last executing test programs:

9m59.48457032s ago: executing program 0 (id=1555):
socket$nl_sock_diag(0x10, 0x3, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000016d0cffbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff000000003704000000ffffffdd4005000000000034000000016d00007b130000000000001d440100000000007a0a00fe00ffffffdb03000051000000b5000000000000009500000000000000023bc065b70300c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e51815548000000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7f300c095199fe3ff3128e599b0eaebbdbd732c9cc20eec363e4a8f6456e5ccae25ea21714eca8cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21e"], 0x0}, 0x94)
syz_usb_connect(0x2, 0x34, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000094d9d4084e080110aeed010203010902220001000000000904000001437b6a00090500000000000000070594ef"], 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x2102, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000300)={0xb, @sdr={0x34565559, 0x2}})
bind$alg(0xffffffffffffffff, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000001280), 0x0)
poll(&(0x7f0000000100), 0x0, 0x8)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x0, @multicast2}, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x4c000, 0x0, 0x0)
sendmsg$nl_xfrm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[], 0x1a000}}, 0x20048805)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, 0x0)
r6 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000500)={0x80000000, 0x2, 0x0, 0xb71}, 0x10)
sendmsg$nl_route(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c0000001a00df1b1b5b0000000000001c140000fd0200000000ba71ac68650e74150157aa1da8cf81280000e33464ec0d526b05a9c63acfa508a4d0c5623cb335b37428669de650fef811a68cab59feb62228b41eecadd56933d604945f0529a737069218f059c63d0915d5d1a7c2"], 0x1c}, 0x1, 0x0, 0x0, 0x4815}, 0xc080)
r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

9m57.468372803s ago: executing program 0 (id=1574):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000580)="b7b36e8d6d8dd383c240ddf2ae108433f56d8a50b7f2e7df3db2492126024505ac228b97396c28ca2a53e1cd44227b6724a40dc78112172fc13002beebf9c0e4bd11b491b10fa2382cae89c0ee2f4a9b28f563ad4c35eefbd3752abcf3b1edf9f838c83ac85fdbfccbb8ce63d8596e8f500726f0f57f323645cb1a1fa3ffba8bfc7f5cc5fc55e251089a11d9fd10fd9c3efe9a5f0002f78f58a511a9211b948a2ffdb39baf31d580ca2b47050981c63f2e1357c8ed5b000000000000e1e65b797fed6a4ffa10d2f83c67f0d24848271d336a551cafb438849e75c7239046963660c53da3688e5eefef5d62e59256bbf82a887dfae6dec66d7787a71ef16a3f3ba8a864056f0ab8353e965471969789010ed97ec9858f915c0acc12f6cf66ae452f5a5df14b18b977c5f9bab661a73272e33e017997cfd07bc84220dcca0548df6ba05a71ff30f5ec255831895eae9ab5ba0a7f8704977c52a1a52a22342b78292273e4e74bdc5acda403047e4df1ef2f92ce75616028d08366252ec972dbecf45d204fb625d4a2d62a55be0f3b8ef22ba2724e4a2b64ada6c6a90dc6f5074827417ab9f426826b3729f168b3a4a84a44e28cf4d3b8907e6e9edf4a59644de21410dfb202a1a00f4585c769931be875dfda8e20eaffff1f7e91de000000000000009d8e79cff2", 0x1e6}], 0x1)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_STATS_ENABLED={0x5, 0x29, 0x2}]}}}]}, 0x3c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
r2 = socket(0x10, 0x803, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x400000, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_RT_PRIORITY={0x8, 0x9, 0x7ff}]}, 0x34}}, 0x0)

9m57.216537155s ago: executing program 0 (id=1566):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockname(r0, 0x0, &(0x7f0000000100))
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8), 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0xc, 0x0, 0xfffffdfffffffffe, 0xfa11, 0xffffffff}, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r4 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r4, 0xc0184800, &(0x7f0000000100)={0x20004, <r5=>r3, 0x80000})
openat$sequencer2(0xffffff9c, &(0x7f0000000280), 0x8000, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_MOD(r7, 0x3, r6, &(0x7f0000000c40)={0x8000203d})
r8 = syz_open_dev$dri(&(0x7f0000000040), 0x1ff, 0x80000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r8, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r5})
r9 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r12, 0x4138ae84, &(0x7f0000000100)={{0x14004, 0x100000, 0x10, 0x1, 0xfe}, {0x0, 0x2000, 0xf, 0xfe, 0x0, 0x0, 0x0, 0xff, 0x8, 0x0, 0x5}, {0xd000, 0x2, 0x0, 0x80, 0xf9, 0x0, 0x0, 0x2, 0x23, 0x0, 0x4}, {0x5000, 0x2, 0xf, 0x41, 0x0, 0x2, 0x1, 0xfc, 0x0, 0x3}, {0x4000, 0xeeef0000, 0xc, 0x1, 0x3, 0x10, 0xc0, 0x0, 0x1, 0x0, 0x4}, {0x0, 0x100000, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x2, 0xff}, {0x8000000, 0x2000, 0xa, 0x0, 0x2, 0xfd, 0x0, 0x7, 0x3a, 0x2, 0x0, 0x1}, {0x0, 0x2, 0x0, 0x2, 0x0, 0x6, 0x7, 0x0, 0xfe, 0x0, 0xfe, 0x5}, {0x0, 0x400}, {}, 0xddf8ffdb, 0x0, 0x0, 0x100, 0x7, 0x8000, 0xffff1000, [0x400000000000000, 0x10000000020, 0x2]})
ioctl$KVM_RUN(r12, 0xae80, 0x0)
fsmount(r9, 0x0, 0x6)

9m55.924411573s ago: executing program 0 (id=1571):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r0, &(0x7f00000001c0), 0x10)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f00000003c0)=0x1, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x1, 0x0, 0x0, "0000000000000003"}, 0x10}}, 0x20000000)
read(r0, &(0x7f0000002340)=""/232, 0xe8)

9m54.998115934s ago: executing program 0 (id=1573):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x600, 0x400000, {0xa, 0x0, 0x0, 0x0, r2}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_RT_PRIORITY={0x8, 0x9, 0x7ff}]}, 0x34}}, 0x0)

9m54.90447841s ago: executing program 0 (id=1575):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a000008048002000905", @ANYRES64], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, 0x0, 0x0) (async)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, 0x0, 0x0) (async)
syz_usb_connect$hid(0x2, 0x0, 0x0, 0x0) (async)
syz_open_dev$hidraw(0x0, 0x82, 0x2) (async)
r3 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010, 0x0, 0x290}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) (async)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) (async)
io_uring_enter(r3, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0) (async)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(0xffffffffffffffff, 0x80089419, 0x0) (async)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c240203010104030700ff070c240206000205050200d07f072408040700470c24"], 0x0)

9m39.622292947s ago: executing program 32 (id=1575):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a000008048002000905", @ANYRES64], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, 0x0, 0x0) (async)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, 0x0, 0x0) (async)
syz_usb_connect$hid(0x2, 0x0, 0x0, 0x0) (async)
syz_open_dev$hidraw(0x0, 0x82, 0x2) (async)
r3 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010, 0x0, 0x290}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) (async)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) (async)
io_uring_enter(r3, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0) (async)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(0xffffffffffffffff, 0x80089419, 0x0) (async)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c240203010104030700ff070c240206000205050200d07f072408040700470c24"], 0x0)

10.837762206s ago: executing program 1 (id=4135):
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000480)=ANY=[], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000540)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000380)={0x24, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
set_mempolicy(0x1, &(0x7f0000000e80)=0x1ff, 0x7582)
syz_clone(0xc1003000, 0x0, 0x0, &(0x7f00000014c0), 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000740)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "000001", 0x14, 0x3a, 0xff, @empty, @mcast2, {[], @ndisc_ns={0x87, 0x0, 0x0, @private1}}}}}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000001440)={'veth1_to_bond\x00', &(0x7f00000005c0)=@ethtool_dump={0x3e, 0x1, 0x900000a}})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000007040)={0x0, 0x0, &(0x7f0000007000)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_DELOBJ={0x14, 0x14, 0xa, 0x301, 0x0, 0x0, {0x0, 0x0, 0x6}}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x3}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x3, 0x0, 0x0, {0xa}, [@NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x8c}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, &(0x7f0000000100)={0xc, &(0x7f0000000000)={0x40, 0x6, 0xb2, {0xb2, 0xf, "75b339ea7dfcec8ec6eac56f1d4b5c700a1de29c7d91ea0d12f78cb15141faf70a34367123f330b63a1e3872f7594e591f85db926690d5ffe7d318d632b6fd32c223b13a22f58233947f4e78042ef027253706653f2be6f9d625a8096102003452efb7a36d1aeaf3af5db18ff0f3716849000de49ad10e2f77e86b5da2256d799443f0485a43ef1bbd98f4c372cd7eb6cec3cb8d2c7679472b6c2c6a65853418721ecc430fe8ca3caaa69994945fd349"}}, &(0x7f00000000c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xc07}}}, &(0x7f0000000440)={0x24, &(0x7f0000000140)={0x40, 0x12, 0xde, "460ba1e504e385a43f9836c2220055d81aa939bd590c09a66a08007b42402b526443a09db78942df94c460409df30d1a2aae4bcbe7c87412019b0d9b1ff7eac6f70b0d11b1006acb50022d8b1650e1ce6b8f4ab118fb63e3ebe0cde043e94f2efd0fc1cda7d3964901fb795b01cf68c4ea71aabae3dfb60e02bb374af1f6f3a8c4932b203f7e9958a6dfa84ae845e72dd503e4af64aafcf475d4ff574d8b1258038c31c5222fd9562ef422492af1f42b05a1c4c4c60b1b9c2a2f4f3926e57b3005b540fdae8e91c0b815073206b0f0425cc785155d1348370c4b4438b27c"}, &(0x7f0000000240)={0x0, 0xa, 0x1, 0xff}, &(0x7f0000000280)={0x0, 0x8, 0x1, 0x2}, &(0x7f00000002c0)={0x20, 0x81, 0x2, "25ce"}, &(0x7f0000000300)={0x20, 0x82, 0x1, "de"}, &(0x7f0000000340)={0x20, 0x83, 0x1, 'j'}, &(0x7f00000003c0)={0x20, 0x84, 0x2, '+J'}, &(0x7f0000000400)={0x20, 0x85, 0x3, "ca4915"}})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000008c0)={0x44, &(0x7f0000000600)={0x0, 0xe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

10.180487858s ago: executing program 4 (id=4140):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
getsockopt$inet_pktinfo(r0, 0x0, 0x50, 0x0, &(0x7f0000000040)=0xfffffdd2)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000200)={<r5=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x7a, &(0x7f0000000340)={r5, @in={{0x2, 0x4e22, @broadcast}}}, &(0x7f0000000100)=0x84)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000100)={0x0, 0x1000, 0x8, 0x4b5, 0x8}, 0x14)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f00000000c0)={0x2, 'macvlan0\x00', 0x4}, 0x18)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x300, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000200)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r6, 0x3b88, &(0x7f00000002c0)={0xc, r7})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000780)=ANY=[@ANYBLOB="48010000"], 0x148}}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

9.268794764s ago: executing program 4 (id=4143):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000240)={@in={{0x2, 0x4e23, @private=0xa010101}}, 0x0, 0x0, 0xc, 0x0, "a0ab3cb55fa00c8c700e5e09285f491eac0cea1ce9f0ec42ea14458ee7781bec402d2d321b88022cf1948c5293dc6ad261085cf4a3985220570ea63beac9bd0280683400429fdad3e08006b7b7038662"}, 0xd8)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000035c0)=""/4106, 0x100a}], 0x1, 0x0, 0x24, 0x407006}, 0x104)

9.075946246s ago: executing program 5 (id=4147):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000be9dccb0f496f1f20dd6f7ff000008000000", @ANYRES32=0x0, @ANYBLOB="e0000002000000000c000000100100000d000000"], 0x24}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events.local\x00', 0x275a, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
ftruncate(r1, 0x2000009)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000400)='bic', 0x3)
sendto$inet(r2, &(0x7f00000002c0)="48c11076b4417edeac11712c25c86d973fcecf650939fca618a9edc70000010030fbbb0c6e2acf22a251ba84e7bdf6c2bea338852471c9353000ef600282196963697d33b83246d29baa4e38f430ce8f3d4cafd2c65af5712fec8780245a7e6a241e45e7fdb50f1623a684a392605cea9231cbaec597e72ed9801e95ca66f6ddd70b2461910911790db23fda026c52c162cbce48f8e8ec6df46c76d26781dbd6709adeb0cac1d0cbb706911d59117fea3bd96a6f749ba813ba3c8aebbc6b8563754f53afba0a67f7cef9a35770c251b421b8898e96db7152e2b967ec8290da9ec475def89c7d57f2bd5595a6b253601b000000000000000000", 0xf9, 0x20000012, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
unshare(0x8000000)
shmget$private(0x0, 0xfffffffffeffffff, 0x4800, &(0x7f0000ffc000/0x3000)=nil)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000100))
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, 0x0)
r7 = dup3(r6, r5, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r8, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, 0x0)

8.390360091s ago: executing program 4 (id=4152):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_usb_connect(0x5, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000c73d8a0870272091776c01020301090212000100000000090400000091b0e200acc24e14fb5126c0834ad0eee6073895f59df43cb339d27e43578776e78c1fe6c49b38a4f7bc7559f57074619bb115f1f22c793c0a2579303d0f16304972a1e8da2d04a03f2df86d3e3936b54bb8df1e3f35aff90040f732cac72603e73817dd1ec7b0c9993a0d6a5a5000d4bad7601c2a2ec0b82b88c473b6bc4d3db70300d183af71ae0a378bbe839b3854a5153e74b4179710f4e2b351b9e8c56a6fcb4efe98d4bd5299a372573c7cecf6c72ffde6d424623757e1e7ca12bc1afc92cd0a74639be58705b670f464fe98feee3b9db4f845b8816751eb38414603"], 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000aff000000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000031200048008000240000000120800014000000000140003006e657464657673696d30"], 0xac}}, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@file={0xba880097c87cdfc, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e24, 0x0, @rand_addr, 0x8000}, 0x1c)
sendmmsg(r3, &(0x7f00000092c0), 0x4ff, 0xfdff)

8.147123764s ago: executing program 5 (id=4153):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_UPGRADEABLE_SERVICE(r0, 0x110, 0x5, 0x0, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$MRT(r1, 0x0, 0xd1, 0x0, 0x0)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f00000001c0), 0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r3, 0x8010aebc, &(0x7f0000000100)={0x6, 0x892, 0x0, 0x0})
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x11}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x40010, 0xffffffffffffffff, 0xee70b000)
r4 = socket(0x23, 0x6, 0x1000)
syz_genetlink_get_family_id$ethtool(0x0, r4)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000400)={0x2, &(0x7f0000000440)=[{0x3, 0x7, 0x40, 0x400}, {0x1, 0x9, 0x6, 0x400}]}, 0x8)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f00000004c0)={0x168, 0x0, 0x1, 0x401, 0x0, 0x0, {0x3, 0x0, 0x7}, [@CTA_TUPLE_ORIG={0x50, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x1d}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_HELP={0x14, 0x5, 0x0, 0x1, {0xf, 0x1, 'tftp-20000\x00'}}, @CTA_PROTOINFO={0x20, 0x4, 0x0, 0x1, @CTA_PROTOINFO_SCTP={0x1c, 0x3, 0x0, 0x1, [@CTA_PROTOINFO_SCTP_VTAG_ORIGINAL={0x8, 0x2, 0x1, 0x0, 0x6dca}, @CTA_PROTOINFO_SCTP_STATE={0x5, 0x1, 0x8}, @CTA_PROTOINFO_SCTP_STATE={0x5, 0x1, 0x3}]}}, @CTA_LABELS_MASK={0x8, 0x17, [0x200]}, @CTA_FILTER={0x24, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x42}, @CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x40}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x4}, @CTA_FILTER_ORIG_FLAGS={0x8}]}, @CTA_NAT_SRC={0x7c, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @broadcast}}, @CTA_NAT_V4_MINIP={0x8, 0x1, @local}, @CTA_NAT_PROTO={0x54, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e24}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e20}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e21}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e22}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e21}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e20}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e20}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e22}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e20}]}, @CTA_NAT_V4_MINIP={0x8, 0x1, @broadcast}]}, @CTA_NAT_SRC={0x28, 0x6, 0x0, 0x1, [@CTA_NAT_V4_MINIP={0x8, 0x1, @loopback}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @multicast2}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e20}]}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @multicast1}]}]}, 0x168}, 0x1, 0x0, 0x0, 0x811}, 0x20040000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x0, 0x2})
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r9 = dup3(r8, r7, 0x80000)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0xffffffffffffff9a, 0x1000000, 0x0})
ioctl$EVIOCREVOKE(r9, 0x40044591, 0x0)

8.143879905s ago: executing program 1 (id=4154):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x3c1, 0x3, 0x2cc, 0x110, 0xc8, 0x8, 0x110, 0x5803, 0x21e, 0x2e8, 0x2e8, 0x204, 0x2e8, 0x3, 0x0, {[{{@ipv6={@mcast2, @private0, [0xffffffff, 0xffffff00, 0xff, 0xff], [0xffffff00, 0xff, 0x0, 0xff000000], 'wlan0\x00', 'syzkaller1\x00', {}, {0xff}, 0x32, 0x3, 0x3, 0x4}, 0x0, 0xd0, 0x110, 0x0, {0x0, 0x2000000000000}, [@common=@inet=@esp={{0x2c}, {[0x4d4, 0x4d3], 0x1}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x81, 0xff, {0x4}}}}, {{@uncond, 0x0, 0xd4, 0xf4, 0x0, {}, [@common=@frag={{0x30}, {[0x6, 0x4], 0x81, 0x32, 0x1}}]}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x328)

8.048208636s ago: executing program 1 (id=4155):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x13, 0x6, 0x1c})
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r3 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r3, 0x81044804, &(0x7f0000000400)={0x1})
ioctl$HIDIOCGDEVINFO(r3, 0x801c4803, &(0x7f0000000ac0)=""/4096)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r0)
fsopen(&(0x7f0000000180)='proc\x00', 0x1)
socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x87, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffd2a9dc6da626c0e21677ffaaaaaaaaaa2b86dd6700000100513afffe880000000000000000000000000201ff02000000000000000000000000000189009078000000002001000000000000000000000001fe800000000000000000000000000038220560aeb59d3fb13258c6f29dd7eed9c5aaa04a18f74d2a890000"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r6, 0x1000)
syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)

7.108259163s ago: executing program 5 (id=4158):
prctl$PR_GET_TSC(0x19, &(0x7f0000000000))
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r4, &(0x7f00000001c0)={&(0x7f0000000080)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000880)=""/4092, 0xffc}], 0x1, 0x0, 0x0, 0x20000800}, 0x0)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x8000002, 0xfffffffa, @rand_addr, 0x5}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000000080)='D', 0x1, 0x404c814, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x24, 0x24, 0xf0b, 0x70bd27, 0xfffffffc, {0x0, 0x0, 0x0, r6, {0x8, 0x4}, {0x6, 0xffff}, {0xfff3, 0xfff3}}}, 0x24}}, 0x880)
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r7, 0xc01864c6, &(0x7f0000000100)={0x0, 0x0, 0x800})
socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000200)={'veth1\x00', &(0x7f00000002c0)=@ethtool_test={0x1a, 0x40, 0x7, 0x1, [0x7]}})
r8 = syz_open_dev$video(&(0x7f0000000280), 0x101, 0xab02)
ioctl$VIDIOC_S_INPUT(r8, 0xc0045627, &(0x7f0000000180)=0x1)
ioctl$VIDIOC_S_CROP(r8, 0x4014563c, &(0x7f0000000100)={0x9, {0xf8000002, 0x9, 0x8, 0xb}})
r9 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r9, 0xc0045005, &(0x7f0000001180)=0x2000000)
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3, 0x12, 0xffffffffffffffff, 0x0)
r10 = epoll_create1(0x0)
ppoll(&(0x7f0000000040)=[{r9}, {r10, 0xbaf03d8f7cf92877}], 0x2, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r9, &(0x7f0000000340)={0xc0000008})
ioctl$SNDCTL_DSP_SYNC(r9, 0x5001, 0x0)
splice(0xffffffffffffffff, 0x0, r2, 0x0, 0x1, 0x16)
dup(r1)

6.859325259s ago: executing program 2 (id=4160):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
socket(0xa, 0x3, 0x3a)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000140)={r0, 0x0, 0x0}, 0x1c)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
syz_io_uring_setup(0x740c, &(0x7f00000000c0)={0x0, 0x0, 0x1, 0x0, 0xf0}, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
landlock_create_ruleset(&(0x7f00000002c0)={0x7f6e}, 0x18, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x26e1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x4})
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000062102000100000008000500", @ANYRES32=r4, @ANYBLOB='\b\x00\n\x00', @ANYRES16], 0x54}}, 0x20000000)

6.532497134s ago: executing program 2 (id=4161):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000240)=@ipv6_newaddrlabel={0x44, 0x18, 0x1, 0x0, 0x0, {0xa, 0x37, 0x40, 0x0, 0x0, 0x1}, [@IFAL_ADDRESS={0x14, 0x1, @empty}, @IFAL_ADDRESS={0x14, 0x1, @mcast2}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008800}, 0x8044)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x19)
r2 = dup(r0)
readv(r0, &(0x7f0000000700)=[{&(0x7f0000000100)=""/189, 0xbd}], 0x31)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000380)=ANY=[@ANYBLOB="0b00000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000200000500000000040000f8ffffff"], 0x118)

6.494622272s ago: executing program 2 (id=4162):
syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="12011f00abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0) (async)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="12011f00abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]}) (async)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7) (async)
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1}}, 0x80001}, 0x1c)
r3 = fcntl$dupfd(r1, 0x0, r1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r4)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000004c0)={'syz_tun\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000004c0)={'syz_tun\x00', <r7=>0x0})
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001840)={0x2c, r5, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x4}, @ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4044094)
sendmsg$ETHTOOL_MSG_RINGS_SET(r3, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c000000eb0536b4d43f8df4d24a58ad9dc88d2a501e374db2ca8eb880a02936bc4690c6aae29a29f4a55fc1803696f97935d2399b8c299f1e7879ddd32a28a784fc6174940b52683883d38e0691c88dfde50bac4f72112be819542d22a960db550ae68604acacb7c93fc7ad07f7f42e8a21b4e78beb657d66945a3d238027152ab07334d05dbd70702b30c955aef4fd79047e0dcb02fe1cbbf55b41b67050d616e652ef73d43c12dda5713a2ff650fa40ef0c122a99e067dee9840625fcc56f39f90d89ba6286d2f9fbc98c1d1d09000000000000000e0af574b7247ca59a597d26ad281281106511653990c1784d8726acf097e4d05567626c7bcb668bbc751a5ab0f3b46589a27adfd5be1099dcbb5cc0e11fb58f19c2a4a8628c9f367d593306179fb83e61bb45b71074a8cb56d1d2a20302a5cf196c0fca181df81958a2e7", @ANYRES16=r5, @ANYBLOB="100025bd7000fcdbdf2510000000080008000600000008000900070000000800070004000000"], 0x2c}, 0x1, 0x0, 0x0, 0x8080}, 0x1)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cpuacct.usage_sys\x00', 0x275a, 0x0) (async)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f000000e0c0), 0x10010)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000b00)=@ccm_128={{0x303}, "0000090800000003", "73b59657269ef929ee540a8a0a86c5d0", "6362dfd5", "21be0dd9f7f3c312"}, 0x28) (async)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000b00)=@ccm_128={{0x303}, "0000090800000003", "73b59657269ef929ee540a8a0a86c5d0", "6362dfd5", "21be0dd9f7f3c312"}, 0x28)
r9 = syz_open_dev$video(&(0x7f0000000000), 0x7fff, 0x440)
ioctl$VIDIOC_ENUMINPUT(r9, 0xc050561a, &(0x7f0000000080)={0x3, "625f94f0000000000302009024165d61e196ffc700004b1cd9ae00", 0x1, 0x9, 0x1, 0xb000, 0x200, 0x2}) (async)
ioctl$VIDIOC_ENUMINPUT(r9, 0xc050561a, &(0x7f0000000080)={0x3, "625f94f0000000000302009024165d61e196ffc700004b1cd9ae00", 0x1, 0x9, 0x1, 0xb000, 0x200, 0x2})
sendfile(r2, r8, &(0x7f0000000100)=0x1010, 0x10001)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r11, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r11, 0x0) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r11, 0x0)
ioctl$KVM_X86_SETUP_MCE(r11, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0xa13ca8e5839881a0, 0x4})
sendmmsg$inet6(r10, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
syz_usb_control_io(r0, 0x0, 0x0) (async)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000340)={0x18, &(0x7f0000000000)=ANY=[@ANYBLOB="201006000000065f"], 0x0, 0x0, 0x0, 0x0}, 0x0)

