last executing test programs:

14.440615s ago: executing program 0 (id=2032):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket(0x22, 0x2, 0x24)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000080)={'sit0\x00', {0x2, 0x4e20, @multicast1}})
write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000000000000000800040001000000", 0x24)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x1}, 0x8}, 0x94)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x9, 0x6, 0x1, 0x0, 0x3, 0x2, 0x9, 0x32, 0x9, 0x2, 0x61, 0xff, 0x0, 0x8, 0x5, 0x5, 0xfa, 0x5, 0x0, '\x00', 0x4, 0x9})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000000000000000000000000008500000018000000850000005000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f0800", 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
getdents(0xffffffffffffffff, 0x0, 0x0)

12.570990786s ago: executing program 0 (id=2034):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r2=>r0}, './file2\x00'})
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r3, 0x6, 0x1, &(0x7f0000000000)={0x4fc0, 0x80, 0x0, 0x0, 0x8, 0x0, 0x7}, 0xc)
bind$bt_l2cap(r3, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe)
connect$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
sendmmsg(r3, &(0x7f0000003040)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f00000009c0)="651f", 0x2}], 0x1}}], 0x1, 0x84)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x8, &(0x7f0000000180)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7}, [@call={0x85, 0x0, 0x0, 0xbc}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
getpid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r6 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r7 = socket$netlink(0x10, 0x3, 0x0)
writev(r7, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)
writev(r7, &(0x7f00000001c0)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)
setsockopt$inet_mreqsrc(r6, 0x0, 0x28, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
ioctl$SIOCSIFHWADDR(r5, 0x8b04, &(0x7f0000000040)={'wlan1\x00', @random="0e00"})

9.820309068s ago: executing program 4 (id=2040):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(0x0, 0xd, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x2)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000100)=0x90fc)
ioprio_set$pid(0x2, 0x0, 0x0)
r5 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendfile(r5, r5, 0x0, 0x3fffff)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x1000000000021, &(0x7f0000000040)=0x1, 0x4)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x4, 0x8, @empty}, 0x1c)
ptrace$poke(0x4, 0x0, &(0x7f0000000380), 0x4)
sendto$inet6(r6, 0x0, 0x0, 0x14, &(0x7f00000001c0)={0xa, 0x4e22, 0x0, @mcast2, 0x517c}, 0x18)
socket$inet6(0xa, 0x800, 0x80000001)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000040)={'gre0\x00', @link_local})
r7 = syz_open_dev$vim2m(&(0x7f0000000180), 0x20000000204, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000000)={0x1a, 0x2, 0x0, "11010000001400000100b64c0000005c4b7c1500", 0x30323953})
syz_emit_ethernet(0x5e, &(0x7f00000002c0)=ANY=[@ANYBLOB="e33110495bfdaaaaaaaaaa0086dd60cb653e00283aff00000000000000000000ffffe0000002fc000000000000000000000000000000890090780000000020010000000000000000000000000000fc010000000000000000000000000000a3959cd9fd8adbb9070b5162b1046673adf84aa393893f3734088b09e7a1692ef26bf757e4a96910e8b82c8ac1ccbe60f2f44e7838ba39c6"], 0x0)

9.352452286s ago: executing program 2 (id=2043):
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18}, './file0\x00'})
r0 = socket$kcm(0x29, 0x5, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
listen(r3, 0x0)
connect$unix(r5, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0401000010000700000000000000000064010100000000000000000000000000e00000020000000000000000000000000003000000000000000000006c000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ff010000000000000000000000000001000000002b000000fe8000000000000000000000000000bb0000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000070000000000000000000000000000000000040000000000e80a000000000000000000000a000200700000000000000014000e00fe8000000000000000000000000000bb"], 0x104}}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
setsockopt$MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback, 0xfff7fffe}, {0xa, 0x4, 0x0, @loopback, 0x20000}, 0x0, {[0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x403]}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x4e23, 0x20, @loopback}, {0xa, 0x0, 0xfffffffd, @mcast2}, 0x1, {[0x0, 0x100, 0xfffffffa, 0xfffffffe, 0x0, 0x0, 0x80, 0xffffffff]}}, 0x5c)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x62, 0xe1, 0xba, 0x10, 0x10b9, 0x8000, 0xc0fa, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xc8, 0x58, 0x7e}}]}}]}}, 0x0)
write$cgroup_pressure(r0, &(0x7f0000000140)={'full'}, 0xfffffdef)
setsockopt$sock_timeval(r0, 0x1, 0x3d, &(0x7f0000000080)={0x0, 0xea60}, 0x8)

8.91145821s ago: executing program 1 (id=2046):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0, 0x0, 0x0, 0x0, 0x20}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10000000}, @generic={0x66, 0x8, 0x0, 0x0, 0x1010000}, @map_fd={0x18, 0xa}, @exit]}, &(0x7f0000000000)='GPL\x00', 0x2, 0x2e, &(0x7f0000000340)=""/207, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}}]}, 0x48}}, 0x4000)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

8.328652369s ago: executing program 1 (id=2048):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002fc0)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0x700}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_TARGET={0x8, 0x8, 0x8}, @TCA_CAKE_RTT={0xfffffffffffffe72, 0x7, 0x80000001}]}}]}, 0x44}}, 0x0)

8.035567632s ago: executing program 1 (id=2049):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb0100180000000000000034000000340000000300000000000000000000030000000003000000020000000000000000000000000000010500000010000000010000000000000800000000205f"], 0x0, 0x4f, 0x0, 0x1, 0xfffffffd}, 0x28)

7.846616703s ago: executing program 0 (id=2050):
r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000240)='status\x00')
preadv(r2, &(0x7f0000000180)=[{&(0x7f0000000340)=""/230, 0xe6}], 0x1, 0x401, 0x8d7d)
connect$unix(r1, &(0x7f00000001c0)=@file={0x0, './file0\x00'}, 0x6e)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000100)=ANY=[@ANYRES32=<r5=>r4, @ANYRES32=r3, @ANYBLOB='&'], 0x10)
syz_usb_connect(0x0, 0x24, &(0x7f0000000780)=ANY=[@ANYBLOB="12011003cdaf4c082112000102f2800d0904560c000202ff0600"/36], &(0x7f00000003c0)={0x0, 0x0, 0x5, &(0x7f0000000300)=ANY=[@ANYBLOB="9a00e600000000", @ANYRES64=r5, @ANYRES8=0x0, @ANYRES64=r3], 0x5a})

7.810812317s ago: executing program 1 (id=2051):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = creat(&(0x7f0000000240)='./file1\x00', 0xd)
write$P9_RUNLINKAT(r1, &(0x7f00000000c0)={0x7, 0x4d, 0x1}, 0xfff2)
accept4(r1, &(0x7f0000000000)=@generic, &(0x7f0000000180)=0x80, 0x80000)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x8, 0x11, r2, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x801de6b9})

7.794598705s ago: executing program 4 (id=2052):
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000000)={0x4fc0, 0x80, 0x0, 0x0, 0x8, 0x0, 0x7}, 0xc)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x84)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
getpid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x57)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000003c0), 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)
setsockopt$inet_mreqsrc(r2, 0x0, 0x28, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
ioctl$SIOCSIFHWADDR(r1, 0x8b04, &(0x7f0000000040)={'wlan1\x00', @random="0e00"})

7.676674206s ago: executing program 1 (id=2053):
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
ioctl$PPPOEIOCSFWD(0xffffffffffffffff, 0x4008b100, 0x0)
ioctl$PPPOEIOCDFWD(0xffffffffffffffff, 0xb101, 0x0)
r1 = socket$kcm(0x23, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f00000003c0)={&(0x7f0000000000)=@phonet={0x23, 0x0, 0xfc}, 0x80, &(0x7f0000000180)=[{0x0}, {0x0}], 0x2}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x600801, 0x0)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_devices(r2, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b71ef288563"], 0xffdd)
close(0x3)
close(0x4)
syz_open_dev$sg(0x0, 0x4, 0x100)

7.022481186s ago: executing program 4 (id=2055):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket(0x22, 0x2, 0x24)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000080)={'sit0\x00', {0x2, 0x4e20, @multicast1}})
write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000000000000000800040001000000", 0x24)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x1}, 0x8}, 0x94)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x9, 0x6, 0x1, 0x0, 0x3, 0x2, 0x9, 0x32, 0x9, 0x2, 0x61, 0xff, 0x0, 0x8, 0x5, 0x5, 0xfa, 0x5, 0x0, '\x00', 0x4, 0x9})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000000000000000000000000008500000018000000850000005000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f0800", 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
getdents(0xffffffffffffffff, 0x0, 0x0)

6.899627251s ago: executing program 4 (id=2057):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000200)={0x15, 0x0, <r1=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f0000000100)={0xc, r1})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x3, &(0x7f0000000000)=0x1, 0x4)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000080)=0x40, 0x4)
connect$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
sendmmsg$inet6(r2, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000003640)=[{&(0x7f0000000180)="d2cf4071eedf8b7b757ad2e20539519ec6", 0x11}, {&(0x7f0000002440)="4137a29b582bd471798f15f967e7f8118e1abf61ebd7d146a12a42f6ffd2340daaa8dcf6da818cc0efac75e8c35abbde7a18e0226b424f5557c71db5d327baccef203377178ddb12221cdaf45711a2535ae87e6ab62ccba71b6f2ac0f6c9ead0ec52116d305204537900daaad0d6e4dd9d3ad654711b72964f28b8b5d231d709bf3cd4a0477ef446e7da5eaa15cc39e9c57d89217e33a93e0132269c182e5d0186448a8e871cf560229a3cc36317ac47bae1596458badc9ebde2c707dea2e18f859e20f7595cce0a88485e5223b2c8fc383e37cbbfe8353e2a8eb6dc65d76746a31d8f206f3152176a502d3e582a31933e40cff645d93afca045741f99af1cba5b3b6dd6c2edd5e6c4505ae594aa23cbc8a143512180028d9b3984a2517ac9a15154460ff0f654df3f8cf1c13455cb5f440a67de7a6dad269c76e2625c35222985a47aa3b920d97dea05c43bc937361d33781f8057097ca11a9d90eea3d8ae56f0e57f3a6f32f8786e165305301a3d86367337d2651a27b8c222f349491648ba165a6ed9a1e5e5397a1ee963651c2d9c79d6d5b34941375b6b53abcc7882c4e57a63de2e32c30e41030f24ae6efee9e3446eab3b5407cc20f581095dde95241e3853c4864ea7ecd07888956d9375b9ef74be4454d7693b53ed6bd0644cd93945b2eb35a6ac7c34aa11facf27ca4463e2bb1eef7126a982f0de190d54bd6f", 0x1fe}], 0x2}}], 0x1, 0x4000001)
r3 = dup(r2)
read$FUSE(r3, &(0x7f00000075c0)={0x2020}, 0x2020)
write$P9_RSTATFS(r3, &(0x7f0000000000)={0x43, 0x9, 0x2, {0x8, 0x4, 0x9, 0x8, 0x2, 0x2, 0x2, 0x0, 0x8}}, 0x43)
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f00000002c0)={0xc, r1})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000140)={0x28, 0x2, r1, 0x0, &(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2})
ioctl$IOMMU_VFIO_SET_IOMMU(r0, 0x3b66, 0x1)
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r0, 0x3b72, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000ff1f00000000000001"])
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xfffffffd})
r4 = syz_open_dev$sndctrl(&(0x7f00000001c0), 0xb, 0x20800)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r4, 0x80045530, &(0x7f0000000300)=""/82)
ioctl$IOC_PR_RELEASE(0xffffffffffffffff, 0x401070ca, 0x0)

5.807436831s ago: executing program 2 (id=2058):
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_pi_setprio\x00', r0}, 0x18)
pipe(&(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendto$unix(r2, 0x0, 0x0, 0x20000000, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0xf3a, 0x0)
write$cgroup_pid(r3, &(0x7f0000000000), 0xffffff98)
splice(r1, 0x0, r3, 0x0, 0x9, 0x1)
close(r2)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0xa)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000000)
fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000040)=0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000000c0), 0x400000000000092, 0x48000)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

5.802196847s ago: executing program 4 (id=2059):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0x2, 0x4, 0x0, 0xe}, 0x10)
write(r3, &(0x7f0000000000)="1c0000001a005f0214f9f4070009010000000028fe03000100000000", 0x1c)

5.592058561s ago: executing program 2 (id=2060):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000040)=0x20, 0x3)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r4, 0x4068aea3, &(0x7f0000000180)={0xbe, 0x0, 0x1})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r5, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="080029bd7000fcdbdf25120000000800060006000000080009005e0e0000d40d463508cc2ae1080006a50500000002213e4f672afa344d03801266f87b75ff32cefbd8c869d55bdc2f02b7c4f2b0c549d7f43fde82d170475c69fd979ae5f2588c12e3f874f833efa02ac4a622279d045c57fb924a895fda401cec1ff3cdb3d780c96e5a8645c266020e7dc88c321eaa20792a6c1df89fd845eaff872ba88efa6dcf06db5fe5c010479d184d922ce90594208099d87699581f734e7250a6815c0be0ec9eaa38c54fbbecfcc261d55c4c0e581fc4d8665f2ba3dbb1c17818fde21b281ff7eb5690456be16b7408f5777e823505809f0fdc238870cfb42c568d6732869b345984a812ae"], 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x40000)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000fd044d564b"])
r7 = fsopen(&(0x7f00000000c0)='autofs\x00', 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x40f00, 0x28, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r8, &(0x7f0000000440), 0x10)
listen(r8, 0x0)
r9 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r9, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r9, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x30004}], 0x2)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000240)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
r10 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005938d74010973077339600000001090212000100001e000904"], 0x0)
syz_usb_control_io(r10, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000780)=ANY=[@ANYBLOB="020080"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r11 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000740), 0x14b200, 0x0)
ioctl$SOUND_MIXER_READ_DEVMASK(r11, 0x80044dfe, &(0x7f0000000780))
syz_usb_control_io$cdc_ncm(r10, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r10, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r10, 0x0, 0x0)
r12 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r1)
sendmsg$NFC_CMD_DEP_LINK_UP(r1, &(0x7f0000000600)={0x0, 0xffffffffffffff24, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x26040041}, 0x40)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

4.767699718s ago: executing program 3 (id=2061):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6d1cb49ada2c127b, 0x59032, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
userfaultfd(0x80801)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008d}, 0x0)
r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
fchdir(r2)
r3 = open(0x0, 0x0, 0x100)
getdents(r3, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f000001a900)=""/102392, 0x18ff8)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x20240)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0)
socket(0x2c, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x11, 0x4, 0x4, 0xff}, 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r5, &(0x7f0000000140), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000003e040000000000003f00000000000000b604000001ed0a002500000017ffffffcc040000030100007b0a00fe000000006e04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be3619184e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9e104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d8582755a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f1300010000949b3aab06b1e042ff2164d80c8ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fc8706869ada11390d4dbcf840fa68e7d7071b53ac29df826f8ae6d6e18c1e0600bf870768d5217e9bb5a05d9e224e67f1231bd236ed200073824d93c4e1a0f50a74bb4850486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee6330000000000000000000000000000000000004000000000000000038600008fb854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8265e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cafffe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb66701f4578ba4cb9b706e605a88c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f6a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f80893220800c523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe917d1767e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cf026657a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2cccb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400090300000021911480a876fbba698801937e8b4264eb6f5137bdaa075f1488d22230592a79000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783f26d0a52aefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9f0284405e3127dde7e41285fbe0bdd370c06c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe9c3500800000087de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c796369f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a8f01bc4b73cc31df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21c24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a3c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d68000000000099347593f67da85d1c962bfb320d1553a74ec3bf003ba62b1784dbf0168a7e85f28b77bdebce96bf386a6dd5df162a16f2b7e8a4de0ffc464a87f91f81866d2ef0af71ebb07a739c3cb1b7000000000000"], &(0x7f00000001c0)='GPL\x00'}, 0x48)

