last executing test programs:

2m40.504240904s ago: executing program 2 (id=845):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net\x00')
fcntl$notify(r0, 0x402, 0x3)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0xbdded000)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00')
getdents64(r1, &(0x7f0000002f40)=""/4098, 0x1002)

2m40.403208745s ago: executing program 2 (id=847):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000004c0)={'syz_tun\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), r0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x28, r3, 0x1, 0x70bd26, 0x35dfdc01, {}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x20004850}, 0x4044014)

2m40.280404443s ago: executing program 2 (id=848):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000100)={0x1208000, 0xab, 0x3ff, 0x6, 0x9})

2m40.210076037s ago: executing program 2 (id=850):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

2m40.091401107s ago: executing program 2 (id=852):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f00000002c0)={r2, 0x11, 0x6, @random="08d32bfb45c9"}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

2m39.592073763s ago: executing program 0 (id=860):
r0 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)
r1 = shmat(r0, &(0x7f0000ffd000/0x1000)=nil, 0x7000)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace(0x8, r2)
shmdt(r1)

2m39.328404926s ago: executing program 0 (id=864):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000e, 0x204031, 0xffffffffffffffff, 0xd0c6f000)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000006400)="7f73a2cec5d0db4d420442fce4e4191e2ed112a607e662fc1eeef7926d41c5a0f91c64de08fcd231ba34fb2b58307d834cc83ce0f3908b5333fec9af958c900344d938cfa948f432dd5acb1a7a73bdba45cd411b82f7fed6fa3bf23c9abdc4f263fdf3fd68dcbd973b4dc2aef81c7296d7d08e562f89231f57d43e4d7458c8f389810e60c1c20bddfefcf1739824ad409148f4647b52cc98987f7c31bd6f7f44e39ac5f97f75f06dccd331d2828625fbfd3a65fd0d32871b92c0a6aa8895d3b467921c933eeb93cdbd7387abe27c4427d4ab77bbf9558a9a085a74170e875d83f8c5017d46901eb519854e8aaeaf94e6e050fec7c1afd81e26da117484dfb042805ed1ad3fc67a28636f5a35ad72f6106a5c3cbdd25048567ef13b229024142ebeb7a8bf518f017fd49dc31d8652ab7036107f8d5216a142e58f8ed850ba177786e911fa4f9ff952f8ddb66af705c7b97ed4b385d9ea3c0fecfdd5dcf168832726ced26b51f7a5911a35106aaee0e8662497f6c5dce5543690ea32505e79f13bace0f89ad9e8c551578eedc78028c414145dc3be2184e2055c037cc2ae07842a78910815c69d010bfbb850ec8f1a5da8b48ed2f75838dfe8657e5b1b59c561cd5d219a481802939c7abfb216e01173985e3436b7135d2377ba714281dcb3f82c064957e621464e5de29e8248d2400668e5775d8a75d23d7e3fd9fdce31aef258be698b121ac4ff319c6e4f872c4cf1b5f3ebbfb2ebabe113ccffe028d829922ea909a5522e5b632e3b99fb47ba9d0f8e15ca401e3ac671e80dcb56214330e7ffb3a415d6a0b84c56b056a6f2a4ffbb77130a5867b12e061a2539aaf67360af472c21a27855b5387e132ef9bac10b86b1f93974da52b3f4c48011c77eab7481e1838975fec2ae160f6b8c168b80dcfd3e03e8c1ec2a643cf850203e8254112c08ed4c2c6d0715b6bf5f281df7356cc2c9f8baac8b0dc574fc46eef5eaa9530dc0a6a88b3ad315d01a36282c5338cc5c399deb78cad23b22eb71b80d266fa904fc1a6d94f77a1e3a2173abe5dba58af48a75fbadd339eddfe7dc5ecf3fb85284e903ab70dc00663f0a5270ab805556aaf09223679845a1e091f24318d71dff015847107ffd9d7f789e8753abc2a51d5067da21c49fa8b8f66c89afb009cf17200753164786af597b8b6d5b5505d1d716c74fb26cd78679d77330c2cb2bd154423bd6e5b8972e2c576a89806e57686a7019a369de75c99e0bb6704f508adfd5394568a2f8c56a5333c861432e4ed056e5b8f20217c81563f0fb9efa6467459753832814e3118c24b634d6068b35871bcaaadda1d206584324a2bd35050f5fb993e898ca25fe82b3578e325658a4cb91ba32589c6d6720284c610569788acd2907091a968651b3978d797a5e808d4f33be1859de2bb57b5d249725f06d94e32ab46d1b7d1174703bf8dba02d4a5f5a16fb3878d6a2c915df4ea588ad8b0545b62308112d6c7f9bd93e5a51a45af9e990985f8d7dc8925ac1f63210cad488769d4957b03108e5e6f716d80a0bf88349d680067fb0a0bc59edd8ba646a2a86b4c32fd531dbc4879c86ab74e17f49f877c30a36279698a3420f3f236a69a84781fb981a2248bc0dd12dcc464f6b970b27ee634f0fa8c1338bdc3b4193b865727eb856995c08d9b88161b9a15245ec0967000f678e807c953f933edc6e80fcfe963663f7cc801927bc91c238d0b6f0c61ae66a8d210ca577b17677d79ffad404194d733dbcce9b2f163637b7ed1cf4f967ca680bf1db83b1b6f090dd99b8e0d49e7b3cac65864c32cb321d84bf43e7a300a6f4ac27c8091e39e4383fc99617f4b367d7a2e0041176dee5fa85ceb501c3d2a2efc1f489f83fbbbdc4af125fcac9a2ed8db3cc227543b195e36adef6a67a126a28be525e0441d3c5def236da4bb1d5cec084b1f08da02299f72b2a10ea7fdd5eb3c2f999740a287c179db7fa5766f8781b5147a6933623bbaec777152c4e65d262733ce7e864c5c79a56f60075662248f6b765562f718d0767a89de9bd3649957fa54bc9df603158d4ea631d71be5ea93ce64d4718abc196fdc85dddd8656806500660aaf5e3c5c74732872141cf9c542bd32f1ad210cae53fd91bce48a55afe056540d396b0930632d6b252833a91bb4d9020d5ed10d66d2467e324ee68f06926194d378da476f0d4dbb9c452475d938e8c774cc68bd291726a95223ae3866d9a2f3e4e6c319e2b4700ef4640ceedd9ab0a587bdaabd649363f0d93ec1afd6106e791f8d8f1a0d52c085a4c8a89a5c6d8443c63d3757dcca07e1f813aa6c7d007385b54b9a280713e80d8b61630360166c5ef66190fe367d7694112f340f790d8a9cf0f39eef719edbe914c9da3ecae2913a544cdce5bdb9fa462ef83bf3da34e76670612885e66c1cb13c76f72fa796ab1810f507be6dccdb66aad16e88168e0637ce5ea5bbb01ba6731052459600121734f1db7c610920e979e1f2c69be00a33a7cf14e5dec0626d3928040c75db097626e198c17114da8841c9e5cea3ba122dc119d6a2da3144993e7e023849f5360f299675f49353828a592aa8b6c2ec821b0991dc478024a6811656a265431f9aa56feda7e8267d6e3351ce340a79856e59de5db2c919c6726cff7ee678b95390d6c6ddd2ba323be59eb4c42f08a2f9973ff0c45820d59b50b6a153775ed0e9e73e73c6ccb98887bf70d35d97ae8d226c35b4fe8a5d4cda816eac80cdb962e8444a5cb4452ea83da83ccb437c7b00e146d7b71aa86a0933aced67fada0588dfd280066f5a735215691ecdcfd474dd0ae3c644af51a79f8fe7a84b0c2130e619dba270a101b0d1669c9317d5e548a2cc3755d5a37817d8eaae8059713854fb1b5b70991ac62db6453afc3bc4fb78a5cdd56e22b4d7abd70e6370ba28d5cba9478886f232a482cc4a1dda770c0458c8bef5ac19d8f4a24117d6ab0c7d37928c05a9b51cb6b2d8f5e422383dfae0f8152365fea2a948a12899aac9587a01ed162e6e70572d3eb02fec0cf0af4e65757f4bb535aa4fb82a193f79913b09e8a4d1ebe26eb4bd3d1549ecb20a08c501bfb5aa8ceb236a99d6ac3cf7be65475a867c27d301bd62a947c1d03e7247db527d9f7356bd59ea335f3c0afe3de183fc16c77e658aade451f036c34b9ee58ba53672994358355209728a760d76aa2f22d7d4e37732cca6404fde0d067bc97a4020a9f3946893743fe132704285a7e1b01403955d61aa22805dd592e4f4af41bd3c3f3ff2b1f0fa434c141261fc28b2bc1b104c78ed7f27cc9609a3d9ca2b8b976dd2374db05550e85032d7e080fac951aa68eac62a9de55565ab6201508cff33c38286494184219c919958415b50420756d32ea98cd04b6ac9c5f311fc933e48a597285c2f8a3dc008f174854b6ea186af6aa55aeecc10345b7d9bb9d2bbd3c0bb8153f6fbf080f4cd49e07dd850ab3a44cf505fecc8cb52b0540a60598ca941d40bda71b16f703bb30e344d3de13e540bc1205a1d9b3c94658b2199b2f2008c9f106eae565ef605278b8779ece25cda761069c7c72f020b820a39e6d0c441cdb00a41292c3146f39d2a5f7bb2fc8723a318fe3df11ce8a2e81eeabd0dd9245cb0f54a6d048c428c899182804cff8947361c01b009214b7d95617d312fbbfd379925f402bd9cc0cf5c25f14c24c64ccc7d87add9ce615711c9c6df6b0866d001f4669030abde15fd2e4059f25ad1c5543ededdf6d26c5a4f52d6c4448d105bbaad24a88cdc41b7e741c82973dc2578f9f1fd1faf4e522eb08c430f4efc4772fa4f6e504164b7b0b275635446c64fe3764cc13b1903b2a359eaa16c28abd331a34f78354ef286116c7b4a0ed3b8c38e8667f26a4ad8de9e205b9f1b24ec8c46a3c3578655f45d4356bd9504b2c4bceab55e7b02cd53139c1b5f044d9182b1e41c9020ad44eb31b8e8a7bf01e85c182ec849d7ed42d69eda8eb57d58c1c38e4ef4c3266fab97db4047eee31d289e91c53b243f5ad50af8de32c35cdd1165c894cfc9df5f59f55b2acdf81b6ee3db4eeed50c7cad36cf53dd10ad592c6d059f067d76711c067d42a148443a195512ea16f41589b3f1dace5e63d2c1255ea19c8ef1836ed19ff7ccaf96536548c06d4fdc76daf99d960c040e4df0e5a1f39f57bcd6dc294adff4af3a8ef364338049c5991d532a248aef4a0d166de764a4c3b583b6f8c30a8cad255f34f342f2b778fdda98766e11c21f4df0db226e6bfb66e71c342d904e99d506aea721d01456938e02f60e78b2652204819ed4595ee77e987d9646b2720ecdd41869653f7225e23dec28dbf0709a1da684693cb22f5b74f569f2d424499eb246ca8d8cf9ba86b2f1d25ac5e3707d46c46fa5d3008cc01aaf2e645b92dda134010df5ce5ad6ca03c2a30ae023a72688f766bcc821f24fb81d1c9edf5da5d96816476a3afcd4df699cc2b98664af0d1365e589673ee7272e3746d7e95ff6c87e1d5ae8055551724e3ad3c50d852eeac1333a4507d096687c6a7765accefc4b22dcc36a73f231d6c9dc242a5e7a0309415bb10455c2df3bf719c79d73e35ad068f5473b66c7e9bf769919b295d6c9dce8f774a21bb7878fd7d4b887bd2efaee03c73532a35bd23810dfe10e214d4f9cec03c72afa212f009e068852546eca171ce2c7070228901527621eca6771cb75b1613df30ad1582df923e12b91013f73102f130fb33b85d82f038bc1f54e6f126d5077262ca82ea7130995a5b24c4974ca8a1b1d4ae7c3417d05547cdf5e6030c4d02c6cfa0bec697be7df432b8d78926831d00e7bca1a5e67e6d55666cca07c6842950cd793ce986da89185efe61046e863add47c745775b8e3727b074434f1c14c502e44d276b73ad2faad946cef2435fbf1225076c461b76b3f83e24a05cbaf0fed70c3a05f4765c0499a9b7a80805be294053e7f27e2260e1ddd1737d535aeb7692a0c8c169b5c058a9d217776b1a9888dd8175477f4cfa44b83715ab4f6f212153628554f719fcdb6bd376c1d443c2692ba8f2db168c63723eb8c88e9a9612a0934ee66dd63daab19078d61fe68ab10a621460d98d12bd3cc6799b2c35eb1010a457e2f36fccf3b37a96233d844291bf798f630fec23525ffa41e64b17b895c28ff7699cf31e9faab9b2f515d2e14dd3981ac7c21dea76810ab33ac178648ecab1cb09b158f43d1d9a97ab05b52c322d02206922a719a400367796063570b480980d4f9347214d747ce0de4f56902df321e892bac8a79ededdac14b93682b9ca8b95452b68c8ec3fa1ed188237dd1f67a286d988fb8e43889c00f4a87a3e6416bfb34259646296cd5f73d0e00534309af6e8f5e0e54c63fca9822505237f4e3cd95b8adccf45f3709e8427da5d7c3c57c99286a2c094db3f815373a756e9ffd2af88d6e69a8829dd4a7cee75942aea8556ffcd82653fce46daeee574ed7502fb2b1e8dd8d60a5d46b898684a0d715f643ad91505747cca04968e6a1d0c447e036e1ca25419cd8bd785402d88bce5e40532b1806aee693f8b5030cfad71e9f52d0445304aa2af28893b1bc731f37b55bfc6e5846634482cfa3cee7e9d2c8a34a48fcca25393d7b3fe5c5a3c2d53de126654468984ab1777954272c6e25ba392f3c3c2a658518625921196839ddfbaa0bab14836ea12e63542a60db72048bc0770351cc2c30ed6185ce69b61f8160078415e86f9bab5f399bd7ed4b720fd19fa327f440f6054937b0dd6ef511849823e6162e0c7d1f846f9ebafc32583954e7b136303977a191d9974e939fc7cac14134026967b5408fa6907afbdfa41cf80a17c251fc1363725987819f165518f86fee07ca1660c25d04f157ecd43b8b92f93b2c6c02e0c1e715836d70c503e60ceaeaaac61f7b9e07d3fc9904ecfc81ece857754191e57a8991bd0042750b53722f35741641ebd5c5febee02d648fc1d048bf916a8d8f33227fca790602c02dfbd4aad34f2dc8e77e537ad4042a553e5e8a0a15dbee27da24ac13048378899c3a8772a0d8b85c442c8082f464b58fc016e845186bafa8fdf4f04d0d952136d4c7be90a909e3e6adcb3d74ed37da19769cb81114ead1a40dc0368169e5c230eb02a0d1c1a11ffd808f27159baeaa8879a034dcaf6a70b2f99e5859ad9c7465d61b4b51e993d8b93095ca63675dee276ba112bd2f469efdfb79fc8c97b809e0076001b98651bffa6829b2141fb3ff789d0ddc3d73b077d36521841ed9aa5a8a134f5875c444c62efa1f9b0d98a4bb4a62760a15d33824791420a5a89467ec364f30954db77219b849677e0f5bfea9c3d2a3a1e1e76ce3df4c8b9a6a3866b20566e7c68c6d32bad4d70fd2b9235fa7d38475ec1b9c9d746f55b02bdbdee6dcb6238caeed353de28d1e6e2d5126117e5fa82b9d57b703dd527736b51444b0d7d4b77562d4a370a202ed70b4940bf58ef3ff8801f78d632f2d2428fb133a910aaf4757b32d657d831c5575398aa88643e7fb1431ed0dec16a505e2d8583ef3d8787413bbdfe132c921d16cf272ca791e88e196824ea3a5c009a6a21b88dd1d6d6f87733528959ed24a4d3505d469d32a09b1970329add757c533afea8f8314c58400c0f3e25b703d9757c4b04f1b1bf293defb008ea60dcc77b0d3a6e9a1286c761bb3aa0c8f3aed74f8cab11094741c093e495867afb3857d3a92ef0fae7253b2bc3291a9ac0dcdb62c517ce2471ca23d985012f2e860238ccbec834039e8538de07f6086d1ac09027729bcc4e0bbd36e931be4242ec7135d16b01b3da39b1cd1c1d751017df8ffb31875f5a541a94099a4f035044f310fe5356d3b2d9a1eb5bcefd422e546bb3c169b8793df2764e6390dd161d90943a55d40f1984e1e211fd0227296e2b5c6485ad19675dcbce483a88f5c68d44b80ebb716c1aa0017ebafe340a0273b48979c7dd4e426f8c0a736e40c4f844a037742d00a73b67fba3c14051c6278c4dabdc4d8446ab5762e2d9d4f34359da34cdc333735b02e5deb9f71c8af1a5cea228eb70d0d8b371e378f5fd8172e60d9432e38e8eef54758d89e5413693ff2deb95fadfda6ecb6feb3adeae0c08860056a23d122e7b070568ca196b58cf0c5e737be9f2d9c66fa2be4f532c603ea8533cf06152d231cd2513cdcf212af2869ab96488f5cc484cf773c4d6eff8573b9487e51c84c3ea2e03e0bf3bea7717b8c92470a05d6e518265e8d31e23a22dbefbf82bb2a81d6c76372c5f41b19c5bcbea706ebd0b3cb7e52be6f8c70b7fbbfda4de69318cf9186aaba9d94c93b2df2310c44ed93d937db65b5f596dfaf6b52a7a4ae77c4b096d0075189cb568e4bbf6ce9c796839855440e6f060e241f295e4f76b0f162dacb2cb2e47a06961152e0057ed615fe14943822e8d6fa18636f3168f09ff2986dbf1904043ba4fee74b5c4706781568861df4c9b13bf2a815ba7c69a0b60114e19d817c3a038921fbb1b47acb8597bb38f7980f8b628f3565b09d7f7be504264ff143409b54516b4e79bdf7147eac7b1de7e43d76c558d6306bf780095f2bb5b9ffa3846df980001b22171d65463c17f4adbb95274abe315707946e65026a86d1b368586046e0cfd2a99352c16b9bbd91bb839c443e9962ae35a9d0dd6e2a48e773e6ac06597c6e428f5cc14836e6462135972bec63de2e7e3b5306704d44c2d9367308ffc4bb43cf839e37ee5fda8e50383aaf2eb67004645fad98662d6ce3d499ed921c9015ee5691b030f53cf95c346131097fd8fdbf257dbbb4410fb1dd14d64e384ad486ed5903866cb1982c606d41d611d4bb6298fb26cf965a7dbaf57309d46483fd5ff7c4782341446e7ad9695c52f7aa57a0c856214f67b7a7b8def0e915f5eb2ae457e4800d8791faac0133cb3851881aa429826cda874a42b7956a032f3d0615296c4f706ed649690d196ca6a6a2481be470c0a3922c7789276effa51e0221c8e163ce47dd8ba62391882338ad843d5579a6c3cd3ed711d770b8e0be9de4c91120bc01d69f457715fd770d6c335de853c87be3b638953faa0f2284d415c537e01285afe9b7f54d7a432bb7e16cd18621b6e5769b635dba997a5c65279bad6522d189da110e549f51fe20af42fcabf1a900cdea166bfe279855b8fdcb1bfb97049238dd17aec8093ea38b04e04bf43dd1b43658abab3b0b395cecf73d59279b9001e0d4ba93b95de101534ac718336a82216f2112b7aa0235c15594960f4771a0fdc21b4636ce3ddda5dd63291bfedce53347b725f8fe17848319b05cdf4c8d3d198b64deb3e10f6fab3db35ecce06908cd4f26cbda0f8c4a7deeb6ee12e0b5c13dd022851e6da21f44505697a4a974a10e57145bc75960ba59e189768938e89eb0c81071b45345ce428e90c4fc04ba11e75127f96698a4a2dba776a0f0a1576853d39e0ad3addb7bc1f3c030794d1fe621799d34582d07b80114df1039cd2866f1899f19fe34b946571c17f8b3efdc0e857fcf83f1ebc2b99ad59485fef3057e07534d36e7b4350dee86fe84f6f85f75330064301e2f055e017cc187f93bb8e92583b9e6e3999ae5c7ad1521ec77ee0ba476308242f9d6cad4d5ed385924c3806077f0d143bce70b9205b6d59f8f107f50133fd6fa87ddffaabab3a16156d353c28c5b3d92ba8643e4f06b866ea3f7ffc604a234750e5eba551e4787b340ddc90081b74a0d2e7df723e73b09e5cd38568993f171ecd6056aee45496c8d8fc458f8e2e721e359541cbb9dbcb1d801538cb84324fb090e960d53bc81c0020229e38e36c186cfaff1a1bc385e2d5338bd3bd9148730275b36f2dab198ee329b060159efb17ab00e40a940245d8ca47712921db546dde1100c29ff47dab5dd8cf10cca97565ed96901b0309841d7e3d746cde9fb1985cc276e4420636b145a2ee8720ad2fa2c256b995879b95e2e597f6d6fdeac1f2d349e3305322cd4b0df519abf958e874ed6d25bd4eb7418e9e45addd44e4a9e6cdf7b553cb48fc0c2d12683b2a83d2aeeaf03b6718abfaaffa59f38879a1b380668ade3e320ec2db4bdfa4409d09abf35fdd2ff501dafd55fbb2dd2ff2821a47ef41f644f4cc87d4a41576e2618a4da38302aa3ab38516e656b5a64f790a008d0200aede7267bea8bfe554e7d082d11d8ec186e314b070b5ea07b0ae722b4f2ab965bea7f906326710e0909eb1c0ba9959dd97a7b5331494d87b74c04587e4b78c420b8aa8ac99ad6c59d05d35a2e370b2126de5eb8901cc6ba879ee86de290bcf77e0bed67a74932794b3faaa187f5fd23a7932037f0a3d4517a1509eb981752492d13aa7d48d997fb71e65ee97db61d51ede49a215a158890bb60103f5502893a998be6ba800a07ecf9d8e5379b817621047933b3b314b7cb20abb6c30c6d490db451c7ee5c37942b5e886e0b43f21b9ff383ab80461e1a2c9c05f870111d023fc49dc425fae83e848eae43772902f83bdb1af645039e0cc961d6ce39588bd4b00e2a5e55ec02cfcc3ebe3783fbedab8ab64ed2d78202493ff6550471ba6196e73ad2b35f828eceaf8e340b78e9ff0fca04431e56cb7d0c3e366f938f0d7d966ba34458b0ac9dd6dd5c0034f73f902ed2183d7438377b72e81919ce168f294009c734220b4a501ec8e47b2d1f3f69605ce91fc825b5c4ac7b267718cf28c81d485aaa7de1d0dee66f677b6ee9ad02d75099c653decac58e0f1e13f414304b972d6e17d3d1fc0ff30591b82aa785a3dbf24c59bc8efc57fdef33c7c2d051214d9d8f48a9a71ed77ee6a3a2a699bd3882a4a71ccb714c8a911388be571a2a7136b9c308c5c854f6ed7bb74bab77076ff3d48ba989384ee4dc996262fc9e1585d2638107df8615d66f335d147efb64373ad8668fb50e00eba86ef4c65842cbf246496e997fcf0546c043740035af30e05f69d69ae06334e249fc828d5c3d1d58f31f2e439fd6d415be63ac6c88385935bdb11f4e8cba2f0209314253a0e5001fb029cfff63e012c379d8269611eb3868055868087f3916990089d3cb9dd201db0fbc4768a03b4c36c2a58511932468ce65f6b2d5fdaf3b1e669dbb7bd3ed2525d6f81944512d79918b1b14e17e225b3b7cce0bbcc073eec2ca8aa47a260d4842ab5a0e29b163d83ed1392ede695ad64e44f530af80aa4af328f8fbad8e4ea11f71bfc8418a145ae47612f9e7a7d4d037c3249e5d3a1feded9798dbd78af07990aa8d607254194256c1c662479a881f8bb6e6ecc4cb92aacd919fef13e78b58ad44ef3a3e7e0145950706e762c1ac44e78249cd1a29c5dd1f635c596c8046cc432024079ac0eb4b7376d89ac60485300594ce3a2498a374e0ef103a6aa5e0c42df5cbdb6da478bcfece47ff79e79cc2abaa7678a2d6f5f26bf3702d3b07cc5cdf5f402b2b5801c7d5489ecdef4477d111a5040f65cf7ba8586509151890a0a1ff2a093b1b969a4d01fbb29de063138d5407ff358d7c98a8ec79a424d3080d5b9b4533f23dc80ad3fd9baef5d1895576a8af9479c65f772874b9f7b0379d9212f386af9fbe816179316290746a973b5178601b861c1054e9d8f38426edfbe8206765314c723f262fe0e32950f68f00a45582e6e72d0140614035f58e3527eba96d29363f966bda6a29b4453285ad94b3eb51ebfbf5afba8bd6a89fc54e8cfc1d8b91555282e27ebcba8b2aa7f4d397b6b017bbcd80d30fc0180cd93b97541a0b127925d609baae79e4243c34b9660a17ff066c4b906ba554655dc30e47cca38f18e5190ff861dc3cb2bf777052da48bcac3925db0b9e9ce401c1cb2c2a1c51d0c420d357af3c939166cc01759d50f9e65fb04957c7c5c5ac46433e064ec563233d8dc7eea97d9f5c12b4a03a46ce306550f3bd4c7166dea3d4876f7a83b39b207654e6fd2a01abadfb2a3f19436c065088ea49859d5dbc8fdfcf1e0c4857cc512870795fe74989f674f40875a5104713ad3560ee1ce61df8fa6b97937703c7434fbf81009890d98f327954c3f7800e39fe5269e5b030b6cd8312bff2c0c44eb435ab1a3d861a0aaf01e992776d135d33e0b02fb28ca2d06c545366f222f55d28514d883e11aa255681ee7f20d61f73a5c20955ea919c557c1b7403401c34ceb76cde309ab991a13a5b6c3535dff4118b1162a22329be3efba01f08d3f0a9a68becd040c09bf6da005aea6c8120af5c6775925af7e042a1847087067c1b8e1527dc2b9ba6fc3082b47a9e42a7eddb980ecda3f66ab5af600b5f92d1db42032b1fb4a11ed8a4732ea3ec73454ebf0b84acd58a545ccc95b9f413044f47b9e40df58a8225651c379ace7b826cfe7f5bd5205917b606cc7fe266702918eb7da26be268e137aea627ba1b849961692ccc8a6fe2d42957601fc95e393a399c6199a2f1c0adf2187711b9e82023872a99fc25c7144131364ddb03d392961080734533c49911fc91e1a2d2b14f7db46d8133a9b2ab3824b53f620b659c877ca458c1c8d0cef838ec467bf67f2060b688fdb0f8ba0948da364a742d87e2eb2173b2cc019d1c76b53505a87ae986cab70db7885056a3989dd1a3abb6f21d3415f3e53aba7ed09b6864a", 0x2000, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x3)

2m39.096299762s ago: executing program 0 (id=866):
openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
ppoll(&(0x7f0000000100)=[{r0, 0x240}], 0x1, 0x0, 0x0, 0x0)
readv(r0, &(0x7f00000011c0)=[{&(0x7f00000001c0)=""/4096, 0x1000}], 0x1)

2m38.941028987s ago: executing program 0 (id=868):
unshare(0x62000000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000080)="df", 0x1}], 0x1)
r2 = dup3(r1, r0, 0x80000)
io_setup(0x1, &(0x7f0000002500)=<r3=>0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x0, @rand_addr=0x640100fd}, 0x10)
setsockopt$inet_int(r2, 0x0, 0x21, &(0x7f00000000c0)=0xffff7ffd, 0x4)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/153, 0x99}, 0x9}], 0x1, 0x40002041, 0x0)
io_submit(r3, 0x1, &(0x7f0000002680)=[&(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x1000, r0, &(0x7f0000002540)='\r', 0x1}])
r5 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r5, &(0x7f0000000640)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x7, @empty, 0x3}, 0x1c, 0x0}}, {{&(0x7f0000000280)={0xa, 0x4e21, 0x0, @local, 0x5}, 0x1c, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1400000000000000290000000b00000000004d4d000000001400000000000000290000000b00000000000004004000001203000000000000c8d153623e000000ff00000000e094de889fcef9b591cf8c66b4e82d2e399577aa18ba7a022e0ff15eb02e7343ccd83e939f4d9b8928156a652b7a890dd4c882886df162853a288d3ee2036474d3c57cdc425573a044581329f24273cc2190a762e672412a72720d6a48c0305cebd34d2ea0dbb2f16024fdcec740608ccf66bd75966c3f68d36b7f4226ebe52ca51005360984f9c2f7a59a25beb370ae4cab54340214421b7a128d6daa40d0fa1c134ecdbdec2c0788f10c7a1729880594bc57c42d202e49786abd6dfc23765ace00435c82cb96311f1a43bcd35f9e8f66580cadf1270dc4d3f9507967624faa6ead7e33b401"], 0x48}}], 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000ac0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x40000)
r6 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$IPT_SO_GET_INFO(r6, 0x0, 0x40, &(0x7f0000000000)={'nat\x00', 0x0, [0x401, 0x6, 0xfffffff9, 0x9]}, &(0x7f0000000180)=0x54)

