, 0x7f, &(0x7f0000000040)="020000000d80ffff", 0x8)
close_range(r5, 0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, 0x0, 0x0, 0x4)
socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = socket$inet6(0xa, 0x3, 0x87)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

8.176624418s ago: executing program 2 (id=790):
socket(0x1, 0x2, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x1000000)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x88002, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xd)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
write$UHID_INPUT(r2, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c9b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d30091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520200ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x100d}}, 0xfffffdef) (fail_nth: 3)

8.173867301s ago: executing program 6 (id=791):
mknod(&(0x7f0000000080)='./bus\x00', 0x8000, 0x7)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./bus\x00', &(0x7f0000000180)='jfs\x00', 0x400080, &(0x7f00000001c0)='discard')
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0x40045542, &(0x7f0000000b00)=0x400e704)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in=@local, 0x0, 0x0, 0x4e23, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff5f, 0x0, 0xfffffffffffffffa}, {0x200000}}, [@mark={0xc, 0x15, {0x35075d, 0x6}}]}, 0xc4}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)=@delsa={0x8c, 0x11, 0x1, 0x70bd2c, 0x25dfdbfc, {@in=@private=0xa010101, 0x4d2, 0x2, 0xff}, [@replay_esn_val={0x2c, 0x17, {0x4, 0x70bd2d, 0x70bd28, 0x70bd2c, 0x70bd28, 0xaeb, [0x9, 0x2, 0x0, 0x7a31666b]}}, @extra_flags={0x8, 0x18, 0x9}, @policy_type={0xa, 0x10, {0x1}}, @lifetime_val={0x24, 0x9, {0x9244, 0x4, 0x3, 0x7}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x40000}, 0x801)
getitimer(0x700, 0x0)
accept4$rose(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$netlink(r2, 0x10e, 0x9, 0x0, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000018008001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f6ffffffb7020000080000007b03000000000000850000001000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0xfe7, &(0x7f0000001e00)=""/4071}, 0x94)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="b8000000150001ff"], 0xb8}}, 0x0)

7.587264935s ago: executing program 3 (id=792):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d3e457201e040b40e73e000000010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r1, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
ioctl$USBDEVFS_REAPURB(r3, 0x4008550c, &(0x7f0000000380))
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

7.490018334s ago: executing program 2 (id=793):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000780)={0x2, @sliced={0x7ff, [0x7, 0x0, 0xd, 0x1, 0xf, 0x3, 0x7fff, 0x9, 0x7fff, 0x2215, 0xffca, 0x6, 0x8, 0x1ff, 0x7, 0x7ff, 0x2, 0x1ff, 0x2, 0xff19, 0xc, 0x9, 0xffff, 0x12, 0x4, 0x2, 0x7, 0x8, 0x7fff, 0x2, 0x8, 0x8, 0x4, 0x3, 0x7, 0x7, 0x2, 0xf1d, 0x2, 0x3, 0xfff5, 0x2, 0x0, 0x9, 0x6, 0x4, 0x3ff, 0x9], 0x4}})
futex(&(0x7f000000cffc)=0x4, 0xb, 0x4, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0)

7.381470892s ago: executing program 6 (id=794):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
landlock_create_ruleset(&(0x7f0000000040)={0x501a, 0x3, 0x3}, 0x18, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

7.271446277s ago: executing program 0 (id=795):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = io_uring_setup(0x5e8a, &(0x7f0000000180)={0x0, 0xc05b, 0x20900, 0x2, 0x2f3})
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x100)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="a3063b9f5d4e4337af4be0561ab54bf7b0dd5732e306d916b9e3eb5318e74f658d97b02cc81311e310c86a3871c257f604e83523bca1c26e9eab4097f0126e5fd2525160fbee4eaecb63b6"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='tlb_flush\x00', r3}, 0x10)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r2, 0x40045542, &(0x7f0000000640)=0x2)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r1, 0xe, &(0x7f00000005c0)={0x7dc7, 0x0, &(0x7f0000000540)=[{&(0x7f0000000340)=""/220, 0xdc}, {&(0x7f0000000280)=""/86, 0x56}, {&(0x7f0000000440)=""/105, 0x69}, {&(0x7f0000000600)=""/33, 0x21}, {&(0x7f00000004c0)=""/92, 0x5c}, {&(0x7f0000000680)=""/152, 0x98}], &(0x7f0000000100)=[0x7, 0x3fffc000000, 0x4fa, 0xaab, 0x81, 0x800000000001], 0x6}, 0x20)
setsockopt$inet6_tcp_buf(r0, 0x6, 0xd, &(0x7f0000000080)='>', 0x1)
setsockopt$sock_int(r0, 0x1, 0x44, &(0x7f0000000140)=0xfffffffd, 0x4)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000040)=0x90000)
r5 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
r6 = gettid()
prlimit64(r6, 0xb, &(0x7f0000000140)={0x1000000000008, 0x9c78}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x12, 0xffffffffffffffff, 0xcc53d000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f0000000040)={0xe, 0x2, 0x3, "a427ececbbe6d400fd000080000000f9ffff00bfff00", 0x59555956})
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000740)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000300)={{@hyper, 0x800000}, @my=0x1, 0x0, 0x0, 0x2, 0xfffffffffffffffe})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f00000000c0)={{@hyper, 0xffffffff}, @host, 0x0, 0x0, 0x1, 0x4})
close(r4)
syz_usb_connect(0x3, 0x146, &(0x7f0000000200)=ANY=[@ANYBLOB="12010002a4b4b708b40402005ce2010203010902340102050930020904340a0395f125000a2401060052020102052404040907240501c3451d072408039c0d0109050a0808000008f809050e01ff03030208090505"], 0x0)

7.268784137s ago: executing program 2 (id=796):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="0500000000000000731130f2000000008510000002000000850000007600000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0xf32}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x5269a79981ff77fb, 0x8031, 0xffffffffffffffff, 0x4a259000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = creat(0x0, 0xecf86c37d53049cc)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
setsockopt$MRT_INIT(r3, 0x0, 0xc8, &(0x7f0000000000), 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
capset(0x0, &(0x7f0000000200)={0x0, 0x7, 0x0, 0x10000000, 0x0, 0x1})
semtimedop(0x0, &(0x7f0000000300)=[{0x3, 0xfff7, 0x1000}], 0x1f4, 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000700), 0x47d, 0x0)
gettid()
timer_settime(0x0, 0x0, 0x0, 0x0)
sendto$unix(0xffffffffffffffff, &(0x7f0000000080)='\x00', 0x1, 0xd1, 0x0, 0x0)
recvfrom$unix(0xffffffffffffffff, 0x0, 0x0, 0x10102, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f00000005c0)={r5, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1e, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, 0xffffffffffffffff)
syz_open_procfs(0x0, &(0x7f0000002340)='net/igmp\x00')

5.908877871s ago: executing program 2 (id=797):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d3120900"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
landlock_create_ruleset(&(0x7f0000000040)={0x501a, 0x3, 0x3}, 0x18, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r5, 0x4038ae7a, &(0x7f0000000100)={0x2, 0x40000105, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

4.897462812s ago: executing program 6 (id=798):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r2, 0x0, 0x22, 0x0, &(0x7f0000000380)="f6f4e9a100000000eef1880400800000007f4386dd78bb3bb7dbfc7780c28395cc7e", 0x0, 0xa17, 0x0, 0x2, 0x0, &(0x7f00000001c0)="010a", 0x0}, 0x50)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r5 = socket$inet6(0xa, 0x3, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f00000007c0)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x40, 0x0}, @in6=@rand_addr=' \x01\x00', 0x4e22, 0x0, 0x0, 0x3, 0x2}, {0x8, 0x200000000, 0x40000000007, 0x20000a0de, 0x100000000, 0x4, 0x200000003, 0x9}, {0x5}, 0x1, 0x0, 0x1, 0x0, 0x6, 0x2}, {{@in=@local, 0x0, 0x6c}, 0x2, @in6=@private1, 0x3502, 0x1, 0x0, 0x0, 0x9075}}, 0xe8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@enum64={0x2, 0x11, 0x0, 0x13, 0x1, 0x1}]}, {0x0, [0x5f, 0x5f, 0x30]}}, 0x0, 0x29, 0x0, 0x0, 0x7}, 0x28)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x44}}}, 0x1c)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r9=>0x0})
setsockopt$packet_int(r8, 0x107, 0xf, &(0x7f0000000000)=0x3, 0x4)
sendto$packet(r8, &(0x7f00000000c0)="3f031c00eee8140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c153cfdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r9, 0x1, 0x0, 0x6, @multicast}, 0x14)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=@gettclass={0x24, 0x2a, 0x200, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, r9, {0x4, 0xffe0}, {0xffff, 0x3}, {0xe, 0x3}}, ["", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4004040}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000540)=@newtfilter={0x70, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r7, {0x0, 0x7}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x40, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}]}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0x10, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x2}]}]}, @TCA_FLOWER_KEY_ENC_IPV6_DST={0x14, 0x21, @initdev={0xfe, 0x88, '\x00', 0xff, 0x0}}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

4.882870713s ago: executing program 0 (id=799):
mkdir(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x84}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
semctl$SEM_INFO(0x0, 0x4, 0x13, 0x0)
timerfd_create(0x0, 0x0)
r3 = syz_io_uring_setup(0xa1, &(0x7f0000000640)={0x0, 0xe8ce, 0x0, 0x20, 0x40000333}, &(0x7f00000006c0), &(0x7f00000020c0))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b70800000c000000638af8ff00000000b5080000000000007b8af0ff00000000bfa10000000000000701", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00'], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)={0x34, r7, 0x603, 0x70bd30, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0xec}, @ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x34}}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r5, 0x58, &(0x7f0000000340)}, 0x10)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f00000004c0), &(0x7f0000000500)=0x4)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000540)={0x0, 0x1f0}, 0x1, 0x0, 0x0, 0x20000804}, 0x4080)
io_uring_enter(r3, 0x47ba, 0x0, 0x0, 0x0, 0x0)

4.406187781s ago: executing program 5 (id=800):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000640)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x185)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x8000003d)
openat(r4, 0x0, 0x140400, 0x128)
fallocate(r4, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r4, 0x2000000)
sendmsg$kcm(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000100)="bdb330", 0x3}, {&(0x7f0000000080)="5b76d0", 0x3}], 0x2}, 0x800)
pipe2(&(0x7f00000003c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
r8 = socket$inet6(0xa, 0x2, 0x0)
r9 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r9, 0x0, 0x0)
syz_usb_control_io$hid(r9, 0x0, 0x0)
syz_usb_control_io$lan78xx(r9, 0x0, &(0x7f0000000840)={0x34, &(0x7f00000006c0)={0x0, 0x30, 0x1, "e8"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r9, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r9, 0x0, &(0x7f00000005c0)={0x44, &(0x7f0000000340)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r9, 0x0, 0x0)
syz_usb_control_io$lan78xx(r9, 0x0, &(0x7f0000000380)={0x34, &(0x7f0000000180)={0x40, 0x18}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r9, 0x0, &(0x7f00000002c0)={0x44, &(0x7f00000001c0)={0x20, 0x9, 0x2, "995f"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$sock_SIOCETHTOOL(r8, 0x89f0, &(0x7f0000000040)={'erspan0\x00', &(0x7f0000000100)=@ethtool_coalesce={0xe, 0x0, 0x6dd68c91, 0x6, 0x10, 0xfff, 0x0, 0xc0000000, 0x402, 0x3, 0x5, 0x7f, 0x3, 0x6, 0x7f, 0xfffffffc, 0x0, 0x800002, 0x80000000, 0x2, 0x1ff, 0xfffffff9, 0xc}})
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB=',cache=fs'])
getsockopt$inet6_int(r0, 0x29, 0x50, 0x0, &(0x7f0000000080)=0x1b00)
setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f0000000180), 0x4)

3.508418652s ago: executing program 0 (id=801):
r0 = socket(0x40000000015, 0x5, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
socket$packet(0x11, 0x2, 0x300)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x2000}, 0x4)
bind$inet(r0, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0}, 0x275a}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b00)=""/234, 0xea}, 0x4}], 0x2, 0x60010020, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)

3.136270592s ago: executing program 0 (id=802):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x9, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x80800)
sendmmsg$alg(r2, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=@delqdisc={0x5c, 0x25, 0x200, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xfff3, 0xf}, {0xfff1, 0xf}, {0x5, 0x1}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0xa374}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xfff}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x4}, @TCA_RATE={0x6, 0x5, {0xb6, 0x53}}, @TCA_RATE={0x6, 0x5, {0x9, 0x5}}, @TCA_RATE={0x6, 0x5, {0x1, 0x4}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xa1fd}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x2000c051)
recvmsg$can_raw(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)}, 0x10120)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x200)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r3, 0xab00, r4)
r5 = dup3(r3, r0, 0x80000)
ioctl$NBD_DO_IT(r5, 0xab03)

3.127610927s ago: executing program 6 (id=803):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
ioctl$KVM_XEN_HVM_CONFIG(r5, 0x4038ae7a, &(0x7f0000000100)={0x2, 0x40000105, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

2.988960967s ago: executing program 2 (id=804):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x9, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x80800)
sendmmsg$alg(r2, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=@delqdisc={0x5c, 0x25, 0x200, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xfff3, 0xf}, {0xfff1, 0xf}, {0x5, 0x1}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0xa374}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xfff}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x4}, @TCA_RATE={0x6, 0x5, {0xb6, 0x53}}, @TCA_RATE={0x6, 0x5, {0x9, 0x5}}, @TCA_RATE={0x6, 0x5, {0x1, 0x4}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xa1fd}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x2000c051)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
keyctl$join(0x1, &(0x7f0000000280)={'syz', 0x1})
request_key(&(0x7f0000000480)='keyring\x00', &(0x7f00000004c0)={'syz', 0x1}, 0x0, 0x0)
r5 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x200)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r5, 0xab00, r6)
r7 = dup3(r5, r0, 0x80000)
ioctl$NBD_DO_IT(r7, 0xab03)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r4, 0x1, 0x70bd2b, 0x6, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8004}, 0x0)

2.892693071s ago: executing program 3 (id=805):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0xfffffffd, {0x0, 0x0, 0x12, 0x0, {0x0, 0xf}, {0xb, 0x5}, {0x1, 0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000001}, 0x50)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_setup(0x987, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x4e}, 0x28)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="0000d63f9a8eecdeb60ddb0700000000", 0x20)
r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000200))
openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0)
writev(0xffffffffffffffff, &(0x7f000009de80)=[{&(0x7f0000002a80)="92601b126cd916238152311e05ee79b7129fcda028997dd43917ea01b906000000286d299a104d2d4a20d1fadfecd7687bfd3c54f8c62189c138c5c5ecd3ce6f2f1cdb482c4e8d547ca98c08e87f592e109e441fab677da071e7683f562eddb2888bee5e65daac845793ebfa0ecbc95c8a44ec908110dd9a9ae9b16301f3e59afcf93da032f2fde9dd86f1dafbb1e68e56611af12fa1380f73d38aeddbd74c68c29bfe35caf5328e85950dd5973469df4c000000", 0xb4}, {0x0}], 0x2)

1.385252246s ago: executing program 3 (id=806):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000780)={0x2, @sliced={0x7ff, [0x7, 0x0, 0xd, 0x1, 0xf, 0x3, 0x7fff, 0x9, 0x7fff, 0x2215, 0xffca, 0x6, 0x8, 0x1ff, 0x7, 0x7ff, 0x2, 0x1ff, 0x2, 0xff19, 0xc, 0x9, 0xffff, 0x12, 0x4, 0x2, 0x7, 0x8, 0x7fff, 0x2, 0x8, 0x8, 0x4, 0x3, 0x7, 0x7, 0x2, 0xf1d, 0x2, 0x3, 0xfff5, 0x2, 0x0, 0x9, 0x6, 0x4, 0x3ff, 0x9], 0x4}})
futex(&(0x7f000000cffc)=0x4, 0xb, 0x4, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0)

1.246274242s ago: executing program 0 (id=807):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="0500000000000000731130f2000000008510000002000000850000007600000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0xf32}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x5269a79981ff77fb, 0x8031, 0xffffffffffffffff, 0x4a259000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = creat(0x0, 0xecf86c37d53049cc)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
setsockopt$MRT_INIT(r3, 0x0, 0xc8, &(0x7f0000000000), 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
capset(0x0, &(0x7f0000000200)={0x0, 0x7, 0x0, 0x10000000, 0x0, 0x1})
semtimedop(0x0, &(0x7f0000000300)=[{0x3, 0xfff7, 0x1000}], 0x1f4, 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000700), 0x47d, 0x0)
gettid()
timer_settime(0x0, 0x0, 0x0, 0x0)
sendto$unix(0xffffffffffffffff, &(0x7f0000000080)='\x00', 0x1, 0xd1, 0x0, 0x0)
recvfrom$unix(0xffffffffffffffff, 0x0, 0x0, 0x10102, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f00000005c0)={r5, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1e, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, 0xffffffffffffffff)
syz_open_procfs(0x0, &(0x7f0000002340)='net/igmp\x00')

1.017203763s ago: executing program 2 (id=808):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

916.450512ms ago: executing program 3 (id=809):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = io_uring_setup(0x5e8a, &(0x7f0000000180)={0x0, 0xc05b, 0x20900, 0x2, 0x2f3})
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x100)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="a3063b9f5d4e4337af4be0561ab54bf7b0dd5732e306d916b9e3eb5318e74f658d97b02cc81311e310c86a3871c257f604e83523bca1c26e9eab4097f0126e5fd2525160fbee4eaecb63b6"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='tlb_flush\x00', r3}, 0x10)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r2, 0x40045542, &(0x7f0000000640)=0x2)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r1, 0xe, &(0x7f00000005c0)={0x7dc7, 0x0, &(0x7f0000000540)=[{&(0x7f0000000340)=""/220, 0xdc}, {&(0x7f0000000280)=""/86, 0x56}, {&(0x7f0000000440)=""/105, 0x69}, {&(0x7f0000000600)=""/33, 0x21}, {&(0x7f00000004c0)=""/92, 0x5c}, {&(0x7f0000000680)=""/152, 0x98}], &(0x7f0000000100)=[0x7, 0x3fffc000000, 0x4fa, 0xaab, 0x81, 0x800000000001], 0x6}, 0x20)
setsockopt$inet6_tcp_buf(r0, 0x6, 0xd, &(0x7f0000000080)='>', 0x1)
setsockopt$sock_int(r0, 0x1, 0x44, &(0x7f0000000140)=0xfffffffd, 0x4)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000040)=0x90000)
r5 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
r6 = gettid()
prlimit64(r6, 0xb, &(0x7f0000000140)={0x1000000000008, 0x9c78}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x12, 0xffffffffffffffff, 0xcc53d000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f0000000040)={0xe, 0x2, 0x3, "a427ececbbe6d400fd000080000000f9ffff00bfff00", 0x59555956})
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000740)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000300)={{@hyper, 0x800000}, @my=0x1, 0x0, 0x0, 0x2, 0xfffffffffffffffe})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f00000000c0)={{@hyper, 0xffffffff}, @host, 0x0, 0x0, 0x1, 0x4})
close(r4)
syz_usb_connect(0x3, 0x146, &(0x7f0000000200)=ANY=[@ANYBLOB="12010002a4b4b708b40402005ce2010203010902340102050930020904340a0395f125000a2401060052020102052404040907240501c3451d072408039c0d0109050a0808000008f809050e01ff03030208090505"], 0x0)