6.170887906s ago: executing program 5 (id=4163):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
pipe(&(0x7f00000000c0))
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000000)={'syz_tun\x00', &(0x7f0000002fc0)=@ethtool_coalesce={0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0xfffffffc}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
r3 = fsopen(&(0x7f0000000000)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcf\xcb\x92\xf1\x83\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_X86_SETUP_MCE(r6, 0x4008ae9c, &(0x7f00000007c0)={0x6, 0x4, 0x70})
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000009e02"])
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETS(r7, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000289f07000000000000ff7f00"})
r8 = syz_open_pts(r7, 0x101000)
r9 = dup3(r8, r7, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r9, 0x541b, 0x0)
getsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x20, 0x0, &(0x7f0000001040)=0x5d)
syz_usb_connect(0x0, 0x12, 0x0, 0x0)
write$6lowpan_control(0xffffffffffffffff, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
r10 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r10, 0x0, 0x2f)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r11 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r11, 0x108000)

5.29637298s ago: executing program 3 (id=4165):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xf2, 0x30, 0x39, 0x20, 0x2c42, 0x1202, 0x8540, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xc, 0x2, 0x2, 0xc1, 0x7f, 0xc, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0) (async)
r1 = gettid() (async)
r2 = getpid()
rt_tgsigqueueinfo(r2, r1, 0xb, &(0x7f0000000280)={0x8, 0x0, 0x4}) (async)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000c80)={0x34, &(0x7f0000000480)={0x40, 0xb, 0x1, "e4"}, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io$printer(r0, 0x0, 0x0) (async)
syz_usb_control_io(r0, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000180)={0x40, 0x12, 0x1, "b4"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$rtl8150(r0, &(0x7f00000001c0)={0xc, &(0x7f0000000080)={0x0, 0x22, 0xc6, {0xc6, 0x24, "4bf65a780dc9b0078d34595fdb7c6cc6d4f8ddb02404f99fc59de18a5fbb328567e56c3ff853461d20d6445c4e3b85f885b188f92c6355e9f47fb583cd9b5f6cbd54aab77a5134d252285a0666c8e08750dd9bde3cc139c8a2911e950c2d1fd7a87410aa1e888442a59463482aec318879a0d97a11eb4628ca168eba0e87ee336b1553cdd34ac0663d2e85ac860864ad862c9dd8701b9207e0af146af35b70e577745bf1f03b3156fed48be0b02c20d4da441bf116cb6e3f25e4a14c87a45c6585bb2351"}}, &(0x7f0000000000)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x816}}}, &(0x7f00000005c0)={0x18, &(0x7f0000000300)={0x20, 0x14, 0xcf, "93be28445dd82c1186971e3e471f8be5ace25d24a493904341c39123582595f2e1726c750e737bc3967e14324aba6056b16966b55fdbacd22382ae6a11078c7dce4738a00b627bd1dece3658a5bef0cbc82c2b10f413127cfe34fb4317d7a41d9d1c94843f9acefc539421b8b9cb0db45b2298087105fb90d515810dd83bee684124989206cac752cd92fb3702a0a467e2042da8115cc72e34012bdd544cec1f071bdb39bfef921bf44f1652a379fc4f7648f3cba1a7f2370bca6236e3b727b0d44bfdd88cb4bb2bd33d9baa9321eb"}, &(0x7f0000000200)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000000400)={0x0, 0x8, 0x1, 0x2}, &(0x7f0000000540)={0xc0, 0x5, 0x1, 't'}, &(0x7f0000000580)={0x40, 0x5, 0x2, "a663"}}) (async)
syz_usb_control_io$uac1(r0, 0x0, 0x0) (async)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000004c0)={0x34, &(0x7f0000000440)={0x40, 0x11, 0x1, '$'}, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async)
syz_usb_control_io(r0, 0x0, &(0x7f0000000700)={0x84, &(0x7f0000000240)={0x20, 0x8, 0x1, "b4"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4.747780366s ago: executing program 4 (id=4166):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x4d82, 0x2)
r0 = socket(0x11, 0xa, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7)
sendmsg$can_bcm(r0, &(0x7f0000000140)={&(0x7f0000000000), 0x12, &(0x7f0000000080)={0x0, 0xe00}, 0x8}, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)

3.950338016s ago: executing program 3 (id=4167):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1f8a9918bc4055eaaeb6db4ee9bcb25b1811dbf40b3a7da5a8a64db04ed6dd26eea2e37229c339b1f91201c2796173864", 0x3d}], 0x1}, 0x0)
recvmsg(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/52, 0x34}], 0x1}, 0x40fd)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e1f}, 0x6e)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="180000005200010003000000000000001c001000efe70100"], 0x18}}, 0x0)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
shutdown(r5, 0x1)
listen(r5, 0x20)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_SET(r6, 0x0, 0xc001)
syz_open_dev$hidraw(&(0x7f0000000140), 0x5, 0x542042)
read(r3, 0x0, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000a80)='/proc/meminfo\x00', 0x0, 0x0)
preadv(r7, &(0x7f0000000540)=[{&(0x7f00000004c0)=""/73, 0x49}], 0x1, 0x1c0, 0x6000000)
sendmsg$WG_CMD_GET_DEVICE(r6, &(0x7f00000026c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000240)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000880)
keyctl$restrict_keyring(0xa, 0x0, 0x0, &(0x7f0000000000)='ed:cb2e')
ptrace$ARCH_GET_GS(0x1e, 0x0, 0x0, 0x1004)
modify_ldt$write2(0x11, &(0x7f0000000040)={0x20000002, 0xffffffffffffffff}, 0x10)
syz_clone(0x80600, 0x0, 0x53, 0x0, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x10001, 0xc003)
fsopen(&(0x7f0000000080)='binder\x00', 0x0)

3.872401217s ago: executing program 1 (id=4168):
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, 0x726})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r2, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0x0, 0x3, 0xe691, 0x0, 0x0, 0x6, 0x0, 0x7b76, 0x4, 0xd1, 0x3, 0x4, 0x3], 0x8080000, 0x80356})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x4d9b6eaf)
r3 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r3, 0x2, 0x70bd28, 0x25dfdbfb, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0x83, 0x13}}}}, ["", "", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x4001)

3.810655361s ago: executing program 2 (id=4169):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000a80)={'syz1\x00', {0xfffd}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x100000, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x4, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x4, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400], [0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x187], [0xc, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0xfffffffc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9, 0x0, 0x3cc, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x88, 0x0, 0x0, 0x0, 0x8000000], [0x4, 0x4, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4a9c, 0x0, 0xfffffffc, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2ec2, 0x0, 0x0, 0x4]}, 0x45c)
connect$qrtr(0xffffffffffffffff, &(0x7f0000000440)={0x2a, 0xffffffff, 0x3fff}, 0xc)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000ac0)=[{{0x0, 0xff2c, 0x0}, 0x1}], 0x40, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000002f40)=[{{0x0, 0x0, 0x0}, 0x3a}, {{0x0, 0x0, 0x0}, 0x5}], 0x2, 0x8040, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000380)="0e", 0x1}], 0x1)

3.658156102s ago: executing program 4 (id=4170):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c010000020a0500000000000000000007000005b2000600c6c939e1f70bfc5402ebd18ef186747427b6f403f31d24c2269e4f6cb78b85024725768d7db634d933b6be8875e3bdb7320bb06d2df35fdebb4277e66c012d3e2d8992e2fa3ff2dab5735267b360ac44a513f0fca8c1c2c1e71415e9d7dd06587af2eee5674f3ed5be90e5a176d48c27a8d69a489a623712eba490ec616fb61fe0f2b8df8e3429630f4f71c547470dd19cd3d2fdc87d8962597783ec83594cf00000700006001675e9b0d62fdf8a52c6e47e19cc51002e80275c1db975a736c5afbb4dd9726830a5d1e6f8e190a2408458275a3e9cc316ae979452d0aed292947f3038bb6984e2f013ea8da86875aaf8b1748fb4fba923af13b7d33cc75b6619effcbf8820c8e1a098d30400006448cd27d6b5ac477750840900010073797a30000000000900010073797a30000000000900010073797a3000000000140000001100010000000000000000000000000a000000"], 0x184}}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r5, &(0x7f0000000040)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
r6 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, 0x0, &(0x7f0000000200))
r7 = socket(0x2, 0x80805, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r7, 0x0, 0x487, &(0x7f0000000180)={{0x0, @loopback, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x8}, {@remote, 0x4e23, 0x2, 0xd3, 0x12d5f, 0x3}}, 0x44)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000580)={{0x84, @multicast2, 0x4e23, 0x3, 'lc\x00', 0x2, 0x3, 0x181a}, {@private=0xa010102, 0x4e20, 0x2, 0xa, 0x80012d58, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000580)={{0x84, @rand_addr=0x640100fe, 0x4e23, 0x3, 'sed\x00', 0x6, 0x3, 0x39}, {@multicast2, 0xce1c, 0x4, 0x7, 0x80812f58, 0x7ff}}, 0x44)
sendmsg$nl_route(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001800110101000000000000000a0080000002000800000000040008800fc5f4e6a846e6f6ec0f662d65ac84f39514a463ec851377d393fcfdc118fc8acabb2ca567a0fda6652aa1c03a66c414ccdaeda53db74f82a7b0a6c497f0b204bfbcfc576072472f68b1cc8673f30fa643d317e2f2022b9b3b84347a6ef9"], 0x20}, 0x1, 0x0, 0x0, 0x4805}, 0x4)
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
ppoll(&(0x7f0000000080)=[{r1, 0x8c4}], 0x1, 0x0, 0x0, 0x0)

3.562346781s ago: executing program 1 (id=4171):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x14, &(0x7f0000000140)={<r3=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
r4 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
eventfd(0x0)
dup2(r2, r5)
syz_usb_control_io(r4, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r6, 0xc0145b0e, &(0x7f0000000040))
syz_usb_disconnect(r4)
write$RDMA_USER_CM_CMD_BIND_IP(r2, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e24, 0x0, @remote, 0xf}, r3}}, 0x30)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x7f00, 0x4e24, 0x40003, @mcast1}, {0x2, 0xfff9, 0xc00, @remote, 0xffffffff}, r3, 0x9dffffff}}, 0x48)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x7e, 0xe1c07, 0x6, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x1})
syz_open_procfs$pagemap(0x0, &(0x7f00000002c0))
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080)={0x40000014})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'\x00', 0x2})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f00000001c0)=0x2)
mkdirat$cgroup_root(0xffffff9c, &(0x7f0000000140)='./cgroup.net/syz1\x00', 0x1ff)

3.004306608s ago: executing program 2 (id=4172):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000001c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xfffffbff}, 0x0)
unshare(0x8000000)
shmget$private(0x0, 0xfffffffffeffffff, 0x4800, &(0x7f0000ffc000/0x3000)=nil)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x0, 0x1})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, 0x0)
r4 = dup3(r3, r2, 0x0)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r2, 0x7)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = io_uring_setup(0x3ca9, &(0x7f0000000300)={0x0, 0xd4e8, 0x2, 0xfffffffe, 0x203, 0x0, r4})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='oom_score_adj\x00')
io_setup(0x8, &(0x7f0000000540)=<r8=>0x0)
r9 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
io_submit(r8, 0x1, &(0x7f0000000340)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x3, 0x6, r9, &(0x7f0000000440), 0x0, 0x2a1f, 0x0, 0x5, r4}])
writev(r7, &(0x7f0000000c80)=[{&(0x7f0000000cc0)='0', 0x1}, {0x0, 0x2}], 0x2)
sendmsg$NFT_MSG_GETOBJ(r6, 0x0, 0x0)
io_uring_register$IORING_REGISTER_CLOCK(r5, 0x1d, &(0x7f0000000040)={0x7}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

2.805329533s ago: executing program 3 (id=4173):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x2, @local, 'tunl0\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0)
connect(r0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x84880)
write$P9_RGETLOCK(r1, &(0x7f0000000080)={0x23, 0x37, 0x2, {0x1, 0x9, 0x400, 0x0, 0x5, '\xaa\xaa\xaa\xaa\xaa'}}, 0x23)
socket$pppoe(0x18, 0x1, 0x0)

2.592303758s ago: executing program 5 (id=4174):
io_uring_setup(0xdac, 0x0)
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x2dfe, 0x1000, 0x2, 0x1d3}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SPLICE={0x1e, 0x48, 0x0, @fd, 0x3, {}, 0xa6, 0x3})
io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg$inet(r3, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1000000}}], 0x1, 0x20008000)
recvmmsg(r3, 0x0, 0x0, 0x100, 0x0)

2.412314698s ago: executing program 3 (id=4175):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
getsockopt$inet_pktinfo(r0, 0x0, 0x50, 0x0, &(0x7f0000000040)=0xfffffdd2)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000200)={<r5=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x7a, &(0x7f0000000340)={r5, @in={{0x2, 0x4e22, @broadcast}}}, &(0x7f0000000100)=0x84)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000100)={0x0, 0x1000, 0x8, 0x4b5, 0x8}, 0x14)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f00000000c0)={0x2, 'macvlan0\x00', 0x4}, 0x18)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x300, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000200)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r6, 0x3b88, &(0x7f00000002c0)={0xc, r7})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000780)=ANY=[@ANYBLOB="48010000"], 0x148}}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

2.259480612s ago: executing program 5 (id=4176):
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040))
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r1, &(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
setsockopt$inet_mreqsrc(r1, 0x0, 0x28, 0x0, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
write$uinput_user_dev(r0, &(0x7f0000000ec0)={'syz0\x00', {0x0, 0x0, 0x0, 0x9}, 0x0, [0x0, 0x0, 0x0, 0x8000, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x1, 0x7, 0x0, 0x0, 0x0, 0x5, 0x1, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe], [0x0, 0x0, 0x8, 0xb16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x2000, 0x2, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x1000, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffd, 0x0, 0xfffffffa, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0xe], [0x412, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x5, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xe, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4], [0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc045, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x80, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1fffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
ioctl$UI_DEV_CREATE(r0, 0x5501)
write$uinput_user_dev(r0, &(0x7f0000000a40)={'syz1\x00', {0xfffd, 0xd}, 0x4d, [0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffffffe, 0xffff, 0x6, 0x9, 0x20, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2], [0xffffffff, 0x3, 0x3, 0x0, 0x0, 0x6, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x400000, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x4, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xffffffff, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x200, 0x40001c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xfd5], [0x0, 0x80000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x200000, 0x0, 0x8, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7fffffc, 0x0, 0x0, 0x7fff, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x6, 0x2], [0x81, 0x0, 0x5d30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfc2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xe58b, 0xe, 0x0, 0x1000003, 0x0, 0x1, 0x1ff]}, 0x45c)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@empty, 0x3b})
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
close(0x3)
syz_open_dev$midi(&(0x7f0000000140), 0x8000003, 0xa8502)
syz_usb_disconnect(0xffffffffffffffff)
ioctl$sock_SIOCETHTOOL(r2, 0x89f1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001000010700002d00000000000a000000060201009f"], 0x1c}}, 0x20000080)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r5 = dup(r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r5, 0x2021)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
r6 = syz_open_dev$video(&(0x7f0000000000), 0x7, 0x0)
ioctl$VIDIOC_QUERYCTRL(r6, 0xc0445624, &(0x7f0000001d00)={0xf0f001, 0x23b4b4b239d825f2, "b058b584c75da73d1f7600450b8add59e9665ce1d040fef200", 0x0, 0x2})