2m38.54348223s ago: executing program 2 (id=873):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003900)={0x24, 0x16, 0xa01, 0x0, 0x25dfdbfd, {0x10}, [@typed={0x4}, @typed={0xc, 0x7, 0x0, 0x0, @u64}]}, 0x24}}, 0x0)

2m38.216666141s ago: executing program 32 (id=873):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003900)={0x24, 0x16, 0xa01, 0x0, 0x25dfdbfd, {0x10}, [@typed={0x4}, @typed={0xc, 0x7, 0x0, 0x0, @u64}]}, 0x24}}, 0x0)

2m38.210394995s ago: executing program 0 (id=875):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000ec0)="b9f2f8b6f093", 0x6}], 0x1, 0x0, 0x0, 0x804c0c0}, 0x800)
setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040)={0x2, 0x9, 0x55, 0x3, 0xb4, 0xe2, 0x3, 0x3, 0x80, 0x5, 0x1d, 0x80, 0xb}, 0xe)
recvmmsg(r0, &(0x7f0000000840)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=""/43, 0xfffffffffffffed5}, 0x40}], 0x1, 0x40000002, 0x0)

2m38.126571193s ago: executing program 0 (id=878):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000c, 0x204031, 0xffffffffffffffff, 0xffffd000)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
mremap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x3000, 0x7, &(0x7f0000ffd000/0x3000)=nil)
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f0000000000)=0x2, 0x39)
mlock(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)

2m28.862865313s ago: executing program 1 (id=937):
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
msgget(0x2, 0x624)
msgctl$IPC_RMID(0x0, 0x0)
msgget(0x0, 0x200)

2m28.684031196s ago: executing program 1 (id=939):
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x10, 0x10400, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x80, 0x10000000}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
ppoll(&(0x7f0000000300)=[{r2}, {r2, 0x201}], 0x2, 0x0, 0x0, 0x0)
close(r0)

2m28.440410725s ago: executing program 1 (id=942):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000540)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a066f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0effeffe809005300fff5dd00000010000100080c10000000000001000000", 0x58}], 0x1)

2m28.115376698s ago: executing program 1 (id=944):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0)
sendmsg$inet_sctp(r0, 0x0, 0xc851)
sendmmsg$inet_sctp(r0, &(0x7f0000000100)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="200000000000000084000000020000005e0c0400010000000b248c1652381f6a6b", @ANYRES32], 0x20, 0xc005}], 0x1, 0x10)

2m27.864205052s ago: executing program 1 (id=946):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'veth0_vlan\x00', &(0x7f0000000000)=@ethtool_channels={0x3d, 0x200401, 0x800000, 0xfffffffd, 0xffffffef, 0x1, 0x2}})

2m27.671220553s ago: executing program 1 (id=948):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x56054afd47b3f2e, 0x204031, 0xffffffffffffffff, 0xffffd000)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000008d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x18}}], 0x1, 0x20044851)
mremap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x3000, 0x7, &(0x7f0000ffd000/0x3000)=nil)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f00000002c0)={{&(0x7f0000ffd000/0x2000)=nil, 0x2000}, 0x1})

2m23.042074133s ago: executing program 33 (id=878):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000c, 0x204031, 0xffffffffffffffff, 0xffffd000)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
mremap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x3000, 0x7, &(0x7f0000ffd000/0x3000)=nil)
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f0000000000)=0x2, 0x39)
mlock(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)

2m12.527251011s ago: executing program 34 (id=948):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x56054afd47b3f2e, 0x204031, 0xffffffffffffffff, 0xffffd000)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000008d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x18}}], 0x1, 0x20044851)
mremap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x3000, 0x7, &(0x7f0000ffd000/0x3000)=nil)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f00000002c0)={{&(0x7f0000ffd000/0x2000)=nil, 0x2000}, 0x1})

1m36.963762613s ago: executing program 4 (id=1316):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x25, 0x4, 0x76, 0xfffff023}]}, 0x10)

1m36.539120102s ago: executing program 4 (id=1319):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x10, 0x1404, 0x309, 0x70bd27, 0x25dfdbfc}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x10000000)

1m36.316114196s ago: executing program 4 (id=1321):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
ioctl$UDMABUF_CREATE_LIST(r0, 0x40087543, &(0x7f0000000040)=ANY=[@ANYBLOB="0033204d012d7c0221908b78203545e944985b"])

1m36.052951499s ago: executing program 4 (id=1324):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000440)='efivarfs\x00', 0xc00, 0x0)
chroot(&(0x7f00000006c0)='./file0/../file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$tmpfs(0x0, &(0x7f0000000500)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0)

1m35.647491597s ago: executing program 4 (id=1328):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
sendfile(r0, r0, 0x0, 0x7ffff000)
socket$packet(0x11, 0x2, 0x300)
read$FUSE(0xffffffffffffffff, &(0x7f0000001dc0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x2020)
getpgid(r1)
r2 = syz_open_procfs(r1, &(0x7f00000000c0)='attr\x00')
preadv(r2, &(0x7f00000001c0)=[{&(0x7f0000000500)=""/212, 0xd4}], 0x1, 0x1a, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r4=>0x0})
connect$can_bcm(r3, &(0x7f00000000c0)={0x1d, r4}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r5, &(0x7f0000001c80)=[{&(0x7f0000019100)=""/162, 0xa2}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x74}], 0x1, 0x0)
syncfs(r2)
sendmsg$can_bcm(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000200000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000501000010c6acd41bf80000"], 0x48}}, 0x20000400)
sendmsg$can_bcm(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="0100000000000000f8ffffff00000000", @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0xea60, @ANYBLOB="04000060010000000233e996c457b78776600000a005030000e1d1f55a4351ea72"], 0x48}, 0x1, 0x0, 0x0, 0x20018840}, 0x0)
sendmsg$can_bcm(r3, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000200)=ANY=[@ANYBLOB="0100"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000008001"], 0x48}}, 0x0)
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000040)='hpfs\x00', 0x0, 0x0)

1m35.147946978s ago: executing program 4 (id=1331):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000001c0)='\x00', 0x1)

1m34.529978556s ago: executing program 35 (id=1331):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000001c0)='\x00', 0x1)

4.39789416s ago: executing program 5 (id=1863):
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000240)='vxfs\x00', 0x200800, 0x0)

4.064030095s ago: executing program 5 (id=1866):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0x7, &(0x7f00000000c0)={0x78ae, 0x4, 0x9, 0xb9}, 0x10) (async)
r1 = syz_open_dev$sndpcmc(&(0x7f00000002c0), 0x3, 0x101040)
fchdir(r1) (async)
ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(r1, 0x40184152, &(0x7f0000000340)={0x0, &(0x7f00000009c0)=[&(0x7f0000000100)="ce972056b3870ab912639b79c0ace17f0193295073ebefff915181330b9a4306d925175599555427a2d0ab34e0d9e0aa63bd710af1bdbb9700cb3be7e12090b20c4075dbef870fdab69b4bb218ce75899394aad2824349a20d5ea763847ae48b73e0b17868eb55276ba1a44966bc97ec96aae6870f9297da08f04dc6bf5e01634d5225db", &(0x7f0000000580)="8a567942e7c94bca2ee616d7eac3e6d1025018530234b9c9a671a5e00958ca86faa60fd7773454cb1091efe40267d675bc80460cb879841c7c72e824a590ab474b2dc2e9a7b60cdcddc8bc501da62b0c829b5ed455449eebff862509c250d10248bcb1b4e1158228ee730157ff1b0534f2b2410523ad8d21d573d7412e43afefa54173ad210ec240e3c695165ca60aff5dce055ecee604feb0d18cd42ef4675180dbd6ef7f108eecdfbf42ca075ef1b2faed02ff680de937583ca230f238287520a4f25010315ca5cbf88744d83bc2210550c2513e026858cf703e862a006aedee52", &(0x7f0000000680)="c11f377917a48115739927872d2ae89991a4577e55c5112af0c28681e13873a1089d53dfa08ca4775597723e5fc7a8c83d94bd2230e0a3053e8e197ac982e92ab6204a9903cab37e9f6a41668cbce459225af39193e00844b91a0ccfd17eaf8309925c2d0130b0c9697c480cfb45a2f39cf5704e0783974afa4fe5b38ee59eda4a538ee6ca42d9cafd7767c0f417054d64c989889028e9ab0d2cbdfd6de8ed27912bf3d8b38c84a3e266e2e7d363afe43965f3e60990acdbb6b357153c4cf0b296ee7ceec5b44e86f337c7a67269336f7dcc2d8c60ea88f5c21e27", &(0x7f0000000780)="0e265b0e116bbb1d00e614f69ddf31c9bd3c2f58e0746318def860467c3468eb3b11ebe3e75962998efa16ef697f40d34fff760526119e2ffa1a6ac8c1ca57d95ec972714ebb3bc7cf03e8ab59864d1d2055c1984f6020156793fe657229daaa7ac096b21e50b7dab22549873027d970e56da49bacbd79b5421c6af492ac0730064b15ba4789", &(0x7f0000000240)="18d750f515c01e456ee20bf6aa7f260b1f8b4c069f863e2c6c3e67235764df6e5a30cc5136cce1e8d39414fa008bab4b329584720ed0cb8e39a22fda1b77752b508183e83d4479a066acada766c0d731154f29b110a9bc0b65f01642bca359ae5307c236f27310a1", &(0x7f0000000840)="ed0313ce779e57f6808458274b49f1a6baa18db8e9a4faf710da92b0aabbb47ce48543fd4c4496039cde52deeaccfe703ba6097a7585035fa34a39c7ba2116ea94b9e637c78262676f45562f535f8e63e5e5536836580c1dc2aecd57426bb2aaca8a5e6cba072b5dcbfe789d2d51b2676447e765eea256206ac2eb2ce97c28ef82", &(0x7f00000001c0)="05b39036768243cd4ca78ddc14c362facab6b6917cbfd6f0c997ef6d389d4f4da458db5dd2d64d34bf4d0c35eb9636249e61b6fe8b66662e066a00fc8a", &(0x7f0000000300)="e4ace84a461ab9", &(0x7f0000000900)="f3deadfdca3f2aeb9dd7eafecbb424b19495c16dfb80b9e46a8e53b9bcf3fdaaf908dba89671a09b929736ad554bafa85b61644a403aa3a8a2ed76c5d812ebec88df68b845ed997516bfb6749b5d74af127b2e4bc97763f6d0b8f57dc380d83be6a8549711c7a02eab78eb6f4202c32331f2564537b6552b385a74e0972979501093d8596e35bebbba290ee2ae899ed02bbbef45d0db5ef976336e6e34db"], 0x5})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f00007a6000/0x3000)=nil, 0x3000, 0x100000c, 0x22051, r2, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f0000000a40), r2) (async)
preadv(r1, &(0x7f0000000200)=[{&(0x7f0000000000)=""/34, 0x22}, {&(0x7f0000000480)=""/250, 0xfa}, {&(0x7f0000000380)=""/193, 0xc1}, {&(0x7f0000000040)=""/79, 0x4f}], 0x4, 0x80000000, 0xff)

3.994691771s ago: executing program 3 (id=1868):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x20, 0x0)
write$binfmt_aout(r0, &(0x7f0000000380)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "a05c7b5d00008023e9c5bcf5ff7700"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
io_setup(0xbc, &(0x7f0000000280)=<r3=>0x0)
mmap(&(0x7f00003ff000/0xc00000)=nil, 0xc00000, 0x0, 0x10, r1, 0x6bd13000)
io_submit(r3, 0x2, &(0x7f0000000b80)=[&(0x7f0000000380)={0x503, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])

3.847224617s ago: executing program 5 (id=1877):
r0 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r0, 0xc2604111, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x66002, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
fstat(r2, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setreuid(0x0, r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r1, 0x2000)

3.064533909s ago: executing program 3 (id=1870):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="00220f"], 0x0}, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040bd28090900000000000109022400cc0000000009040000020300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\a'], 0x0, 0x0, 0x0, 0x0}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
socket(0x1e, 0x5, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa3f, 0x0, 0x101, 0x100}})
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4050)
r3 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGREPORTINFO(r3, 0xc00c4809, &(0x7f0000000040)={0xffffffff, 0x100, 0x2})

3.063831628s ago: executing program 5 (id=1879):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000140)={0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0100000000000000560000000000000066ba2000b0e2ee"], 0x6e})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x0, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x9e, 0x6, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x180, 0x4, 0x14, 0xf1, 0x0, 0x7fffffffffffe, 0x5, 0x5, 0x6, 0x0, 0x45, 0x4, 0xbdb], 0x1, 0x1c4213})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 2)

3.056429759s ago: executing program 7 (id=1871):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2}}, 0x2}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x1a0a, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
r1 = fcntl$dupfd(r0, 0x406, r0)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000400)=0x10, 0x4)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[], 0x56c}, 0x1, 0x0, 0x0, 0x40001}, 0x40000)
syz_genetlink_get_family_id$batadv(0x0, r1)

2.787297912s ago: executing program 6 (id=1872):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000003300), r0)
sendmsg$NFC_CMD_ENABLE_SE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f0000000540)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd7000fcdbdf25110000000800150001000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x20000044}, 0x20000010)

2.780635314s ago: executing program 7 (id=1873):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x88, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x50, 0xe, {{{}, {}, @broadcast, @device_a, @random="13610680c4c9"}, 0x0, @default, 0x400b, @void, @void, @void, @void, @val={0x6, 0x2, 0x5}, @void, @void, @void, @void, @val={0x2d, 0x1a, {0x800, 0x2, 0x3, 0x0, {0xe, 0x6, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2}, 0x1, 0xc9b9, 0xb}}, @void, @void, @val={0x76, 0x6, {0x0, 0x1, 0x22b, 0x4}}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0xf5c}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @beacon=[@NL80211_ATTR_FTM_RESPONDER={0x4}]]}, 0x88}}, 0x0)

2.51631108s ago: executing program 7 (id=1874):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x4, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000cc0)={0x9, @pix_mp})
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
recvmmsg(r0, &(0x7f0000005100)=[{{0x0, 0x0, &(0x7f00000005c0)=[{0x0}, {&(0x7f0000000480)=""/87, 0x57}], 0x2}, 0x92e}], 0x1, 0x40000163, 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)
mount(&(0x7f0000000000)=@filename='./cgroup\x00', &(0x7f0000000040)='./cgroup\x00', &(0x7f00000001c0)='bdev\x00', 0x20080c4, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f00000000c0)={{0x3, 0x1, 0x4, 0x2, 0x7}, 0x30000000000, 0x7af, 0x5})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TLS_TX(r3, 0x6, 0x1, &(0x7f0000000080)=@ccm_128={{0x303}, "f1a0f9fff9e440b4", "881aae83544dfa6412f91b9057e3f415", "9dca43b6", "9ecb592c6ee49fbd"}, 0x28)
open$dir(&(0x7f0000000140)='./cgroup\x00', 0x10080, 0x8)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000080)=0x2)

2.398998718s ago: executing program 6 (id=1875):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000005f304433b3c4d403b4c4ddca0e3cf4c122da00a646d2f5d832c05d66d0c0e7f6a1e88d3116c882674e74c604eab452ac64e43e8effe88a272982ecf2ef60b197aa20a77eb246d253986c65bb78cb8bd43cee3440b80f4fc8720bf57f597c50f8b2373f9a67f3e6511c9bcadd35d5cb65433d9e4a97b8a71c5fb1f84d973937eb4ce52122c6d0441ffca0a1bb962430859b3ebbb7782a4e014285611f3adb985f54b120b42a6b64a654918151ae42fa286de83507118c213a27209c9905c676164775c1aa94f5d41ad4a1660f0f3b24109bd9f70bb1ec61eb2516a8fbbf1d"], 0x24}, 0x1, 0x0, 0x0, 0x810}, 0x4000000)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff})
ioctl$KVM_RUN(r2, 0xae80, 0x100010000000000)

2.26375204s ago: executing program 5 (id=1876):
syz_open_dev$video4linux(&(0x7f00000000c0), 0x100000007, 0x0)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x110c22ffff)
r1 = syz_clone(0x20042400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r1)
ptrace(0x4208, r1)
rt_sigqueueinfo(r1, 0x7, &(0x7f0000000100)={0x17, 0x7, 0x42580165})
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

2.011524679s ago: executing program 6 (id=1878):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000140)={0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0100000000000000560000000000000066ba2000b0e2ee"], 0x6e})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x0, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x9e, 0x6, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x180, 0x4, 0x14, 0xf1, 0x0, 0x7fffffffffffe, 0x5, 0x5, 0x6, 0x0, 0x45, 0x4, 0xbdb], 0x1, 0x1c4213})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.980536172s ago: executing program 5 (id=1880):
madvise(&(0x7f0000383000/0x4000)=nil, 0x4000, 0x65)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x66002, 0x0)
shmget$private(0x0, 0x1000, 0x0, &(0x7f0000888000/0x1000)=nil)
mprotect(&(0x7f00001fe000/0x3000)=nil, 0x3000, 0x3000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r0, 0x2000)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000200b06010000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000080)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="230005"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r2 = syz_usb_connect(0x3, 0x12cd, &(0x7f0000001180)={{0x12, 0x1, 0x250, 0x2e, 0x8d, 0x0, 0x10, 0x1608, 0x10, 0x6013, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12bb, 0x4, 0xd6, 0xd, 0x0, 0x2, [{{0x9, 0x4, 0xb0, 0x6, 0xa, 0x4c, 0x28, 0xea, 0x4, [@cdc_ncm={{0x6, 0x24, 0x6, 0x0, 0x1, '\\'}, {0x5, 0x24, 0x0, 0x1}, {0xd, 0x24, 0xf, 0x1, 0x200, 0x1, 0x7f}, {0x6, 0x24, 0x1a, 0x1, 0x2a}, [@mbim={0xc, 0x24, 0x1b, 0xfffe, 0xf3, 0x6, 0x4, 0xff0c, 0x6}, @country_functional={0x8, 0x24, 0x7, 0x9, 0x4, [0x8fa]}, @acm={0x4}, @mdlm={0x15, 0x24, 0x12, 0x33}]}, @hid_hid={0x9, 0x21, 0x5, 0x9, 0x1, {0x22, 0xa84}}], [{{0x9, 0x5, 0xe, 0x8, 0x10, 0xf7, 0xcf, 0x9, [@generic={0x50, 0xc, "1052658dd854ac2e6837fe7445b27fab3a8571cfe31701d87e4e40504b39dc09f46829dc36555cf1ec10623c33e3e49831a38af1a0548ed7872e21532278bd785b49b9462cad4f9bf4a53082c8b7"}]}}, {{0x9, 0x5, 0x4, 0x3, 0x8, 0x9, 0x16, 0x0, [@generic={0x4c, 0x21, "d0628d7986d8b53339995495691f900fdb5315a69ae8efbb7bad019c45bf2fd29724cdc946152673baadb8ac40d9670e2a004222edaf7bffcf789176809e1cb79b5babc458c1176b0b03"}, @generic={0xf1, 0x7, "2e1797932f0a68c20833c3b42a0a0a5bdcaedc450e1b2e5e5a3213fdac25626e653483172becdd740e9cc29b977bfa47d920088c14ea6c0bb4d8e360cfd0df7625200dc5c7d9b8bfd5b4c5f3d916ce605036602df412ab51d1ac9cdbb02d326937f1bb4f7972169f836ea9edecd5a80f8e757735eaa7003a5a888e4e0b433b7fa70a1d993f5bb4bd653b26c260df66f9a2a6f5084de5f94b99942711843720e436e145b6736b8ddecd39bdf4286a04dd65f19e3a38e879cc6ae0d1ccdf88a40b301afaa8563c701450758d128731c9e451f0b05d9bf674e9efa112af843325ac066091b8fb82e832ab744328b91723"}]}}, {{0x9, 0x5, 0x80, 0x2, 0x3ff, 0x7, 0x2, 0x3, [@generic={0x26, 0x31, "73f1b20fb232828bb948d2c0b25c242257cd28a45a275e909bb4662d4ecb76c3d0cee72c"}]}}, {{0x9, 0x5, 0x3, 0x0, 0x200, 0x40, 0x8, 0x7f, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x7, 0x2}]}}, {{0x9, 0x5, 0xf, 0x8, 0x20, 0x65, 0x6, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x29, 0x6}, @generic={0xcf, 0x3a, "21c067d4b7bb048e1ae6157b671999d583d26a8c04be0a355fa366b6c55f5393b821b286295a7d22ddad7cd6fa6619a8c784838bb7923d5aa0f29320f1dd3a0af3e5e2475f20749aa7dbd68d734345179fd557aca2ee969692e66b2155b6e5e82346d5fd042593df092d08a0cdee0edaa2cb2ddf8328fe0801924a81f1ec9ee34e1815d4163ddc8ecd3b79cbb9e6be7e632c01a68b29ff90e9d23c9d9eefd5a0a221b7a71516abe1cc846c3346b2ba8ee55278f08483057cbba4aa471a1ac2f6471c7a9fe921aa243553e22879"}]}}, {{0x9, 0x5, 0x1, 0x0, 0x400, 0x3, 0x40, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x40, 0x7}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x3, 0x4}]}}, {{0x9, 0x5, 0x6, 0x1, 0x8, 0x2, 0xeb, 0x0, [@generic={0x18, 0x21, "83bd137678a05c21f6ad7ecf244bba4fdfd8137756d2"}, @generic={0x78, 0x31, "de68c211dfb3f365e1804f874f241683c062751a8b77516fb18e3e5fb6e94e7ab3a6673bf7ecf1be9e6b75983f17ce253aae8c35b7f688527e56ded100477f8b810548e45f45e55f9f3f4b35f7ff3d64f9882ba79a79fcae5de73c07d147d1d48fc80e183cb3a73864ca4017d403a9cd56c52f18c9cd"}]}}, {{0x9, 0x5, 0xb, 0x0, 0x8, 0x4, 0x34, 0x1a, [@generic={0xbd, 0x31, "cc42becc701e5cfb618ba1cb3acad0fd1296514b5faad155272b0e18d3cf618e154f7063a0e4d7176ab0d878d4cf133b241c0da0de942379e3440b4bb135c18f9005872441c56b474d435a58d9387921c1f0b928f553314bd478e460f9d0d67e18e9e9a0f7e339e15f74acd8ed43b1e5332a7c1926f84fd78c47cd8c3b6552ba1453e221b92006dbd150d6a50269b0f0e5e044cb9d9053e312f1530a6665f0f924f6a90c7fdaa11f55a9d3c25d713cc1195f68f42528e01e72d388"}]}}, {{0x9, 0x5, 0xa, 0x0, 0x210, 0x76, 0xa, 0x2, [@generic={0xaf, 0x10, "99bbba3dcb917f66439048172c5513ebcc838bb8c51348048350fa9b2098b7c12f3d46984c03c73133e25869ad3ca3c92fa83e5c59201c48ed971956c71b4f7c9c4145d00f1bebdc2dfe701a87d538b940e378c74a829b3258c3fed5852d404fc0b01afc1a99c51f6aaa104cc2c50f5dc51dc8dc18a9cfbf3145bfca595f3df1743c13b376455736585501a0f85439554d1dc79daa82d788ec8b50e10ba1e7ddfc95245e5bfb8f265ffbe12f7b"}]}}, {{0x9, 0x5, 0x7, 0x0, 0x8, 0xfa, 0x8, 0x6, [@generic={0xe6, 0xc, "7bf6b4dad1af822ef7465ce839c0d166386aabc6c664c6f81eae3670a7fa0d1a60e170d5e0e4fc53501f0b1ad5ed03aac8402188a0d686c57d6555628c1070210d3893aa6280adc31cc91d743a7231b2e32bf810484004c0b5f4244b40523a2beca37f880a997805b7e832bc54e07dd7e0a3279a37f14c9664701cf63318493b298837608a66e7699cf8f2fad7035f392b28e44d5e6104f453adba0bbfdea6835c7ca2942692612877806b1fc170e966e803a6e8a7e15582901f742bb4641c8355e783d8d36d86c8b8a185cf6ba40526959b6dbdbefca5fa2c2f762e1bcb2208e1d6941d"}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x8, 0x4194}]}}]}}, {{0x9, 0x4, 0xde, 0x10, 0x6, 0xad, 0x2, 0x61, 0x21, [@generic={0xc6, 0x4, "daff481e3eabc0c6079ef374cffe80dab7a81ad7ce3c4c784be4c0634a20c6c5c5401eedaf5ffee7de57b42fa61181c4cc2fd1fd40f682e2b944e46aaacf6b7bdf15b741f2fd92ad45badd596a0db32adaf293b08094e209426a0e8324ae9a0f6ee46a6a8128d30dea1f8df3aabd082e4a783e3ac77470cdd30479f419b7c6cdf73081c94e06e5a486ebf2f03c2c52e1b1ff90734671cdee1cec1ba87f69c65a74ba9224bc0ee9f11927c24223c33195786fd8583ac3a751a5625364036eb4016cf7e33f"}, @uac_as={[@format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x6, 0x1, 0x4, 0x7, "c9", "e80343"}, @format_type_ii_discrete={0x12, 0x24, 0x2, 0x2, 0xc, 0xffff, 0x9, "f262d0d83833805952"}, @format_type_i_continuous={0xe, 0x24, 0x2, 0x1, 0x2, 0x1, 0x1, 0xa, "5f24e0", "95d192"}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x1, 0x1, 0x98, 0xf, '\\', "8f35"}, @format_type_i_discrete={0xd, 0x24, 0x2, 0x1, 0x9, 0x2, 0x5, 0x2, "a1c921278e"}]}], [{{0x9, 0x5, 0x2, 0x3, 0x20, 0x2, 0x3, 0x8, [@generic={0x50, 0x0, "0c9e7b37739113fa9e3d887917566916ea01846c56a167f3b4bf87c3071a09909b308a023e5f2ba3c4e111ef66c8f9cae9dc5bb47e2cdddff44f6edcf18dcfeb8bc58dd59c6a09efd53a4ec1e9e5"}, @generic={0x31, 0x3, "12518abd1c95255ed8b9a79096eb9e1d40bb9f02a9742c6d17f59f894c3c1faa1556587e4fba4a63b4db753ba446bf"}]}}, {{0x9, 0x5, 0xf, 0xf, 0x400, 0xff, 0x6, 0x0, [@generic={0x19, 0xe, "3167c35d30071f408f471d66781fa7975ffa87e368e4d8"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0xff, 0x3}]}}, {{0x9, 0x5, 0x5, 0x1, 0x220, 0xa, 0x4, 0x4d, [@generic={0x8a, 0x7, "bffd0e60bec6c51f8b1f373e25d44ce7dc0af717894954ec9cd035bfd134c380f7b4ae474935187449a1910672288cb449cb9a7123c99624ecb51ed98555ed74a6e58afef66a17a769bf3caff506c304428b5bcccdebd23edb20f248d4d7a3e4fe805d1bf39a8698fb8a0ab1127a80391156f06059af6578aeeb9a8d53305a1962bbe1b58e836d91"}, @generic={0x4f, 0x4, "e4f0a6b2b6df7873963aa6ac6ea2a6a957ddc0cc37776fb80e01b66de9c93973eba8f0488bfcd9a3d0bf1bd23c24d20c1d27588c5624e3e17393597e9b89c2cb5f1b9b65324ed7d75bab2b36c4"}]}}, {{0x9, 0x5, 0x0, 0x4, 0x10, 0xd7, 0x2, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x3, 0x8}]}}, {{0x9, 0x5, 0x5, 0x3, 0x8, 0xb, 0x5, 0x9, [@generic={0x83, 0x0, "bde2b1682ed141ebfe399cd791b6a9bea7e5b9dc62fd30283f1c7b028cd68ce60469bf3a747fc6d4feb4fbeea02b913213628079ffecdfc78a10c6553749b2eac1a5686bd7fe83e64f461fbf9224bba215b1c41495508cfc7447899d5262871d19367517390d926d77bc00f8172d2f9843de6bb98c10bca6b4b2c257238b5f1674"}]}}, {{0x9, 0x5, 0x5, 0x10, 0x0, 0x7, 0x5, 0x7, [@generic={0x90, 0x23, "c35c585a4703a1ad7d61312dddbc3276fffd70a5da979e2e2688d2809bdffc4f8e3134918157cfe025ca91b2f56c8cf692c15dd3fb48d77dc64eb6a571a67aaece9470666686f0aafa1232d14374115ebd30d7a5184211b82db5bf1a0a97db12d36c96e4b6e495e5801d690b20384f31eb4583bc91500f125b04a63cb2659bb05547058334397fdddc13a0baf6bb"}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x0, 0x5}]}}]}}, {{0x9, 0x4, 0x90, 0x3, 0x4, 0x83, 0x88, 0x2e, 0x5, [@uac_control={{0xa, 0x24, 0x1, 0xffff, 0x6}, [@processing_unit={0x8, 0x24, 0x7, 0x5, 0x6, 0xb4, "d8"}, @output_terminal={0x9, 0x24, 0x3, 0x6, 0x300, 0x6, 0x2, 0x8}, @feature_unit={0x13, 0x24, 0x6, 0x6, 0x5, 0x6, [0x8, 0x7, 0x7, 0x5, 0x4, 0x7], 0x1}]}, @uac_control={{0xa, 0x24, 0x1, 0x7, 0x40}, [@processing_unit={0x7, 0x24, 0x7, 0x2, 0x4, 0xc8}, @processing_unit={0x7, 0x24, 0x7, 0x1, 0x1, 0x8}, @selector_unit={0x8, 0x24, 0x5, 0x2, 0x9, "1c4c73"}, @processing_unit={0xa, 0x24, 0x7, 0x6, 0x0, 0xd, "9b4166"}]}], [{{0x9, 0x5, 0x1, 0x12, 0x92b5d016114f7f24, 0x7, 0x2, 0x34, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x2, 0x4}, @generic={0x65, 0xc, "fe3b581d2188e9f40c33d4f77079666ec4f42d113bdf5cb6e0583e9d63887f04bebcde51fa907fdc04775e10ce1c68383f47551dff69b46521869fabe60afe52e225a863de2c8160abb5ac40bc4a0310dca4789f96b54ac39d313648e81a4a5a5dd27a"}]}}, {{0x9, 0x5, 0x0, 0x2, 0x200, 0xd, 0x0, 0xc7, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0xe4}]}}, {{0x9, 0x5, 0x1e, 0x4, 0x40, 0x4, 0x7f, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x9, 0x3ff}]}}, {{0x9, 0x5, 0x5, 0x4, 0x20, 0x0, 0xff, 0xc6, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x4}, @generic={0xf5, 0xa, "f2ea99d5ac7fa8fa137cc84ede037a914db5fb074e94f1815050583303f5fe1c6e64e5be9233f060f202cfef9297c05381bf4b58de477c38ab33b0c03d948822d423a41bbc9c18b4de678f1a69cca183a525a462cd254c2c2ceb2c5c29af6d8b5218958e2c5554ae3813a52ab4c04d55d853a2a9c1bb8f290fbcceabe0bfb01bb881bf1b7433db37054cf1184b60c748946d04b60b7474153ab2ab7348d13f2e739127f1a73e3d7b4c934c632c212b0eb47ca6cf7ee454afd1f051e3ca0d295d6781e2533c4f5973997af35151324d5840fa8e0030172c32b6853a182872df780523dabcc6649dba1c51d310cfcc7e77082f08"}]}}]}}, {{0x9, 0x4, 0xd0, 0x1, 0xe, 0x17, 0x86, 0xaa, 0x5f, [@cdc_ncm={{0x5}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x7aa, 0x10, 0x3e, 0x2}, {0x6, 0x24, 0x1a, 0xfebe, 0x10}, [@obex={0x5, 0x24, 0x15, 0x2}, @mdlm={0x15, 0x24, 0x12, 0x8}, @mbim_extended={0x8, 0x24, 0x1c, 0x3, 0x35, 0x3}]}], [{{0x9, 0x5, 0xf, 0x0, 0x10, 0x2, 0x9, 0x1, [@generic={0xa9, 0x4, "eaf21294f61b516de8525a8ee73274f86c7d3ad731efad887e891adfc326436936f1418787d53d7124e168d07abb5a3ae69c839bd34273b55e823898dd2b22f5767324f8a21ea4db8d1a699d3127ed237d8d343405e13953b6474b24c1b8e045233b0eeb1d5ed2362d2574a918c050a10a3b5e2ceed6330b28ca0267bac4913972ebc3504b4b3f47f3ab0f4e406ce31409aaa0e10361fcee85208ce1104f01ae8b39886f61754f"}]}}, {{0x9, 0x5, 0x7, 0x4, 0x8, 0x4, 0xf4, 0xff, [@generic={0xaf, 0x7, "d85b3ff16022eb05987d37dbaba9464d8844b2c873cdef2721cb57c36e9dba94ce0f6a3bf9d947d9df572ae6940bc0a1953c939afadcd31d34addcfec77561a1d98578b7aa469354427330b4648b05c197f2b18cf59f0efbd50b6a25973df8465341ac36d875e6ad2c380b96700e94bba71884ea5427d5b368d09f0bb33171ab8255d7b6c4c8fc4c44c765971c437859ffd2cde22ea9edb6c4fcae86917e5171b2d02ba6ea84a2592214ddaba1"}]}}, {{0x9, 0x5, 0x8c, 0x8, 0x8, 0x4, 0xf6, 0x7b, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x9, 0x28}]}}, {{0x9, 0x5, 0x0, 0x4, 0x10, 0x1, 0x9, 0x80, [@generic={0x55, 0xe, "c3e369c23404af7df918e7454e230e1b37ee24de50a56f6d85585cebcb4cef7a6ac75d60a1c2af56eaf5edfcd5e71b81d26f55af22da5909d1ba38d9116086c606dfe976198aebdcde1849fdef3c9dd0ee8a32"}]}}, {{0x9, 0x5, 0xd, 0x10, 0x200, 0x2, 0xe, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x9, 0x6}]}}, {{0x9, 0x5, 0xa, 0x3, 0x200, 0xa, 0x3, 0x5, [@generic={0xc9, 0x23, "cb255d83fe237a1dfc9e317f969c9572cda8d895e48c082bb5cd3b57670dea9c396b80890255df3c49c48fefc4ae273c26a3a6ba3fc546b85ff35f0a08ac8fbc4473538751a7c3d06693ea12889c045e86840455aeb66e189b345e64c46c2431f3349e85faf89450d19a54bf5d85549fd4d8e95539e0bcc786ebc01e2cbbee64e3fb89cce3460c0469d45a825f8d162f045cbb1fba6ab16da0782629cbef0f96c2c688875e978533ef6644bc7a5949cffcdc40ab864312c93dc7b8cd76d5378fb36471a1c762e0"}]}}, {{0x9, 0x5, 0x7, 0x1, 0x400, 0x3, 0x6, 0x2, [@generic={0x31, 0x10, "34eb2b02b0e7ce73137499b694b96052df92ce1e38b0a22ba9cda82d5d823be86f5ccb99a5e6d1d6d98ff4a9a5cff4"}, @generic={0x1f, 0x3, "64c51c0d3e8bdbf998fce5441ed2e74ac0fcfedb7308af68efaf13921e"}]}}, {{0x9, 0x5, 0x5, 0x1, 0x20, 0x0, 0x1, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x4, 0x9}]}}, {{0x9, 0x5, 0xa, 0x10, 0x3ff, 0xb8, 0x5, 0x85, [@generic={0x70, 0x6, "77cb22742c02b90cab3a7ecca7884bbd3121eff0dd20645b8febfff3be14bbdf70ccadba944e2655689bcaffb83d81349d96528f0244a88f162d1897e7e59d595e9d9c49fb5bb05565d04504037babeea703ee549b531039d3877538ed69ac7e5e40e5a9616e6e0f67122fa7c9b9"}]}}, {{0x9, 0x5, 0x9, 0x1, 0x8, 0x2, 0x40, 0xf9, [@generic={0xe0, 0xf, "fc3a480fbe7bbcb99480920d90557147b80c831a44b503bf2182206281616c40532824b785d720200ab56574d9e5b697d352889586c72305f2f88e7cf412d7bc5069ab8ac041c88020c75bc9f548b0eb3e19fe8b0215cf7457c38c44ebbb16878a9345f932a33894b0049b6ec7d5ae5c215afc994c3dd02b667137ac41f0361e8ff3dbc0eccb94483fdc532c8ca16ce88f088b117fc820fc0f31e7f3b240da6861fd8c2fa3e5b3edef6ad39126d66e7d521a16ee04c6bcd11c7d7ae26f6a3da5a9a0b3d0b532b4f2e774096037caa812b55bf413793904c2960bfab4f133"}]}}, {{0x9, 0x5, 0xf, 0x16, 0x40, 0xc, 0x4, 0xf, [@generic={0xac, 0x22, "4f30e1057009519376f6fb23d50d88769717a53f58bb57901da78de4f4568d7005e392bcabd8c9655584078062205d5dedbabdab607d9fbf8f1156ef7619139788e75aed463e0d4d41ea968a8f3afb35a846355666eb1e6cb2a83e49e69babced7151a97edbc08c685dbc782cd7b829df1d056ead65ffa06f8ebd759324dce4979e536474fe89c1806e4ec306496a13fa2896e7b62ba8aed00bdb1101bf80648b6839d71c4556ae3c8e6"}]}}, {{0x9, 0x5, 0x6, 0x0, 0x40, 0x7f, 0x4, 0x80, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x9, 0x94fb}]}}, {{0x9, 0x5, 0x3, 0x4, 0x20, 0x80, 0x8, 0x10, [@generic={0xcf, 0x3, "8afa77801331886bc5fb18b64210ad39c32dd338b04eacf585ddf87202abe70e488ec288c0d35c9ded0da881b6235384664fb7814e03bbaa2f1bd9a973522cf38b2f1500580efcfa34584c8ba77b6f67a18fafad2aeab2b4f2810cc9663f0bcb60f852693f129c6e313295fa1b0c907c39fdd85c9817eb780542deba5076b13129ef4fa9d6167231d8d05e485a8e0adc2d88d31c6b77c4a990d3e3db1e1e7ffe2851c2ae1ad36b1892538587ae04e2fb01acd3ff05c553f496903871a9ad0f13bb89f689527ba08fa4fc229006"}, @generic={0xc, 0x5, "60883b890ba4cf09b6bd"}]}}, {{0x9, 0x5, 0x7, 0x10, 0x200, 0x4, 0x80, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x0, 0x34f}, @generic={0x11, 0xe, "b9f2b32c94ad03283326c4916400e4"}]}}]}}]}}]}}, &(0x7f0000000280)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x200, 0x7, 0x5, 0x4, 0x20}, 0x2a, &(0x7f0000000100)={0x5, 0xf, 0x2a, 0x4, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x2, "f2fc9b66b1f451f1b800a5984c3085c8"}, @ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0x4, 0xc, 0x5e, 0xb, 0x34, 0x9}]}, 0x2, [{0xf5, &(0x7f0000000140)=@string={0xf5, 0x3, "81d340d69188618e5c7f0d0919b374cde384c96ed81de158d7551dd3b64fb6e39f2df7297a2c95134a6c704881a71fae5b2f6939f472e8d3a4ddc1f9a5b5d198111bf5db35a391a7ccbde81209fe20d33cbbfbf4c2fe60b4e546407852f2dd2de02433b3e04f93edf437b54a77bc54d3b3d24acbe254fe4f026a2eba3b9da4de526aaf6dbb109f1fa3d3b4a6e08c09b40114a8695529f540fcb4d7fe75642d169366ce2b831b3aca3e3d5148eecf4f36f87cf57d1823fb9b5df1cd43f21f0660b3aad1563687b8cc4c0a4a4caa9910d0e299a46864af9c70ee92a57f8007b859b4954764de15ec5e34a6086ea8d91c9d5459af"}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x3c07}}]})
syz_usb_control_io$uac1(r2, &(0x7f00000003c0)={0x14, &(0x7f00000002c0)={0x0, 0x5, 0x9c, {0x9c, 0x8, "46187042b2050db136f9685c4ae356b5a13f37663ce6e2324b5b896b225b63d788fd5e07b332ca6a999944563981c647fb8d79fa96d787d9c3a578b4d65e65108c6b6e143a55dcd0a39bff88734fdd4aa0f0e48e66e81ce4894a4961a68e685fbdbf851f9da3b2ca5cac73066844e67d0631188717bb902c1ba49e4fa6fd8a34759df5a99e78b887955dc830c11d797d36c0e40a852c5551357a"}}, &(0x7f0000000380)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x1801}}}, &(0x7f0000000640)={0x44, &(0x7f0000000700)=ANY=[@ANYBLOB="20093d000000b263513797f0d23418141ebf9d34f68a59db5b19a65efdeae48be00073cedcb0aa7eb1fe6f9af1904f60bd191d4ae866437c76b9670386000000000000000000"], &(0x7f0000000480)={0x0, 0xa, 0x1, 0x38}, &(0x7f00000006c0)={0x0, 0x8, 0x17, 0x2}, &(0x7f0000000500)={0x20, 0x81, 0x1, "92"}, &(0x7f0000000540)={0x20, 0x82, 0x3, "d760a5"}, &(0x7f0000000580)={0x20, 0x83, 0x1, "fb"}, &(0x7f00000004c0)={0x20, 0x84, 0x4, "eeb29400"}, &(0x7f0000000600)={0x20, 0x85, 0x3, "0ca863"}})
mlock2(&(0x7f000008e000/0x4000)=nil, 0x4000, 0x1)