4.654546635s ago: executing program 3 (id=2062):
setsockopt$SO_J1939_FILTER(0xffffffffffffffff, 0x6b, 0x1, &(0x7f00000000c0)=[{0x0, 0x2, {0x0, 0xff}, {0x1, 0x0, 0x2}, 0x1, 0xfd}], 0x20)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"])
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0xffffffffffffffff, 0xc595, 0x1, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0x80000004000000, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$IP_SET_OP_GET_BYNAME(0xffffffffffffffff, 0x1, 0x53, 0x0, &(0x7f00000003c0))
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r4 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x2, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x0, 0x2, 0x2})
r5 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f000001b000)="2ed4dc0c2de827cdb1e444b08e461778252416906a16085fe3f9c8e0d4e31989c747975b08c221d030a1d24a748a9198947e4827f551bcc30882bbe56747547eb9ce179b5693020a2437de9ff1d2b18c749f1a3d14f14cbbc84a7857f421e1659daa610e29fc8c3304bbee13a103a563b281ceca1f75af6be472ddc68b7c9bd47ddb141495dcafc25069e63d981bf58271fd685e31ae4c985768f5019ed3ebe56e235a30f62323a7552e9f42fe4f6d8620a38df727cb4b5e3ab5a196f28dbff0629fd9510eb3060687ed552e5201c7d2557b92ff9e839bcd7a2ee05bf210d9f9c922666f388bc5b2d84608a44efd7959fe5113fb656a7ec838d4e700c63e5275a2930c47200b0425182394e8e8b7737c2f2921789ab36fcca250e3a1421b869b88df23ed9ead93d0d77a3de049e6fcefb5734ab1406565ab032b5ef25f2e4114e8a0beee6b8dc232709e945ed126376e750c6f3ccd941fe1362ed7a00b1ffeb33353170192e124ce41a2e6f94fb0b2d122674c05afbf0849b122dc3638e21ffc55da52fdd33d6fc895aa4e22bd71793ef6433fa2ae1ea26d2d2d6ec7c328439a7db8fab7a8510ae90e6dbb68b810447f780a0dabf47a3d3b6b93e8d4ace8658741de966e02c8a445ea90bf090401819ea807fc6250426bb45beed2790f41e6d22f0dc7192af5ce1517adba4040105c2a12ba561b9d54d66aa8e88a232c63621f7e6a7f2e1b6a0e4c3d3c77fa15a44a5bf51c0508ee9e8abf029ce7bb8a9cb4d9fddb75acd6cc55e503d5fdd1ba508066925af1f5000072aac0354591a537df2c3d32ade211a683b9ebcf0fff372342dedd9c05043beb20fa019d5b50014907664351199d24f462d1c67bdf65e6239723d849e381179b4108c70a83bbdc683a7a18bac354c8d18f38ea836d51c0ca7bb37b9d02474f9000784b508fb56a11ef320c0ddf9536b029c6a40ccd609a75b5b83a97f50ea9f50dd33387c5b08a9975e129d91836a781ae42f75aa789d8514c18080fa9b5e4b23489b7c7564a859fd5ff79bd1b923eff04bc1d422b6b9404c458d0976cf8c7768e267d0caf59142bf5ca4e6deb4c3fc1fc2c99482a88739aea83c20c62a7f967c84802ded36987d494adfacf6d14bbf5a411ac58cb3abc516e0a5490da1330719ad013e430efe1944a4a89f8c92a81c5b24bf0c8d9948f1f90de7e512e124d906ebc8ed3d0d53e8a99e572e9e325104010391e9686440874c5368f64cab45093c00422a91c21806dbf2003fc37822faa6c188305eacca1d958f0ed636c03ba2d7c93644975cc7f02de6454398b6ed511c27116dfaf61dca17f653f7c4aac2a56925ff57cacd87f9928e90b519988f0cdc44e751a8114613c6b984875dfc8f6b0ca5f65d490df6cf74da1f35b0d7cf3537ac93305ea14bcffdecb42b860cab0e16d31ea8c0aef94d89e4110cb4e154ad2609c933975676958aa6dd55b18dfc77dfd68bf821dd770d8212c62587b656f9dacb2d9c1e7d76b09733db4f631bd5627a900007fd2da7ca2249e171ba90409ff86b17dce2470ff3dbe5d04e013677f57305b337aec06f7f13e0f49fd7f497c5bdcabf805cde57a89e58f0177f1d2c39a0013d6065210e0bd4dc3110411a080a579c4d91f7ad77201d4517bf5f13782a2552c4ec8979003810596239a457da93de668627348adf0c2e1bc00593ec759f60cc40f7230b0aae308c2b658196ea08c2758dad4e193fc17bd0132efd3b12331d58b59f8d65e7d9cb683530ccaa79a85e9b5e3d22551aae8abc83ef6a25c0cf4cbc51ac3bb5425ac31ebd9224e967bd9a7123db7eda5644990d8d906d9f80a57a5942458eaff01df39d447ee92c06075bff5c2660cf628bdf0293b0b0d5f17a326637a300c6d774008ecfad08870bd5be4c7422ceb67df40fbf4358314717b982504be2c27389cf5080dcaef2d52297b83caa35e035fa0e275001baba578b144a4de8acc6f54ba0f36e05e6f8cadc768acad6ba1400e624fc7a153eb1841111b758ca80a0f5b6bbc4b5e4a441f72fd35ed45f5285c26af945f83e751ac920e17fa753b3349863889a753a6e47e4e086a2f2a5a96b7392570199827810c6a0261914a01f7f66201bb38c0fd6a71025c8f49589143c57737d58ca3e7bf0f84d516184dfe599ea554894c0002ca64786ecf66e2a5ca2597f6a511716823ce79ec0e399c8eea906d3e8d329c2a728ec9c6cea61baea56d4b3c6c78824926b688702ad524c9534679ed765ee484498701b3926d5a696544c86c560c4ba55a9b39512a8cce544d1b7f3f7d810bbf84985e43db34b93d349491914763dd68e2cff5cf26e3434cc1357438c10ed759961015165df77da072a4da5e2d4cebd68f2de2d47168ac2c3e7cbcb186eddfbdfcf0224098cdf35bcd7b0f992a19503e5eac9eca2d9021c0e12e5417eda3a881669b29eeeac3f27a0918c30f1e18a9cb97b642e9097d0531aca797f673332a9c39218d107b266b6a7cce6963d60cb3b5efa1f4a5b1bb972128d3c8f93d6baf3d2c3db9c2bc7f7bc146068f6736454d594192be6e7b937554d67bcf7afe68c8c982916f05146713716f7e8c85fb8e658cfd23b1fa9b5aff138403eae8f2efcb8e13ce500e59e0b8f6eea5f161993f9dda27a594f57f58871e25b969749e41e56df4f11612f93cca8642f280c9d0565b11997ca3b6e86f591128339571ca1baacbfba3306a8f1ba6aa58b75d3129eb4ae267f628b93cc172adacdf1c1b671947bb5fffea3eb838abd817a55bfdac7b2363d16e6bba669c8b1f82051705a237e4406bb0d61a4df8347fc341ce368deebf5427de4c6e92c94dbeea5dd2d346fe761957457daa96b6e9a771bb09e7be158616b57b33a98608ce7579d83926af3457f8d5619f2992f7b0bf7d4e835d58c15201eabf4bd1bc31bbaf0bcd3f180f89eb31d8909b289da6ed0c0b0fa03f94979049d6ec94d0975f690b68d27f48bebc8cd0fe00804044f4ec43d9fc3ac07496d78b9e98a36727a7de119593f97aae9941683ea014635c61fd5143bcb00f850fa9083c6dde254b96cbb517af310efb6d80cda06343725d031efe7f746f01e94d65d08283135b40b4e5f9f1d1a5d48f0d70936a68a9ba26972bd7f2744c7227b2bfa257985115ca878df9f497e5d97fb83ba8fc30b147ef1fdabfb314965f687fa0c70f6080fdfe9144f6b537799044644756653cf4aa661069bf63c4bcff2031d506463a19ee1343e227232e6c90d49ed28306d7bccb7679639bf089716340ff73b5a5742cccbab3b791eed16670000142b89c14ad3694afacc4c8cedd5d31b95583e81a7aa4a6a3d79ab3a3061373be33c96a64fc0ff702c9e5d9d136555571717b71f2a531fbdc151517a2f5", 0x95c)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', <r6=>0x0})
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x800000)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r7, 0xc0bc5351, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400000010", @ANYRES32=r6, @ANYBLOB="00001700000000001c0037800b0001006970768a616e08000c0002800600010000000000050027"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000440)=[{0x45, 0x0, 0x1, 0xfffffffc}]})

4.524433724s ago: executing program 3 (id=2063):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064d1, &(0x7f0000000040)={0x0, 0x0, 0x0})
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000009c0)='/sys/kernel/kexec_crash_size', 0x149a82, 0x0)
write(r1, &(0x7f0000000240)='q', 0x1)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs2/binder1\x00', 0x0, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
pidfd_getfd(0xffffffffffffffff, r2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280), 0x800c42, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000840)={'veth1_to_bond\x00', <r3=>0x0})
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
preadv(r4, &(0x7f0000000740)=[{&(0x7f0000002300)=""/247, 0xf7}], 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r4, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x0, 0x4})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000a40)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x1000, 0x5, 0x3, 0x1, 0x9}, 0x9, 0x1, 0x1, 0x6, 0x41, 0x1d, 0x15, 0x6, 0x4, 0xfffffff8, {0xe61a, 0x8000, 0x6, 0x1, 0x6, 0xbf5}}}}]}, 0x78}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
recvmmsg(r5, &(0x7f0000001d80)=[{{0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f00000004c0)=""/107, 0x6b}, {&(0x7f0000000580)=""/236, 0xec}], 0x2}, 0x5}], 0x1, 0x2000, 0x0)
sendmsg$nl_xfrm(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="f8000000160001000000000004000000ff010000000000000000000000000001fe8000000000000000000000000000aa0000000000000000000080a0000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe80000000000000000000000000003d000000003300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000ffffffffffffffff000000000000000000000000000000000100008000000000fefffffffffffffffeffffffffffff"], 0xf8}, 0x1, 0x0, 0x0, 0x400c004}, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x80000000, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1ff)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x121200)
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
open(&(0x7f00000001c0)='./cgroup\x00', 0x0, 0x67)
creat(&(0x7f00000001c0)='./file0\x00', 0x0)

4.502095424s ago: executing program 0 (id=2064):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000580)={0x1, @pix_mp={0x0, 0x0, 0x34325241, 0x4, 0x2, [{}, {0x277c}, {}, {}, {}, {0xd360}, {}, {0x0, 0x80000}], 0x10}})
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='@\x00\x00'], 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x488c0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000000)={0x200000, 0x200000})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000120000000000000000850000006d"], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='tlb_flush\x00', r4}, 0x10)
open_by_handle_at(r3, 0x0, 0x10000)
sendmsg$nl_xfrm(r2, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c000000ac14140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000025bd7000000000000000000000000000000000000300000006"], 0x34c}}, 0x0)

4.338099931s ago: executing program 2 (id=2065):
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000000)={0x4fc0, 0x80, 0x0, 0x0, 0x8, 0x0, 0x7}, 0xc)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x84)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
getpid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x57)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000003c0), 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)
setsockopt$inet_mreqsrc(r2, 0x0, 0x28, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
ioctl$SIOCSIFHWADDR(r1, 0x8b04, &(0x7f0000000040)={'wlan1\x00', @random="0e00"})

3.520413322s ago: executing program 4 (id=2066):
r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x2000)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, 0x0, 0x0, 0x5}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x11, 0xd, 0x4, 0x12, 0x84}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
setgroups(0x4000000000000190, &(0x7f0000000080))
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000600)=<r3=>0x0)
ioctl$sock_SIOCSPGRP(r1, 0x8902, &(0x7f0000000640)=r3)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$pppoe(0x18, 0x1, 0x0)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r4, &(0x7f0000000080)={0x18, 0x0, {0x4, @local, 'bridge_slave_1\x00'}}, 0x1e)
connect$pppoe(r5, &(0x7f00000000c0)={0x18, 0x0, {0x4, @multicast, 'bond0\x00'}}, 0x1e)
ioctl$PPPOEIOCSFWD(r5, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x4, @local, 'bridge_slave_1\x00'}})
ioctl$PPPOEIOCDFWD(r5, 0xb101, 0x0)
socket(0x400000000010, 0x3, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000)=@phonet={0x23, 0x0, 0xfc}, 0x80, &(0x7f0000000180)=[{0x0}, {&(0x7f0000000080)="9b", 0x1}], 0x2}, 0x0)
r7 = syz_open_dev$sg(&(0x7f0000000280), 0x4, 0x100)
ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f0000000680)={'\x00', 0x1a, 0x7, 0x50b48bf1, 0x5, 0x10, r3})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x13, &(0x7f00000001c0)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @tail_call], &(0x7f00000000c0)='syzkaller\x00', 0x7, 0xdd, &(0x7f0000000380)=""/221, 0x41100, 0x24, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000300)={0x3, 0x5, 0x3, 0x5}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000480), &(0x7f00000004c0)=[{0x1, 0x4, 0xf, 0x9}, {0x3, 0x4, 0xc, 0xb}, {0x4, 0x3, 0x8, 0x4}], 0x10, 0x1}, 0x94)
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r0, 0x80045301, 0xfffffffffffffffe)

3.481220534s ago: executing program 3 (id=2067):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
socket$inet6_udp(0xa, 0x2, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f00000001c0), 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}, {0xfff1, 0xc}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)
sendto$unix(r2, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea888bf13de8e8f74c6178e31e47593732ae1a501ad3641d423195a788efdb643f50a8c8b9794a62f7b8dfa0fa7da9d391b92ce2a7f9fe0f9d584a377", 0xf0, 0x800, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a050000000000000000000100fffc0900010073797a300000000040000000030a01010000000000000000010000000900030073797a310000000014000480080002400000000008000140000000000900010073797a300000000068008300060a010400000000000000000100000040000480240001800b00010072656a65637400001400028008000140000000000500020000000000180001800800013237ad006f7366000c000280080001400000001408000b40000000007a3000000000140000001100010000000000000000000000000a"], 0xf0}}, 0x0)

3.467787677s ago: executing program 1 (id=2068):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8d}, 0x94)
syz_open_dev$media(&(0x7f00000012c0), 0x66, 0x180502) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xfff7fffffffffff5}, 0x18)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) (async)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) (async)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c832, 0xffffffffffffffff, 0x0) (async)
setitimer(0x0, &(0x7f0000000080)={{}, {0x0, 0x2710}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e) (async)
recvmmsg(r3, &(0x7f00000000c0), 0x0, 0x10042, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_IO_FLUSHER(0x43, 0xfffffffffffffffd) (async)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil) (async)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000500)=0xb0000) (async)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000000)={@my=0x0}) (async)
r5 = socket$inet_smc(0x2b, 0x1, 0x0) (async)
r6 = openat$smackfs_change_rule(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
write$binfmt_script(r6, &(0x7f0000002200)={'#! ', './file1', [{0x20, 'LlA\xf0\x15x\xe9}c)\xf6t\x15\x1f\vBx-@\xdd\xeb\x15\x88\xec\xc4\x94{\x82\xe6\x88\xf2\xe9\xbf\xf2^E\xcdU3\xd7\xf9\xee\x01\x93\xf5\x8f\x82\xfco\xdc\xca\xbf\x92Z\xe1\x8f\xcaM\xea\x82\fNS\x99\x93\b\xb1\x1ad\xf02\xd3\xbb\xb2\xe0\xc7\\\xfc\xb8\xd6\xa6\t\x16R\x9aY(\x03\x9bl/\xd3}\bc<>\xcb\xb2JQh/T\xe1ei\xa5\xcd\x7f\xa5WIfg)\xf4X\xf8\xff\xfc\xf8\xdf\b\x94\xc6BE\xae\x8a\xcbH)\xb3)\xb4\x1d\xb3Aq\x06\x15\xc9\x92\x16\x16tB\x1bMRj\xa9-[$\xbc\x19\'>\xb1\xed\xe9\xbaW\xbf_z\x1c\xc2\xd82@\r\xb4`\xacAQ\x82F:\xce\xcf\xfeh(\xdbf\x0f\x00\xde8:\x9a\x06#?\xd9\x15\xe34`\xc7\xb8\xc8\x1d\xec\xc8\xa9\xa0w\xa5s\xdd\f\x96D\x88\xcd\xa7\x105\x8d\xe1\xca\xb3o~\xc4W,\xbd\x02o\xec\xde\f\x99=X\xde}4\x93\xdc\xfe\x8c\x98\xf81\xa2e\x15\x87\x99\r\xd7\x9e\x05_Q\xc0c$w\x95kon`(\x90\xea8r\x99+T)`\xdd7=\xb6m\xe0G\x8e_g\xdbU\xd4\x9aa0\\\xa5\x88DXp\xf6\xb6`\xcc\xd3\x82\x04\xdf\xa2\xe2X\xad\xa0\xfc\xbb\x9aHP\xd26\xfc\xcb\x11\xb0jl\xda\xce~\x85\x06\x84Sh;9\x95\xd0\x9c\x02\a\x11\xc7\x82\xb248*\xa3\x9e\x8b\xe6F\xac\xb5\x18\x10X\xbc\x84]\x13(\x86m\x80'}]}, 0x17d) (async)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(r5, 0x6, 0x15, &(0x7f0000000040)=0x6, 0x4) (async)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r4, 0x7a5, &(0x7f00000000c0)={{@any, 0xffffffff}, 0x1, 0x0, 0x1000}) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