1.369433551s ago: executing program 2 (id=4177):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/mdstat\x00', 0x0, 0x0)
pread64(r1, &(0x7f0000000000)=""/167, 0xa7, 0x59)
ioctl$VT_OPENQRY(r0, 0x5600, &(0x7f00000001c0))
r2 = socket$alg(0x26, 0x5, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$lock(r3, 0x7, &(0x7f0000002000)={0x1, 0x0, 0x0, 0x4})
fcntl$lock(r3, 0x26, &(0x7f00000031c0)={0x1, 0x0, 0x2000000})
fcntl$lock(r3, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x3})
bind$alg(r2, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'seqiv(gcm_base(ctr-camellia-asm,cmac-aes-ce))\x00'}, 0x58)
chown(&(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0xffffffffffffffff)
io_setup(0x6, &(0x7f0000001380)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000000080)={0x50, 0x0, r6, {0x7, 0x29, 0xd, 0xffffffff8145adc4, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x9}}, 0x50)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x18)
syz_fuse_handle_req(r5, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r5, &(0x7f000000a3c0)="99529ca7d265e2dba44891e35e7d5dab7921b730436ecd4e999a25bcf86a25f8f029c0dd50373e90b7cf7779b12ecd4423c5b13cfac186975cd723976f3c747612913029d42517c189364bc59d8ebad53ed1b86f8f66c99b1f9b5b40d78cef1f14f81815d53bdca7fef40607358db69eb8c0b1f6b0942ab4b1ee7ca8deb4eddef06381a3d1c52d6147fc5109c7c607591497a6b2477f60cc881d3219c96bffb34aadec3fa97250713cce17cd536721bf9c40a019531ed0bbad139e26a3d4d39b68ab1bf37cb1a4bd197a8789cb1940cd86d9e56713bc36c7cffd07a311f5bc2e91f16d152eb480645e85ec9b3bf09c7fa140dced0afd55d7b99e90a96e7748e2d0dc09672ac199ce529e631efe1783769819c182ca106f6184bcbb387ed246c43562d74c36ac3a7ec2f0e11f70bad0007c03bb9c0d2dacc2148cce4a4aea327c7319016ad146b52bfae0357f9e892e9bec61a13c93551cfa3d4f4bfa7585c93bb0bef01a9114f3dc54179cf9a57fe88f5cff3403e33c9d09e3e9c2e10f1f16894e1b59e3cad47c1f202cf7b756f2851fc96d09459c9a8d34c19e6a3525cd5001aac5181f57286d0e1e88ce5092c7c76b6abdaebf2c499aa47587b48eb12a2b72548c190b0324ebedb81a63333b6edb25550f859c5ccc404a944ff7f61af8800888192fbd4c8e0e417d1d181b4b335a6f52e0a7dae18397e81e3f747cab7be902ed903bdd6a622f178f9b4244718ee1206237257374d2fd1466ab6135ef7ef4a114ae170eafe9cd78cf9ffc36974cbc4b8003072bed78765a0b9f1240f24dec6a9e46db9bb498d40f727c0cbf8f4a6a49539bd0805caf65d80130d7fb60a69dc7ed890874a17530c042cf33a977d331435d68ef33885f638c777ad49564ca77d8b81ddd853a21cd55d95b627310dd633a4f005853a5506cd8f744c367f3cb6998b0fa97de6bb35b166b0c6408c4e0a38ed26235a88520c38ca97ac8a6dc81e6dc6483d383fa09f198997b8eea1c68c9e3320683c9a02dd89ddc34c241e7294ccc88d6b35762892e8746e558bfbc2251949f2ecb763dad5b975eaf36e2864be6a41d3e20514d32f5d4b6350dc7e3cc3a85428ea98efb3b1edc2a2ec1e618452949cc7e2ba1251990168fee342d4f304b7a7af9162bcbe6b09c75d7420d2c547b4e3cee1836df6eddd5dff73a4e308fcd8eaa7a33e6980a6f8ead03257a37d72d3b265d02fa42f57db877654ed513e31c35e1af0bd28511d6b57cfe07b27cbe9767a534b426dfc3dd257d5899444f34cbf4dc74b9eab2e7e3e1e1a8a6ac5e4359d653506b299a5b7c67b92dc462f1216655f952362a3387ad9966b606d98e8d1b544dc27dc6bc78fd18a446736e25c51143db9886b6c09812d5825b5d9e0932f218ff8bea4d9e1c4df9c9d4eb19336d48163a921c4ff1f0beef26b01b7e8c0d23fb59b84e229eaabb791f2cffc9aa4db75162cbfe4c9ae8d76a5b6bc4bff20e3f8f125b9aadb3e728d7f78d61fd55f46b7f59511b876e6563256686e44f25cf38d393a9b762bada272eba8df28e4086c4cd2fe3c9fab97756fb145373e6ca1991bb1ee6589e49c821ff29f047970819f88f724bd077cd3f0ae463d99b3e53078431e3f9bebabc5289a65479359efe3909186aac60a29f561de8c590988c913c9e693ab8106e8287f6565eee6735f7c88cad7124d1c8d9ff347e97912824088ee954de01c6d8a06447f06899607eadbfd078bc3df506252005749378dbd7399c9eca60b81dc0d88dedec31e5cf6e7b6d6d411958df8f9e0bf4443e8d3bdfe49d05f811d17088024d0629fc8ab8e05e309bf55e8e60d342623765f4e8d2dc4a90291cd4354ff9568c8170e6ea56e028bcf2719595253adb8c84050bb9ce4927a1c1f4560da87d109ceda90bbe45a1717763d8025f1ff40f157185ddf17079da272ae10c4f34162caf4b0d31221a57b3059fd449c87554d968a54b2eebd760dc3263c40d9eedf5905d5699d29706ea6e9e81ff2bf92489a06deffe7e978661f37a88450783e23f107c2bfce000dfc91c5fca49e46d9ea978f215a45984699f0d2503b30a741e13be56b7abe3e5663c0825c3cb04ead44ce97719c4ee6f4cdd3c452775ad7163d5c9034583cc2dbc2b0c04917a3e1aa3d0a8bb6fcf94d7922eb1d543c09185827aeb1b72ae7103ef2c014af2ff4b47fca40fb0e66ddf0264476d7a84e9b8dc551d4c407bdbac6757f7a25bd404b45bec1091696203cc438860131ad5f2fd80e3c45629864dd9f7d302b66fb8fb86735c9a6dcf8b135a273dd2ae9473bc905081be9fcb8f91b1ddba1ac692798dac0b9ccffe0319a779f5e10c65f294b22fe475283b023f9cd890e92c5447b1bc1528255c5af383bc1fb6e72cb9a67215a9e25cde63c89baa8c7125c7e8b748b728d07d9cb66778404f54e6a9e3ae1ae82f3d0ce77199f23f94a01b71b805b476fedbebeb52c83a1b857f23ba438c56a6c4c2a5909f721e6e3d240e4a16455e92220d13022ce7ec0b1365ba4e67aa6ecb324f8826579e12cebdfc0d8af63e83b5e5624d5b791f99093f9a27f7baea9fd10111209c0857a04f07408111063ef34026aee27a3d51b40e53883f9094402534bdd21cc49d7f5593e99cb204cd805bee4add0f82cf4b6dc5da14d6b79fbc68c9ccf7fb5fe774f8879e13079b024a8ad24bf123c420d630837a84ba05abf0ae4dc3fc04f25c7f74ff91d0d609c958642a48551e51b5c0074a56a7da10ce153b08cabea636f8489d8e7b655758a41d7f7474c9d76bf4d54d789bfceaffef139854065de6a94b0275a9626aab99ae838364b1a491e55017e4212b6b01f7a41bc9c215ecd17c49a8610db28c699259c58b81a0e84c45fd8e719c05c48501c49e8a6515044d247f58e4cd0bf22fd6ae31f45339d1f801196d426c52269b1aaffaf18e2a03760bb231cb7cefa6d72f1d7eb6a3bbd65d0914221b8fbf531dbd562eb4a1b28983ac7d83d4813b10b34c9525ba644f61a2c4800d4fe96a7bca63da1041ed73cc57fb9d42f9dfc8ca41d80292bbb311c89b0a0fcee1d88a025a7416863342aea00e6f049cb2ddebd17c5c617ff562a8af0c965cbe8341431a30ea239e4a62aa2b19757a3b0de04229a9907f8610c27b26591405845bf8b5b83706ed18d910c4f68777378366ff565617b19168a04560a32ce5ad64aaef9f4377118c4335b24826cdcde78fb4bdb11498553f56d8dfeb3a482c70cc6580c399b92339cbdb3464fcc7b00e9839fd0d2b8b6db90c56b33593a0048bf7983421f29b1285c81a239045b96a9b0cacd70d6d9853206471f06915efc8d3ec4c50fb13601abc73247a656066fd7b329159b3ce9e3302b4c0d6aec58cb0946a8ee8e7f55f1af604f1edb4d887fa6292dc0ce57705c1a25dc62650c127d11a364b397aefc2fcc3a164bdc53165a461b01de9180c1461b309c75af0911b4cc1b8aa05652b62119c87b4b235c573aa15b1516cddf61efd6a7f8c953fbaaee9c0e800e8f519e1494de850ddb976864088fe0cf90bbc54395078ea2501e8baa84d6807e184105bc2a140b663416496886422643bbf764d406af06e7d086678828defda0b648b25666b7b5ea29e927141740d5be0e61bf25d40b8404ffd3c67bb855b11d4faf82b7b8051615c101c3deb0601a0fa9ecd8b4a95082ccbc8222b0982802dd8430e653d6eea2786dc3a91397135faffdc65a5bae048f5c463b1a6648becce961d39d063d28d1ad6dafcea0b0878379adb16cc0d4cea572abeacd9a168a4fe2e338092b5bc93ecf02ac6ccda03e5b23adf511fdf7a79442093233b79c67d3fdd3c36c96a8f67aa79e4743d99cf963ae6161877f73656eb0314d889f4b8649bbce8a759f90eac6c006197b54b2bbac7c9b237f1e3dc099c62a65481960e6ad697fc66316ac084ba99c60f58bf44ff45f3b2006cbc4196a25f124dfaf247e863a855ef6070deb45219a922dcf2be9bd01c340e1ca5ed7c3ddac9f7a677c5d00610991d21e0751ac8044585b39f3fec5b672a11a9bce32196c2003d01ea50b0f0403e16df188ecbbb74f295f01398363ddfecdb63a49347c912c125670205d7b6be999688df85bb7d5ac12b62b4fdc4eadcc2a9a7897028404f697b007603a0ad588c772952d6670ee870771774ad157c0b9cccd4b2192d835606198ea0c65036ae4e406cdc539ff3aa81fa20b7ab58d6f3abdb69cc1f503d593f7025d2035e7f21db76336efc2843a0dc9bd2eb8794718134ee68fc57d4d2bcc18969d08177f442b87433b48540c661940cf9e2462c53efa310c7e47487deab2ae15b1978ef05aa1e14110943f649d82486f710a39854409e74edcaf06b4a92d3580b9cdabf83c6351657698d3d5af7514f382e75d1c912cded577258603fc9ed002e010747cddf7885d34afc9a84d82696c6660cb5ecafb68b564908fc49c4db6a187d037241a26b1141cf20f2e968a53366db0f60b79cd98cf3c897c50b7b9728e6e7100f99e4d5ed2428dbd285516ca6660777a39b4b2617c1be5b0232d60b9c8099f5daedbf190109439c40b46090985200d6c0501313f3fa4d244864575c275faca47aeff32c7b3e3c59392618562a7c2d4b3af85a37a8847f595352024cb63d3a9085c2a502c6a3248f43c5fc828e636cb634b2d393d853ae2dc9605985cf85c060860a90256c7b574c1e01c320687a2bb0b2d51cc2950c485f2ffa5db0ad7aaf753f543de7f86efb775c6bac2989a33757a28836fd27f9347229a0004bd2e546994c69c678fe5717f613f905d945c072004c3a80e0e54215e19ff9972521890d4e705e429f16fc35fe5a15f2e6b75cd719d38f76b087b62e4b5dcdb35f4baa2bab167150bafb6c69e260ca51004bc826d46b77c3f67eaa08497294868e6d91b7b867e4da62052f4f891677256cfbaf19cf32bad99a7da69d8a66537686f89a58d78c7eeaa99cd38009a1a32582bedc5c718e57b19cd405ae659a89909356a07fcef89384d160fa5ae6683cc379642aea4f0c915f72d679bd521399cb16112f2abdede3001400b4a64d2173e153a68631183679b56b8f389ba889784133453a7e892fd3b092f5040870a3cfd6f982990143e7c0882b4ff4c5d049192d36925a25ae4be441aa30dc7e74398b340c45b52c73ed3b0cd640e3cc9fd4be24e7355f386106f65895f1ee850b2a781d1d1d322ca5a3b0fdb78ce1eda048ece94af25437969c99c58c08f1446ca5541e03987a20fd75283e3e116dc4c9222ab7522e4ccf6da14aef49cac9a6a2cd4aba1c54d49e6da4179a66b84e384cd3da53908579b28c11d525ebdc4dc69074cef8a9ecd3aab98f2858769d656b46141c3a4e69a5ed6c0a732c9ec1fce080eaebf537fa5e17236a44ba9c931f555d193e475ffafd20c53ccbab607c1a15fd06742a64691205eb0d00f7f40e4dd8efb279cf09b2522aac0729a631aacb92d5cfa2ce6bb07385b981890b5916755d5cc3a51c8c36bd2987068cc24fcf73840895469bbb9aff1059601f771afedf0a48d5921103920515b27d7e607951982feba197df8c61600feb3622b9eea13a4db4068728cb98cca76cfae197f6258758490bf41673ee29acd91fd296ec863c646e0ca6a0f0e9de146c663ba13d962964d7c32804fd12a14c1ca7212ad48bdfab469c6570dca562220ecbe7b6b163ed4c9361c5c10bed5c92861b8786ada20a99245d282e4454187ec02adfe354e30647cb10661c85168f7958e3ce69ab48c9455214707a63c9b1167f0845a6bfcce2a96cd53eab430f13cd527f1666290719a47c517cfa22fec2e9916af8aa93c78e567993d7fb8ee60fc4b903b8c67a3658302c5e5f35250c30427e4c055b6c54705bc599861f80b7200d361965ff98c88cc698a2615cadeac4bdfd3d613377cea52d2bbcb7e6b78ac31d4b2c33eaf0b2ed40b963e3cb25c7dfea3ebfe7b4aff2aaaaf184dc80ab649a108e2c830ce7eaea58a263392aa9cd13d7f7bd607dc7c804b19dfa41b3e5a5155201a87311e22062c93896e70f3a5c4b03521300b61cc311ebd5beb9838d0ed207c6bfc99e4392508e95804b10b36024f32e1fe1138e9ee7773f797b2bc6be7416f4e9691ef4c2a8d06af6c8b84bd1e6fd1ba3d3183475ef6c139ccf8dcf37671fbb96a2ab5e0e042f7c4728cf30bcc1a0de28a5024276ceaa194b4926e7f6a97b78bac36e47f832d56a96cd266434d37bcf2c2f57877717d91b1854972f832354acc207a2ee8caace7504e0e6197dd7e64a01c4c67bb2de8acc0cccc6c6bff0b0cbfe345542c5a795dfa48cc0990ab5702574d36494bc44c20f5b324f7c984d986cc8cb40cb2550076d96a069b6688d22171beed2dc5b6ff3ede8fff4c4a9de6d3817357a7ca7d24d87300b4545ebbac8cf7f09ec637a4f4d6bd07673709b6c363a75ccef585610c5f15de7851b5ab53e02a757bfc3caeb9a9a8996beffdc0cfd1201b6cd99cb035584e51a6c15a5d2e17d2f8aa6b41e26809392fac6caed1e02a53dcea8a413203608780dab33315a76eba24d540e4c5b9790420834bc8d4e47bc65ae52a54c0ff308427a8d7aff746aa6589d17514e40fee5d0b3533cf4ad2c5f9d96db9f50bd69ed8c92b860e199a35cf268c66ed13516a3b4b024f62d4b2a656067eece95575bdb4907efc488a9821bc3a9c81dd11b2128b7a01aa7a9ce6e73de3b4e9beced70206f91575baddbcbe5722337953c8016a0f4b62120d776c43b7d1a879b692107954f45acdf8967dcaa994aad4922d4fe093e16c2d0090906f5036af99e50bb09b04e9c9b3b5085abf621297ce203010249cede92e9b66b446b86b43eaaae228dfdd3b4408c12b404bb727f7e969e7da04fc59900112bf8d38af0416dc616e75f167aa1352215f07115a6f4eb6bb5fff6f5c2fc9ab906392036b44090e65fdaf017dc53bc94e0807d679d793df18cc44e6c846d414cef1569530f7692daf91eaaf4ae89fe2522f2c9cf33b6ca508ebcd006bc1a61f0c800553aff9dc7d57200b25ecb83e1e0b8cd29520b63aa649d3f71a62570eee56e03223ddf31f0c04fa686b7f6dd054e7a259d9ba335c2c5b2c508897506c0db7f01878dec1411c33f0af61b81dbcf9ff8bdc0c50044963a79f3ee1462150c6bd03a32dbdfef8d72f0b8b3a395ffb0cc85792e7bc867feb5e312cb64e29e193388e9f173c162f4a1320a6f99ea3795fb77d982605959909a1aa11076fcc779ea6b80ec1bf0edfc2569ec04d15a0bdeebccf3c75393dca5e81663532f8ced12d08e4c2ae6e2954d427c7bf053dc4718f56f453bc88d74045bd2f9747aae9b5298a0de927f1d6b1308f4e1483487f083e71ed09298deb52bb10079b13def7453eb432498069edb5ade70c5c54913684d934a3febf78753ac13300a91f467ff3f6e2f00898f015d08f7739047b321b3eaee5ad8aa7adbf7833f014d8c576a491af9fca6843b327ed513821cb3951b2e67a275225d7af6b382e2f955adaacba5d1fdea2223202dee132b91d5cf381b51da94145255f584a70c5e8d11e06a44afa6599bf3ed0cb61703eba254333af53afac60e54cf6397f9f7302249ab644f0b576c713b15007be1f4f9bb213660bca8a70251472b86669d361ef968f542e81ddbe8f4d2e9cabe8d7bf6a31f14a2cc272963553a424c105e7750437ec5bf316e30ce60b4b0c27ccc1eb27e60f6472fef27654da49905ff9c01b28695310ecd8701aedff25a83da4b7c41995f902bdf249769dcb53a3efa894710dd66ba8745ae2253cc6b75a038183a0bee21226d48239320efad6727093e4f94bbc2fdcc216200d903c32bb9f16dd17d5dac423ae0696f3decc576b8f1fdce63d0532370af7d1e2fa2ca5c5d17bd88f5e3abb4792dac8689ca13752f83d753b06b037bf5a80a3748983790352775685b0414c9d74849fd217e388f904278ddb6b0abdda941b61579c796e2bb77a9bc363b18642c401faa502a31011544111b6eedaa369976c814773d83220a75f31026d6ad0b8b4298ea6062234db232bc435e096e84f740e55bb14d46ae04af0500aa5bb218aff6c76aa8a8e3140a1b0d6638538fd7f30fa8d992e53abf8af2fbc16b9e8a668c1aac72cea1a746ee5f7f3392a4ec8f1d19f2f426b6069b1cd347cbc38bceba96ce5da49198083403143c740c04639cd1089abb34fe812d85921c47437604f684bca44a1eaa965c0a6e1c1fd1f70ee932af3455b36184cc15934cdb3f28959d37d8fc10696f8ec1e4b0c3d1b9ff74a01b796d1bb68954a3768c8bcec741b3b69da892f8922142b16b2cabb469a9906b34216243fac80374c10e178c5fd36440f8d7a8588a9c2510d86ffa8cb68ce8c330d2111c94724e522f04573dad43bce252eb505d29ca9379a6b281519d38b7174f3ae8f185544f3003c936a7e6b23ca97a313aac6a061caa45fda73522f3061767bb4e33dbe4bde390eb0f07225a8aef939cb6ab2ada10c02527281abad394cd4ea9f59467a08b72047cdb75d7b2b98e5b4542554a60f953ac7a4b980f42518eec05ff2c044549cab0cf33eef36dfbabcbc0300009d898862d2194cfcdd9a713c30bbe52291105193656ea5eb830873ac956469d31689cc3c69edb5cb9a6e31ce3e6fb50ddd4e52ef9fdeacfc0db21e1e83e0d8d0a64f17cacb4dc208a893e7fd8ffa86cfc554dfba3d9fd281115eccb4b9d909f2fbf3fbb66bedd7b5db3f6d4f076f5d8fb54f8832896f8ef6f624162f1dd589be7a8e87dd5065708a8b0bfb18a5c2299f5605ac8a11c1add55b2018e6099380a70bee3e0727ca6ec58928fe6eb3147b47401e8d822eebade713b58335787669e5e0de5d328a1067df4cd9124665bb02ee8adfd1b3618374ef167df1f0fe79456f78aee3da4c1bf397e4637b0cf41a0f4a2910efd02b17bf5f3c15b0084b36fa7d4e85a53e5be366b428244eeba7499c3e54397227928e2ff6e583f332d6f7e8cf4d058f379b58a7d03a4bfa454bb4b6d543804b8970e6a9fe8886179eb418a8ce9e509e8433571f7d32378f2e983fa418c8c91760ec9fb20968e7fc23b7c4ac71693b2576ac0f8ce2020ff1e7a7ff24301b48b544fb29a1ca4f2502daded865e488a16dd33ec67b2eee3025cdc5ef90f253c4b5e0a61d51e495b675c5a1d55b4ba3812c5f44cd08487e61d36b0c2dc32d27333a5ee8a0906bfbcd388bd9389d1509912c0471c7b706a5aff880569a3fb11ac5f14d780deb4c1b1afe30fb6b8daf87b27a4ceb869d587a97f2f5af8d819aa47bbf207db68a6ecbbefb1e109ed0bfbbf3b54fba9e79de8fad9c3bcd3e74b8b92ccea3ff5c558c6cd72d78a711fc39df603bd4aa1439dd302258edd2204e52d7f435c6f552b612fbc321bea971195cd4d8bb033e2a779e239164d7eea6d8fd233b0b9b776246564cfcf44b31a83031a2413bf98a398c9f93da243cef9ce73d81bade8ad551fb0ffa75bc874c11d23ac9d7752f22a0f54c3870f3314a83e64332db810da1ebb288e10c4eb9be9ec037317b8f813e68160a887da3f5c0389510a0734b69ef275e19973b169d340610cf2112e9964cc0566b9b690c3feb36c8526491d3a563f0bead2abbcf0665e048aa3f929351b2f89876580633a403250ae3b5244c8c0e996bf888938dfc8920348d88e272e6eadc7c0387ca1dae228bd620ce3975d43b58758d9412d304a227245587065f58c4573ba2557f1d8333ba007709b1239d682f03405b22135757178fb701bbde81d2f8faaa7666c025d8a8bb426dc4b8e61aed79b3b3d3a9b01ee9142772d869677ede166e7a8be8ab84cdd6946b1478ce77ba307213971cfb24c86c344310f279e38d22254bf4caf83c02e715cb0550e615dc9f8dd2400fa749e3527493c15fb454c158e4c0603ae6e962b7890058ec7c10f0618ee274a15bca6ca9fe5bc5f9e7797c0950299912be9c58463c07d667d4bffe8aa590ae43db08512b40f3d265026bef2facdd508984e5f6d2ac7ef573397f14ed2e2ccdcbe5796e60ae64d173814906d1da5a5bfe8a2a4c5d6bb0b3315b878b4877d0c045f6e6cfa0dfc1ea4de7abe26f2b2d8c93299ed1d83f1b7853c756bfa346cd53b008fec169883983fe0f2405777dd85e17b2e4e8b23432c0dc4c386d67b6597184d0b4b95877362304638484cc0951400f66ee8391dd44417c58b3d46a8345a8049fcd70f7b5f4a6f912e2b18760947c74ef2b732b342878d7e7cc99902de87db36469555fbbfe76189f108d6ab31f4727fe4e22d075afaf6cc726ab17a5e1b4ab6c8f29a459da3c4266b5ad8ff55906a190f8b19a3bb92a50df49647c03d5d6106ec07e9300038d059a75b54ac31683ef8e5eee946e1c84d016ee1e7800a92c0a3823b62e0417fe86b191951f65abc0c38c1e0e8f1121a04b62a8a720790560f922804b1b7e7eaa497e1bede6e3d0dcf0312dbf221561958fa1e85a8f99e6fc82f919e78c17d1beda16cfef25fb5d00f7c32df9a51eac76000c988ffdf011564aa0e319764b16a5a7c728a470ff70772fb76c9ada26a0ac073fcbfa12501c2454b19e02d928e3939a40bfff76c002533b3849cdf8016728445131e5f1e292b7d3dc06bb3a3cfff6fabae0b7341694a8938c1d2497cd70b76c337c9a312e96c8f736d7625a535e1906eba53d199221ca60202a65be0f7e530aca10e61fa39c7601d65954e5ed4cab94345c6b89c7f8a0de5c61a7945e1564731b6715331d13263b2961a163382f7c4934d847033860e402f3aadb4f3e6cf47a97a2031401da4d2c8de8c80cdad71b97b4deb2075a02282f958ac6772354e67f097ca693778224b80892490015e7d697fb9107f75cea708178ffec93fb1d44e8493bad1d42c918e661219ea819e0200759037a5a585c0fe074fd407536fe58013f42612c41bfc66e16870d7a9c00ee93a3122b253fecbf5de3837641f4a1376af0f053463413c26c29f9a346318565276856b963da30ba6ab8c4c8ef6cfddc432328586d9d9829895835759bcde0851ae0c838a3927ea63fe5ba793fae94da61cab00fc05f3a265a2da1221bb2b66775ed7ba856b41011652d4984991e56249360ddfc997245ac1547a1c16382d42df383a8d1c852643b24895c422712e79c436fdfffece4ed1c50922d4f25296aaf6b204522086d188bee254f8303b60537ead1195ac5dd301286f0042dd68aa05a70e4beb779aa0b61a316f736b72c9ab7ed860a0908a078f4b8a53f2df0abf993f689de4b02b9138ca5047fb0bfc9ba3b92bff033e36fc9553260b008cef3d147c62d1d3944fd1eaff79bc5a922ec2190907bfda1b51c2c7fb867db1f8e13a37b5e3ae0165e93350b958a239ec1f2b78561cff854b975307b5b5dd23b040602a5a36bd79947ee04c7d0e5e30f9c4c79f7b4e6eada98bfc6c357cdf8939213423f1b21ba26cfc2b2756ea3eb992372db0ab8a7c37d8ae96bf3ed6be873c1891550ef741812032e1ae938326c399ee43a3061602dda006f1b6b620bebb6a5752bee77e8acf9921ebf4d4c8af7eb5e937c65697c0664c594e31a62377a25605051996c474ca322ce8e0e6ef8a7988be", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0xc8, 0x0, 0xfffffffffffffff6, [{{0x5, 0x2, 0x5, 0x2, 0x0, 0x8, {0x6, 0x9, 0x8, 0x2000000000ff, 0x3, 0x0, 0x7fffffff, 0x57, 0x3, 0x8000, 0x7, 0x0, r7, 0x2, 0x4}}, {0x0, 0x0, 0x1e, 0x9, ':-/\\\xc9\x80\x00$\xd3\xa4a\xb6\nE\x89\x85V\xb8\x00\x00\x00\x00\x00\x00+\xb6\tr\xf0\x00'}}]}, 0x0, 0x0, 0x0})
getdents64(r8, 0x0, 0x0)
statx(0xffffffffffffffff, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x1000, 0x1, &(0x7f0000000080))
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r9 = accept4(r2, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r9, &(0x7f0000010280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x800c1}, 0x8004)
r10 = accept4(r9, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x3b6, &(0x7f0000000180)=ANY=[@ANYRESHEX=r10, @ANYRESHEX, @ANYRESHEX=r10], 0x0)
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000100)={0x4, 0x2, 0x2})
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1000004, 0xa031, 0xffffffffffffffff, 0x0)

363.044926ms ago: executing program 3 (id=4178):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001140)={0x24, 0x40, 0x107, 0x70bd26, 0x0, {0x4, 0x7c}, [@nested={0xc, 0x1c2, 0x0, 0x1, [@typed={0x8, 0x9, 0x0, 0x0, @pid}]}, @nested={0x4, 0x2}]}, 0x24}, 0x1, 0xe0ffff, 0x0, 0x4048081}, 0xc000)

176.191926ms ago: executing program 4 (id=4179):
socket$nl_generic(0x10, 0x3, 0x10)
openat$vcsa(0xffffffffffffff9c, 0x0, 0x2b00, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_open_procfs(0x0, &(0x7f0000000200)='environ\x00')
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x50, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACSEC_SCI={0xc}, @IFLA_MACSEC_INC_SCI={0x5}]}}}, @IFLA_LINK={0x8}]}, 0x50}}, 0x0)
r3 = socket(0x22, 0x80805, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x1, 0x0)
bind$netlink(r3, &(0x7f0000000140)={0x10, 0x0, 0x25dfdbfc, 0x4000}, 0xc)
r4 = syz_open_dev$video4linux(&(0x7f0000000000), 0x3, 0x143b02)
ioctl$VIDIOC_SUBDEV_S_FMT(r4, 0xc0585605, &(0x7f00000000c0)={0x0, 0x0, {0x0, 0x0, 0x100f, 0x9, 0x3, 0x9, 0x5}})
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x9, 0x42, 0x6, 0x8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5}, 0x50)
syz_open_dev$ndb(0x0, 0x0, 0x101000)
r5 = syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x109301)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000001ac0)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x413a, 0x40, 0x0, 0x0, 0x6, 0x75, 0x6, 0x8, 0x79, 0x0})
openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r6, 0x6, 0xe, &(0x7f0000000480)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x20000000005, 0x21}, 0xd8)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={0xffffffffffffffff, 0x0, 0xf, 0x0, &(0x7f0000000100)="5c71f91b05c413550230b4c817a628", 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0}, 0x4c)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)

113.362655ms ago: executing program 3 (id=4180):
r0 = syz_io_uring_setup(0x112, &(0x7f00000002c0)={0x0, 0x4, 0x0, 0x8}, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={<r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x40, 0x0, r3, 0x0, 0x0, 0x0, 0x102, 0x1, {0x3}})
io_uring_enter(r0, 0x8aa, 0x7b35, 0x9, 0x0, 0x0)

0s ago: executing program 1 (id=4181):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
sendto$inet(r1, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x3a, &(0x7f0000000280)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x1800, 0x0, 0xfe, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0xc2, 0x0, 0x0, 0xfffe, {[@generic={0x8, 0x2}]}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