1.525726687s ago: executing program 6 (id=1881):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000140)={0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0100000000000000560000000000000066ba2000b0e2ee"], 0x6e})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0x5, 0x7, 0x6, 0xfb, 0x0, 0xf, 0x4, 0x1, 0x0, 0x3, 0x9, 0x9a, 0x6, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x180, 0x4, 0x14, 0xf1, 0x0, 0x7fffffffffffe, 0x5, 0x5, 0x6, 0x0, 0x45, 0x4, 0xbdb], 0x1, 0x1c4213})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.376180329s ago: executing program 7 (id=1882):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(r0, &(0x7f0000002380)={0x2020}, 0x2020)
write$FUSE_INIT(r0, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000006580)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
truncate(&(0x7f0000000080)='./file0\x00', 0x8cff)
syz_fuse_handle_req(r0, &(0x7f000000b1c0)="02cbda572ec32cf73bdbc52bfa4e157261eb6cbd0d1d50c9d937a19739fcb9f8697bf69c0e2e526012185f1b86989056f9c2d38906e8a47b9b5fde55a777a6357ac40c211de6325f496fd86dac09bb38b62b37d715d06e3c61b172aa4a662cefc7810ba37161c637a9b56a7c7b022426826076f1d2bf3c3b6f92ab9c27d691385c3efc354f1423d01d6a49d534fca3f2bf518cd645cf18b4ac2d2ac4c5c29ba487c9d27bb488a73146d5b9e21427af37dee4a276646eb2519e4f6c76cce2f7bf7e708d5180959f71d3797220101849c5144ef8338a5a2079ecce466000cf290d4df42e82865512fb5fb01fb655613cf1c469682edd86a4bef86aa23240ca6a2ff38b59339f7530e8a8027aee0628e0f81b2f5c661b149d780f20ec54c8d3d42c0c49f83b1c0d4bec94bc9221e6fc7c75ebd3b68081df207721584055baeaf6429616d57cb35d2977d45971d209e4c45dfe3c5c105e0e2b49fc8685b4945f31c9468f3c950fcf70a8f45e5a3be62f73c228a6a34a99b6f584b42c50506a6c14187f44887270011cc98d7e5e258df533411c8d39bfa9e27014912ed9e9696fd4074fbefcd4817a344be5ea348f4a7a34733a5bc5674b1bcd39404d5a458d1e19b6d4bdb4e23403154249b5798dea7b60bbf0c09c25027a4efd49d36cbe65b7450c0bde580d356ad4e3cc7a9a57e6ac0b542592617869e57d9bed28f0590241bdeb51fa775aa8806a55df2c795a61146bdbe38eb7a716180bb9b728696bb0e78ff11f89b17c7e7fe9b14ea976ccd9991f01f5d0c4620053d0b5ce42af76591fd0706494b91a6dfc43560f9a9538ada19825ffe3a7cc7a56b755d46ae1189b1f1ac729d9938ad48a066624c1b28003a9d193b4b34c4ab2609949df96f693389f27dd3e1f42b178eb17079c1448d7e9fac30ddb53ce8e5a157db8296cd3069d332bad0528ae56a6db41ba84699b85f225a78a33879512a5f0b795fc58957ef6766afcf546fe36c8125276eeaac9d647b2459c164aae86a2703e85d4f552a0647cb4bdfaecf6ec3a264a6b6892a9a1ba08a9055e98b49edc4e1f8010f63f601a8251921df70e15011116c471a70a0580b1789bcff471dcc95ad209a44ca2453d58d3ea4c71e0383db68adf332a497a84faada33f18bd3cd79ff9d6809409769b02a66cf524534ab7134e3066eef904d8961195d9cdc396a012bb3bc1b1ccd60317d08cb059174642aa3f60584e58e7417c1736f6863fae9e7103158711167a53d7d5deddacee6958fd4c2e0672b8dd90b41512b1f59fc49099633860dd6902c1df3d5924b1cf81ec848d51129b3eddea619129e961390d65d2243d400a1e30e524eeee1a701da5e21598acf457947bad693892a2989097ecbe9607a33ffb33425ccac5e19ebd1f88bf3acc03331adf9697bed04b33ac9fceaa3bdc9a417b12108e10f9c45b6d36181099056a448689da4ef68beee35f5930ce4a5712cbed98239a674c5883d6a5e0df9c1cbe1eda8dc19d14c4abe896e3b28bb3d4b2a0e9ae31ca07b9819825f3a6ab82c5501becf023a656cbff569dbc3035ae3c585747fb459581629051286b170b679b683a0b2eea6ef3b41a68012e5f4d64f689c2b909cfd06d37c0a802be2d882351bffeddef1373d8cbafa10fefbc28b31a70b6e912fc61257aa76a0f0dc1d3ef72d2f61517a359053c3dcb7d49d8a4da61bcf3b3dafc0528bb037cec0d986b3949fff38a21dab6b8a3a167bacf067c5f7842ebebcc1bd54776b2e54a098303c6331beb16e42d0669a518af2d173405786439d739b813c145c4f9f98a537b1065bf4636c76e38b71943815a6d1227d0a6965dffc37c00444aebd2ec19286b83443902dba1354a69377e97070a79151e64711111bf3e0a755b0fb1a1d5d009fdf61b665b41a3b7dbd0655236360141c52b93bc907b0672743973c30d6c9ece47fa1fe3625cc8acbe305156012ef1c5ea140be70b804887be593f25faa13ee4ea2d9821d23c3e047d74ad4f7de4d95d275ea3e6c87479f1badfcef002ebc7020b581a096abac1a80ef6ff476a01b01f7c0fb1239fcc182f74e5b5965412c0f4170432af15daf457143b1f41422b8a7f9b81c15a156ddef9af95955090d013cd52aa66ebfbc87c8030e7f86b52aadaa2e63c261185eed7c46b5f8d56e8301a9cc1578aff77b42419a5eb2e263207ef259f4da6ca6466ac9326a633b39e005028c07c9aedf17a70e638d7ed84638406e6028be879fd0fe491152e181d5527933950eb67a52cf155d5c845a6425e41a47b44d9905de26e5132c8d594c1bf6d4f12dbcb96d7431a56546800275623679d6c189e0cebd1fb8063140b89d42da60ed06206d329c29841e69c820428bcde53c998bee0380a816d080b36f64574718b84e0ecafbfd2b9981f4886df258dbf1cfdb148b171516500572a7086516fd519bc861878ec2fceb6872229ff1e9782720e590d8ef4691fa9c4c54bfcc843015913a2ed40bf37048151d17b44365f7f8d3b816d1b1cd40dc5dda6ab8f637b5f6bae92580f1c269c9231c9a79d58d43208be7622147db352b1294260eeab12409f5b5ee94d99548640634bc9479a6e6e06cc8838bf85d9bd95452eaf8ad3cf6c070aac36a7d38fe23cebfaba46c74a6c5c98b1b5243edfe405161b8c3ea0cdb1bcb4e1041fc62451a6094b0c56ee2ed29520b87228959bc01a9a9f54d214704bd321b152a0e88d0646e99a92a390dfa6bc2c34d418e5e900a3b641ab34a5fd8de751bfb3253b7aae3948d871892d7b76b351b073a93f3ad82b0c59bc49ed922c8d63f8d12c14ce1912bf877bc7877f619b03d09200836c775675e0614efabfd5665c3bf12e6131a7232639729b79ac1c5e807246d30934b0f63b31a06c4722278299949c7785d796b6d3d4a5f2fa652b7fe8be447cafe93fcb07167f3ef16b94261fc3a9d22a57a7aac56562a231d79dbf3bdc1f436206337ff0f8e019d76b823c5976ee23ba4e553ec62d261bdc7da90fee46d3472cc267a7a74b88112ef765091df03bb59cf303feaa0149b371a7bdd75c0187ce842dd1e4cdaf7fc0f5ef7ffb559c535f19100ba653728cd936987731d5ac99cb9ef772975b17b2aff8b872df0d189c7944d63ed66cfce8ee92e7a1082c2a501007aacbe0011e6c32489bcb888e1c464bec59902d940d81136c543098a60104bcfd0f4e7c27cb114ff42e8d31fe09a4bcc21cae5ef2f8e4890bd8139fff1b1b2a39e29eaf2e5d2fb810ea37a13e6d2105a6c2ccd03fc110c6f9063e2433e1450dc8ebd8ede0445af662cf7ee705003630ab7d9fc6ed30169ed674dda2802d519e3b49016c6f11612ae53230b062281ddf7a678784516c3d177857f8bdbec7910af8c81333e471bd8a973ce858a14756ef6ec85498714fe8e1e6600023804004b968eea42c410bf0f5c5b2471835454f20230a6d342f96f71a2e64f54b838e5cd939d7a651d402fd60a8a2a081de0c536d5b81345d92165e79fa65140b91c23cdb5829db55f1f93b88bb43a355e9304a17355851d52c0d745b611a30eb400044dce6ac742bcce9df9583b827514af8a2ed4a04553817ba6ea22e9beaba65d32189a5c2bf65a09d2c8a8798c0645fb24157a4e71be7889fe65c34869d8852b21661407feed92afb0bfe582693a21c050e5adce1fe97755b0be276c36b81b89700b99d23d315a64f7e115eacdb3ade725cb3cfe36c27a5e2addad60290b022a9fc26132b5ec3b5f1d884399fd992525a3e17e18e7ee6078a64b7efc3bbd116e5c305d8ad935baff18ed94c7a8720e729132e110f986991a3ad21cc637282f55588b12756895e2d10afce85b1a04fc271b217278f156c7ffb1ed9dd52b18fc8b153802fc329dca81b278d715f6e31fbcc77d8ce5c2786573bacac30791aff5771fece44063d1e84abcd6a4ae016858893605eecf253c79e59c2152efbe9fdfee3c441e4bc9cb14fc96a675aa17bf7d2024d665fe3982b61888bbe7129a1ec8fafc3480170c71d05f5d22ef7ff0e2ca598fd02bbd0ad82e6ab0e775388bf3aa421c20b6a2a5e256386abff1103f46a8b5c54c2d54b81c50d8bd98aea724bda55f99d95956e939b85d59abdc50ea4cf1d44afa3e8dffc9d84c6b7d28b78c40d7498670602b97c5e2a6281c7876dabc1d14d156e827873818bc590644d2a1d084d39c84e78127b087bf2cd9353fd13d4ab12350318aedadaca6a2728267e6f5f16547caadf3ac2fade3c86b516c6ab53d61ea1c148835b9a2c91fd0ded7283ef720086dfc7728968924731715f78915045a69122d8b23a6db47cc6fccf402b9913e46c9a36924327ca9bba6bb8cf7cc80952501fc2181a2ec7ae4364cc6eac0cba0edda68f3b398a249d114702147f8b1cd9c7f8a15345f42a7a50334928eb4e2de974e4ae2ffb796bc640922f7ada0933460e0c0fc06276dfd228da9bfbbe5a3eade6f98594b0226339156022aad7aa8c9650417cb1551b3b6b31ce436396f68134a6ef23d6b926988fc410f81e1ae01282f244e70051f1b93644f78af3ef6359d106b291568e1ad00ad6ee102964fb7aaaec9732e43a21ea28cda496e4ae367ea738482e777290cca2ef61c8ff10c1b9546b5d395d21c98542f37578d297c13899247a6fdcdf0b8cba6b498875926a19852f97ef60dc1a0c4069fdd4d1fb87a6cd58b8786210687d644a4bad6f8fee0bc5fb94294cffc323e97597be6a5e457a5dd27fe2ebf5c34aef3bb5c43ba0a7d931e7ab02b7c290c5d04a41c01d14d6fc1ba80bfedf71caa0f7e59b135fad73e28d4861d601f79ad32edc6f8d1978d8ecf787f3c9ac71b2404939827b16f3915c8b1445dd1ec012aaeff88789c396665a50df52b244ce5b100d9a29ce52903b8f7f3662c0d0599fd1a7071798b759be02d58e5c6e4626b477653655fb7f5d7bc0ad94dbfe131c9ba5a994c1605c03b9f5173f8205c580bff685e693b23ab4cc7b2e4b21282b14f65684747ad98c0d855a205a6e17b5bb4c2b07097ae32393690e4e07a7f3e25d6bd01c1fb973a67edfa4e1d4a7a96b68570dd9d3bdfbe8a5a69adbd17167533ddbd2a58d70ca1ccea6428770dbcfeb47ddffa99e8b5e69bd34641c1f1a033e86215447fd2927482b12a85f11ae1d8b2054d7f642a9ba526e5a7d8e3d81bd394c264666f4b4dc3ff9c1584f277ff31a29c1358d9a953e0ae2822a3d174a0ce3da386083ae06f02723aea03931a38116a8e4afbc36fb9c094eb340214881a6f838f8d66141e451b9a1bd250363e591bc4ac566123a379272c08c0511e29e1dd1bc06869f3fd151bada9b28a6a71970ae3580d5bb0ab76b38068f504659bc335be1bb2a285329f749303600211d6ef7e151ad861b946d99f36d20074d65426f68a6758270ff946dd387ed3b150199fd81fd2e76a70a2fe2d7a2f8899079068ce48c5380db7e69a1a91f244ed32400e8d9e3097ec2065570dbde88faaee4a938f0b4cc20f31f175df62bf6cd88968ef7e24912dbbf91869eb9b34498d7f6000ef9a62c9441f4177ab5da1428d647b6e3cea1ca8a91b1a1246c2e048654e350cbf3dd4daaaa2558ff9c505ce0fcbcf93601a725289c38724290cffddf87e5345b43a66eb5f9fef718b0df4bcfe82c466017c3d8f0bbfd5544ff2d834a6e653ae789561df44281c8510b4bad838d04ab4a8e84fc4fc022bbe8454b36273cec843731c1df6fce42947a029f61e030990c0002b6f2c9c552227c8785c0b53683de3e518123b270f595aad389951d1edbb9c6fb14cb4e479acff1ffac191da3d80a696b8be5919710c9137ecc0ca383d8666e30a356759a5299f44c2bfcd03a8df33de0e27d6038a9551cfc5ff43de0d42a6d033bf15f3a44d52f8a71554d1a2efb78042c1c9957256d7ea06b7751b40668feefff205c74f0f947ae0920aa746f17027bbef312708bf72fb23c12d0dcf6493584c1bdd0b5780017c038bc23fb6c25c560bb6da3775cf03502c07b987e64f8a2b84a870b5dd90c6aea7fad3d0a3ee46fda953dc085d272ee5855104b8bab8ed8bfd3338e75eb9ad8118f25c7e580fec613e30cf3eb7059e06d9be015709ba6c9de9dc9b6df8228b13f0439fa8d530aa9a4dc1d44abc3191c159a8816e7368fc5c6a0e57eb881d734c7a5459ba3be1b8a17b5ee6777ee42e962aee199f35ee2c2d4a39275e1dd6a8546daadc7ceab2c90667ad48c75bc7008ec2d7daa57562260d6d4509e67850e988b640569c050d3bedbd6c2de9b4f466e2d0c6f83c3c2392a5adcce1523e89f730a84f8cad28f84d1a0991f44aa4714f93088ec2a2836766d73569c7b0c1f70a067a3f0dff1d01661937aecb39e3d0f8e0ea282cffebbfdac63196eb13c4e53f144fc66a82cc0590f1d6d249c333420c24db92177c89cf0869346c34147dab6c3b94c325ef635d0e6d75c23906e71a7940e13364aef81b97108a4b209d372558d3bb0424ecb6a9a9ee28f7d1585c8af6f1256c812eb48515feda309a08f1a2954039ff0a60a2ab75717d2eb93024586837e552942eb63e0d6735d01258eb4dac6209370c109c1a1763dd742f3551276768648919f9093fd4e0cedff9442ac404e463eaea0ffe58a5085c987c093fd30e121218123457916ced3a7250a796a40451a4729125bce2ba5b6406e6626ecfb1d3f16287ba238feb575f60eba96443c60252d5927b81b73574ff1b7d424623b6cff5ce0d1b31b3d199c85da27f8736d990063f09dfef93402d880b2c5d7a9cdf45cbb4d1baf95be490f3dc9998c2c7ccfcc6e6395e7e09e6c44865834cd3e0968ffcc1d0f54406b55a8952cd8096e8968cdca3632b71546192c76472a66c4a8584eb748c1b3c30d52e8699adbef91329aefbf94d251d0b82bf42a648f73020881a914ea7c529802772b4b60617e9c1d9712a31d0ec3e92af4b97f50ec96e794486101a9e15daf8b7f13078d22767dc3b57bc0431ef39b3ca12b2932aa585bc856e8cf5496d78eaa50f06b483f416b31f78767bd25e260042e84c10e9cf9bb53a3f4fce11d703e90004949b55044907242f8eddef627cfc9642f4a828476074c298ea2d7b07ddb7b4a2b9f8f1e5a32fac7d105c5a12186da19ef5f6475763ee19aa670e7b45f37248fdfa796d6ae761dd77955851faa33675ee22e8174e0a126ac58b9998ccb5e4d12c3e00165533ddf710bf0ab0edf6ba1fecf9548ca1618fd980a4f9a35eeb5c1aa329a288378b9b5ed54b56075810cd22abf0c06ce0f1054805410375d6e41564b71b86cab6929c5c1cedb72e0b1237fdad44edbcfd326312caa49ed0c8f7c5a33986c89245fec75d0f9a34f744bf74d6e0f901c12ea25edd60c43d22f6644fa294534cac1c581b0cbf5d9765fc18fe6c223dcff4a85c7eeaf4cb1a9a889c236778b85e69d50d482743664bdeade11b4ced78c3d0b62ba07f98a898c6e89241ed6522fdfc430b75593673d43d695082b0114b25f231c8a141be953290b1a3855adc0146adee0b784fce2cf8243838bdcdbcf4e0dbcc2a9945deea1d02858a9e9dc54f0e818b81d024bd9b2e052a73fb59d037ab526c78faadfcdecc15f2a1d843e84aabc403e84b2fefbfbec982f22b89a2be560002d45ae12a8a2d00f0a3f55e26789a593fb8bdf20efb8a51e3d0dad9ad2caec39ea7392c58eebebc7201c78276f0127e43d5c8efe0200000022d69586a9e096efe80844c38841640238584936d8a96c0ba41dc0dc96a11623ff1e70ef54a9c43ec3cd0359dfdf55c8f8c306110d833d7de7a35f015369bf6d92b3b6f0f7dc717c84e51ce475df451b9a6a91c8d564aeb389267082b9cea77f09c6c6490084da3820f80d3e62bbd41a6540591c6c5cf2a18e4e829b82a6780b6b1f66d96fcfb1639a335a78f8c3ecf381148b2625859e514d35eb8c4acc98f7f8220e1827d7745f1f054691eeb1625e2d238ae03c93991058c1567be4938de2e60537749ee81f327f1f1e586ee3af4ccf53b29741c1bb0e774a1d27672ec27b43719d3710e9fd8634213738d98844717c8b1f707bd42f4077c9e59eb539f9cb32c11b47bcb7cb3efd3bf4994e90166a5ae380c821d2640fa99df59978e9b7e50f0b830943de787b1bf99e14edcdfe8565556ae2a8c0552d67898fd13551c007eb779edb60e85210a418cf0a4a41764fe9ece74f5d8000d168fab61588c5549113e8d8a059f17699d976fc7dc68cfd0ec404ef0c7eca459fbad1c40317d81b95a94b037cf96ba677697cfdce4c2c4e02cea296f25e556c02381ca891ddb6adcb0535e262b26290000c542e7616d63b211c16f86048079ca5167598aece3288f86658249e939cb6b59b6cdd3fce0e9ea81a3bb3f88908c600ea031b0028f12632d7ac2f81e54f7e7eb70ba70bc937571b242c4ef228f801b6a4376d11eabadaebb1322823eb30faf6cf21a8b38a769824e8b7009ff278f80ac2af39f0943a29458d127eabae81d2915557b09e3c49f8c22564edea93e8717306fb198dcc92eb3c9212f03dac94fa3fa1fa4e1dbd2119e024639f0ddc87cd906d3317c6ebc6e698257f73912ff46fe8d9adbd3f57ecc78cea5c1eb04ac5fd1bb79a53921fddaffd2d34f444b54208096cbd2aa3e26ca01359b05c10ff36e98e1ac97d51380c99e1b685928eced0d2f1e754001e7023d2473596feb7c7601619277dd7e844bd5544e7e360f8e4223fbd9e24b3fb69a34ced39bf7590fb853e44031d075fe647190ac7811522c73a6c6033457c14c415e4a84663d2540784a1cbb4a398f1d8612f4f3d334576c99d5721bbeac95cc34d18080e3b1365b6844152b8259c8d4618597f291f2b9e8812ab7729e108a8d44487f8993faabf6c6a8f49db727f17cdfec43b34c39cfdd3916fa6953e34f316100368c7b2836c11dcd4710986980356b7ec4ba23fab5cc5a8c6cacb61cc65570231407ca647946393031986cf4736280ed2d7976d66618fc240191455ae405f1d62145297179c040a707093fb8f60f5a3738b8bf78bbdf952478da7e9d3c892af5b83cd9dd4f00fcfa13beb9e6988e3c4b4e5300e3757a93efaef9023fb9d7442cb1a49d7efdec32ac1f98e6227cad38538f6383c3b6efca2fda7c101ec548c3549e7ac5e737478343ca47cdcd65acb71e0eade28c684b69785ae1fe31aaec713834b6635938d7d66426e965498978e4b467f6132daa6026c39dcbf95656b9be5c074badc18b5a74e12967b45e23099fa765ea5c8c18f0feae94755827e494f251ae96882b5c5f6d54713de02501faef1fcb59bf0d66f9d0cd3a493b139237aefdbd402a3df9dd5beb2887a055261a08047be52fa51f61636255870366e837f20d0f83b8557fa4a003647152ee27bd34b5af52743d4c431ff4a116ae1184c810e8397ef2a056845c6e3b5c0beafbf8f78488102412e04e47fb87be9a9ddc075ab519f424ebf821da659b18ae3b61a7b243ff94e3d1ba420cb342db7b8060937749892a7954d3ba5e63017703f5224602616ff6d3fec42444b2524f97dfa467d9db91681dce08de5ccb1ac2bf6cb5e6c1d586b2fc62e78b0bc23e1924a4f023adb39803fd6c3d52c40b13df9c6f54bb2b4ef88f5d0ffdfef13ae46dbf75aa6457da3bdc1781dc814b0b69debee7456aa7f75571caef87f624ef703fea75f136cc7f90af0ae558cf3de5e8cc92f3e803bd46e05f42e4167af8136db6982ad26a52778e1fefcbabe61a57f00cbf04e3c82445c04bbd8832b8bb9a7cb854a22f98cd7b422a7abafe6a00571539802e56f036d5a26d79a86cb100b90ae168d2406c2c0b9c5274ad69298e7983f4b30e006cf4882e90ca8af4e445dc06d0639231638dd39929065d920af913cc7284619fcacab0023893352468eec73d7014407e5d4bca9e49d412ffb12e68610c26206de0b3282e925b83389cbdfbc41cf279440a13838a1431ea4f1a371b6b143b914238773d171bc7b44c07729e8723fe51b8180fc9c9be6694477132cb82b22b2512518266781e687fcd460995ed581059d3c692ecbdc8daf3c76e5a5bc8e57973fed5fb3465a3dcb5557f92dba1e212f9bda66fc4829e10ce3e8b6c117b1214cb246211c861eaabf8ccaa94aedd58349399e619c2dc587719d7901d2cd85ced669d0ea898c4f127d1a4cf274aa0405d225605edf425dc9b7375c8ac2940bb369eec586097f0cc07940ecc8bd400976b9b36027a040be6e64a2fa4f7ba5d59ce9b4f76192d260d665290b20faa3a6a941939a0b3042ef4d8f9b980c71a13496b104965e1c3dab25cb46147bca6b70baa0237c8a5cd1c437e43a50302490462585410f65e03186df5fc2c5bcd89f6d6a4ac34c971f0579070ab6e9a6a84159b2910a7ba797fb09dbd3ab88c23951b1a91df8cfc2d13de85dc715e2a111458acc4d640a59c199faa2bb28ec3309864fd8a6997ac89833853101a08198aa6ab3e5167b4e8e55843efae1ecd3fc6507f3a97bf2f8c4c4da4896c788a17a5fe8d8c3f79fe41dd7f4497380f1ffc8f8d6cc2c2dead697e4947cfe680a0e2b5100743444536134cde4378b0b1fe6ddc09dfe8d618f93edffeb7d097a37a19248be0bf9c4f536a484a5fc96f18f2eb4f6462b20bee241ce16b4790c854bca10914e3ba98eb0970765571a8ad45baba39d20b8c1bbb7c65717e265f5fc5edefb130aada09aa7f2c50c45de6de7327faef192977f499b7aed9e73c2ecb97f7256f89fc8b4834670f798438fac5a5045d61a7f429eba77de37517b984b0acfbd6f494a1414b0fc040244bb62a19150e0c15e5315b2618d05429263dd1847accc5de9baca08edc921ed9a0af00175c118ab801da9980098fc4a2bf16ba73e580000b49129a5fba00a1f2c45c0d0939be83ad93569dd61330913e8b381f9aff6d6a584862d636c1a4989dd3fd14853bf033be56f21a3cf1eb95d7df7c6436ff3d5a8f472bf4a3fa8b0b0741d953d9644e0ec801d4154336357d2d1492c6d336b9101827c1401898ecdca5a66c6f727d23d3ebb95530ecfee0f7649c221d2c131e56d37a8d422b0803ed0d623a2de36e9279c3c1c806654fbce9305cbb44210e282fa53c72f813440fd0cbfff492716c4a06cf99f4809481d51a03a88911f48f25db6784e16f3a251d5fb75fca164911e4a88d1b904b5372d8660d309f347dce2810552a4789af371f3e67418433cdb0d69a4fc562514cb396141f31312fab85f68c1ecd9d03ba37b40934535cc3e53c71a3a51663a479eca63dc5c15a387e5753cfa806402b6426b8dcaace2553d219b2ae02bd45fd4fde6e3e1bd6370d3e8d558aea69854381f1dad0fe2bbf1a73043f03aafe81c3a3d386c758abcb45cc537bf40d459e138f418802ec61abcad5e333389d74ea941eb5f26b25ed7642e0135fd8e3e2fc998613023dd5b804e2cf1a80ea60b353535b1446e3ebb542c1c15d87c6f5a4716455c8a9f52380161a5d23e9678417fe7ed64760e14c1390bcf73e1d531bb3548d7b9df25b6f85512667af396fad73110d1ab69a8ecdddaf29dc3701a5d927e599f5c2af293a6b276da7a5c917298ea24c2366d5e91593605fcbc4d646200", 0x2000, &(0x7f000000d8c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f000000d540)={0x78, 0x0, 0x0, {0x8, 0x10, 0x0, {0x0, 0x1000, 0x4, 0x0, 0x8, 0x0, 0x5f9e, 0x0, 0x0, 0x4000, 0x0, r2, 0xee00}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000006500)={0x50, 0x0, r1}, 0x50)