0s ago: executing program 0 (id=810):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, 0x0, 0x4000040)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
getsockopt$SO_COOKIE(0xffffffffffffffff, 0x1, 0x39, &(0x7f0000000100), 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x1, @remote}, 0xa}}, 0x26)
sendmsg$L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000c40), 0x12)

kernel console output (not intermixed with test programs):

Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  314.646124][ T5850] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  314.647234][ T5850] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  314.648854][ T5850] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  314.649726][ T5850] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  314.710492][    C1] vkms_vblank_simulate: vblank timer overrun
[  314.914560][    C1] vkms_vblank_simulate: vblank timer overrun
[  315.672840][    C1] vkms_vblank_simulate: vblank timer overrun
[  315.816121][    C1] vkms_vblank_simulate: vblank timer overrun
[  316.085736][ T3620] team0 (unregistering): Port device team_slave_1 removed
[  316.312066][ T3620] team0 (unregistering): Port device team_slave_0 removed
[  316.549618][ T7402] kvm: kvm [7401]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x7100006a86
[  316.774042][ T5850] Bluetooth: hci5: command tx timeout
[  317.188208][ T1326] ieee802154 phy0 wpan0: encryption failed: -22
[  317.188287][ T1326] ieee802154 phy1 wpan1: encryption failed: -22
[  318.854003][ T5850] Bluetooth: hci5: command tx timeout
[  320.753395][ T7389] chnl_net:caif_netlink_parms(): no params data found
[  320.850248][ T7048] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  320.935782][ T5850] Bluetooth: hci5: command tx timeout
[  320.973459][ T7048] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  321.106142][ T7048] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  321.241359][ T7439] kvm: kvm [7435]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[  321.276691][ T7439] kvm: kvm [7435]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[  321.279085][ T7439] kvm: kvm [7435]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[  321.445113][ T7048] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  321.941544][ T7464] hub 9-0:1.0: USB hub found
[  321.942307][ T7464] hub 9-0:1.0: 1 port detected
[  322.682161][ T7389] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.682302][ T7389] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.682509][ T7389] bridge_slave_0: entered allmulticast mode
[  322.744731][ T7389] bridge_slave_0: entered promiscuous mode
[  322.805425][ T7389] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.805563][ T7389] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.805823][ T7389] bridge_slave_1: entered allmulticast mode
[  322.808536][ T7389] bridge_slave_1: entered promiscuous mode
[  323.014072][ T5850] Bluetooth: hci5: command tx timeout
[  324.078375][ T7479] netlink: 132 bytes leftover after parsing attributes in process `syz.0.319'.
[  324.685262][ T7389] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  324.708426][ T7389] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  325.221454][ T7389] team0: Port device team_slave_0 added
[  325.247490][ T7389] team0: Port device team_slave_1 added
[  326.289345][ T7502] kvm: kvm [7501]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xbf0000bdd1
[  326.289399][ T7502] kvm: kvm [7501]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xbf0000fdd1
[  326.291916][ T7502] kvm: kvm [7501]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x7600006103
[  326.291962][ T7502] kvm: kvm [7501]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x7600002103
[  326.292062][ T7502] kvm: kvm [7501]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb60000106b
[  326.292106][ T7502] kvm: kvm [7501]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb60000506b
[  326.292203][ T7502] kvm: kvm [7501]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb4000073aa
[  326.292247][ T7502] kvm: kvm [7501]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb4000033aa
[  326.338534][ T7502] kvm: kvm [7501]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb1000054bf
[  326.338586][ T7502] kvm: kvm [7501]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb1000014bf
[  326.950672][ T7389] batman_adv: batadv0: Adding interface: batadv_slave_0
[  326.950689][ T7389] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  326.950713][ T7389] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  326.970780][ T7389] batman_adv: batadv0: Adding interface: batadv_slave_1
[  326.970797][ T7389] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  326.970819][ T7389] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  329.249500][ T7389] hsr_slave_0: entered promiscuous mode
[  329.252109][ T7389] hsr_slave_1: entered promiscuous mode
[  330.959454][ T7537] hub 9-0:1.0: USB hub found
[  330.959837][ T7537] hub 9-0:1.0: 1 port detected
[  332.655447][ T7553] hub 9-0:1.0: USB hub found
[  332.665630][ T7553] hub 9-0:1.0: 1 port detected
[  332.875751][   T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  332.880627][   T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  332.883675][   T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  332.895712][   T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  332.896486][   T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  333.091131][ T7557] hub 9-0:1.0: USB hub found
[  333.091620][ T7557] hub 9-0:1.0: 1 port detected
[  333.714203][ T3620] bridge_slave_1: left allmulticast mode
[  333.714236][ T3620] bridge_slave_1: left promiscuous mode
[  333.714549][ T3620] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.848488][ T3620] bridge_slave_0: left allmulticast mode
[  333.848519][ T3620] bridge_slave_0: left promiscuous mode
[  333.848786][ T3620] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.700750][ T7563] kvm_pr_unimpl_wrmsr: 217 callbacks suppressed
[  334.700772][ T7563] kvm: kvm [7562]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x7100006a86
[  334.953875][ T5850] Bluetooth: hci0: command tx timeout
[  335.375803][ T3620] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  335.524966][ T3620] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  335.535945][ T7567] kvm: kvm [7566]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xbf0000bdd1
[  335.535998][ T7567] kvm: kvm [7566]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xbf0000fdd1
[  335.539214][ T7567] kvm: kvm [7566]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x7600006103
[  335.539261][ T7567] kvm: kvm [7566]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x7600002103
[  335.539364][ T7567] kvm: kvm [7566]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb60000106b
[  335.539407][ T7567] kvm: kvm [7566]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb60000506b
[  335.539504][ T7567] kvm: kvm [7566]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb4000073aa
[  335.539548][ T7567] kvm: kvm [7566]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb4000033aa
[  335.564686][ T7567] kvm: kvm [7566]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb1000054bf
[  335.738885][ T3620] bond0 (unregistering): Released all slaves
[  337.016442][ T5850] Bluetooth: hci0: command tx timeout
[  337.126655][ T3620] hsr_slave_0: left promiscuous mode
[  337.851311][ T3620] hsr_slave_1: left promiscuous mode
[  337.864356][ T3620] batman_adv: batadv0: Removing interface: batadv_slave_0
[  337.944828][ T3620] batman_adv: batadv0: Removing interface: batadv_slave_1
[  338.603756][ T7582] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  339.095190][ T5850] Bluetooth: hci0: command tx timeout
[  339.260361][ T7594] hub 9-0:1.0: USB hub found
[  339.269388][ T7594] hub 9-0:1.0: 1 port detected
[  339.563677][ T3620] team0 (unregistering): Port device team_slave_1 removed
[  339.747287][ T3620] team0 (unregistering): Port device team_slave_0 removed
[  341.174006][ T5850] Bluetooth: hci0: command tx timeout
[  341.369652][ T7607] kvm_pr_unimpl_wrmsr: 287 callbacks suppressed
[  341.369672][ T7607] kvm: kvm [7605]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xbf0000bdd1
[  341.369717][ T7607] kvm: kvm [7605]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xbf0000fdd1
[  341.372223][ T7607] kvm: kvm [7605]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x7600006103
[  341.372270][ T7607] kvm: kvm [7605]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x7600002103
[  341.372371][ T7607] kvm: kvm [7605]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb60000106b
[  341.372415][ T7607] kvm: kvm [7605]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb60000506b
[  341.372518][ T7607] kvm: kvm [7605]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb4000073aa
[  341.372562][ T7607] kvm: kvm [7605]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb4000033aa
[  341.443443][ T7607] kvm: kvm [7605]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb1000054bf
[  341.443496][ T7607] kvm: kvm [7605]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb1000014bf
[  341.680368][ T7582] netlink: 84 bytes leftover after parsing attributes in process `syz.0.343'.
[  342.462256][ T7619] netlink: 132 bytes leftover after parsing attributes in process `syz.3.351'.
[  343.937072][ T7555] chnl_net:caif_netlink_parms(): no params data found
[  344.395160][ T7389] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  344.544067][ T7389] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  344.617044][ T7389] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  344.725374][ T7389] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  345.311441][ T7664] hub 9-0:1.0: USB hub found
[  345.314077][ T7664] hub 9-0:1.0: 1 port detected
[  346.477987][ T7555] bridge0: port 1(bridge_slave_0) entered blocking state
[  346.478147][ T7555] bridge0: port 1(bridge_slave_0) entered disabled state
[  346.478382][ T7555] bridge_slave_0: entered allmulticast mode
[  346.481181][ T7555] bridge_slave_0: entered promiscuous mode
[  346.534339][ T7555] bridge0: port 2(bridge_slave_1) entered blocking state
[  346.534476][ T7555] bridge0: port 2(bridge_slave_1) entered disabled state
[  346.534707][ T7555] bridge_slave_1: entered allmulticast mode
[  346.537374][ T7555] bridge_slave_1: entered promiscuous mode
[  346.698842][ T7672] kvm_pr_unimpl_wrmsr: 338 callbacks suppressed
[  346.698864][ T7672] kvm: kvm [7671]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xbf0000bdd1
[  346.698909][ T7672] kvm: kvm [7671]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xbf0000fdd1
[  346.707462][ T7672] kvm: kvm [7671]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x7600006103
[  346.707514][ T7672] kvm: kvm [7671]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x7600002103
[  346.707622][ T7672] kvm: kvm [7671]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb60000106b
[  346.707666][ T7672] kvm: kvm [7671]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb60000506b
[  346.707767][ T7672] kvm: kvm [7671]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb4000073aa
[  346.707811][ T7672] kvm: kvm [7671]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb4000033aa
[  346.750831][ T7672] kvm: kvm [7671]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb1000054bf
[  346.750880][ T7672] kvm: kvm [7671]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb1000014bf
[  347.293350][ T7679] netlink: 124 bytes leftover after parsing attributes in process `syz.3.360'.
[  348.411179][ T7683] netlink: 132 bytes leftover after parsing attributes in process `syz.3.361'.
[  348.899025][ T7555] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  349.937727][ T7555] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  350.588186][ T5924] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  350.766782][ T5924] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  350.766815][ T5924] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  350.766856][ T5924] usb 1-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[  350.766880][ T5924] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.830339][ T5924] usb 1-1: config 0 descriptor??
[  351.131454][ T7555] team0: Port device team_slave_0 added
[  351.149199][ T7555] team0: Port device team_slave_1 added
[  351.263217][ T5924] playstation 0003:054C:0DF2.0001: unknown main item tag 0x0
[  351.263261][ T5924] playstation 0003:054C:0DF2.0001: unknown main item tag 0x0
[  351.263288][ T5924] playstation 0003:054C:0DF2.0001: unknown main item tag 0x0
[  351.263314][ T5924] playstation 0003:054C:0DF2.0001: unknown main item tag 0x0
[  351.263341][ T5924] playstation 0003:054C:0DF2.0001: unknown main item tag 0x0
[  351.329320][ T5924] playstation 0003:054C:0DF2.0001: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.0-1/input0
[  351.871261][ T7709] binder: BINDER_SET_CONTEXT_MGR already set
[  351.871924][ T7709] binder: 7707:7709 ioctl 4018620d 200000004a80 returned -16
[  352.118115][ T7555] batman_adv: batadv0: Adding interface: batadv_slave_0
[  352.118131][ T7555] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.118155][ T7555] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  352.151468][ T7555] batman_adv: batadv0: Adding interface: batadv_slave_1
[  352.151485][ T7555] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.151508][ T7555] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  353.009634][ T7555] hsr_slave_0: entered promiscuous mode
[  353.028075][ T7555] hsr_slave_1: entered promiscuous mode
[  353.040339][ T7555] debugfs: 'hsr0' already exists in 'hsr'
[  353.040367][ T7555] Cannot create hsr debugfs directory
[  353.224636][ T7738] FAULT_INJECTION: forcing a failure.
[  353.224636][ T7738] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  353.224753][ T7738] CPU: 1 UID: 0 PID: 7738 Comm: syz.3.368 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  353.224774][ T7738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  353.224791][ T7738] Call Trace:
[  353.224799][ T7738]  <TASK>
[  353.224807][ T7738]  dump_stack_lvl+0x189/0x250
[  353.224847][ T7738]  ? __pfx____ratelimit+0x10/0x10
[  353.224872][ T7738]  ? __pfx_dump_stack_lvl+0x10/0x10
[  353.224896][ T7738]  ? __pfx__printk+0x10/0x10
[  353.224915][ T7738]  ? __might_fault+0xb0/0x130
[  353.224949][ T7738]  should_fail_ex+0x46c/0x600
[  353.224979][ T7738]  _copy_from_user+0x2d/0xb0
[  353.225001][ T7738]  ___sys_sendmsg+0x158/0x2a0
[  353.225022][ T7738]  ? __pfx____sys_sendmsg+0x10/0x10
[  353.225076][ T7738]  ? __fget_files+0x2a/0x420
[  353.225098][ T7738]  ? __fget_files+0x3a6/0x420
[  353.225131][ T7738]  __x64_sys_sendmsg+0x1a1/0x260
[  353.225151][ T7738]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  353.225185][ T7738]  ? __pfx_ksys_write+0x10/0x10
[  353.225204][ T7738]  ? rcu_is_watching+0x15/0xb0
[  353.225234][ T7738]  ? do_syscall_64+0xbe/0x3b0
[  353.225254][ T7738]  do_syscall_64+0xfa/0x3b0
[  353.225269][ T7738]  ? lockdep_hardirqs_on+0x9c/0x150
[  353.225292][ T7738]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.225309][ T7738]  ? clear_bhb_loop+0x60/0xb0
[  353.225331][ T7738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.225348][ T7738] RIP: 0033:0x7fc2edb5eba9
[  353.225369][ T7738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.225382][ T7738] RSP: 002b:00007fc2ebdbe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  353.225408][ T7738] RAX: ffffffffffffffda RBX: 00007fc2edda5fa0 RCX: 00007fc2edb5eba9
[  353.225420][ T7738] RDX: 0000000000001020 RSI: 0000200000000380 RDI: 0000000000000003
[  353.225431][ T7738] RBP: 00007fc2ebdbe090 R08: 0000000000000000 R09: 0000000000000000
[  353.225441][ T7738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  353.225452][ T7738] R13: 00007fc2edda6038 R14: 00007fc2edda5fa0 R15: 00007ffe6e3c3fd8
[  353.225481][ T7738]  </TASK>
[  353.350265][ T5924] playstation 0003:054C:0DF2.0001: Failed to retrieve feature with reportID 5: -71
[  353.350294][ T5924] playstation 0003:054C:0DF2.0001: Failed to retrieve DualSense calibration info: -71
[  353.350330][ T5924] playstation 0003:054C:0DF2.0001: Failed to get calibration data from DualSense
[  353.350344][ T5924] playstation 0003:054C:0DF2.0001: Failed to create dualsense.
[  353.527662][ T5924] playstation 0003:054C:0DF2.0001: probe with driver playstation failed with error -71
[  353.594939][ T5924] usb 1-1: USB disconnect, device number 2
[  353.937505][ T5923] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  354.551682][ T5923] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  354.551712][ T5923] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  354.578876][ T5923] usb 3-1: config 0 descriptor??
[  354.630884][ T5923] cp210x 3-1:0.0: cp210x converter detected
[  355.001966][ T5923] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[  355.327067][ T5923] usb 3-1: cp210x converter now attached to ttyUSB0
[  355.332131][ T5923] usb 3-1: USB disconnect, device number 2
[  355.360528][ T5923] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  356.488831][ T7389] 8021q: adding VLAN 0 to HW filter on device bond0
[  356.489343][ T3620] bridge_slave_1: left allmulticast mode
[  356.489370][ T3620] bridge_slave_1: left promiscuous mode
[  356.489651][ T3620] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.646262][ T5923] cp210x 3-1:0.0: device disconnected
[  356.651490][ T3620] bridge_slave_0: left allmulticast mode
[  356.651524][ T3620] bridge_slave_0: left promiscuous mode
[  356.651810][ T3620] bridge0: port 1(bridge_slave_0) entered disabled state
[  358.137922][ T3620] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  358.225081][ T3620] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  358.557620][ T3620] bond0 (unregistering): Released all slaves
[  359.004692][ T7389] 8021q: adding VLAN 0 to HW filter on device team0
[  359.271657][   T67] bridge0: port 1(bridge_slave_0) entered blocking state