0402 ioctl c018620c 800002c0 returned -1
[  918.568665][T12278] usb 2-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[  918.617954][T12278] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  918.646962][T12278] usb 2-1: config 0 descriptor??
[  918.694735][ T5879] usb 4-1: device descriptor read/64, error -71
[  918.815517][ T5879] usb usb4-port1: attempt power cycle
[  918.974401][T14544] Bluetooth: hci3: command 0x0405 tx timeout
[  919.102039][T12278] hid_parser_main: 7 callbacks suppressed
[  919.102061][T12278] steelseries 0003:1038:12B6.0027: unknown main item tag 0x0
[  919.130002][T12278] steelseries 0003:1038:12B6.0027: unknown main item tag 0x0
[  919.150019][T12278] steelseries 0003:1038:12B6.0027: unknown main item tag 0x0
[  919.159335][ T5879] usb 4-1: new low-speed USB device number 118 using dummy_hcd
[  919.180966][T12278] steelseries 0003:1038:12B6.0027: unknown main item tag 0x0
[  919.195612][ T5879] usb 4-1: device descriptor read/8, error -71
[  919.205944][T12278] steelseries 0003:1038:12B6.0027: unknown main item tag 0x0
[  919.241769][T19130] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  919.241785][T12278] steelseries 0003:1038:12B6.0027: unknown main item tag 0x0
[  919.280775][T12278] steelseries 0003:1038:12B6.0027: unknown main item tag 0x0
[  919.311563][T12278] steelseries 0003:1038:12B6.0027: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.1-1/input0
[  919.399241][T19130] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  919.424372][T19130] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  919.436451][ T5879] usb 4-1: new low-speed USB device number 119 using dummy_hcd
[  919.460970][T19130] usb 3-1: Product: syz
[  919.470339][T19130] usb 3-1: Manufacturer: syz
[  919.484533][T19130] usb 3-1: SerialNumber: syz
[  919.538539][ T5879] usb 4-1: device descriptor read/8, error -71
[  919.549502][T12278] steelseries 0003:1038:12B6.0027: hid_hw_raw_request() failed with -71
[  919.562005][T19130] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  919.603919][   T43] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  919.652227][T12278] usb 2-1: USB disconnect, device number 125
[  919.665123][ T5879] usb usb4-port1: unable to enumerate USB device
[  919.842032][    C1] usb 3-1: ath: unknown panic pattern!
[  920.076435][T19130] usb 3-1: USB disconnect, device number 14
[  920.204368][ T5879] usb 6-1: new high-speed USB device number 76 using dummy_hcd
[  920.371111][ T5879] usb 6-1: config 0 has no interfaces?
[  920.384922][ T5879] usb 6-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[  920.405129][ T5879] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  920.429991][ T5879] usb 6-1: config 0 descriptor??
[  920.737025][   T43] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  920.768984][ T5879] usb 6-1: USB disconnect, device number 76
[  920.782676][   T43] ath9k_htc: Failed to initialize the device
[  920.810469][T19130] usb 3-1: ath9k_htc: USB layer deinitialized
[  920.843301][T20421] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3757'.
[  920.879925][T20421] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3757'.
[  921.297680][T20434] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  921.341998][T20435] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3759'.
[  921.511711][T20441] FAULT_INJECTION: forcing a failure.
[  921.511711][T20441] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  921.525598][T20441] CPU: 0 UID: 0 PID: 20441 Comm: syz.1.3763 Not tainted syzkaller #0 PREEMPT(full) 
[  921.525615][T20441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  921.525622][T20441] Call Trace:
[  921.525627][T20441]  <TASK>
[  921.525632][T20441]  dump_stack_lvl+0x189/0x250
[  921.525652][T20441]  ? __pfx____ratelimit+0x10/0x10
[  921.525666][T20441]  ? __pfx_dump_stack_lvl+0x10/0x10
[  921.525682][T20441]  ? __pfx__printk+0x10/0x10
[  921.525694][T20441]  ? __might_fault+0xb0/0x130
[  921.525714][T20441]  should_fail_ex+0x414/0x560
[  921.525733][T20441]  _copy_from_user+0x2d/0xb0
[  921.525747][T20441]  get_compat_msghdr+0xad/0x4a0
[  921.525762][T20441]  ? __pfx_get_compat_msghdr+0x10/0x10
[  921.525779][T20441]  ___sys_sendmsg+0x193/0x2a0
[  921.525792][T20441]  ? __pfx____sys_sendmsg+0x10/0x10
[  921.525803][T20441]  ? __lock_acquire+0xab9/0xd20
[  921.525829][T20441]  ? __fget_files+0x2a/0x420
[  921.525839][T20441]  ? __fget_files+0x3a0/0x420
[  921.525854][T20441]  __sys_sendmmsg+0x28e/0x430
[  921.525867][T20441]  ? __pfx___sys_sendmmsg+0x10/0x10
[  921.525877][T20441]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  921.525905][T20441]  ? ksys_write+0x22a/0x250
[  921.525919][T20441]  ? exc_page_fault+0x82/0x100
[  921.525938][T20441]  ? __pfx_ksys_write+0x10/0x10
[  921.525956][T20441]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[  921.525968][T20441]  __do_fast_syscall_32+0xb6/0x2b0
[  921.525983][T20441]  ? lockdep_hardirqs_on+0x9c/0x150
[  921.525998][T20441]  do_fast_syscall_32+0x34/0x80
[  921.526012][T20441]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  921.526025][T20441] RIP: 0023:0xf7f24539
[  921.526035][T20441] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  921.526045][T20441] RSP: 002b:00000000f541655c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[  921.526061][T20441] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080003c00
[  921.526068][T20441] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000000
[  921.526074][T20441] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  921.526080][T20441] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  921.526087][T20441] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  921.526102][T20441]  </TASK>
[  921.684688][T19130] usb 4-1: new high-speed USB device number 120 using dummy_hcd
[  922.024784][ T5879] usb 2-1: new high-speed USB device number 126 using dummy_hcd
[  922.044622][T19130] usb 4-1: Using ep0 maxpacket: 8
[  922.051235][T19130] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  922.114785][T19130] usb 4-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  922.132571][T19130] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  922.159038][T19130] usb 4-1: config 0 descriptor??
[  922.196087][ T5879] usb 2-1: Using ep0 maxpacket: 8
[  922.217424][ T5879] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  922.245131][ T5879] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  922.258533][ T5879] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  922.271312][ T5879] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  922.282366][ T5879] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  922.296205][ T5879] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  922.325871][ T5879] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  922.581803][ T5879] usb 2-1: usb_control_msg returned -32
[  922.591077][ T5879] usbtmc 2-1:16.0: can't read capabilities
[  922.764357][T19130] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  922.943851][T20459] usbtmc 2-1:16.0: INITIATE_ABORT_BULK_IN returned 0
[  923.784835][T12278] usb 2-1: USB disconnect, device number 126
[  924.118343][T19130] usb 3-1: Using ep0 maxpacket: 8
[  924.204767][T19130] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  924.216079][T19130] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  924.229177][T19130] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  924.240219][T19130] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  924.257118][T19130] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  924.266492][T19130] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  924.612761][T20490] netlink: 168 bytes leftover after parsing attributes in process `syz.1.3769'.
[  924.672789][T20490] netlink: 164 bytes leftover after parsing attributes in process `syz.1.3769'.
[  924.742623][T19130] usb 3-1: usb_control_msg returned -32
[  924.773529][T19130] usbtmc 3-1:16.0: can't read capabilities
[  924.829443][T19130] usb 3-1: USB disconnect, device number 15
[  924.930352][T20497] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3773'.
[  924.997326][T20497] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  925.212599][T19130] usb 4-1: USB disconnect, device number 120
[  925.473203][T20506] FAULT_INJECTION: forcing a failure.
[  925.473203][T20506] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  925.496167][T20505] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  925.508681][T20506] CPU: 0 UID: 0 PID: 20506 Comm: syz.1.3776 Not tainted syzkaller #0 PREEMPT(full) 
[  925.508721][T20506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  925.508734][T20506] Call Trace:
[  925.508742][T20506]  <TASK>
[  925.508751][T20506]  dump_stack_lvl+0x189/0x250
[  925.508784][T20506]  ? __pfx____ratelimit+0x10/0x10
[  925.508808][T20506]  ? __pfx_dump_stack_lvl+0x10/0x10
[  925.508835][T20506]  ? __pfx__printk+0x10/0x10
[  925.508866][T20506]  should_fail_ex+0x414/0x560
[  925.508897][T20506]  _copy_to_user+0x31/0xb0
[  925.508920][T20506]  simple_read_from_buffer+0xe1/0x170
[  925.508951][T20506]  proc_fail_nth_read+0x1b3/0x220
[  925.508976][T20506]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  925.509001][T20506]  ? rw_verify_area+0x2a6/0x4d0
[  925.509025][T20506]  ? __lock_acquire+0xab9/0xd20
[  925.509042][T20506]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  925.509066][T20506]  vfs_read+0x200/0xa30
[  925.509091][T20506]  ? fdget_pos+0x247/0x320
[  925.509113][T20506]  ? __pfx___mutex_lock+0x10/0x10
[  925.509139][T20506]  ? __pfx_vfs_read+0x10/0x10
[  925.509166][T20506]  ? __fget_files+0x2a/0x420
[  925.509189][T20506]  ? __fget_files+0x3a0/0x420
[  925.509207][T20506]  ? __fget_files+0x2a/0x420
[  925.509231][T20506]  ksys_read+0x145/0x250
[  925.509254][T20506]  ? exc_page_fault+0x82/0x100
[  925.509278][T20506]  ? __pfx_ksys_read+0x10/0x10
[  925.509304][T20506]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  925.509332][T20506]  ? lockdep_hardirqs_on+0x9c/0x150
[  925.509360][T20506]  __do_fast_syscall_32+0xb6/0x2b0
[  925.509386][T20506]  ? lockdep_hardirqs_on+0x9c/0x150
[  925.509414][T20506]  do_fast_syscall_32+0x34/0x80
[  925.509440][T20506]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  925.509463][T20506] RIP: 0023:0xf7f24539
[  925.509479][T20506] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  925.509496][T20506] RSP: 002b:00000000f5416590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  925.509517][T20506] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5416620
[  925.509532][T20506] RDX: 000000000000000f RSI: 00000000f73b5ff4 RDI: 0000000000000000
[  925.509552][T20506] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  925.509562][T20506] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  925.509573][T20506] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  925.509600][T20506]  </TASK>
[  925.951649][T20518] FAULT_INJECTION: forcing a failure.
[  925.951649][T20518] name failslab, interval 1, probability 0, space 0, times 0
[  925.966993][T20518] CPU: 0 UID: 0 PID: 20518 Comm: syz.3.3781 Not tainted syzkaller #0 PREEMPT(full) 
[  925.967019][T20518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  925.967030][T20518] Call Trace:
[  925.967038][T20518]  <TASK>
[  925.967046][T20518]  dump_stack_lvl+0x189/0x250
[  925.967076][T20518]  ? __pfx____ratelimit+0x10/0x10
[  925.967098][T20518]  ? __pfx_dump_stack_lvl+0x10/0x10
[  925.967121][T20518]  ? __pfx__printk+0x10/0x10
[  925.967141][T20518]  ? __pfx___might_resched+0x10/0x10
[  925.967159][T20518]  ? fs_reclaim_acquire+0x7d/0x100
[  925.967189][T20518]  should_fail_ex+0x414/0x560
[  925.967219][T20518]  should_failslab+0xa8/0x100
[  925.967239][T20518]  __kmalloc_cache_noprof+0x6f/0x6f0
[  925.967266][T20518]  ? big_key_preparse+0x1a2/0x4d0
[  925.967280][T20518]  ? big_key_preparse+0x1f3/0x4d0
[  925.967293][T20518]  big_key_preparse+0x1f3/0x4d0
[  925.967312][T20518]  ? __pfx_big_key_preparse+0x10/0x10
[  925.967327][T20518]  key_update+0x213/0x500
[  925.967343][T20518]  ? __pfx_key_update+0x10/0x10
[  925.967365][T20518]  ? rep_movs_alternative+0x4a/0x90
[  925.967377][T20518]  keyctl_update_key+0xf6/0x140
[  925.967390][T20518]  __do_fast_syscall_32+0xb6/0x2b0
[  925.967405][T20518]  ? lockdep_hardirqs_on+0x9c/0x150
[  925.967422][T20518]  do_fast_syscall_32+0x34/0x80
[  925.967436][T20518]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  925.967449][T20518] RIP: 0023:0xf7fa6539
[  925.967459][T20518] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  925.967468][T20518] RSP: 002b:00000000f549655c EFLAGS: 00000206 ORIG_RAX: 0000000000000120
[  925.967481][T20518] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 0000000029025579
[  925.967488][T20518] RDX: 00000000800003c0 RSI: 0000000000001000 RDI: 0000000000000000
[  925.967495][T20518] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  925.967502][T20518] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  925.967508][T20518] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  925.967523][T20518]  </TASK>
[  926.372256][T20525] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3778'.
[  927.235526][T12278] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  927.366871][T20546] netlink: 'syz.1.3790': attribute type 8 has an invalid length.
[  927.447848][T12278] usb 3-1: unable to get BOS descriptor or descriptor too short
[  927.480547][T12278] usb 3-1: unable to read config index 0 descriptor/start: -71
[  927.513612][T12278] usb 3-1: can't read configurations, error -71
[  928.427762][T20582] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3801'.
[  928.816237][T12278] usb 4-1: new high-speed USB device number 121 using dummy_hcd
[  928.851129][T20590] netlink: 'syz.5.3805': attribute type 1 has an invalid length.
[  928.902656][T20591] FAULT_INJECTION: forcing a failure.
[  928.902656][T20591] name failslab, interval 1, probability 0, space 0, times 0
[  928.947459][T20591] CPU: 0 UID: 0 PID: 20591 Comm: syz.5.3805 Not tainted syzkaller #0 PREEMPT(full) 
[  928.947486][T20591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  928.947498][T20591] Call Trace:
[  928.947505][T20591]  <TASK>
[  928.947513][T20591]  dump_stack_lvl+0x189/0x250
[  928.947544][T20591]  ? __pfx____ratelimit+0x10/0x10
[  928.947567][T20591]  ? __pfx_dump_stack_lvl+0x10/0x10
[  928.947594][T20591]  ? __pfx__printk+0x10/0x10
[  928.947615][T20591]  ? __pfx___might_resched+0x10/0x10
[  928.947636][T20591]  ? fs_reclaim_acquire+0x7d/0x100
[  928.947668][T20591]  should_fail_ex+0x414/0x560
[  928.947699][T20591]  should_failslab+0xa8/0x100
[  928.947719][T20591]  __kmalloc_cache_noprof+0x6f/0x6f0
[  928.947744][T20591]  ? rtnl_newlink+0xfb/0x1c80
[  928.947771][T20591]  ? kasan_save_track+0x4f/0x80
[  928.947801][T20591]  rtnl_newlink+0xfb/0x1c80
[  928.947827][T20591]  ? netlink_deliver_tap+0x19c/0x1b0
[  928.947853][T20591]  ? netlink_unicast+0x7fa/0x9e0
[  928.947874][T20591]  ? netlink_sendmsg+0x805/0xb30
[  928.947889][T20591]  ? __sock_sendmsg+0x21c/0x270
[  928.947910][T20591]  ? ____sys_sendmsg+0x505/0x830
[  928.947927][T20591]  ? ___sys_sendmsg+0x21f/0x2a0
[  928.947944][T20591]  ? __sys_sendmsg+0x164/0x220
[  928.947961][T20591]  ? __do_fast_syscall_32+0xb6/0x2b0
[  928.947986][T20591]  ? do_fast_syscall_32+0x34/0x80
[  928.948010][T20591]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  928.948038][T20591]  ? __pfx_rtnl_newlink+0x10/0x10
[  928.948089][T20591]  ? kasan_quarantine_put+0xdd/0x220
[  928.948115][T20591]  ? lockdep_hardirqs_on+0x9c/0x150
[  928.948143][T20591]  ? nlmon_xmit+0xb0/0x100
[  928.948163][T20591]  ? kmem_cache_free+0x19b/0x690
[  928.948195][T20591]  ? __local_bh_enable_ip+0x12d/0x1c0
[  928.948215][T20591]  ? lockdep_hardirqs_on+0x9c/0x150
[  928.948239][T20591]  ? __local_bh_enable_ip+0x12d/0x1c0
[  928.948257][T20591]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  928.948280][T20591]  ? __dev_queue_xmit+0x27b/0x3b50
[  928.948301][T20591]  ? __dev_queue_xmit+0x27b/0x3b50
[  928.948321][T20591]  ? __dev_queue_xmit+0x27b/0x3b50
[  928.948352][T20591]  ? __dev_queue_xmit+0x1d79/0x3b50
[  928.948372][T20591]  ? kasan_save_track+0x3e/0x80
[  928.948398][T20591]  ? __kasan_slab_alloc+0x6c/0x80
[  928.948429][T20591]  ? __lock_acquire+0xab9/0xd20
[  928.948473][T20591]  ? __pfx_rtnl_newlink+0x10/0x10
[  928.948500][T20591]  rtnetlink_rcv_msg+0x7cf/0xb70
[  928.948531][T20591]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  928.948558][T20591]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  928.948583][T20591]  ? ref_tracker_free+0x63a/0x7d0
[  928.948602][T20591]  ? __asan_memcpy+0x40/0x70
[  928.948626][T20591]  ? __pfx_ref_tracker_free+0x10/0x10
[  928.948655][T20591]  netlink_rcv_skb+0x208/0x470
[  928.948685][T20591]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  928.948714][T20591]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  928.948755][T20591]  ? netlink_deliver_tap+0x2e/0x1b0
[  928.948791][T20591]  netlink_unicast+0x82f/0x9e0
[  928.948826][T20591]  ? __pfx_netlink_unicast+0x10/0x10
[  928.948855][T20591]  ? netlink_sendmsg+0x642/0xb30
[  928.948872][T20591]  ? skb_put+0x11b/0x210
[  928.948894][T20591]  netlink_sendmsg+0x805/0xb30
[  928.948922][T20591]  ? __pfx_netlink_sendmsg+0x10/0x10
[  928.948943][T20591]  ? __import_iovec+0x5d4/0x7f0
[  928.948965][T20591]  ? aa_sock_msg_perm+0xf1/0x1d0
[  928.948995][T20591]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  928.949014][T20591]  ? __pfx_netlink_sendmsg+0x10/0x10
[  928.949034][T20591]  __sock_sendmsg+0x21c/0x270
[  928.949062][T20591]  ____sys_sendmsg+0x505/0x830
[  928.949088][T20591]  ? __pfx_____sys_sendmsg+0x10/0x10
[  928.949123][T20591]  ___sys_sendmsg+0x21f/0x2a0
[  928.949145][T20591]  ? __pfx____sys_sendmsg+0x10/0x10
[  928.949200][T20591]  ? __fget_files+0x2a/0x420
[  928.949218][T20591]  ? __fget_files+0x3a0/0x420
[  928.949246][T20591]  __sys_sendmsg+0x164/0x220
[  928.949269][T20591]  ? __pfx___sys_sendmsg+0x10/0x10
[  928.949298][T20591]  ? __pfx_ksys_write+0x10/0x10
[  928.949328][T20591]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  928.949362][T20591]  ? lockdep_hardirqs_on+0x9c/0x150
[  928.949390][T20591]  __do_fast_syscall_32+0xb6/0x2b0
[  928.949418][T20591]  ? lockdep_hardirqs_on+0x9c/0x150
[  928.949446][T20591]  do_fast_syscall_32+0x34/0x80
[  928.949473][T20591]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  928.949497][T20591] RIP: 0023:0xf7ff6539
[  928.949514][T20591] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  928.949533][T20591] RSP: 002b:00000000f54c555c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  928.949555][T20591] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  928.949569][T20591] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[  928.949582][T20591] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  928.949595][T20591] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  928.949607][T20591] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  928.949637][T20591]  </TASK>
[  929.481613][T12278] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  929.493940][T12278] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  929.514476][   T43] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  929.522665][T12278] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  929.532022][T12278] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  929.540973][T12278] usb 4-1: Product: syz
[  929.545513][T12278] usb 4-1: Manufacturer: syz
[  929.550096][T12278] usb 4-1: SerialNumber: syz
[  929.575785][T12278] cdc_mbim 4-1:1.0: skipping garbage
[  929.672061][   T43] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  929.724369][   T43] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  929.774225][   T43] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  929.820997][   T30] kauditd_printk_skb: 223 callbacks suppressed
[  929.821015][   T30] audit: type=1326 audit(1761414528.913:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20585 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  929.842649][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  929.850935][   T30] audit: type=1326 audit(1761414528.913:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20585 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  929.874293][   T43] usb 3-1: SerialNumber: syz
[  929.881434][   T30] audit: type=1326 audit(1761414528.913:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20585 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=40000003 syscall=174 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  929.908621][   T30] audit: type=1326 audit(1761414528.913:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20585 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  929.931252][   T30] audit: type=1326 audit(1761414528.913:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20585 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  929.954598][   T30] audit: type=1326 audit(1761414528.913:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20585 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  929.978357][   T30] audit: type=1326 audit(1761414528.913:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20585 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  930.024812][   T30] audit: type=1326 audit(1761414528.913:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20585 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  930.049403][   T30] audit: type=1326 audit(1761414528.913:1366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20585 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  930.077780][   T30] audit: type=1326 audit(1761414528.913:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20585 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  930.105153][ T5836] usb 2-1: new high-speed USB device number 127 using dummy_hcd
[  930.207667][   T43] usb 3-1: 0:2 : does not exist
[  930.252608][T12278] cdc_mbim 4-1:1.0: failed GET_NTB_PARAMETERS
[  930.274448][T12278] cdc_mbim 4-1:1.0: bind() failure
[  930.283471][T12278] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  930.293700][   T43] usb 3-1: USB disconnect, device number 18
[  930.294012][ T5836] usb 2-1: Using ep0 maxpacket: 8
[  930.329755][ T5836] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  930.340823][T12278] cdc_ncm 4-1:1.1: bind() failure
[  930.346652][ T5836] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  930.369936][ T5836] usb 2-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  930.409928][T20604] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3807'.
[  930.423972][ T5836] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  930.457212][ T5836] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  930.498623][ T5836] usbtmc 2-1:16.0: bulk endpoints not found
[  930.770278][ T5836] usb 2-1: USB disconnect, device number 127
[  931.025740][ T5922] usb 6-1: new high-speed USB device number 77 using dummy_hcd
[  931.097303][T20626] loop2: detected capacity change from 0 to 524287999
[  931.195008][ T5922] usb 6-1: device descriptor read/64, error -71
[  931.459787][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  931.466260][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  931.479223][ T5922] usb 6-1: new high-speed USB device number 78 using dummy_hcd
[  931.614317][ T5922] usb 6-1: device descriptor read/64, error -71
[  931.747720][ T5922] usb usb6-port1: attempt power cycle
[  931.941705][T20646] delete_channel: no stack
[  932.035324][T12278] usb 4-1: USB disconnect, device number 121
[  932.059392][T20648] netlink: 216 bytes leftover after parsing attributes in process `syz.2.3817'.
[  932.085793][ T5922] usb 6-1: new high-speed USB device number 79 using dummy_hcd
[  932.137469][ T5922] usb 6-1: device descriptor read/8, error -71
[  932.234859][ T5836] usb 5-1: new high-speed USB device number 101 using dummy_hcd
[  932.394539][ T5922] usb 6-1: new high-speed USB device number 80 using dummy_hcd
[  932.438108][ T5836] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  932.458539][ T5836] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  932.459717][ T5922] usb 6-1: device descriptor read/8, error -71
[  932.469095][ T5879] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  932.484398][   T10] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  932.524879][ T5836] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  932.617047][ T5836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  932.635048][ T5922] usb usb6-port1: unable to enumerate USB device
[  932.636043][ T5879] usb 2-1: device descriptor read/64, error -71