1.073138353s ago: executing program 6 (id=1883):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2}}, 0x2}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x1a0a, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
r1 = fcntl$dupfd(r0, 0x406, r0)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000400)=0x10, 0x4)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[], 0x56c}, 0x1, 0x0, 0x0, 0x40001}, 0x40000)
syz_genetlink_get_family_id$batadv(0x0, r1)

914.320525ms ago: executing program 6 (id=1884):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f00000011c0)=ANY=[@ANYBLOB="8704040000000000fc02000000619cc0694d00000000000000ed"], 0x28)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610080000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff0905"], 0x0)
syz_usb_control_io$printer(r1, 0x0, &(0x7f0000000480)={0x34, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_connect$cdc_ecm(0x5, 0x4d, &(0x7f0000000140)=ANY=[@ANYBLOB="120101ff010000082505a1a4400001f6030109023b0001010110040904000803020600070524060000052400b3000df50f0106000000090004000409058202ff03030b070905a1f540000402d7ce558612b63b2ddf52d38235d25d56ee19f8313e2860df6d1b72d0b1853b3efc3661f5cccc70412c782671de4c869bc734e6fb8b42c35336e9943cdc4df57bf375c7d11ff0511130c2636b1a679be9"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r4=>0x0})
connect$can_bcm(r3, &(0x7f00000000c0)={0x1d, r4}, 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="010000006b0100000100000000000000", @ANYRES64=r4, @ANYRES64=r4, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="0000000001"], 0x48}}, 0x8001)
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000280))
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r7, 0x40305652, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1a5e00})
r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'gretap0\x00', <r10=>0x0})
sendto$packet(r9, 0x0, 0x0, 0x90, &(0x7f0000000140)={0x11, 0x8100, r10}, 0x14)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000280)={@local, @multicast2, r10}, 0xc)
r11 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r11, 0xc008ae88, &(0x7f0000000440)=ANY=[@ANYBLOB="0100000000eaffff95000040"])
syz_open_dev$char_usb(0xc, 0xb4, 0x7)
setsockopt$SO_TIMESTAMPING(r11, 0x1, 0x41, &(0x7f0000000200)=0x4068, 0x4)
pselect6(0x40, &(0x7f0000000000)={0x3, 0x1000000000000000, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, &(0x7f0000000100)={0x3ff, 0xfff, 0x0, 0x8, 0x0, 0x0, 0x2, 0x100000000004}, 0x0, 0x0)
r12 = syz_open_dev$sg(&(0x7f0000000040), 0x1e54, 0x2001)
ioctl$SG_GET_SG_TABLESIZE(r12, 0x227f, &(0x7f0000000080))
close_range(r5, 0xffffffffffffffff, 0x0)

773.343664ms ago: executing program 3 (id=1885):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x88, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x50, 0xe, {{{}, {}, @broadcast, @device_a, @random="13610680c4c9"}, 0x0, @default, 0x400b, @void, @void, @void, @void, @val={0x6, 0x2, 0x5}, @void, @void, @void, @void, @val={0x2d, 0x1a, {0x800, 0x2, 0x3, 0x0, {0xe, 0x6, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2}, 0x1, 0xc9b9, 0xb}}, @void, @void, @val={0x76, 0x6, {0x0, 0x1, 0x22b, 0x4}}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0xf5c}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @beacon=[@NL80211_ATTR_FTM_RESPONDER={0x4}]]}, 0x88}}, 0x0)

614.739808ms ago: executing program 3 (id=1886):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_ENABLE_SE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f0000000540)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="010029bd7000fcdbdf25110000000800150001000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x20000044}, 0x20000010)

465.219256ms ago: executing program 3 (id=1887):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0) (async)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010) (async)
r1 = openat$binder_debug(0xffffff9c, &(0x7f0000000300)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
ioctl$FICLONERANGE(r1, 0x4020940d, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x2, 0x0, @pic={0xda, 0x0, 0x9, 0x2, 0x8, 0x3, 0x3, 0x7, 0x5, 0x6, 0x2, 0x81, 0xc, 0x9, 0xf4, 0x1}})
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) (async)
ioctl$KVM_SIGNAL_MSI(r3, 0x4020aea5, &(0x7f0000000140)={0x4, 0x6000, 0x9, 0xf, 0x7fff}) (async)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='msdos\x00', 0x1000000, 0x0)

360.342757ms ago: executing program 7 (id=1888):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={{0x14, 0x10, 0x20}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x1c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)

112.203012ms ago: executing program 7 (id=1889):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = syz_open_dev$vcsa(&(0x7f0000000000), 0x10, 0x10801)
fadvise64(r5, 0x7fff, 0x4, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '-'}]}, 0x24}}, 0x48000)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r10, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r4, @ANYBLOB="05005b"], 0x24}}, 0x0)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000026c0)={0x24, r11, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '\b'}]}, 0x24}}, 0x0)

0s ago: executing program 3 (id=1890):
ioctl$NS_GET_USERNS(0xffffffffffffffff, 0xb701, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x6, 0x4100)
ioctl$SG_GET_RESERVED_SIZE(r0, 0x2272, &(0x7f0000000040))
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000080)}, {&(0x7f00000000c0)="210adb5f0129af78d5edc4a914e7d67eed0dfa261ccc4c313d43dc86add291140a02320ce9a4", 0x26}], 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000140), 0x1000, 0xa000)
ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000000180)={<r2=>0x0, 0x4, 0x0, [0x8, 0x4, 0x5, 0x4000000000000000, 0x100000001], [0x800, 0x63ad, 0x83f, 0x7, 0x0, 0x9, 0x2, 0x588, 0x9, 0x5, 0x8, 0x7, 0x4, 0x5, 0x80, 0x100000000, 0x6, 0x9, 0x4d, 0x40, 0x8000000000000000, 0x6, 0xf25, 0x6, 0x3, 0x100000001, 0x7, 0x2, 0x8000, 0x7298, 0x5, 0x3, 0xfffffffffffffffb, 0x3, 0x6, 0xfffffffffffffffe, 0x2, 0x10000, 0x6, 0x2, 0x8d, 0x7, 0x6, 0x9, 0xfffffffffffff001, 0x7fffffffffffffff, 0x8, 0x3, 0x7f, 0x803b693, 0x7ff, 0x69e7, 0x9, 0x7, 0x1, 0x8, 0x9, 0xcfd6, 0x3, 0x3, 0x10, 0x8000000000000001, 0x2, 0x7, 0x1, 0x8001, 0x7, 0x8, 0x2, 0x10, 0x6, 0x100, 0x3000, 0x4, 0x15b7, 0x7d, 0x3ff, 0xf2, 0x4, 0xffffffffffffffff, 0x4, 0x5, 0x4, 0x90, 0x4, 0xffff, 0x34894ee5, 0x400, 0x4, 0xf, 0x400000000000, 0x430, 0xe, 0x0, 0x7, 0x9, 0x9, 0x1, 0x5, 0x2, 0x8, 0xefb, 0x2, 0x7, 0x2b7, 0x5, 0x9e, 0x3, 0x5, 0x81, 0x6, 0x2, 0x92, 0x8, 0x59, 0x5, 0x9, 0x0, 0x6, 0x2, 0x667f77b0]})
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f00000005c0)={r2, 0x100, 0x3000000000, 0x1})
r3 = memfd_secret(0x80000)
write$binfmt_script(r3, &(0x7f00000009c0)={'#! ', './file0', [{}, {}, {0x20, '\x00'}, {0x20, '\x00'}, {}, {0x20, '/dev/sg#\x00'}], 0xa, "794a25526181918ab7020d0ed65a70067a7504c261e2a2698bb44124fc6324ebc44c0c30da08f46914ee6533f5780ae9a1729bf1c27f480422f7a9e5023ea19c8b790e1ff1c2aedb7f1d1e6e13662891a20b6cbad83ba31e9608572873a74ffe967f09b0edab9a18c89c0366cbb9b5ea9e0f99c7b820167f08aae241bffcd62b6fb5802291f14fab105b8758b71bfdfc5f00db4e1ba95477402347a2d353bb16719c1568b89340f18f9c17d258"}, 0xc9)
r4 = memfd_create(&(0x7f0000000ac0)='\'/-\x00', 0x1)
ioctl$SG_GET_REQUEST_TABLE(r0, 0x2286, &(0x7f0000000b00))
fcntl$setflags(r4, 0x2, 0x0)
ioctl$TUNSETCARRIER(r3, 0x400454e2, &(0x7f0000000c80)=0x1)
write$tun(r3, &(0x7f0000000cc0)={@void, @void, @ipv6=@tipc_packet={0xd, 0x6, "ab6dfb", 0x326, 0x6, 0xff, @local, @private2={0xfc, 0x2, '\x00', 0x1}, {[@routing={0x29, 0xa, 0x1, 0x2a, 0x0, [@private2={0xfc, 0x2, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @dev={0xfe, 0x80, '\x00', 0x1c}, @private0]}, @dstopts={0x9, 0x12, '\x00', [@generic={0xbd, 0x8e, "a30af7fbdd0a638ee3bd49746809a3a7cc3b729f78b7e5156c83bde37f370a04e57c6d5a5017d1b776ef4d2e46b9ca941eccf49e8f03b1350bb7c9e0d7fe7c96fe4c5db148d3511ed4b883705e441f48bc7e3c2e77bf52734ddd5b04672ca56a4fe8ea5245deb3f70143eb190a8e802a8c36caa0c17354c56c2228134b370e54684e1c0963e96024fea0ca9230a6"}]}, @hopopts={0x0, 0x1f, '\x00', [@padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x80}, @generic={0x8, 0xcc, "0595a0132431be5107c42693178ae102915d96e28a1dcadedfccebc69c8ca8c92364286ae433b2b4ac211f887322c92fca45abb645233309c3ba7715a65a536dffdccd55923ea7b7a5bf6692e6b5b102579f67343dcfcb54cca980633fc1db846fcdaf237c5a249522a7d2831b14e09d50a6555162064d9660b388a90bdc0e2af2c604062e3299639c5678174ba5fffd5b848b90b1936bc44e11f208c61cf3350f0d6222b752e2a97401e361b8024850576d18d7f4cf037809276108b855679e2d4075043f2d0715c2b3fd21"}, @ra={0x5, 0x2, 0x9}, @pad1, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}]}, @fragment={0x16, 0x0, 0x70, 0x1, 0x0, 0x3, 0x67}, @hopopts={0x6c, 0x1f, '\x00', [@pad1, @generic={0x5e, 0xf3, "c500ffbc582e46704cfe82742bc70379d806e1fee02c57f1102690b80d0601e73b03d4075c577e15eeb7746d3f15032240d484872a7350e228e487bc00de4180bb956e28738a8fd17465adaf4f1aa8b22bb29484a43a72ae08e6d5f61d1b95570a756ae6b186f7939368b05336fd961b2364408e870a864ac2893dc01f21e49add1cf91f2650fe92c5a4e6d6b1242fd54bbb58e1bcc2d48799a22edfb8f27aaad220b5ed8ff7853fb3b35881c7dd3785244802a5ed59b4e052b3e651d62068380d1bb0f39c7b58ce1e8443acf9c222ac3e1fc799798ec636fe83fe30f260d9dd1c24c2f3eff27e81e5c293947447e03a18207e"}]}], @payload_named={{{{{0x2e, 0x0, 0x0, 0x1, 0x0, 0xa, 0x1, 0x2, 0xfffe, 0x0, 0x1, 0xb, 0x4, 0x2, 0x8001, 0xa54, 0x4, 0x4e20, 0x4e23}, 0x0, 0x4}, 0x0, 0x3}}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}}}, 0x34e)
getsockopt$sock_int(r4, 0x1, 0x10, &(0x7f0000001040), &(0x7f0000001080)=0x4)
write$P9_RFSYNC(r3, &(0x7f00000010c0)={0x7, 0x33, 0x1}, 0x7)
execve(&(0x7f0000001100)='./file0\x00', &(0x7f00000011c0)={[&(0x7f0000001140)='-\']!{]{@]]+\x00', &(0x7f0000001180)='/dev/sg#\x00']}, &(0x7f0000001300)={[&(0x7f0000001200)='#\x00', &(0x7f0000001240)='@/\xfd&\x00', &(0x7f0000001280)='{/\':+(\\J\x00', &(0x7f00000012c0)='\x00']})
ioctl$KVM_HAS_DEVICE_ATTR_vm(0xffffffffffffffff, 0x4018aee3, &(0x7f0000001380)=@attr_other={0x0, 0x7f, 0xfffffffffffffffe, &(0x7f0000001340)})
ioctl$PPPIOCSFLAGS(r3, 0x40047459, &(0x7f00000013c0)=0x2000000)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000001440), r4)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r3, &(0x7f0000001500)={&(0x7f0000001400)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000014c0)={&(0x7f0000001480)={0x2c, r5, 0x2, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0xc0)
sendfile(r1, r0, &(0x7f0000001540)=0x80000001, 0x2)
getpeername$packet(r3, &(0x7f00000015c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000001600)=0x14)
sendmsg$DCCPDIAG_GETSOCK(r3, &(0x7f0000001740)={&(0x7f0000001580)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001700)={&(0x7f0000001640)={0xb4, 0x13, 0x8, 0x70bd2a, 0x25dfdbfc, {0x2a, 0x1, 0x2, 0x18, {0x4e22, 0x4e22, [0x8, 0x5, 0x9, 0x4], [0x9, 0x174000, 0x23, 0x3], r6, [0x7, 0x8000]}, 0x200000, 0x9}, [@INET_DIAG_REQ_BYTECODE={0x66, 0x1, "42441ef3d8c644a0e46ce11a80c028b7d138f469072d955ffed16a21cca871a10a8295b0de7869deb4b958115fe833ff52d09931f0bb3740dd7497bbbe7bf068acd5e211788aee096a5c7ccfa96d272650dd36496ae5020931092264210b859186ce"}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4040001}, 0xd1)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000017c0), r3)
sendmsg$NL80211_CMD_ADD_TX_TS(r3, &(0x7f00000018c0)={&(0x7f0000001780)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001880)={&(0x7f0000001800)={0x50, r7, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x10001, 0x77}}}}, [@NL80211_ATTR_USER_PRIO={0x5, 0xd3, 0x4}, @NL80211_ATTR_USER_PRIO={0x5, 0xd3, 0x5}, @NL80211_ATTR_USER_PRIO={0x5, 0xd3, 0x4}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x8}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x7}, @NL80211_ATTR_USER_PRIO={0x5, 0xd3, 0x6}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x24000000)
r8 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
getsockopt$sock_buf(r8, 0x1, 0x37, &(0x7f0000001900)=""/99, &(0x7f0000001980)=0x63)
syz_open_procfs(0x0, &(0x7f00000019c0)='map_files\x00')
ioctl$PPPIOCUNBRIDGECHAN(r3, 0x7434)

kernel console output (not intermixed with test programs):