[  359.272090][   T67] bridge0: port 1(bridge_slave_0) entered forwarding state
[  359.845658][ T7814] CIFS: VFS: Malformed UNC in devname
[  360.634182][ T3620] hsr_slave_0: left promiscuous mode
[  360.727306][ T3620] hsr_slave_1: left promiscuous mode
[  360.729284][ T3620] batman_adv: batadv0: Removing interface: batadv_slave_0
[  360.785500][ T3620] batman_adv: batadv0: Removing interface: batadv_slave_1
[  362.160013][ T7845] JFS: discard option not supported on device
[  362.163121][ T7845] Mount JFS Failure: -22
[  362.163139][ T7845] jfs_mount failed w/return code = -22
[  362.574779][ T3620] team0 (unregistering): Port device team_slave_1 removed
[  362.585502][ T7847] tipc: Can't bind to reserved service type 1
[  362.844857][ T3620] team0 (unregistering): Port device team_slave_0 removed
[  363.105757][ T7853] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.392'.
[  363.505890][ T7864] FAULT_INJECTION: forcing a failure.
[  363.505890][ T7864] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  363.505933][ T7864] CPU: 1 UID: 0 PID: 7864 Comm: syz.2.395 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  363.505955][ T7864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  363.505969][ T7864] Call Trace:
[  363.505977][ T7864]  <TASK>
[  363.505984][ T7864]  dump_stack_lvl+0x189/0x250
[  363.506014][ T7864]  ? __pfx____ratelimit+0x10/0x10
[  363.506040][ T7864]  ? __pfx_dump_stack_lvl+0x10/0x10
[  363.506064][ T7864]  ? __pfx__printk+0x10/0x10
[  363.506084][ T7864]  ? __might_fault+0xb0/0x130
[  363.506119][ T7864]  should_fail_ex+0x46c/0x600
[  363.506149][ T7864]  _copy_from_user+0x2d/0xb0
[  363.506172][ T7864]  __sys_bind+0x19f/0x3e0
[  363.506197][ T7864]  ? __pfx___sys_bind+0x10/0x10
[  363.506232][ T7864]  ? __pfx_ksys_write+0x10/0x10
[  363.506251][ T7864]  ? rcu_is_watching+0x15/0xb0
[  363.506284][ T7864]  __x64_sys_bind+0x7a/0x90
[  363.506308][ T7864]  do_syscall_64+0xfa/0x3b0
[  363.506324][ T7864]  ? lockdep_hardirqs_on+0x9c/0x150
[  363.506348][ T7864]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.506370][ T7864]  ? clear_bhb_loop+0x60/0xb0
[  363.506391][ T7864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.506412][ T7864] RIP: 0033:0x7fc336bceba9
[  363.506428][ T7864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.506448][ T7864] RSP: 002b:00007fc334e2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  363.506466][ T7864] RAX: ffffffffffffffda RBX: 00007fc336e15fa0 RCX: 00007fc336bceba9
[  363.506479][ T7864] RDX: 0000000000000010 RSI: 0000200000000200 RDI: 0000000000000004
[  363.506490][ T7864] RBP: 00007fc334e2e090 R08: 0000000000000000 R09: 0000000000000000
[  363.506501][ T7864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  363.506512][ T7864] R13: 00007fc336e16038 R14: 00007fc336e15fa0 R15: 00007ffd8ad76218
[  363.506541][ T7864]  </TASK>
[  363.610511][ T7861] kvm_pr_unimpl_wrmsr: 142 callbacks suppressed
[  363.610529][ T7861] kvm: kvm [7860]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xbf0000bdd1
[  363.610572][ T7861] kvm: kvm [7860]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xbf0000fdd1
[  363.626095][ T7861] kvm: kvm [7860]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x7600006103
[  363.626144][ T7861] kvm: kvm [7860]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x7600002103
[  363.626258][ T7861] kvm: kvm [7860]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb60000106b
[  363.626302][ T7861] kvm: kvm [7860]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb60000506b
[  363.626398][ T7861] kvm: kvm [7860]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb4000073aa
[  363.626441][ T7861] kvm: kvm [7860]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb4000033aa
[  363.666448][ T7861] kvm: kvm [7860]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb1000054bf
[  363.666498][ T7861] kvm: kvm [7860]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb1000014bf
[  364.339266][ T7872] hub 9-0:1.0: USB hub found
[  364.350256][ T7872] hub 9-0:1.0: 1 port detected
[  364.966478][ T5985] bridge0: port 2(bridge_slave_1) entered blocking state
[  364.966648][ T5985] bridge0: port 2(bridge_slave_1) entered forwarding state
[  366.790571][ T7389] 8021q: adding VLAN 0 to HW filter on device batadv0
[  367.729674][ T7924] overlay: Bad value for 'workdir'
[  367.822733][ T7555] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  368.010109][ T7555] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  368.175487][ T7555] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  368.293506][ T7555] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  368.614325][ T7389] veth0_vlan: entered promiscuous mode
[  368.700113][ T7389] veth1_vlan: entered promiscuous mode
[  368.970538][ T7389] veth0_macvtap: entered promiscuous mode
[  369.034718][ T7389] veth1_macvtap: entered promiscuous mode
[  369.170246][ T7389] batman_adv: batadv0: Interface activated: batadv_slave_0
[  369.248242][ T7389] batman_adv: batadv0: Interface activated: batadv_slave_1
[  369.332845][ T7555] 8021q: adding VLAN 0 to HW filter on device bond0
[  369.385356][   T43] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  369.397646][   T43] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  369.400641][   T43] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  369.405554][   T43] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  369.510158][ T7956] kvm_pr_unimpl_wrmsr: 20 callbacks suppressed
[  369.510180][ T7956] kvm: kvm [7955]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x4002
[  369.510224][ T7956] kvm: kvm [7955]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x2
[  369.525836][ T7956] kvm: kvm [7955]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x80
[  369.525886][ T7956] kvm: kvm [7955]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x4080
[  369.554653][ T7956] kvm: kvm [7955]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x2
[  369.554704][ T7956] kvm: kvm [7955]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4002
[  369.586579][ T7956] kvm: kvm [7955]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x2
[  369.586630][ T7956] kvm: kvm [7955]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4002
[  369.615985][ T7956] kvm: kvm [7955]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x2
[  369.616037][ T7956] kvm: kvm [7955]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4002
[  369.665095][ T7555] 8021q: adding VLAN 0 to HW filter on device team0
[  369.844570][ T5985] bridge0: port 1(bridge_slave_0) entered blocking state
[  369.844768][ T5985] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.037473][   T87] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.037623][   T87] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.356365][  T992] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  370.356386][  T992] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  371.326418][ T7985] FAULT_INJECTION: forcing a failure.
[  371.326418][ T7985] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  371.326451][ T7985] CPU: 0 UID: 0 PID: 7985 Comm: syz.3.410 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  371.326472][ T7985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  371.326482][ T7985] Call Trace:
[  371.326490][ T7985]  <TASK>
[  371.326498][ T7985]  dump_stack_lvl+0x189/0x250
[  371.326528][ T7985]  ? __pfx____ratelimit+0x10/0x10
[  371.326554][ T7985]  ? __pfx_dump_stack_lvl+0x10/0x10
[  371.326579][ T7985]  ? __pfx__printk+0x10/0x10
[  371.326614][ T7985]  should_fail_ex+0x46c/0x600
[  371.326645][ T7985]  _copy_to_user+0x31/0xb0
[  371.326682][ T7985]  simple_read_from_buffer+0xe1/0x170
[  371.326711][ T7985]  proc_fail_nth_read+0x1b6/0x220
[  371.326734][ T7985]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  371.326755][ T7985]  ? rw_verify_area+0x2ac/0x4e0
[  371.326776][ T7985]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  371.326796][ T7985]  vfs_read+0x206/0xa30
[  371.326827][ T7985]  ? __pfx_vfs_read+0x10/0x10
[  371.326844][ T7985]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  371.326889][ T7985]  ? mutex_lock_nested+0x154/0x1d0
[  371.326908][ T7985]  ? fdget_pos+0x253/0x320
[  371.326944][ T7985]  ksys_read+0x14b/0x260
[  371.326968][ T7985]  ? __pfx_ksys_read+0x10/0x10
[  371.326986][ T7985]  ? rcu_is_watching+0x15/0xb0
[  371.327018][ T7985]  ? do_syscall_64+0xbe/0x3b0
[  371.327039][ T7985]  do_syscall_64+0xfa/0x3b0
[  371.327054][ T7985]  ? lockdep_hardirqs_on+0x9c/0x150
[  371.327078][ T7985]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.327096][ T7985]  ? clear_bhb_loop+0x60/0xb0
[  371.327119][ T7985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.327135][ T7985] RIP: 0033:0x7fc2edb5d5bc
[  371.327152][ T7985] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  371.327165][ T7985] RSP: 002b:00007fc2ebd9d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  371.327184][ T7985] RAX: ffffffffffffffda RBX: 00007fc2edda6090 RCX: 00007fc2edb5d5bc
[  371.327197][ T7985] RDX: 000000000000000f RSI: 00007fc2ebd9d0a0 RDI: 0000000000000004
[  371.327208][ T7985] RBP: 00007fc2ebd9d090 R08: 0000000000000000 R09: 0000000000000000
[  371.327219][ T7985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  371.327230][ T7985] R13: 00007fc2edda6128 R14: 00007fc2edda6090 R15: 00007ffe6e3c3fd8
[  371.327260][ T7985]  </TASK>
[  371.504346][  T992] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  371.504366][  T992] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  372.341747][ T7555] 8021q: adding VLAN 0 to HW filter on device batadv0
[  373.773270][ T7555] veth0_vlan: entered promiscuous mode
[  373.828668][ T7555] veth1_vlan: entered promiscuous mode
[  373.911010][ T7555] veth0_macvtap: entered promiscuous mode
[  373.956276][ T7555] veth1_macvtap: entered promiscuous mode
[  374.176104][ T7555] batman_adv: batadv0: Interface activated: batadv_slave_0
[  374.216799][ T7555] batman_adv: batadv0: Interface activated: batadv_slave_1
[  374.289099][   T67] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  374.289770][   T67] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  374.292397][   T67] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  374.292486][   T67] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  375.161548][ T8044] FAULT_INJECTION: forcing a failure.
[  375.161548][ T8044] name failslab, interval 1, probability 0, space 0, times 1
[  375.161582][ T8044] CPU: 1 UID: 0 PID: 8044 Comm: syz.3.415 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  375.161602][ T8044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  375.161613][ T8044] Call Trace:
[  375.161620][ T8044]  <TASK>
[  375.161627][ T8044]  dump_stack_lvl+0x189/0x250
[  375.161657][ T8044]  ? __pfx____ratelimit+0x10/0x10
[  375.161683][ T8044]  ? __pfx_dump_stack_lvl+0x10/0x10
[  375.161708][ T8044]  ? __pfx__printk+0x10/0x10
[  375.161733][ T8044]  ? __pfx___might_resched+0x10/0x10
[  375.161753][ T8044]  ? fs_reclaim_acquire+0x7d/0x100
[  375.161774][ T8044]  should_fail_ex+0x46c/0x600
[  375.161804][ T8044]  should_failslab+0xa8/0x100
[  375.161830][ T8044]  __kmalloc_noprof+0xcb/0x430
[  375.161851][ T8044]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  375.161882][ T8044]  tomoyo_realpath_from_path+0xe3/0x5d0
[  375.161907][ T8044]  ? tomoyo_domain+0xda/0x130
[  375.161936][ T8044]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  375.161957][ T8044]  tomoyo_path_number_perm+0x1e8/0x5a0
[  375.161981][ T8044]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  375.162006][ T8044]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  375.162030][ T8044]  ? lockdep_hardirqs_on+0x9c/0x150
[  375.162060][ T8044]  ? __lock_acquire+0xab9/0xd20
[  375.162097][ T8044]  ? __fget_files+0x2a/0x420
[  375.162123][ T8044]  ? __fget_files+0x2a/0x420
[  375.162145][ T8044]  ? __fget_files+0x3a6/0x420
[  375.162167][ T8044]  ? __fget_files+0x2a/0x420
[  375.162194][ T8044]  security_file_ioctl+0xcb/0x2d0
[  375.162219][ T8044]  __se_sys_ioctl+0x47/0x170
[  375.162242][ T8044]  do_syscall_64+0xfa/0x3b0
[  375.162258][ T8044]  ? lockdep_hardirqs_on+0x9c/0x150
[  375.162282][ T8044]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.162300][ T8044]  ? clear_bhb_loop+0x60/0xb0
[  375.162322][ T8044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.162345][ T8044] RIP: 0033:0x7fc2edb5eba9
[  375.162361][ T8044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  375.162375][ T8044] RSP: 002b:00007fc2ebd7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  375.162394][ T8044] RAX: ffffffffffffffda RBX: 00007fc2edda6180 RCX: 00007fc2edb5eba9
[  375.162407][ T8044] RDX: 0000200000000080 RSI: 00000000c0585605 RDI: 0000000000000006
[  375.162419][ T8044] RBP: 00007fc2ebd7c090 R08: 0000000000000000 R09: 0000000000000000
[  375.162430][ T8044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  375.162441][ T8044] R13: 00007fc2edda6218 R14: 00007fc2edda6180 R15: 00007ffe6e3c3fd8
[  375.162471][ T8044]  </TASK>
[  375.162508][ T8044] ERROR: Out of memory at tomoyo_realpath_from_path.
[  376.539288][    C1] vkms_vblank_simulate: vblank timer overrun
[  377.428975][ T8057] overlayfs: missing 'lowerdir'
[  378.666843][ T1326] ieee802154 phy0 wpan0: encryption failed: -22
[  378.666934][ T1326] ieee802154 phy1 wpan1: encryption failed: -22
[  378.950965][ T8066] FAULT_INJECTION: forcing a failure.
[  378.950965][ T8066] name failslab, interval 1, probability 0, space 0, times 0
[  378.951015][ T8066] CPU: 1 UID: 0 PID: 8066 Comm: syz.3.422 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  378.951036][ T8066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  378.951048][ T8066] Call Trace:
[  378.951061][ T8066]  <TASK>
[  378.951069][ T8066]  dump_stack_lvl+0x189/0x250
[  378.951106][ T8066]  ? __pfx____ratelimit+0x10/0x10
[  378.951138][ T8066]  ? __pfx_dump_stack_lvl+0x10/0x10
[  378.951164][ T8066]  ? __pfx__printk+0x10/0x10
[  378.951195][ T8066]  ? __pfx___might_resched+0x10/0x10
[  378.951221][ T8066]  ? fs_reclaim_acquire+0x7d/0x100
[  378.951244][ T8066]  should_fail_ex+0x46c/0x600
[  378.951282][ T8066]  should_failslab+0xa8/0x100
[  378.951314][ T8066]  __kmalloc_noprof+0xcb/0x430
[  378.951337][ T8066]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  378.951374][ T8066]  tomoyo_realpath_from_path+0xe3/0x5d0
[  378.951407][ T8066]  ? tomoyo_domain+0xda/0x130
[  378.951443][ T8066]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  378.951470][ T8066]  tomoyo_path_number_perm+0x1e8/0x5a0
[  378.951494][ T8066]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  378.951526][ T8066]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  378.951558][ T8066]  ? lockdep_hardirqs_on+0x9c/0x150
[  378.951598][ T8066]  ? __lock_acquire+0xab9/0xd20
[  378.951649][ T8066]  ? __fget_files+0x2a/0x420
[  378.951683][ T8066]  ? __fget_files+0x2a/0x420
[  378.951705][ T8066]  ? __fget_files+0x3a6/0x420
[  378.951733][ T8066]  ? __fget_files+0x2a/0x420
[  378.951760][ T8066]  security_file_ioctl+0xcb/0x2d0
[  378.951790][ T8066]  __se_sys_ioctl+0x47/0x170
[  378.951820][ T8066]  do_syscall_64+0xfa/0x3b0
[  378.951835][ T8066]  ? lockdep_hardirqs_on+0x9c/0x150
[  378.951865][ T8066]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.951884][ T8066]  ? clear_bhb_loop+0x60/0xb0
[  378.951911][ T8066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.951933][ T8066] RIP: 0033:0x7fc2edb5eba9
[  378.951951][ T8066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  378.951966][ T8066] RSP: 002b:00007fc2ebdbe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  378.951991][ T8066] RAX: ffffffffffffffda RBX: 00007fc2edda5fa0 RCX: 00007fc2edb5eba9
[  378.952010][ T8066] RDX: 0000000000000000 RSI: 00000000c1004110 RDI: 0000000000000003
[  378.952026][ T8066] RBP: 00007fc2ebdbe090 R08: 0000000000000000 R09: 0000000000000000
[  378.952037][ T8066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  378.952048][ T8066] R13: 00007fc2edda6038 R14: 00007fc2edda5fa0 R15: 00007ffe6e3c3fd8
[  378.952082][ T8066]  </TASK>
[  378.952091][ T8066] ERROR: Out of memory at tomoyo_realpath_from_path.
[  379.002632][ T6875] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.002650][ T6875] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.371108][ T1223] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.371128][ T1223] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.660287][ T8076] kvm_pr_unimpl_wrmsr: 24 callbacks suppressed
[  379.660308][ T8076] kvm: kvm [8075]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x6f0000bdd1
[  379.660353][ T8076] kvm: kvm [8075]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x6f0000fdd1
[  380.446925][ T8090] kvm: kvm [8088]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000
[  380.611213][ T8090] kvm: kvm [8088]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000
[  380.613072][ T8090] kvm: kvm [8088]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4000
[  381.852880][ T5850] Bluetooth: hci4: unexpected event for opcode 0x200f
[  382.866288][    C0] vkms_vblank_simulate: vblank timer overrun
[  382.949178][    C0] vkms_vblank_simulate: vblank timer overrun
[  384.161771][    C0] vkms_vblank_simulate: vblank timer overrun
[  384.980571][ T8145] erofs (device loop2): cannot find valid erofs superblock
[  385.131133][    C0] vkms_vblank_simulate: vblank timer overrun
[  385.174884][ T5850] block nbd3: Receive control failed (result -32)
[  385.204020][ T8136] block nbd3: shutting down sockets
[  387.214547][    C0] vkms_vblank_simulate: vblank timer overrun
[  388.190604][ T8172] overlayfs: failed to resolve './file0': -2
[  388.607198][    C0] vkms_vblank_simulate: vblank timer overrun
[  388.910358][ T8179] JFS: discard option not supported on device
[  388.910892][ T8179] Mount JFS Failure: -22
[  388.910907][ T8179] jfs_mount failed w/return code = -22
[  389.717454][    C0] vkms_vblank_simulate: vblank timer overrun
[  389.908749][ T8189] hub 9-0:1.0: USB hub found
[  389.909164][    C0] vkms_vblank_simulate: vblank timer overrun