3.283517668s ago: executing program 0 (id=2069):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002fc0)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0x4000}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_TARGET={0x8, 0x8, 0x8}, @TCA_CAKE_RTT={0xfffffffffffffe72, 0x7, 0x80000001}]}}]}, 0x44}}, 0x0)

3.270472631s ago: executing program 2 (id=2070):
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_pi_setprio\x00', r0}, 0x18)
pipe(&(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendto$unix(r2, 0x0, 0x0, 0x20000000, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0xf3a, 0x0)
write$cgroup_pid(r3, &(0x7f0000000000), 0xffffff98)
splice(r1, 0x0, r3, 0x0, 0x9, 0x1)
close(r2)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0xa)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000000)
fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000040)=0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000000c0), 0x400000000000092, 0x48000)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

2.441185204s ago: executing program 3 (id=2071):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
socket$inet6_udp(0xa, 0x2, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f00000001c0), 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}, {0xfff1, 0xc}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)
sendto$unix(r2, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea888bf13de8e8f74c6178e31e47593732ae1a501ad3641d423195a788efdb643f50a8c8b9794a62f7b8dfa0fa7da9d391b92ce2a7f9fe0f9d584a377", 0xf0, 0x800, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a050000000000000000000100fffc0900010073797a300000000040000000030a01010000000000000000010000000900030073797a310000000014000480080002400000000008000140000000000900010073797a300000000068008300060a010400000000000000000100000040000480240001800b00010072656a65637400001400028008000140000000000500020000000000180001800800013237ad006f7366000c000280080001400000001408000b40000000007a3000000000140000001100010000000000000000000000000a"], 0xf0}}, 0x0)

1.716185059s ago: executing program 0 (id=2072):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
syz_open_dev$cec(&(0x7f0000000200), 0x0, 0x82)
r1 = syz_open_procfs(0x0, &(0x7f0000000380)='net/snmp\x00')
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r1, 0x80045301, &(0x7f0000000300))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYRESHEX=r0, @ANYRES64=r3, @ANYRESHEX=r1], 0x3c}, 0x1, 0x0, 0x0, 0x40001}, 0x810)
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
ioctl$COMEDI_CMD(r5, 0x80506409, &(0x7f0000000100)={0x1, 0x30000, 0x40, 0x6dd, 0x20, 0x1, 0x2, 0x801, 0xffffff6f, 0x9, 0x100, 0x8, &(0x7f0000000000)=[0x8, 0x6, 0x1, 0x1, 0x2, 0x6, 0x808, 0x7, 0x7], 0x9, 0x0})
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r7 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'syz_tun\x00'})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000580)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000023f3b37697ef041ebda517098e529e58f1e2a2778ed9d56e8a352f75aff65532055610bb4eaf380afa55ffb2d27483a1d8bc3218d6d6051799854e1df4048a84c62090e62e883f94e6d22b320577d7979026bf8fafbc0158e86c75c711f441cf71cb7bce311fffda5554411b6827a52f2340092feb33f845fb112a65a9672ff9e35f4faf15ebfeabedfaf56a97ff37fde827b3fb081f6932e4b64895bebbbf2e41a346aa3971ab2ca55d0badebdcffcba4708f0e407938447587ea9b79e1633f11427c831ecd891000000552af6c7ee54ab8cf492c23ae79004bcfe4db5825e150e3970798fec2daae8f3b1ca9edf849eec5a95", @ANYRES16=r9, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r10, @ANYBLOB="0800050002000000"], 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x3c, r9, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_SSID={0x12, 0x34, @random="553372869425c4e9af6849673ff6"}, @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_AUTH_TYPE={0x8}]}, 0x3c}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r2, @ANYBLOB="08000100", @ANYRES32=r3], 0x90}}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f00000000c0)=ANY=[])
sendto$rose(0xffffffffffffffff, &(0x7f0000000040)="4f2162e94e486ea2015c671aa82ecbf74137aaee2aac15149261fbe522113cf44eb00d32385ef72701bd39367a61388495fb542f548ee661688a4bdfdec38b9e", 0x40, 0x4, &(0x7f0000000340)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, @bcast}, 0x1c)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r1, 0x110, 0x4, &(0x7f0000000280)=0x1, 0x4)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000002c0)={{0xffffffffffffffff, 0x0, 0x2, 0x1, 0x8}})

469.526426ms ago: executing program 3 (id=2073):
add_key(&(0x7f0000000080)='dns_resolver\x00', 0x0, &(0x7f0000000100)="26c2", 0xfffff, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1300000210000000000077d9f263bb3723fa8dfe", @ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f00000025c0)='./file0\x00', &(0x7f0000002340), 0x0, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x4000)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xd)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
unshare(0x400)
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000001240)={0x1, 0x64}, 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000240)=0x2)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x33, 0x2, @tid=0xffffffffffffffff})
sendmmsg$inet(r0, &(0x7f0000004a80)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)="4fa3176756113369df8b913f2c0f5bc12e941d0000", 0x15}, {&(0x7f0000000180)="55c0cc0ba6f3b908ecb5c6e93e4dc70ed9c875dd444569fab05e32a08e71d1c480fa1ada9e6f952dea418e2eb2dd8dcdd18f82c2be42e92405d2eccae94e713594f13ebfe37be3cb7ce0eb237d63f25744e42baf027055a65359c121788ba610f7df23b902755c5771d93efedd8252aca1dda5efe1493ec0a5a9e965666d1afe33b384953a9102b3f1e446aea391ccff253fccc951d4091f1d6b69faee7e7d4b669c48b70ef01c3879af3f35e0682a49", 0xb0}], 0x2}}, {{0x0, 0x0, &(0x7f0000001980)=[{&(0x7f00000006c0)="900d3798e4653207eae6da23bf6c69f8e965679b910b52e0a4de8e3c4ef97ab320820bd9275a6e2a4609c4feb730084e64cc106664be66878f403244c97c0411b65371955f45c915599f9f722d1962a221a86918d50891c838bfdf21f7a255f2e2cf5839d1c3aa3dbfcd94ca44e18c7863d497ff4f85628494915bc016f7c5d62747bb5368ef052201a0ee3cc9dca7156e893cf07b494f98a177460a7ec073fd8af879ae71c8cac715a241052bae3a3f09f4f4dda617e5ca05290be71acaabf4544ca83830272440b95c66d0aa091c738b41f76df43c9498d47f3d35a56205f4c1050cabb8cfd44814884bee33f0131915ac98d983f3cf39715100f932bc657d764c61dd2bb28be0b1a88aa08d2d0bc3d7347506ac629d201098307f21becdf4d9010a4cf9e378b4395a6ca9d83f6a4736351addb590ae9d0ef3fd92ee454850d4a696df0d89ac33d168e985397049904e345d3858d002c5aeee3158fe9936f57a3977b528cd8869848842ef4d398e440c7e37d02c183e3721d261476ea0ef14a39e8853f6826e505d18395f39819d216899ecfea721f134e735d02b1c1951aea0e16f633806c068ced90983f356a50fa23f3402c7abd4a776983880ffd711e9973c7b286c208d59ba5d46132d73a68c135ffe894d36f04c80b7ef620f952d80d189e02b2365cb3abeacf4c767b26d2594fd3be7fe78de02163a9d3633f0eeaa47018f3203a256eb8fb1e56f2159c839964bc1", 0x213}], 0x1}}], 0x2, 0x400c0)
sendto$inet(r0, &(0x7f0000000580)="17", 0x1d4c, 0x10048095, 0x0, 0x0)

0s ago: executing program 2 (id=2074):
sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, 0x0, 0x4) (async)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8) (async)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDPRL(r2, 0x89f5, &(0x7f0000000800)={'sit0\x00', 0x0}) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES16], 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
socket$inet6(0x10, 0x3, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x6b0, 0xd0, 0x438, 0xd0, 0x0, 0x300, 0x5e0, 0x5e0, 0x5e0, 0x5e0, 0x5e0, 0x6, 0x0, {[{{@ipv6={@private0, @private1, [], [], 'veth1\x00', 'veth1_vlan\x00'}, 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x3a010000}}, @HL={0x28}}, {{@ipv6={@private1={0xfc, 0x1, '\x00', 0xfe}, @loopback, [], [], 'tunl0\x00', 'bridge_slave_1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x438}}, {{@ipv6={@private0, @remote, [], [], 'veth0_to_team\x00', 'tunl0\x00'}, 0x0, 0x138, 0x160, 0x0, {}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @dev, @private1, @mcast2}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x110, 0x138, 0x0, {}, [@common=@unspec=@physdev={{0x68}, {'tunl0\x00', {}, 'bond_slave_0\x00', {}, 0xe}}]}, @common=@inet=@SYNPROXY={0x28}}, {{@ipv6={@loopback, @private2, [], [], 'syzkaller1\x00', 'veth0_to_batadv\x00'}, 0x0, 0x160, 0x1a8, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @dev, @private0, @local}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, 'vlan0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x710) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=ANY=[@ANYBLOB="1400000042000b06"], 0x14}}, 0x0)
recvmmsg(r4, &(0x7f0000007780), 0x0, 0x60, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000100)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4c040)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r5=>0xffffffffffffffff, {0x4}}, './file0\x00'})
r6 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r6, 0x107, 0x12, &(0x7f00000000c0), 0x8) (async)
r7 = socket$inet(0xa, 0x801, 0x84)
listen(r7, 0x7)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f0000000040)=r5}, 0xfffffffffffffe79) (async)
r8 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="10000000140001"], 0x14}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000780)='./binderfs2/binder1\x00', 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0)

kernel console output (not intermixed with test programs):