[  932.701968][   T10] usb 3-1: Using ep0 maxpacket: 32
[  932.714876][T20646] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  932.743362][ T5836] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  932.797223][   T10] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=67.fe
[  932.806537][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  932.819146][   T10] usb 3-1: Product: syz
[  932.839562][   T10] usb 3-1: Manufacturer: syz
[  932.858233][   T10] usb 3-1: SerialNumber: syz
[  932.884663][ T5879] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  932.928404][   T10] usb 3-1: config 0 descriptor??
[  933.014877][ T5879] usb 2-1: device descriptor read/64, error -71
[  933.125257][ T5879] usb usb2-port1: attempt power cycle
[  933.191640][   T10] snd-usb-6fire 3-1:0.0: unknown device firmware state received from device:
[  933.233612][   T10] b3 c1 69 eb 50 3d 29 15 
[  933.279077][   T10] snd-usb-6fire 3-1:0.0: probe with driver snd-usb-6fire failed with error -5
[  933.440652][ T5922] usb 3-1: USB disconnect, device number 19
[  933.465219][ T5879] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  933.497681][ T5879] usb 2-1: device descriptor read/8, error -71
[  933.744980][ T5879] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  933.786206][ T5879] usb 2-1: device descriptor read/8, error -71
[  933.895708][ T5879] usb usb2-port1: unable to enumerate USB device
[  934.176518][T20671] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  934.931383][ T5922] usb 5-1: USB disconnect, device number 101
[  935.069519][T20693] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3831'.
[  935.103679][T20693] syz_tun (unregistering): left allmulticast mode
[  935.248461][T20697] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  935.257242][T20697] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  935.364527][ T5922] usb 5-1: new high-speed USB device number 102 using dummy_hcd
[  935.414900][ T5879] usb 6-1: new high-speed USB device number 81 using dummy_hcd
[  935.524410][ T5922] usb 5-1: Using ep0 maxpacket: 32
[  935.537479][ T5922] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  935.559045][ T5922] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  935.580876][ T5922] usb 5-1: config 0 descriptor??
[  935.581335][ T5879] usb 6-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  935.620502][ T5879] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  935.629433][ T5879] usb 6-1: Product: syz
[  935.633618][ T5879] usb 6-1: Manufacturer: syz
[  935.640853][ T5879] usb 6-1: SerialNumber: syz
[  935.659622][ T5879] usb 6-1: config 0 descriptor??
[  935.670835][ T5879] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  935.696992][T20702] netlink: 'syz.3.3833': attribute type 2 has an invalid length.
[  935.799643][ T5922] dvb-usb: found a 'Elgato EyeTV Sat' in cold state, will try to load a firmware
[  935.818944][ T5922] usb 5-1: Direct firmware load for dvb-usb-az6027-03.fw failed with error -2
[  935.830569][ T5922] usb 5-1: Falling back to sysfs fallback for: dvb-usb-az6027-03.fw
[  936.199143][T20693] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3831'.
[  936.718747][T20726] program syz.1.3839 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  936.728746][T20725] program syz.1.3839 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  936.785911][T20729] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3840'.
[  936.822819][T20729] bridge_slave_1: left allmulticast mode
[  936.836240][T20714] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3837'.
[  936.854829][T20729] bridge_slave_1: left promiscuous mode
[  936.878022][T20729] bridge0: port 2(bridge_slave_1) entered disabled state
[  936.938917][T20729] bridge_slave_0: left allmulticast mode
[  936.953647][T20729] bridge_slave_0: left promiscuous mode
[  936.965577][T20729] bridge0: port 1(bridge_slave_0) entered disabled state
[  937.491656][T20737] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3842'.
[  937.523345][T20737] warning: `syz.3.3842' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  937.831610][T20759] netlink: 'syz.2.3847': attribute type 2 has an invalid length.
[  938.180205][T20766] netlink: 'syz.3.3849': attribute type 8 has an invalid length.
[  938.193055][  T899] usb 6-1: USB disconnect, device number 81
[  938.610535][T20781] input: syz0 as /devices/virtual/input/input120
[  939.017637][T20797] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  939.029258][T20794] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3858'.
[  939.070998][T20797] batman_adv: batadv0: Removing interface: batadv_slave_1
[  939.191308][T20801] fuse: Unknown parameter 'vode'
[  939.600826][T20812] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3862'.
[  939.611724][T20812] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3862'.
[  940.122465][T20815] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  940.231266][T20820] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  940.286203][T20822] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3866'.
[  940.313799][T20822] netlink: 'syz.3.3866': attribute type 8 has an invalid length.
[  941.362134][T20854] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3875'.
[  941.798950][ T5836] usb 4-1: new high-speed USB device number 122 using dummy_hcd
[  941.985693][ T5836] usb 4-1: config index 0 descriptor too short (expected 30768, got 36)
[  942.003000][ T5836] usb 4-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[  942.018703][ T5836] usb 4-1: config 48 has an invalid descriptor of length 48, skipping remainder of the config
[  942.048620][ T5836] usb 4-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[  942.137404][ T5836] usb 4-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[  942.159723][ T5836] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  942.478546][T20861] fuse: Bad value for 'group_id'
[  942.491682][T20861] fuse: Bad value for 'group_id'
[  942.513246][ T5836] usb 4-1: string descriptor 0 read error: -71
[  942.532255][ T5836] usb 4-1: USB disconnect, device number 122
[  942.887740][T20864] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3876'.
[  943.161561][T20872] lo: entered allmulticast mode
[  943.311212][T20879] delete_channel: no stack
[  943.574807][T12278] usb 4-1: new high-speed USB device number 123 using dummy_hcd
[  944.101916][T12278] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  944.127560][T12278] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  944.141558][T12278] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  944.151165][T12278] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  944.171539][T20879] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  944.300613][T12278] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  944.524905][ T5836] usb 6-1: new high-speed USB device number 82 using dummy_hcd
[  944.685156][ T5836] usb 6-1: Using ep0 maxpacket: 16
[  944.695429][ T5836] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  944.740524][ T5836] usb 6-1: New USB device found, idVendor=0c45, idProduct=760b, bcdDevice= 0.00
[  944.791556][ T5836] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  944.861540][ T5836] usb 6-1: config 0 descriptor??
[  945.325895][ T5836] hid (null): invalid report_count 43536
[  945.366567][ T5836] redragon 0003:0C45:760B.0028: unknown main item tag 0x6
[  945.475103][T20917] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3885'.
[  945.512724][ T5836] redragon 0003:0C45:760B.0028: unknown main item tag 0x0
[  945.567650][ T5836] redragon 0003:0C45:760B.0028: unknown main item tag 0x0
[  945.642961][ T5836] redragon 0003:0C45:760B.0028: unknown main item tag 0x0
[  945.716001][ T5836] redragon 0003:0C45:760B.0028: unknown main item tag 0x5
[  945.782782][ T5836] redragon 0003:0C45:760B.0028: invalid report_count 43536
[  945.822765][ T5836] redragon 0003:0C45:760B.0028: item 0 2 1 9 parsing failed
[  945.862433][ T5836] redragon 0003:0C45:760B.0028: probe with driver redragon failed with error -22
[  946.573713][   T10] usb 6-1: USB disconnect, device number 82
[  946.709979][T20934] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3890'.
[  947.281988][T20931] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3889'.
[  947.418289][   T43] usb 4-1: USB disconnect, device number 123
[  947.951926][T20948] fuse: Unknown parameter 'u00000000000000000000'
[  948.020597][T20950] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  948.243719][T20956] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  948.400453][T20967] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3898'.
[  948.848706][T20983] netlink: 196 bytes leftover after parsing attributes in process `syz.2.3901'.
[  948.862496][T20983] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  948.883917][T20983] batadv_slave_0: entered promiscuous mode
[  948.900853][T20983] batadv_slave_0: entered allmulticast mode
[  949.802837][T20996] delete_channel: no stack
[  950.108965][ T5948] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  950.494030][ T5948] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  950.517698][ T5948] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  950.562403][ T5948] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  950.572145][ T5948] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  950.604486][T20996] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  950.616995][ T5948] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  950.684351][   T43] usb 6-1: new high-speed USB device number 84 using dummy_hcd
[  950.816534][   T10] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  950.844493][   T43] usb 6-1: Invalid ep0 maxpacket: 9
[  950.939210][T21004] FAULT_INJECTION: forcing a failure.
[  950.939210][T21004] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  950.954041][T21004] CPU: 0 UID: 0 PID: 21004 Comm: syz.3.3910 Not tainted syzkaller #0 PREEMPT(full) 
[  950.954058][T21004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  950.954065][T21004] Call Trace:
[  950.954070][T21004]  <TASK>
[  950.954075][T21004]  dump_stack_lvl+0x189/0x250
[  950.954095][T21004]  ? __pfx____ratelimit+0x10/0x10
[  950.954109][T21004]  ? __pfx_dump_stack_lvl+0x10/0x10
[  950.954123][T21004]  ? __pfx__printk+0x10/0x10
[  950.954134][T21004]  ? __might_fault+0xb0/0x130
[  950.954154][T21004]  should_fail_ex+0x414/0x560
[  950.954172][T21004]  _copy_from_iter+0x1de/0x1790
[  950.954187][T21004]  ? rcu_is_watching+0x15/0xb0
[  950.954201][T21004]  ? kmalloc_reserve+0xbd/0x290
[  950.954218][T21004]  ? __pfx__copy_from_iter+0x10/0x10
[  950.954242][T21004]  ? __build_skb_around+0x262/0x3f0
[  950.954269][T21004]  ? netlink_sendmsg+0x642/0xb30
[  950.954286][T21004]  ? skb_put+0x11b/0x210
[  950.954306][T21004]  netlink_sendmsg+0x6b2/0xb30
[  950.954329][T21004]  ? __pfx_netlink_sendmsg+0x10/0x10
[  950.954340][T21004]  ? __import_iovec+0x5d4/0x7f0
[  950.954351][T21004]  ? aa_sock_msg_perm+0xf1/0x1d0
[  950.954368][T21004]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  950.954379][T21004]  ? __pfx_netlink_sendmsg+0x10/0x10
[  950.954388][T21004]  __sock_sendmsg+0x21c/0x270
[  950.954404][T21004]  ____sys_sendmsg+0x505/0x830
[  950.954417][T21004]  ? __pfx_____sys_sendmsg+0x10/0x10
[  950.954436][T21004]  ___sys_sendmsg+0x21f/0x2a0
[  950.954448][T21004]  ? __pfx____sys_sendmsg+0x10/0x10
[  950.954476][T21004]  ? __fget_files+0x2a/0x420
[  950.954486][T21004]  ? __fget_files+0x3a0/0x420
[  950.954500][T21004]  __sys_sendmsg+0x164/0x220
[  950.954512][T21004]  ? __pfx___sys_sendmsg+0x10/0x10
[  950.954541][T21004]  ? __pfx_ksys_write+0x10/0x10
[  950.954561][T21004]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  950.954577][T21004]  ? lockdep_hardirqs_on+0x9c/0x150
[  950.954591][T21004]  __do_fast_syscall_32+0xb6/0x2b0
[  950.954606][T21004]  ? lockdep_hardirqs_on+0x9c/0x150
[  950.954621][T21004]  do_fast_syscall_32+0x34/0x80
[  950.954636][T21004]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  950.954648][T21004] RIP: 0023:0xf7fa6539
[  950.954659][T21004] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  950.954668][T21004] RSP: 002b:00000000f549655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  950.954680][T21004] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000540
[  950.954688][T21004] RDX: 000000000000c000 RSI: 0000000000000000 RDI: 0000000000000000
[  950.954694][T21004] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  950.954701][T21004] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  950.954707][T21004] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  950.954722][T21004]  </TASK>
[  951.014678][   T43] usb 6-1: new high-speed USB device number 85 using dummy_hcd
[  951.018586][    C0] vkms_vblank_simulate: vblank timer overrun
[  951.242601][    C0] vkms_vblank_simulate: vblank timer overrun
[  951.248573][    C0] hrtimer: interrupt took 293841904 ns
[  951.348625][    C0] vkms_vblank_simulate: vblank timer overrun
[  951.389354][   T10] usb 3-1: Using ep0 maxpacket: 8
[  951.398029][   T10] usb 3-1: New USB device found, idVendor=093b, idProduct=a104, bcdDevice= 0.01
[  951.407757][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  951.416482][   T10] usb 3-1: Product: syz
[  951.421219][   T10] usb 3-1: Manufacturer: syz
[  951.424363][   T43] usb 6-1: Invalid ep0 maxpacket: 9
[  951.426437][   T10] usb 3-1: SerialNumber: syz
[  951.439959][   T10] usb 3-1: config 0 descriptor??
[  951.609839][   T43] usb usb6-port1: attempt power cycle
[  951.639513][   T10] go7007 3-1:0.0: probe with driver go7007 failed with error -12
[  951.815593][T16273] usb 3-1: USB disconnect, device number 20
[  951.875242][ T5948] usb 4-1: new high-speed USB device number 124 using dummy_hcd
[  951.984353][   T43] usb 6-1: new high-speed USB device number 86 using dummy_hcd
[  952.005022][   T43] usb 6-1: Invalid ep0 maxpacket: 9
[  952.024344][ T5948] usb 4-1: Using ep0 maxpacket: 8
[  952.031322][ T5948] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  952.040886][ T5948] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  952.061148][ T5948] pvrusb2: Hardware description: Terratec Grabster AV400
[  952.068279][ T5948] pvrusb2: **********
[  952.072274][ T5948] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  952.083284][ T5948] pvrusb2: Important functionality might not be entirely working.
[  952.091249][ T5948] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  952.104896][ T5948] pvrusb2: **********
[  952.134449][   T43] usb 6-1: new high-speed USB device number 87 using dummy_hcd
[  952.155092][   T43] usb 6-1: Invalid ep0 maxpacket: 9
[  952.161734][   T43] usb usb6-port1: unable to enumerate USB device
[  952.260530][ T2345] pvrusb2: Invalid write control endpoint
[  952.320163][ T2345] pvrusb2: Invalid write control endpoint
[  952.341744][ T2345] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  952.353199][ T2345] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  952.363338][ T2345] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  952.373845][ T2345] pvrusb2: Device being rendered inoperable
[  952.390666][ T2345] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  952.398817][ T2345] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  952.415724][ T2345] pvrusb2: Attached sub-driver cx25840
[  952.421927][ T2345] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  952.432762][ T2345] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  952.502947][ T5948] usb 4-1: USB disconnect, device number 124
[  952.572184][T21011] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3913'.
[  952.990764][   T43] usb 2-1: USB disconnect, device number 6
[  953.284581][ T5948] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  953.299132][   T30] kauditd_printk_skb: 14 callbacks suppressed
[  953.299175][   T30] audit: type=1326 audit(1761414552.393:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21029 comm="syz.3.3918" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fa6539 code=0x0
[  953.403283][T21031] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3918'.
[  953.502327][ T5948] usb 3-1: config index 0 descriptor too short (expected 9, got 0)
[  953.548147][ T5948] usb 3-1: can't read configurations, error -22
[  953.697923][ T5948] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  953.794202][T21045] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  953.927327][ T5948] usb 3-1: config index 0 descriptor too short (expected 9, got 0)
[  953.947191][ T5948] usb 3-1: can't read configurations, error -22
[  953.998780][ T5948] usb usb3-port1: attempt power cycle
[  954.156306][T21054] FAULT_INJECTION: forcing a failure.
[  954.156306][T21054] name failslab, interval 1, probability 0, space 0, times 0
[  954.168949][T21054] CPU: 1 UID: 0 PID: 21054 Comm: syz.4.3923 Not tainted syzkaller #0 PREEMPT(full) 
[  954.168966][T21054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  954.168973][T21054] Call Trace:
[  954.168980][T21054]  <TASK>
[  954.168989][T21054]  dump_stack_lvl+0x189/0x250
[  954.169010][T21054]  ? __pfx____ratelimit+0x10/0x10
[  954.169024][T21054]  ? __pfx_dump_stack_lvl+0x10/0x10
[  954.169038][T21054]  ? __pfx__printk+0x10/0x10
[  954.169053][T21054]  ? __lock_acquire+0xab9/0xd20
[  954.169065][T21054]  should_fail_ex+0x414/0x560
[  954.169084][T21054]  should_failslab+0xa8/0x100
[  954.169096][T21054]  kmem_cache_alloc_noprof+0x74/0x6e0
[  954.169112][T21054]  ? skb_clone+0x212/0x3a0
[  954.169122][T21054]  ? run_filter+0x23/0x270
[  954.169140][T21054]  skb_clone+0x212/0x3a0
[  954.169151][T21054]  ? packet_rcv+0x567/0x1730
[  954.169166][T21054]  packet_rcv+0x65b/0x1730
[  954.169184][T21054]  ? __pfx_packet_rcv_fanout+0x10/0x10
[  954.169196][T21054]  __netif_receive_skb_core+0x3465/0x4380
[  954.169223][T21054]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  954.169248][T21054]  ? netif_receive_skb+0x115/0x790
[  954.169262][T21054]  ? netif_receive_skb+0x115/0x790
[  954.169282][T21054]  __netif_receive_skb+0x72/0x380
[  954.169299][T21054]  ? netif_receive_skb+0x115/0x790
[  954.169312][T21054]  netif_receive_skb+0x1cb/0x790
[  954.169331][T21054]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  954.169348][T21054]  ? skb_set_owner_w+0x25b/0x3a0
[  954.169367][T21054]  ? __pfx_netif_receive_skb+0x10/0x10
[  954.169390][T21054]  ? skb_partial_csum_set+0x107/0x360
[  954.169419][T21054]  ? tun_rx_batched+0x160/0x730
[  954.169445][T21054]  tun_rx_batched+0x1b9/0x730
[  954.169461][T21054]  ? __lock_acquire+0xab9/0xd20
[  954.169473][T21054]  ? __pfx_tun_rx_batched+0x10/0x10
[  954.169487][T21054]  ? tun_get_user+0x272f/0x3e90
[  954.169505][T21054]  tun_get_user+0x2b65/0x3e90
[  954.169523][T21054]  ? tun_get_user+0x272f/0x3e90
[  954.169541][T21054]  ? aa_file_perm+0x44d/0x1550
[  954.169551][T21054]  ? __pfx_tun_get_user+0x10/0x10
[  954.169563][T21054]  ? _parse_integer_limit+0x1ae/0x1f0
[  954.169586][T21054]  ? __lock_acquire+0xab9/0xd20
[  954.169605][T21054]  ? ref_tracker_alloc+0x318/0x460
[  954.169614][T21054]  ? __lock_acquire+0xab9/0xd20
[  954.169625][T21054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  954.169638][T21054]  ? tun_get+0x1c/0x2f0
[  954.169652][T21054]  ? tun_get+0x1c/0x2f0
[  954.169664][T21054]  ? tun_get+0x1c/0x2f0
[  954.169681][T21054]  tun_chr_write_iter+0x113/0x200
[  954.169698][T21054]  vfs_write+0x5c9/0xb30
[  954.169715][T21054]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  954.169728][T21054]  ? __pfx_vfs_write+0x10/0x10
[  954.169747][T21054]  ? __fget_files+0x2a/0x420
[  954.169762][T21054]  ksys_write+0x145/0x250
[  954.169776][T21054]  ? exc_page_fault+0x82/0x100
[  954.169790][T21054]  ? __pfx_ksys_write+0x10/0x10
[  954.169806][T21054]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  954.169821][T21054]  ? lockdep_hardirqs_on+0x9c/0x150
[  954.169836][T21054]  __do_fast_syscall_32+0xb6/0x2b0
[  954.169851][T21054]  ? lockdep_hardirqs_on+0x9c/0x150
[  954.169866][T21054]  do_fast_syscall_32+0x34/0x80
[  954.169880][T21054]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  954.169894][T21054] RIP: 0023:0xf7f52539
[  954.169904][T21054] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  954.169913][T21054] RSP: 002b:00000000f544655c EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[  954.169925][T21054] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  954.169933][T21054] RDX: 000000000000003e RSI: 0000000000000000 RDI: 0000000000000000
[  954.169940][T21054] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  954.169946][T21054] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  954.169952][T21054] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  954.169967][T21054]  </TASK>
[  954.837284][ T5948] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  954.867395][ T5948] usb 3-1: config index 0 descriptor too short (expected 9, got 0)
[  954.875601][ T5948] usb 3-1: can't read configurations, error -22
[  955.014377][ T5948] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  955.074016][ T5948] usb 3-1: config index 0 descriptor too short (expected 9, got 0)
[  955.094359][ T5948] usb 3-1: can't read configurations, error -22
[  955.142562][ T5948] usb usb3-port1: unable to enumerate USB device
[  955.149723][T21063] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3925'.
[  955.241111][T21067] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3927'.
[  955.666481][T21080] FAULT_INJECTION: forcing a failure.
[  955.666481][T21080] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  955.679772][T21080] CPU: 0 UID: 0 PID: 21080 Comm: syz.5.3931 Not tainted syzkaller #0 PREEMPT(full) 
[  955.679796][T21080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  955.679808][T21080] Call Trace:
[  955.679814][T21080]  <TASK>
[  955.679821][T21080]  dump_stack_lvl+0x189/0x250
[  955.679839][T21080]  ? __pfx____ratelimit+0x10/0x10
[  955.679853][T21080]  ? __pfx_dump_stack_lvl+0x10/0x10
[  955.679867][T21080]  ? __pfx__printk+0x10/0x10
[  955.679885][T21080]  should_fail_ex+0x414/0x560
[  955.679904][T21080]  _copy_to_user+0x31/0xb0
[  955.679919][T21080]  copy_fid_info_to_user+0x2ec/0x740
[  955.679940][T21080]  ? __pfx_copy_fid_info_to_user+0x10/0x10
[  955.679963][T21080]  fanotify_read+0x14a8/0x26f0
[  955.679992][T21080]  ? __pfx_fanotify_read+0x10/0x10
[  955.680008][T21080]  ? __lock_acquire+0xab9/0xd20
[  955.680020][T21080]  ? copy_compat_iovec_from_user+0xf8/0x140
[  955.680041][T21080]  ? common_file_perm+0x1b5/0x230
[  955.680056][T21080]  ? __pfx_woken_wake_function+0x10/0x10
[  955.680073][T21080]  ? bpf_lsm_file_permission+0x9/0x20
[  955.680084][T21080]  ? security_file_permission+0x75/0x290
[  955.680097][T21080]  ? rw_verify_area+0x2a6/0x4d0
[  955.680114][T21080]  vfs_readv+0x5aa/0x850
[  955.680125][T21080]  ? __pfx_fanotify_read+0x10/0x10
[  955.680141][T21080]  ? __pfx_vfs_readv+0x10/0x10
[  955.680159][T21080]  ? __fget_files+0x2a/0x420
[  955.680171][T21080]  ? __fget_files+0x3a0/0x420
[  955.680180][T21080]  ? __fget_files+0x2a/0x420
[  955.680194][T21080]  do_readv+0x14d/0x2d0
[  955.680206][T21080]  ? __pfx_do_readv+0x10/0x10
[  955.680217][T21080]  ? __secure_computing+0xe2/0x2a0
[  955.680235][T21080]  __do_fast_syscall_32+0xb6/0x2b0
[  955.680257][T21080]  ? lockdep_hardirqs_on+0x9c/0x150
[  955.680273][T21080]  do_fast_syscall_32+0x34/0x80
[  955.680287][T21080]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  955.680300][T21080] RIP: 0023:0xf7ff6539
[  955.680309][T21080] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  955.680319][T21080] RSP: 002b:00000000f54e655c EFLAGS: 00000206 ORIG_RAX: 0000000000000091
[  955.680332][T21080] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800004c0
[  955.680339][T21080] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  955.680345][T21080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  955.680351][T21080] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  955.680358][T21080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  955.680373][T21080]  </TASK>
[  955.933808][    C0] vkms_vblank_simulate: vblank timer overrun
[  956.004833][ T5836] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  956.155655][ T5836] usb 2-1: Using ep0 maxpacket: 32
[  956.162307][ T5836] usb 2-1: config 0 has an invalid interface number: 126 but max is 0
[  956.170941][ T5836] usb 2-1: config 0 has no interface number 0
[  956.177542][ T5836] usb 2-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  956.188228][ T5836] usb 2-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8
[  956.198651][ T5836] usb 2-1: config 0 interface 126 has no altsetting 0