[  389.910031][ T8189] hub 9-0:1.0: 1 port detected
[  390.442974][ T8195] netlink: 132 bytes leftover after parsing attributes in process `syz.2.452'.
[  390.753445][ T8198] FAULT_INJECTION: forcing a failure.
[  390.753445][ T8198] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  390.753504][ T8198] CPU: 1 UID: 0 PID: 8198 Comm: syz.3.451 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  390.753526][ T8198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  390.753536][ T8198] Call Trace:
[  390.753544][ T8198]  <TASK>
[  390.753552][ T8198]  dump_stack_lvl+0x189/0x250
[  390.753581][ T8198]  ? __pfx____ratelimit+0x10/0x10
[  390.753607][ T8198]  ? __pfx_dump_stack_lvl+0x10/0x10
[  390.753631][ T8198]  ? __pfx__printk+0x10/0x10
[  390.753656][ T8198]  ? lock_acquire+0x175/0x360
[  390.753693][ T8198]  should_fail_ex+0x46c/0x600
[  390.753723][ T8198]  _copy_from_user+0x2d/0xb0
[  390.753745][ T8198]  ucma_write+0x161/0x2f0
[  390.753774][ T8198]  ? __pfx_ucma_write+0x10/0x10
[  390.753796][ T8198]  ? rw_verify_area+0x25b/0x4e0
[  390.753816][ T8198]  ? __lock_acquire+0xab9/0xd20
[  390.753835][ T8198]  ? __pfx_ucma_write+0x10/0x10
[  390.753860][ T8198]  vfs_write+0x287/0xb40
[  390.753890][ T8198]  ? __pfx_vfs_write+0x10/0x10
[  390.753913][ T8198]  ? __fget_files+0x2a/0x420
[  390.753939][ T8198]  ? __fget_files+0x2a/0x420
[  390.753961][ T8198]  ? __fget_files+0x3a6/0x420
[  390.753982][ T8198]  ? __fget_files+0x2a/0x420
[  390.754014][ T8198]  ksys_write+0x14b/0x260
[  390.754038][ T8198]  ? __pfx_ksys_write+0x10/0x10
[  390.754071][ T8198]  do_syscall_64+0xfa/0x3b0
[  390.754089][ T8198]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.754106][ T8198]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  390.754123][ T8198]  ? clear_bhb_loop+0x60/0xb0
[  390.754144][ T8198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.754162][ T8198] RIP: 0033:0x7fc2edb5eba9
[  390.754177][ T8198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  390.754191][ T8198] RSP: 002b:00007fc2ebd7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  390.754210][ T8198] RAX: ffffffffffffffda RBX: 00007fc2edda6180 RCX: 00007fc2edb5eba9
[  390.754223][ T8198] RDX: 0000000000000118 RSI: 0000200000000000 RDI: 0000000000000005
[  390.754234][ T8198] RBP: 00007fc2ebd7c090 R08: 0000000000000000 R09: 0000000000000000
[  390.754245][ T8198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  390.754256][ T8198] R13: 00007fc2edda6218 R14: 00007fc2edda6180 R15: 00007ffe6e3c3fd8
[  390.754285][ T8198]  </TASK>
[  391.078565][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.584247][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.721952][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.846606][ T8202] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  391.896286][    C0] vkms_vblank_simulate: vblank timer overrun
[  392.803966][  T980] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  392.963522][  T980] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  392.963578][  T980] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  392.990325][  T980] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  392.990353][  T980] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  392.990372][  T980] usb 6-1: Product: syz
[  392.990385][  T980] usb 6-1: Manufacturer: syz
[  392.990398][  T980] usb 6-1: SerialNumber: syz
[  393.280653][    C0] vkms_vblank_simulate: vblank timer overrun
[  393.300370][ T8201] syz.5.453 uses obsolete (PF_INET,SOCK_PACKET)
[  393.568464][ T8217] FAULT_INJECTION: forcing a failure.
[  393.568464][ T8217] name failslab, interval 1, probability 0, space 0, times 0
[  393.568495][ T8217] CPU: 0 UID: 0 PID: 8217 Comm: syz.3.457 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  393.568516][ T8217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  393.568526][ T8217] Call Trace:
[  393.568533][ T8217]  <TASK>
[  393.568541][ T8217]  dump_stack_lvl+0x189/0x250
[  393.568570][ T8217]  ? __pfx____ratelimit+0x10/0x10
[  393.568596][ T8217]  ? __pfx_dump_stack_lvl+0x10/0x10
[  393.568620][ T8217]  ? __pfx__printk+0x10/0x10
[  393.568646][ T8217]  ? __pfx___might_resched+0x10/0x10
[  393.568671][ T8217]  ? fs_reclaim_acquire+0x7d/0x100
[  393.568693][ T8217]  should_fail_ex+0x46c/0x600
[  393.568721][ T8217]  ? __alloc_skb+0x112/0x2d0
[  393.568744][ T8217]  should_failslab+0xa8/0x100
[  393.568769][ T8217]  ? __alloc_skb+0x112/0x2d0
[  393.568789][ T8217]  kmem_cache_alloc_node_noprof+0x77/0x330
[  393.568823][ T8217]  __alloc_skb+0x112/0x2d0
[  393.568851][ T8217]  tcp_stream_alloc_skb+0x3d/0x340
[  393.568876][ T8217]  tcp_sendmsg_locked+0xf3e/0x5620
[  393.568897][ T8217]  ? __lock_acquire+0xab9/0xd20
[  393.568930][ T8217]  ? __pfx_migrate_enable+0x10/0x10
[  393.568970][ T8217]  ? __local_bh_enable+0x23f/0x3d0
[  393.569012][ T8217]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  393.569039][ T8217]  ? rt_spin_unlock+0x65/0x80
[  393.569063][ T8217]  ? lock_sock_nested+0x5f/0x130
[  393.569084][ T8217]  ? lock_sock_nested+0xdd/0x130
[  393.569107][ T8217]  tcp_sendmsg+0x2f/0x50
[  393.569128][ T8217]  __sock_sendmsg+0x19c/0x270
[  393.569154][ T8217]  __sys_sendto+0x3c7/0x520
[  393.569182][ T8217]  ? __pfx___sys_sendto+0x10/0x10
[  393.569234][ T8217]  ? ksys_write+0x230/0x260
[  393.569258][ T8217]  ? __pfx_ksys_write+0x10/0x10
[  393.569276][ T8217]  ? rcu_is_watching+0x15/0xb0
[  393.569307][ T8217]  __x64_sys_sendto+0xde/0x100
[  393.569335][ T8217]  do_syscall_64+0xfa/0x3b0
[  393.569350][ T8217]  ? lockdep_hardirqs_on+0x9c/0x150
[  393.569374][ T8217]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.569391][ T8217]  ? clear_bhb_loop+0x60/0xb0
[  393.569417][ T8217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.569434][ T8217] RIP: 0033:0x7fc2edb5eba9
[  393.569450][ T8217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  393.569464][ T8217] RSP: 002b:00007fc2ebdbe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  393.569483][ T8217] RAX: ffffffffffffffda RBX: 00007fc2edda5fa0 RCX: 00007fc2edb5eba9
[  393.569496][ T8217] RDX: 000000000000059a RSI: 0000200000000580 RDI: 0000000000000003
[  393.569508][ T8217] RBP: 00007fc2ebdbe090 R08: 0000000000000000 R09: 0000000000000000
[  393.569519][ T8217] R10: 0000000010008095 R11: 0000000000000246 R12: 0000000000000001
[  393.569530][ T8217] R13: 00007fc2edda6038 R14: 00007fc2edda5fa0 R15: 00007ffe6e3c3fd8
[  393.569560][ T8217]  </TASK>
[  394.205278][ T8221] Zero length message leads to an empty skb
[  394.443994][  T980] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  394.708644][ T8226] JFS: discard option not supported on device
[  394.732986][  T980] usb 7-1: device descriptor read/64, error -71
[  394.790947][ T8226] Mount JFS Failure: -22
[  394.790963][ T8226] jfs_mount failed w/return code = -22
[  394.939593][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.103923][  T980] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  395.235143][  T980] usb 7-1: device descriptor read/64, error -71
[  395.519224][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.537207][  T980] usb usb7-port1: attempt power cycle
[  395.578159][ T8049] usb 6-1: USB disconnect, device number 2
[  395.724888][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.433984][  T980] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  396.524445][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.586052][  T980] usb 7-1: device descriptor read/8, error -71
[  396.667942][ T8238] kvm: kvm [8237]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x4002
[  396.667996][ T8238] kvm: kvm [8237]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x2
[  396.689605][ T8238] kvm: kvm [8237]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x80
[  396.689658][ T8238] kvm: kvm [8237]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x4080
[  396.724817][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.776875][ T8238] kvm: kvm [8237]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x2
[  396.776927][ T8238] kvm: kvm [8237]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4002
[  396.804604][ T8238] kvm: kvm [8237]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x2
[  396.804657][ T8238] kvm: kvm [8237]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4002
[  396.831505][ T8238] kvm: kvm [8237]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x2
[  396.831557][ T8238] kvm: kvm [8237]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4002
[  396.905347][  T980] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  396.991087][  T980] usb 7-1: device descriptor read/8, error -71
[  397.120614][  T980] usb usb7-port1: unable to enumerate USB device
[  397.794280][ T8249] trusted_key: syz.6.467 sent an empty control message without MSG_MORE.
[  397.871315][ T8252] block nbd6: NBD_DISCONNECT
[  397.871857][ T8252] block nbd6: Disconnected due to user request.
[  397.871874][ T8252] block nbd6: shutting down sockets
[  397.883887][ T5923] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  398.046254][ T5923] usb 6-1: config 0 interface 0 has no altsetting 0
[  398.046297][ T5923] usb 6-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  398.046320][ T5923] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  398.104923][ T5923] usb 6-1: config 0 descriptor??
[  398.320768][ T5923]  (null): keene_cmd_main failed (-71)
[  398.414040][ T5923] video4linux radio48: keene_cmd_main failed (-71)
[  398.414065][ T5923] radio-keene 6-1:0.0: V4L2 device registered as radio48
[  398.421809][ T5923] usb 6-1: USB disconnect, device number 3
[  400.076627][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.417330][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.973096][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.995446][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.052696][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.728085][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.829747][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.935709][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.322046][ T8285] FAULT_INJECTION: forcing a failure.
[  402.322046][ T8285] name failslab, interval 1, probability 0, space 0, times 0
[  402.322084][ T8285] CPU: 0 UID: 0 PID: 8285 Comm: syz.0.478 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  402.322132][ T8285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  402.322157][ T8285] Call Trace:
[  402.322172][ T8285]  <TASK>
[  402.322189][ T8285]  dump_stack_lvl+0x189/0x250
[  402.322254][ T8285]  ? __pfx____ratelimit+0x10/0x10
[  402.322315][ T8285]  ? __pfx_dump_stack_lvl+0x10/0x10
[  402.322378][ T8285]  ? __pfx__printk+0x10/0x10
[  402.322438][ T8285]  ? __pfx___might_resched+0x10/0x10
[  402.322485][ T8285]  ? fs_reclaim_acquire+0x7d/0x100
[  402.322535][ T8285]  should_fail_ex+0x46c/0x600
[  402.322607][ T8285]  should_failslab+0xa8/0x100
[  402.322641][ T8285]  __kmalloc_noprof+0xcb/0x430
[  402.322662][ T8285]  ? snd_pcm_writev+0x302/0x730
[  402.322687][ T8285]  snd_pcm_writev+0x302/0x730
[  402.322713][ T8285]  do_iter_readv_writev+0x62b/0x8d0
[  402.322743][ T8285]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  402.322774][ T8285]  ? rw_verify_area+0x25b/0x4e0
[  402.322799][ T8285]  vfs_writev+0x323/0x970
[  402.322828][ T8285]  ? __lock_acquire+0xab9/0xd20
[  402.322853][ T8285]  ? __pfx_vfs_writev+0x10/0x10
[  402.322899][ T8285]  ? __fget_files+0x2a/0x420
[  402.322926][ T8285]  ? __fget_files+0x3a6/0x420
[  402.322947][ T8285]  ? __fget_files+0x2a/0x420
[  402.322979][ T8285]  do_writev+0x153/0x2d0
[  402.323006][ T8285]  ? __pfx_do_writev+0x10/0x10
[  402.323028][ T8285]  ? rcu_is_watching+0x15/0xb0
[  402.323058][ T8285]  ? do_syscall_64+0xbe/0x3b0
[  402.323078][ T8285]  do_syscall_64+0xfa/0x3b0
[  402.323093][ T8285]  ? lockdep_hardirqs_on+0x9c/0x150
[  402.323117][ T8285]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.323134][ T8285]  ? clear_bhb_loop+0x60/0xb0
[  402.323155][ T8285]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.323173][ T8285] RIP: 0033:0x7f0aef38eba9
[  402.323188][ T8285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  402.323202][ T8285] RSP: 002b:00007f0aed5ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  402.323221][ T8285] RAX: ffffffffffffffda RBX: 00007f0aef5d5fa0 RCX: 00007f0aef38eba9
[  402.323234][ T8285] RDX: 0000000000000002 RSI: 000020000009de80 RDI: 0000000000000005
[  402.323245][ T8285] RBP: 00007f0aed5ee090 R08: 0000000000000000 R09: 0000000000000000
[  402.323256][ T8285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.323267][ T8285] R13: 00007f0aef5d6038 R14: 00007f0aef5d5fa0 R15: 00007fff98e35b18
[  402.323296][ T8285]  </TASK>
[  402.415810][ T8287] FAULT_INJECTION: forcing a failure.
[  402.415810][ T8287] name failslab, interval 1, probability 0, space 0, times 0
[  402.415841][ T8287] CPU: 0 UID: 0 PID: 8287 Comm: syz.2.479 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  402.415861][ T8287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  402.415871][ T8287] Call Trace:
[  402.415878][ T8287]  <TASK>
[  402.415885][ T8287]  dump_stack_lvl+0x189/0x250
[  402.415914][ T8287]  ? __pfx____ratelimit+0x10/0x10
[  402.415939][ T8287]  ? __pfx_dump_stack_lvl+0x10/0x10
[  402.415962][ T8287]  ? __pfx__printk+0x10/0x10
[  402.415986][ T8287]  ? __pfx___might_resched+0x10/0x10
[  402.416003][ T8287]  ? fs_reclaim_acquire+0x7d/0x100
[  402.416024][ T8287]  should_fail_ex+0x46c/0x600
[  402.416051][ T8287]  ? __alloc_skb+0x112/0x2d0
[  402.416072][ T8287]  should_failslab+0xa8/0x100
[  402.416095][ T8287]  ? __alloc_skb+0x112/0x2d0
[  402.416114][ T8287]  kmem_cache_alloc_node_noprof+0x77/0x330
[  402.416143][ T8287]  __alloc_skb+0x112/0x2d0
[  402.416170][ T8287]  netlink_sendmsg+0x5c6/0xb30
[  402.416203][ T8287]  ? __pfx_netlink_sendmsg+0x10/0x10
[  402.416233][ T8287]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  402.416250][ T8287]  ? __pfx_netlink_sendmsg+0x10/0x10
[  402.416272][ T8287]  __sock_sendmsg+0x21c/0x270
[  402.416297][ T8287]  ____sys_sendmsg+0x508/0x820
[  402.416328][ T8287]  ? __pfx_____sys_sendmsg+0x10/0x10
[  402.416354][ T8287]  ? import_iovec+0x74/0xa0
[  402.416378][ T8287]  ___sys_sendmsg+0x21f/0x2a0
[  402.416397][ T8287]  ? __pfx____sys_sendmsg+0x10/0x10
[  402.416448][ T8287]  ? __fget_files+0x2a/0x420
[  402.416470][ T8287]  ? __fget_files+0x3a6/0x420
[  402.416501][ T8287]  __x64_sys_sendmsg+0x1a1/0x260
[  402.416521][ T8287]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  402.416552][ T8287]  ? __pfx_ksys_write+0x10/0x10
[  402.416570][ T8287]  ? rcu_is_watching+0x15/0xb0
[  402.416599][ T8287]  ? do_syscall_64+0xbe/0x3b0
[  402.416619][ T8287]  do_syscall_64+0xfa/0x3b0
[  402.416633][ T8287]  ? lockdep_hardirqs_on+0x9c/0x150
[  402.416656][ T8287]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.416672][ T8287]  ? clear_bhb_loop+0x60/0xb0
[  402.416692][ T8287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.416708][ T8287] RIP: 0033:0x7fc336bceba9
[  402.416723][ T8287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  402.416737][ T8287] RSP: 002b:00007fc334e2e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  402.416755][ T8287] RAX: ffffffffffffffda RBX: 00007fc336e15fa0 RCX: 00007fc336bceba9
[  402.416768][ T8287] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  402.416778][ T8287] RBP: 00007fc334e2e090 R08: 0000000000000000 R09: 0000000000000000
[  402.416788][ T8287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.416798][ T8287] R13: 00007fc336e16038 R14: 00007fc336e15fa0 R15: 00007ffd8ad76218
[  402.416826][ T8287]  </TASK>
[  402.845816][    C0] vkms_vblank_simulate: vblank timer overrun
[  403.024345][ T8295] netlink: 24 bytes leftover after parsing attributes in process `syz.2.482'.
[  403.424030][ T5923] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  403.586555][ T5923] usb 6-1: config 0 interface 0 has no altsetting 0
[  403.586598][ T5923] usb 6-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  403.586619][ T5923] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.635347][ T5923] usb 6-1: config 0 descriptor??
[  403.860587][ T5923]  (null): keene_cmd_main failed (-71)
[  403.894895][ T5923] video4linux radio48: keene_cmd_main failed (-71)
[  403.894921][ T5923] radio-keene 6-1:0.0: V4L2 device registered as radio48
[  403.902514][ T5923] usb 6-1: USB disconnect, device number 4
[  404.063066][ T8313] kvm_pr_unimpl_wrmsr: 28 callbacks suppressed
[  404.063088][ T8313] kvm: kvm [8311]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x4002
[  404.063134][ T8313] kvm: kvm [8311]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x2
[  404.083593][ T8309] kvm: kvm [8308]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x970000ef32
[  404.085625][ T8309] kvm: kvm [8308]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xbb0000217e
[  405.364771][ T8327] FAULT_INJECTION: forcing a failure.
[  405.364771][ T8327] name failslab, interval 1, probability 0, space 0, times 0
[  405.364802][ T8327] CPU: 0 UID: 0 PID: 8327 Comm: syz.5.491 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  405.364823][ T8327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  405.364833][ T8327] Call Trace:
[  405.364840][ T8327]  <TASK>
[  405.364847][ T8327]  dump_stack_lvl+0x189/0x250
[  405.364874][ T8327]  ? __pfx____ratelimit+0x10/0x10
[  405.364900][ T8327]  ? __pfx_dump_stack_lvl+0x10/0x10
[  405.364923][ T8327]  ? __pfx__printk+0x10/0x10
[  405.364947][ T8327]  ? __pfx___might_resched+0x10/0x10
[  405.364965][ T8327]  ? fs_reclaim_acquire+0x7d/0x100
[  405.364986][ T8327]  should_fail_ex+0x46c/0x600
[  405.365014][ T8327]  should_failslab+0xa8/0x100
[  405.365038][ T8327]  __kmalloc_cache_node_noprof+0x78/0x340
[  405.365060][ T8327]  ? __get_vm_area_node+0x172/0x350
[  405.365086][ T8327]  __get_vm_area_node+0x172/0x350
[  405.365114][ T8327]  __vmalloc_node_range_noprof+0x301/0x12f0
[  405.365139][ T8327]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  405.365162][ T8327]  ? is_bpf_text_address+0x26/0x2b0