 401.074317][ T8625]  ? __pfx_dump_stack_lvl+0x10/0x10
[  401.074343][ T8625]  ? __pfx__printk+0x10/0x10
[  401.074375][ T8625]  ? __pfx___might_resched+0x10/0x10
[  401.074400][ T8625]  ? fs_reclaim_acquire+0x7d/0x100
[  401.074432][ T8625]  should_fail_ex+0x414/0x560
[  401.074463][ T8625]  should_failslab+0xa8/0x100
[  401.074489][ T8625]  __kmalloc_cache_noprof+0x70/0x3d0
[  401.074512][ T8625]  ? vb2_vmalloc_alloc+0xb2/0x340
[  401.074543][ T8625]  ? rcu_is_watching+0x15/0xb0
[  401.074572][ T8625]  vb2_vmalloc_alloc+0xb2/0x340
[  401.074604][ T8625]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  401.074638][ T8625]  __vb2_queue_alloc+0x9c2/0x15a0
[  401.074699][ T8625]  vb2_core_reqbufs+0xc31/0x1420
[  401.074752][ T8625]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  401.074794][ T8625]  ? __vb2_init_fileio+0x1e8/0xff0
[  401.074832][ T8625]  __vb2_init_fileio+0x318/0xff0
[  401.074865][ T8625]  ? lockdep_hardirqs_on+0x9c/0x150
[  401.074890][ T8625]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  401.074926][ T8625]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  401.074973][ T8625]  vb2_core_poll+0x4c1/0x840
[  401.075011][ T8625]  vb2_fop_poll+0x168/0x380
[  401.075047][ T8625]  ? __pfx_vb2_fop_poll+0x10/0x10
[  401.075080][ T8625]  v4l2_poll+0x147/0x2c0
[  401.075110][ T8625]  ? __pfx_v4l2_poll+0x10/0x10
[  401.075142][ T8625]  do_sys_poll+0x8c6/0x1070
[  401.075186][ T8625]  ? __pfx_do_sys_poll+0x10/0x10
[  401.075225][ T8625]  ? __lock_acquire+0xab9/0xd20
[  401.075245][ T8625]  ? __pfx___pollwait+0x10/0x10
[  401.075272][ T8625]  ? __pfx_pollwake+0x10/0x10
[  401.075357][ T8625]  ? ktime_get_ts64+0xa2/0x3d0
[  401.075407][ T8625]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  401.075468][ T8625]  ? __pfx_timespec64_add_safe+0x10/0x10
[  401.075515][ T8625]  __se_sys_poll+0x128/0x320
[  401.075541][ T8625]  ? __pfx___se_sys_poll+0x10/0x10
[  401.075589][ T8625]  ? do_syscall_64+0xbe/0x3b0
[  401.075618][ T8625]  do_syscall_64+0xfa/0x3b0
[  401.075645][ T8625]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.075667][ T8625]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  401.075688][ T8625]  ? clear_bhb_loop+0x60/0xb0
[  401.075715][ T8625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.075737][ T8625] RIP: 0033:0x7f85b238ebe9
[  401.075756][ T8625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.075776][ T8625] RSP: 002b:00007f85b3171038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
[  401.075799][ T8625] RAX: ffffffffffffffda RBX: 00007f85b25b6090 RCX: 00007f85b238ebe9
[  401.075815][ T8625] RDX: 0000000002000000 RSI: 0000000000000001 RDI: 0000200000000440
[  401.075829][ T8625] RBP: 00007f85b3171090 R08: 0000000000000000 R09: 0000000000000000
[  401.075843][ T8625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.075856][ T8625] R13: 00007f85b25b6128 R14: 00007f85b25b6090 R15: 00007ffe2f1409f8
[  401.075891][ T8625]  </TASK>
[  404.834269][ T8656] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  404.920397][ T8656] ipvlan1: entered promiscuous mode
[  405.090892][ T8658] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  406.201690][ T8654] ipvlan1: left promiscuous mode
[  408.603242][   T30] audit: type=1326 audit(1754546671.155:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8691 comm="syz.0.781" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2a98d8ebe9 code=0x0
[  408.940973][ T8697] xt_nat: multiple ranges no longer supported
[  414.531535][ T8739] netlink: 'syz.3.795': attribute type 4 has an invalid length.
[  414.549755][ T8314] lo speed is unknown, defaulting to 1000
[  414.555840][ T8314] syz0: Port: 1 Link DOWN
[  414.565953][ T8739] netlink: 'syz.3.795': attribute type 4 has an invalid length.
[  414.577382][ T8314] lo speed is unknown, defaulting to 1000
[  414.599920][ T8314] syz0: Port: 1 Link ACTIVE
[  414.919611][ T8314] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  415.849292][ T8314] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  415.920888][ T8314] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  415.973944][ T8314] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  416.069467][ T8314] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  416.171151][ T8756] netlink: 'syz.4.800': attribute type 4 has an invalid length.
[  416.205044][ T8756] netlink: 'syz.4.800': attribute type 4 has an invalid length.
[  416.500338][ T8314] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.600013][ T8314] usb 2-1: config 0 descriptor??
[  417.763536][ T8314] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  418.829055][ T5954] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  419.028740][ T8794] netlink: 8 bytes leftover after parsing attributes in process `syz.2.810'.
[  419.889178][ T5954] usb 1-1: Using ep0 maxpacket: 8
[  420.094548][   T10] usb 2-1: USB disconnect, device number 15
[  420.175344][ T5954] usb 1-1: device descriptor read/all, error -71
[  420.262104][  T980] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  420.282688][ T8805] netlink: 260 bytes leftover after parsing attributes in process `syz.4.812'.
[  420.301428][ T8805] netlink: 260 bytes leftover after parsing attributes in process `syz.4.812'.
[  420.740570][  T980] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  420.837913][  T980] usb 3-1: New USB device found, idVendor=0471, idProduct=0308, bcdDevice=e4.df
[  421.739190][  T980] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  421.769380][  T980] usb 3-1: config 0 descriptor??
[  421.781814][  T980] pwc: Philips PCVC680K (Vesta Pro) USB webcam detected.
[  421.789043][ T5954] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  422.079158][  T980] pwc: send_video_command error -71
[  422.091513][  T980] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  422.099796][  T980] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71
[  422.114693][  T980] usb 3-1: USB disconnect, device number 21
[  422.121637][   T30] audit: type=1326 audit(1754546684.655:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8813 comm="syz.1.815" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f253638ebe9 code=0x0
[  422.399874][ T1211] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  422.559386][ T1211] usb 4-1: Using ep0 maxpacket: 16
[  422.703611][ T1211] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  422.860453][ T1211] usb 4-1: config 0 has no interface number 0
[  423.070051][ T5954] usb usb1-port1: attempt power cycle
[  423.316979][ T1211] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  423.336565][ T1211] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.354304][ T1211] usb 4-1: Product: syz
[  423.358755][ T1211] usb 4-1: Manufacturer: syz
[  423.609175][ T5954] usb 1-1: new full-speed USB device number 19 using dummy_hcd
[  423.726639][ T5954] usb 1-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[  424.051458][ T1211] usb 4-1: SerialNumber: syz
[  424.059471][ T1211] usb 4-1: config 0 descriptor??
[  424.075719][ T1211] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  424.184068][ T5954] usb 1-1: config 0 has an invalid interface number: 2 but max is -1
[  424.198997][ T5954] usb 1-1: config 0 has an invalid interface number: 2 but max is -1
[  424.207159][ T5954] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  424.220708][ T5954] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[  424.230141][ T5954] usb 1-1: config 0 has no interface number 0
[  424.236286][ T5954] usb 1-1: too many endpoints for config 0 interface 2 altsetting 48: 48, using maximum allowed: 30
[  424.248306][ T5954] usb 1-1: config 0 interface 2 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 48
[  424.262230][ T5954] usb 1-1: config 0 interface 2 has no altsetting 1
[  424.362554][ T5954] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  424.487619][ T5954] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  425.433538][ T5954] usb 1-1: Product: syz
[  425.437765][ T5954] usb 1-1: Manufacturer: syz
[  425.483253][ T5954] usb 1-1: SerialNumber: syz
[  425.490954][ T8820] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  425.532205][ T8820] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  425.566119][ T5954] usb 1-1: config 0 descriptor??
[  425.605519][ T5954] usb 1-1: can't set config #0, error -71
[  425.662664][ T5954] usb 1-1: USB disconnect, device number 19
[  425.790520][ T1211] gspca_spca1528: reg_w err -71
[  426.041769][ T8857] netlink: 'syz.0.825': attribute type 10 has an invalid length.
[  426.050418][ T8857] netlink: 156 bytes leftover after parsing attributes in process `syz.0.825'.
[  426.372584][  T980] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  426.374907][ T1211] spca1528 4-1:0.1: probe with driver spca1528 failed with error -71
[  426.925123][ T1211] usb 4-1: USB disconnect, device number 10
[  427.030516][  T980] usb 2-1: Using ep0 maxpacket: 32
[  427.050276][  T980] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 52, changing to 9
[  427.069448][  T980] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 8241, setting to 1024
[  427.179565][  T980] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  427.188692][  T980] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  427.318338][  T980] usb 2-1: Product: syz
[  427.808872][  T980] usb 2-1: Manufacturer: syz
[  428.106487][  T980] usb 2-1: SerialNumber: syz
[  428.135022][  T980] usb 2-1: config 0 descriptor??
[  428.229474][  T980] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  428.276069][  T980] usb 2-1: USB disconnect, device number 16
[  428.302603][   T64] usb 2-1: Failed to submit usb control message: -71
[  428.354536][   T64] usb 2-1: unable to send the bmi data to the device: -71
[  428.394085][   T64] usb 2-1: unable to get target info from device
[  428.421018][   T64] usb 2-1: could not get target info (-71)
[  428.427189][   T64] usb 2-1: could not probe fw (-71)
[  429.102940][ T8887] netlink: 'syz.2.834': attribute type 1 has an invalid length.
[  429.111103][ T8887] netlink: 5624 bytes leftover after parsing attributes in process `syz.2.834'.
[  429.520897][ T8896] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  430.045604][ T8909] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.840'.
[  430.546675][ T8912] netlink: 1284 bytes leftover after parsing attributes in process `syz.1.841'.
[  431.600446][ T8919] 9pnet_fd: Insufficient options for proto=fd
[  431.716326][ T8923] netlink: 'syz.3.845': attribute type 10 has an invalid length.
[  431.743005][ T8924] 9pnet_fd: Insufficient options for proto=fd
[  431.792834][ T8923] batman_adv: batadv0: Adding interface: team0
[  431.800436][ T8923] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  431.831715][ T8925] netlink: 'syz.3.845': attribute type 10 has an invalid length.
[  431.860122][ T8923] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  431.877663][ T8925] netlink: 2 bytes leftover after parsing attributes in process `syz.3.845'.
[  431.895718][ T8925] team0: entered promiscuous mode
[  431.902198][ T8925] team_slave_0: entered promiscuous mode
[  431.912928][ T8925] team_slave_1: entered promiscuous mode
[  431.924162][ T8925] 8021q: adding VLAN 0 to HW filter on device team0
[  431.934824][ T8925] batman_adv: batadv0: Interface activated: team0
[  431.943048][ T8925] batman_adv: batadv0: Interface deactivated: team0
[  431.956670][ T8925] batman_adv: batadv0: Removing interface: team0
[  431.985899][ T8925] bridge0: port 3(team0) entered blocking state
[  432.024109][ T8925] bridge0: port 3(team0) entered disabled state
[  432.036515][ T8925] team0: entered allmulticast mode
[  432.044164][ T8925] team_slave_0: entered allmulticast mode
[  432.055100][ T8925] team_slave_1: entered allmulticast mode
[  432.075453][ T8925] bridge0: port 3(team0) entered blocking state
[  432.083102][ T8925] bridge0: port 3(team0) entered forwarding state
[  433.177607][ T1105] batman_adv: batadv_iv_ogm_emit: mesh interface switch for queued OGM
[  434.629771][   T10] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  435.000054][   T10] usb 5-1: device descriptor read/64, error -71
[  435.261514][   T10] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  435.424531][   T10] usb 5-1: device descriptor read/64, error -71
[  435.613761][   T10] usb usb5-port1: attempt power cycle
[  435.901508][ T8958] netlink: 'syz.2.854': attribute type 4 has an invalid length.
[  436.249660][ T8959] netlink: 'syz.2.854': attribute type 4 has an invalid length.
[  436.849781][   T10] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  436.879815][   T10] usb 5-1: device descriptor read/8, error -71
[  437.149249][  T980] usb 1-1: new full-speed USB device number 20 using dummy_hcd
[  437.209011][   T10] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  437.492323][   T10] usb 5-1: device descriptor read/8, error -71
[  437.672132][ T8972] 9pnet_fd: Insufficient options for proto=fd
[  437.911956][ T8977] netlink: 'syz.1.860': attribute type 10 has an invalid length.
[  437.921448][ T8977] netlink: 156 bytes leftover after parsing attributes in process `syz.1.860'.
[  438.393491][ T8978] vlan0: entered promiscuous mode
[  438.550989][   T10] usb usb5-port1: unable to enumerate USB device
[  438.580225][  T980] usb 1-1: not running at top speed; connect to a high speed hub
[  438.822627][  T980] usb 1-1: config 95 has an invalid interface number: 1 but max is 0
[  438.839814][  T980] usb 1-1: config 95 has no interface number 0
[  438.846091][  T980] usb 1-1: config 95 interface 1 has no altsetting 0
[  438.862713][  T980] usb 1-1: string descriptor 0 read error: -22
[  438.880254][  T980] usb 1-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[  438.895394][  T980] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.240098][   T10] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  439.243533][ T8989] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  439.392599][   T30] audit: type=1800 audit(1754546701.945:87): pid=8964 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.856" name="file1" dev="tmpfs" ino=985 res=0 errno=0
[  439.417842][  T980] usb 1-1: USB disconnect, device number 20
[  439.439310][   T10] usb 5-1: Using ep0 maxpacket: 16
[  439.475663][   T10] usb 5-1: config 4 has an invalid interface number: 9 but max is 0
[  439.538364][   T10] usb 5-1: config 4 has no interface number 0
[  439.559166][   T10] usb 5-1: config 4 interface 9 altsetting 2 endpoint 0x4 has invalid maxpacket 1040, setting to 1024
[  439.572236][   T10] usb 5-1: config 4 interface 9 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 1024
[  439.593072][   T10] usb 5-1: config 4 interface 9 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  439.607357][   T10] usb 5-1: config 4 interface 9 has no altsetting 0
[  439.621991][   T10] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=76.fe
[  439.633272][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.655820][   T10] usb 5-1: Product: syz
[  439.744485][   T10] usb 5-1: Manufacturer: syz
[  439.771108][   T10] usb 5-1: SerialNumber: syz
[  439.833431][ T8984] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  439.860776][ T8984] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  439.913935][   T10] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  440.071369][ T9002] netlink: 'syz.1.868': attribute type 4 has an invalid length.
[  440.157028][ T9003] netlink: 'syz.1.868': attribute type 4 has an invalid length.
[  440.214714][   T10] usb 5-1: USB disconnect, device number 13
[  440.222688][   T36] usb 5-1: Failed to submit usb control message: -71
[  440.248397][   T36] usb 5-1: unable to send the bmi data to the device: -71
[  440.267653][   T36] usb 5-1: unable to get target info from device
[  440.605724][   T36] usb 5-1: could not get target info (-71)
[  440.633415][   T36] usb 5-1: could not probe fw (-71)
[  443.879041][   T10] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  444.318411][   T10] usb 4-1: not running at top speed; connect to a high speed hub
[  444.349620][   T10] usb 4-1: config 95 has an invalid interface number: 1 but max is 0
[  444.371177][   T10] usb 4-1: config 95 has no interface number 0
[  444.384555][   T10] usb 4-1: config 95 interface 1 has no altsetting 0
[  444.401912][   T10] usb 4-1: string descriptor 0 read error: -22
[  444.412548][   T10] usb 4-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[  444.430116][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  444.519001][  T980] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  445.449523][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  445.599087][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  445.814140][   T30] audit: type=1800 audit(1754546708.365:88): pid=9067 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.880" name="file1" dev="tmpfs" ino=924 res=0 errno=0