0
[  270.641571][ T8358]  ? nft_pernet+0x23/0x240
[  270.641601][ T8358]  nft_target_init+0x672/0x9c0
[  270.641640][ T8358]  ? ____sys_sendmsg+0x505/0x830
[  270.641660][ T8358]  ? ___sys_sendmsg+0x21f/0x2a0
[  270.641691][ T8358]  ? __pfx_nft_target_init+0x10/0x10
[  270.641761][ T8358]  ? rcu_is_watching+0x15/0xb0
[  270.641788][ T8358]  ? trace_kmalloc+0x1f/0xd0
[  270.641808][ T8358]  ? nf_tables_newrule+0x1506/0x2890
[  270.641835][ T8358]  nf_tables_newrule+0x178f/0x2890
[  270.641877][ T8358]  ? __pfx_nf_tables_newrule+0x10/0x10
[  270.641900][ T8358]  ? nfnl_pernet+0x23/0x240
[  270.641934][ T8358]  ? __nla_parse+0x40/0x60
[  270.641968][ T8358]  nfnetlink_rcv+0x112f/0x2520
[  270.642030][ T8358]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  270.642074][ T8358]  ? ref_tracker_free+0x63a/0x7d0
[  270.642137][ T8358]  ? __netlink_deliver_tap+0x807/0x850
[  270.642179][ T8358]  ? netlink_deliver_tap+0x2e/0x1b0
[  270.642209][ T8358]  ? netlink_deliver_tap+0x2e/0x1b0
[  270.642246][ T8358]  netlink_unicast+0x759/0x8e0
[  270.642288][ T8358]  netlink_sendmsg+0x805/0xb30
[  270.642330][ T8358]  ? __pfx_netlink_sendmsg+0x10/0x10
[  270.642365][ T8358]  ? aa_sock_msg_perm+0xf1/0x1d0
[  270.642399][ T8358]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  270.642429][ T8358]  ? __pfx_netlink_sendmsg+0x10/0x10
[  270.642462][ T8358]  __sock_sendmsg+0x219/0x270
[  270.642494][ T8358]  ____sys_sendmsg+0x505/0x830
[  270.642525][ T8358]  ? __pfx_____sys_sendmsg+0x10/0x10
[  270.642556][ T8358]  ? import_iovec+0x74/0xa0
[  270.642583][ T8358]  ___sys_sendmsg+0x21f/0x2a0
[  270.642617][ T8358]  ? __pfx____sys_sendmsg+0x10/0x10
[  270.642680][ T8358]  ? __fget_files+0x2a/0x420
[  270.642709][ T8358]  ? __fget_files+0x3a0/0x420
[  270.642752][ T8358]  __x64_sys_sendmsg+0x19b/0x260
[  270.642778][ T8358]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  270.642812][ T8358]  ? __pfx_ksys_write+0x10/0x10
[  270.642836][ T8358]  ? rcu_is_watching+0x15/0xb0
[  270.642869][ T8358]  ? do_syscall_64+0xbe/0x3b0
[  270.642904][ T8358]  do_syscall_64+0xfa/0x3b0
[  270.642933][ T8358]  ? lockdep_hardirqs_on+0x9c/0x150
[  270.642961][ T8358]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.642982][ T8358]  ? clear_bhb_loop+0x60/0xb0
[  270.643008][ T8358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.643028][ T8358] RIP: 0033:0x7f06c0d8e9a9
[  270.643047][ T8358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.643064][ T8358] RSP: 002b:00007f06c1b6d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  270.643086][ T8358] RAX: ffffffffffffffda RBX: 00007f06c0fb5fa0 RCX: 00007f06c0d8e9a9
[  270.643101][ T8358] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  270.643113][ T8358] RBP: 00007f06c1b6d090 R08: 0000000000000000 R09: 0000000000000000
[  270.643126][ T8358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  270.643138][ T8358] R13: 0000000000000000 R14: 00007f06c0fb5fa0 R15: 00007fffd29d1138
[  270.643181][ T8358]  </TASK>
[  271.084747][    C0] vkms_vblank_simulate: vblank timer overrun
[  271.292696][ T8358] cannot load conntrack support for proto=2
[  271.444433][ T5857] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  272.152348][  T984] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  272.313590][  T984] usb 2-1: Using ep0 maxpacket: 16
[  272.321107][  T984] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  272.336422][  T984] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  272.397158][  T984] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  272.406463][ T5939] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  272.418094][  T984] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.437396][  T984] usb 2-1: Product: syz
[  272.441641][  T984] usb 2-1: Manufacturer: syz
[  272.458458][  T984] usb 2-1: SerialNumber: syz
[  272.467796][  T984] usb 2-1: config 0 descriptor??
[  272.492576][  T984] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  272.514223][  T984] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  272.542026][ T5939] usb 1-1: device descriptor read/64, error -71
[  272.555183][ T8382] vivid-002: =================  START STATUS  =================
[  272.575832][ T8382] vivid-002: Radio HW Seek Mode: Bounded
[  272.603564][ T8382] vivid-002: Radio Programmable HW Seek: false
[  272.640671][ T8382] vivid-002: RDS Rx I/O Mode: Block I/O
[  272.666854][ T8382] vivid-002: Generate RBDS Instead of RDS: false
[  272.694271][ T8374] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  272.728762][ T8374] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  272.745071][ T8382] vivid-002: RDS Reception: true
[  272.750854][ T8382] vivid-002: RDS Program Type: 0 inactive
[  272.775171][ T8382] vivid-002: RDS PS Name:  inactive
[  272.781999][ T5939] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  272.809565][ T8382] vivid-002: RDS Radio Text:  inactive
[  272.882723][ T8382] vivid-002: RDS Traffic Announcement: false inactive
[  272.889596][ T8382] vivid-002: RDS Traffic Program: false inactive
[  272.918360][ T8382] vivid-002: RDS Music: false inactive
[  272.926844][ T8382] vivid-002: ==================  END STATUS  ==================
[  272.944279][ T5939] usb 1-1: device descriptor read/64, error -71
[  272.960386][ T8374] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  272.976726][ T8391] syzkaller0: entered promiscuous mode
[  272.983721][ T8391] syzkaller0: entered allmulticast mode
[  273.004697][ T8391] syzkaller0 (unregistering): left promiscuous mode
[  273.011627][ T8391] syzkaller0 (unregistering): left allmulticast mode
[  273.052529][ T5939] usb usb1-port1: attempt power cycle
[  273.185486][  T984] em28xx 2-1:0.0: unknown em28xx chip ID (151)
[  273.392079][ T5939] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  273.435011][ T5939] usb 1-1: device descriptor read/8, error -71
[  273.689233][ T8405] capability: warning: `syz.2.742' uses 32-bit capabilities (legacy support in use)
[  273.692221][ T5939] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  273.723170][ T5939] usb 1-1: device descriptor read/8, error -71
[  273.832570][ T5939] usb usb1-port1: unable to enumerate USB device
[  274.202759][  T984] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[  274.210240][  T984] em28xx 2-1:0.0: AC97 chip type couldn't be determined
[  274.249196][  T984] em28xx 2-1:0.0: No AC97 audio processor
[  274.792412][ T5944] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  274.907806][ T5848] usb 2-1: USB disconnect, device number 34
[  274.921576][ T5848] em28xx 2-1:0.0: Disconnecting em28xx
[  274.931999][ T5944] usb 4-1: device descriptor read/64, error -71
[  274.947603][ T5848] em28xx 2-1:0.0: Freeing device
[  275.173535][ T5944] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  275.233171][ T8421] fuse: Unknown parameter 'fd0xffffffffffffffff'
[  275.312189][ T5944] usb 4-1: device descriptor read/64, error -71
[  275.368089][ T8426] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  275.434086][ T5944] usb usb4-port1: attempt power cycle
[  275.812637][ T5944] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  275.856849][ T5944] usb 4-1: device descriptor read/8, error -71
[  276.112006][ T5944] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  276.172033][ T5944] usb 4-1: device descriptor read/8, error -71
[  276.240725][ T8446] netlink: 8 bytes leftover after parsing attributes in process `syz.1.757'.
[  276.292696][ T5944] usb usb4-port1: unable to enumerate USB device
[  276.564482][ T8450] overlayfs: failed lookup in lower (newroot/200, name='file1', err=-40): overlapping layers
[  277.333358][ T5944] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  277.493815][ T5944] usb 2-1: Using ep0 maxpacket: 8
[  277.504430][ T5944] usb 2-1: New USB device found, idVendor=0757, idProduct=0a00, bcdDevice= 0.00
[  277.522262][ T5944] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.555275][ T5944] usb 2-1: config 0 descriptor??
[  277.980512][ T5944] nti 0003:0757:0A00.000A: unknown main item tag 0x6
[  278.008229][ T5944] nti 0003:0757:0A00.000A: item fetching failed at offset 3/5
[  278.023480][ T5944] nti 0003:0757:0A00.000A: probe with driver nti failed with error -22
[  278.429638][ T8493] netlink: 32 bytes leftover after parsing attributes in process `syz.0.774'.
[  278.806662][ T8502] /dev/rnullb0: Can't open blockdev
[  278.988823][ T8508] netlink: 'syz.0.776': attribute type 3 has an invalid length.
[  279.039468][ T8508] netlink: 'syz.0.776': attribute type 1 has an invalid length.
[  279.075567][ T8508] netlink: 216 bytes leftover after parsing attributes in process `syz.0.776'.
[  279.087643][ T8508] NCSI netlink: No device for ifindex 33022
[  279.198487][ T5848] usb 2-1: USB disconnect, device number 35
[  279.490802][ T8517] binder: 8516:8517 ioctl c00c620f 200000000180 returned -22
[  279.629244][ T8520] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  279.662304][ T5848] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  279.680474][ T8520] Error validating options; rc = [-22]
[  279.742362][ T5944] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  279.811971][ T5848] usb 2-1: Using ep0 maxpacket: 16
[  279.819662][ T5848] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  279.847602][ T5848] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=76.fe
[  279.865193][ T5848] usb 2-1: New USB device strings: Mfr=1, Product=18, SerialNumber=3
[  279.879694][ T5848] usb 2-1: Product: syz
[  279.892299][ T5848] usb 2-1: Manufacturer: syz
[  279.897240][ T5848] usb 2-1: SerialNumber: syz
[  279.914262][ T5944] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  279.928765][ T5944] usb 3-1: config 0 interface 0 has no altsetting 0
[  279.946667][ T5848] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  279.959232][ T5944] usb 3-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  279.971255][ T5944] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.980370][ T5944] usb 3-1: Product: syz
[  279.986018][ T5944] usb 3-1: Manufacturer: syz
[  279.991231][ T5944] usb 3-1: SerialNumber: syz
[  280.000364][ T5944] usb 3-1: config 0 descriptor??
[  280.009902][ T5944] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  280.048954][ T5944] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  280.122808][ T5944] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  280.131517][ T5944] usb 3-1: media controller created
[  280.177974][ T5944] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  280.380238][ T5944] DVB: Unable to find symbol tda10046_attach()
[  280.396686][ T5944] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  280.426429][ T5944] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  280.462958][ T5944] dvb_usb_m920x 3-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  280.486163][ T8511] netlink: 204 bytes leftover after parsing attributes in process `syz.1.778'.
[  280.504506][ T5944] usb 3-1: USB disconnect, device number 42
[  280.535523][ T5848] usb 2-1: USB disconnect, device number 36
[  280.540025][  T756] usb 2-1: Failed to submit usb control message: -71
[  280.573189][  T756] usb 2-1: unable to send the bmi data to the device: -71
[  280.580371][  T756] usb 2-1: unable to get target info from device
[  280.618289][  T756] usb 2-1: could not get target info (-71)
[  280.629598][  T756] usb 2-1: could not probe fw (-71)
[  280.785541][ T8541] overlayfs: failed to resolve './file1': -2
[  281.082067][ T5944] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  281.201953][ T5848] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  281.276506][ T5944] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  281.292677][ T5944] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.300736][ T5944] usb 1-1: Product: syz
[  281.337355][ T5944] usb 1-1: Manufacturer: syz
[  281.355837][ T5944] usb 1-1: SerialNumber: syz
[  281.373312][ T5944] usb 1-1: config 0 descriptor??
[  281.402513][ T5848] usb 3-1: Using ep0 maxpacket: 8
[  281.416666][ T5848] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  281.432061][ T5848] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.440158][ T5848] usb 3-1: Product: syz
[  281.462034][ T5848] usb 3-1: Manufacturer: syz
[  281.466737][ T5848] usb 3-1: SerialNumber: syz
[  281.498742][ T5848] usb 3-1: config 0 descriptor??
[  281.611146][ T5944] hso 1-1:0.0: Failed to find INT IN ep
[  281.622677][ T5944] usb-storage 1-1:0.0: USB Mass Storage device detected
[  281.732073][  T929] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  281.750840][ T5848] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  281.820685][ T8541] comedi comedi2: aio_iiro_16: I/O port conflict (0x4f28,8)
[  281.838389][ T5944] usb 1-1: USB disconnect, device number 36
[  281.893858][  T929] usb 4-1: Using ep0 maxpacket: 32
[  281.901544][  T929] usb 4-1: config 0 has an invalid interface number: 12 but max is 0
[  281.910313][  T929] usb 4-1: config 0 has no interface number 0
[  281.922006][  T929] usb 4-1: config 0 interface 12 has no altsetting 0
[  281.934925][  T929] usb 4-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  281.944963][  T929] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.964209][  T929] usb 4-1: Product: syz
[  281.968596][  T929] usb 4-1: Manufacturer: syz
[  281.973326][  T929] usb 4-1: SerialNumber: syz
[  281.989661][  T929] usb 4-1: config 0 descriptor??
[  283.383313][ T5848] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  283.420022][ T5848] dvbdev: DVB: registering new adapter (TerraTec NOXON DAB Stick)
[  283.441818][ T5848] usb 3-1: media controller created
[  283.505382][ T5848] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  283.699504][ T5848] i2c i2c-4: Added multiplexed i2c bus 5
[  283.709282][ T5848] rtl2832 4-0010: Realtek RTL2832 successfully attached
[  283.723066][ T5848] usb 3-1: DVB: registering adapter 4 frontend 0 (Realtek RTL2832 (DVB-T))...
[  283.749799][ T5848] dvbdev: dvb_create_media_entity: media entity 'Realtek RTL2832 (DVB-T)' registered.
[  283.821014][  T929] f81534 4-1:0.12: f81534_set_register: reg: 1003 data: 68 failed: -71
[  283.833435][  T929] f81534 4-1:0.12: f81534_find_config_idx: read failed: -71
[  283.846920][  T929] f81534 4-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  283.869740][  T929] f81534 4-1:0.12: probe with driver f81534 failed with error -71
[  283.925307][  T929] usb 4-1: USB disconnect, device number 45
[  283.926972][ T8576] FAULT_INJECTION: forcing a failure.
[  283.926972][ T8576] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  283.990458][ T8576] CPU: 0 UID: 0 PID: 8576 Comm: syz.1.798 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  283.990488][ T8576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  283.990502][ T8576] Call Trace:
[  283.990511][ T8576]  <TASK>
[  283.990520][ T8576]  dump_stack_lvl+0x189/0x250
[  283.990556][ T8576]  ? __pfx____ratelimit+0x10/0x10
[  283.990588][ T8576]  ? __pfx_dump_stack_lvl+0x10/0x10
[  283.990617][ T8576]  ? __pfx__printk+0x10/0x10
[  283.990660][ T8576]  should_fail_ex+0x414/0x560
[  283.990701][ T8576]  _copy_to_user+0x31/0xb0
[  283.990728][ T8576]  simple_read_from_buffer+0xe1/0x170
[  283.990764][ T8576]  proc_fail_nth_read+0x1b3/0x220
[  283.990791][ T8576]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  283.990817][ T8576]  ? rw_verify_area+0x2a6/0x4d0
[  283.990842][ T8576]  ? __lock_acquire+0xab9/0xd20
[  283.990864][ T8576]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  283.990888][ T8576]  vfs_read+0x1fd/0x980
[  283.990913][ T8576]  ? fdget_pos+0x247/0x320
[  283.990936][ T8576]  ? __pfx___mutex_lock+0x10/0x10
[  283.990968][ T8576]  ? __pfx_vfs_read+0x10/0x10
[  283.990996][ T8576]  ? __fget_files+0x2a/0x420
[  283.991032][ T8576]  ? __fget_files+0x3a0/0x420
[  283.991061][ T8576]  ? __fget_files+0x2a/0x420
[  283.991100][ T8576]  ksys_read+0x145/0x250
[  283.991130][ T8576]  ? __pfx_ksys_read+0x10/0x10
[  283.991162][ T8576]  ? do_syscall_64+0xbe/0x3b0
[  283.991197][ T8576]  do_syscall_64+0xfa/0x3b0
[  283.991226][ T8576]  ? lockdep_hardirqs_on+0x9c/0x150
[  283.991255][ T8576]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.991276][ T8576]  ? clear_bhb_loop+0x60/0xb0
[  283.991302][ T8576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.991322][ T8576] RIP: 0033:0x7fb4aaf8d3bc
[  283.991340][ T8576] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  283.991358][ T8576] RSP: 002b:00007fb4abd92030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  283.991381][ T8576] RAX: ffffffffffffffda RBX: 00007fb4ab1b5fa0 RCX: 00007fb4aaf8d3bc
[  283.991397][ T8576] RDX: 000000000000000f RSI: 00007fb4abd920a0 RDI: 0000000000000005
[  283.991410][ T8576] RBP: 00007fb4abd92090 R08: 0000000000000000 R09: 0000000000000000
[  283.991423][ T8576] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  283.991436][ T8576] R13: 0000000000000000 R14: 00007fb4ab1b5fa0 R15: 00007fff0a22ad18
[  283.991468][ T8576]  </TASK>
[  284.231367][ T5848] usb 3-1: USB disconnect, device number 43
[  284.678201][ T8582] sit0: entered promiscuous mode
[  284.703716][ T8582] netlink: 'syz.3.801': attribute type 1 has an invalid length.
[  284.731972][ T8582] netlink: 1 bytes leftover after parsing attributes in process `syz.3.801'.
[  284.832377][ T8588] comedi comedi2: aio_iiro_16: I/O port conflict (0x4f28,8)
[  285.434683][ T5939] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  285.604582][ T5939] usb 1-1: Using ep0 maxpacket: 16
[  285.612150][ T5939] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  285.631835][ T5939] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  285.652661][ T5939] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  285.664166][ T5939] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.675600][ T5939] usb 1-1: Product: syz
[  285.680514][ T5939] usb 1-1: Manufacturer: syz
[  285.690352][ T5939] usb 1-1: SerialNumber: syz
[  285.707394][ T5939] usb 1-1: config 0 descriptor??
[  285.740418][ T5939] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  285.741203][ T8608] netlink: 8 bytes leftover after parsing attributes in process `syz.3.809'.
[  285.758230][ T5939] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class)
[  286.165186][ T8617] kAFS: unparsable volume name
[  286.245138][   T10] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  286.272919][ T8619] FAULT_INJECTION: forcing a failure.
[  286.272919][ T8619] name failslab, interval 1, probability 0, space 0, times 0
[  286.295866][ T8619] CPU: 1 UID: 0 PID: 8619 Comm: syz.1.814 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  286.295898][ T8619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  286.295911][ T8619] Call Trace:
[  286.295919][ T8619]  <TASK>
[  286.295928][ T8619]  dump_stack_lvl+0x189/0x250
[  286.295963][ T8619]  ? __pfx____ratelimit+0x10/0x10
[  286.295993][ T8619]  ? __pfx_dump_stack_lvl+0x10/0x10
[  286.296023][ T8619]  ? __pfx__printk+0x10/0x10
[  286.296055][ T8619]  ? __pfx___might_resched+0x10/0x10
[  286.296081][ T8619]  ? fs_reclaim_acquire+0x7d/0x100
[  286.296112][ T8619]  should_fail_ex+0x414/0x560
[  286.296144][ T8619]  should_failslab+0xa8/0x100
[  286.296171][ T8619]  __kmalloc_noprof+0xcb/0x4f0
[  286.296194][ T8619]  ? tomoyo_encode+0x28b/0x550
[  286.296218][ T8619]  tomoyo_encode+0x28b/0x550
[  286.296243][ T8619]  tomoyo_realpath_from_path+0x58d/0x5d0
[  286.296266][ T8619]  ? tomoyo_domain+0xd9/0x130
[  286.296292][ T8619]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  286.296320][ T8619]  tomoyo_path_number_perm+0x1e8/0x5a0
[  286.296350][ T8619]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  286.296397][ T8619]  ? __lock_acquire+0xab9/0xd20
[  286.296451][ T8619]  ? __fget_files+0x2a/0x420
[  286.296485][ T8619]  ? __fget_files+0x2a/0x420
[  286.296514][ T8619]  ? __fget_files+0x3a0/0x420
[  286.296542][ T8619]  ? __fget_files+0x2a/0x420
[  286.296578][ T8619]  security_file_ioctl+0xcb/0x2d0
[  286.296607][ T8619]  __se_sys_ioctl+0x47/0x170
[  286.296635][ T8619]  do_syscall_64+0xfa/0x3b0
[  286.296664][ T8619]  ? lockdep_hardirqs_on+0x9c/0x150
[  286.296693][ T8619]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.296714][ T8619]  ? clear_bhb_loop+0x60/0xb0
[  286.296740][ T8619]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.296759][ T8619] RIP: 0033:0x7fb4aaf8e9a9
[  286.296777][ T8619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.296794][ T8619] RSP: 002b:00007fb4abd92038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  286.296820][ T8619] RAX: ffffffffffffffda RBX: 00007fb4ab1b5fa0 RCX: 00007fb4aaf8e9a9
[  286.296836][ T8619] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  286.296849][ T8619] RBP: 00007fb4abd92090 R08: 0000000000000000 R09: 0000000000000000
[  286.296862][ T8619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  286.296874][ T8619] R13: 0000000000000000 R14: 00007fb4ab1b5fa0 R15: 00007fff0a22ad18
[  286.296907][ T8619]  </TASK>
[  286.297070][ T8619] ERROR: Out of memory at tomoyo_realpath_from_path.
[  286.347189][ T5939] em28xx 1-1:0.0: chip ID is em2870
[  286.560227][ T8597] program syz.0.805 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  286.571974][   T10] usb 4-1: Using ep0 maxpacket: 16
[  286.579089][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  286.589299][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  286.614618][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  286.642900][   T10] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  286.654349][   T10] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  286.670693][   T10] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  286.692671][   T10] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  286.700737][   T10] usb 4-1: Manufacturer: syz
[  286.733773][   T10] usb 4-1: config 0 descriptor??
[  286.957877][ T8628] FAULT_INJECTION: forcing a failure.
[  286.957877][ T8628] name failslab, interval 1, probability 0, space 0, times 0
[  287.272969][ T8628] CPU: 0 UID: 0 PID: 8628 Comm: syz.2.817 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  287.273000][ T8628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  287.273014][ T8628] Call Trace:
[  287.273022][ T8628]  <TASK>
[  287.273032][ T8628]  dump_stack_lvl+0x189/0x250
[  287.273065][ T8628]  ? __pfx____ratelimit+0x10/0x10
[  287.273097][ T8628]  ? __pfx_dump_stack_lvl+0x10/0x10
[  287.273126][ T8628]  ? __pfx__printk+0x10/0x10
[  287.273163][ T8628]  ? __pfx___might_resched+0x10/0x10
[  287.273188][ T8628]  ? fs_reclaim_acquire+0x7d/0x100
[  287.273220][ T8628]  should_fail_ex+0x414/0x560
[  287.273253][ T8628]  should_failslab+0xa8/0x100
[  287.273280][ T8628]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  287.273305][ T8628]  ? __alloc_skb+0x112/0x2d0
[  287.273330][ T8628]  __alloc_skb+0x112/0x2d0
[  287.273354][ T8628]  netlink_ack+0x146/0xa50
[  287.273390][ T8628]  ? __pfx_genl_rcv_msg+0x10/0x10
[  287.273434][ T8628]  netlink_rcv_skb+0x28c/0x470
[  287.273467][ T8628]  ? __pfx_genl_rcv_msg+0x10/0x10
[  287.273493][ T8628]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  287.273543][ T8628]  ? down_read+0x1ad/0x2e0
[  287.273566][ T8628]  genl_rcv+0x28/0x40
[  287.273589][ T8628]  netlink_unicast+0x759/0x8e0
[  287.273630][ T8628]  netlink_sendmsg+0x805/0xb30
[  287.273673][ T8628]  ? __pfx_netlink_sendmsg+0x10/0x10
[  287.273710][ T8628]  ? aa_sock_msg_perm+0xf1/0x1d0
[  287.273744][ T8628]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  287.273775][ T8628]  ? __pfx_netlink_sendmsg+0x10/0x10
[  287.273808][ T8628]  __sock_sendmsg+0x219/0x270
[  287.273842][ T8628]  ____sys_sendmsg+0x505/0x830
[  287.273872][ T8628]  ? __pfx_____sys_sendmsg+0x10/0x10
[  287.273906][ T8628]  ? import_iovec+0x74/0xa0
[  287.273933][ T8628]  ___sys_sendmsg+0x21f/0x2a0
[  287.273960][ T8628]  ? __pfx____sys_sendmsg+0x10/0x10
[  287.274028][ T8628]  ? __fget_files+0x2a/0x420
[  287.274058][ T8628]  ? __fget_files+0x3a0/0x420
[  287.274102][ T8628]  __x64_sys_sendmsg+0x19b/0x260
[  287.274129][ T8628]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  287.274163][ T8628]  ? __pfx_ksys_write+0x10/0x10
[  287.274188][ T8628]  ? rcu_is_watching+0x15/0xb0
[  287.274223][ T8628]  ? do_syscall_64+0xbe/0x3b0
[  287.274258][ T8628]  do_syscall_64+0xfa/0x3b0
[  287.274287][ T8628]  ? lockdep_hardirqs_on+0x9c/0x150
[  287.274317][ T8628]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.274337][ T8628]  ? clear_bhb_loop+0x60/0xb0
[  287.274369][ T8628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.274390][ T8628] RIP: 0033:0x7f3839d8e9a9
[  287.274408][ T8628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.274426][ T8628] RSP: 002b:00007f383acc1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  287.274449][ T8628] RAX: ffffffffffffffda RBX: 00007f3839fb5fa0 RCX: 00007f3839d8e9a9
[  287.274464][ T8628] RDX: 0000000000008000 RSI: 0000200000000540 RDI: 0000000000000009
[  287.274478][ T8628] RBP: 00007f383acc1090 R08: 0000000000000000 R09: 0000000000000000
[  287.274490][ T8628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  287.274503][ T8628] R13: 0000000000000000 R14: 00007f3839fb5fa0 R15: 00007ffcf3879d58
[  287.274536][ T8628]  </TASK>
[  287.821941][   T10] rc_core: IR keymap rc-hauppauge not found
[  287.827910][   T10] Registered IR keymap rc-empty
[  287.833473][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  287.852033][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  287.884294][   T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  287.898419][   T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input23
[  287.915818][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  287.943350][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  287.962559][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  287.982044][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  288.002221][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  288.022200][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  288.042794][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  288.062614][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  288.114075][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  288.124226][ T8647] program syz.1.818 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.152284][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  288.174959][   T10] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  288.184579][   T10] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  288.204291][   T10] usb 4-1: USB disconnect, device number 46
[  289.140864][ T5944] usb 1-1: USB disconnect, device number 37
[  289.174230][ T5944] em28xx 1-1:0.0: Disconnecting em28xx
[  289.230628][ T5944] em28xx 1-1:0.0: Freeing device
[  289.231368][ T8667] block device autoloading is deprecated and will be removed.
[  290.168230][ T8700] tap0: tun_chr_ioctl cmd 35108
[  290.174970][ T8700] tap0: tun_chr_ioctl cmd 1074025672
[  290.180470][ T8700] tap0: ignored: set checksum enabled
[  291.572565][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.889740][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.054973][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.247480][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.773263][   T12] bridge_slave_1: left allmulticast mode
[  292.778976][   T12] bridge_slave_1: left promiscuous mode
[  292.788773][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  292.800484][   T12] bridge_slave_0: left allmulticast mode
[  292.808828][   T12] bridge_slave_0: left promiscuous mode
[  292.815420][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.144451][ T8790] netlink: 8 bytes leftover after parsing attributes in process `syz.3.879'.
[  293.623257][ T5168] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  293.633298][ T5168] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  293.643961][ T5168] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  293.654887][ T5168] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  293.666393][ T5168] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  293.910832][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  293.930815][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  293.954170][   T12] bond0 (unregistering): Released all slaves
[  294.434668][   T12] hsr_slave_0: left promiscuous mode
[  294.455720][   T12] hsr_slave_1: left promiscuous mode
[  294.476895][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  294.507706][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  294.543490][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  294.572014][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  294.676817][   T12] veth1_macvtap: left promiscuous mode
[  294.704157][   T12] veth0_macvtap: left promiscuous mode
[  294.718254][   T12] veth1_vlan: left promiscuous mode
[  294.736157][   T12] veth0_vlan: left promiscuous mode
[  295.723104][ T5168] Bluetooth: hci2: command tx timeout
[  296.144075][   T12] team0 (unregistering): Port device team_slave_1 removed
[  296.255467][   T12] team0 (unregistering): Port device team_slave_0 removed
[  297.803340][ T5168] Bluetooth: hci2: command tx timeout
[  298.027032][ T8797] chnl_net:caif_netlink_parms(): no params data found
[  298.482602][ T8797] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.489821][ T8797] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.523332][ T8797] bridge_slave_0: entered allmulticast mode
[  298.554884][ T8797] bridge_slave_0: entered promiscuous mode
[  298.576118][ T8797] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.613728][ T8797] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.621048][ T8797] bridge_slave_1: entered allmulticast mode
[  298.664358][ T8797] bridge_slave_1: entered promiscuous mode
[  298.852860][ T8797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  298.889988][ T8797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  299.138014][ T8797] team0: Port device team_slave_0 added
[  299.190683][ T8797] team0: Port device team_slave_1 added
[  299.281264][ T8797] batman_adv: batadv0: Adding interface: batadv_slave_0
[  299.289073][ T8797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  299.317345][ T8797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  299.337098][ T8797] batman_adv: batadv0: Adding interface: batadv_slave_1
[  299.346238][ T8797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  299.375307][ T8797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  299.470063][ T8797] hsr_slave_0: entered promiscuous mode
[  299.489901][ T8797] hsr_slave_1: entered promiscuous mode
[  299.508400][ T8797] debugfs: 'hsr0' already exists in 'hsr'
[  299.514521][ T8797] Cannot create hsr debugfs directory
[  299.892130][ T5168] Bluetooth: hci2: command tx timeout
[  300.049615][ T8797] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  300.096628][ T8797] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  300.121169][ T8797] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  300.158109][ T8797] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  300.507679][ T8797] 8021q: adding VLAN 0 to HW filter on device bond0
[  300.575663][ T8797] 8021q: adding VLAN 0 to HW filter on device team0
[  300.682671][ T8797] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  300.736348][ T8797] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  300.784850][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.792170][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  300.829242][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.836776][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  301.625984][ T8797] 8021q: adding VLAN 0 to HW filter on device batadv0
[  301.963137][ T5168] Bluetooth: hci2: command tx timeout
[  302.122090][ T9002] fuse: Bad value for 'fd'
[  302.529546][ T8797] veth0_vlan: entered promiscuous mode
[  302.585857][ T8797] veth1_vlan: entered promiscuous mode
[  302.703426][ T8797] veth0_macvtap: entered promiscuous mode
[  302.735653][ T8797] veth1_macvtap: entered promiscuous mode
[  302.792551][ T8797] batman_adv: batadv0: Interface activated: batadv_slave_0
[  302.822726][ T8797] batman_adv: batadv0: Interface activated: batadv_slave_1