[  405.365207][ T8327]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  405.365230][ T8327]  ? __might_fault+0xb0/0x130
[  405.365254][ T8327]  ? _parse_integer_limit+0x1ae/0x1f0
[  405.365286][ T8327]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  405.365306][ T8327]  __vmalloc_noprof+0xb1/0xf0
[  405.365327][ T8327]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  405.365351][ T8327]  bpf_prog_alloc_no_stats+0x4a/0x510
[  405.365378][ T8327]  bpf_prog_alloc+0x3c/0x1a0
[  405.365401][ T8327]  bpf_prog_load+0x735/0x1930
[  405.365434][ T8327]  ? __pfx_bpf_prog_load+0x10/0x10
[  405.365478][ T8327]  ? bpf_lsm_bpf+0x9/0x20
[  405.365497][ T8327]  ? security_bpf+0x7e/0x300
[  405.365523][ T8327]  __sys_bpf+0x528/0x870
[  405.365546][ T8327]  ? __pfx___sys_bpf+0x10/0x10
[  405.365585][ T8327]  ? ksys_write+0x230/0x260
[  405.365609][ T8327]  ? __pfx_ksys_write+0x10/0x10
[  405.365638][ T8327]  __x64_sys_bpf+0x7c/0x90
[  405.365658][ T8327]  do_syscall_64+0xfa/0x3b0
[  405.365673][ T8327]  ? lockdep_hardirqs_on+0x9c/0x150
[  405.365696][ T8327]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.365714][ T8327]  ? clear_bhb_loop+0x60/0xb0
[  405.365735][ T8327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.365751][ T8327] RIP: 0033:0x7f7290a5eba9
[  405.365767][ T8327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  405.365780][ T8327] RSP: 002b:00007f728ecbe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  405.365799][ T8327] RAX: ffffffffffffffda RBX: 00007f7290ca5fa0 RCX: 00007f7290a5eba9
[  405.365811][ T8327] RDX: 0000000000000094 RSI: 0000200000000180 RDI: 0000000000000005
[  405.365822][ T8327] RBP: 00007f728ecbe090 R08: 0000000000000000 R09: 0000000000000000
[  405.365832][ T8327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  405.365843][ T8327] R13: 00007f7290ca6038 R14: 00007f7290ca5fa0 R15: 00007fff03c91d98
[  405.365871][ T8327]  </TASK>
[  405.366084][ T8327] syz.5.491: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  405.366398][ T8327] CPU: 0 UID: 0 PID: 8327 Comm: syz.5.491 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  405.366418][ T8327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  405.366427][ T8327] Call Trace:
[  405.366434][ T8327]  <TASK>
[  405.366441][ T8327]  dump_stack_lvl+0x189/0x250
[  405.366470][ T8327]  ? __pfx_dump_stack_lvl+0x10/0x10
[  405.366495][ T8327]  ? __pfx__printk+0x10/0x10
[  405.366514][ T8327]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  405.366530][ T8327]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  405.366549][ T8327]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  405.366578][ T8327]  warn_alloc+0x22e/0x3b0
[  405.366605][ T8327]  ? should_fail_ex+0x344/0x600
[  405.366633][ T8327]  ? __pfx_warn_alloc+0x10/0x10
[  405.366660][ T8327]  ? __get_vm_area_node+0x172/0x350
[  405.366686][ T8327]  ? __get_vm_area_node+0x2e2/0x350
[  405.366715][ T8327]  __vmalloc_node_range_noprof+0x326/0x12f0
[  405.366742][ T8327]  ? is_bpf_text_address+0x26/0x2b0
[  405.366787][ T8327]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  405.366810][ T8327]  ? __might_fault+0xb0/0x130
[  405.366835][ T8327]  ? _parse_integer_limit+0x1ae/0x1f0
[  405.366864][ T8327]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  405.366883][ T8327]  __vmalloc_noprof+0xb1/0xf0
[  405.366906][ T8327]  ? bpf_prog_alloc_no_stats+0x4a/0x510
[  405.366930][ T8327]  bpf_prog_alloc_no_stats+0x4a/0x510
[  405.366956][ T8327]  bpf_prog_alloc+0x3c/0x1a0
[  405.366980][ T8327]  bpf_prog_load+0x735/0x1930
[  405.367013][ T8327]  ? __pfx_bpf_prog_load+0x10/0x10
[  405.367056][ T8327]  ? bpf_lsm_bpf+0x9/0x20
[  405.367075][ T8327]  ? security_bpf+0x7e/0x300
[  405.367099][ T8327]  __sys_bpf+0x528/0x870
[  405.367121][ T8327]  ? __pfx___sys_bpf+0x10/0x10
[  405.367155][ T8327]  ? ksys_write+0x230/0x260
[  405.367179][ T8327]  ? __pfx_ksys_write+0x10/0x10
[  405.367206][ T8327]  __x64_sys_bpf+0x7c/0x90
[  405.367226][ T8327]  do_syscall_64+0xfa/0x3b0
[  405.367242][ T8327]  ? lockdep_hardirqs_on+0x9c/0x150
[  405.367265][ T8327]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.367282][ T8327]  ? clear_bhb_loop+0x60/0xb0
[  405.367303][ T8327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.367319][ T8327] RIP: 0033:0x7f7290a5eba9
[  405.367333][ T8327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  405.367346][ T8327] RSP: 002b:00007f728ecbe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  405.367364][ T8327] RAX: ffffffffffffffda RBX: 00007f7290ca5fa0 RCX: 00007f7290a5eba9
[  405.367377][ T8327] RDX: 0000000000000094 RSI: 0000200000000180 RDI: 0000000000000005
[  405.367392][ T8327] RBP: 00007f728ecbe090 R08: 0000000000000000 R09: 0000000000000000
[  405.367402][ T8327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  405.367413][ T8327] R13: 00007f7290ca6038 R14: 00007f7290ca5fa0 R15: 00007fff03c91d98
[  405.367441][ T8327]  </TASK>
[  405.375236][ T8327] Mem-Info:
[  405.375253][ T8327] active_anon:1181 inactive_anon:14166 isolated_anon:0
[  405.375253][ T8327]  active_file:5707 inactive_file:37924 isolated_file:0
[  405.375253][ T8327]  unevictable:768 dirty:295 writeback:0
[  405.375253][ T8327]  slab_reclaimable:12411 slab_unreclaimable:104113
[  405.375253][ T8327]  mapped:37363 shmem:9652 pagetables:1440
[  405.375253][ T8327]  sec_pagetables:6 bounce:0
[  405.375253][ T8327]  kernel_misc_reclaimable:0
[  405.375253][ T8327]  free:1323735 free_pcp:4566 free_cma:0
[  405.375301][ T8327] Node 0 active_anon:4724kB inactive_anon:56664kB active_file:22628kB inactive_file:151692kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:149452kB dirty:1180kB writeback:0kB shmem:37072kB kernel_stack:13664kB pagetables:5612kB sec_pagetables:24kB all_unreclaimable? no Balloon:0kB
[  405.375340][ T8327] Node 1 active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:4kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  405.375378][ T8327] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  405.375432][ T8327] lowmem_reserve[]: 0 2512 2513 2513 2513
[  405.375462][ T8327] Node 0 DMA32 free:1374964kB boost:0kB min:3940kB low:6484kB high:9028kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4720kB inactive_anon:56624kB active_file:21612kB inactive_file:151620kB unevictable:1536kB writepending:1180kB present:3129332kB managed:2572296kB mlocked:0kB bounce:0kB free_pcp:18200kB local_pcp:13248kB free_cma:0kB
[  405.375514][ T8327] lowmem_reserve[]: 0 0 1 1 1
[  405.375542][ T8327] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:40kB active_file:1016kB inactive_file:72kB unevictable:0kB writepending:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  405.375596][ T8327] lowmem_reserve[]: 0 0 0 0 0
[  405.375625][ T8327] Node 1 Normal free:3904616kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:4kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:64kB local_pcp:0kB free_cma:0kB
[  405.375676][ T8327] lowmem_reserve[]: 0 0 0 0 0
[  405.375712][ T8327] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  405.375813][ T8327] Node 0 DMA32: 237*4kB (UM) 128*8kB (UE) 75*16kB (UE) 12*32kB (UE) 9*64kB (E) 129*128kB (UME) 74*256kB (UME) 16*512kB (UM) 6*1024kB (UME) 1*2048kB (M) 322*4096kB (UM) = 1374884kB
[  405.375950][ T8327] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  405.376035][ T8327] Node 1 Normal: 180*4kB (UE) 49*8kB (UME) 33*16kB (UME) 208*32kB (UME) 92*64kB (UME) 26*128kB (UME) 16*256kB (UM) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (E) 946*4096kB (M) = 3904616kB
[  405.376175][ T8327] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  405.376189][ T8327] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  405.376204][ T8327] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  405.376218][ T8327] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  405.376233][ T8327] 53279 total pagecache pages
[  405.376243][ T8327] 0 pages in swap cache
[  405.376250][ T8327] Free swap  = 124996kB
[  405.376256][ T8327] Total swap = 124996kB
[  405.376263][ T8327] 2097051 pages RAM
[  405.376269][ T8327] 0 pages HighMem/MovableOnly
[  405.376275][ T8327] 422079 pages reserved
[  405.376281][ T8327] 0 pages cma reserved
[  405.704010][ T8329] FAULT_INJECTION: forcing a failure.
[  405.704010][ T8329] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  405.704042][ T8329] CPU: 0 UID: 0 PID: 8329 Comm: syz.5.492 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  405.704062][ T8329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  405.704073][ T8329] Call Trace:
[  405.704081][ T8329]  <TASK>
[  405.704088][ T8329]  dump_stack_lvl+0x189/0x250
[  405.704117][ T8329]  ? __pfx____ratelimit+0x10/0x10
[  405.704141][ T8329]  ? __pfx_dump_stack_lvl+0x10/0x10
[  405.704165][ T8329]  ? __pfx__printk+0x10/0x10
[  405.704198][ T8329]  should_fail_ex+0x46c/0x600
[  405.704228][ T8329]  _copy_to_user+0x31/0xb0
[  405.704250][ T8329]  simple_read_from_buffer+0xe1/0x170
[  405.704279][ T8329]  proc_fail_nth_read+0x1b6/0x220
[  405.704300][ T8329]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  405.704320][ T8329]  ? rw_verify_area+0x2ac/0x4e0
[  405.704341][ T8329]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  405.704361][ T8329]  vfs_read+0x206/0xa30
[  405.704389][ T8329]  ? __pfx_vfs_read+0x10/0x10
[  405.704405][ T8329]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  405.704436][ T8329]  ? mutex_lock_nested+0x154/0x1d0
[  405.704454][ T8329]  ? fdget_pos+0x253/0x320
[  405.704485][ T8329]  ksys_read+0x14b/0x260
[  405.704508][ T8329]  ? __pfx_ksys_read+0x10/0x10
[  405.704525][ T8329]  ? rcu_is_watching+0x15/0xb0
[  405.704561][ T8329]  ? do_syscall_64+0xbe/0x3b0
[  405.704580][ T8329]  do_syscall_64+0xfa/0x3b0
[  405.704596][ T8329]  ? lockdep_hardirqs_on+0x9c/0x150
[  405.704617][ T8329]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.704635][ T8329]  ? clear_bhb_loop+0x60/0xb0
[  405.704657][ T8329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.704673][ T8329] RIP: 0033:0x7f7290a5d5bc
[  405.704688][ T8329] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  405.704702][ T8329] RSP: 002b:00007f728ecbe030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  405.704721][ T8329] RAX: ffffffffffffffda RBX: 00007f7290ca5fa0 RCX: 00007f7290a5d5bc
[  405.704734][ T8329] RDX: 000000000000000f RSI: 00007f728ecbe0a0 RDI: 0000000000000004
[  405.704745][ T8329] RBP: 00007f728ecbe090 R08: 0000000000000000 R09: 0000000000000000
[  405.704756][ T8329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  405.704767][ T8329] R13: 00007f7290ca6038 R14: 00007f7290ca5fa0 R15: 00007fff03c91d98
[  405.704796][ T8329]  </TASK>
[  406.454090][ T8049] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  406.605875][ T8049] usb 6-1: Using ep0 maxpacket: 16
[  406.647270][ T8049] usb 6-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88
[  406.647300][ T8049] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.647319][ T8049] usb 6-1: Product: syz
[  406.647332][ T8049] usb 6-1: Manufacturer: syz
[  406.647347][ T8049] usb 6-1: SerialNumber: syz
[  406.713318][ T8049] usb 6-1: config 0 descriptor??
[  406.948724][ T8049] speedtch 6-1:0.0: speedtch_bind: data interface not found!
[  406.948756][ T8049] speedtch 6-1:0.0: usbatm_usb_probe: bind failed: -19!
[  407.241762][ T8338] netlink: 48 bytes leftover after parsing attributes in process `syz.5.493'.
[  407.269387][ T8338] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  407.273054][ T8338] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  407.661371][ T8340] kvm: kvm [8337]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[  407.663278][ T8340] kvm: kvm [8337]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[  407.664784][ T8340] kvm: kvm [8337]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[  407.665980][ T8340] kvm: kvm [8337]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[  407.667108][ T8340] kvm: kvm [8337]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[  407.668219][ T8340] kvm: kvm [8337]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[  408.157799][ T8347] netlink: 16 bytes leftover after parsing attributes in process `syz.6.497'.
[  408.374705][ T8049] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  408.524458][ T8049] usb 4-1: Using ep0 maxpacket: 8
[  408.530321][ T8049] usb 4-1: config 130 has an invalid interface number: 151 but max is 2
[  408.530350][ T8049] usb 4-1: config 130 has an invalid interface number: 190 but max is 2
[  408.530372][ T8049] usb 4-1: config 130 has an invalid descriptor of length 182, skipping remainder of the config
[  408.530392][ T8049] usb 4-1: config 130 has 2 interfaces, different from the descriptor's value: 3
[  408.530412][ T8049] usb 4-1: config 130 has no interface number 0
[  408.530428][ T8049] usb 4-1: config 130 has no interface number 1
[  408.530496][ T8049] usb 4-1: config 130 interface 151 altsetting 9 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  408.530522][ T8049] usb 4-1: config 130 interface 151 altsetting 9 has an endpoint descriptor with address 0x1C, changing to 0xC
[  408.530557][ T8049] usb 4-1: config 130 interface 151 altsetting 9 endpoint 0xC has invalid maxpacket 512, setting to 64
[  408.530584][ T8049] usb 4-1: config 130 interface 151 altsetting 9 bulk endpoint 0x4 has invalid maxpacket 64
[  408.530607][ T8049] usb 4-1: config 130 interface 151 altsetting 9 has a duplicate endpoint with address 0x6, skipping
[  408.530630][ T8049] usb 4-1: config 130 interface 151 altsetting 9 has a duplicate endpoint with address 0x6, skipping
[  408.530653][ T8049] usb 4-1: config 130 interface 151 altsetting 9 endpoint 0x5 has invalid maxpacket 1024, setting to 64
[  408.530679][ T8049] usb 4-1: config 130 interface 151 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  408.530701][ T8049] usb 4-1: config 130 interface 151 altsetting 9 has a duplicate endpoint with address 0x5, skipping
[  408.530723][ T8049] usb 4-1: config 130 interface 151 altsetting 9 has a duplicate endpoint with address 0xC, skipping
[  408.531422][ T8049] usb 4-1: config 130 interface 190 altsetting 128 has 0 endpoint descriptors, different from the interface descriptor's value: 10
[  408.531452][ T8049] usb 4-1: config 130 interface 151 has no altsetting 0
[  408.531470][ T8049] usb 4-1: config 130 interface 190 has no altsetting 0
[  408.554364][ T8049] usb 4-1: New USB device found, idVendor=0b05, idProduct=17a7, bcdDevice=c2.5f
[  408.554394][ T8049] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.554416][ T8049] usb 4-1: Product: ꡍ쩪籦䉰窵韘薻뿄ڱ涼᪋
[  408.554433][ T8049] usb 4-1: Manufacturer: 㡫캳膶﬚ᆲ鐴聍콪窔խ仂㶎ꐚ譏䥀郝쭙ﱹð珐蚒Ꮀ鄾䞠릆඿鵵啜䶱槰
[  408.554451][ T8049] usb 4-1: SerialNumber: ࠐ
[  408.614945][ T8345] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  408.615723][ T8345] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  409.016576][ T8049] usb 4-1: USB disconnect, device number 2
[  409.174053][ T5850] Bluetooth: hci0: command tx timeout
[  409.280710][  T980] usb 6-1: USB disconnect, device number 5
[  409.843923][  T980] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  409.998119][  T980] usb 3-1: Using ep0 maxpacket: 16
[  410.011146][  T980] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  410.011171][  T980] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  410.039004][  T980] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  410.039034][  T980] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  410.039053][  T980] usb 3-1: Product: syz
[  410.039066][  T980] usb 3-1: Manufacturer: syz
[  410.039087][  T980] usb 3-1: SerialNumber: syz
[  410.289727][ T8369] syz.6.505 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  411.321656][  T980] usb 3-1: USB disconnect, device number 3
[  411.566800][ T5890] udevd[5890]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  412.229360][ T8388] Invalid logical block size (-28425)
[  413.382927][ T8396] capability: warning: `syz.5.513' uses deprecated v2 capabilities in a way that may be insecure
[  416.919297][ T8427] netlink: 8 bytes leftover after parsing attributes in process `syz.0.521'.
[  417.452275][ T8435] netlink: 16 bytes leftover after parsing attributes in process `syz.6.525'.
[  417.683972][    C0] vkms_vblank_simulate: vblank timer overrun
[  418.596751][    C0] vkms_vblank_simulate: vblank timer overrun
[  419.247708][    C0] vkms_vblank_simulate: vblank timer overrun
[  419.341177][    C0] vkms_vblank_simulate: vblank timer overrun
[  419.697721][    C0] vkms_vblank_simulate: vblank timer overrun
[  419.734144][    C0] vkms_vblank_simulate: vblank timer overrun
[  420.075386][    C0] vkms_vblank_simulate: vblank timer overrun
[  420.776824][    C0] vkms_vblank_simulate: vblank timer overrun
[  420.995192][ T8465] netlink: 18 bytes leftover after parsing attributes in process `syz.0.531'.
[  420.995212][ T8465] netlink: 12 bytes leftover after parsing attributes in process `syz.0.531'.
[  421.425821][ T8470] block nbd6: NBD_DISCONNECT
[  421.425939][ T8470] block nbd6: Disconnected due to user request.
[  421.425954][ T8470] block nbd6: shutting down sockets
[  421.717271][ T8475] netlink: 4 bytes leftover after parsing attributes in process `syz.0.536'.
[  421.826132][ T8479] Bluetooth: MGMT ver 1.23
[  423.082435][ T8490] kvm_pr_unimpl_wrmsr: 28 callbacks suppressed
[  423.082459][ T8490] kvm: kvm [8489]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x6f0000bdd1
[  423.082505][ T8490] kvm: kvm [8489]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x6f0000fdd1
[  423.899055][   T59] Bluetooth: hci2: command 0x0406 tx timeout
[  423.920610][ T5850] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  426.377110][ T8523] block nbd2: NBD_DISCONNECT
[  426.377142][ T8523] block nbd2: Send disconnect failed -32
[  426.377173][ T8523] block nbd2: Disconnected due to user request.
[  426.377188][ T8523] block nbd2: shutting down sockets
[  426.461923][ T8532] FAULT_INJECTION: forcing a failure.