[  445.960673][  T980] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  447.439125][  T980] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.450617][   T10] usb 4-1: USB disconnect, device number 11
[  447.462205][  T980] usb 2-1: config 0 descriptor??
[  447.586752][  T980] usb 2-1: can't set config #0, error -71
[  447.609311][  T980] usb 2-1: USB disconnect, device number 17
[  448.462733][ T9087] 9pnet_fd: Insufficient options for proto=fd
[  449.662304][   T10] usb 1-1: new full-speed USB device number 21 using dummy_hcd
[  449.740124][ T9097] block device autoloading is deprecated and will be removed.
[  449.753210][ T9097] syz.1.897: attempt to access beyond end of device
[  449.753210][ T9097] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  450.000457][   T10] usb 1-1: not running at top speed; connect to a high speed hub
[  450.019682][   T10] usb 1-1: config 95 has an invalid interface number: 1 but max is 0
[  450.027952][   T10] usb 1-1: config 95 has no interface number 0
[  450.037137][   T10] usb 1-1: config 95 interface 1 has no altsetting 0
[  450.049990][   T10] usb 1-1: string descriptor 0 read error: -22
[  450.056285][   T10] usb 1-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[  450.067656][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.932833][   T30] audit: type=1800 audit(1754546713.475:89): pid=9096 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.900" name="file1" dev="tmpfs" ino=1042 res=0 errno=0
[  450.994622][   T10] usb 1-1: USB disconnect, device number 21
[  452.053644][ T9130] 9pnet_fd: Insufficient options for proto=fd
[  452.290199][ T9138] netlink: 8 bytes leftover after parsing attributes in process `syz.1.913'.
[  452.448878][ T9133] xt_nat: multiple ranges no longer supported
[  452.529134][ T9138] netlink: 312 bytes leftover after parsing attributes in process `syz.1.913'.
[  452.538188][ T9138] netlink: 8 bytes leftover after parsing attributes in process `syz.1.913'.
[  453.203778][ T9143] netlink: 'syz.4.912': attribute type 4 has an invalid length.
[  453.820384][ T9155] netlink: 100 bytes leftover after parsing attributes in process `syz.4.918'.
[  454.048645][   T30] audit: type=1326 audit(1754546716.575:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9148 comm="syz.0.915" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2a98d8ebe9 code=0x0
[  454.809625][ T9153] tipc: Failed to remove unknown binding: 66,1,1/0:2488086685/2488086687
[  454.818435][ T9153] tipc: Failed to remove unknown binding: 66,1,1/0:2488086685/2488086687
[  454.979878][ T9167] 9pnet_fd: Insufficient options for proto=fd
[  455.303121][   T10] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  456.333945][   T10] usb 5-1: not running at top speed; connect to a high speed hub
[  456.415631][   T10] usb 5-1: config 95 has an invalid interface number: 1 but max is 0
[  456.827844][   T10] usb 5-1: config 95 has no interface number 0
[  456.835387][   T10] usb 5-1: config 95 interface 1 has no altsetting 0
[  456.892004][   T10] usb 5-1: string descriptor 0 read error: -22
[  456.898439][   T10] usb 5-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[  456.960502][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  457.519244][ T1211] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  457.825640][ T1211] usb 4-1: config 0 has an invalid interface number: 73 but max is 0
[  457.959185][ T1211] usb 4-1: config 0 has no interface number 0
[  458.005165][   T30] audit: type=1800 audit(1754546720.555:91): pid=9163 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.920" name="file1" dev="tmpfs" ino=965 res=0 errno=0
[  458.049247][ T1211] usb 4-1: New USB device found, idVendor=06f8, idProduct=300c, bcdDevice=39.64
[  458.092378][ T1211] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  458.106915][ T8314] usb 5-1: USB disconnect, device number 14
[  458.210940][ T1211] usb 4-1: Product: syz
[  458.254046][ T1211] usb 4-1: Manufacturer: syz
[  458.310208][ T1211] usb 4-1: SerialNumber: syz
[  458.316166][   T30] audit: type=1326 audit(1754546720.795:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9193 comm="syz.0.931" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2a98d8ebe9 code=0x0
[  458.949791][ T1211] usb 4-1: config 0 descriptor??
[  460.087808][ T9213] 9pnet_fd: Insufficient options for proto=fd
[  461.983141][ T9215] sctp: failed to load transform for md5: -2
[  462.219048][ T8314] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  462.634857][ T9233] xt_nat: multiple ranges no longer supported
[  462.801292][ T8314] usb 5-1: config 0 has an invalid interface number: 50 but max is 0
[  462.829495][ T8314] usb 5-1: config 0 has no interface number 0
[  462.881413][ T8314] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  462.915484][ T1211] usb 4-1: USB disconnect, device number 12
[  462.924369][ T8314] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  463.922823][   T30] audit: type=1800 audit(1754546726.475:93): pid=9245 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.943" name="file1" dev="tmpfs" ino=1099 res=0 errno=0
[  463.942053][ T8314] usb 5-1: Product: syz
[  463.953623][ T8314] usb 5-1: Manufacturer: syz
[  463.958402][ T8314] usb 5-1: SerialNumber: syz
[  464.071879][ T9248] netlink: 'syz.0.947': attribute type 4 has an invalid length.
[  464.084213][ T8314] usb 5-1: config 0 descriptor??
[  464.113819][ T9248] netlink: 'syz.0.947': attribute type 4 has an invalid length.
[  464.140092][ T8314] usb 5-1: can't set config #0, error -71
[  464.220251][ T8314] usb 5-1: USB disconnect, device number 15
[  468.308795][ T9287] pimreg: entered allmulticast mode
[  468.384098][ T9288] pimreg: left allmulticast mode
[  468.658999][ T5923] usb 4-1: new full-speed USB device number 13 using dummy_hcd
[  468.849736][ T5923] usb 4-1: not running at top speed; connect to a high speed hub
[  468.873694][ T5923] usb 4-1: config 95 has an invalid interface number: 1 but max is 0
[  468.954589][ T9296] FAULT_INJECTION: forcing a failure.
[  468.954589][ T9296] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  468.969126][ T9296] CPU: 0 UID: 0 PID: 9296 Comm: syz.0.956 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  468.969155][ T9296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  468.969169][ T9296] Call Trace:
[  468.969179][ T9296]  <TASK>
[  468.969188][ T9296]  dump_stack_lvl+0x189/0x250
[  468.969219][ T9296]  ? __pfx____ratelimit+0x10/0x10
[  468.969244][ T9296]  ? __pfx_dump_stack_lvl+0x10/0x10
[  468.969269][ T9296]  ? __pfx__printk+0x10/0x10
[  468.969300][ T9296]  ? fs_reclaim_acquire+0x7d/0x100
[  468.969338][ T9296]  should_fail_ex+0x414/0x560
[  468.969367][ T9296]  prepare_alloc_pages+0x213/0x610
[  468.969404][ T9296]  __alloc_frozen_pages_noprof+0x123/0x370
[  468.969437][ T9296]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  468.969476][ T9296]  ? policy_nodemask+0x27c/0x720
[  468.969506][ T9296]  alloc_pages_mpol+0x232/0x4a0
[  468.969536][ T9296]  folio_alloc_mpol_noprof+0x39/0x70
[  468.969563][ T9296]  shmem_alloc_and_add_folio+0x447/0xf60
[  468.969589][ T9296]  ? filemap_get_entry+0xad/0x2f0
[  468.969622][ T9296]  ? filemap_get_entry+0xad/0x2f0
[  468.969652][ T9296]  ? filemap_get_entry+0xad/0x2f0
[  468.969686][ T9296]  ? filemap_get_entry+0x28f/0x2f0
[  468.969723][ T9296]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  468.969752][ T9296]  ? shmem_allowable_huge_orders+0x1f8/0x420
[  468.969802][ T9296]  shmem_get_folio_gfp+0x59d/0x1660
[  468.969859][ T9296]  shmem_fallocate+0x80f/0xde0
[  468.969905][ T9296]  ? __pfx_shmem_fallocate+0x10/0x10
[  468.969936][ T9296]  ? rcu_read_lock_any_held+0xb3/0x120
[  468.969963][ T9296]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  468.970006][ T9296]  vfs_fallocate+0x6a0/0x830
[  468.970028][ T9296]  ? __fget_files+0x2a/0x420
[  468.970059][ T9296]  ? __pfx_vfs_fallocate+0x10/0x10
[  468.970079][ T9296]  ? __fget_files+0x2a/0x420
[  468.970115][ T9296]  __x64_sys_fallocate+0xc0/0x110
[  468.970142][ T9296]  do_syscall_64+0xfa/0x3b0
[  468.970177][ T9296]  ? lockdep_hardirqs_on+0x9c/0x150
[  468.970200][ T9296]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.970221][ T9296]  ? clear_bhb_loop+0x60/0xb0
[  468.970247][ T9296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.970268][ T9296] RIP: 0033:0x7f2a98d8ebe9
[  468.970288][ T9296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  468.970307][ T9296] RSP: 002b:00007f2a99b91038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  468.970330][ T9296] RAX: ffffffffffffffda RBX: 00007f2a98fb6180 RCX: 00007f2a98d8ebe9
[  468.970346][ T9296] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[  468.970359][ T9296] RBP: 00007f2a99b91090 R08: 0000000000000000 R09: 0000000000000000
[  468.970372][ T9296] R10: 000000000010fff9 R11: 0000000000000246 R12: 0000000000000001
[  468.970386][ T9296] R13: 00007f2a98fb6218 R14: 00007f2a98fb6180 R15: 00007ffdfb3469f8
[  468.970420][ T9296]  </TASK>
[  469.297755][ T5923] usb 4-1: config 95 has no interface number 0
[  469.318017][ T5923] usb 4-1: config 95 interface 1 has no altsetting 0
[  469.346164][ T5923] usb 4-1: string descriptor 0 read error: -22
[  469.374676][ T5923] usb 4-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[  469.403730][ T5923] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  470.167865][   T30] audit: type=1800 audit(1754546732.705:94): pid=9290 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.958" name="file1" dev="tmpfs" ino=986 res=0 errno=0
[  470.205617][ T1211] usb 4-1: USB disconnect, device number 13
[  470.369498][ T9311] netlink: 'syz.1.964': attribute type 4 has an invalid length.
[  470.426149][ T9312] netlink: 'syz.1.964': attribute type 4 has an invalid length.
[  470.548324][ T9310] blktrace: Concurrent blktraces are not allowed on sg0
[  470.947556][    C1] vkms_vblank_simulate: vblank timer overrun
[  471.402504][ T9333] netlink: 12 bytes leftover after parsing attributes in process `syz.2.970'.
[  471.806306][   T30] audit: type=1800 audit(1754546734.355:95): pid=9350 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.977" name="file1" dev="tmpfs" ino=1121 res=0 errno=0
[  472.606624][ T9360] netlink: 1284 bytes leftover after parsing attributes in process `syz.1.978'.
[  472.694462][ T9360] netlink: 8 bytes leftover after parsing attributes in process `syz.1.978'.
[  473.185277][ T9367] 9pnet_fd: Insufficient options for proto=fd
[  473.234654][ T9367] netlink: 12 bytes leftover after parsing attributes in process `syz.0.980'.
[  473.288199][ T9372] netlink: 56 bytes leftover after parsing attributes in process `syz.0.980'.
[  473.537187][ T9378] netlink: 260 bytes leftover after parsing attributes in process `syz.1.984'.
[  473.547316][ T9378] netlink: 260 bytes leftover after parsing attributes in process `syz.1.984'.
[  473.779060][ T8314] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  474.159206][ T8314] usb 5-1: Using ep0 maxpacket: 8
[  474.221647][ T8314] usb 5-1: config 64 has an invalid interface number: 203 but max is 0
[  474.315666][ T8314] usb 5-1: config 64 has no interface number 0
[  474.939902][ T9389] Can't find ip_set type h�`h:ip,mac
[  475.040499][ T8314] usb 5-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=54.91
[  475.055798][ T8314] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.084435][ T8314] imon 5-1:64.203: unable to register, err -19
[  475.332767][ T5954] usb 5-1: USB disconnect, device number 16
[  475.492621][ T9401] netlink: 'syz.1.990': attribute type 4 has an invalid length.
[  476.055084][ T9403] netlink: 24 bytes leftover after parsing attributes in process `syz.3.991'.
[  476.077967][   T30] audit: type=1800 audit(1754546738.625:96): pid=9406 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.992" name="file1" dev="tmpfs" ino=1142 res=0 errno=0
[  476.604722][ T9418] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  477.043846][ T9418] bond1: entered promiscuous mode
[  477.050035][ T9418] bond1: entered allmulticast mode
[  477.055997][ T9418] 8021q: adding VLAN 0 to HW filter on device bond1
[  477.498248][ T9431] blktrace: Concurrent blktraces are not allowed on sg0
[  479.177365][ T9451] FAULT_INJECTION: forcing a failure.
[  479.177365][ T9451] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  479.190765][ T9451] CPU: 0 UID: 0 PID: 9451 Comm: syz.3.997 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  479.190794][ T9451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  479.190808][ T9451] Call Trace:
[  479.190818][ T9451]  <TASK>
[  479.190827][ T9451]  dump_stack_lvl+0x189/0x250
[  479.190859][ T9451]  ? __pfx____ratelimit+0x10/0x10
[  479.190883][ T9451]  ? __pfx_dump_stack_lvl+0x10/0x10
[  479.190909][ T9451]  ? __pfx__printk+0x10/0x10
[  479.190940][ T9451]  ? fs_reclaim_acquire+0x7d/0x100
[  479.190977][ T9451]  should_fail_ex+0x414/0x560
[  479.191015][ T9451]  prepare_alloc_pages+0x213/0x610
[  479.191052][ T9451]  __alloc_frozen_pages_noprof+0x123/0x370
[  479.191085][ T9451]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  479.191124][ T9451]  ? policy_nodemask+0x27c/0x720
[  479.191153][ T9451]  alloc_pages_mpol+0x232/0x4a0
[  479.191184][ T9451]  folio_alloc_mpol_noprof+0x39/0x70
[  479.191210][ T9451]  shmem_alloc_and_add_folio+0x447/0xf60
[  479.191237][ T9451]  ? filemap_get_entry+0xad/0x2f0
[  479.191270][ T9451]  ? filemap_get_entry+0xad/0x2f0
[  479.191300][ T9451]  ? filemap_get_entry+0xad/0x2f0
[  479.191335][ T9451]  ? filemap_get_entry+0x28f/0x2f0
[  479.191371][ T9451]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  479.191400][ T9451]  ? shmem_allowable_huge_orders+0x1f8/0x420
[  479.191442][ T9451]  shmem_get_folio_gfp+0x59d/0x1660
[  479.191498][ T9451]  shmem_fallocate+0x80f/0xde0
[  479.191543][ T9451]  ? __pfx_shmem_fallocate+0x10/0x10
[  479.191575][ T9451]  ? rcu_read_lock_any_held+0xb3/0x120
[  479.191601][ T9451]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  479.191645][ T9451]  vfs_fallocate+0x6a0/0x830
[  479.191666][ T9451]  ? __fget_files+0x2a/0x420
[  479.191698][ T9451]  ? __pfx_vfs_fallocate+0x10/0x10
[  479.191718][ T9451]  ? __fget_files+0x2a/0x420
[  479.191753][ T9451]  __x64_sys_fallocate+0xc0/0x110
[  479.191782][ T9451]  do_syscall_64+0xfa/0x3b0
[  479.191805][ T9451]  ? lockdep_hardirqs_on+0x9c/0x150
[  479.191828][ T9451]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  479.191850][ T9451]  ? clear_bhb_loop+0x60/0xb0
[  479.191878][ T9451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  479.191899][ T9451] RIP: 0033:0x7fa52b58ebe9
[  479.191919][ T9451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  479.191938][ T9451] RSP: 002b:00007fa52c363038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  479.191962][ T9451] RAX: ffffffffffffffda RBX: 00007fa52b7b6180 RCX: 00007fa52b58ebe9
[  479.191978][ T9451] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[  479.191991][ T9451] RBP: 00007fa52c363090 R08: 0000000000000000 R09: 0000000000000000
[  479.192011][ T9451] R10: 000000000010fff9 R11: 0000000000000246 R12: 0000000000000001
[  479.192025][ T9451] R13: 00007fa52b7b6218 R14: 00007fa52b7b6180 R15: 00007ffed2154ee8
[  479.192061][ T9451]  </TASK>
[  480.249597][ T9456] netlink: 'syz.2.1007': attribute type 4 has an invalid length.
[  480.429834][ T9467] netlink: 'syz.4.1010': attribute type 10 has an invalid length.
[  480.440997][ T9467] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1010'.
[  481.757697][ T9483] 9pnet_fd: Insufficient options for proto=fd
[  481.778372][ T9483] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1016'.
[  481.808262][ T9483] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1016'.
[  481.869405][ T5923] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[  482.082209][ T5923] usb 2-1: not running at top speed; connect to a high speed hub
[  482.124453][ T5923] usb 2-1: config 95 has an invalid interface number: 1 but max is 0
[  482.160157][ T5923] usb 2-1: config 95 has no interface number 0
[  482.193762][ T5923] usb 2-1: config 95 interface 1 has no altsetting 0
[  482.235022][ T5923] usb 2-1: string descriptor 0 read error: -22
[  482.262959][ T5923] usb 2-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[  482.302692][ T5923] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  482.758050][ T9494] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1018'.
[  482.854369][   T30] audit: type=1800 audit(1754546745.395:97): pid=9474 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1012" name="file1" dev="tmpfs" ino=983 res=0 errno=0
[  483.002009][ T5923] usb 2-1: USB disconnect, device number 18
[  483.044286][ T9499] bridge0: entered allmulticast mode
[  483.227130][ T9499] pim6reg: entered allmulticast mode