[  302.862451][  T756] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  302.892447][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  302.903038][ T3542] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  302.949970][ T3542] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  303.253715][ T3472] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  303.261769][ T3472] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  303.413364][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  303.421253][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.134773][ T9059] team0: No ports can be present during mode change
[  304.315494][ T9062] 9pnet_fd: Insufficient options for proto=fd
[  307.323217][ T9146] pim6reg0: tun_chr_ioctl cmd 1074025677
[  307.329167][ T9146] pim6reg0: linktype set to 774
[  308.490263][ T9179] netlink: 24 bytes leftover after parsing attributes in process `syz.4.988'.
[  309.152867][ T5857] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  309.164196][ T5857] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  309.173336][ T5857] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  309.182779][ T5857] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  309.191676][ T5857] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  310.243171][ T9194] chnl_net:caif_netlink_parms(): no params data found
[  310.661776][   T30] audit: type=1326 audit(1753747400.881:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9233 comm="syz.3.1005" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f06c0d8e9a9 code=0x0
[  310.782390][ T9194] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.814601][ T9194] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.834830][ T9194] bridge_slave_0: entered allmulticast mode
[  310.857135][ T9194] bridge_slave_0: entered promiscuous mode
[  310.888126][ T9194] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.906572][ T9194] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.928366][ T9194] bridge_slave_1: entered allmulticast mode
[  310.954198][ T9194] bridge_slave_1: entered promiscuous mode
[  311.117643][ T9194] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  311.163799][ T9194] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  311.254047][ T5857] Bluetooth: hci4: command tx timeout
[  311.467144][ T9194] team0: Port device team_slave_0 added
[  311.517169][ T9194] team0: Port device team_slave_1 added
[  311.674683][ T9194] batman_adv: batadv0: Adding interface: batadv_slave_0
[  311.712502][ T9194] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.792819][ T9194] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  311.855797][ T9194] batman_adv: batadv0: Adding interface: batadv_slave_1
[  311.873207][ T9194] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.962248][ T9194] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  312.220261][ T9262] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1015'.
[  312.261117][ T9194] hsr_slave_0: entered promiscuous mode
[  312.280490][ T9194] hsr_slave_1: entered promiscuous mode
[  312.302886][ T9194] debugfs: 'hsr0' already exists in 'hsr'
[  312.309795][ T9194] Cannot create hsr debugfs directory
[  312.472449][ T9268] cgroup: Need name or subsystem set
[  313.050248][ T9194] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  313.077460][ T9194] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  313.108189][ T9194] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  313.133820][ T9194] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  313.322311][ T5857] Bluetooth: hci4: command tx timeout
[  313.473795][ T9194] 8021q: adding VLAN 0 to HW filter on device bond0
[  313.523695][ T9194] 8021q: adding VLAN 0 to HW filter on device team0
[  313.553963][  T756] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.561300][  T756] bridge0: port 1(bridge_slave_0) entered forwarding state
[  313.597974][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.605236][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  314.298821][ T9194] 8021q: adding VLAN 0 to HW filter on device batadv0
[  315.209667][ T9194] veth0_vlan: entered promiscuous mode
[  315.407356][ T5857] Bluetooth: hci4: command tx timeout
[  315.470378][ T9194] veth1_vlan: entered promiscuous mode
[  315.587342][ T9194] veth0_macvtap: entered promiscuous mode
[  315.647744][ T9194] veth1_macvtap: entered promiscuous mode
[  315.709507][ T9194] batman_adv: batadv0: Interface activated: batadv_slave_0
[  315.757000][ T9194] batman_adv: batadv0: Interface activated: batadv_slave_1
[  315.818392][  T756] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  315.844922][  T756] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  315.876256][  T756] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  315.888266][   T34] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  316.090792][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  316.121259][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  316.278493][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  316.316784][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  317.252680][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  317.259359][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  317.482683][ T5857] Bluetooth: hci4: command tx timeout
[  318.236809][ T9387] syz.4.1059: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  318.295855][ T9387] CPU: 0 UID: 0 PID: 9387 Comm: syz.4.1059 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  318.295888][ T9387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  318.295956][ T9387] Call Trace:
[  318.295976][ T9387]  <TASK>
[  318.295986][ T9387]  dump_stack_lvl+0x189/0x250
[  318.296038][ T9387]  ? __pfx_dump_stack_lvl+0x10/0x10
[  318.296070][ T9387]  ? __pfx__printk+0x10/0x10
[  318.296102][ T9387]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  318.296136][ T9387]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  318.296171][ T9387]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  318.296205][ T9387]  warn_alloc+0x214/0x310
[  318.296233][ T9387]  ? stack_depot_save_flags+0x40/0x900
[  318.296267][ T9387]  ? __pfx_warn_alloc+0x10/0x10
[  318.296296][ T9387]  ? kasan_save_track+0x4f/0x80
[  318.296318][ T9387]  ? xskq_create+0x56/0x170
[  318.296347][ T9387]  ? xsk_init_queue+0xb0/0x110
[  318.296372][ T9387]  ? xsk_setsockopt+0x4dc/0x8d0
[  318.296397][ T9387]  ? do_sock_setsockopt+0x179/0x1b0
[  318.296417][ T9387]  ? __x64_sys_setsockopt+0x13f/0x1b0
[  318.296436][ T9387]  ? do_syscall_64+0xfa/0x3b0
[  318.296466][ T9387]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.296508][ T9387]  __vmalloc_node_range_noprof+0x125/0x12f0
[  318.296566][ T9387]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  318.296600][ T9387]  ? __kasan_kmalloc+0x93/0xb0
[  318.296626][ T9387]  vmalloc_user_noprof+0xad/0xf0
[  318.296650][ T9387]  ? xskq_create+0xbf/0x170
[  318.296680][ T9387]  xskq_create+0xbf/0x170
[  318.296712][ T9387]  xsk_init_queue+0xb0/0x110
[  318.296743][ T9387]  xsk_setsockopt+0x4dc/0x8d0
[  318.296772][ T9387]  ? __pfx_xsk_setsockopt+0x10/0x10
[  318.296799][ T9387]  ? __pfx_aa_sk_perm+0x10/0x10
[  318.296833][ T9387]  ? aa_sock_opt_perm+0xff/0x1b0
[  318.296868][ T9387]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  318.296899][ T9387]  ? __pfx_xsk_setsockopt+0x10/0x10
[  318.296928][ T9387]  do_sock_setsockopt+0x179/0x1b0
[  318.296956][ T9387]  __x64_sys_setsockopt+0x13f/0x1b0
[  318.296984][ T9387]  do_syscall_64+0xfa/0x3b0
[  318.297014][ T9387]  ? lockdep_hardirqs_on+0x9c/0x150
[  318.297043][ T9387]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.297064][ T9387]  ? clear_bhb_loop+0x60/0xb0
[  318.297091][ T9387]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.297111][ T9387] RIP: 0033:0x7fefad18e9a9
[  318.297130][ T9387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.297148][ T9387] RSP: 002b:00007fefadfc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  318.297172][ T9387] RAX: ffffffffffffffda RBX: 00007fefad3b5fa0 RCX: 00007fefad18e9a9
[  318.297187][ T9387] RDX: 0000000000000005 RSI: 000000000000011b RDI: 0000000000000003
[  318.297200][ T9387] RBP: 00007fefad210d69 R08: 0000000000000004 R09: 0000000000000000
[  318.297213][ T9387] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  318.297226][ T9387] R13: 0000000000000000 R14: 00007fefad3b5fa0 R15: 00007ffea17d16c8
[  318.297258][ T9387]  </TASK>
[  318.297277][ T9387] Mem-Info:
[  318.671406][ T9387] active_anon:6960 inactive_anon:0 isolated_anon:0
[  318.671406][ T9387]  active_file:18442 inactive_file:39980 isolated_file:0
[  318.671406][ T9387]  unevictable:768 dirty:49 writeback:0
[  318.671406][ T9387]  slab_reclaimable:10847 slab_unreclaimable:97493
[  318.671406][ T9387]  mapped:30636 shmem:1882 pagetables:1427
[  318.671406][ T9387]  sec_pagetables:0 bounce:0
[  318.671406][ T9387]  kernel_misc_reclaimable:0
[  318.671406][ T9387]  free:1301024 free_pcp:21130 free_cma:0
[  318.812078][ T9387] Node 0 active_anon:27940kB inactive_anon:0kB active_file:73768kB inactive_file:159716kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:126544kB dirty:192kB writeback:0kB shmem:5992kB shmem_thp:2048kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12216kB pagetables:5368kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  318.915215][ T9387] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  319.035097][ T9387] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  319.152306][ T9387] lowmem_reserve[]: 0 2496 2497 2497 2497
[  319.182293][ T9387] Node 0 DMA32 free:1300692kB boost:0kB min:34216kB low:42768kB high:51320kB reserved_highatomic:0KB free_highatomic:0KB active_anon:27900kB inactive_anon:0kB active_file:73768kB inactive_file:158572kB unevictable:1536kB writepending:168kB present:3129332kB managed:2556420kB mlocked:0kB bounce:0kB free_pcp:42080kB local_pcp:21432kB free_cma:0kB
[  319.361986][ T9387] lowmem_reserve[]: 0 0 1 1 1
[  319.366815][ T9387] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1076kB unevictable:0kB writepending:4kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  319.448013][ T9387] lowmem_reserve[]: 0 0 0 0 0
[  319.471570][ T9387] Node 1 Normal free:3865816kB boost:0kB min:55672kB low:69588kB high:83504kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:42680kB local_pcp:19936kB free_cma:0kB
[  319.575487][ T9387] lowmem_reserve[]: 0 0 0 0 0
[  319.595882][ T5168] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  319.622386][ T5168] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  319.631102][ T9387] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  319.648985][ T5168] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  319.652178][ T9387] Node 0 DMA32: 359*4kB (UME) 1088*8kB (ME) 1018*16kB (UME) 874*32kB (UME) 575*64kB (ME) 269*128kB (ME) 141*256kB (UME) 74*512kB (ME) 51*1024kB (UM) 12*2048kB (UM) 244*4096kB (UM) = 1275836kB
[  319.680647][ T5168] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  319.688215][   T30] audit: type=1326 audit(1753747409.861:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9412 comm="syz.3.1068" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f06c0d8e9a9 code=0x0
[  319.721571][ T5168] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  319.729275][ T9387] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  319.742036][ T9387] Node 1 Normal: 177*4kB (UME) 25*8kB (UME) 20*16kB (U) 200*32kB (UE) 69*64kB (UE) 12*128kB (U) 6*256kB (U) 9*512kB (UME) 6*1024kB (UE) 1*2048kB (M) 937*4096kB (UM) = 3865868kB
[  319.760684][ T9387] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  319.775215][ T9387] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  319.812721][ T9387] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  319.849234][ T9387] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  319.895647][ T9387] 60283 total pagecache pages
[  319.903358][ T9387] 0 pages in swap cache
[  319.907585][ T9387] Free swap  = 124996kB
[  319.912102][ T9387] Total swap = 124996kB
[  319.930840][ T9387] 2097051 pages RAM
[  319.945033][ T9387] 0 pages HighMem/MovableOnly
[  319.960470][ T9387] 426032 pages reserved
[  319.975647][ T9387] 0 pages cma reserved
[  320.388482][ T9409] chnl_net:caif_netlink_parms(): no params data found
[  321.245909][ T9409] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.300973][ T9409] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.322726][ T9409] bridge_slave_0: entered allmulticast mode
[  321.330792][ T9409] bridge_slave_0: entered promiscuous mode
[  321.389772][ T9409] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.421004][ T9409] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.457497][ T9409] bridge_slave_1: entered allmulticast mode
[  321.518624][ T9409] bridge_slave_1: entered promiscuous mode
[  321.812108][ T5857] Bluetooth: hci5: command tx timeout
[  321.838444][ T9409] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  321.954765][ T9409] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  322.344162][ T9409] team0: Port device team_slave_0 added
[  322.379826][ T9409] team0: Port device team_slave_1 added
[  322.743236][ T9409] batman_adv: batadv0: Adding interface: batadv_slave_0
[  322.775177][ T9409] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.853410][ T9409] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  322.885706][ T9409] batman_adv: batadv0: Adding interface: batadv_slave_1
[  322.912115][ T9409] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  323.001092][ T9409] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  323.315069][ T9409] hsr_slave_0: entered promiscuous mode
[  323.367578][ T9409] hsr_slave_1: entered promiscuous mode
[  323.397476][ T9409] debugfs: 'hsr0' already exists in 'hsr'
[  323.444265][ T9409] Cannot create hsr debugfs directory
[  323.883097][ T5857] Bluetooth: hci5: command tx timeout
[  324.705992][ T9409] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  324.740316][ T9409] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  324.776160][ T9409] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  324.812986][ T9409] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  325.272484][ T9541] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  325.272484][ T9541] The task syz.3.1101 (9541) triggered the difference, watch for misbehavior.
[  325.287441][ T9409] 8021q: adding VLAN 0 to HW filter on device bond0
[  325.439569][ T9409] 8021q: adding VLAN 0 to HW filter on device team0
[  325.515325][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  325.522595][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  325.606059][  T210] bridge0: port 2(bridge_slave_1) entered blocking state
[  325.613355][  T210] bridge0: port 2(bridge_slave_1) entered forwarding state
[  325.962113][ T5857] Bluetooth: hci5: command tx timeout
[  326.829279][ T9409] 8021q: adding VLAN 0 to HW filter on device batadv0
[  327.010406][ T9584] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  328.042134][ T5857] Bluetooth: hci5: command tx timeout
[  328.305831][ T9409] veth0_vlan: entered promiscuous mode
[  328.358909][ T9409] veth1_vlan: entered promiscuous mode
[  328.541468][ T9409] veth0_macvtap: entered promiscuous mode
[  328.631232][ T9409] veth1_macvtap: entered promiscuous mode
[  328.738519][ T9409] batman_adv: batadv0: Interface activated: batadv_slave_0
[  328.810993][ T9409] batman_adv: batadv0: Interface activated: batadv_slave_1
[  328.848014][   T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  328.892965][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  328.947604][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  329.011099][   T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  329.437714][ T3472] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  329.475635][ T3472] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  329.626413][  T210] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  329.656519][  T210] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  333.005657][   T30] audit: type=1326 audit(1753747423.241:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9716 comm="syz.3.1149" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f06c0d8e9a9 code=0x0
[  334.821984][ T5944] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  334.992015][ T5944] usb 5-1: Using ep0 maxpacket: 8
[  335.016138][ T5944] usb 5-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  335.031926][ T5944] usb 5-1: config 0 interface 0 has no altsetting 0
[  335.049607][ T5944] usb 5-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  335.079634][ T5944] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.127821][ T5944] usb 5-1: config 0 descriptor??
[  336.792041][ T5944] usbhid 5-1:0.0: can't add hid device: -71
[  336.809307][ T5944] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  336.862370][ T5944] usb 5-1: USB disconnect, device number 2
[  339.802102][ T5168] Bluetooth: hci0: command 0x0406 tx timeout
[  341.874895][   T43] kernel write not supported for file /vcsa (pid: 43 comm: kworker/1:1)
[  343.392272][ T9892] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1211'.
[  351.753862][T10130] "syz.3.1294" (10130) uses obsolete ecb(arc4) skcipher
[  352.998513][T10162] "syz.4.1304" (10162) uses obsolete ecb(arc4) skcipher
[  354.622068][T10195] "syz.6.1318" (10195) uses obsolete ecb(arc4) skcipher
[  356.013845][  T756] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.157201][  T756] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.309763][  T756] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.494420][  T756] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.088664][  T756] bridge_slave_1: left allmulticast mode
[  357.095478][  T756] bridge_slave_1: left promiscuous mode
[  357.142189][  T756] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.173107][  T756] bridge_slave_0: left allmulticast mode
[  357.178833][  T756] bridge_slave_0: left promiscuous mode
[  357.225792][  T756] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.608133][   T30] audit: type=1326 audit(1753747447.831:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10243 comm="syz.6.1339" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcf3098e9a9 code=0x0
[  357.811364][ T5168] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  357.829302][ T5168] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  357.839696][ T5168] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  357.852983][ T5168] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  357.862569][ T5168] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  359.517117][   T30] audit: type=1326 audit(1753747449.751:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10290 comm="syz.3.1351" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f06c0d8e9a9 code=0x0
[  359.568791][  T756] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  359.607348][  T756] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  359.642206][  T756] bond0 (unregistering): Released all slaves
[  359.969338][ T5857] Bluetooth: hci2: command tx timeout
[  361.286781][  T756] hsr_slave_0: left promiscuous mode
[  361.322046][  T756] hsr_slave_1: left promiscuous mode
[  361.344939][  T756] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  361.384672][  T756] batman_adv: batadv0: Removing interface: batadv_slave_0
[  361.414718][  T756] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  361.439573][  T756] batman_adv: batadv0: Removing interface: batadv_slave_1
[  361.540584][  T756] veth1_macvtap: left promiscuous mode
[  361.565220][  T756] veth0_macvtap: left promiscuous mode
[  361.577546][  T756] veth1_vlan: left promiscuous mode
[  361.590907][  T756] veth0_vlan: left promiscuous mode
[  361.631950][ T5848] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  361.833347][ T5848] usb 7-1: Using ep0 maxpacket: 8
[  361.843900][ T5848] usb 7-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  361.906555][ T5848] usb 7-1: config 0 interface 0 has no altsetting 0
[  361.951913][ T5848] usb 7-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  361.961108][ T5848] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  362.031345][ T5848] usb 7-1: config 0 descriptor??
[  362.042692][ T5857] Bluetooth: hci2: command tx timeout
[  363.642885][ T5848] usbhid 7-1:0.0: can't add hid device: -71
[  363.671406][ T5848] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  363.712829][ T5848] usb 7-1: USB disconnect, device number 2
[  364.130683][ T5857] Bluetooth: hci2: command tx timeout
[  364.318364][T10347] /dev/rnullb0: Can't open blockdev
[  364.751403][  T756] team0 (unregistering): Port device team_slave_1 removed
[  365.016056][  T756] team0 (unregistering): Port device team_slave_0 removed
[  366.211932][ T5857] Bluetooth: hci2: command tx timeout
[  366.221970][  T984] IPVS: starting estimator thread 0...
[  366.322195][T10372] IPVS: using max 25 ests per chain, 60000 per kthread
[  366.472120][ T5939] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  366.654422][ T5939] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  366.702009][ T5939] usb 4-1: config 0 interface 0 has no altsetting 0
[  366.745406][ T5939] usb 4-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  366.788539][ T5939] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  366.817846][ T5939] usb 4-1: Product: syz
[  366.833490][ T5939] usb 4-1: Manufacturer: syz
[  366.852254][ T5939] usb 4-1: SerialNumber: syz
[  366.873202][ T5939] usb 4-1: config 0 descriptor??
[  366.898757][ T5939] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  366.944418][ T5939] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  366.982456][ T5939] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  367.002634][ T5939] usb 4-1: media controller created
[  367.105232][ T5939] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  367.371535][ T5939] DVB: Unable to find symbol tda10046_attach()
[  367.387751][ T5939] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  367.432029][ T5939] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  367.456028][ T5939] dvb_usb_m920x 4-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  367.522813][ T5939] usb 4-1: USB disconnect, device number 47
[  367.712003][ T5940] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  367.846612][T10374] /dev/rnullb0: Can't open blockdev
[  367.901952][ T5940] usb 6-1: Using ep0 maxpacket: 8
[  367.973971][ T5940] usb 6-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  368.020560][ T5940] usb 6-1: config 0 interface 0 has no altsetting 0
[  368.052371][ T5940] usb 6-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  368.105744][ T5940] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.149910][T10249] chnl_net:caif_netlink_parms(): no params data found
[  368.168030][ T5940] usb 6-1: config 0 descriptor??
[  368.875313][T10249] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.912212][T10249] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.919547][T10249] bridge_slave_0: entered allmulticast mode
[  368.988255][T10249] bridge_slave_0: entered promiscuous mode
[  369.070753][T10249] bridge0: port 2(bridge_slave_1) entered blocking state
[  369.099759][T10249] bridge0: port 2(bridge_slave_1) entered disabled state
[  369.141614][T10249] bridge_slave_1: entered allmulticast mode
[  369.182147][T10249] bridge_slave_1: entered promiscuous mode
[  369.455730][T10249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  369.499065][T10249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  369.698873][T10249] team0: Port device team_slave_0 added
[  369.737588][T10249] team0: Port device team_slave_1 added
[  369.944651][T10249] batman_adv: batadv0: Adding interface: batadv_slave_0
[  369.998568][T10249] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  370.076460][T10249] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  370.171126][T10249] batman_adv: batadv0: Adding interface: batadv_slave_1
[  370.202382][T10249] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  370.336020][T10249] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  370.771270][T10249] hsr_slave_0: entered promiscuous mode
[  370.793041][T10249] hsr_slave_1: entered promiscuous mode
[  370.800207][T10249] debugfs: 'hsr0' already exists in 'hsr'
[  370.862300][T10249] Cannot create hsr debugfs directory
[  370.912173][ T5940] usbhid 6-1:0.0: can't add hid device: -71
[  370.918783][ T5940] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  371.008261][ T5940] usb 6-1: USB disconnect, device number 2
[  371.543997][T10431] syz.3.1385: attempt to access beyond end of device
[  371.543997][T10431] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  371.622167][T10431] exFAT-fs (nbd3): unable to read boot sector
[  371.628395][T10431] exFAT-fs (nbd3): failed to read boot sector
[  371.692088][T10431] exFAT-fs (nbd3): failed to recognize exfat type
[  372.285743][T10249] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  372.392936][T10249] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  372.455949][T10249] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  372.546236][T10249] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  373.022998][T10249] 8021q: adding VLAN 0 to HW filter on device bond0
[  373.141159][T10249] 8021q: adding VLAN 0 to HW filter on device team0
[  373.199607][   T34] bridge0: port 1(bridge_slave_0) entered blocking state
[  373.206890][   T34] bridge0: port 1(bridge_slave_0) entered forwarding state
[  373.292869][   T34] bridge0: port 2(bridge_slave_1) entered blocking state
[  373.300371][   T34] bridge0: port 2(bridge_slave_1) entered forwarding state
[  373.432197][ T5940] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  373.632039][ T5940] usb 6-1: config 0 has an invalid interface number: 106 but max is 0
[  373.640968][ T5940] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  373.721989][ T5940] usb 6-1: config 0 has no interface number 0
[  373.740845][ T5940] usb 6-1: config 0 interface 106 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 43
[  373.782071][ T5940] usb 6-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[  373.841933][ T5940] usb 6-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[  373.904994][ T5940] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.984587][ T5940] usb 6-1: config 0 descriptor??
[  374.014790][T10472] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  374.086010][ T5940] usb 6-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  374.276500][   T12] usb 6-1: Failed to submit usb control message: -71
[  374.281772][ T5940] usb 6-1: USB disconnect, device number 3
[  374.311269][   T12] usb 6-1: unable to send the bmi data to the device: -71
[  374.371967][   T12] usb 6-1: unable to get target info from device
[  374.397443][   T12] usb 6-1: could not get target info (-71)
[  374.430017][   T12] usb 6-1: could not probe fw (-71)
[  374.465447][T10249] 8021q: adding VLAN 0 to HW filter on device batadv0
[  375.486426][T10249] veth0_vlan: entered promiscuous mode
[  375.511163][T10249] veth1_vlan: entered promiscuous mode
[  375.615066][T10249] veth0_macvtap: entered promiscuous mode
[  375.637813][T10249] veth1_macvtap: entered promiscuous mode
[  375.706304][T10249] batman_adv: batadv0: Interface activated: batadv_slave_0
[  375.742932][T10249] batman_adv: batadv0: Interface activated: batadv_slave_1
[  375.797832][  T210] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  375.823592][  T210] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  375.864029][  T210] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  375.902400][ T3542] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  376.076900][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.112002][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  376.181757][ T3542] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.218702][ T3542] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  377.272578][  T984] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  377.441944][  T984] usb 4-1: Using ep0 maxpacket: 8
[  377.452319][  T984] usb 4-1: config index 0 descriptor too short (expected 30, got 18)
[  377.477742][  T984] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  377.494247][  T984] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  377.517304][  T984] usb 4-1: Product: syz
[  377.527499][  T984] usb 4-1: Manufacturer: syz
[  377.539592][  T984] usb 4-1: SerialNumber: syz
[  377.566337][  T984] usb 4-1: config 0 descriptor??
[  377.598768][  T984] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  377.627626][  T984] usb 4-1: setting power ON
[  377.640176][  T984] dvb-usb: bulk message failed: -22 (2/0)
[  377.668588][  T984] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  377.690592][  T984] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  377.741608][  T984] usb 4-1: media controller created
[  377.902493][  T984] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  378.003420][  T984] usb 4-1: selecting invalid altsetting 6
[  378.023814][  T984] usb 4-1: digital interface selection failed (-22)
[  378.030496][  T984] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  378.103729][  T984] usb 4-1: setting power OFF
[  378.108797][  T984] dvb-usb: bulk message failed: -22 (2/0)
[  378.146081][  T984] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  378.174437][  T984] (NULL device *): no alternate interface
[  378.302598][  T984] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  378.418355][  T984] usb 4-1: USB disconnect, device number 48
[  378.704417][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  378.710853][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  379.130093][T10590] comedi comedi2: dt2814: I/O port conflict (0x209e1,2)
[  382.042190][ T5940] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  382.252448][ T5940] usb 8-1: Using ep0 maxpacket: 8
[  382.268829][ T5940] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[  382.296771][ T5940] usb 8-1: config 0 has no interface number 0
[  382.319286][ T5940] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  382.360075][ T5940] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  382.401942][ T5940] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  382.468263][ T5940] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  382.541335][ T5940] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  382.583962][ T5940] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.643242][ T5940] usb 8-1: config 0 descriptor??
[  382.699054][ T5940] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  384.112126][ T5943] usb 4-1: new low-speed USB device number 49 using dummy_hcd
[  384.273387][ T5943] usb 4-1: device descriptor read/64, error -71
[  384.532321][ T5943] usb 4-1: new low-speed USB device number 50 using dummy_hcd
[  384.722297][ T5943] usb 4-1: device descriptor read/64, error -71
[  384.753727][   T10] usb 8-1: USB disconnect, device number 2
[  384.796512][   T10] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[  384.856005][ T5943] usb usb4-port1: attempt power cycle
[  385.212108][ T5943] usb 4-1: new low-speed USB device number 51 using dummy_hcd
[  385.263687][ T5943] usb 4-1: device descriptor read/8, error -71
[  385.522259][ T5943] usb 4-1: new low-speed USB device number 52 using dummy_hcd
[  385.563023][ T5943] usb 4-1: device descriptor read/8, error -71
[  385.685034][ T5943] usb usb4-port1: unable to enumerate USB device
[  386.161950][ T5940] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  386.334944][ T5940] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  386.349761][ T5940] usb 7-1: config 0 has no interface number 0
[  386.370326][ T5940] usb 7-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  386.390583][ T5940] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.412554][ T5940] usb 7-1: Product: syz
[  386.417101][ T5940] usb 7-1: Manufacturer: syz
[  386.432337][ T5940] usb 7-1: SerialNumber: syz
[  386.448924][ T5940] usb 7-1: config 0 descriptor??
[  386.515160][T10737] FAULT_INJECTION: forcing a failure.
[  386.515160][T10737] name failslab, interval 1, probability 0, space 0, times 0
[  386.528472][T10737] CPU: 0 UID: 0 PID: 10737 Comm: syz.5.1454 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  386.528507][T10737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  386.528524][T10737] Call Trace:
[  386.528541][T10737]  <TASK>
[  386.528550][T10737]  dump_stack_lvl+0x189/0x250
[  386.528586][T10737]  ? __pfx____ratelimit+0x10/0x10