[  426.461923][ T8532] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  426.461955][ T8532] CPU: 0 UID: 0 PID: 8532 Comm: syz.6.551 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  426.461976][ T8532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  426.461987][ T8532] Call Trace:
[  426.461994][ T8532]  <TASK>
[  426.462003][ T8532]  dump_stack_lvl+0x189/0x250
[  426.462033][ T8532]  ? __pfx____ratelimit+0x10/0x10
[  426.462059][ T8532]  ? __pfx_dump_stack_lvl+0x10/0x10
[  426.462084][ T8532]  ? __pfx__printk+0x10/0x10
[  426.462104][ T8532]  ? __might_fault+0xb0/0x130
[  426.462141][ T8532]  should_fail_ex+0x46c/0x600
[  426.462173][ T8532]  _copy_from_user+0x2d/0xb0
[  426.462196][ T8532]  kstrtouint_from_user+0xc4/0x170
[  426.462218][ T8532]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  426.462255][ T8532]  proc_fail_nth_write+0x88/0x200
[  426.462275][ T8532]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  426.462300][ T8532]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  426.462320][ T8532]  vfs_write+0x287/0xb40
[  426.462353][ T8532]  ? __pfx_vfs_write+0x10/0x10
[  426.462371][ T8532]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  426.462403][ T8532]  ? mutex_lock_nested+0x154/0x1d0
[  426.462422][ T8532]  ? fdget_pos+0x253/0x320
[  426.462456][ T8532]  ksys_write+0x14b/0x260
[  426.462477][ T8532]  ? __fget_files+0x2a/0x420
[  426.462502][ T8532]  ? __pfx_ksys_write+0x10/0x10
[  426.462529][ T8532]  ? do_syscall_64+0xbe/0x3b0
[  426.462558][ T8532]  do_syscall_64+0xfa/0x3b0
[  426.462573][ T8532]  ? lockdep_hardirqs_on+0x9c/0x150
[  426.462597][ T8532]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.462615][ T8532]  ? clear_bhb_loop+0x60/0xb0
[  426.462638][ T8532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.462655][ T8532] RIP: 0033:0x7faa9f59d65f
[  426.462671][ T8532] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  426.462686][ T8532] RSP: 002b:00007faa9d7e5030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  426.462706][ T8532] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faa9f59d65f
[  426.462718][ T8532] RDX: 0000000000000001 RSI: 00007faa9d7e50a0 RDI: 0000000000000004
[  426.462730][ T8532] RBP: 00007faa9d7e5090 R08: 0000000000000000 R09: 0000000000000000
[  426.462742][ T8532] R10: 0000200000000000 R11: 0000000000000293 R12: 0000000000000001
[  426.462754][ T8532] R13: 00007faa9f7e6128 R14: 00007faa9f7e6090 R15: 00007ffc8f78c6b8
[  426.462786][ T8532]  </TASK>
[  427.953971][ T6261] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  428.116668][ T6261] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  428.116699][ T6261] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  428.116738][ T6261] usb 1-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.4d
[  428.116761][ T6261] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.158457][ T6261] usb 1-1: config 0 descriptor??
[  428.372615][ T6261] usb 1-1: string descriptor 0 read error: -71
[  428.395377][ T6261] hdpvr 1-1:0.0: Could not find bulk-in endpoint
[  428.395468][ T6261] hdpvr 1-1:0.0: probe with driver hdpvr failed with error -12
[  428.489434][ T6261] usb 1-1: USB disconnect, device number 3
[  429.712106][ T8575] cramfs: Unknown parameter 'discard'
[  431.174239][ T5850] Bluetooth: hci3: unexpected event for opcode 0x200f
[  433.018561][ T8605] overlayfs: missing 'lowerdir'
[  436.337106][   T59] Bluetooth: hci4: unexpected event for opcode 0x200f
[  437.272877][   T59] Bluetooth: hci5: command 0x0406 tx timeout
[  437.909420][ T6261] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  438.089840][ T6261] usb 4-1: Using ep0 maxpacket: 16
[  438.103397][ T6261] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  438.103431][ T6261] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  438.103453][ T6261] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  438.103506][ T6261] usb 4-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  438.103528][ T6261] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.797833][ T6261] usb 4-1: config 0 descriptor??
[  440.072300][ T1326] ieee802154 phy0 wpan0: encryption failed: -22
[  440.073578][ T1326] ieee802154 phy1 wpan1: encryption failed: -22
[  440.213131][ T6261] input: HID 0955:7214 Haptics as /devices/virtual/input/input5
[  440.287869][ T6261] shield 0003:0955:7214.0002: Registered Thunderstrike controller
[  440.289174][ T6261] shield 0003:0955:7214.0002: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0
[  440.466024][ T6261] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  440.466379][ T6261] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  440.466772][ T6261] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  440.467156][ T6261] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  440.527823][ T6261] usb 4-1: USB disconnect, device number 3
[  443.023259][ T8681] syz.3.588 (8681) used greatest stack depth: 16144 bytes left
[  444.232665][ T8696] kvm: kvm [8694]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x6f0000bdd1
[  444.232719][ T8696] kvm: kvm [8694]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x6f0000fdd1
[  445.731438][ T8711] block nbd5: NBD_DISCONNECT
[  446.639471][ T6261] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  446.694147][ T6261] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  446.964600][ T5890] udevd[5890]: 'fido_id' [8724] terminated by signal 33 (Unknown signal 33)
[  447.072791][ T8721] block nbd6: shutting down sockets
[  448.705462][ T5830] IPVS: starting estimator thread 0...
[  448.815502][ T8748] IPVS: using max 13 ests per chain, 31200 per kthread
[  449.247900][ T8753] block nbd6: shutting down sockets
[  449.535598][ T8763] FAULT_INJECTION: forcing a failure.
[  449.535598][ T8763] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  449.535631][ T8763] CPU: 1 UID: 0 PID: 8763 Comm: syz.3.613 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  449.535649][ T8763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  449.535660][ T8763] Call Trace:
[  449.535667][ T8763]  <TASK>
[  449.535675][ T8763]  dump_stack_lvl+0x189/0x250
[  449.535703][ T8763]  ? __pfx____ratelimit+0x10/0x10
[  449.535729][ T8763]  ? __pfx_dump_stack_lvl+0x10/0x10
[  449.535754][ T8763]  ? __pfx__printk+0x10/0x10
[  449.535774][ T8763]  ? __might_fault+0xb0/0x130
[  449.535819][ T8763]  should_fail_ex+0x46c/0x600
[  449.535853][ T8763]  _copy_to_iter+0x1de/0x1790
[  449.535873][ T8763]  ? do_raw_spin_lock+0x121/0x290
[  449.535905][ T8763]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  449.535931][ T8763]  ? __pfx__copy_to_iter+0x10/0x10
[  449.535950][ T8763]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  449.535975][ T8763]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  449.536001][ T8763]  ? __might_fault+0xb0/0x130
[  449.536026][ T8763]  ? page_copy_sane+0x4e/0x280
[  449.536046][ T8763]  copy_page_to_iter+0x10c/0x1c0
[  449.536070][ T8763]  anon_pipe_read+0x4d7/0x1040
[  449.536093][ T8763]  ? __lock_acquire+0xab9/0xd20
[  449.536141][ T8763]  ? __pfx_anon_pipe_read+0x10/0x10
[  449.536169][ T8763]  ? do_raw_spin_lock+0x121/0x290
[  449.536203][ T8763]  vfs_read+0x560/0xa30
[  449.536233][ T8763]  ? __pfx_vfs_read+0x10/0x10
[  449.536265][ T8763]  ? __fget_files+0x2a/0x420
[  449.536299][ T8763]  ksys_read+0x14b/0x260
[  449.536323][ T8763]  ? __pfx_ksys_read+0x10/0x10
[  449.536350][ T8763]  ? do_syscall_64+0xbe/0x3b0
[  449.536371][ T8763]  do_syscall_64+0xfa/0x3b0
[  449.536386][ T8763]  ? lockdep_hardirqs_on+0x9c/0x150
[  449.536418][ T8763]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  449.536436][ T8763]  ? clear_bhb_loop+0x60/0xb0
[  449.536459][ T8763]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  449.536477][ T8763] RIP: 0033:0x7fc2edb5eba9
[  449.536492][ T8763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  449.536508][ T8763] RSP: 002b:00007fc2ebd7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  449.536527][ T8763] RAX: ffffffffffffffda RBX: 00007fc2edda6180 RCX: 00007fc2edb5eba9
[  449.536541][ T8763] RDX: 0000000000018fdc RSI: 0000200000032440 RDI: 0000000000000005
[  449.536552][ T8763] RBP: 00007fc2ebd7c090 R08: 0000000000000000 R09: 0000000000000000
[  449.536562][ T8763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  449.536571][ T8763] R13: 00007fc2edda6218 R14: 00007fc2edda6180 R15: 00007ffe6e3c3fd8
[  449.536598][ T8763]  </TASK>
[  450.471279][ T8774] netlink: 'syz.3.617': attribute type 12 has an invalid length.
[  450.577577][ T8281] kernel write not supported for file /680/attr/exec (pid: 8281 comm: kworker/1:8)
[  451.121497][   T37] audit: type=1326 audit(1757852497.381:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7290a5eba9 code=0x7ffc0000
[  451.121547][   T37] audit: type=1326 audit(1757852497.381:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7290a5eba9 code=0x7ffc0000
[  451.121582][   T37] audit: type=1326 audit(1757852497.391:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f7290a5eba9 code=0x7ffc0000
[  451.121618][   T37] audit: type=1326 audit(1757852497.391:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7290a5eba9 code=0x7ffc0000
[  451.121652][   T37] audit: type=1326 audit(1757852497.391:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7290a5eba9 code=0x7ffc0000
[  451.121690][   T37] audit: type=1326 audit(1757852497.391:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7290a5eba9 code=0x7ffc0000
[  451.133666][ T8049] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  451.190261][   T37] audit: type=1326 audit(1757852497.431:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7290a5eba9 code=0x7ffc0000
[  451.190325][   T37] audit: type=1326 audit(1757852497.451:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7290a5eba9 code=0x7ffc0000
[  451.190369][   T37] audit: type=1326 audit(1757852497.451:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8780 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7290a5eba9 code=0x7ffc0000
[  451.283914][ T8049] usb 4-1: Using ep0 maxpacket: 16
[  451.293162][ T8049] usb 4-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  451.293191][ T8049] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  451.293210][ T8049] usb 4-1: Product: syz
[  451.293230][ T8049] usb 4-1: Manufacturer: syz
[  451.293244][ T8049] usb 4-1: SerialNumber: syz
[  451.322418][ T8049] usb 4-1: config 0 descriptor??
[  451.646450][ T8049] as10x_usb: device has been detected
[  451.647727][ T8049] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  451.929678][ T8792] overlayfs: missing 'workdir'
[  452.589342][ T8049] usb 4-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  452.878700][ T8049] as10x_usb: error during firmware upload part1
[  452.878746][ T8049] Registered device Sky IT Digital Key (green led)
[  453.423959][ T8774] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  453.429680][ T8774] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  453.532229][ T8774] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  453.532384][ T8774] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  453.612468][ T8774] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  453.615202][ T8774] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  453.695365][ T8774] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  453.695502][ T8774] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  453.791618][ T8774] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  453.791763][ T8774] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  453.813938][ T5850] Bluetooth: hci2: command 0x0406 tx timeout
[  453.861248][ T8774] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  454.038521][ T6261] usb 4-1: USB disconnect, device number 4
[  454.182218][ T6261] Unregistered device Sky IT Digital Key (green led)
[  454.206619][ T6261] as10x_usb: device has been disconnected
[  455.521891][    C0] vkms_vblank_simulate: vblank timer overrun
[  455.765488][ T5850] Bluetooth: hci3: command 0x0406 tx timeout
[  455.765528][ T5850] Bluetooth: hci4: command 0x0406 tx timeout
[  455.765707][ T5850] Bluetooth: hci5: command 0x0406 tx timeout
[  455.992807][   T59] Bluetooth: hci0: command 0x0c1a tx timeout
[  455.992962][   T59] Bluetooth: hci2: command 0x0406 tx timeout
[  456.630757][    C0] vkms_vblank_simulate: vblank timer overrun
[  457.858357][ T5850] Bluetooth: hci5: command 0x0406 tx timeout
[  457.859944][ T5850] Bluetooth: hci4: command 0x0406 tx timeout
[  457.860877][ T5850] Bluetooth: hci3: command 0x0406 tx timeout
[  458.064003][   T59] Bluetooth: hci0: command 0x0c1a tx timeout
[  458.665881][ T8849] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  459.796052][    C0] vkms_vblank_simulate: vblank timer overrun
[  460.094634][ T8865] FAULT_INJECTION: forcing a failure.
[  460.094634][ T8865] name failslab, interval 1, probability 0, space 0, times 0
[  460.094666][ T8865] CPU: 0 UID: 0 PID: 8865 Comm: syz.0.641 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  460.094688][ T8865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  460.094699][ T8865] Call Trace:
[  460.094706][ T8865]  <TASK>
[  460.094714][ T8865]  dump_stack_lvl+0x189/0x250
[  460.094744][ T8865]  ? __pfx____ratelimit+0x10/0x10
[  460.094769][ T8865]  ? __pfx_dump_stack_lvl+0x10/0x10
[  460.094793][ T8865]  ? __pfx__printk+0x10/0x10
[  460.094823][ T8865]  ? __pfx___might_resched+0x10/0x10
[  460.094843][ T8865]  ? fs_reclaim_acquire+0x7d/0x100
[  460.094865][ T8865]  should_fail_ex+0x46c/0x600
[  460.094894][ T8865]  ? alloc_empty_file+0x55/0x1d0
[  460.094910][ T8865]  should_failslab+0xa8/0x100
[  460.094934][ T8865]  ? alloc_empty_file+0x55/0x1d0
[  460.094949][ T8865]  kmem_cache_alloc_noprof+0x6e/0x310
[  460.094978][ T8865]  alloc_empty_file+0x55/0x1d0
[  460.094996][ T8865]  path_openat+0x10d/0x3840
[  460.095023][ T8865]  ? try_to_take_rt_mutex+0x840/0xb00
[  460.095044][ T8865]  ? arch_stack_walk+0xfc/0x150
[  460.095078][ T8865]  ? rtlock_slowlock_locked+0xd8/0x4010
[  460.095113][ T8865]  ? __pfx_path_openat+0x10/0x10
[  460.095133][ T8865]  ? do_raw_spin_lock+0x121/0x290
[  460.095162][ T8865]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  460.095185][ T8865]  ? lockdep_hardirqs_on+0x9c/0x150
[  460.095211][ T8865]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  460.095242][ T8865]  do_filp_open+0x1fa/0x410
[  460.095264][ T8865]  ? __pfx_do_filp_open+0x10/0x10
[  460.095282][ T8865]  ? rt_mutex_slowunlock+0x493/0x8a0
[  460.095328][ T8865]  ? alloc_fd+0x64f/0x6c0
[  460.095362][ T8865]  do_sys_openat2+0x121/0x1c0
[  460.095383][ T8865]  ? __pfx_do_sys_openat2+0x10/0x10
[  460.095403][ T8865]  ? ksys_write+0x230/0x260
[  460.095435][ T8865]  ? __pfx_ksys_write+0x10/0x10
[  460.095453][ T8865]  ? rcu_is_watching+0x15/0xb0
[  460.095482][ T8865]  __x64_sys_openat+0x138/0x170
[  460.095506][ T8865]  do_syscall_64+0xfa/0x3b0
[  460.095522][ T8865]  ? lockdep_hardirqs_on+0x9c/0x150
[  460.095546][ T8865]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.095565][ T8865]  ? clear_bhb_loop+0x60/0xb0
[  460.095587][ T8865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.095604][ T8865] RIP: 0033:0x7f0aef38eba9
[  460.095620][ T8865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  460.095635][ T8865] RSP: 002b:00007f0aed5ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  460.095654][ T8865] RAX: ffffffffffffffda RBX: 00007f0aef5d5fa0 RCX: 00007f0aef38eba9
[  460.095667][ T8865] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  460.095679][ T8865] RBP: 00007f0aed5ee090 R08: 0000000000000000 R09: 0000000000000000
[  460.095691][ T8865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  460.095701][ T8865] R13: 00007f0aef5d6038 R14: 00007f0aef5d5fa0 R15: 00007fff98e35b18
[  460.095731][ T8865]  </TASK>
[  460.133977][   T59] Bluetooth: hci0: command 0x0c1a tx timeout
[  460.453924][   T49] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  460.864005][   T49] usb 6-1: config 0 has an invalid interface number: 187 but max is 0
[  460.864033][   T49] usb 6-1: config 0 has no interface number 0
[  460.864082][   T49] usb 6-1: config 0 interface 187 altsetting 0 endpoint 0x9 has invalid maxpacket 512, setting to 64
[  460.868774][   T49] usb 6-1: New USB device found, idVendor=061c, idProduct=c084, bcdDevice=b0.a1
[  460.868802][   T49] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  460.868822][   T49] usb 6-1: Product: syz
[  460.868835][   T49] usb 6-1: Manufacturer: syz
[  460.868849][   T49] usb 6-1: SerialNumber: syz
[  460.876832][   T49] usb 6-1: config 0 descriptor??
[  461.101840][ T8867] netlink: 'syz.5.642': attribute type 1 has an invalid length.
[  461.173675][ T8867] bond1: entered promiscuous mode
[  461.175247][ T8867] 8021q: adding VLAN 0 to HW filter on device bond1
[  463.351775][ T8884] 8021q: adding VLAN 0 to HW filter on device bond1
[  463.352303][ T8884] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  463.352324][ T8884] bond1: (slave vxcan3): Setting fail_over_mac to active for active-backup mode
[  463.453580][ T8884] bond1: (slave vxcan3): making interface the new active one
[  463.453599][ T8884] vxcan3: entered promiscuous mode
[  463.488180][ T8884] bond1: (slave vxcan3): Enslaving as an active interface with an up link
[  463.772342][ T5925] usb 6-1: USB disconnect, device number 6
[  466.027290][ T8928] kvm: kvm [8927]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xbf0000bdd1
[  466.027344][ T8928] kvm: kvm [8927]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xbf0000fdd1
[  466.029953][ T8928] kvm: kvm [8927]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x7600006103
[  466.030001][ T8928] kvm: kvm [8927]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x7600002103
[  466.030102][ T8928] kvm: kvm [8927]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb60000106b
[  466.030148][ T8928] kvm: kvm [8927]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb60000506b
[  466.030246][ T8928] kvm: kvm [8927]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb4000073aa
[  466.030290][ T8928] kvm: kvm [8927]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb4000033aa
[  469.411292][ T8975] hub 9-0:1.0: USB hub found