[  483.235919][ T9499] pim6reg: left allmulticast mode
[  483.241470][ T9499] bridge0: left allmulticast mode
[  485.559077][ T5954] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  485.739012][ T5954] usb 5-1: Using ep0 maxpacket: 32
[  485.859006][   T10] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  486.526583][ T5954] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[  486.537940][ T5954] usb 5-1: config 0 has no interface number 0
[  486.556522][   T30] audit: type=1326 audit(1754546748.375:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9528 comm="syz.3.1031" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa52b58ebe9 code=0x0
[  486.559340][ T5954] usb 5-1: config 0 interface 2 has no altsetting 0
[  486.588279][ T5954] usb 5-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  486.609138][ T5954] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  486.625782][ T5954] usb 5-1: Product: syz
[  486.630180][ T5954] usb 5-1: Manufacturer: syz
[  486.634795][ T5954] usb 5-1: SerialNumber: syz
[  486.690727][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  486.705094][ T5954] usb 5-1: config 0 descriptor??
[  486.725709][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  486.735949][   T10] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  486.758354][   T10] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  486.767781][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.840786][   T10] usb 1-1: config 0 descriptor??
[  486.936901][ T9511] team_slave_0: entered promiscuous mode
[  486.942739][ T9511] team_slave_1: entered promiscuous mode
[  486.961716][ T9511] vlan2: entered promiscuous mode
[  486.967528][ T9511] team0: entered promiscuous mode
[  487.837982][ T5954] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  487.874138][ T5954] snd-usb-audio 5-1:0.2: probe with driver snd-usb-audio failed with error -2
[  487.887062][   T10] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  487.920689][ T5954] usb 5-1: USB disconnect, device number 17
[  487.961088][ T9548] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  487.987328][ T6372] udevd[6372]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  488.005543][ T9548] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  488.987194][ T9561] netlink: 'syz.2.1039': attribute type 10 has an invalid length.
[  488.995277][ T9561] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1039'.
[  490.168218][ T8314] usb 1-1: USB disconnect, device number 22
[  493.530904][ T9603] xt_nat: multiple ranges no longer supported
[  493.665100][ T9608] bond0: entered promiscuous mode
[  493.675816][ T9608] bond_slave_0: entered promiscuous mode
[  493.775489][ T9608] bond_slave_1: entered promiscuous mode
[  494.638275][ T9616] netlink: 'syz.0.1054': attribute type 4 has an invalid length.
[  495.263460][ T9621] netlink: 'syz.2.1056': attribute type 4 has an invalid length.
[  495.271794][ T9621] netlink: 'syz.2.1056': attribute type 4 has an invalid length.
[  495.358839][ T9628] 9pnet_fd: Insufficient options for proto=fd
[  495.386802][ T9628] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1057'.
[  495.560015][   T10] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  495.699045][   T10] usb 2-1: device descriptor read/64, error -71
[  496.600113][   T10] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  496.739343][   T10] usb 2-1: device descriptor read/64, error -71
[  496.871929][   T10] usb usb2-port1: attempt power cycle
[  496.995853][   T30] audit: type=1800 audit(1754546759.545:99): pid=9649 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.1066" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0
[  497.299211][   T10] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  497.426647][   T10] usb 2-1: device descriptor read/8, error -71
[  497.799295][   T10] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  497.829881][   T10] usb 2-1: device descriptor read/8, error -71
[  497.940287][   T10] usb usb2-port1: unable to enumerate USB device
[  498.329077][ T9664] netlink: 'syz.0.1070': attribute type 4 has an invalid length.
[  498.343697][ T9664] netlink: 'syz.0.1070': attribute type 4 has an invalid length.
[  499.156231][ T9685] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1075'.
[  501.028043][ T9699] kernel read not supported for file / 
�7���âW)�s���!Q���fs�l{T�r�)r��O���2:"��T+͟v|�ղDvc���֠�6�x�c: (pid: 9699 comm: syz.0.1079)
[  501.262575][   T30] audit: type=1800 audit(1754546763.595:100): pid=9699 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.1079" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=20844 res=0 errno=0
[  503.361050][ T9724] x_tables: ip_tables: TCPMSS target: only valid for protocol 6
[  504.093529][ T9723] netlink: 'syz.4.1085': attribute type 4 has an invalid length.
[  504.101990][ T9723] netlink: 'syz.4.1085': attribute type 4 has an invalid length.
[  504.320633][ T9737] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1089'.
[  506.337681][ T5954] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  506.720639][ T5954] usb 4-1: Using ep0 maxpacket: 8
[  506.854039][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  506.877043][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  506.878648][ T5954] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  507.250196][ T5954] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  507.283257][ T5954] usb 4-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=44.b2
[  507.357495][ T5954] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.384822][ T5954] usb 4-1: Product: syz
[  507.416167][ T5954] usb 4-1: Manufacturer: syz
[  507.431889][ T5954] usb 4-1: SerialNumber: syz
[  507.467083][ T5954] usb 4-1: config 0 descriptor??
[  507.635403][ T5954] usb 4-1: USB disconnect, device number 14
[  507.736320][ T9767] syzkaller1: entered promiscuous mode
[  507.805463][ T9767] syzkaller1: entered allmulticast mode
[  508.203853][ T9776] netlink: 'syz.2.1099': attribute type 4 has an invalid length.
[  508.256089][ T9778] netlink: 'syz.2.1099': attribute type 4 has an invalid length.
[  510.776743][   T30] audit: type=1326 audit(1754546773.275:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9786 comm="syz.0.1105" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2a98d8ebe9 code=0x0
[  512.836395][ T9806] delete_channel: no stack
[  513.103109][ T9823] netlink: 'syz.1.1113': attribute type 4 has an invalid length.
[  513.127296][ T9823] netlink: 'syz.1.1113': attribute type 4 has an invalid length.
[  513.551735][ T9822] netlink: 'syz.3.1112': attribute type 4 has an invalid length.
[  513.630245][ T9826] netlink: 'syz.3.1112': attribute type 4 has an invalid length.
[  514.333200][ T5904] lo speed is unknown, defaulting to 1000
[  514.349695][ T5954] lo speed is unknown, defaulting to 1000
[  516.807292][ T9855] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1121'.
[  518.982406][ T9872] netlink: 'syz.4.1126': attribute type 4 has an invalid length.
[  519.072490][ T9873] netlink: 'syz.4.1126': attribute type 4 has an invalid length.
[  520.365993][ T9891] FAULT_INJECTION: forcing a failure.
[  520.365993][ T9891] name failslab, interval 1, probability 0, space 0, times 0
[  520.429020][ T9891] CPU: 1 UID: 0 PID: 9891 Comm: syz.4.1132 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  520.429050][ T9891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  520.429063][ T9891] Call Trace:
[  520.429072][ T9891]  <TASK>
[  520.429082][ T9891]  dump_stack_lvl+0x189/0x250
[  520.429112][ T9891]  ? __pfx____ratelimit+0x10/0x10
[  520.429136][ T9891]  ? __pfx_dump_stack_lvl+0x10/0x10
[  520.429161][ T9891]  ? __pfx__printk+0x10/0x10
[  520.429191][ T9891]  ? __pfx___might_resched+0x10/0x10
[  520.429215][ T9891]  ? fs_reclaim_acquire+0x7d/0x100
[  520.429245][ T9891]  should_fail_ex+0x414/0x560
[  520.429274][ T9891]  should_failslab+0xa8/0x100
[  520.429300][ T9891]  __kmalloc_noprof+0xcb/0x4f0
[  520.429320][ T9891]  ? tomoyo_encode+0x28b/0x550
[  520.429352][ T9891]  tomoyo_encode+0x28b/0x550
[  520.429385][ T9891]  tomoyo_realpath_from_path+0x58d/0x5d0
[  520.429427][ T9891]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  520.429450][ T9891]  tomoyo_path_number_perm+0x1e8/0x5a0
[  520.429477][ T9891]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  520.429520][ T9891]  ? __lock_acquire+0xab9/0xd20
[  520.429569][ T9891]  ? __fget_files+0x2a/0x420
[  520.429596][ T9891]  ? __fget_files+0x2a/0x420
[  520.429618][ T9891]  ? __fget_files+0x3a0/0x420
[  520.429641][ T9891]  ? __fget_files+0x2a/0x420
[  520.429670][ T9891]  security_file_ioctl+0xcb/0x2d0
[  520.429704][ T9891]  __se_sys_ioctl+0x47/0x170
[  520.429739][ T9891]  do_syscall_64+0xfa/0x3b0
[  520.429762][ T9891]  ? lockdep_hardirqs_on+0x9c/0x150
[  520.429784][ T9891]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.429805][ T9891]  ? clear_bhb_loop+0x60/0xb0
[  520.429831][ T9891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.429853][ T9891] RIP: 0033:0x7faacdd8ebe9
[  520.429871][ T9891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  520.429891][ T9891] RSP: 002b:00007faacebd0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  520.429913][ T9891] RAX: ffffffffffffffda RBX: 00007faacdfb6090 RCX: 00007faacdd8ebe9
[  520.429929][ T9891] RDX: 0000000000000000 RSI: 0000000000005000 RDI: 0000000000000005
[  520.429942][ T9891] RBP: 00007faacebd0090 R08: 0000000000000000 R09: 0000000000000000
[  520.429955][ T9891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  520.429968][ T9891] R13: 00007faacdfb6128 R14: 00007faacdfb6090 R15: 00007ffc3d0ba7e8
[  520.430003][ T9891]  </TASK>
[  520.430100][ T9891] ERROR: Out of memory at tomoyo_realpath_from_path.
[  523.062668][ T9917] 9pnet_fd: Insufficient options for proto=fd
[  523.110253][ T9918] 9pnet_fd: Insufficient options for proto=fd
[  523.122185][ T9917] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1138'.
[  523.289519][ T9918] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1139'.
[  523.528193][ T9917] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1138'.
[  523.849376][ T9918] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1139'.
[  524.046791][ T9929] netlink: 'syz.3.1142': attribute type 4 has an invalid length.
[  524.656305][ T9930] netlink: 'syz.3.1142': attribute type 4 has an invalid length.
[  526.640308][ T5904] lo speed is unknown, defaulting to 1000
[  526.646233][ T5954] lo speed is unknown, defaulting to 1000
[  529.413055][ T9973] xt_nat: multiple ranges no longer supported
[  529.583030][ T9981] 9pnet_fd: Insufficient options for proto=fd
[  529.610680][ T9981] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1155'.
[  529.654000][ T9981] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1155'.
[  529.902139][ T9982] delete_channel: no stack
[  531.043698][ T9997] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1160'.
[  533.027146][T10012] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1167'.
[  535.027410][T10040] nfs4: Unknown parameter 'sched_switch'
[  536.207521][T10065] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1185'.
[  536.227330][ T5904] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  536.255212][T10067] input: syz0 as /devices/virtual/input/input12
[  536.406946][ T5904] usb 4-1: Using ep0 maxpacket: 8
[  536.457380][ T5904] usb 4-1: config 162 has an invalid interface number: 84 but max is 2
[  536.499396][ T5904] usb 4-1: config 162 has an invalid interface number: 3 but max is 2
[  536.549089][ T5904] usb 4-1: config 162 has no interface number 0
[  536.555471][ T5904] usb 4-1: config 162 has no interface number 1
[  536.614304][ T5904] usb 4-1: config 162 interface 84 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  537.116495][ T5904] usb 4-1: config 162 interface 2 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[  537.127832][ T5904] usb 4-1: config 162 interface 2 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[  537.146024][ T5904] usb 4-1: config 162 interface 2 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024
[  537.166547][ T5904] usb 4-1: config 162 interface 2 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[  538.165221][ T5904] usb 4-1: config 162 interface 2 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[  538.221388][ T5904] usb 4-1: config 162 interface 84 has no altsetting 0
[  538.231408][ T5904] usb 4-1: config 162 interface 2 has no altsetting 0
[  538.234383][T10091] netlink: 1284 bytes leftover after parsing attributes in process `syz.2.1191'.
[  538.256273][ T5904] usb 4-1: config 162 interface 3 has no altsetting 0
[  538.281992][ T5904] usb 4-1: New USB device found, idVendor=0e8d, idProduct=763f, bcdDevice=9b.23
[  538.299123][ T5904] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  538.327786][ T5904] usb 4-1: Product: syz
[  538.337947][ T5904] usb 4-1: Manufacturer: syz
[  538.340472][T10091] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1191'.
[  538.348157][ T5904] usb 4-1: SerialNumber: syz
[  539.738629][   T30] audit: type=1326 audit(1754546802.285:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10109 comm="syz.3.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52b58ebe9 code=0x7ffc0000
[  539.905929][   T30] audit: type=1326 audit(1754546802.285:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10109 comm="syz.3.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52b58ebe9 code=0x7ffc0000
[  539.928197][   T30] audit: type=1326 audit(1754546802.325:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10109 comm="syz.3.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa52b58d550 code=0x7ffc0000
[  539.982383][   T30] audit: type=1326 audit(1754546802.325:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10109 comm="syz.3.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fa52b590417 code=0x7ffc0000
[  540.041280][   T30] audit: type=1326 audit(1754546802.325:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10109 comm="syz.3.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa52b58ebe9 code=0x7ffc0000
[  540.138145][   T30] audit: type=1326 audit(1754546802.325:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10109 comm="syz.3.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fa52b590417 code=0x7ffc0000
[  540.245413][   T30] audit: type=1326 audit(1754546802.325:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10109 comm="syz.3.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa52b58d84a code=0x7ffc0000
[  540.338220][   T30] audit: type=1326 audit(1754546802.325:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10109 comm="syz.3.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52b58ebe9 code=0x7ffc0000
[  540.360945][   T30] audit: type=1326 audit(1754546802.325:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10109 comm="syz.3.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52b58ebe9 code=0x7ffc0000
[  540.384430][   T30] audit: type=1326 audit(1754546802.325:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10109 comm="syz.3.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa52b58ebe9 code=0x7ffc0000
[  540.459166][ T5844] Bluetooth: hci5: Opcode 0x0c03 failed: -71
[  540.466511][ T5904] usb 4-1: USB disconnect, device number 15
[  540.743986][T10138] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1205'.
[  543.850618][T10156] delete_channel: no stack
[  545.626741][T10164] delete_channel: no stack
[  546.553018][T10192] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1215'.
[  547.060980][T10202] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  547.072958][T10202] xt_SECMARK: unable to map security context 'system_u:object_r:dbusd_etc_t:s0'
[  547.782967][T10207] netlink: 'syz.1.1220': attribute type 39 has an invalid length.
[  547.967204][T10216] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1221'.
[  547.976702][T10216] netlink: 260 bytes leftover after parsing attributes in process `syz.2.1221'.
[  548.830138][T10226] netlink: 'syz.4.1223': attribute type 4 has an invalid length.
[  549.479164][T10234] netlink: 'syz.3.1225': attribute type 10 has an invalid length.
[  549.487070][T10234] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1225'.
[  552.353314][T10260] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1233'.
[  552.919083][ T1211] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  553.415906][ T1211] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  553.475091][ T1211] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  553.516564][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  553.516579][   T30] audit: type=1326 audit(1754546816.055:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10266 comm="syz.2.1235" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f85b238ebe9 code=0x0