[  956.207521][ T5836] usb 2-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[  956.218411][ T5836] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  956.232261][ T5836] usb 2-1: Product: syz
[  956.241089][ T5836] usb 2-1: Manufacturer: syz
[  956.253195][ T5836] usb 2-1: SerialNumber: syz
[  956.283714][ T5836] usb 2-1: config 0 descriptor??
[  956.301818][T21078] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  956.347244][T21078] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  956.801317][ T5836] ir_usb 2-1:0.126: IR Dongle converter detected
[  957.449420][ T5836] usb 2-1: IRDA class descriptor not found, device not bound
[  957.543006][ T5836] usb 2-1: USB disconnect, device number 7
[  957.552785][T21127] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3943'.
[  957.656998][T21130] bridge0: port 2(bridge_slave_1) entered disabled state
[  957.665684][T21130] bridge0: port 1(bridge_slave_0) entered disabled state
[  957.923897][T21134] IPv6: Can't replace route, no match found
[  958.983869][T21155] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  959.294866][   T10] usb 4-1: new high-speed USB device number 125 using dummy_hcd
[  959.446296][   T10] usb 4-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  959.459346][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  959.478312][T21172] netlink: 14528 bytes leftover after parsing attributes in process `syz.4.3956'.
[  959.511298][   T10] usb 4-1: config 0 descriptor??
[  959.559953][   T10] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input124
[  960.042852][  T899] usb 4-1: USB disconnect, device number 125
[  960.061771][T21176] netlink: 'syz.5.3957': attribute type 24 has an invalid length.
[  960.087085][T21176] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3957'.
[  960.149304][T21176] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  961.249614][T21200] FAULT_INJECTION: forcing a failure.
[  961.249614][T21200] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  961.263544][T21200] CPU: 0 UID: 0 PID: 21200 Comm: syz.5.3962 Not tainted syzkaller #0 PREEMPT(full) 
[  961.263569][T21200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  961.263580][T21200] Call Trace:
[  961.263589][T21200]  <TASK>
[  961.263597][T21200]  dump_stack_lvl+0x189/0x250
[  961.263625][T21200]  ? __pfx____ratelimit+0x10/0x10
[  961.263647][T21200]  ? __pfx_dump_stack_lvl+0x10/0x10
[  961.263668][T21200]  ? __pfx__printk+0x10/0x10
[  961.263688][T21200]  ? __might_fault+0xb0/0x130
[  961.263725][T21200]  should_fail_ex+0x414/0x560
[  961.263755][T21200]  _copy_from_user+0x2d/0xb0
[  961.263778][T21200]  get_compat_msghdr+0xad/0x4a0
[  961.263802][T21200]  ? __pfx_get_compat_msghdr+0x10/0x10
[  961.263830][T21200]  ___sys_sendmsg+0x193/0x2a0
[  961.263852][T21200]  ? __pfx____sys_sendmsg+0x10/0x10
[  961.263937][T21200]  ? __fget_files+0x2a/0x420
[  961.263955][T21200]  ? __fget_files+0x3a0/0x420
[  961.263983][T21200]  __sys_sendmsg+0x164/0x220
[  961.264006][T21200]  ? __pfx___sys_sendmsg+0x10/0x10
[  961.264036][T21200]  ? __pfx_ksys_write+0x10/0x10
[  961.264066][T21200]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  961.264092][T21200]  ? lockdep_hardirqs_on+0x9c/0x150
[  961.264118][T21200]  __do_fast_syscall_32+0xb6/0x2b0
[  961.264144][T21200]  ? lockdep_hardirqs_on+0x9c/0x150
[  961.264170][T21200]  do_fast_syscall_32+0x34/0x80
[  961.264195][T21200]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  961.264215][T21200] RIP: 0023:0xf7ff6539
[  961.264231][T21200] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  961.264247][T21200] RSP: 002b:00000000f54a455c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  961.264266][T21200] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000800001c0
[  961.264280][T21200] RDX: 00000000000000ee RSI: 0000000000000000 RDI: 0000000000000000
[  961.264291][T21200] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  961.264302][T21200] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  961.264314][T21200] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  961.264342][T21200]  </TASK>
[  961.475100][    C0] vkms_vblank_simulate: vblank timer overrun
[  961.576482][T21201] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  962.409277][T21210] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  962.804814][T12278] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  963.067411][T12278] usb 2-1: config 0 has no interfaces?
[  963.089865][T12278] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  963.122977][T12278] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  963.139981][T21227] netlink: 196 bytes leftover after parsing attributes in process `syz.5.3971'.
[  963.162771][T21227] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  963.175821][T21227] batadv_slave_0: entered promiscuous mode
[  963.181864][T21227] batadv_slave_0: entered allmulticast mode
[  963.231094][T12278] usb 2-1: Product: syz
[  963.245834][T12278] usb 2-1: Manufacturer: syz
[  963.250578][T12278] usb 2-1: SerialNumber: syz
[  963.301680][T12278] usb 2-1: config 0 descriptor??
[  963.472463][T21230] FAULT_INJECTION: forcing a failure.
[  963.472463][T21230] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  963.490623][T21230] CPU: 0 UID: 0 PID: 21230 Comm: syz.2.3973 Not tainted syzkaller #0 PREEMPT(full) 
[  963.490651][T21230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  963.490664][T21230] Call Trace:
[  963.490672][T21230]  <TASK>
[  963.490681][T21230]  dump_stack_lvl+0x189/0x250
[  963.490720][T21230]  ? __pfx____ratelimit+0x10/0x10
[  963.490744][T21230]  ? __pfx_dump_stack_lvl+0x10/0x10
[  963.490771][T21230]  ? __pfx__printk+0x10/0x10
[  963.490804][T21230]  should_fail_ex+0x414/0x560
[  963.490838][T21230]  _copy_to_user+0x31/0xb0
[  963.490866][T21230]  simple_read_from_buffer+0xe1/0x170
[  963.490900][T21230]  proc_fail_nth_read+0x1b3/0x220
[  963.490929][T21230]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  963.490957][T21230]  ? rw_verify_area+0x2a6/0x4d0
[  963.490982][T21230]  ? __lock_acquire+0xab9/0xd20
[  963.491001][T21230]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  963.491027][T21230]  vfs_read+0x200/0xa30
[  963.491053][T21230]  ? fdget_pos+0x247/0x320
[  963.491076][T21230]  ? __pfx___mutex_lock+0x10/0x10
[  963.491101][T21230]  ? __pfx_vfs_read+0x10/0x10
[  963.491126][T21230]  ? __fget_files+0x2a/0x420
[  963.491147][T21230]  ? __fget_files+0x3a0/0x420
[  963.491163][T21230]  ? __fget_files+0x2a/0x420
[  963.491191][T21230]  ksys_read+0x145/0x250
[  963.491219][T21230]  ? __pfx_ksys_read+0x10/0x10
[  963.491247][T21230]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  963.491274][T21230]  ? lockdep_hardirqs_on+0x9c/0x150
[  963.491303][T21230]  __do_fast_syscall_32+0xb6/0x2b0
[  963.491330][T21230]  ? lockdep_hardirqs_on+0x9c/0x150
[  963.491359][T21230]  do_fast_syscall_32+0x34/0x80
[  963.491386][T21230]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  963.491410][T21230] RIP: 0023:0xf708d539
[  963.491426][T21230] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  963.491444][T21230] RSP: 002b:00000000f547d590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  963.491466][T21230] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f547d620
[  963.491480][T21230] RDX: 000000000000000f RSI: 00000000f7425ff4 RDI: 0000000000000000
[  963.491493][T21230] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  963.491505][T21230] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  963.491516][T21230] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  963.491546][T21230]  </TASK>
[  963.993080][T21214] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  964.012374][T21214] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  964.061975][T12278] usb 2-1: USB disconnect, device number 8
[  964.174821][ T5836] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  964.319655][   T30] audit: type=1326 audit(1761414563.413:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21233 comm="syz.3.3975" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  964.335867][ T5836] usb 3-1: Using ep0 maxpacket: 32
[  964.358253][ T5836] usb 3-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  964.369223][ T5836] usb 3-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  964.381620][ T5836] usb 3-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  964.393439][ T5836] usb 3-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  964.413124][ T5836] usb 3-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  964.423035][ T5836] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  964.433569][ T5836] usb 3-1: Product: syz
[  964.438039][ T5836] usb 3-1: Manufacturer: syz
[  964.442618][ T5836] usb 3-1: SerialNumber: syz
[  964.451244][    C0] imon 3-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  964.461120][ T5836] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:155.0/input/input126
[  964.481356][   T30] audit: type=1326 audit(1761414563.413:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21233 comm="syz.3.3975" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  964.509554][   T30] audit: type=1326 audit(1761414563.413:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21233 comm="syz.3.3975" exe="/root/syz-executor" sig=0 arch=40000003 syscall=136 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  964.532736][   T30] audit: type=1326 audit(1761414563.413:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21233 comm="syz.3.3975" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  964.556971][   T30] audit: type=1326 audit(1761414563.413:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21233 comm="syz.3.3975" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  964.566985][T12278] usb 6-1: new high-speed USB device number 88 using dummy_hcd
[  964.579546][   T30] audit: type=1326 audit(1761414563.453:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21233 comm="syz.3.3975" exe="/root/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  964.579594][   T30] audit: type=1326 audit(1761414563.453:1389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21233 comm="syz.3.3975" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  964.579641][   T30] audit: type=1326 audit(1761414563.503:1390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21233 comm="syz.3.3975" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  964.579679][   T30] audit: type=1326 audit(1761414563.573:1391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21233 comm="syz.3.3975" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  964.695405][ T5836] imon 3-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  964.764304][ T5836]  (id 0x00)
[  964.804385][   T30] audit: type=1326 audit(1761414563.573:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21233 comm="syz.3.3975" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  964.864632][ T5836] rc_core: IR keymap rc-imon-pad not found
[  964.870546][ T5836] Registered IR keymap rc-empty
[  964.881591][ T5836] imon 3-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  964.918052][ T5836] imon 3-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  964.960965][ T5836] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:155.0/rc/rc0
[  964.980199][T12278] usb 6-1: Using ep0 maxpacket: 8
[  964.992789][T12278] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  965.015012][ T5836] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:155.0/rc/rc0/input127
[  965.027678][T12278] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  965.068731][T12278] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  965.094677][ T5836] imon 3-1:155.0: iMON device (15c2:ffdc, intf0) on usb<3:25> initialized
[  965.112222][T12278] usb 6-1: New USB device found, idVendor=0582, idProduct=28e8, bcdDevice=f5.06
[  965.122793][T12278] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  965.154825][T12278] usb 6-1: Product: syz
[  965.159027][T12278] usb 6-1: Manufacturer: syz
[  965.175392][T12278] usb 6-1: SerialNumber: syz
[  965.205987][ T5836] usb 3-1: USB disconnect, device number 25
[  965.233210][T21246] imon:display_open: could not find interface for minor 0
[  965.249840][T12278] usb 6-1: config 0 descriptor??
[  965.470687][T21251] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  966.122087][T12278] usb 6-1: USB disconnect, device number 88
[  966.238047][ T5946] udevd[5946]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  966.645355][T21282] fuse: Bad value for 'fd'
[  967.914489][ T5948] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  968.138661][ T5948] usb 3-1: Using ep0 maxpacket: 16
[  968.177380][ T5948] usb 3-1: config index 0 descriptor too short (expected 65, got 36)
[  968.188802][ T5948] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  968.221721][ T5948] usb 3-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  968.242967][ T5948] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  968.278233][ T5948] usb 3-1: config 0 descriptor??
[  968.306123][ T5948] pxrc 3-1:0.0: Could not find endpoint
[  968.400411][ T5948] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  968.529241][ T5948] usb 3-1: USB disconnect, device number 26
[  969.192318][T21299] 8021q: adding VLAN 0 to HW filter on device bond1
[  969.394641][T21316] FAULT_INJECTION: forcing a failure.
[  969.394641][T21316] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  969.425987][T21316] CPU: 1 UID: 0 PID: 21316 Comm: syz.5.3994 Not tainted syzkaller #0 PREEMPT(full) 
[  969.426038][T21316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  969.426051][T21316] Call Trace:
[  969.426060][T21316]  <TASK>
[  969.426069][T21316]  dump_stack_lvl+0x189/0x250
[  969.426103][T21316]  ? __pfx____ratelimit+0x10/0x10
[  969.426128][T21316]  ? __pfx_dump_stack_lvl+0x10/0x10
[  969.426155][T21316]  ? __pfx__printk+0x10/0x10
[  969.426177][T21316]  ? __might_fault+0xb0/0x130
[  969.426216][T21316]  should_fail_ex+0x414/0x560
[  969.426251][T21316]  _copy_from_user+0x2d/0xb0
[  969.426278][T21316]  lowpan_control_write+0xf1/0x6c0
[  969.426309][T21316]  ? __pfx_lowpan_control_write+0x10/0x10
[  969.426344][T21316]  ? __pfx___debugfs_file_get+0x10/0x10
[  969.426366][T21316]  ? rcu_read_lock_any_held+0xb3/0x120
[  969.426392][T21316]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  969.426421][T21316]  full_proxy_write+0x127/0x1f0
[  969.426443][T21316]  ? __pfx_full_proxy_write+0x10/0x10
[  969.426465][T21316]  vfs_write+0x27e/0xb30
[  969.426498][T21316]  ? __pfx_vfs_write+0x10/0x10
[  969.426526][T21316]  ? do_sys_openat2+0x154/0x1c0
[  969.426551][T21316]  ? kmem_cache_free+0x19b/0x690
[  969.426588][T21316]  ksys_write+0x145/0x250
[  969.426614][T21316]  ? __pfx_ksys_write+0x10/0x10
[  969.426639][T21316]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  969.426664][T21316]  ? lockdep_hardirqs_on+0x9c/0x150
[  969.426687][T21316]  __do_fast_syscall_32+0xb6/0x2b0
[  969.426710][T21316]  ? lockdep_hardirqs_on+0x9c/0x150
[  969.426735][T21316]  do_fast_syscall_32+0x34/0x80
[  969.426757][T21316]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  969.426778][T21316] RIP: 0023:0xf7ff6539
[  969.426791][T21316] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  969.426807][T21316] RSP: 002b:00000000f54a455c EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[  969.426825][T21316] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000080
[  969.426838][T21316] RDX: 000000000000001b RSI: 0000000000000000 RDI: 0000000000000000
[  969.426849][T21316] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  969.426859][T21316] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  969.426869][T21316] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  969.426894][T21316]  </TASK>
[  970.118658][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  970.118670][   T30] audit: type=1326 audit(1761414569.213:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21325 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  970.235986][   T30] audit: type=1326 audit(1761414569.243:1421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21325 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  970.258123][    C0] vkms_vblank_simulate: vblank timer overrun
[  970.264401][  T899] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  970.311832][T21330] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4000'.
[  970.331322][   T30] audit: type=1326 audit(1761414569.243:1422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21325 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  970.385237][   T30] audit: type=1326 audit(1761414569.243:1423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21325 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  970.407317][    C0] vkms_vblank_simulate: vblank timer overrun
[  970.476341][  T899] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  970.486661][  T899] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  970.504288][  T899] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  970.537669][  T899] usb 2-1: config 0 descriptor??
[  970.564401][   T30] audit: type=1326 audit(1761414569.243:1424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21325 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  970.605819][   T30] audit: type=1326 audit(1761414569.253:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21325 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=364 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  970.661746][  T899] pwc: Askey VC010 type 2 USB webcam detected.
[  970.692420][   T30] audit: type=1326 audit(1761414569.253:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21325 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  970.776186][   T30] audit: type=1326 audit(1761414569.253:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21325 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  970.961008][   T30] audit: type=1326 audit(1761414569.253:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21325 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  971.044327][   T30] audit: type=1326 audit(1761414569.253:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21325 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6539 code=0x7ffc0000
[  971.148056][T21344] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  971.172325][  T899] pwc: recv_control_msg error -32 req 02 val 2700
[  971.193243][  T899] pwc: recv_control_msg error -32 req 02 val 2c00
[  971.207316][  T899] pwc: recv_control_msg error -32 req 04 val 1000
[  971.222236][  T899] pwc: recv_control_msg error -32 req 04 val 1300
[  971.222862][  T899] pwc: recv_control_msg error -32 req 04 val 1400
[  971.234680][  T899] pwc: recv_control_msg error -32 req 02 val 2000
[  971.236035][  T899] pwc: recv_control_msg error -32 req 02 val 2100
[  971.261743][  T899] pwc: recv_control_msg error -71 req 04 val 1500
[  971.262165][  T899] pwc: recv_control_msg error -71 req 02 val 2500
[  971.272637][  T899] pwc: recv_control_msg error -71 req 02 val 2400
[  971.370403][  T899] pwc: recv_control_msg error -71 req 02 val 2600
[  971.375239][T11133] Bluetooth: hci3: command 0x0405 tx timeout
[  971.377842][  T899] pwc: recv_control_msg error -71 req 02 val 2900
[  971.390802][  T899] pwc: recv_control_msg error -71 req 02 val 2800
[  971.398468][  T899] pwc: recv_control_msg error -71 req 04 val 1100
[  971.405705][  T899] pwc: recv_control_msg error -71 req 04 val 1200
[  971.431365][  T899] pwc: Registered as video103.
[  971.530091][  T899] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input129
[  971.555638][  T899] usb 2-1: USB disconnect, device number 9
[  972.164789][  T899] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  972.344531][  T899] usb 2-1: Using ep0 maxpacket: 8
[  972.372456][  T899] usb 2-1: unable to get BOS descriptor or descriptor too short
[  972.404910][T12278] usb 4-1: new full-speed USB device number 126 using dummy_hcd
[  972.416711][  T899] usb 2-1: config 4 interface 0 has no altsetting 0
[  972.431578][  T899] usb 2-1: string descriptor 0 read error: -22
[  972.441496][  T899] usb 2-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  972.451418][  T899] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[  972.480443][  T899] usb 2-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  972.499833][  T899] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  972.532349][  T899] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  972.557345][  T899] usb 2-1: media controller created
[  972.567354][T12278] usb 4-1: config 1 has an invalid interface number: 128 but max is 2
[  972.585688][T12278] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  972.613453][T12278] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  972.630324][T12278] usb 4-1: config 1 has no interface number 0
[  972.638940][T12278] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  972.651199][  T899] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  972.653979][T12278] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  972.672918][T12278] usb 4-1: SerialNumber: syz
[  972.692891][T12278] usb 4-1: 128:2 : does not exist
[  972.784105][T21398] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  972.951916][T21380] binder: 21379:21380 ioctl c018620c 80000900 returned -1
[  972.979116][T21380] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  973.002888][T21380] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  973.018468][   T43] usb 4-1: USB disconnect, device number 126
[  973.194845][ T5836] usb 6-1: new high-speed USB device number 89 using dummy_hcd
[  973.355005][ T5836] usb 6-1: Using ep0 maxpacket: 8
[  973.362851][ T5836] usb 6-1: config index 0 descriptor too short (expected 6427, got 27)
[  973.372198][ T5836] usb 6-1: config 0 has an invalid interface number: 21 but max is 0
[  973.383985][ T5836] usb 6-1: config 0 has no interface number 0
[  973.391864][T21394] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  973.398451][ T5836] usb 6-1: config 0 interface 21 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  973.410723][T21394] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  973.425529][ T5836] usb 6-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  973.437205][T21394] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  973.446312][ T5836] usb 6-1: New USB device strings: Mfr=25, Product=1, SerialNumber=0
[  973.455180][T11133] Bluetooth: hci3: command 0x0405 tx timeout
[  973.456247][T21394] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  973.470325][ T5836] usb 6-1: Product: syz
[  973.476120][ T5836] usb 6-1: Manufacturer: syz
[  973.486984][T21394] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  973.498271][T21394] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  973.507806][ T5836] usb 6-1: config 0 descriptor??
[  973.635949][T21394] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  973.641950][T21394] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  973.775750][  T899] zl10353_read_register: readreg error (reg=127, ret==0)
[  973.807143][   T43] usb 6-1: USB disconnect, device number 89
[  974.853220][T21444] netlink: 1347 bytes leftover after parsing attributes in process `syz.5.4027'.
[  975.017903][ T5948] usb 2-1: USB disconnect, device number 10
[  975.744155][T21458] fuse: Bad value for 'fd'
[  977.527903][T21505] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4039'.
[  977.774424][  T899] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  977.850987][T21517] fuse: Bad value for 'rootmode'
[  977.884883][ T5879] usb 4-1: new high-speed USB device number 127 using dummy_hcd
[  977.950133][  T899] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  977.975726][  T899] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  977.985142][ T5836] usb 6-1: new high-speed USB device number 90 using dummy_hcd
[  977.994675][  T899] usb 3-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[  978.008485][  T899] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  978.020369][  T899] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  978.024820][ T5879] usb 4-1: device descriptor read/64, error -71
[  978.029434][  T899] usb 3-1: Product: syz
[  978.039341][  T899] usb 3-1: Manufacturer: syz
[  978.044050][  T899] usb 3-1: SerialNumber: syz
[  978.134311][ T5836] usb 6-1: Using ep0 maxpacket: 16
[  978.141322][ T5836] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  978.153070][ T5836] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  978.163796][ T5836] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  978.177175][ T5836] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  978.188590][ T5836] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  978.200099][ T5836] usb 6-1: config 0 descriptor??