[  386.528616][T10737]  ? __pfx_dump_stack_lvl+0x10/0x10
[  386.528645][T10737]  ? __pfx__printk+0x10/0x10
[  386.528677][T10737]  ? __pfx___might_resched+0x10/0x10
[  386.528702][T10737]  ? fs_reclaim_acquire+0x7d/0x100
[  386.528734][T10737]  should_fail_ex+0x414/0x560
[  386.528765][T10737]  should_failslab+0xa8/0x100
[  386.528791][T10737]  __kmalloc_noprof+0xcb/0x4f0
[  386.528812][T10737]  ? tomoyo_encode+0x28b/0x550
[  386.528836][T10737]  tomoyo_encode+0x28b/0x550
[  386.528861][T10737]  tomoyo_realpath_from_path+0x58d/0x5d0
[  386.528884][T10737]  ? tomoyo_domain+0xd9/0x130
[  386.528909][T10737]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  386.528936][T10737]  tomoyo_path_number_perm+0x1e8/0x5a0
[  386.528966][T10737]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  386.529012][T10737]  ? __lock_acquire+0xab9/0xd20
[  386.529057][T10737]  ? __fget_files+0x2a/0x420
[  386.529089][T10737]  ? __fget_files+0x2a/0x420
[  386.529117][T10737]  ? __fget_files+0x3a0/0x420
[  386.529144][T10737]  ? __fget_files+0x2a/0x420
[  386.529179][T10737]  security_file_ioctl+0xcb/0x2d0
[  386.529206][T10737]  __se_sys_ioctl+0x47/0x170
[  386.529234][T10737]  do_syscall_64+0xfa/0x3b0
[  386.529263][T10737]  ? lockdep_hardirqs_on+0x9c/0x150
[  386.529290][T10737]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  386.529311][T10737]  ? clear_bhb_loop+0x60/0xb0
[  386.529336][T10737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  386.529359][T10737] RIP: 0033:0x7fe8a158e9a9
[  386.529378][T10737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  386.529396][T10737] RSP: 002b:00007fe8a23a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  386.529417][T10737] RAX: ffffffffffffffda RBX: 00007fe8a17b5fa0 RCX: 00007fe8a158e9a9
[  386.529433][T10737] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  386.529445][T10737] RBP: 00007fe8a23a8090 R08: 0000000000000000 R09: 0000000000000000
[  386.529458][T10737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  386.529470][T10737] R13: 0000000000000000 R14: 00007fe8a17b5fa0 R15: 00007fff94a19fd8
[  386.529502][T10737]  </TASK>
[  386.529607][T10737] ERROR: Out of memory at tomoyo_realpath_from_path.
[  386.788826][ T5940] usb 7-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  386.825076][ T5940] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  386.869748][ T5940] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  386.901059][ T5940] usb 7-1: media controller created
[  387.100774][ T5940] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  387.254353][ T5940] i2c i2c-5: ec100: i2c rd failed=-71 reg=33
[  387.425367][ T5940] usb 7-1: USB disconnect, device number 3
[  388.882875][T10781] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1467'.
[  388.996949][T10783] syz.6.1466 (10783): attempted to duplicate a private mapping with mremap.  This is not supported.
[  389.611476][T10803] FAULT_INJECTION: forcing a failure.
[  389.611476][T10803] name failslab, interval 1, probability 0, space 0, times 0
[  389.642926][T10803] CPU: 1 UID: 0 PID: 10803 Comm: syz.5.1472 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  389.642960][T10803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  389.642973][T10803] Call Trace:
[  389.642983][T10803]  <TASK>
[  389.642992][T10803]  dump_stack_lvl+0x189/0x250
[  389.643030][T10803]  ? __pfx____ratelimit+0x10/0x10
[  389.643061][T10803]  ? __pfx_dump_stack_lvl+0x10/0x10
[  389.643090][T10803]  ? __pfx__printk+0x10/0x10
[  389.643126][T10803]  ? __pfx___might_resched+0x10/0x10
[  389.643152][T10803]  ? fs_reclaim_acquire+0x7d/0x100
[  389.643185][T10803]  should_fail_ex+0x414/0x560
[  389.643218][T10803]  should_failslab+0xa8/0x100
[  389.643245][T10803]  __kmalloc_cache_noprof+0x70/0x3d0
[  389.643270][T10803]  ? media_pipeline_add_pad+0xa9/0x6d0
[  389.643304][T10803]  media_pipeline_add_pad+0xa9/0x6d0
[  389.643339][T10803]  __media_pipeline_start+0x81a/0x2100
[  389.643362][T10803]  ? trace_contention_end+0x39/0x120
[  389.643406][T10803]  ? __pfx_vimc_capture_start_streaming+0x10/0x10
[  389.643440][T10803]  media_pipeline_start+0x51/0x70
[  389.643463][T10803]  vimc_capture_start_streaming+0x7c/0x410
[  389.643502][T10803]  ? __pfx___mutex_lock+0x10/0x10
[  389.643532][T10803]  ? __pfx_vimc_capture_start_streaming+0x10/0x10
[  389.643565][T10803]  vb2_start_streaming+0x125/0x460
[  389.643606][T10803]  vb2_core_streamon+0x2e0/0x4f0
[  389.643643][T10803]  __video_do_ioctl+0xc98/0xdb0
[  389.643676][T10803]  ? __pfx___video_do_ioctl+0x10/0x10
[  389.643712][T10803]  video_usercopy+0x871/0x14f0
[  389.643745][T10803]  ? __pfx___video_do_ioctl+0x10/0x10
[  389.643764][T10803]  ? __pfx_video_usercopy+0x10/0x10
[  389.643797][T10803]  ? __fget_files+0x2a/0x420
[  389.643831][T10803]  ? __fget_files+0x2a/0x420
[  389.643860][T10803]  ? __fget_files+0x3a0/0x420
[  389.643899][T10803]  v4l2_ioctl+0x18a/0x1e0
[  389.643932][T10803]  ? __pfx_v4l2_ioctl+0x10/0x10
[  389.643960][T10803]  __se_sys_ioctl+0xf9/0x170
[  389.643988][T10803]  do_syscall_64+0xfa/0x3b0
[  389.644019][T10803]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.644070][T10803]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.644091][T10803]  ? clear_bhb_loop+0x60/0xb0
[  389.644115][T10803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.644134][T10803] RIP: 0033:0x7fe8a158e9a9
[  389.644153][T10803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  389.644171][T10803] RSP: 002b:00007fe8a23a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  389.644193][T10803] RAX: ffffffffffffffda RBX: 00007fe8a17b5fa0 RCX: 00007fe8a158e9a9
[  389.644209][T10803] RDX: 0000200000000240 RSI: 0000000040045612 RDI: 0000000000000003
[  389.644222][T10803] RBP: 00007fe8a23a8090 R08: 0000000000000000 R09: 0000000000000000
[  389.644234][T10803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  389.644247][T10803] R13: 0000000000000000 R14: 00007fe8a17b5fa0 R15: 00007fff94a19fd8
[  389.644280][T10803]  </TASK>
[  391.099291][T10834] FAULT_INJECTION: forcing a failure.
[  391.099291][T10834] name failslab, interval 1, probability 0, space 0, times 0
[  391.127546][T10834] CPU: 1 UID: 0 PID: 10834 Comm: syz.5.1480 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  391.127579][T10834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  391.127593][T10834] Call Trace:
[  391.127602][T10834]  <TASK>
[  391.127612][T10834]  dump_stack_lvl+0x189/0x250
[  391.127649][T10834]  ? __pfx____ratelimit+0x10/0x10
[  391.127682][T10834]  ? __pfx_dump_stack_lvl+0x10/0x10
[  391.127712][T10834]  ? __pfx__printk+0x10/0x10
[  391.127748][T10834]  ? __pfx___might_resched+0x10/0x10
[  391.127781][T10834]  should_fail_ex+0x414/0x560
[  391.127815][T10834]  should_failslab+0xa8/0x100
[  391.127844][T10834]  __kmalloc_noprof+0xcb/0x4f0
[  391.127868][T10834]  ? __kasan_kmalloc+0x93/0xb0
[  391.127888][T10834]  ? nla_strdup+0x9d/0x140
[  391.127923][T10834]  nla_strdup+0x9d/0x140
[  391.127963][T10834]  nf_tables_newchain+0x1998/0x2900
[  391.128005][T10834]  ? __pfx_nf_tables_newchain+0x10/0x10
[  391.128063][T10834]  ? nfnl_pernet+0x23/0x240
[  391.128097][T10834]  ? __nla_parse+0x40/0x60
[  391.128132][T10834]  nfnetlink_rcv+0x112f/0x2520
[  391.128193][T10834]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  391.128237][T10834]  ? ref_tracker_free+0x63a/0x7d0
[  391.128300][T10834]  ? __netlink_deliver_tap+0x807/0x850
[  391.128340][T10834]  ? netlink_deliver_tap+0x2e/0x1b0
[  391.128370][T10834]  ? netlink_deliver_tap+0x2e/0x1b0
[  391.128406][T10834]  netlink_unicast+0x759/0x8e0
[  391.128447][T10834]  netlink_sendmsg+0x805/0xb30
[  391.128489][T10834]  ? __pfx_netlink_sendmsg+0x10/0x10
[  391.128530][T10834]  ? aa_sock_msg_perm+0xf1/0x1d0
[  391.128564][T10834]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  391.128595][T10834]  ? __pfx_netlink_sendmsg+0x10/0x10
[  391.128628][T10834]  __sock_sendmsg+0x219/0x270
[  391.128660][T10834]  ____sys_sendmsg+0x505/0x830
[  391.128688][T10834]  ? __pfx_____sys_sendmsg+0x10/0x10
[  391.128719][T10834]  ? import_iovec+0x74/0xa0
[  391.128746][T10834]  ___sys_sendmsg+0x21f/0x2a0
[  391.128772][T10834]  ? __pfx____sys_sendmsg+0x10/0x10
[  391.128835][T10834]  ? __fget_files+0x2a/0x420
[  391.128867][T10834]  ? __fget_files+0x3a0/0x420
[  391.128909][T10834]  __x64_sys_sendmsg+0x19b/0x260
[  391.128936][T10834]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  391.128998][T10834]  ? __pfx_ksys_write+0x10/0x10
[  391.129022][T10834]  ? rcu_is_watching+0x15/0xb0
[  391.129055][T10834]  ? do_syscall_64+0xbe/0x3b0
[  391.129092][T10834]  do_syscall_64+0xfa/0x3b0
[  391.129121][T10834]  ? lockdep_hardirqs_on+0x9c/0x150
[  391.129150][T10834]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.129171][T10834]  ? clear_bhb_loop+0x60/0xb0
[  391.129208][T10834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.129430][T10834] RIP: 0033:0x7fe8a158e9a9
[  391.129451][T10834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  391.129470][T10834] RSP: 002b:00007fe8a23a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  391.129492][T10834] RAX: ffffffffffffffda RBX: 00007fe8a17b5fa0 RCX: 00007fe8a158e9a9
[  391.129506][T10834] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  391.129519][T10834] RBP: 00007fe8a23a8090 R08: 0000000000000000 R09: 0000000000000000
[  391.129532][T10834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  391.129544][T10834] R13: 0000000000000000 R14: 00007fe8a17b5fa0 R15: 00007fff94a19fd8
[  391.129577][T10834]  </TASK>
[  392.063525][ T5940] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  392.273165][ T5940] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  392.314750][ T5940] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  392.336113][ T5940] usb 6-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[  392.361237][ T5940] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  392.415550][ T5940] usb 6-1: config 0 descriptor??
[  392.875486][T10836] trusted_key: encrypted_key: master key parameter '' is invalid
[  392.924995][ T5940] usbhid 6-1:0.0: can't add hid device: -71
[  392.931197][ T5940] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  392.965373][ T5940] usb 6-1: USB disconnect, device number 4
[  395.676973][ T5940] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  395.842659][ T5940] usb 8-1: Using ep0 maxpacket: 32
[  395.866632][ T5940] usb 8-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  395.894499][ T5940] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  395.923197][ T5940] usb 8-1: config 0 descriptor??
[  395.957203][ T5940] gspca_main: nw80x-2.14.0 probing 055f:d001
[  397.504962][T10975] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  398.411348][   T10] usb 8-1: USB disconnect, device number 3
[  400.362246][   T43] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  400.526572][   T43] usb 8-1: device descriptor read/64, error -71
[  400.813323][   T43] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  400.971981][   T43] usb 8-1: device descriptor read/64, error -71
[  401.094100][   T43] usb usb8-port1: attempt power cycle
[  401.452813][   T43] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  401.492804][   T43] usb 8-1: device descriptor read/8, error -71
[  401.762675][   T43] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  401.817809][   T43] usb 8-1: device descriptor read/8, error -71
[  401.881212][T11080] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  401.955020][   T43] usb usb8-port1: unable to enumerate USB device
[  402.685479][T11101] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1546'.
[  402.715154][T11098] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1546'.
[  402.758509][T11101] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1546'.
[  402.866593][T11101] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1546'.
[  403.887582][T11126] netlink: 165 bytes leftover after parsing attributes in process `syz.5.1552'.
[  405.143489][T11165] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.1565'.
[  405.160014][T11166] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.1565'.
[  408.088259][T11243] dvmrp0: entered allmulticast mode
[  408.432943][T11254] syzkaller1: entered promiscuous mode
[  408.438587][T11254] syzkaller1: entered allmulticast mode
[  408.702194][T11263] fuse: Bad value for 'fd'
[  409.272005][ T5943] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  409.472850][ T5943] usb 8-1: Using ep0 maxpacket: 8
[  409.505099][ T5943] usb 8-1: config index 0 descriptor too short (expected 6427, got 27)
[  409.528161][ T5943] usb 8-1: config 0 has an invalid interface number: 21 but max is 0
[  409.554604][ T5943] usb 8-1: config 0 has no interface number 0
[  409.573614][ T5943] usb 8-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  409.614686][ T5943] usb 8-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  409.649511][ T5943] usb 8-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  409.687403][   T10] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  409.717616][ T5943] usb 8-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  409.754292][ T5943] usb 8-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[  409.785345][ T5943] usb 8-1: Product: syz
[  409.809159][ T5943] usb 8-1: config 0 descriptor??
[  409.849197][T11271] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  409.882455][   T10] usb 6-1: Using ep0 maxpacket: 32
[  409.915167][   T10] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  409.956851][   T10] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x2 has invalid wMaxPacketSize 0
[  409.977348][   T10] usb 6-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  410.082128][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  410.089487][   T10] usb 6-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  410.175943][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  410.199250][ T5943] usb 8-1: USB disconnect, device number 8
[  410.220554][   T10] usb 6-1: config 0 descriptor??
[  410.818137][T11308] fuse: Bad value for 'fd'
[  410.993226][   T10] usbhid 6-1:0.0: can't add hid device: -71
[  411.031709][   T10] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  411.081794][   T10] usb 6-1: USB disconnect, device number 5
[  412.922357][ T5939] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  413.132208][ T5939] usb 6-1: Using ep0 maxpacket: 32
[  413.142087][   T10] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  413.225122][T11329] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  413.284873][T11329] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  413.312090][   T10] usb 8-1: Using ep0 maxpacket: 8
[  413.329432][   T10] usb 8-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  413.368036][   T10] usb 8-1: config 0 interface 0 has no altsetting 0
[  413.372934][T11329] syzkaller1: entered promiscuous mode
[  413.395726][   T10] usb 8-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  413.401995][T11329] syzkaller1: entered allmulticast mode
[  413.431076][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.469214][   T10] usb 8-1: config 0 descriptor??
[  413.562811][ T5939] usb 6-1: unable to get BOS descriptor or descriptor too short
[  413.623976][ T5939] usb 6-1: unable to read config index 0 descriptor/start: -71
[  413.643812][ T5939] usb 6-1: can't read configurations, error -71
[  414.169228][   T10] uclogic 0003:28BD:0071.000B: interface is invalid, ignoring
[  414.198060][T11340] fuse: Bad value for 'fd'
[  414.262679][T11339] FAULT_INJECTION: forcing a failure.
[  414.262679][T11339] name failslab, interval 1, probability 0, space 0, times 0
[  414.309932][  T929] usb 8-1: USB disconnect, device number 9
[  414.341895][T11339] CPU: 1 UID: 0 PID: 11339 Comm: syz.3.1616 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  414.341927][T11339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  414.341940][T11339] Call Trace:
[  414.341948][T11339]  <TASK>
[  414.341958][T11339]  dump_stack_lvl+0x189/0x250
[  414.342009][T11339]  ? __pfx____ratelimit+0x10/0x10
[  414.342040][T11339]  ? __pfx_dump_stack_lvl+0x10/0x10
[  414.342068][T11339]  ? __pfx__printk+0x10/0x10
[  414.342098][T11339]  ? __pfx___might_resched+0x10/0x10
[  414.342124][T11339]  ? fs_reclaim_acquire+0x7d/0x100
[  414.342155][T11339]  should_fail_ex+0x414/0x560
[  414.342184][T11339]  should_failslab+0xa8/0x100
[  414.342211][T11339]  __kmalloc_noprof+0xcb/0x4f0
[  414.342237][T11339]  ? tomoyo_encode+0x28b/0x550
[  414.342286][T11339]  tomoyo_encode+0x28b/0x550
[  414.342327][T11339]  tomoyo_realpath_from_path+0x58d/0x5d0
[  414.342354][T11339]  ? tomoyo_domain+0xd9/0x130
[  414.342383][T11339]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  414.342416][T11339]  tomoyo_path_number_perm+0x1e8/0x5a0
[  414.342450][T11339]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  414.342501][T11339]  ? __lock_acquire+0xab9/0xd20
[  414.342553][T11339]  ? __fget_files+0x2a/0x420
[  414.342589][T11339]  ? __fget_files+0x2a/0x420
[  414.342622][T11339]  ? __fget_files+0x3a0/0x420
[  414.342654][T11339]  ? __fget_files+0x2a/0x420
[  414.342692][T11339]  security_file_ioctl+0xcb/0x2d0
[  414.342725][T11339]  __se_sys_ioctl+0x47/0x170
[  414.342756][T11339]  do_syscall_64+0xfa/0x3b0
[  414.342790][T11339]  ? lockdep_hardirqs_on+0x9c/0x150
[  414.342822][T11339]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  414.342845][T11339]  ? clear_bhb_loop+0x60/0xb0
[  414.342874][T11339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  414.342897][T11339] RIP: 0033:0x7f06c0d8e9a9
[  414.342917][T11339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  414.342937][T11339] RSP: 002b:00007f06c1b6d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  414.342964][T11339] RAX: ffffffffffffffda RBX: 00007f06c0fb5fa0 RCX: 00007f06c0d8e9a9
[  414.342982][T11339] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  414.342997][T11339] RBP: 00007f06c1b6d090 R08: 0000000000000000 R09: 0000000000000000
[  414.343010][T11339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  414.343023][T11339] R13: 0000000000000000 R14: 00007f06c0fb5fa0 R15: 00007fffd29d1138
[  414.343060][T11339]  </TASK>
[  414.343087][T11339] ERROR: Out of memory at tomoyo_realpath_from_path.
[  414.670793][T11345] program syz.6.1617 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  415.972011][  T929] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  415.992783][T11373] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  416.162180][  T929] usb 7-1: Using ep0 maxpacket: 32
[  416.197932][T11369] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  416.207359][T11369] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  416.237005][T11369] syzkaller1: entered promiscuous mode
[  416.243523][T11369] syzkaller1: entered allmulticast mode
[  416.397403][  T929] usb 7-1: unable to get BOS descriptor or descriptor too short
[  416.409731][  T929] usb 7-1: unable to read config index 0 descriptor/start: -71
[  416.417533][  T929] usb 7-1: can't read configurations, error -71
[  416.792689][T11391] FAULT_INJECTION: forcing a failure.
[  416.792689][T11391] name failslab, interval 1, probability 0, space 0, times 0
[  416.792779][T11391] CPU: 0 UID: 0 PID: 11391 Comm: syz.7.1636 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  416.792803][T11391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  416.792816][T11391] Call Trace:
[  416.792824][T11391]  <TASK>
[  416.792833][T11391]  dump_stack_lvl+0x189/0x250
[  416.792868][T11391]  ? __pfx____ratelimit+0x10/0x10
[  416.792899][T11391]  ? __pfx_dump_stack_lvl+0x10/0x10
[  416.792927][T11391]  ? __pfx__printk+0x10/0x10
[  416.792964][T11391]  ? __pfx___might_resched+0x10/0x10
[  416.792989][T11391]  ? fs_reclaim_acquire+0x7d/0x100
[  416.793022][T11391]  should_fail_ex+0x414/0x560
[  416.793054][T11391]  should_failslab+0xa8/0x100
[  416.793081][T11391]  __kmalloc_noprof+0xcb/0x4f0
[  416.793102][T11391]  ? drm_atomic_state_init+0x106/0x310
[  416.793128][T11391]  drm_atomic_state_init+0x106/0x310
[  416.793152][T11391]  drm_atomic_state_alloc+0xbc/0x100
[  416.793175][T11391]  drm_client_modeset_commit_atomic+0xe2/0x760
[  416.793198][T11391]  ? trace_contention_end+0x39/0x120
[  416.793232][T11391]  ? trace_contention_end+0x39/0x120
[  416.793263][T11391]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  416.793308][T11391]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  416.793353][T11391]  drm_client_modeset_commit_locked+0xcb/0x4d0
[  416.793379][T11391]  drm_fb_helper_pan_display+0x3e7/0xbd0
[  416.793431][T11391]  fb_pan_display+0x39e/0x680
[  416.793461][T11391]  ? __pfx_drm_fb_helper_pan_display+0x10/0x10
[  416.793495][T11391]  bit_update_start+0x4d/0x1e0
[  416.793518][T11391]  fbcon_switch+0x1568/0x2040
[  416.793562][T11391]  ? __pfx_fbcon_switch+0x10/0x10
[  416.793610][T11391]  ? __pfx_hide_cursor+0x10/0x10
[  416.793641][T11391]  ? is_console_locked+0x9/0x20
[  416.793668][T11391]  ? set_origin+0x346/0x480
[  416.793696][T11391]  redraw_screen+0x56a/0xe90
[  416.793733][T11391]  ? __pfx_redraw_screen+0x10/0x10
[  416.793765][T11391]  ? is_console_locked+0x9/0x20
[  416.793791][T11391]  ? fbcon_clear_margins+0x283/0x410
[  416.793823][T11391]  fbcon_do_set_font+0xb3d/0x1120
[  416.793880][T11391]  con_font_op+0x84b/0x1070
[  416.793920][T11391]  ? __lock_acquire+0xab9/0xd20
[  416.793944][T11391]  ? __pfx_con_font_op+0x10/0x10
[  416.794012][T11391]  vt_ioctl+0x1a8a/0x1f00
[  416.794046][T11391]  ? __pfx_vt_ioctl+0x10/0x10
[  416.794089][T11391]  ? __fget_files+0x2a/0x420
[  416.794124][T11391]  ? __fget_files+0x3a0/0x420
[  416.794153][T11391]  ? __fget_files+0x2a/0x420
[  416.794185][T11391]  tty_ioctl+0x926/0xde0
[  416.794205][T11391]  ? __pfx_tty_ioctl+0x10/0x10
[  416.794223][T11391]  __se_sys_ioctl+0xf9/0x170
[  416.794251][T11391]  do_syscall_64+0xfa/0x3b0
[  416.794280][T11391]  ? lockdep_hardirqs_on+0x9c/0x150
[  416.794308][T11391]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.794329][T11391]  ? clear_bhb_loop+0x60/0xb0
[  416.794355][T11391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.794375][T11391] RIP: 0033:0x7f6347f8e9a9
[  416.794399][T11391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  416.794417][T11391] RSP: 002b:00007f6348d9b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  416.794438][T11391] RAX: ffffffffffffffda RBX: 00007f63481b5fa0 RCX: 00007f6347f8e9a9
[  416.794454][T11391] RDX: 00002000000000c0 RSI: 0000000000004b72 RDI: 0000000000000003
[  416.794466][T11391] RBP: 00007f6348d9b090 R08: 0000000000000000 R09: 0000000000000000
[  416.794479][T11391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  416.794491][T11391] R13: 0000000000000000 R14: 00007f63481b5fa0 R15: 00007ffd47c266e8
[  416.794525][T11391]  </TASK>
[  417.225721][T11401] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  418.641977][  T929] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  418.814282][  T929] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  418.831767][  T929] usb 4-1: config 0 interface 0 has no altsetting 0
[  418.851750][  T929] usb 4-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  418.861324][  T929] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  418.881362][  T929] usb 4-1: Product: syz
[  418.886001][  T929] usb 4-1: Manufacturer: syz
[  418.890819][  T929] usb 4-1: SerialNumber: syz
[  418.915261][  T929] usb 4-1: config 0 descriptor??
[  418.934166][  T929] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  418.954296][  T929] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  418.972766][  T929] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  418.992028][  T929] usb 4-1: media controller created
[  419.087368][  T929] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  419.222481][  T929] DVB: Unable to find symbol tda10046_attach()
[  419.228726][  T929] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  419.271777][  T929] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  419.296096][  T929] dvb_usb_m920x 4-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  419.339397][  T929] usb 4-1: USB disconnect, device number 53
[  419.782659][ T5939] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  419.812281][  T984] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  419.962336][  T984] usb 6-1: device descriptor read/64, error -71
[  419.971897][ T5939] usb 8-1: Using ep0 maxpacket: 32
[  420.026268][T11434] overlayfs: failed to resolve './file0': -2
[  420.078541][T11422] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  420.105315][T11422] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  420.193272][T11422] syzkaller1: entered promiscuous mode
[  420.222518][T11422] syzkaller1: entered allmulticast mode
[  420.229540][  T984] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  420.391979][  T984] usb 6-1: device descriptor read/64, error -71
[  420.518021][  T984] usb usb6-port1: attempt power cycle
[  420.542099][ T5939] usb 8-1: unable to get BOS descriptor or descriptor too short
[  420.584363][ T5939] usb 8-1: unable to read config index 0 descriptor/start: -71
[  420.594422][ T5939] usb 8-1: can't read configurations, error -71
[  420.904553][  T984] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  420.932907][  T984] usb 6-1: device descriptor read/8, error -71
[  421.202004][  T984] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  421.246282][  T984] usb 6-1: device descriptor read/8, error -71
[  421.363772][  T984] usb usb6-port1: unable to enumerate USB device
[  421.781510][T11461] loop3: detected capacity change from 0 to 1
[  421.800037][ T5845] Dev loop3: unable to read RDB block 1
[  421.816800][ T5845]  loop3: unable to read partition table
[  421.829768][ T5845] loop3: partition table beyond EOD, truncated
[  421.877699][T11461] Dev loop3: unable to read RDB block 1
[  421.908022][T11461]  loop3: unable to read partition table
[  421.927871][T11461] loop3: partition table beyond EOD, truncated
[  421.958212][T11461] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  422.782005][  T984] usb 8-1: new full-speed USB device number 12 using dummy_hcd
[  422.964467][  T984] usb 8-1: not running at top speed; connect to a high speed hub
[  422.977997][  T984] usb 8-1: config 1 interface 0 altsetting 5 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  423.009081][  T984] usb 8-1: config 1 interface 0 has no altsetting 0
[  423.057903][  T984] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  423.084004][  T984] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.101907][  T984] usb 8-1: Product: syz
[  423.110466][  T984] usb 8-1: Manufacturer: syz
[  423.131983][  T984] usb 8-1: SerialNumber: syz
[  423.154177][T11476] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  423.173932][T11490] 9pnet_fd: Insufficient options for proto=fd
[  423.612367][  T984] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -71
[  423.679165][  T984] usb 8-1: USB disconnect, device number 12
[  424.149399][T11513] autofs: Unknown parameter '¤h.¥'
[  424.242670][T11512] netlink: 'syz.3.1683': attribute type 10 has an invalid length.
[  424.251151][T11512] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1683'.
[  424.693353][T11526] 9pnet_fd: Insufficient options for proto=fd
[  424.970483][T11537] fuse: Bad value for 'fd'
[  425.571975][ T5848] usb 8-1: new low-speed USB device number 13 using dummy_hcd
[  425.753329][T11560] netlink: 'syz.5.1698': attribute type 10 has an invalid length.
[  425.773746][ T5848] usb 8-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  425.810537][ T5848] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.823985][T11560] netlink: 144 bytes leftover after parsing attributes in process `syz.5.1698'.
[  425.855594][ T5848] usb 8-1: config 0 descriptor??
[  426.006443][T11567] fuse: Bad value for 'fd'
[  426.461038][T11577] 9pnet_fd: Insufficient options for proto=fd
[  427.079859][ T5848] asix 8-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  427.098661][ T5848] asix 8-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  427.175616][ T5848] asix 8-1:0.0: probe with driver asix failed with error -71
[  427.246559][ T5848] usb 8-1: USB disconnect, device number 13
[  427.476156][T11596] fuse: Bad value for 'fd'
[  427.748469][T11603] XFS (rnullb0): Invalid superblock magic number
[  427.828191][T11611] netlink: 'syz.6.1711': attribute type 10 has an invalid length.
[  427.902515][T11611] netlink: 144 bytes leftover after parsing attributes in process `syz.6.1711'.
[  428.491654][T11630] 9pnet_fd: Insufficient options for proto=fd
[  429.223203][T11646] kAFS: unparsable volume name
[  429.255776][T11648] kAFS: unparsable volume name
[  429.270257][T11649] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1729'.
[  429.279655][ T5939] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  429.443091][ T5939] usb 6-1: Using ep0 maxpacket: 32
[  429.466485][ T5939] usb 6-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  429.496315][ T5939] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  429.547977][  T984] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  429.563332][ T5939] usb 6-1: config 0 descriptor??
[  429.612595][ T5939] gspca_main: sunplus-2.14.0 probing 041e:400b
[  429.736906][  T984] usb 4-1: Using ep0 maxpacket: 32
[  429.751353][  T984] usb 4-1: too many endpoints for config 0 interface 0 altsetting 1: 128, using maximum allowed: 30
[  429.801035][  T984] usb 4-1: config 0 interface 0 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 128
[  429.832613][  T984] usb 4-1: config 0 interface 0 has no altsetting 0
[  429.849637][  T984] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  429.868070][  T984] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  429.909233][  T984] usb 4-1: config 0 descriptor??
[  430.178604][T11641] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  430.192743][T11641] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  430.228525][ T5939] gspca_sunplus: reg_r err -71
[  430.242401][ T5939] sunplus 6-1:0.0: probe with driver sunplus failed with error -71
[  430.276833][ T5939] usb 6-1: USB disconnect, device number 12
[  430.550999][  T984] usb 4-1: string descriptor 0 read error: -71
[  430.573496][  T984] gspca_main: sunplus-2.14.0 probing 041e:400b
[  430.599315][  T984] gspca_sunplus: reg_w_riv err -71
[  430.628169][  T984] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  430.666385][T11670] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1739'.
[  430.669123][  T984] usb 4-1: USB disconnect, device number 54
[  430.842054][ T5848] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  430.922739][T11674] netlink: 'syz.5.1741': attribute type 40 has an invalid length.
[  431.013564][ T5848] usb 8-1: Using ep0 maxpacket: 8
[  431.037280][ T5848] usb 8-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  431.101974][ T5848] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  431.111889][ T5848] usb 8-1: Product: syz
[  431.122265][ T5848] usb 8-1: Manufacturer: syz
[  431.126982][ T5848] usb 8-1: SerialNumber: syz
[  431.184062][ T5848] usb 8-1: config 0 descriptor??
[  431.393112][T11668] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1738'.
[  431.479910][ T5848] usb 8-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  431.962164][ T5168] Bluetooth: hci4: command 0x0406 tx timeout
[  432.032463][ T5939] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  432.192436][ T5939] usb 4-1: Using ep0 maxpacket: 16
[  432.214836][ T5939] usb 4-1: config 0 has an invalid interface number: 8 but max is 0
[  432.238877][ T5939] usb 4-1: config 0 has no interface number 0
[  432.256564][ T5939] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  432.313456][ T5939] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  432.360908][ T5939] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  432.390799][ T5939] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  432.412266][ T5939] usb 4-1: Product: syz
[  432.416753][ T5939] usb 4-1: SerialNumber: syz
[  432.434926][ T5939] usb 4-1: config 0 descriptor??
[  432.464736][ T5939] cm109 4-1:0.8: invalid payload size 0, expected 4
[  432.478082][ T5848] dvb_usb_rtl28xxu 8-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  432.489383][ T5939] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input25