[  469.411789][ T8975] hub 9-0:1.0: 1 port detected
[  471.418177][ T8991] netlink: 8 bytes leftover after parsing attributes in process `syz.3.676'.
[  471.418934][ T8991] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  476.133665][ T9026] netlink: 4 bytes leftover after parsing attributes in process `syz.6.688'.
[  476.169769][ T9020] block nbd3: NBD_DISCONNECT
[  476.313979][ T9020] block nbd3: Disconnected due to user request.
[  476.352788][ T9020] block nbd3: shutting down sockets
[  478.373956][ T5850] Bluetooth: hci2: command 0x0406 tx timeout
[  478.375599][   T59] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  480.154028][ T5925] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  480.316927][ T5925] usb 6-1: Using ep0 maxpacket: 32
[  480.332811][ T5925] usb 6-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b
[  480.332830][ T5925] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  480.332840][ T5925] usb 6-1: Product: syz
[  480.332847][ T5925] usb 6-1: Manufacturer: syz
[  480.332854][ T5925] usb 6-1: SerialNumber: syz
[  480.384859][ T5925] usb 6-1: config 0 descriptor??
[  480.455160][ T9064] FAULT_INJECTION: forcing a failure.
[  480.455160][ T9064] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  480.455197][ T9064] CPU: 1 UID: 0 PID: 9064 Comm: syz.6.698 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  480.455219][ T9064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  480.455230][ T9064] Call Trace:
[  480.455238][ T9064]  <TASK>
[  480.455246][ T9064]  dump_stack_lvl+0x189/0x250
[  480.455276][ T9064]  ? __pfx____ratelimit+0x10/0x10
[  480.455303][ T9064]  ? __pfx_dump_stack_lvl+0x10/0x10
[  480.455328][ T9064]  ? __pfx__printk+0x10/0x10
[  480.455348][ T9064]  ? fs_reclaim_acquire+0x7d/0x100
[  480.455376][ T9064]  should_fail_ex+0x46c/0x600
[  480.455407][ T9064]  prepare_alloc_pages+0x213/0x670
[  480.455434][ T9064]  __alloc_frozen_pages_noprof+0x123/0x370
[  480.455458][ T9064]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  480.455475][ T9064]  ? rtlock_slowlock_locked+0xd8/0x4010
[  480.455506][ T9064]  ? policy_nodemask+0x27c/0x720
[  480.455536][ T9064]  alloc_pages_mpol+0xd1/0x380
[  480.455565][ T9064]  alloc_pages_noprof+0xcf/0x1e0
[  480.455598][ T9064]  folio_alloc_noprof+0x22/0xc0
[  480.455623][ T9064]  filemap_alloc_folio_noprof+0xdf/0x510
[  480.455648][ T9064]  ? filemap_get_entry+0xad/0x2f0
[  480.455670][ T9064]  ? filemap_get_entry+0xad/0x2f0
[  480.455696][ T9064]  ? filemap_get_entry+0x28f/0x2f0
[  480.455719][ T9064]  ? __pfx_filemap_alloc_folio_noprof+0x10/0x10
[  480.455753][ T9064]  ? rt_mutex_slowunlock+0x493/0x8a0
[  480.455774][ T9064]  ? reacquire_held_locks+0x127/0x1d0
[  480.455805][ T9064]  __filemap_get_folio+0x33d/0xa40
[  480.455838][ T9064]  pagecache_get_page+0x2a/0x130
[  480.455864][ T9064]  fuse_emit+0x3c5/0x6d0
[  480.455906][ T9064]  fuse_readdir+0x271f/0x2bc0
[  480.455935][ T9064]  ? is_bpf_text_address+0x26/0x2b0
[  480.455970][ T9064]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  480.456007][ T9064]  ? stack_trace_save+0x9c/0xe0
[  480.456029][ T9064]  ? __pfx_stack_trace_save+0x10/0x10
[  480.456048][ T9064]  ? __pfx_fuse_readdir+0x10/0x10
[  480.456071][ T9064]  ? check_path+0x21/0x40
[  480.456095][ T9064]  ? lockdep_unlock+0x89/0x120
[  480.456115][ T9064]  ? validate_chain+0x897/0x2140
[  480.456169][ T9064]  ? __lock_acquire+0xab9/0xd20
[  480.456220][ T9064]  ? iterate_dir+0x29e/0x580
[  480.456239][ T9064]  ? down_read_killable+0x152/0x220
[  480.456257][ T9064]  ? __pfx_down_read_killable+0x10/0x10
[  480.456288][ T9064]  iterate_dir+0x3a5/0x580
[  480.456315][ T9064]  __se_sys_getdents64+0xe4/0x260
[  480.456339][ T9064]  ? __pfx___se_sys_getdents64+0x10/0x10
[  480.456358][ T9064]  ? ksys_write+0x230/0x260
[  480.456376][ T9064]  ? __pfx_filldir64+0x10/0x10
[  480.456399][ T9064]  ? __pfx_ksys_write+0x10/0x10
[  480.456417][ T9064]  ? rcu_is_watching+0x15/0xb0
[  480.456449][ T9064]  ? do_syscall_64+0xbe/0x3b0
[  480.456470][ T9064]  do_syscall_64+0xfa/0x3b0
[  480.456485][ T9064]  ? lockdep_hardirqs_on+0x9c/0x150
[  480.456508][ T9064]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.456527][ T9064]  ? clear_bhb_loop+0x60/0xb0
[  480.456549][ T9064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.456567][ T9064] RIP: 0033:0x7faa9f59eba9
[  480.456591][ T9064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  480.456606][ T9064] RSP: 002b:00007faa9d806038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  480.456625][ T9064] RAX: ffffffffffffffda RBX: 00007faa9f7e5fa0 RCX: 00007faa9f59eba9
[  480.456639][ T9064] RDX: 0000000000000400 RSI: 00002000000063c0 RDI: 0000000000000004
[  480.456651][ T9064] RBP: 00007faa9d806090 R08: 0000000000000000 R09: 0000000000000000
[  480.456663][ T9064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  480.456673][ T9064] R13: 00007faa9f7e6038 R14: 00007faa9f7e5fa0 R15: 00007ffc8f78c6b8
[  480.456707][ T9064]  </TASK>
[  480.864097][ T5925] peak_usb 6-1:0.0 can0: unable to request usb[type=0 value=1] err=-71
[  480.864127][ T5925] peak_usb 6-1:0.0: unable to read PCAN-USB Pro firmware info (err -71)
[  481.058009][ T9068] block nbd3: NBD_DISCONNECT
[  481.058149][ T9068] block nbd3: Disconnected due to user request.
[  481.058165][ T9068] block nbd3: shutting down sockets
[  481.110561][ T5925] peak_usb 6-1:0.0: probe with driver peak_usb failed with error -71
[  481.146524][ T5925] usb 6-1: USB disconnect, device number 7
[  481.570111][ T9077] FAULT_INJECTION: forcing a failure.
[  481.570111][ T9077] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  481.570173][ T9077] CPU: 1 UID: 0 PID: 9077 Comm: syz.0.701 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  481.570194][ T9077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  481.570206][ T9077] Call Trace:
[  481.570213][ T9077]  <TASK>
[  481.570221][ T9077]  dump_stack_lvl+0x189/0x250
[  481.570252][ T9077]  ? __pfx____ratelimit+0x10/0x10
[  481.570278][ T9077]  ? __pfx_dump_stack_lvl+0x10/0x10
[  481.570303][ T9077]  ? __pfx__printk+0x10/0x10
[  481.570322][ T9077]  ? __might_fault+0xb0/0x130
[  481.570359][ T9077]  should_fail_ex+0x46c/0x600
[  481.570390][ T9077]  _copy_from_user+0x2d/0xb0
[  481.570412][ T9077]  video_usercopy+0x354/0x14f0
[  481.570437][ T9077]  ? smk_tskacc+0x2fc/0x370
[  481.570471][ T9077]  ? __pfx_subdev_do_ioctl_lock+0x10/0x10
[  481.570493][ T9077]  ? __pfx_video_usercopy+0x10/0x10
[  481.570509][ T9077]  ? smack_file_ioctl+0x2ac/0x340
[  481.570545][ T9077]  ? __fget_files+0x2a/0x420
[  481.570568][ T9077]  ? __fget_files+0x3a6/0x420
[  481.570595][ T9077]  v4l2_ioctl+0x190/0x1e0
[  481.570622][ T9077]  ? __pfx_v4l2_ioctl+0x10/0x10
[  481.570647][ T9077]  __se_sys_ioctl+0xff/0x170
[  481.570670][ T9077]  do_syscall_64+0xfa/0x3b0
[  481.570688][ T9077]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.570712][ T9077]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  481.570729][ T9077]  ? clear_bhb_loop+0x60/0xb0
[  481.570751][ T9077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.570769][ T9077] RIP: 0033:0x7f0aef38eba9
[  481.570785][ T9077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  481.570801][ T9077] RSP: 002b:00007f0aed5ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  481.570821][ T9077] RAX: ffffffffffffffda RBX: 00007f0aef5d6180 RCX: 00007f0aef38eba9
[  481.570834][ T9077] RDX: 0000200000000080 RSI: 00000000c0585605 RDI: 0000000000000006
[  481.570847][ T9077] RBP: 00007f0aed5ac090 R08: 0000000000000000 R09: 0000000000000000
[  481.570858][ T9077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  481.570869][ T9077] R13: 00007f0aef5d6218 R14: 00007f0aef5d6180 R15: 00007fff98e35b18
[  481.570901][ T9077]  </TASK>
[  482.614817][ T9086] block nbd2: NBD_DISCONNECT
[  482.614943][ T9086] block nbd2: Disconnected due to user request.
[  482.614958][ T9086] block nbd2: shutting down sockets
[  485.558881][ T9118] FAULT_INJECTION: forcing a failure.
[  485.558881][ T9118] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  485.558916][ T9118] CPU: 0 UID: 0 PID: 9118 Comm: syz.0.713 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  485.558937][ T9118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  485.558948][ T9118] Call Trace:
[  485.558954][ T9118]  <TASK>
[  485.558962][ T9118]  dump_stack_lvl+0x189/0x250
[  485.558990][ T9118]  ? __pfx____ratelimit+0x10/0x10
[  485.559016][ T9118]  ? __pfx_dump_stack_lvl+0x10/0x10
[  485.559041][ T9118]  ? __pfx__printk+0x10/0x10
[  485.559083][ T9118]  should_fail_ex+0x46c/0x600
[  485.559115][ T9118]  _copy_to_user+0x31/0xb0
[  485.559139][ T9118]  simple_read_from_buffer+0xe1/0x170
[  485.559168][ T9118]  proc_fail_nth_read+0x1b6/0x220
[  485.559191][ T9118]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  485.559213][ T9118]  ? rw_verify_area+0x2ac/0x4e0
[  485.559234][ T9118]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  485.559253][ T9118]  vfs_read+0x206/0xa30
[  485.559283][ T9118]  ? __pfx_vfs_read+0x10/0x10
[  485.559301][ T9118]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  485.559333][ T9118]  ? mutex_lock_nested+0x154/0x1d0
[  485.559353][ T9118]  ? fdget_pos+0x253/0x320
[  485.559386][ T9118]  ksys_read+0x14b/0x260
[  485.559411][ T9118]  ? __pfx_ksys_read+0x10/0x10
[  485.559428][ T9118]  ? rcu_is_watching+0x15/0xb0
[  485.559460][ T9118]  ? do_syscall_64+0xbe/0x3b0
[  485.559481][ T9118]  do_syscall_64+0xfa/0x3b0
[  485.559497][ T9118]  ? lockdep_hardirqs_on+0x9c/0x150
[  485.559521][ T9118]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.559539][ T9118]  ? clear_bhb_loop+0x60/0xb0
[  485.559561][ T9118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.559578][ T9118] RIP: 0033:0x7f0aef38d5bc
[  485.559595][ T9118] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  485.559609][ T9118] RSP: 002b:00007f0aed5ee030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  485.559630][ T9118] RAX: ffffffffffffffda RBX: 00007f0aef5d5fa0 RCX: 00007f0aef38d5bc
[  485.559643][ T9118] RDX: 000000000000000f RSI: 00007f0aed5ee0a0 RDI: 0000000000000004
[  485.559654][ T9118] RBP: 00007f0aed5ee090 R08: 0000000000000000 R09: 0000000000000000
[  485.559666][ T9118] R10: 0000000060010020 R11: 0000000000000246 R12: 0000000000000001
[  485.559677][ T9118] R13: 00007f0aef5d6038 R14: 00007f0aef5d5fa0 R15: 00007fff98e35b18
[  485.559709][ T9118]  </TASK>
[  485.875621][ T9123] block nbd2: NBD_DISCONNECT
[  485.875694][ T9123] block nbd2: Disconnected due to user request.
[  485.875702][ T9123] block nbd2: shutting down sockets
[  486.918285][   T59] block nbd0: Receive control failed (result -32)
[  486.951767][ T9125] block nbd0: shutting down sockets
[  488.044929][ T5925] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  488.195462][ T5925] usb 6-1: Using ep0 maxpacket: 32
[  488.197154][ T5925] usb 6-1: config 0 has an invalid interface number: 148 but max is 0
[  488.197170][ T5925] usb 6-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config
[  488.197180][ T5925] usb 6-1: config 0 has no interface number 0
[  488.197197][ T5925] usb 6-1: too many endpoints for config 0 interface 148 altsetting 177: 37, using maximum allowed: 30
[  488.197259][ T5925] usb 6-1: config 0 interface 148 altsetting 177 has 0 endpoint descriptors, different from the interface descriptor's value: 37
[  488.197273][ T5925] usb 6-1: config 0 interface 148 has no altsetting 0
[  488.199183][ T5925] usb 6-1: New USB device found, idVendor=0e41, idProduct=4250, bcdDevice=60.11
[  488.199199][ T5925] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  488.199209][ T5925] usb 6-1: Product: syz
[  488.199216][ T5925] usb 6-1: Manufacturer: syz
[  488.199223][ T5925] usb 6-1: SerialNumber: syz
[  488.334489][ T5925] usb 6-1: config 0 descriptor??
[  489.492115][ T5925] snd_usb_pod 6-1:0.148: Line 6 BassPODxt found
[  489.492140][ T5925] usb 6-1: selecting invalid altsetting 5
[  489.492156][ T5925] snd_usb_pod 6-1:0.148: set_interface failed
[  489.493206][ T5925] snd_usb_pod 6-1:0.148: Line 6 BassPODxt now disconnected
[  489.493531][ T5925] snd_usb_pod 6-1:0.148: probe with driver snd_usb_pod failed with error -22
[  489.547344][ T5925] usb 6-1: USB disconnect, device number 8
[  490.374096][ T6261] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  490.745466][ T6261] usb 4-1: Using ep0 maxpacket: 8
[  490.882924][ T9177] Invalid logical block size (-28425)
[  491.673913][   T59] block nbd5: Receive control failed (result -32)
[  491.691285][ T6261] usb 4-1: config index 0 descriptor too short (expected 6427, got 27)
[  491.691316][ T6261] usb 4-1: config 0 has an invalid interface number: 21 but max is 0
[  491.691336][ T6261] usb 4-1: config 0 has no interface number 0
[  491.691385][ T6261] usb 4-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  491.691410][ T6261] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  491.691436][ T6261] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  491.725057][ T9171] block nbd5: shutting down sockets
[  491.742696][ T6261] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  491.742726][ T6261] usb 4-1: New USB device strings: Mfr=31, Product=1, SerialNumber=0
[  491.742745][ T6261] usb 4-1: Product: syz
[  491.742759][ T6261] usb 4-1: Manufacturer: syz
[  491.754823][ T6261] usb 4-1: config 0 descriptor??
[  491.755917][ T9164] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  492.103849][ T6261] usb 4-1: USB disconnect, device number 5
[  492.550606][ T9185] kvm: kvm [9183]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x8e01
[  492.550662][ T9185] kvm: kvm [9183]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0xce01
[  492.550761][ T9185] kvm: kvm [9183]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x1
[  492.550806][ T9185] kvm: kvm [9183]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4001
[  492.796948][ T9193] FAULT_INJECTION: forcing a failure.
[  492.796948][ T9193] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  492.796983][ T9193] CPU: 0 UID: 0 PID: 9193 Comm: syz.3.735 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  492.797004][ T9193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  492.797015][ T9193] Call Trace:
[  492.797022][ T9193]  <TASK>
[  492.797030][ T9193]  dump_stack_lvl+0x189/0x250
[  492.797060][ T9193]  ? __pfx____ratelimit+0x10/0x10
[  492.797086][ T9193]  ? __pfx_dump_stack_lvl+0x10/0x10
[  492.797110][ T9193]  ? __pfx__printk+0x10/0x10
[  492.797131][ T9193]  ? __might_fault+0xb0/0x130
[  492.797166][ T9193]  should_fail_ex+0x46c/0x600
[  492.797197][ T9193]  _copy_from_user+0x2d/0xb0
[  492.797220][ T9193]  do_ip_vs_get_ctl+0x29a/0xd10
[  492.797243][ T9193]  ? __pfx_do_ip_vs_get_ctl+0x10/0x10
[  492.797273][ T9193]  ? lockdep_hardirqs_on+0x9c/0x150
[  492.797298][ T9193]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  492.797324][ T9193]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  492.797351][ T9193]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  492.797376][ T9193]  ? lockdep_hardirqs_on+0x9c/0x150
[  492.797411][ T9193]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  492.797432][ T9193]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  492.797460][ T9193]  ? nf_getsockopt+0x224/0x290
[  492.797485][ T9193]  nf_getsockopt+0x26b/0x290
[  492.797510][ T9193]  ip_getsockopt+0x1c4/0x220
[  492.797540][ T9193]  ? __pfx_ip_getsockopt+0x10/0x10
[  492.797567][ T9193]  ? sock_common_getsockopt+0x2d/0xb0
[  492.797588][ T9193]  ? raw_getsockopt+0xce/0x200
[  492.797604][ T9193]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  492.797629][ T9193]  do_sock_getsockopt+0x36f/0x450
[  492.797659][ T9193]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  492.797684][ T9193]  ? do_syscall_64+0x40/0x3b0
[  492.797701][ T9193]  ? __fget_files+0x3a6/0x420
[  492.797723][ T9193]  ? __fget_files+0x2a/0x420
[  492.797755][ T9193]  __x64_sys_getsockopt+0x1ab/0x250
[  492.797772][ T9193]  ? do_syscall_64+0x40/0x3b0
[  492.797790][ T9193]  ? do_syscall_64+0x40/0x3b0
[  492.797811][ T9193]  do_syscall_64+0xfa/0x3b0
[  492.797826][ T9193]  ? lockdep_hardirqs_on+0x9c/0x150
[  492.797851][ T9193]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.797869][ T9193]  ? clear_bhb_loop+0x60/0xb0
[  492.797891][ T9193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.797909][ T9193] RIP: 0033:0x7fc2edb5eba9
[  492.797924][ T9193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  492.797939][ T9193] RSP: 002b:00007fc2ebdbe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  492.797959][ T9193] RAX: ffffffffffffffda RBX: 00007fc2edda5fa0 RCX: 00007fc2edb5eba9
[  492.797972][ T9193] RDX: 0000000000000483 RSI: 0000000000000000 RDI: 0000000000000003
[  492.797983][ T9193] RBP: 00007fc2ebdbe090 R08: 0000200000000180 R09: 0000000000000000
[  492.797996][ T9193] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  492.798007][ T9193] R13: 00007fc2edda6038 R14: 00007fc2edda5fa0 R15: 00007ffe6e3c3fd8
[  492.798039][ T9193]  </TASK>
[  492.800871][ T5925] IPVS: starting estimator thread 0...
[  493.993922][ T9194] IPVS: using max 7 ests per chain, 16800 per kthread
[  494.260808][ T9197] kvm: kvm [9196]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xbf0000bdd1
[  494.260862][ T9197] kvm: kvm [9196]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xbf0000fdd1
[  494.293137][ T9197] kvm: kvm [9196]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x7600006103
[  494.293193][ T9197] kvm: kvm [9196]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x7600002103
[  494.293303][ T9197] kvm: kvm [9196]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xb60000106b
[  494.293348][ T9197] kvm: kvm [9196]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xb60000506b
[  496.401501][   T59] block nbd0: Receive control failed (result -32)
[  496.413226][ T9221] block nbd0: shutting down sockets
[  497.053965][ T5925] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  497.203986][ T5925] usb 1-1: Using ep0 maxpacket: 8
[  497.208833][ T5925] usb 1-1: config index 0 descriptor too short (expected 6427, got 27)