[  978.271797][T21506] netlink: 14 bytes leftover after parsing attributes in process `syz.2.4040'.
[  978.284857][ T5879] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  978.415395][ T5879] usb 4-1: device descriptor read/64, error -71
[  978.435206][T21506] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  978.460837][T21506] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  978.484398][T21506] bond0 (unregistering): (slave netdevsim0): Releasing backup interface
[  978.535474][T21506] bond0 (unregistering): Released all slaves
[  978.536423][ T5879] usb usb4-port1: attempt power cycle
[  978.665374][ T5836] usbhid 6-1:0.0: can't add hid device: -71
[  978.677174][ T5836] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  978.705158][ T5836] usb 6-1: USB disconnect, device number 90
[  978.802142][T21544] FAULT_INJECTION: forcing a failure.
[  978.802142][T21544] name failslab, interval 1, probability 0, space 0, times 0
[  978.817746][T21544] CPU: 1 UID: 0 PID: 21544 Comm: syz.4.4051 Not tainted syzkaller #0 PREEMPT(full) 
[  978.817772][T21544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  978.817784][T21544] Call Trace:
[  978.817791][T21544]  <TASK>
[  978.817803][T21544]  dump_stack_lvl+0x189/0x250
[  978.817832][T21544]  ? __pfx____ratelimit+0x10/0x10
[  978.817856][T21544]  ? __pfx_dump_stack_lvl+0x10/0x10
[  978.817882][T21544]  ? __pfx__printk+0x10/0x10
[  978.817898][T21544]  ? __sock_sendmsg+0x21c/0x270
[  978.817922][T21544]  ? __do_fast_syscall_32+0xb6/0x2b0
[  978.817948][T21544]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  978.817980][T21544]  should_fail_ex+0x414/0x560
[  978.818013][T21544]  should_failslab+0xa8/0x100
[  978.818040][T21544]  kmem_cache_alloc_noprof+0x74/0x6e0
[  978.818067][T21544]  ? skb_clone+0x212/0x3a0
[  978.818093][T21544]  skb_clone+0x212/0x3a0
[  978.818117][T21544]  __netlink_deliver_tap+0x404/0x850
[  978.818158][T21544]  ? netlink_deliver_tap+0x2e/0x1b0
[  978.818189][T21544]  netlink_deliver_tap+0x19c/0x1b0
[  978.818220][T21544]  netlink_sendskb+0x68/0x140
[  978.818248][T21544]  netlink_unicast+0x397/0x9e0
[  978.818272][T21544]  ? __asan_memcpy+0x40/0x70
[  978.818305][T21544]  ? __pfx_netlink_unicast+0x10/0x10
[  978.818341][T21544]  netlink_rcv_skb+0x28c/0x470
[  978.818370][T21544]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  978.818401][T21544]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  978.818441][T21544]  ? netlink_deliver_tap+0x2e/0x1b0
[  978.818477][T21544]  netlink_unicast+0x82f/0x9e0
[  978.818512][T21544]  ? __pfx_netlink_unicast+0x10/0x10
[  978.818541][T21544]  ? netlink_sendmsg+0x642/0xb30
[  978.818557][T21544]  ? skb_put+0x11b/0x210
[  978.818578][T21544]  netlink_sendmsg+0x805/0xb30
[  978.818605][T21544]  ? __pfx_netlink_sendmsg+0x10/0x10
[  978.818627][T21544]  ? __import_iovec+0x5d4/0x7f0
[  978.818655][T21544]  ? aa_sock_msg_perm+0xf1/0x1d0
[  978.818685][T21544]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  978.818709][T21544]  ? __pfx_netlink_sendmsg+0x10/0x10
[  978.818728][T21544]  __sock_sendmsg+0x21c/0x270
[  978.818757][T21544]  ____sys_sendmsg+0x505/0x830
[  978.818783][T21544]  ? __pfx_____sys_sendmsg+0x10/0x10
[  978.818820][T21544]  ___sys_sendmsg+0x21f/0x2a0
[  978.818843][T21544]  ? __pfx____sys_sendmsg+0x10/0x10
[  978.818895][T21544]  ? __fget_files+0x2a/0x420
[  978.818912][T21544]  ? __fget_files+0x3a0/0x420
[  978.818941][T21544]  __sys_sendmsg+0x164/0x220
[  978.818964][T21544]  ? __pfx___sys_sendmsg+0x10/0x10
[  978.818993][T21544]  ? __pfx_ksys_write+0x10/0x10
[  978.819021][T21544]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  978.819048][T21544]  ? lockdep_hardirqs_on+0x9c/0x150
[  978.819073][T21544]  __do_fast_syscall_32+0xb6/0x2b0
[  978.819098][T21544]  ? lockdep_hardirqs_on+0x9c/0x150
[  978.819126][T21544]  do_fast_syscall_32+0x34/0x80
[  978.819150][T21544]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  978.819166][T21544] RIP: 0023:0xf7f52539
[  978.819177][T21544] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  978.819186][T21544] RSP: 002b:00000000f544655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  978.819198][T21544] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280
[  978.819206][T21544] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  978.819212][T21544] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  978.819218][T21544] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  978.819225][T21544] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  978.819241][T21544]  </TASK>
[  978.895140][ T5879] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  979.101703][T21548] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4053'.
[  979.165426][ T5879] usb 4-1: device descriptor read/8, error -71
[  979.167923][T21548] FAULT_INJECTION: forcing a failure.
[  979.167923][T21548] name failslab, interval 1, probability 0, space 0, times 0
[  979.222835][T21548] CPU: 1 UID: 0 PID: 21548 Comm: syz.4.4053 Not tainted syzkaller #0 PREEMPT(full) 
[  979.222867][T21548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  979.222880][T21548] Call Trace:
[  979.222887][T21548]  <TASK>
[  979.222894][T21548]  dump_stack_lvl+0x189/0x250
[  979.222927][T21548]  ? __pfx____ratelimit+0x10/0x10
[  979.222949][T21548]  ? __pfx_dump_stack_lvl+0x10/0x10
[  979.222975][T21548]  ? __pfx__printk+0x10/0x10
[  979.222999][T21548]  ? __pfx___might_resched+0x10/0x10
[  979.223025][T21548]  should_fail_ex+0x414/0x560
[  979.223057][T21548]  should_failslab+0xa8/0x100
[  979.223078][T21548]  kmem_cache_alloc_node_noprof+0x77/0x710
[  979.223104][T21548]  ? __alloc_skb+0x112/0x2d0
[  979.223138][T21548]  __alloc_skb+0x112/0x2d0
[  979.223169][T21548]  netlink_ack+0x146/0xa50
[  979.223195][T21548]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  979.223220][T21548]  ? ref_tracker_free+0x63a/0x7d0
[  979.223238][T21548]  ? __asan_memcpy+0x40/0x70
[  979.223261][T21548]  ? __pfx_ref_tracker_free+0x10/0x10
[  979.223289][T21548]  netlink_rcv_skb+0x28c/0x470
[  979.223316][T21548]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  979.223345][T21548]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  979.223384][T21548]  ? netlink_deliver_tap+0x2e/0x1b0
[  979.223419][T21548]  netlink_unicast+0x82f/0x9e0
[  979.223454][T21548]  ? __pfx_netlink_unicast+0x10/0x10
[  979.223482][T21548]  ? netlink_sendmsg+0x642/0xb30
[  979.223498][T21548]  ? skb_put+0x11b/0x210
[  979.223520][T21548]  netlink_sendmsg+0x805/0xb30
[  979.223548][T21548]  ? __pfx_netlink_sendmsg+0x10/0x10
[  979.223568][T21548]  ? __import_iovec+0x5d4/0x7f0
[  979.223589][T21548]  ? aa_sock_msg_perm+0xf1/0x1d0
[  979.223618][T21548]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  979.223638][T21548]  ? __pfx_netlink_sendmsg+0x10/0x10
[  979.223657][T21548]  __sock_sendmsg+0x21c/0x270
[  979.223686][T21548]  ____sys_sendmsg+0x52d/0x830
[  979.223711][T21548]  ? __pfx_____sys_sendmsg+0x10/0x10
[  979.223747][T21548]  ___sys_sendmsg+0x21f/0x2a0
[  979.223770][T21548]  ? __pfx____sys_sendmsg+0x10/0x10
[  979.223791][T21548]  ? __lock_acquire+0xab9/0xd20
[  979.223846][T21548]  ? __fget_files+0x2a/0x420
[  979.223865][T21548]  ? __fget_files+0x3a0/0x420
[  979.223892][T21548]  __sys_sendmmsg+0x28e/0x430
[  979.223916][T21548]  ? __pfx___sys_sendmmsg+0x10/0x10
[  979.223932][T21548]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  979.223985][T21548]  ? ksys_write+0x22a/0x250
[  979.224011][T21548]  ? exc_page_fault+0x82/0x100
[  979.224034][T21548]  ? __pfx_ksys_write+0x10/0x10
[  979.224068][T21548]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[  979.224092][T21548]  __do_fast_syscall_32+0xb6/0x2b0
[  979.224120][T21548]  ? lockdep_hardirqs_on+0x9c/0x150
[  979.224147][T21548]  do_fast_syscall_32+0x34/0x80
[  979.224172][T21548]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  979.224197][T21548] RIP: 0023:0xf7f52539
[  979.224213][T21548] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  979.224230][T21548] RSP: 002b:00000000f544655c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[  979.224251][T21548] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  979.224265][T21548] RDX: 00000000000001f2 RSI: 0000000000000000 RDI: 0000000000000000
[  979.224277][T21548] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  979.224287][T21548] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  979.224299][T21548] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  979.224328][T21548]  </TASK>
[  979.693682][  T899] usb 3-1: 0:2 : does not exist
[  979.697191][ T5879] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  979.718092][  T899] usb 3-1: USB disconnect, device number 27
[  979.735856][ T5879] usb 4-1: device descriptor read/8, error -71
[  979.750738][T21554] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048)
[  979.799753][ T5946] udevd[5946]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  979.816206][ T5836] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  979.855351][ T5879] usb usb4-port1: unable to enumerate USB device
[  979.953813][T21560] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  979.974935][ T5836] usb 2-1: Using ep0 maxpacket: 32
[  979.992671][ T5836] usb 2-1: config 0 has an invalid interface number: 136 but max is 0
[  980.001883][ T5836] usb 2-1: config 0 has no interface number 0
[  980.032182][ T5836] usb 2-1: config 0 interface 136 altsetting 0 has an endpoint descriptor with address 0xB6, changing to 0x86
[  980.064921][ T5836] usb 2-1: config 0 interface 136 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  980.079790][ T5836] usb 2-1: config 0 interface 136 altsetting 0 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  980.098484][ T5836] usb 2-1: config 0 interface 136 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  980.109998][ T5836] usb 2-1: New USB device found, idVendor=0763, idProduct=1021, bcdDevice=8e.c0
[  980.126868][ T5836] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  980.142901][ T5836] usb 2-1: config 0 descriptor??
[  980.160070][T21565] --map-set only usable from mangle table
[  980.163734][ T5836] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  980.258810][T21569] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  980.366595][T21550] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  980.383816][T21550] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  980.398877][T21550] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  980.410049][T21575] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  980.419873][T21550] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  980.431080][T21575] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  980.441500][ T5836] usb 2-1: USB disconnect, device number 11
[  980.734939][ T5879] usb 6-1: new high-speed USB device number 91 using dummy_hcd
[  981.054887][ T5836] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  981.094828][ T5879] usb 6-1: Using ep0 maxpacket: 8
[  981.123677][ T5879] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  981.164785][ T5879] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  981.176676][ T5879] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  981.187412][ T5879] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  981.201146][ T5879] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  981.211231][ T5879] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  981.234590][ T5836] usb 4-1: Using ep0 maxpacket: 8
[  981.246381][ T5836] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7
[  981.259443][ T5836] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  981.269739][ T5836] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  981.278466][ T5836] usb 4-1: Product: syz
[  981.282721][ T5836] usb 4-1: Manufacturer: syz
[  981.287938][ T5836] usb 4-1: SerialNumber: syz
[  981.508461][T21579] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  981.531649][T21579] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  981.595454][ T5836] usb 4-1: palm_os_3_probe - error -71 getting connection information
[  981.625079][ T5836] visor 4-1:1.0: probe with driver visor failed with error -71
[  981.643764][T21600] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4072'.
[  981.655704][T21600] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4072'.
[  981.733840][ T5836] usb 4-1: USB disconnect, device number 5
[  981.749212][ T5879] usb 6-1: GET_CAPABILITIES returned 0
[  981.790358][T21603] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  981.836219][ T5879] usbtmc 6-1:16.0: can't read capabilities
[  982.014786][  T899] usb 6-1: USB disconnect, device number 91
[  985.235353][T21668] FAULT_INJECTION: forcing a failure.
[  985.235353][T21668] name failslab, interval 1, probability 0, space 0, times 0
[  985.278781][T21668] CPU: 0 UID: 0 PID: 21668 Comm: syz.1.4086 Not tainted syzkaller #0 PREEMPT(full) 
[  985.278809][T21668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  985.278821][T21668] Call Trace:
[  985.278830][T21668]  <TASK>
[  985.278839][T21668]  dump_stack_lvl+0x189/0x250
[  985.278870][T21668]  ? __pfx____ratelimit+0x10/0x10
[  985.278894][T21668]  ? __pfx_dump_stack_lvl+0x10/0x10
[  985.278921][T21668]  ? __pfx__printk+0x10/0x10
[  985.278946][T21668]  ? __pfx___might_resched+0x10/0x10
[  985.278967][T21668]  ? fs_reclaim_acquire+0x7d/0x100
[  985.279002][T21668]  should_fail_ex+0x414/0x560
[  985.279036][T21668]  should_failslab+0xa8/0x100
[  985.279058][T21668]  __kvmalloc_node_noprof+0x158/0x910
[  985.279089][T21668]  ? xt_alloc_table_info+0x40/0xb0
[  985.279121][T21668]  xt_alloc_table_info+0x40/0xb0
[  985.279144][T21668]  do_ip6t_set_ctl+0x8ea/0xce0
[  985.279174][T21668]  ? rcu_is_watching+0x15/0xb0
[  985.279195][T21668]  ? trace_contention_end+0x39/0x120
[  985.279217][T21668]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  985.279251][T21668]  ? nf_setsockopt+0x221/0x290
[  985.279279][T21668]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  985.279304][T21668]  ? __lock_acquire+0xab9/0xd20
[  985.279338][T21668]  ? __pfx_aa_sk_perm+0x10/0x10
[  985.279370][T21668]  nf_setsockopt+0x26f/0x290
[  985.279401][T21668]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  985.279430][T21668]  do_sock_setsockopt+0x17c/0x1b0
[  985.279455][T21668]  __ia32_sys_setsockopt+0x13f/0x1b0
[  985.279481][T21668]  __do_fast_syscall_32+0xb6/0x2b0
[  985.279507][T21668]  ? lockdep_hardirqs_on+0x9c/0x150
[  985.279536][T21668]  do_fast_syscall_32+0x34/0x80
[  985.279562][T21668]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  985.279586][T21668] RIP: 0023:0xf7f24539
[  985.279603][T21668] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  985.279622][T21668] RSP: 002b:00000000f541655c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[  985.279645][T21668] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[  985.279659][T21668] RDX: 0000000000000040 RSI: 0000000080000480 RDI: 00000000000003f8
[  985.279673][T21668] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  985.279685][T21668] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  985.279698][T21668] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  985.279727][T21668]  </TASK>
[  985.521014][    C0] vkms_vblank_simulate: vblank timer overrun
[  986.160116][T21694] FAULT_INJECTION: forcing a failure.
[  986.160116][T21694] name failslab, interval 1, probability 0, space 0, times 0
[  986.174770][T21694] CPU: 0 UID: 0 PID: 21694 Comm: syz.4.4092 Not tainted syzkaller #0 PREEMPT(full) 
[  986.174794][T21694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  986.174806][T21694] Call Trace:
[  986.174814][T21694]  <TASK>
[  986.174822][T21694]  dump_stack_lvl+0x189/0x250
[  986.174853][T21694]  ? __pfx____ratelimit+0x10/0x10
[  986.174877][T21694]  ? __pfx_dump_stack_lvl+0x10/0x10
[  986.174901][T21694]  ? __pfx__printk+0x10/0x10
[  986.174927][T21694]  ? __pfx___might_resched+0x10/0x10
[  986.174945][T21694]  ? fs_reclaim_acquire+0x7d/0x100
[  986.174979][T21694]  should_fail_ex+0x414/0x560
[  986.175013][T21694]  should_failslab+0xa8/0x100
[  986.175035][T21694]  __kvmalloc_node_noprof+0x158/0x910
[  986.175066][T21694]  ? alloc_netdev_mqs+0xa6/0x11b0
[  986.175097][T21694]  alloc_netdev_mqs+0xa6/0x11b0
[  986.175116][T21694]  ? __pfx_ipvlan_link_setup+0x10/0x10
[  986.175142][T21694]  rtnl_create_link+0x31f/0xd10
[  986.175173][T21694]  rtnl_newlink_create+0x25c/0xb00
[  986.175198][T21694]  ? __lock_acquire+0xab9/0xd20
[  986.175222][T21694]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  986.175244][T21694]  ? __pfx___mutex_lock+0x10/0x10
[  986.175281][T21694]  ? ns_capable+0x8a/0xf0
[  986.175306][T21694]  rtnl_newlink+0x16e4/0x1c80
[  986.175336][T21694]  ? netlink_deliver_tap+0x19c/0x1b0
[  986.175385][T21694]  ? __pfx_rtnl_newlink+0x10/0x10
[  986.175438][T21694]  ? kasan_quarantine_put+0xdd/0x220
[  986.175464][T21694]  ? lockdep_hardirqs_on+0x9c/0x150
[  986.175494][T21694]  ? nlmon_xmit+0xb0/0x100
[  986.175516][T21694]  ? kmem_cache_free+0x19b/0x690
[  986.175553][T21694]  ? __local_bh_enable_ip+0x12d/0x1c0
[  986.175575][T21694]  ? lockdep_hardirqs_on+0x9c/0x150
[  986.175600][T21694]  ? __local_bh_enable_ip+0x12d/0x1c0
[  986.175622][T21694]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  986.175647][T21694]  ? __dev_queue_xmit+0x27b/0x3b50
[  986.175669][T21694]  ? __dev_queue_xmit+0x27b/0x3b50
[  986.175690][T21694]  ? __dev_queue_xmit+0x27b/0x3b50
[  986.175713][T21694]  ? __dev_queue_xmit+0x1d79/0x3b50
[  986.175733][T21694]  ? kasan_save_track+0x3e/0x80
[  986.175759][T21694]  ? __kasan_slab_alloc+0x6c/0x80
[  986.175791][T21694]  ? __lock_acquire+0xab9/0xd20
[  986.175836][T21694]  ? __pfx_rtnl_newlink+0x10/0x10
[  986.175864][T21694]  rtnetlink_rcv_msg+0x7cf/0xb70
[  986.175896][T21694]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  986.175922][T21694]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  986.175948][T21694]  ? ref_tracker_free+0x63a/0x7d0
[  986.175968][T21694]  ? __asan_memcpy+0x40/0x70
[  986.175993][T21694]  ? __pfx_ref_tracker_free+0x10/0x10
[  986.176022][T21694]  netlink_rcv_skb+0x208/0x470
[  986.176053][T21694]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  986.176083][T21694]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  986.176119][T21694]  ? netlink_deliver_tap+0x2e/0x1b0
[  986.176149][T21694]  netlink_unicast+0x82f/0x9e0
[  986.176185][T21694]  ? __pfx_netlink_unicast+0x10/0x10
[  986.176214][T21694]  ? netlink_sendmsg+0x642/0xb30
[  986.176231][T21694]  ? skb_put+0x11b/0x210
[  986.176253][T21694]  netlink_sendmsg+0x805/0xb30
[  986.176282][T21694]  ? __pfx_netlink_sendmsg+0x10/0x10
[  986.176303][T21694]  ? __import_iovec+0x5d4/0x7f0
[  986.176324][T21694]  ? aa_sock_msg_perm+0xf1/0x1d0
[  986.176359][T21694]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  986.176380][T21694]  ? __pfx_netlink_sendmsg+0x10/0x10
[  986.176398][T21694]  __sock_sendmsg+0x21c/0x270
[  986.176424][T21694]  ____sys_sendmsg+0x505/0x830
[  986.176450][T21694]  ? __pfx_____sys_sendmsg+0x10/0x10
[  986.176486][T21694]  ___sys_sendmsg+0x21f/0x2a0
[  986.176508][T21694]  ? __pfx____sys_sendmsg+0x10/0x10
[  986.176558][T21694]  ? __fget_files+0x2a/0x420
[  986.176574][T21694]  ? __fget_files+0x3a0/0x420
[  986.176602][T21694]  __sys_sendmsg+0x164/0x220
[  986.176622][T21694]  ? __pfx___sys_sendmsg+0x10/0x10
[  986.176647][T21694]  ? __pfx_ksys_write+0x10/0x10
[  986.176675][T21694]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  986.176702][T21694]  ? lockdep_hardirqs_on+0x9c/0x150
[  986.176728][T21694]  __do_fast_syscall_32+0xb6/0x2b0
[  986.176755][T21694]  ? lockdep_hardirqs_on+0x9c/0x150
[  986.176780][T21694]  do_fast_syscall_32+0x34/0x80
[  986.176805][T21694]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  986.176827][T21694] RIP: 0023:0xf7f52539
[  986.176844][T21694] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  986.176861][T21694] RSP: 002b:00000000f544655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  986.176880][T21694] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280
[  986.176893][T21694] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  986.176903][T21694] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  986.176915][T21694] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  986.176926][T21694] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  986.176955][T21694]  </TASK>
[  986.651113][    C0] vkms_vblank_simulate: vblank timer overrun
[  987.135471][   T10] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  987.284840][   T10] usb 4-1: Using ep0 maxpacket: 8
[  987.292548][   T10] usb 4-1: unable to get BOS descriptor or descriptor too short
[  987.293534][   T10] usb 4-1: config 4 interface 0 has no altsetting 0
[  987.316629][  T899] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  987.332369][   T10] usb 4-1: string descriptor 0 read error: -22
[  987.354885][   T10] usb 4-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  987.354916][   T10] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[  987.382295][   T10] usb 4-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  987.389838][   T10] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  987.390373][   T10] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  987.390421][   T10] usb 4-1: media controller created
[  987.440299][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  987.453527][T21710] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4098'.
[  987.500405][  T899] usb 3-1: Using ep0 maxpacket: 32
[  987.510944][  T899] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 28
[  987.513285][  T899] usb 3-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  987.513302][  T899] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  987.513314][  T899] usb 3-1: Product: syz
[  987.513322][  T899] usb 3-1: Manufacturer: syz
[  987.513331][  T899] usb 3-1: SerialNumber: syz
[  987.515673][  T899] usb 3-1: config 0 descriptor??
[  987.639793][   T30] kauditd_printk_skb: 25 callbacks suppressed
[  987.639810][   T30] audit: type=1326 audit(1761414586.733:1455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21699 comm="syz.3.4093" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fa6539 code=0x0
[  987.918636][T21717] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048)
[  987.927901][T21703] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  987.941083][T21703] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  987.951911][  T899] airspy 3-1:0.0: Board ID: 00
[  987.956916][  T899] airspy 3-1:0.0: Firmware version: 
[  988.389383][  T899] airspy 3-1:0.0: usb_control_msg() failed -71 request 0e
[  988.437951][  T899] airspy 3-1:0.0: Registered as swradio24
[  988.446565][  T899] airspy 3-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  988.484442][  T899] usb 3-1: USB disconnect, device number 28
[  988.717352][   T10] zl10353_read_register: readreg error (reg=127, ret==0)
[  989.600297][T21746] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4109'.
[  989.610711][T21746] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4109'.
[  989.837905][T21753] tipc: Started in network mode
[  989.842773][T21753] tipc: Node identity 7f000001, cluster identity 4711
[  989.851995][T21753] tipc: Enabled bearer <udp:syz2>, priority 10
[  989.953662][T16273] usb 4-1: USB disconnect, device number 6
[  990.401531][T21761] FAULT_INJECTION: forcing a failure.
[  990.401531][T21761] name failslab, interval 1, probability 0, space 0, times 0
[  990.450960][T16273] usb 4-1: new low-speed USB device number 7 using dummy_hcd
[  990.470374][T21761] CPU: 1 UID: 0 PID: 21761 Comm: syz.4.4114 Not tainted syzkaller #0 PREEMPT(full) 
[  990.470400][T21761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  990.470415][T21761] Call Trace:
[  990.470424][T21761]  <TASK>
[  990.470433][T21761]  dump_stack_lvl+0x189/0x250
[  990.470464][T21761]  ? __pfx____ratelimit+0x10/0x10
[  990.470489][T21761]  ? __pfx_dump_stack_lvl+0x10/0x10
[  990.470515][T21761]  ? __pfx__printk+0x10/0x10
[  990.470542][T21761]  ? __pfx___might_resched+0x10/0x10
[  990.470563][T21761]  ? fs_reclaim_acquire+0x7d/0x100
[  990.470594][T21761]  should_fail_ex+0x414/0x560
[  990.470628][T21761]  should_failslab+0xa8/0x100
[  990.470651][T21761]  kmem_cache_alloc_noprof+0x74/0x6e0
[  990.470678][T21761]  ? _sctp_make_chunk+0x14e/0x430
[  990.470703][T21761]  ? skb_put+0x11b/0x210
[  990.470726][T21761]  _sctp_make_chunk+0x14e/0x430