[  432.705582][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  432.714371][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  432.722135][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  432.725026][ T5848] usb 4-1: USB disconnect, device number 55
[  432.729484][    C0] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  432.830286][ T5848] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  433.398910][T11724] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1761'.
[  434.352488][  T984] usb 8-1: USB disconnect, device number 14
[  434.752955][T11759] netlink: set zone limit has 4 unknown bytes
[  436.042027][ T5944] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  436.225444][ T5944] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  436.257099][ T5944] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  436.302460][ T5944] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  436.372973][ T5944] usb 4-1: config 0 descriptor??
[  436.385974][ T5944] pwc: Askey VC010 type 2 USB webcam detected.
[  436.788617][ T5944] pwc: recv_control_msg error -32 req 02 val 2b00
[  436.803113][ T5944] pwc: recv_control_msg error -32 req 02 val 2700
[  436.823176][ T5944] pwc: recv_control_msg error -32 req 02 val 2c00
[  436.846237][ T5944] pwc: recv_control_msg error -32 req 04 val 1000
[  436.863476][ T5944] pwc: recv_control_msg error -32 req 04 val 1300
[  436.879258][ T5944] pwc: recv_control_msg error -32 req 04 val 1400
[  436.891175][ T5944] pwc: recv_control_msg error -32 req 02 val 2000
[  436.904592][ T5944] pwc: recv_control_msg error -32 req 02 val 2100
[  436.919909][ T5944] pwc: recv_control_msg error -32 req 04 val 1500
[  436.944755][ T5944] pwc: recv_control_msg error -32 req 02 val 2500
[  436.962174][ T5944] pwc: recv_control_msg error -32 req 02 val 2400
[  436.972689][ T5944] pwc: recv_control_msg error -32 req 02 val 2600
[  437.182866][T11793] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  437.189554][ T5944] pwc: recv_control_msg error -32 req 02 val 2800
[  437.202320][T11793] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  437.227856][T11793] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  437.247826][T11793] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  437.291482][T11793] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  437.319348][T11793] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  437.355314][T11793] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  437.397366][T11793] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  437.410131][T11826] netlink: 44 bytes leftover after parsing attributes in process `syz.6.1802'.
[  437.420671][T11793] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  437.432497][T11793] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  437.478253][ T5944] pwc: recv_control_msg error -71 req 04 val 1200
[  437.533397][ T5944] pwc: Registered as video103.
[  437.540542][ T5944] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input26
[  437.682587][ T5944] usb 4-1: USB disconnect, device number 56
[  438.581978][   T10] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  438.762241][   T10] usb 8-1: Using ep0 maxpacket: 8
[  438.783728][   T10] usb 8-1: config 0 has no interfaces?
[  438.791776][   T10] usb 8-1: New USB device found, idVendor=04e2, idProduct=1412, bcdDevice=ca.10
[  438.813066][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  438.841372][   T10] usb 8-1: Product: syz
[  438.850667][   T10] usb 8-1: Manufacturer: syz
[  438.857067][   T10] usb 8-1: SerialNumber: syz
[  438.896879][   T10] usb 8-1: config 0 descriptor??
[  438.914814][T11861] netlink: 'syz.3.1817': attribute type 27 has an invalid length.
[  438.955359][T11861] ptrace attach of "./syz-executor exec"[5850] was attempted by "ÉôÔ“€7çE\x09Å»    宬›ò¾áPÕ"[11861]
[  439.152195][   T10] usb 8-1: USB disconnect, device number 15
[  439.396815][T11869] netlink: 592 bytes leftover after parsing attributes in process `syz.5.1821'.
[  439.638532][T11877] nbd: must specify a device to reconfigure
[  439.652643][T11877] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  439.916516][ T5857] Bluetooth: hci2: unexpected event 0x08 length: 99 > 4
[  440.022248][T11889] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  440.134480][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  440.141230][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  440.351931][ T5848] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  440.523283][ T5848] usb 6-1: Using ep0 maxpacket: 32
[  440.549266][ T5848] usb 6-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  440.573230][ T5848] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  440.600732][ T5848] usb 6-1: Product: syz
[  440.622766][ T5848] usb 6-1: Manufacturer: syz
[  440.636430][ T5848] usb 6-1: SerialNumber: syz
[  440.666941][ T5848] usb 6-1: config 0 descriptor??
[  440.672514][  T929] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  440.701632][ T5848] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  440.852834][  T929] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  440.886939][  T929] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  440.913783][  T929] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  440.942074][  T929] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  440.966668][  T929] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  441.031334][  T929] usb 8-1: config 0 descriptor??
[  441.492171][  T984] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  441.500966][  T929] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  441.523589][T11890] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  441.529166][  T929] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  441.537575][T11890] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  441.570905][  T929] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  441.589058][  T929] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  441.609380][  T929] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  441.627701][  T929] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  441.646061][  T929] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  441.654089][  T929] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  441.662326][  T929] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  441.669915][  T929] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  441.669975][  T984] usb 4-1: Using ep0 maxpacket: 32
[  441.712268][T11904] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  441.714587][  T984] usb 4-1: device descriptor read/all, error -61
[  441.728258][  T929] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  441.745490][T11904] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  441.868211][   T10] usb 8-1: USB disconnect, device number 16
[  441.883981][  T984] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  441.948813][T11921] fido_id[11921]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory
[  441.972166][T11896] Bluetooth: hci2: command 0x0406 tx timeout
[  442.043046][  T984] usb 4-1: device descriptor read/64, error -71
[  442.152818][  T984] usb usb4-port1: attempt power cycle
[  442.202206][ T5857] Bluetooth: hci5: command 0x0406 tx timeout
[  442.373580][ T5848] gspca_ov534_9: reg_r err -71
[  442.502879][  T984] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  442.556471][  T984] usb 4-1: device descriptor read/8, error -71
[  442.631927][ T5848] gspca_ov534_9: Unknown sensor 0000
[  442.632030][ T5848] ov534_9 6-1:0.0: probe with driver ov534_9 failed with error -22
[  442.727852][ T5848] usb 6-1: USB disconnect, device number 13
[  442.813345][  T984] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  442.843790][  T984] usb 4-1: device descriptor read/8, error -71
[  442.952399][  T984] usb usb4-port1: unable to enumerate USB device
[  443.701973][  T984] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  443.875789][  T984] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  443.901890][  T984] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  443.931927][  T984] usb 7-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  443.951305][  T984] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.985857][  T984] usb 7-1: config 0 descriptor??
[  444.252703][  T984] usbhid 7-1:0.0: can't add hid device: -71
[  444.279175][  T984] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  444.320549][  T984] usb 7-1: USB disconnect, device number 6
[  444.332739][ T5848] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  444.469617][T11957] mkiss: ax0: crc mode is auto.
[  444.515566][ T5848] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  444.526818][ T5848] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  444.548089][ T5848] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  444.575884][ T5848] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  444.589048][ T5848] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.600722][ T5848] usb 6-1: config 0 descriptor??
[  444.674318][T11966] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  444.757801][T11971] ntfs3(loop7): try to read out of volume at offset 0x0
[  444.901747][T11957] mkiss: ax0: crc mode is auto.
[  445.051338][ T5848] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  445.262205][T11954] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  445.297460][T11954] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  445.438491][ T5848] usb 6-1: USB disconnect, device number 14
[  445.699871][T11990] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  445.722918][T11990] FAULT_INJECTION: forcing a failure.
[  445.722918][T11990] name failslab, interval 1, probability 0, space 0, times 0
[  445.756600][T11990] CPU: 1 UID: 0 PID: 11990 Comm: syz.7.1856 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  445.756633][T11990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  445.756646][T11990] Call Trace:
[  445.756655][T11990]  <TASK>
[  445.756664][T11990]  dump_stack_lvl+0x189/0x250
[  445.756698][T11990]  ? __pfx____ratelimit+0x10/0x10
[  445.756728][T11990]  ? __pfx_dump_stack_lvl+0x10/0x10
[  445.756757][T11990]  ? __pfx__printk+0x10/0x10
[  445.756789][T11990]  ? __pfx___might_resched+0x10/0x10
[  445.756815][T11990]  ? fs_reclaim_acquire+0x7d/0x100
[  445.756846][T11990]  should_fail_ex+0x414/0x560
[  445.756876][T11990]  should_failslab+0xa8/0x100
[  445.756903][T11990]  __kmalloc_cache_noprof+0x70/0x3d0
[  445.756926][T11990]  ? iopt_alloc_pages+0x85/0x490
[  445.756960][T11990]  iopt_alloc_pages+0x85/0x490
[  445.756995][T11990]  iopt_alloc_user_pages+0x42/0xe0
[  445.757028][T11990]  iopt_map_user_pages+0x4e/0xd0
[  445.757058][T11990]  iommufd_ioas_map+0x392/0x4c0
[  445.757097][T11990]  ? __pfx_iommufd_ioas_map+0x10/0x10
[  445.757136][T11990]  iommufd_fops_ioctl+0x45e/0x580
[  445.757173][T11990]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  445.757209][T11990]  ? __fget_files+0x2a/0x420
[  445.757246][T11990]  ? __fget_files+0x2a/0x420
[  445.757288][T11990]  ? bpf_lsm_file_ioctl+0x9/0x20
[  445.757308][T11990]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  445.757339][T11990]  __se_sys_ioctl+0xf9/0x170
[  445.757365][T11990]  do_syscall_64+0xfa/0x3b0
[  445.757394][T11990]  ? lockdep_hardirqs_on+0x9c/0x150
[  445.757423][T11990]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.757444][T11990]  ? clear_bhb_loop+0x60/0xb0
[  445.757469][T11990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.757489][T11990] RIP: 0033:0x7f6347f8e9a9
[  445.757508][T11990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  445.757525][T11990] RSP: 002b:00007f6348d9b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  445.757546][T11990] RAX: ffffffffffffffda RBX: 00007f63481b5fa0 RCX: 00007f6347f8e9a9
[  445.757561][T11990] RDX: 00002000000007c0 RSI: 0000000000003b85 RDI: 0000000000000003
[  445.757574][T11990] RBP: 00007f6348d9b090 R08: 0000000000000000 R09: 0000000000000000
[  445.757587][T11990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  445.757598][T11990] R13: 0000000000000000 R14: 00007f63481b5fa0 R15: 00007ffd47c266e8
[  445.757630][T11990]  </TASK>
[  446.739878][T12008] /dev/rnullb0: Can't open blockdev
[  446.851726][T12013] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  446.886904][T12013] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  448.096725][T12029] FAULT_INJECTION: forcing a failure.
[  448.096725][T12029] name failslab, interval 1, probability 0, space 0, times 0
[  448.133818][T12029] CPU: 0 UID: 0 PID: 12029 Comm: syz.5.1879 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  448.133861][T12029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  448.133874][T12029] Call Trace:
[  448.133882][T12029]  <TASK>
[  448.133891][T12029]  dump_stack_lvl+0x189/0x250
[  448.133926][T12029]  ? __pfx____ratelimit+0x10/0x10
[  448.133956][T12029]  ? __pfx_dump_stack_lvl+0x10/0x10
[  448.133985][T12029]  ? __pfx__printk+0x10/0x10
[  448.134018][T12029]  ? __pfx___might_resched+0x10/0x10
[  448.134043][T12029]  ? fs_reclaim_acquire+0x7d/0x100
[  448.134075][T12029]  should_fail_ex+0x414/0x560
[  448.134107][T12029]  should_failslab+0xa8/0x100
[  448.134135][T12029]  __kmalloc_noprof+0xcb/0x4f0
[  448.134157][T12029]  ? tomoyo_encode+0x28b/0x550
[  448.134181][T12029]  tomoyo_encode+0x28b/0x550
[  448.134207][T12029]  tomoyo_realpath_from_path+0x58d/0x5d0
[  448.134230][T12029]  ? tomoyo_domain+0xd9/0x130
[  448.134255][T12029]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  448.134283][T12029]  tomoyo_path_number_perm+0x1e8/0x5a0
[  448.134314][T12029]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  448.134361][T12029]  ? __lock_acquire+0xab9/0xd20
[  448.134407][T12029]  ? __fget_files+0x2a/0x420
[  448.134440][T12029]  ? __fget_files+0x2a/0x420
[  448.134469][T12029]  ? __fget_files+0x3a0/0x420
[  448.134497][T12029]  ? __fget_files+0x2a/0x420
[  448.134530][T12029]  security_file_ioctl+0xcb/0x2d0
[  448.134559][T12029]  __se_sys_ioctl+0x47/0x170
[  448.134587][T12029]  do_syscall_64+0xfa/0x3b0
[  448.134617][T12029]  ? lockdep_hardirqs_on+0x9c/0x150
[  448.134646][T12029]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.134667][T12029]  ? clear_bhb_loop+0x60/0xb0
[  448.134691][T12029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.134711][T12029] RIP: 0033:0x7fe8a158e9a9
[  448.134729][T12029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  448.134747][T12029] RSP: 002b:00007fe8a23a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  448.134770][T12029] RAX: ffffffffffffffda RBX: 00007fe8a17b5fa0 RCX: 00007fe8a158e9a9
[  448.134785][T12029] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  448.134797][T12029] RBP: 00007fe8a23a8090 R08: 0000000000000000 R09: 0000000000000000
[  448.134810][T12029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  448.134822][T12029] R13: 0000000000000000 R14: 00007fe8a17b5fa0 R15: 00007fff94a19fd8
[  448.134861][T12029]  </TASK>
[  448.134884][T12029] ERROR: Out of memory at tomoyo_realpath_from_path.
[  448.348006][ T5944] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[  448.467557][T12029] kvm: pic: non byte write
[  448.647910][ T5944] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  448.686774][ T5944] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  448.731702][ T5944] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  448.795752][ T5944] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  448.839518][ T5944] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  448.895165][ T5944] usb 4-1: config 0 descriptor??
[  449.277255][T12049] kvm: pic: non byte write
[  449.355477][ T5944] hid_parser_main: 20 callbacks suppressed
[  449.355503][ T5944] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  449.411961][ T5944] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  449.441136][ T5944] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  449.491921][ T5944] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  449.521906][ T5944] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  449.550717][T12033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  449.559501][ T5944] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  449.593768][T12033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  449.601923][ T5944] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  449.630461][ T5944] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  449.678800][ T5939] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  449.682045][ T5944] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  449.715270][ T5944] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  449.765147][ T5944] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  449.823131][ T5944] usb 4-1: USB disconnect, device number 61
[  449.832086][ T5939] usb 6-1: device descriptor read/64, error -71
[  449.975406][T12059] fido_id[12059]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  450.083892][ T5939] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  450.252056][ T5939] usb 6-1: device descriptor read/64, error -71
[  450.366128][ T5939] usb usb6-port1: attempt power cycle
[  450.443704][ T5944] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  450.621946][ T5944] usb 7-1: Using ep0 maxpacket: 8
[  450.641253][ T5944] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  450.662577][ T5944] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  450.686516][ T5944] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  450.722390][ T5939] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  450.733436][ T5944] usb 7-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  450.767367][ T5944] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  450.795025][ T5939] usb 6-1: device descriptor read/8, error -71
[  450.813060][ T5944] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  450.824063][T12076] syz.3.1887: attempt to access beyond end of device
[  450.824063][T12076] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  450.842551][ T5944] usb 7-1: New USB device strings: Mfr=0, Product=128, SerialNumber=0
[  450.850810][ T5944] usb 7-1: Product: syz
[  450.866142][T12076] FAT-fs (nbd3): unable to read boot sector
[  450.889712][ T5944] usbtmc 7-1:16.0: bulk endpoints not found
[  451.015361][   T31] INFO: task syz.0.878:8785 blocked for more than 143 seconds.
[  451.041940][ T5939] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  451.052013][   T31]       Not tainted 6.16.0-rc6-next-20250718-syzkaller #0
[  451.059423][   T31]       Blocked by coredump.
[  451.092090][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  451.102858][ T5939] usb 6-1: device descriptor read/8, error -71
[  451.112825][   T31] task:syz.0.878       state:D stack:26920 pid:8785  tgid:8785  ppid:7509   task_flags:0x40044c flags:0x00004004
[  451.144799][   T31] Call Trace:
[  451.151963][   T31]  <TASK>
[  451.158455][   T31]  __schedule+0x1737/0x4d30
[  451.169196][   T31]  ? __lock_acquire+0xab9/0xd20
[  451.180012][   T31]  ? schedule+0x165/0x360
[  451.189128][   T31]  ? __lock_acquire+0xab9/0xd20
[  451.199908][   T31]  ? __pfx___schedule+0x10/0x10
[  451.216004][   T31]  ? schedule+0x91/0x360
[  451.222450][ T5939] usb usb6-port1: unable to enumerate USB device
[  451.226211][   T31]  schedule+0x165/0x360
[  451.248220][   T31]  schedule_preempt_disabled+0x13/0x30
[  451.255257][   T31]  rwsem_down_read_slowpath+0x5fd/0x8f0
[  451.261101][   T31]  ? rwsem_down_read_slowpath+0x4b8/0x8f0
[  451.267500][   T31]  ? __pfx_rwsem_down_read_slowpath+0x10/0x10
[  451.274185][   T31]  ? exit_mm+0xcc/0x2c0
[  451.278543][   T31]  ? __pfx_mm_release+0x10/0x10
[  451.294160][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  451.305465][   T31]  down_read+0x98/0x2e0
[  451.315998][   T31]  exit_mm+0xcc/0x2c0
[  451.325107][   T31]  ? __pfx_exit_mm+0x10/0x10
[  451.335609][   T31]  ? rcu_is_watching+0x15/0xb0
[  451.346132][   T31]  do_exit+0x648/0x2300
[  451.354933][   T31]  ? do_raw_spin_lock+0x121/0x290
[  451.365846][   T31]  ? __pfx_do_exit+0x10/0x10
[  451.376250][   T31]  do_group_exit+0x21c/0x2d0
[  451.387280][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  451.398507][   T31]  get_signal+0x1286/0x1340
[  451.409043][   T31]  arch_do_signal_or_restart+0x9a/0x750
[  451.420636][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  451.433877][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  451.446068][T12081] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  451.466706][T12081] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  451.475106][   T31]  exit_to_user_mode_loop+0x75/0x110
[  451.491008][   T31]  do_syscall_64+0x2bd/0x3b0
[  451.507853][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  451.525510][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.545570][   T31]  ? clear_bhb_loop+0x60/0xb0
[  451.555835][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.562711][   T31] RIP: 0033:0x7fdf51d8e9e3
[  451.567819][   T31] RSP: 002b:00007ffd79eca268 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  451.577353][   T31] RAX: fffffffffffffffc RBX: 00007fdf503f76c0 RCX: 00007fdf51d8e9e3
[  451.586479][   T31] RDX: 0000000000000000 RSI: 0000000000021000 RDI: 0000000000000000
[  451.595585][   T31] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[  451.605376][   T31] R10: 0000000000020022 R11: 0000000000000246 R12: 00007ffd79eca3c0
[  451.616876][   T31] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
[  451.626104][   T31]  </TASK>
[  451.630985][   T31] INFO: task syz.1.948:9039 blocked for more than 143 seconds.
[  451.674778][   T31]       Not tainted 6.16.0-rc6-next-20250718-syzkaller #0
[  451.685447][   T31]       Blocked by coredump.
[  451.690300][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  451.700024][   T31] task:syz.1.948       state:D stack:26920 pid:9039  tgid:9039  ppid:5847   task_flags:0x40044c flags:0x00004004
[  451.714005][   T31] Call Trace:
[  451.717607][   T31]  <TASK>
[  451.720763][   T31]  __schedule+0x1737/0x4d30
[  451.726258][   T31]  ? __lock_acquire+0xab9/0xd20
[  451.731344][   T31]  ? schedule+0x165/0x360
[  451.736665][   T31]  ? __lock_acquire+0xab9/0xd20
[  451.742069][   T31]  ? __pfx___schedule+0x10/0x10
[  451.747500][   T31]  ? schedule+0x91/0x360
[  451.752867][   T31]  schedule+0x165/0x360
[  451.757610][   T31]  schedule_preempt_disabled+0x13/0x30
[  451.764333][   T31]  rwsem_down_read_slowpath+0x5fd/0x8f0
[  451.770579][   T31]  ? rwsem_down_read_slowpath+0x4b8/0x8f0
[  451.777348][   T31]  ? __pfx_rwsem_down_read_slowpath+0x10/0x10
[  451.784509][   T31]  ? exit_mm+0xcc/0x2c0
[  451.790346][   T31]  ? __pfx_mm_release+0x10/0x10
[  451.796553][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  451.806764][   T31]  down_read+0x98/0x2e0
[  451.811304][   T31]  exit_mm+0xcc/0x2c0
[  451.817680][   T31]  ? __pfx_exit_mm+0x10/0x10
[  451.827162][   T31]  ? rcu_is_watching+0x15/0xb0
[  451.832621][   T31]  do_exit+0x648/0x2300
[  451.837538][   T31]  ? do_raw_spin_lock+0x121/0x290
[  451.847577][   T31]  ? __pfx_do_exit+0x10/0x10
[  451.855693][   T31]  do_group_exit+0x21c/0x2d0
[  451.861028][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  451.868579][   T31]  get_signal+0x1286/0x1340
[  451.877314][   T31]  arch_do_signal_or_restart+0x9a/0x750
[  451.884234][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  451.891314][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  451.901212][   T31]  exit_to_user_mode_loop+0x75/0x110
[  451.908247][   T31]  do_syscall_64+0x2bd/0x3b0
[  451.917835][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  451.927527][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.934656][   T31]  ? clear_bhb_loop+0x60/0xb0
[  451.940580][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.947437][   T31] RIP: 0033:0x7fb4aaf8e9e3
[  451.957535][   T31] RSP: 002b:00007fff0a22acb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  451.968239][   T31] RAX: fffffffffffffffc RBX: 00007fb4a95f76c0 RCX: 00007fb4aaf8e9e3
[  451.984942][   T31] RDX: 0000000000000000 RSI: 0000000000021000 RDI: 0000000000000000
[  451.997442][   T31] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[  452.007756][   T31] R10: 0000000000020022 R11: 0000000000000246 R12: 00007fff0a22ae10
[  452.020570][   T31] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
[  452.030166][   T31]  </TASK>
[  452.040195][   T31] 
[  452.040195][   T31] Showing all locks held in the system:
[  452.058134][   T31] 1 lock held by khungtaskd/31:
[  452.066267][   T31]  #0: ffffffff8e53d8a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  452.083629][   T31] 2 locks held by getty/5608:
[  452.089075][   T31]  #0: ffff88814d1760a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  452.105291][   T31]  #1: ffffc900036c32f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  452.117242][   T31] 1 lock held by syz.0.878/8785:
[  452.123704][   T31]  #0: ffff88802f348ca0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mm+0xcc/0x2c0
[  452.133419][   T31] 1 lock held by syz.0.878/8787:
[  452.138606][   T31] 1 lock held by syz.1.948/9039:
[  452.144842][   T31]  #0: ffff88805300d7e0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mm+0xcc/0x2c0
[  452.155200][   T31] 1 lock held by syz.1.948/9040:
[  452.160819][   T31] 
[  452.163751][   T31] =============================================
[  452.163751][   T31] 
[  452.173104][   T31] NMI backtrace for cpu 1
[  452.173123][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  452.173146][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  452.173158][   T31] Call Trace:
[  452.173166][   T31]  <TASK>
[  452.173174][   T31]  dump_stack_lvl+0x189/0x250
[  452.173210][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  452.173238][   T31]  ? __pfx__printk+0x10/0x10
[  452.173277][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  452.173305][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  452.173331][   T31]  ? __pfx__printk+0x10/0x10
[  452.173362][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  452.173387][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  452.173414][   T31]  watchdog+0xf93/0xfe0
[  452.173441][   T31]  ? watchdog+0x1de/0xfe0
[  452.173467][   T31]  kthread+0x70e/0x8a0
[  452.173498][   T31]  ? __pfx_watchdog+0x10/0x10
[  452.173517][   T31]  ? __pfx_kthread+0x10/0x10
[  452.173547][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  452.173581][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  452.173607][   T31]  ? __pfx_kthread+0x10/0x10
[  452.173636][   T31]  ret_from_fork+0x3f9/0x770
[  452.173662][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  452.173691][   T31]  ? __switch_to_asm+0x39/0x70
[  452.173707][   T31]  ? __switch_to_asm+0x33/0x70
[  452.173723][   T31]  ? __pfx_kthread+0x10/0x10
[  452.173751][   T31]  ret_from_fork_asm+0x1a/0x30
[  452.173784][   T31]  </TASK>
[  452.173791][   T31] Sending NMI from CPU 1 to CPUs 0:
[  452.337101][    C0] NMI backtrace for cpu 0
[  452.337119][    C0] CPU: 0 UID: 0 PID: 9409 Comm: syz-executor Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  452.337141][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  452.337152][    C0] RIP: 0010:__lock_acquire+0x2d/0xd20
[  452.337177][    C0] Code: 41 56 41 55 41 54 53 48 83 ec 30 48 89 fb 65 48 8b 3c 25 08 50 e7 92 45 31 ff 83 3d 6c 49 46 0e 00 0f 84 7e 0c 00 00 48 8b 03 <48> 3d 40 13 ab 93 0f 84 6f 0c 00 00 41 89 cc 41 89 d6 8b 0d 5b 2e
[  452.337192][    C0] RSP: 0018:ffffc9000b1579b0 EFLAGS: 00000002
[  452.337208][    C0] RAX: ffffffff92edc8e0 RBX: ffff88802dad86f8 RCX: 0000000000000000
[  452.337221][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8880259e3c00
[  452.337231][    C0] RBP: ffffffff819af151 R08: 0000000000000001 R09: 0000000000000001
[  452.337243][    C0] R10: dffffc0000000000 R11: fffffbfff1fc79e7 R12: 0000000000000000
[  452.337255][    C0] R13: ffff88802dad86f8 R14: 0000000000000001 R15: 0000000000000000
[  452.337266][    C0] FS:  0000555565820500(0000) GS:ffff8881257ab000(0000) knlGS:0000000000000000
[  452.337280][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  452.337292][    C0] CR2: 00007fff879ff9a8 CR3: 000000006078e000 CR4: 00000000003526f0
[  452.337307][    C0] Call Trace:
[  452.337313][    C0]  <TASK>
[  452.337325][    C0]  ? add_wait_queue+0x41/0x170
[  452.337351][    C0]  lock_acquire+0x120/0x360
[  452.337369][    C0]  ? add_wait_queue+0x41/0x170
[  452.337400][    C0]  _raw_spin_lock_irqsave+0xa7/0xf0
[  452.337424][    C0]  ? add_wait_queue+0x41/0x170
[  452.337448][    C0]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  452.337472][    C0]  ? __free_object+0x4e3/0x6d0
[  452.337493][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  452.337518][    C0]  add_wait_queue+0x41/0x170
[  452.337546][    C0]  do_wait+0x187/0x520
[  452.337565][    C0]  kernel_wait4+0x1af/0x280
[  452.337580][    C0]  ? do_nanosleep+0x7f/0x600
[  452.337600][    C0]  ? __pfx_kernel_wait4+0x10/0x10
[  452.337614][    C0]  ? debug_object_free+0x2a2/0x340
[  452.337635][    C0]  ? __pfx_child_wait_callback+0x10/0x10
[  452.337654][    C0]  ? hrtimer_nanosleep+0x2a6/0x360
[  452.337680][    C0]  __x64_sys_wait4+0x133/0x1e0
[  452.337695][    C0]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  452.337718][    C0]  ? __pfx___x64_sys_wait4+0x10/0x10
[  452.337742][    C0]  ? rcu_is_watching+0x15/0xb0
[  452.337765][    C0]  ? do_syscall_64+0xbe/0x3b0
[  452.337800][    C0]  do_syscall_64+0xfa/0x3b0
[  452.337825][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.337841][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  452.337859][    C0]  ? clear_bhb_loop+0x60/0xb0
[  452.337877][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.337894][    C0] RIP: 0033:0x7fcf30984c17
[  452.337908][    C0] Code: 89 7c 24 10 48 89 4c 24 18 e8 45 1b 03 00 4c 8b 54 24 18 8b 54 24 14 41 89 c0 48 8b 74 24 08 8b 7c 24 10 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 89 44 24 10 e8 95 1b 03 00 8b 44
[  452.337922][    C0] RSP: 002b:00007ffeb925c430 EFLAGS: 00000293 ORIG_RAX: 000000000000003d
[  452.337939][    C0] RAX: ffffffffffffffda RBX: 0000000000000207 RCX: 00007fcf30984c17
[  452.337951][    C0] RDX: 0000000040000001 RSI: 00007ffeb925c49c RDI: 00000000ffffffff
[  452.337962][    C0] RBP: 00007ffeb925c49c R08: 0000000000000000 R09: 0000000000000000
[  452.337973][    C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000001388
[  452.337983][    C0] R13: 00000000000927c0 R14: 000000000006e5be R15: 00007ffeb925c4f0
[  452.338002][    C0]  </TASK>
[  452.934400][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  452.941339][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  452.952657][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  452.962840][   T31] Call Trace:
[  452.966673][   T31]  <TASK>
[  452.969787][   T31]  dump_stack_lvl+0x99/0x250
[  452.974715][   T31]  ? __asan_memcpy+0x40/0x70
[  452.979530][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  452.984866][   T31]  ? __pfx__printk+0x10/0x10
[  452.989516][   T31]  vpanic+0x281/0x750
[  452.993714][   T31]  ? __pfx_vpanic+0x10/0x10
[  452.999858][   T31]  ? __x2apic_send_IPI_mask+0x1e4/0x260
[  453.007430][   T31]  ? preempt_schedule+0xae/0xc0
[  453.014164][   T31]  ? preempt_schedule_common+0x83/0xd0
[  453.019817][   T31]  panic+0xb9/0xc0
[  453.023733][   T31]  ? __pfx_panic+0x10/0x10
[  453.029198][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  453.034654][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  453.041222][   T31]  watchdog+0xfd2/0xfe0
[  453.046309][   T31]  ? watchdog+0x1de/0xfe0
[  453.051668][   T31]  kthread+0x70e/0x8a0
[  453.055887][   T31]  ? __pfx_watchdog+0x10/0x10
[  453.060612][   T31]  ? __pfx_kthread+0x10/0x10
[  453.065269][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  453.070553][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  453.075933][   T31]  ? __pfx_kthread+0x10/0x10
[  453.080725][   T31]  ret_from_fork+0x3f9/0x770
[  453.085392][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  453.090686][   T31]  ? __switch_to_asm+0x39/0x70
[  453.095621][   T31]  ? __switch_to_asm+0x33/0x70
[  453.101229][   T31]  ? __pfx_kthread+0x10/0x10
[  453.106958][   T31]  ret_from_fork_asm+0x1a/0x30
[  453.112513][   T31]  </TASK>
[  453.116408][   T31] Kernel Offset: disabled
[  453.120895][   T31] Rebooting in 86400 seconds..