[  497.208863][ T5925] usb 1-1: config 0 has an invalid interface number: 21 but max is 0
[  497.208884][ T5925] usb 1-1: config 0 has no interface number 0
[  497.208929][ T5925] usb 1-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  497.208955][ T5925] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  497.208988][ T5925] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  497.211543][ T5925] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  497.211644][ T5925] usb 1-1: New USB device strings: Mfr=31, Product=1, SerialNumber=0
[  497.211665][ T5925] usb 1-1: Product: syz
[  497.211679][ T5925] usb 1-1: Manufacturer: syz
[  497.271271][ T5925] usb 1-1: config 0 descriptor??
[  497.272751][ T9234] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  497.504723][ T9244] process 'syz.5.747' launched './file0' with NULL argv: empty string added
[  497.561419][ T5925] usb 1-1: USB disconnect, device number 4
[  498.044179][ T8049] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  498.275791][ T8049] usb 6-1: unable to get BOS descriptor or descriptor too short
[  498.277153][ T8049] usb 6-1: not running at top speed; connect to a high speed hub
[  498.282446][ T8049] usb 6-1: config 1 interface 0 altsetting 64 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  498.282479][ T8049] usb 6-1: config 1 interface 0 has no altsetting 0
[  499.208296][ T8049] usb 6-1: New USB device found, idVendor=0b05, idProduct=18c6, bcdDevice= 0.40
[  499.208327][ T8049] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  499.208347][ T8049] usb 6-1: Product: syz
[  499.208361][ T8049] usb 6-1: Manufacturer: syz
[  499.208375][ T8049] usb 6-1: SerialNumber: syz
[  499.325052][ T9244] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  500.754001][ T8049] usbhid 6-1:1.0: can't add hid device: -71
[  500.754137][ T8049] usbhid 6-1:1.0: probe with driver usbhid failed with error -71
[  500.779253][ T8049] usb 6-1: USB disconnect, device number 9
[  501.903217][   T59] block nbd6: Receive control failed (result -32)
[  501.933428][ T9268] block nbd6: shutting down sockets
[  501.959012][ T1326] ieee802154 phy0 wpan0: encryption failed: -22
[  501.959091][ T1326] ieee802154 phy1 wpan1: encryption failed: -22
[  505.846920][ T9311] hub 9-0:1.0: USB hub found
[  505.852031][ T9311] hub 9-0:1.0: 1 port detected
[  508.917159][   T59] block nbd2: Receive control failed (result -32)
[  508.919081][ T9330] block nbd2: shutting down sockets
[  509.374042][ T6261] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  509.433903][ T5928] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  509.523939][ T6261] usb 6-1: Using ep0 maxpacket: 8
[  509.527356][ T6261] usb 6-1: config 5 has an invalid interface number: 52 but max is 1
[  509.527381][ T6261] usb 6-1: config 5 has an invalid interface number: 4 but max is 1
[  509.527400][ T6261] usb 6-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  509.527416][ T6261] usb 6-1: config 5 has no interface number 0
[  509.527431][ T6261] usb 6-1: config 5 has no interface number 1
[  509.527485][ T6261] usb 6-1: config 5 interface 52 altsetting 10 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  509.527526][ T6261] usb 6-1: config 5 interface 4 altsetting 9 endpoint 0x5 has invalid wMaxPacketSize 0
[  509.527545][ T6261] usb 6-1: config 5 interface 4 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 7
[  509.527569][ T6261] usb 6-1: config 5 interface 52 has no altsetting 0
[  509.527585][ T6261] usb 6-1: config 5 interface 4 has no altsetting 0
[  509.530779][ T6261] usb 6-1: New USB device found, idVendor=04b4, idProduct=0002, bcdDevice=e2.5c
[  509.530807][ T6261] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  509.530827][ T6261] usb 6-1: Product: syz
[  509.530841][ T6261] usb 6-1: Manufacturer: syz
[  509.530855][ T6261] usb 6-1: SerialNumber: syz
[  509.583865][ T5928] usb 3-1: Using ep0 maxpacket: 8
[  509.586614][ T5928] usb 3-1: config index 0 descriptor too short (expected 6427, got 27)
[  509.586652][ T5928] usb 3-1: config 0 has an invalid interface number: 21 but max is 0
[  509.586671][ T5928] usb 3-1: config 0 has no interface number 0
[  509.586721][ T5928] usb 3-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  509.586747][ T5928] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  509.586772][ T5928] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  509.596889][ T9352] hsr0: entered promiscuous mode
[  509.597961][ T9352] netlink: 4 bytes leftover after parsing attributes in process `syz.3.778'.
[  509.603871][ T5928] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  509.603898][ T5928] usb 3-1: New USB device strings: Mfr=31, Product=1, SerialNumber=0
[  509.603918][ T5928] usb 3-1: Product: syz
[  509.603931][ T5928] usb 3-1: Manufacturer: syz
[  509.702466][ T9352] hsr_slave_0: left promiscuous mode
[  509.731822][ T9352] hsr_slave_1: left promiscuous mode
[  509.787213][ T5928] usb 3-1: config 0 descriptor??
[  509.790395][ T9352] hsr0 (unregistering): left promiscuous mode
[  509.814498][ T9347] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  510.116399][ T5928] usb 3-1: USB disconnect, device number 4
[  510.613957][ T9353] batman_adv: batadv0: Adding interface: dummy0
[  510.613975][ T9353] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  510.614009][ T9353] batman_adv: batadv0: Interface activated: dummy0
[  511.315057][ T9361] hub 9-0:1.0: USB hub found
[  511.320156][ T9361] hub 9-0:1.0: 1 port detected
[  511.944094][ T5850] Bluetooth: hci1: command 0x1003 tx timeout
[  511.977155][   T59] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  513.147583][ T6261] cytherm 6-1:5.52: Cypress thermometer device now attached
[  513.171723][ T6261] cytherm 6-1:5.4: Cypress thermometer device now attached
[  513.191592][ T6261] usb 6-1: USB disconnect, device number 10
[  513.243264][ T6261] cytherm 6-1:5.52: Cypress thermometer now disconnected
[  513.257139][ T6261] cytherm 6-1:5.4: Cypress thermometer now disconnected
[  515.092936][ T9398] JFS: discard option not supported on device
[  515.093471][ T9398] Mount JFS Failure: -22
[  515.093484][ T9398] jfs_mount failed w/return code = -22
[  515.197409][ T9399] FAULT_INJECTION: forcing a failure.
[  515.197409][ T9399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  515.197442][ T9399] CPU: 1 UID: 0 PID: 9399 Comm: syz.2.790 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  515.197462][ T9399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  515.197472][ T9399] Call Trace:
[  515.197478][ T9399]  <TASK>
[  515.197485][ T9399]  dump_stack_lvl+0x189/0x250
[  515.197513][ T9399]  ? __pfx____ratelimit+0x10/0x10
[  515.197538][ T9399]  ? __pfx_dump_stack_lvl+0x10/0x10
[  515.197560][ T9399]  ? __pfx__printk+0x10/0x10
[  515.197578][ T9399]  ? __might_fault+0xb0/0x130
[  515.197614][ T9399]  should_fail_ex+0x46c/0x600
[  515.197643][ T9399]  _copy_from_iter+0x1de/0x1790
[  515.197670][ T9399]  ? n_hdlc_tty_write+0x164/0x880
[  515.197693][ T9399]  ? __pfx__copy_from_iter+0x10/0x10
[  515.197712][ T9399]  ? __pfx_default_wake_function+0x10/0x10
[  515.197731][ T9399]  ? file_tty_write+0x329/0xa30
[  515.197757][ T9399]  ? iov_iter_revert+0x1eb/0x5f0
[  515.197774][ T9399]  ? file_tty_write+0x329/0xa30
[  515.197796][ T9399]  ? kfree+0x4d/0x550
[  515.197815][ T9399]  ? file_tty_write+0x217/0xa30
[  515.197844][ T9399]  file_tty_write+0x4c5/0xa30
[  515.197876][ T9399]  vfs_write+0x5d5/0xb40
[  515.197903][ T9399]  ? __pfx_tty_write+0x10/0x10
[  515.197934][ T9399]  ? __pfx_vfs_write+0x10/0x10
[  515.197965][ T9399]  ? __fget_files+0x2a/0x420
[  515.197999][ T9399]  ksys_write+0x14b/0x260
[  515.198022][ T9399]  ? __pfx_ksys_write+0x10/0x10
[  515.198056][ T9399]  ? do_syscall_64+0xbe/0x3b0
[  515.198077][ T9399]  do_syscall_64+0xfa/0x3b0
[  515.198092][ T9399]  ? lockdep_hardirqs_on+0x9c/0x150
[  515.198115][ T9399]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.198133][ T9399]  ? clear_bhb_loop+0x60/0xb0
[  515.198154][ T9399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.198172][ T9399] RIP: 0033:0x7fc336bceba9
[  515.198188][ T9399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  515.198203][ T9399] RSP: 002b:00007fc334e0d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  515.198222][ T9399] RAX: ffffffffffffffda RBX: 00007fc336e16090 RCX: 00007fc336bceba9
[  515.198236][ T9399] RDX: 00000000fffffdef RSI: 0000200000001040 RDI: 0000000000000006
[  515.198248][ T9399] RBP: 00007fc334e0d090 R08: 0000000000000000 R09: 0000000000000000
[  515.198260][ T9399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  515.198270][ T9399] R13: 00007fc336e16128 R14: 00007fc336e16090 R15: 00007ffd8ad76218
[  515.198302][ T9399]  </TASK>
[  515.953937][   T49] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  516.314562][   T49] usb 4-1: Using ep0 maxpacket: 32
[  516.316998][   T49] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  516.317026][   T49] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  516.322266][   T49] usb 4-1: config 0 descriptor??
[  516.783933][ T6261] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  517.093876][ T6261] usb 1-1: Using ep0 maxpacket: 8
[  517.096429][ T6261] usb 1-1: config 5 has an invalid interface number: 52 but max is 1
[  517.096456][ T6261] usb 1-1: config 5 has an invalid interface number: 4 but max is 1
[  517.096476][ T6261] usb 1-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  517.096495][ T6261] usb 1-1: config 5 has no interface number 0
[  517.096509][ T6261] usb 1-1: config 5 has no interface number 1
[  517.096570][ T6261] usb 1-1: config 5 interface 52 altsetting 10 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  517.096611][ T6261] usb 1-1: config 5 interface 4 altsetting 9 endpoint 0x5 has invalid wMaxPacketSize 0
[  517.096632][ T6261] usb 1-1: config 5 interface 4 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 7
[  517.096658][ T6261] usb 1-1: config 5 interface 52 has no altsetting 0
[  517.096676][ T6261] usb 1-1: config 5 interface 4 has no altsetting 0
[  517.100437][ T6261] usb 1-1: New USB device found, idVendor=04b4, idProduct=0002, bcdDevice=e2.5c
[  517.100466][ T6261] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  517.100486][ T6261] usb 1-1: Product: syz
[  517.100500][ T6261] usb 1-1: Manufacturer: syz
[  517.100514][ T6261] usb 1-1: SerialNumber: syz
[  517.302643][   T49] gspca_main: sunplus-2.14.0 probing 041e:400b
[  517.564355][ T6261] cytherm 1-1:5.52: Cypress thermometer device now attached
[  517.611236][ T6261] cytherm 1-1:5.4: Cypress thermometer device now attached
[  517.637841][ T6261] usb 1-1: USB disconnect, device number 5
[  517.651021][ T6261] cytherm 1-1:5.52: Cypress thermometer now disconnected
[  517.688045][ T6261] cytherm 1-1:5.4: Cypress thermometer now disconnected
[  517.719015][ T6015] udevd[6015]: setting owner of /dev/bus/usb/001/005 to uid=0, gid=0 failed: No such file or directory
[  519.342114][   T49] gspca_sunplus: reg_w_riv err -110
[  519.342221][   T49] sunplus 4-1:0.0: probe with driver sunplus failed with error -110
[  519.655935][ T6261] usb 4-1: USB disconnect, device number 6
[  519.833963][ T5830] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  520.004892][ T5830] usb 6-1: Using ep0 maxpacket: 16
[  520.010926][ T5830] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  520.010947][ T5830] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  520.049597][ T5830] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  520.049637][ T5830] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  520.049656][ T5830] usb 6-1: Product: syz
[  520.049670][ T5830] usb 6-1: Manufacturer: syz
[  520.049684][ T5830] usb 6-1: SerialNumber: syz
[  520.133006][ T5830] usb 6-1: config 0 descriptor??
[  520.161720][ T5830] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  520.161760][ T5830] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class)
[  521.710936][   T59] block nbd0: Receive control failed (result -32)
[  521.740830][ T9444] block nbd0: shutting down sockets
[  521.774374][ T5830] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  521.776607][ T5830] em28xx 6-1:0.0: Config register raw data: 0xfffffffb
[  521.777066][ T5830] em28xx 6-1:0.0: AC97 chip type couldn't be determined
[  521.777083][ T5830] em28xx 6-1:0.0: No AC97 audio processor
[  521.888719][ T9452] block nbd2: NBD_DISCONNECT
[  521.889240][ T9452] block nbd2: Disconnected due to user request.
[  521.889258][ T9452] block nbd2: shutting down sockets
[  523.142272][ T9435] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48
[  523.142294][ T9435] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 9435, name: syz.5.800
[  523.142311][ T9435] preempt_count: 0, expected: 0
[  523.142320][ T9435] RCU nest depth: 0, expected: 0
[  523.142338][ T9435] 1 lock held by syz.5.800/9435:
[  523.142350][ T9435]  #0: ffff888145364058 (&dum_hcd->dum->lock){+.+.}-{3:3}, at: dummy_dequeue+0x164/0x480
[  523.142410][ T9435] irq event stamp: 2318
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  523.142418][ T9435] hardirqs last  enabled at (2317): [<ffffffff8afa63e3>] _raw_spin_unlock_irq+0x23/0x50
[  523.142451][ T9435] hardirqs last disabled at (2318): [<ffffffff86fcb071>] dummy_dequeue+0x151/0x480
[  523.142479][ T9435] softirqs last  enabled at (438): [<ffffffff8184dfa4>] __local_bh_enable_ip+0x1a4/0x270
[  523.142507][ T9435] softirqs last disabled at (432): [<ffffffff88d651bf>] release_sock+0x2f/0x210
[  523.142551][ T9435] CPU: 1 UID: 0 PID: 9435 Comm: syz.5.800 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  523.142575][ T9435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  523.142588][ T9435] Call Trace:
[  523.142595][ T9435]  <TASK>
[  523.142603][ T9435]  dump_stack_lvl+0x189/0x250
[  523.142633][ T9435]  ? release_sock+0x2f/0x210
[  523.142654][ T9435]  ? release_sock+0x2f/0x210
[  523.142680][ T9435]  ? __pfx_dump_stack_lvl+0x10/0x10
[  523.142717][ T9435]  ? print_lock_name+0xde/0x100
[  523.142743][ T9435]  __might_resched+0x44b/0x5d0
[  523.142772][ T9435]  ? __pfx___might_resched+0x10/0x10
[  523.142794][ T9435]  ? dummy_dequeue+0x164/0x480
[  523.142834][ T9435]  rt_spin_lock+0xc7/0x2c0
[  523.142858][ T9435]  ? _raw_spin_unlock_irq+0x23/0x50
[  523.142888][ T9435]  ? __pfx_rt_spin_lock+0x10/0x10
[  523.142917][ T9435]  ? rcu_is_watching+0x15/0xb0
[  523.142948][ T9435]  dummy_dequeue+0x164/0x480
[  523.142979][ T9435]  ? __pfx_dummy_dequeue+0x10/0x10
[  523.143000][ T9435]  ? __pfx_schedule_timeout+0x10/0x10
[  523.143026][ T9435]  ? __pfx___wait_for_common+0x10/0x10
[  523.143068][ T9435]  usb_ep_dequeue+0x66/0x250
[  523.143094][ T9435]  raw_process_ep0_io+0x435/0x980
[  523.143130][ T9435]  raw_ioctl+0x2609/0x3ba0
[  523.143175][ T9435]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  523.143200][ T9435]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  523.143226][ T9435]  ? do_vfs_ioctl+0xbeb/0x1440
[  523.143251][ T9435]  ? __pfx_raw_ioctl+0x10/0x10
[  523.143276][ T9435]  ? __pfx_smack_log+0x10/0x10
[  523.143306][ T9435]  ? smk_access+0x14c/0x4e0
[  523.143343][ T9435]  ? smk_tskacc+0x2fc/0x370
[  523.143378][ T9435]  ? smack_file_ioctl+0x2ac/0x340
[  523.143402][ T9435]  ? __pfx_smack_file_ioctl+0x10/0x10
[  523.143434][ T9435]  ? __fget_files+0x2a/0x420
[  523.143461][ T9435]  ? __fget_files+0x3a6/0x420
[  523.143487][ T9435]  ? __fget_files+0x2a/0x420
[  523.143518][ T9435]  ? bpf_lsm_file_ioctl+0x9/0x20
[  523.143549][ T9435]  ? __pfx_raw_ioctl+0x10/0x10
[  523.143574][ T9435]  __se_sys_ioctl+0xff/0x170
[  523.143601][ T9435]  do_syscall_64+0xfa/0x3b0
[  523.143617][ T9435]  ? lockdep_hardirqs_on+0x9c/0x150
[  523.143642][ T9435]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.143662][ T9435]  ? clear_bhb_loop+0x60/0xb0
[  523.143687][ T9435]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.143709][ T9435] RIP: 0033:0x7f7290a5e7ab
[  523.143724][ T9435] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[  523.143740][ T9435] RSP: 002b:00007f728ecbbf60 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  523.143760][ T9435] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f7290a5e7ab
[  523.143773][ T9435] RDX: 00007f728ecbbfe0 RSI: 00000000c0085504 RDI: 000000000000000c
[  523.143785][ T9435] RBP: 00007f7290ae1e19 R08: 0000000000000001 R09: 0000000000000000
[  523.143796][ T9435] R10: 000000000000000c R11: 0000000000000246 R12: 00007f728ecbbfe8
[  523.143808][ T9435] R13: 0000000000000000 R14: 00007f7290ca5fa0 R15: 00007fff03c91d98
[  523.143839][ T9435]  </TASK>
[  524.007394][ T9472] hub 9-0:1.0: USB hub found
[  524.011033][ T9472] hub 9-0:1.0: 1 port detected
[  524.729144][   T49] usb 6-1: USB disconnect, device number 11
[  524.731386][   T49] em28xx 6-1:0.0: Disconnecting em28xx
[  524.784724][   T49] em28xx 6-1:0.0: Freeing device
[  524.813910][  T980] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  527.101396][ T1470] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  528.531334][ T1470] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  528.730018][ T1470] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  528.939321][ T1470] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  529.245743][ T1470] bridge_slave_1: left allmulticast mode
[  529.245785][ T1470] bridge_slave_1: left promiscuous mode
[  529.246054][ T1470] bridge0: port 2(bridge_slave_1) entered disabled state
[  529.355478][ T1470] bridge_slave_0: left allmulticast mode
[  529.355509][ T1470] bridge_slave_0: left promiscuous mode
[  529.355767][ T1470] bridge0: port 1(bridge_slave_0) entered disabled state
[  531.346148][ T1470] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  531.395943][ T1470] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  531.418441][ T1470] bond0 (unregistering): Released all slaves
[  532.119058][ T1470] bond1 (unregistering): (slave vxcan3): Releasing backup interface
[  532.119085][ T1470] vxcan3: left promiscuous mode
[  532.186126][ T1470] bond1 (unregistering): Released all slaves