[  990.470758][T21761]  sctp_make_datafrag_empty+0x122/0x230
[  990.470788][T21761]  ? __pfx_sctp_make_datafrag_empty+0x10/0x10
[  990.470817][T21761]  ? sctp_auth_send_cid+0x69/0x250
[  990.470847][T21761]  sctp_datamsg_from_user+0x729/0xef0
[  990.470892][T21761]  sctp_sendmsg_to_asoc+0xffe/0x1810
[  990.470921][T21761]  ? __asan_memcpy+0x40/0x70
[  990.470953][T21761]  ? sctp_assoc_add_peer+0xcfa/0x13b0
[  990.470987][T21761]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  990.471017][T21761]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  990.471049][T21761]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  990.471086][T21761]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  990.471114][T21761]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  990.471145][T21761]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  990.471166][T21761]  ? security_sctp_bind_connect+0x7e/0x2e0
[  990.471194][T21761]  sctp_sendmsg+0x1941/0x2810
[  990.471235][T21761]  ? __pfx_sctp_sendmsg+0x10/0x10
[  990.471267][T21761]  ? aa_sk_perm+0x81e/0x950
[  990.471299][T21761]  ? __pfx_aa_sk_perm+0x10/0x10
[  990.471329][T21761]  ? sock_rps_record_flow+0x19/0x410
[  990.471361][T21761]  ? inet_sendmsg+0x2f4/0x370
[  990.471387][T21761]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  990.471410][T21761]  __sock_sendmsg+0x19c/0x270
[  990.471439][T21761]  ____sys_sendmsg+0x505/0x830
[  990.471465][T21761]  ? __pfx_____sys_sendmsg+0x10/0x10
[  990.471501][T21761]  ___sys_sendmsg+0x21f/0x2a0
[  990.471523][T21761]  ? __pfx____sys_sendmsg+0x10/0x10
[  990.471580][T21761]  ? __fget_files+0x2a/0x420
[  990.471598][T21761]  ? __fget_files+0x3a0/0x420
[  990.471628][T21761]  __sys_sendmsg+0x164/0x220
[  990.471651][T21761]  ? __pfx___sys_sendmsg+0x10/0x10
[  990.471682][T21761]  ? __pfx_ksys_write+0x10/0x10
[  990.471713][T21761]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  990.471755][T21761]  ? lockdep_hardirqs_on+0x9c/0x150
[  990.471784][T21761]  __do_fast_syscall_32+0xb6/0x2b0
[  990.471812][T21761]  ? lockdep_hardirqs_on+0x9c/0x150
[  990.471841][T21761]  do_fast_syscall_32+0x34/0x80
[  990.471867][T21761]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  990.471891][T21761] RIP: 0023:0xf7f52539
[  990.471908][T21761] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  990.471925][T21761] RSP: 002b:00000000f544655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  990.471947][T21761] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000700
[  990.471961][T21761] RDX: 000000002000c8d0 RSI: 0000000000000000 RDI: 0000000000000000
[  990.471975][T21761] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  990.471987][T21761] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  990.471999][T21761] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  990.472029][T21761]  </TASK>
[  990.924344][T16273] usb 4-1: device descriptor read/64, error -71
[  990.979964][ T5948] tipc: Node number set to 2130706433
[  991.165296][T16273] usb 4-1: new low-speed USB device number 8 using dummy_hcd
[  991.193321][T21773] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4118'.
[  991.211149][T21773] netlink: 7 bytes leftover after parsing attributes in process `syz.1.4118'.
[  991.314346][T16273] usb 4-1: device descriptor read/64, error -71
[  991.439758][T16273] usb usb4-port1: attempt power cycle
[  991.794926][T16273] usb 4-1: new low-speed USB device number 9 using dummy_hcd
[  991.855896][T16273] usb 4-1: device descriptor read/8, error -71
[  992.066081][T21801] FAULT_INJECTION: forcing a failure.
[  992.066081][T21801] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  992.092985][T21801] CPU: 1 UID: 0 PID: 21801 Comm: syz.5.4127 Not tainted syzkaller #0 PREEMPT(full) 
[  992.093012][T21801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  992.093025][T21801] Call Trace:
[  992.093034][T21801]  <TASK>
[  992.093043][T21801]  dump_stack_lvl+0x189/0x250
[  992.093075][T21801]  ? __pfx____ratelimit+0x10/0x10
[  992.093099][T21801]  ? __pfx_dump_stack_lvl+0x10/0x10
[  992.093126][T21801]  ? __pfx__printk+0x10/0x10
[  992.093147][T21801]  ? __might_fault+0xb0/0x130
[  992.093184][T21801]  should_fail_ex+0x414/0x560
[  992.093217][T21801]  _copy_from_iter+0x1de/0x1790
[  992.093245][T21801]  ? rcu_is_watching+0x15/0xb0
[  992.093271][T21801]  ? kmalloc_reserve+0xbd/0x290
[  992.093301][T21801]  ? __pfx__copy_from_iter+0x10/0x10
[  992.093325][T21801]  ? __build_skb_around+0x262/0x3f0
[  992.093356][T21801]  ? netlink_sendmsg+0x642/0xb30
[  992.093373][T21801]  ? skb_put+0x11b/0x210
[  992.093394][T21801]  netlink_sendmsg+0x6b2/0xb30
[  992.093422][T21801]  ? __pfx_netlink_sendmsg+0x10/0x10
[  992.093443][T21801]  ? __import_iovec+0x5d4/0x7f0
[  992.093464][T21801]  ? aa_sock_msg_perm+0xf1/0x1d0
[  992.093493][T21801]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  992.093512][T21801]  ? __pfx_netlink_sendmsg+0x10/0x10
[  992.093531][T21801]  __sock_sendmsg+0x21c/0x270
[  992.093559][T21801]  ____sys_sendmsg+0x505/0x830
[  992.093585][T21801]  ? __pfx_____sys_sendmsg+0x10/0x10
[  992.093620][T21801]  ___sys_sendmsg+0x21f/0x2a0
[  992.093642][T21801]  ? __pfx____sys_sendmsg+0x10/0x10
[  992.093697][T21801]  ? __fget_files+0x2a/0x420
[  992.093715][T21801]  ? __fget_files+0x3a0/0x420
[  992.093743][T21801]  __sys_sendmsg+0x164/0x220
[  992.093766][T21801]  ? __pfx___sys_sendmsg+0x10/0x10
[  992.093794][T21801]  ? __pfx_ksys_write+0x10/0x10
[  992.093824][T21801]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  992.093852][T21801]  ? lockdep_hardirqs_on+0x9c/0x150
[  992.093880][T21801]  __do_fast_syscall_32+0xb6/0x2b0
[  992.093907][T21801]  ? lockdep_hardirqs_on+0x9c/0x150
[  992.093935][T21801]  do_fast_syscall_32+0x34/0x80
[  992.093961][T21801]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  992.093984][T21801] RIP: 0023:0xf7ff6539
[  992.094001][T21801] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  992.094020][T21801] RSP: 002b:00000000f54e655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  992.094042][T21801] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240
[  992.094057][T21801] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  992.094069][T21801] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  992.094082][T21801] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  992.094094][T21801] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  992.094124][T21801]  </TASK>
[  992.484479][T16273] usb 4-1: new low-speed USB device number 10 using dummy_hcd
[  992.516347][T16273] usb 4-1: device descriptor read/8, error -71
[  992.624748][T16273] usb usb4-port1: unable to enumerate USB device
[  992.717380][T21810] input: syz0 as /devices/virtual/input/input135
[  992.907223][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  992.913633][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  992.986296][T16273] usb 6-1: new high-speed USB device number 92 using dummy_hcd
[  992.986331][T21805] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4129'.
[  993.144369][T16273] usb 6-1: Using ep0 maxpacket: 8
[  993.151542][T16273] usb 6-1: unable to read config index 0 descriptor/start: -61
[  993.160573][T16273] usb 6-1: can't read configurations, error -61
[  993.254571][ T5836] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  993.294510][T16273] usb 6-1: new high-speed USB device number 93 using dummy_hcd
[  993.404782][ T5836] usb 3-1: Using ep0 maxpacket: 16
[  993.410428][ T5836] usb 3-1: no configurations
[  993.415744][ T5836] usb 3-1: can't read configurations, error -22
[  993.457559][T16273] usb 6-1: Using ep0 maxpacket: 8
[  993.465142][T16273] usb 6-1: unable to read config index 0 descriptor/start: -61
[  993.472817][T16273] usb 6-1: can't read configurations, error -61
[  993.479624][T16273] usb usb6-port1: attempt power cycle
[  993.544584][ T5836] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  993.694606][ T5836] usb 3-1: Using ep0 maxpacket: 16
[  993.700466][ T5836] usb 3-1: no configurations
[  993.705600][ T5836] usb 3-1: can't read configurations, error -22
[  993.713274][ T5836] usb usb3-port1: attempt power cycle
[  993.834349][T16273] usb 6-1: new high-speed USB device number 94 using dummy_hcd
[  993.855962][T16273] usb 6-1: Using ep0 maxpacket: 8
[  993.862946][T16273] usb 6-1: unable to read config index 0 descriptor/start: -61
[  993.871230][T16273] usb 6-1: can't read configurations, error -61
[  993.884644][ T5879] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  994.013595][T16273] usb 6-1: new high-speed USB device number 95 using dummy_hcd
[  994.027108][ T5879] usb 2-1: device descriptor read/64, error -71
[  994.055594][T16273] usb 6-1: Using ep0 maxpacket: 8
[  994.060588][ T5836] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  994.103206][T21827] netlink: 'syz.3.4136': attribute type 1 has an invalid length.
[  994.124882][ T5836] usb 3-1: Using ep0 maxpacket: 16
[  994.132659][ T5836] usb 3-1: no configurations
[  994.133083][T16273] usb 6-1: unable to read config index 0 descriptor/start: -61
[  994.139223][ T5836] usb 3-1: can't read configurations, error -22
[  994.164341][T16273] usb 6-1: can't read configurations, error -61
[  994.178611][T16273] usb usb6-port1: unable to enumerate USB device
[  994.185742][T21827] bond1: entered promiscuous mode
[  994.190811][T21827] bond1: entered allmulticast mode
[  994.197313][T21827] 8021q: adding VLAN 0 to HW filter on device bond1
[  994.237701][T21827] vlan2: entered allmulticast mode
[  994.275006][ T5879] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  994.282699][ T5836] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  994.283296][T21833] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  994.305892][ T5836] usb 3-1: Using ep0 maxpacket: 16
[  994.311910][ T5836] usb 3-1: no configurations
[  994.319021][ T5836] usb 3-1: can't read configurations, error -22
[  994.327304][ T5836] usb usb3-port1: unable to enumerate USB device
[  994.426016][ T5879] usb 2-1: device descriptor read/64, error -71
[  994.535124][ T5879] usb usb2-port1: attempt power cycle
[  994.894100][ T5879] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  994.939468][T21843] macsec1: entered promiscuous mode
[  994.950684][ T5879] usb 2-1: device descriptor read/8, error -71
[  994.959602][T21843] macvlan0: entered promiscuous mode
[  994.976173][T21843] macvlan0: left promiscuous mode
[  995.137853][T21845] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4142'.
[  995.214760][ T5879] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  995.256370][ T5879] usb 2-1: device descriptor read/8, error -71
[  995.376411][ T5879] usb usb2-port1: unable to enumerate USB device
[  995.866200][T21862] binder: 21860:21862 ioctl c0306201 0 returned -14
[  995.877762][T21862] binder: 21860:21862 ioctl c0306201 0 returned -14
[  996.181559][T21869] input: syz0 as /devices/virtual/input/input136
[  996.415529][T21867] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4149'.
[  996.953193][T21885] binder: 21880:21885 ioctl 40044591 0 returned -22
[  997.068348][T16273] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  997.257383][T16273] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  997.280911][T16273] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  997.305725][T16273] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  997.324904][T16273] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  997.341602][T16273] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  997.351559][T16273] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  997.388800][T16273] usb 2-1: Manufacturer: syz
[  997.401264][T16273] usb 2-1: config 0 descriptor??
[  997.845343][T16273] appleir 0003:05AC:8243.0029: unknown main item tag 0x0
[  997.868235][T16273] appleir 0003:05AC:8243.0029: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  998.036573][ T5922] dvb-usb: did not find the firmware file 'dvb-usb-az6027-03.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  998.052639][ T5922] dvb_usb_az6027 5-1:0.0: probe with driver dvb_usb_az6027 failed with error -110
[  998.066088][ T5922] usb 5-1: USB disconnect, device number 102
[  998.082836][T21904] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4160'.
[  998.098902][T21904] veth1: entered promiscuous mode
[  998.106723][T21904] veth1: left promiscuous mode
[  998.395993][ T5922] usb 5-1: new high-speed USB device number 103 using dummy_hcd
[  998.433041][T21912] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  998.443019][T21912] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  998.554342][ T5922] usb 5-1: Using ep0 maxpacket: 8
[  998.563650][ T5922] usb 5-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  998.572952][ T5922] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  998.581622][ T5922] usb 5-1: Product: syz
[  998.586020][ T5922] usb 5-1: Manufacturer: syz
[  998.590635][ T5922] usb 5-1: SerialNumber: syz
[  998.598162][ T5922] usb 5-1: config 0 descriptor??
[  998.610424][ T5922] gspca_main: sq905-2.14.0 probing 2770:9120
[  998.674414][T16273] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  998.822559][T21877] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4152'.
[  998.858568][T21877] netlink: 6 bytes leftover after parsing attributes in process `syz.4.4152'.
[  999.137638][ T5922] gspca_sq905: sq905_command: usb_control_msg failed (-110)
[  999.145928][ T5922] sq905 5-1:0.0: probe with driver sq905 failed with error -110
[  999.285272][ T5879] usb 2-1: reset high-speed USB device number 16 using dummy_hcd
[  999.424848][ T5879] usb 2-1: device descriptor read/64, error -32
[  999.684833][ T5879] usb 2-1: reset high-speed USB device number 16 using dummy_hcd
[  999.844468][ T5879] usb 2-1: device descriptor read/64, error -32
[  999.854354][ T5922] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1000.028633][   T10] usb 5-1: USB disconnect, device number 103
[ 1000.044838][ T5922] usb 4-1: Using ep0 maxpacket: 32
[ 1000.077404][ T5922] usb 4-1: config 0 has an invalid interface number: 12 but max is 0
[ 1000.124907][ T5879] usb 2-1: reset high-speed USB device number 16 using dummy_hcd
[ 1000.136614][ T5922] usb 4-1: config 0 has no interface number 0
[ 1000.153117][ T5922] usb 4-1: config 0 interface 12 has no altsetting 0
[ 1000.164663][ T5879] usb 2-1: device descriptor read/8, error -32
[ 1000.182373][ T5922] usb 4-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[ 1000.238333][ T5922] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1000.302438][ T5922] usb 4-1: Product: syz
[ 1000.327453][ T5922] usb 4-1: Manufacturer: syz
[ 1000.370902][ T5922] usb 4-1: SerialNumber: syz
[ 1000.414689][ T5879] usb 2-1: reset high-speed USB device number 16 using dummy_hcd
[ 1000.443330][ T5922] usb 4-1: config 0 descriptor??
[ 1000.455143][ T5879] usb 2-1: device descriptor read/8, error -32
[ 1000.553292][T21906] raw-gadget.0 gadget.1: failed to queue suspend event
[ 1000.613117][T21906] raw-gadget.0 gadget.1: failed to queue disconnect event
[ 1000.661252][ T5836] usb 2-1: USB disconnect, device number 16
[ 1000.872783][ T5922] f81534 4-1:0.12: f81534_set_register: reg: 1003 data: e0 failed: -71
[ 1000.934332][ T5922] f81534 4-1:0.12: f81534_find_config_idx: read failed: -71
[ 1000.974320][ T5922] f81534 4-1:0.12: f81534_calc_num_ports: find idx failed: -71
[ 1001.007738][ T5922] f81534 4-1:0.12: probe with driver f81534 failed with error -71
[ 1001.072262][ T5922] usb 4-1: USB disconnect, device number 11
[ 1001.103815][T21934] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4167'.
[ 1001.126281][T21933] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1001.315722][T21938] netlink: 148 bytes leftover after parsing attributes in process `syz.4.4170'.
[ 1001.954568][ T5836] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[ 1002.078184][T21951] binder: 21948:21951 ioctl c0306201 0 returned -14
[ 1002.107554][T21951] binder: 21948:21951 ioctl c0306201 0 returned -14
[ 1002.146291][ T5836] usb 2-1: Using ep0 maxpacket: 8
[ 1002.290929][ T5836] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1002.302793][ T5836] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1002.314955][ T5836] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1002.325370][ T5836] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1002.361586][ T5836] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1002.471934][ T5836] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1002.740595][T21971] IPVS: set_ctl: invalid protocol: 0 127.0.0.1:20001
[ 1002.767167][T21971] IPv6: Can't replace route, no match found
[ 1002.776060][T21970] input: syz0 as /devices/virtual/input/input138
[ 1003.069785][T21970] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4176'.
[ 1003.264350][T21968] page: refcount:2 mapcount:0 mapping:ffff8880229f4d80 index:0x2020 pfn:0x6b620
[ 1003.382381][T21968] memcg:ffff88805ac4db00
[ 1003.414581][T21968] aops:def_blk_aops ino:fa00000
[ 1003.434842][T21968] flags: 0xfff60000000039(locked|uptodate|dirty|lru|node=0|zone=1|lastcpupid=0x7ff)
[ 1003.548036][T21968] raw: 00fff60000000039 ffffea0001ad8008 ffff88801c6c6e20 ffff8880229f4d80
[ 1003.632274][T21968] raw: 0000000000002020 0000000000000000 00000002ffffffff ffff88805ac4db00
[ 1003.681782][T21968] page dumped because: VM_BUG_ON_FOLIO(!folio_contains(folio, index))
[ 1003.731109][T21968] page_owner tracks the page as allocated
[ 1003.773800][T21968] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152c00(GFP_NOIO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 21967, tgid 21967 (syz.5.4176), ts 1003115520767, free_ts 998307466325
[ 1003.875902][ T5836] usb 2-1: GET_CAPABILITIES returned 0
[ 1003.931576][T21968]  post_alloc_hook+0x240/0x2a0
[ 1003.959507][ T5836] usbtmc 2-1:16.0: can't read capabilities
[ 1003.999126][T21968]  get_page_from_freelist+0x2365/0x2440
[ 1004.036615][ T5836] usb 2-1: USB disconnect, device number 17
[ 1004.064511][T21968]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1004.134594][T21968]  alloc_pages_mpol+0x232/0x4a0
[ 1004.148409][T21968]  alloc_pages_noprof+0xa9/0x190
[ 1004.219788][T21968]  folio_alloc_noprof+0x1e/0x30
[ 1004.264173][T21968]  filemap_alloc_folio_noprof+0xdf/0x470
[ 1004.292839][T21968]  page_cache_ra_order+0x55b/0xe70
[ 1004.327584][T21968]  do_sync_mmap_readahead+0x25e/0x7a0
[ 1004.392035][T21968]  filemap_fault+0x6b9/0x12b0
[ 1004.507242][T21968]  __do_fault+0x138/0x390
[ 1004.576130][T21968]  __handle_mm_fault+0x1847/0x5400
[ 1004.581291][T21968]  handle_mm_fault+0x40a/0x8e0
[ 1004.598590][T21968]  do_user_addr_fault+0xa7c/0x1380
[ 1004.603853][T21985] openvswitch: netlink: Flow key attribute not present in set flow.
[ 1004.615662][T21968]  exc_page_fault+0x82/0x100
[ 1004.620877][T21968]  asm_exc_page_fault+0x26/0x30
[ 1004.684114][T21968] page last free pid 15245 tgid 15245 stack trace:
[ 1004.704925][T21968]  free_unref_folios+0xdb3/0x14f0
[ 1004.710020][T21968]  folios_put_refs+0x584/0x670
[ 1004.715897][T21968]  release_pages+0x4b4/0x520
[ 1004.720517][T21968]  io_free_region+0xb4/0x270
[ 1004.754808][T21968]  io_ring_ctx_free+0x287/0x4e0
[ 1004.792459][T21968]  io_ring_exit_work+0x8c4/0x930
[ 1004.866698][T21968]  process_scheduled_works+0xae1/0x17b0
[ 1004.905594][T21968]  worker_thread+0x8a0/0xda0
[ 1004.910448][T21968]  kthread+0x711/0x8a0
[ 1004.915137][T21968]  ret_from_fork+0x4bc/0x870
[ 1004.919895][T21968]  ret_from_fork_asm+0x1a/0x30
[ 1004.925935][T21968] ------------[ cut here ]------------
[ 1004.931425][T21968] kernel BUG at mm/filemap.c:3519!
[ 1004.937520][T21968] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[ 1004.943755][T21968] CPU: 0 UID: 0 PID: 21968 Comm: syz.5.4176 Not tainted syzkaller #0 PREEMPT(full) 
[ 1004.953100][T21968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1004.963135][T21968] RIP: 0010:filemap_fault+0x122c/0x12b0
[ 1004.968664][T21968] Code: 38 c1 0f 8c 8e fc ff ff 4c 89 e7 e8 8e d8 2c 00 e9 81 fc ff ff e8 94 23 c7 ff 48 89 df 48 c7 c6 60 5b 74 8b e8 b5 0d 2f ff 90 <0f> 0b e8 7d 23 c7 ff 48 8b 3c 24 48 c7 c6 e0 61 74 8b e8 9d 0d 2f
[ 1004.988251][T21968] RSP: 0018:ffffc9000ce9f6e0 EFLAGS: 00010246
[ 1004.994308][T21968] RAX: 57ef0cf34c40f000 RBX: ffffea0001ad8800 RCX: 0000000000000000
[ 1005.002277][T21968] RDX: 0000000000000000 RSI: ffffffff8d70bf39 RDI: 00000000ffffffff
[ 1005.010228][T21968] RBP: ffffc9000ce9f818 R08: ffffffff8f7cd277 R09: 1ffffffff1ef9a4e
[ 1005.018180][T21968] R10: dffffc0000000000 R11: fffffbfff1ef9a4f R12: dffffc0000000000
[ 1005.026134][T21968] R13: 1ffffd400035b101 R14: ffffea0001ad8818 R15: ffffea0001ad8808
[ 1005.034083][T21968] FS:  0000000000000000(0000) GS:ffff88812613e000(0063) knlGS:00000000f54e6b40
[ 1005.042991][T21968] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 1005.049553][T21968] CR2: 00000000f7123c90 CR3: 0000000066e60000 CR4: 00000000003526f0
[ 1005.057506][T21968] Call Trace:
[ 1005.060765][T21968]  <TASK>
[ 1005.063678][T21968]  ? __pfx_filemap_fault+0x10/0x10
[ 1005.068773][T21968]  __do_fault+0x138/0x390
[ 1005.073082][T21968]  __handle_mm_fault+0x1847/0x5400
[ 1005.078178][T21968]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1005.083622][T21968]  ? find_vma+0xe7/0x160
[ 1005.087854][T21968]  ? __pfx_find_vma+0x10/0x10
[ 1005.092517][T21968]  handle_mm_fault+0x40a/0x8e0
[ 1005.097264][T21968]  do_user_addr_fault+0x764/0x1380
[ 1005.102376][T21968]  exc_page_fault+0x82/0x100
[ 1005.106966][T21968]  asm_exc_page_fault+0x26/0x30
[ 1005.111807][T21968] RIP: 0010:__put_user_nocheck_4+0x3/0x10
[ 1005.117511][T21968] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca e9 07 68 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90
[ 1005.137108][T21968] RSP: 0018:ffffc9000ce9fc78 EFLAGS: 00050287
[ 1005.143163][T21968] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000080006b3c
[ 1005.151116][T21968] RDX: ffffc9001da4d000 RSI: 000000000006b31a RDI: 000000000006b31b
[ 1005.159069][T21968] RBP: ffffc9000ce9fe90 R08: ffffffff8f7cd277 R09: 1ffffffff1ef9a4e
[ 1005.167020][T21968] R10: dffffc0000000000 R11: fffffbfff1ef9a4f R12: 0000000080000900
[ 1005.174970][T21968] R13: 0000000080040000 R14: 0000000080006b20 R15: 0000000000000311
[ 1005.182933][T21968]  __sys_sendmmsg+0x2b1/0x430
[ 1005.187618][T21968]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1005.192799][T21968]  ? do_futex+0x333/0x420
[ 1005.197115][T21968]  ? __sys_connect+0x38d/0x440
[ 1005.201868][T21968]  ? rcu_is_watching+0x15/0xb0
[ 1005.206612][T21968]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 1005.212138][T21968]  __do_fast_syscall_32+0xb6/0x2b0
[ 1005.217231][T21968]  do_fast_syscall_32+0x34/0x80
[ 1005.222065][T21968]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1005.228386][T21968] RIP: 0023:0xf7ff6539
[ 1005.232518][T21968] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1005.252113][T21968] RSP: 002b:00000000f54e655c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[ 1005.260507][T21968] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000900
[ 1005.268457][T21968] RDX: 00000000040000cf RSI: 0000000000000000 RDI: 0000000000000000
[ 1005.276411][T21968] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1005.284362][T21968] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1005.292323][T21968] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1005.300282][T21968]  </TASK>
[ 1005.303293][T21968] Modules linked in:
[ 1005.307651][T21968] ---[ end trace 0000000000000000 ]---
[ 1005.324189][T21968] RIP: 0010:filemap_fault+0x122c/0x12b0
[ 1005.330783][T21968] Code: 38 c1 0f 8c 8e fc ff ff 4c 89 e7 e8 8e d8 2c 00 e9 81 fc ff ff e8 94 23 c7 ff 48 89 df 48 c7 c6 60 5b 74 8b e8 b5 0d 2f ff 90 <0f> 0b e8 7d 23 c7 ff 48 8b 3c 24 48 c7 c6 e0 61 74 8b e8 9d 0d 2f
[ 1005.351359][T21968] RSP: 0018:ffffc9000ce9f6e0 EFLAGS: 00010246
[ 1005.365296][T21968] RAX: 57ef0cf34c40f000 RBX: ffffea0001ad8800 RCX: 0000000000000000
[ 1005.373449][T21968] RDX: 0000000000000000 RSI: ffffffff8d70bf39 RDI: 00000000ffffffff
[ 1005.386917][T21968] RBP: ffffc9000ce9f818 R08: ffffffff8f7cd277 R09: 1ffffffff1ef9a4e
[ 1005.395521][T21968] R10: dffffc0000000000 R11: fffffbfff1ef9a4f R12: dffffc0000000000
[ 1005.403638][T21968] R13: 1ffffd400035b101 R14: ffffea0001ad8818 R15: ffffea0001ad8808
[ 1005.454107][T21968] FS:  0000000000000000(0000) GS:ffff88812613e000(0063) knlGS:00000000f54e6b40
[ 1005.469900][T21968] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 1005.480342][T21968] CR2: 0000000034815ffc CR3: 0000000066e60000 CR4: 00000000003526f0
[ 1005.488811][T21968] Kernel panic - not syncing: Fatal exception
[ 1005.495190][T21968] Kernel Offset: disabled
[ 1005.499518][T21968] Rebooting in 86400 seconds..