[  553.575067][ T1211] usb 4-1: config 1 interface 0 has no altsetting 1
[  553.660536][ T1211] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  554.030469][ T1211] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  554.064419][ T1211] usb 4-1: SerialNumber: syz
[  554.093311][ T1211] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[  556.446852][  T977] usb 4-1: USB disconnect, device number 16
[  558.014330][T10312] ip6gretap0: entered promiscuous mode
[  558.020968][T10312] macsec1: entered allmulticast mode
[  558.026326][T10312] ip6gretap0: entered allmulticast mode
[  558.038116][T10312] ip6gretap0: left allmulticast mode
[  558.043674][T10312] ip6gretap0: left promiscuous mode
[  558.123287][T10318] cgroup: Invalid name
[  558.549044][  T977] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  559.129481][  T977] usb 1-1: device descriptor read/64, error -71
[  559.422111][   T30] audit: type=1804 audit(1754546821.935:140): pid=10333 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.1252" name="file0" dev="ramfs" ino=22252 res=1 errno=0
[  559.462847][T10337] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1251'.
[  559.529391][  T977] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  559.653082][T10338] netlink: 1284 bytes leftover after parsing attributes in process `syz.4.1253'.
[  559.738108][T10338] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1253'.
[  559.750773][ T5848] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  559.999377][  T977] usb 1-1: device descriptor read/64, error -71
[  560.112047][  T977] usb usb1-port1: attempt power cycle
[  560.322832][ T5848] usb 2-1: Using ep0 maxpacket: 16
[  560.939450][  T977] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  560.984102][ T5848] usb 2-1: New USB device found, idVendor=10b9, idProduct=8000, bcdDevice=c0.fa
[  561.009128][ T5848] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  561.009441][  T977] usb 1-1: device descriptor read/8, error -71
[  561.017172][ T5848] usb 2-1: Product: syz
[  561.017192][ T5848] usb 2-1: Manufacturer: syz
[  561.017209][ T5848] usb 2-1: SerialNumber: syz
[  561.059057][ T5848] usb 2-1: config 0 descriptor??
[  562.110806][  T977] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  562.308633][   T30] audit: type=1326 audit(1754546824.855:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10358 comm="syz.2.1259" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f85b238ebe9 code=0x0
[  562.533285][ T5848] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  562.539425][  T977] usb 1-1: device not accepting address 26, error -71
[  562.559115][  T977] usb usb1-port1: unable to enumerate USB device
[  562.796672][T10367] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1261'.
[  562.863255][T10367] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1261'.
[  563.719116][T10370] netlink: 260 bytes leftover after parsing attributes in process `syz.1.1262'.
[  564.148328][ T5848] dvb_usb_af9015 2-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  564.166120][ T5848] usb 2-1: USB disconnect, device number 23
[  565.193102][T10382] Invalid source name
[  565.197168][T10382] UBIFS error (pid: 10382): cannot open "./file0", error -22
[  566.001099][T10387] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  566.963307][T10378] delete_channel: no stack
[  568.295303][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  568.302297][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  569.555841][   T30] audit: type=1804 audit(1754546832.105:142): pid=10424 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.1276" name="/newroot/273/file0" dev="tmpfs" ino=1459 res=1 errno=0
[  569.597395][T10430] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1277'.
[  569.810634][   T30] audit: type=1804 audit(1754546832.135:143): pid=10424 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.1276" name="/newroot/273/file0" dev="tmpfs" ino=1459 res=1 errno=0
[  571.869014][   T10] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  572.201028][   T10] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  572.228982][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  572.484218][   T10] usb 2-1: config 0 descriptor??
[  572.502071][   T10] gspca_main: cpia1-2.14.0 probing 0813:0001
[  573.320701][   T10] cpia1 2-1:0.0: unexpected state after lo power cmd: 00
[  574.373694][   T10] gspca_cpia1: usb_control_msg 01, error -110
[  574.440420][   T10] cpia1 2-1:0.0: only firmware version 1 is supported (got: 0)
[  574.893729][   T10] usb 2-1: USB disconnect, device number 24
[  575.359370][   T10] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  575.991456][   T10] usb 2-1: config 2 interface 0 altsetting 178 endpoint 0xA has invalid maxpacket 57464, setting to 64
[  576.023667][   T10] usb 2-1: config 2 interface 0 has no altsetting 0
[  576.066638][T10490] netlink: 232 bytes leftover after parsing attributes in process `syz.0.1291'.
[  576.074403][   T10] usb 2-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=da.47
[  576.083124][T10493] Invalid option length (1713) for dns_resolver key
[  576.093261][T10493] IPVS: set_ctl: invalid protocol: 29 0.0.0.0:20000
[  576.143388][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  576.327784][   T10] usb 2-1: Product: syz
[  576.368784][   T10] usb 2-1: Manufacturer: syz
[  577.043442][   T10] usb 2-1: SerialNumber: syz
[  577.659843][   T10] ims_pcu 2-1:2.0: probe with driver ims_pcu failed with error -22
[  577.943770][   T10] usb 2-1: USB disconnect, device number 25
[  580.599241][T10544] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1307'.
[  580.723559][T10553] binder: BINDER_SET_CONTEXT_MGR already set
[  580.732523][T10553] binder: 10543:10553 ioctl 4018620d 200000000040 returned -16
[  580.841375][T10553] binder: 10543:10553 ioctl c0306201 200000000700 returned -22
[  581.789740][T10559] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.1308'.
[  581.860306][T10559] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1308'.
[  584.327297][T10582] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1314'.
[  584.337718][T10582] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1314'.
[  586.330682][T10612] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.1325'.
[  586.395121][T10612] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1325'.
[  587.949293][T10621] bridge0: entered promiscuous mode
[  587.971566][T10621] vlan0: entered promiscuous mode
[  588.531665][T10637] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[  588.909228][T10637] netdevsim netdevsim0: Falling back to sysfs fallback for: ./file0
[  589.329744][T10644] netlink: 'syz.1.1336': attribute type 4 has an invalid length.
[  589.376861][T10644] netlink: 'syz.1.1336': attribute type 4 has an invalid length.
[  589.479145][   T10] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  589.749117][   T10] usb 5-1: device descriptor read/64, error -71
[  590.949508][   T10] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  591.096272][   T10] usb 5-1: device descriptor read/64, error -71
[  591.262599][   T10] usb usb5-port1: attempt power cycle
[  591.562920][T10665] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1341'.
[  591.789540][   T10] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  592.910530][   T10] usb 5-1: device descriptor read/8, error -71
[  594.092427][T10699] netlink: 'syz.0.1347': attribute type 4 has an invalid length.
[  594.262985][T10704] netlink: 'syz.0.1347': attribute type 4 has an invalid length.
[  594.359274][ T5904] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  594.858971][ T5904] usb 4-1: Using ep0 maxpacket: 32
[  594.901009][ T5904] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  594.932235][ T5904] usb 4-1: config 0 has no interface number 0
[  594.946816][ T5904] usb 4-1: config 0 interface 2 has no altsetting 0
[  595.055623][ T5904] usb 4-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  595.162673][ T5904] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  595.199124][ T5904] usb 4-1: Product: syz
[  595.221707][ T5904] usb 4-1: Manufacturer: syz
[  595.248969][ T5904] usb 4-1: SerialNumber: syz
[  595.318147][ T5904] usb 4-1: config 0 descriptor??
[  595.578102][T10707] vlan2: entered promiscuous mode
[  596.225081][ T5904] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  596.361789][ T5904] snd-usb-audio 4-1:0.2: probe with driver snd-usb-audio failed with error -2
[  596.402475][ T5904] usb 4-1: USB disconnect, device number 17
[  596.477072][T10517] udevd[10517]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  598.321754][   T30] audit: type=1326 audit(1754546860.185:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10759 comm="syz.3.1365" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa52b58ebe9 code=0x0
[  599.394265][T10774] netlink: 'syz.2.1369': attribute type 4 has an invalid length.
[  599.422884][T10774] netlink: 'syz.2.1369': attribute type 4 has an invalid length.
[  599.480128][T10775] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1370'.
[  599.499028][T10775] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1370'.
[  600.479916][  T977] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  600.533960][T10787] netlink: 'syz.4.1373': attribute type 4 has an invalid length.
[  600.546936][T10787] netlink: 'syz.4.1373': attribute type 4 has an invalid length.
[  600.739693][  T977] usb 1-1: Using ep0 maxpacket: 16
[  601.050583][  T977] usb 1-1: config 0 has an invalid interface number: 68 but max is 0
[  601.069083][  T977] usb 1-1: config 0 has no interface number 0
[  601.092731][  T977] usb 1-1: config 0 interface 68 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1023
[  601.127446][  T977] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4
[  601.137216][  T977] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  601.172003][  T977] usb 1-1: Product: syz
[  601.176256][  T977] usb 1-1: Manufacturer: syz
[  601.212887][  T977] usb 1-1: SerialNumber: syz
[  601.244211][  T977] usb 1-1: config 0 descriptor??
[  601.250774][T10771] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  601.283394][  T977] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  601.472879][T10771] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  601.497058][T10807] lo speed is unknown, defaulting to 1000
[  601.515144][T10771] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  601.535614][  T977] usb 1-1: USB disconnect, device number 27
[  601.562061][ T1152] usb 1-1: Failed to submit usb control message: -71
[  601.575061][ T1152] usb 1-1: unable to send the bmi data to the device: -71
[  601.607832][ T1152] usb 1-1: unable to get target info from device
[  601.640528][ T1152] usb 1-1: could not get target info (-71)
[  601.668002][ T1152] usb 1-1: could not probe fw (-71)
[  602.803977][T10820] netlink: 'syz.0.1382': attribute type 4 has an invalid length.
[  602.946880][T10823] netlink: 'syz.0.1382': attribute type 4 has an invalid length.
[  603.869747][ T5904] usb 2-1: new full-speed USB device number 26 using dummy_hcd
[  604.051291][ T5904] usb 2-1: not running at top speed; connect to a high speed hub
[  604.119624][ T5904] usb 2-1: config 95 has an invalid interface number: 1 but max is 0
[  604.148035][ T5904] usb 2-1: config 95 has no interface number 0
[  604.168902][ T5904] usb 2-1: config 95 interface 1 has no altsetting 0
[  604.192402][ T5904] usb 2-1: string descriptor 0 read error: -22
[  604.198764][ T5904] usb 2-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[  604.216514][ T5904] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  604.354697][T10838] netlink: 260 bytes leftover after parsing attributes in process `syz.3.1386'.
[  604.364935][T10838] netlink: 260 bytes leftover after parsing attributes in process `syz.3.1386'.
[  604.495975][   T30] audit: type=1800 audit(1754546867.025:145): pid=10826 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1383" name="file1" dev="tmpfs" ino=1321 res=0 errno=0
[  605.736112][ T5904] usb 2-1: USB disconnect, device number 26
[  606.778479][T10850] netlink: 'syz.3.1390': attribute type 4 has an invalid length.
[  606.793634][ T5848] lo speed is unknown, defaulting to 1000
[  606.809028][ T5848] syz0: Port: 1 Link DOWN
[  606.871872][T10850] netlink: 'syz.3.1390': attribute type 4 has an invalid length.
[  606.883692][ T5848] lo speed is unknown, defaulting to 1000
[  606.895725][ T5848] syz0: Port: 1 Link ACTIVE
[  608.253374][T10869] netlink: 'syz.2.1395': attribute type 4 has an invalid length.
[  608.294742][T10869] netlink: 'syz.2.1395': attribute type 4 has an invalid length.
[  609.502264][T10875] delete_channel: no stack
[  609.642055][T10873] delete_channel: no stack
[  611.490183][ T5848] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  611.638950][ T5904] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  611.666401][ T5848] usb 4-1: Using ep0 maxpacket: 32
[  611.759735][ T5848] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  611.835857][ T5848] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  611.892213][ T5848] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[  611.955752][ T5904] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  612.020247][T10926] netlink: 'syz.2.1415': attribute type 10 has an invalid length.
[  612.028204][T10926] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1415'.
[  612.733626][ T5904] usb 5-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  612.805798][ T5848] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.831297][ T5904] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.841604][T10920] delete_channel: no stack
[  612.858294][ T5848] usb 4-1: config 0 descriptor??
[  612.886662][ T5904] gspca_main: stv0680-2.14.0 probing 041e:4007
[  612.940356][T10928] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1416'.
[  614.025470][ T5904] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -71
[  614.048942][ T5904] stv0680 5-1:4.0: STV(e): camera ping failed!!
[  614.060080][ T5904] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  614.079324][ T5904] stv0680 5-1:4.0: last error: 0,  command = 0x0
[  614.087979][ T5904] usb 5-1: USB disconnect, device number 22
[  614.112810][   T24] usb 4-1: USB disconnect, device number 18
[  614.971631][T10962] 9pnet_fd: Insufficient options for proto=fd
[  615.141148][T10966] vlan0: entered promiscuous mode
[  616.740256][T10981] netlink: 'syz.3.1432': attribute type 10 has an invalid length.
[  616.748223][T10981] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1432'.
[  617.359885][T10987] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1435'.
[  617.551677][   T10] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  618.611200][   T10] usb 2-1: Using ep0 maxpacket: 32
[  618.701519][   T10] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  618.750213][   T10] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  618.771882][   T10] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  618.812996][   T10] usb 2-1: Product: syz
[  618.817241][   T10] usb 2-1: Manufacturer: syz
[  618.933518][   T10] usb 2-1: SerialNumber: syz
[  618.942357][   T10] usb 2-1: config 0 descriptor??
[  618.952425][T10982] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  619.220466][T10977] Illegal XDP return value 4294967294 on prog  (id 207) dev N/A, expect packet loss!
[  619.289187][   T10] usb 2-1: USB disconnect, device number 27
[  619.439190][T11003] 9pnet_fd: Insufficient options for proto=fd
[  620.506948][T11027] 9pnet_fd: Insufficient options for proto=fd
[  622.369770][T11042] xt_nat: multiple ranges no longer supported
[  624.137306][T11062] netlink: 260 bytes leftover after parsing attributes in process `syz.3.1458'.
[  624.147490][T11062] netlink: 260 bytes leftover after parsing attributes in process `syz.3.1458'.
[  624.239990][ T5904] usb 1-1: new full-speed USB device number 28 using dummy_hcd
[  624.608944][ T5904] usb 1-1: config 252 has an invalid interface number: 107 but max is 0
[  624.641141][ T5904] usb 1-1: config 252 has no interface number 0
[  624.745183][ T5904] usb 1-1: config 252 interface 107 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  624.806317][ T5904] usb 1-1: config 252 interface 107 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  624.848124][ T5904] usb 1-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=d7.67
[  624.867713][ T5904] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  624.886683][ T5904] usb 1-1: Product: syz
[  624.896799][ T5904] usb 1-1: Manufacturer: syz
[  625.062002][ T5904] usb 1-1: SerialNumber: syz
[  625.478683][T11060] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1459'.
[  625.732905][T11060] nilfs2: Unknown parameter 'barrier@� g�

	$'
[  625.778406][   T24] usb 1-1: USB disconnect, device number 28
[  626.375161][   T30] audit: type=1800 audit(1754546888.925:146): pid=11080 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.1465" name="file1" dev="tmpfs" ino=1492 res=0 errno=0
[  627.010002][   T24] usb 5-1: new low-speed USB device number 23 using dummy_hcd
[  627.149193][   T24] usb 5-1: device descriptor read/64, error -71
[  627.429411][   T24] usb 5-1: new low-speed USB device number 24 using dummy_hcd
[  627.708111][   T24] usb 5-1: device descriptor read/64, error -71
[  627.963473][   T24] usb usb5-port1: attempt power cycle
[  628.011375][T11100] delete_channel: no stack
[  628.422726][T11107] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.1476'.
[  629.084609][   T24] usb 5-1: new low-speed USB device number 25 using dummy_hcd
[  629.319718][   T24] usb 5-1: device descriptor read/8, error -71
[  629.740830][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  629.747209][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  629.832115][   T24] usb 5-1: new low-speed USB device number 26 using dummy_hcd
[  629.927990][   T24] usb 5-1: device descriptor read/8, error -71
[  629.979313][   T30] audit: type=1800 audit(1754546892.525:147): pid=11123 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.1479" name="file1" dev="tmpfs" ino=1644 res=0 errno=0
[  630.241393][   T24] usb usb5-port1: unable to enumerate USB device
[  632.903560][T11163] FAULT_INJECTION: forcing a failure.
[  632.903560][T11163] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  632.981026][T11163] CPU: 0 UID: 0 PID: 11163 Comm: syz.3.1494 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  632.981057][T11163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  632.981071][T11163] Call Trace:
[  632.981080][T11163]  <TASK>
[  632.981090][T11163]  dump_stack_lvl+0x189/0x250
[  632.981121][T11163]  ? __pfx____ratelimit+0x10/0x10
[  632.981145][T11163]  ? __pfx_dump_stack_lvl+0x10/0x10
[  632.981170][T11163]  ? __pfx__printk+0x10/0x10
[  632.981213][T11163]  should_fail_ex+0x414/0x560
[  632.981242][T11163]  _copy_to_user+0x31/0xb0
[  632.981276][T11163]  video_usercopy+0xeb2/0x14f0
[  632.981321][T11163]  ? __pfx___video_do_ioctl+0x10/0x10
[  632.981353][T11163]  ? __pfx_video_usercopy+0x10/0x10
[  632.981382][T11163]  ? smack_file_ioctl+0x2a9/0x340
[  632.981421][T11163]  ? __fget_files+0x2a/0x420
[  632.981445][T11163]  ? __fget_files+0x3a0/0x420
[  632.981472][T11163]  v4l2_ioctl+0x18a/0x1e0
[  632.981517][T11163]  ? __pfx_v4l2_ioctl+0x10/0x10
[  632.981547][T11163]  __se_sys_ioctl+0xfc/0x170
[  632.981583][T11163]  do_syscall_64+0xfa/0x3b0
[  632.981606][T11163]  ? lockdep_hardirqs_on+0x9c/0x150
[  632.981630][T11163]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  632.981652][T11163]  ? clear_bhb_loop+0x60/0xb0
[  632.981678][T11163]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  632.981700][T11163] RIP: 0033:0x7fa52b58ebe9
[  632.981718][T11163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  632.981737][T11163] RSP: 002b:00007fa52c384038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  632.981761][T11163] RAX: ffffffffffffffda RBX: 00007fa52b7b6090 RCX: 00007fa52b58ebe9
[  632.981777][T11163] RDX: 0000200000000080 RSI: 00000000c008561c RDI: 0000000000000003
[  632.981792][T11163] RBP: 00007fa52c384090 R08: 0000000000000000 R09: 0000000000000000
[  632.981806][T11163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  632.981819][T11163] R13: 00007fa52b7b6128 R14: 00007fa52b7b6090 R15: 00007ffed2154ee8
[  632.981852][T11163]  </TASK>
[  633.188879][    C0] vkms_vblank_simulate: vblank timer overrun
[  634.340758][   T30] audit: type=1800 audit(1754546896.885:148): pid=11180 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1500" name="file1" dev="tmpfs" ino=1425 res=0 errno=0
[  634.639150][ T5848] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  634.857363][ T5848] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  634.910365][ T5848] usb 1-1: config 0 has no interfaces?
[  634.968398][ T5848] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  635.042009][ T5848] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  635.047560][T11189] netlink: 'syz.4.1504': attribute type 1 has an invalid length.
[  635.094499][ T5848] usb 1-1: Product: syz
[  635.119374][ T5848] usb 1-1: Manufacturer: syz
[  635.136877][T11189] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  635.204537][ T5848] usb 1-1: config 0 descriptor??
[  635.211194][T11190] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  635.675884][   T24] usb 1-1: USB disconnect, device number 29
[  635.682422][ T5848] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  636.143641][ T5848] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  636.499807][ T5848] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  636.531000][ T5848] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  636.544048][ T5848] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  636.581260][ T5848] usb 5-1: SerialNumber: syz
[  637.072593][ T5848] usb 5-1: 0:2 : does not exist
[  637.078201][ T5848] usb 5-1: unit 5 not found!
[  637.527419][ T5848] usb 5-1: USB disconnect, device number 27
[  637.588609][T10517] udevd[10517]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  638.662891][T11229] netlink: 1284 bytes leftover after parsing attributes in process `syz.4.1517'.
[  638.708379][T11229] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1517'.
[  639.019125][T11242] xt_hashlimit: Unknown mode mask 1000000, kernel too old?
[  640.059108][T11256] xt_nat: multiple ranges no longer supported
[  640.407422][T11265] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  640.533611][T11269] netlink: 1284 bytes leftover after parsing attributes in process `syz.2.1529'.
[  640.583178][T11264] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1529'.
[  640.812310][T11276] netlink: 'syz.1.1531': attribute type 4 has an invalid length.
[  648.419891][T11318] netlink: 'syz.1.1542': attribute type 4 has an invalid length.
[  648.730136][T11321] netlink: 'syz.0.1544': attribute type 4 has an invalid length.
[  648.791897][T11323] netlink: 'syz.0.1544': attribute type 4 has an invalid length.
[  648.988977][T11327] netlink: 'syz.2.1545': attribute type 4 has an invalid length.
[  649.260596][T11331] overlayfs: failed to clone upperpath
[  649.683850][T11341] netlink: 260 bytes leftover after parsing attributes in process `syz.3.1550'.
[  650.992111][T11350] 9pnet_fd: Insufficient options for proto=fd
[  651.230954][T11356] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1553'.
[  653.287588][T11374] ip6erspan0: entered promiscuous mode
[  653.405401][T11374] tipc: Started in network mode
[  653.410655][T11374] tipc: Node identity 03000000000000004879ffffffffffff, cluster identity 4711
[  655.152102][T11383] xt_hashlimit: Unknown mode mask 40000000, kernel too old?
[  656.808671][   T30] audit: type=1326 audit(1754546919.355:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11411 comm="syz.2.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85b238ebe9 code=0x7ffc0000
[  656.942123][   T30] audit: type=1326 audit(1754546919.355:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11411 comm="syz.2.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85b238ebe9 code=0x7ffc0000
[  657.025562][   T30] audit: type=1326 audit(1754546919.355:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11411 comm="syz.2.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f85b238ebe9 code=0x7ffc0000
[  657.087115][   T30] audit: type=1326 audit(1754546919.355:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11411 comm="syz.2.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85b238ebe9 code=0x7ffc0000
[  657.150042][   T30] audit: type=1326 audit(1754546919.355:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11411 comm="syz.2.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85b238ebe9 code=0x7ffc0000
[  657.248542][   T30] audit: type=1326 audit(1754546919.355:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11411 comm="syz.2.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f85b238ebe9 code=0x7ffc0000
[  657.526250][   T30] audit: type=1326 audit(1754546919.355:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11411 comm="syz.2.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85b238ebe9 code=0x7ffc0000
[  657.832801][   T30] audit: type=1326 audit(1754546919.355:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11411 comm="syz.2.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85b238ebe9 code=0x7ffc0000
[  657.859586][   T30] audit: type=1326 audit(1754546919.355:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11411 comm="syz.2.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f85b238ebe9 code=0x7ffc0000
[  657.900169][   T30] audit: type=1326 audit(1754546919.355:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11411 comm="syz.2.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85b238ebe9 code=0x7ffc0000
[  659.512569][T11429] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[  660.539570][T11437] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1579'.
[  661.612544][T11456] netlink: 'syz.3.1582': attribute type 10 has an invalid length.
[  661.620708][T11456] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1582'.
[  662.271780][   T30] kauditd_printk_skb: 34 callbacks suppressed
[  662.271802][   T30] audit: type=1326 audit(1754546924.444:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11445 comm="syz.1.1584" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f253638ebe9 code=0x0
[  662.841090][T11479] netlink: 'syz.2.1592': attribute type 1 has an invalid length.
[  662.952640][T11479] netlink: 'syz.2.1592': attribute type 2 has an invalid length.
[  662.996515][T11482] netlink: 'syz.2.1592': attribute type 1 has an invalid length.
[  663.004344][T11482] netlink: 'syz.2.1592': attribute type 2 has an invalid length.
[  664.782162][T11502] Invalid source name
[  664.786257][T11502] UBIFS error (pid: 11502): cannot open "./file0", error -22
[  664.955814][   T24] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  665.983553][T11517] netlink: 260 bytes leftover after parsing attributes in process `syz.4.1603'.
[  665.994842][T11517] netlink: 260 bytes leftover after parsing attributes in process `syz.4.1603'.
[  666.448153][   T24] usb 4-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36
[  666.461455][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  666.477896][   T24] usb 4-1: config 0 descriptor??
[  666.587635][   T10] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  666.688561][   T30] audit: type=1800 audit(1754546929.416:194): pid=11525 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.1606" name="file1" dev="tmpfs" ino=1763 res=0 errno=0
[  666.769149][   T10] usb 2-1: Using ep0 maxpacket: 32
[  666.781514][   T10] usb 2-1: config index 0 descriptor too short (expected 548, got 36)
[  666.791032][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  666.832954][   T10] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  666.858206][   T10] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  666.872159][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  666.891302][   T10] usb 2-1: Product: syz
[  666.900779][   T10] usb 2-1: Manufacturer: syz
[  666.905466][   T10] usb 2-1: SerialNumber: syz
[  667.154884][   T10] usb 2-1: config 0 descriptor??
[  667.512167][T11534] Failed to get privilege flags for destination (handle=0x2:0x0)
[  667.547630][   T24] kaweth 4-1:0.0: Firmware present in device.
[  667.674336][   T10] usb 2-1: USB disconnect, device number 28
[  667.749979][   T24] kaweth 4-1:0.0: Error reading configuration (-32), no net device created
[  667.768551][   T24] kaweth 4-1:0.0: probe with driver kaweth failed with error -5
[  669.105769][   T10] usb 4-1: USB disconnect, device number 19
[  669.268302][T11557] netlink: 'syz.4.1615': attribute type 10 has an invalid length.
[  669.276789][T11557] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1615'.
[  669.976243][   T24] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  669.997079][T11561] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  670.318565][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  671.251596][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  671.261525][   T24] usb 2-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  671.270749][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  671.304339][   T24] usb 2-1: config 0 descriptor??
[  671.900731][T11577] blktrace: Concurrent blktraces are not allowed on sg0
[  672.329214][   T30] audit: type=1326 audit(1754546934.683:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11585 comm="syz.0.1627" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2a98d8ebe9 code=0x0
[  672.439688][   T24] hid-led 0003:27B8:01ED.0006: probe with driver hid-led failed with error -71
[  672.869120][   T24] usb 2-1: USB disconnect, device number 29
[  674.494694][T11611] xt_nat: multiple ranges no longer supported
[  675.404749][T11629] nfs4: Unknown parameter 'sched_switch'
[  675.420236][T11629] atomic_op ffff8880554b6198 conn xmit_atomic 0000000000000000
[  676.961445][T11656] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1650'.
[  676.971000][T11656] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1650'.
[  678.246211][   T30] audit: type=1800 audit(1754546940.230:196): pid=11671 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.1655" name="file1" dev="tmpfs" ino=1637 res=0 errno=0
[  679.234745][   T10] usb 5-1: new full-speed USB device number 28 using dummy_hcd
[  679.499412][   T10] usb 5-1: New USB device found, idVendor=2304, idProduct=020f, bcdDevice=3b.de
[  679.558899][   T10] usb 5-1: New USB device strings: Mfr=1, Product=12, SerialNumber=3
[  679.593007][   T10] usb 5-1: Product: syz
[  679.597258][   T10] usb 5-1: Manufacturer: syz
[  679.624134][   T10] usb 5-1: SerialNumber: syz
[  679.668238][   T10] usb 5-1: config 0 descriptor??
[  679.802853][   T24] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  679.809088][T11692] netlink: 'syz.3.1662': attribute type 4 has an invalid length.
[  680.036119][   T24] usb 1-1: Using ep0 maxpacket: 16
[  680.044584][T11696] netlink: 'syz.3.1662': attribute type 4 has an invalid length.
[  680.047136][   T24] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[  680.058889][   T10] dvb-usb: found a 'Pinnacle 400e DVB-S USB2.0' in warm state.
[  680.065981][   T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  680.242451][   T24] usb 1-1: config 0 has no interface number 0
[  680.258302][ T5904] lo speed is unknown, defaulting to 1000
[  680.453655][T11694] netlink: 'syz.1.1661': attribute type 4 has an invalid length.
[  680.517845][   T10] dvb-usb: bulk message failed: -22 (4/0)
[  680.524186][   T10] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  680.541777][   T24] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  680.541973][   T10] dvb-usb: bulk message failed: -22 (5/0)
[  680.558884][T11700] netlink: 'syz.1.1661': attribute type 4 has an invalid length.
[  680.588640][   T10] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  680.600776][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  680.642725][   T10] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  680.657017][   T24] usb 1-1: Product: syz
[  680.683782][ T5848] lo speed is unknown, defaulting to 1000
[  680.692235][   T24] usb 1-1: Manufacturer: syz
[  680.709767][   T24] usb 1-1: SerialNumber: syz
[  680.736256][   T24] usb 1-1: config 0 descriptor??
[  680.834582][   T10] dvb-usb: Pinnacle 400e DVB-S USB2.0 error while loading driver (-19)
[  680.899082][   T10] usb 5-1: USB disconnect, device number 28
[  681.018659][   T24] usb 1-1: Found UVC 0.00 device syz (046d:08f3)
[  681.039992][T11707] netlink: 'syz.2.1664': attribute type 1 has an invalid length.
[  681.050031][T11707] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1664'.
[  681.066249][   T24] usb 1-1: No valid video chain found.
[  681.197953][   T30] audit: type=1800 audit(1754546942.989:197): pid=11716 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.1666" name="file1" dev="tmpfs" ino=1731 res=0 errno=0
[  681.251341][T11686] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  681.274873][T11686] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  681.301996][   T24] usb 1-1: USB disconnect, device number 30
[  682.348438][T11733] netlink: 'syz.0.1671': attribute type 4 has an invalid length.
[  682.452778][T11736] netlink: 'syz.0.1671': attribute type 4 has an invalid length.
[  682.509330][ T5954] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  682.652185][T11743] FAULT_INJECTION: forcing a failure.
[  682.652185][T11743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  682.665853][T11743] CPU: 0 UID: 0 PID: 11743 Comm: syz.4.1673 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  682.665884][T11743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  682.665899][T11743] Call Trace:
[  682.665907][T11743]  <TASK>
[  682.665917][T11743]  dump_stack_lvl+0x189/0x250
[  682.665948][T11743]  ? __pfx____ratelimit+0x10/0x10
[  682.665973][T11743]  ? __pfx_dump_stack_lvl+0x10/0x10
[  682.665997][T11743]  ? __pfx__printk+0x10/0x10
[  682.666032][T11743]  ? __might_fault+0xb0/0x130
[  682.666063][T11743]  should_fail_ex+0x414/0x560
[  682.666090][T11743]  _copy_from_user+0x2d/0xb0
[  682.666115][T11743]  ___sys_sendmsg+0x158/0x2a0
[  682.666145][T11743]  ? __pfx____sys_sendmsg+0x10/0x10
[  682.666202][T11743]  ? __fget_files+0x2a/0x420
[  682.666221][T11743]  ? __fget_files+0x3a0/0x420
[  682.666249][T11743]  __x64_sys_sendmsg+0x19b/0x260
[  682.666283][T11743]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  682.666318][T11743]  ? preempt_count_add+0xa7/0x1a0
[  682.666342][T11743]  ? do_syscall_64+0xbe/0x3b0
[  682.666364][T11743]  do_syscall_64+0xfa/0x3b0
[  682.666382][T11743]  ? lockdep_hardirqs_on+0x9c/0x150
[  682.666400][T11743]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  682.666417][T11743]  ? clear_bhb_loop+0x60/0xb0
[  682.666438][T11743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  682.666455][T11743] RIP: 0033:0x7faacdd8ebe9
[  682.666475][T11743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  682.666490][T11743] RSP: 002b:00007faacebaf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  682.666509][T11743] RAX: ffffffffffffffda RBX: 00007faacdfb6180 RCX: 00007faacdd8ebe9
[  682.666522][T11743] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000007
[  682.666533][T11743] RBP: 00007faacebaf090 R08: 0000000000000000 R09: 0000000000000000
[  682.666543][T11743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  682.666554][T11743] R13: 00007faacdfb6218 R14: 00007faacdfb6180 R15: 00007ffc3d0ba7e8
[  682.666581][T11743]  </TASK>
[  683.574788][ T5954] usb 4-1: Using ep0 maxpacket: 16
[  683.584759][ T5954] usb 4-1: New USB device found, idVendor=10b9, idProduct=8000, bcdDevice=c0.fa
[  683.608446][ T5954] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  683.622094][ T5954] usb 4-1: Product: syz
[  683.626341][ T5954] usb 4-1: Manufacturer: syz
[  683.840512][ T5954] usb 4-1: SerialNumber: syz
[  683.889587][ T5954] usb 4-1: config 0 descriptor??
[  684.536558][    C0] hrtimer: interrupt took 47128 ns
[  684.605793][   T30] audit: type=1800 audit(1754546946.179:198): pid=11763 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.1679" name="file1" dev="tmpfs" ino=2077 res=0 errno=0
[  685.534348][ T5954] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  685.597406][ T5954] dvb_usb_af9015 4-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  685.779613][ T5954] usb 4-1: USB disconnect, device number 20
[  685.791788][  T977] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  686.189934][  T977] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  686.506773][  T977] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  686.860128][  T977] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  686.967065][  T977] usb 2-1: SerialNumber: syz
[  687.003926][T11786] netlink: 'syz.3.1686': attribute type 4 has an invalid length.
[  687.156719][T11787] netlink: 'syz.3.1686': attribute type 4 has an invalid length.
[  687.317975][   T10] lo speed is unknown, defaulting to 1000
[  687.364526][   T10] lo speed is unknown, defaulting to 1000
[  688.204560][  T977] cdc_ether 2-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.1-1, CDC Ethernet Device, 42:42:42:42:42:42
[  688.476605][   T24] usb 2-1: USB disconnect, device number 30
[  688.506819][   T24] cdc_ether 2-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.1-1, CDC Ethernet Device
[  689.056418][T11830] nfs4: Unknown parameter 'sched_switch'
[  689.074238][T11830] atomic_op ffff88807a586198 conn xmit_atomic 0000000000000000
[  689.793246][T11836] netlink: 'syz.2.1699': attribute type 4 has an invalid length.
[  689.801748][T11836] netlink: 'syz.2.1699': attribute type 4 has an invalid length.
[  690.021560][  T977] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  690.202647][  T977] usb 5-1: device descriptor read/64, error -71
[  690.470349][  T977] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  692.123276][  T977] usb 5-1: device descriptor read/64, error -71
[  692.245570][  T977] usb usb5-port1: attempt power cycle
[  692.617744][  T977] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  692.659201][T11882] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1709'.
[  692.677157][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  692.775217][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  692.794474][  T977] usb 5-1: device descriptor read/8, error -71
[  693.152244][T11883] xt_nat: multiple ranges no longer supported
[  693.506520][  T977] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  693.686061][  T977] usb 5-1: device descriptor read/8, error -71
[  694.465505][  T977] usb usb5-port1: unable to enumerate USB device
[  694.907541][T11904] netlink: 'syz.0.1712': attribute type 4 has an invalid length.
[  694.982738][T11905] netlink: 'syz.0.1712': attribute type 4 has an invalid length.
[  695.375547][T11913] netlink: 'syz.1.1717': attribute type 4 has an invalid length.
[  695.397727][T11913] netlink: 'syz.1.1717': attribute type 4 has an invalid length.
[  696.979473][T11929] tipc: Failed to remove unknown binding: 66,1,1/0:2822399027/2822399029
[  697.018921][T11929] tipc: Failed to remove unknown binding: 66,1,1/0:2822399027/2822399029
[  697.267776][T11937] syzkaller1: entered promiscuous mode
[  697.284635][T11937] syzkaller1: entered allmulticast mode
[  697.531374][T11946] lo speed is unknown, defaulting to 1000
[  697.781524][T11958] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1728'.
[  697.793122][   T24] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  697.964109][   T24] usb 5-1: Using ep0 maxpacket: 32
[  697.982187][   T24] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  698.011279][   T24] usb 5-1: config 0 has no interface number 0
[  698.037416][   T24] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  698.053667][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  698.071418][   T24] usb 5-1: Product: syz
[  698.081870][   T24] usb 5-1: Manufacturer: syz
[  698.095597][T11963] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (254)
[  698.113696][   T24] usb 5-1: SerialNumber: syz
[  698.236578][   T24] usb 5-1: config 0 descriptor??
[  698.570592][   T24] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  698.682013][   T24] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  698.800029][   T24] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  699.400614][T11985] 9pnet_fd: Insufficient options for proto=fd
[  699.500520][T11985] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1736'.
[  699.549918][    C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  699.558154][ T5848] usb 5-1: USB disconnect, device number 33
[  699.578591][ T5848] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  699.698089][ T5848] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  699.867731][ T5848] quatech2 5-1:0.51: device disconnected
[  700.787141][T11999] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1740'.
[  702.547141][T12021] UBIFS error (pid: 12021): cannot open "c�g�'", error -22
[  705.541130][T12048] syz_tun: entered allmulticast mode
[  705.806015][T12048] dvmrp1: entered allmulticast mode
[  706.273396][T12047] syz_tun: left allmulticast mode
[  706.624626][T12062] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1761'.
[  706.655830][T12062] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1761'.
[  707.136624][   T24] usb 1-1: new full-speed USB device number 31 using dummy_hcd
[  708.485581][   T24] usb 1-1: New USB device found, idVendor=0a2c, idProduct=0008, bcdDevice=e8.cf
[  708.505159][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  708.513234][   T24] usb 1-1: Product: syz
[  708.564575][T12082] netlink: 260 bytes leftover after parsing attributes in process `syz.2.1767'.
[  708.574106][T12082] netlink: 260 bytes leftover after parsing attributes in process `syz.2.1767'.
[  708.591644][   T24] usb 1-1: Manufacturer: syz
[  708.609474][   T24] usb 1-1: SerialNumber: syz
[  708.628541][   T24] usb 1-1: config 0 descriptor??
[  708.638266][   T24] cypress_cy7c63 1-1:0.0: Cypress CY7C63xxx device now attached
[  708.949188][  T977] usb 1-1: USB disconnect, device number 31
[  708.956784][  T977] cypress_cy7c63 1-1:0.0: Cypress CY7C63xxx device now disconnected
[  709.879606][T12106] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1775'.
[  710.841358][T12115] 9pnet_fd: Insufficient options for proto=fd
[  710.853524][T12115] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1776'.
[  710.917897][T12115] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1776'.
[  713.099301][   T30] audit: type=1326 audit(1754546972.828:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12129 comm="syz.2.1781" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f85b238ebe9 code=0x0
[  713.398094][T12143] netlink: 'syz.1.1783': attribute type 10 has an invalid length.
[  713.406120][T12143] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1783'.
[  714.216081][ T5923] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  714.439529][ T5923] usb 4-1: Using ep0 maxpacket: 32
[  714.573794][ T5923] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  714.757890][ T5923] usb 4-1: config 0 has no interface number 0
[  714.818415][ T5923] usb 4-1: config 0 interface 2 has no altsetting 0
[  714.831409][ T5923] usb 4-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  714.875571][ T5923] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  714.951670][ T5923] usb 4-1: Product: syz
[  714.955914][ T5923] usb 4-1: Manufacturer: syz
[  714.983308][ T5923] usb 4-1: SerialNumber: syz
[  715.014562][T12158] 9pnet_fd: Insufficient options for proto=fd
[  715.041611][ T5923] usb 4-1: config 0 descriptor??
[  715.073421][T12158] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1790'.
[  715.975597][T12158] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1790'.
[  715.991264][ T5923] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  716.066598][ T5923] snd-usb-audio 4-1:0.2: probe with driver snd-usb-audio failed with error -2
[  716.088063][ T5923] usb 4-1: USB disconnect, device number 21
[  716.122330][T11898] udevd[11898]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  716.444667][T12168] tipc: Cannot configure node identity twice
[  718.044812][T12193] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1801'.
[  718.646604][   T30] audit: type=1326 audit(1754546978.020:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12198 comm="syz.4.1803" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faacdd8ebe9 code=0x0
[  718.827798][T12204] 9pnet_fd: Insufficient options for proto=fd
[  718.837517][T12204] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1804'.
[  718.893614][T12206] syzkaller1: entered promiscuous mode
[  718.918211][T12206] syzkaller1: entered allmulticast mode
[  719.750429][T12204] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1804'.
[  720.072388][  T977] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  720.877488][T12226] tty tty20: ldisc open failed (-12), clearing slot 19
[  721.509110][T12229] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1813'.
[  721.523295][T12230] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.1812'.
[  721.544164][T12230] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1812'.
[  721.553488][T12229] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1813'.
[  721.571844][  T977] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  721.584252][  T977] usb 2-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  721.672107][  T977] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  721.693350][  T977] usb 2-1: config 0 descriptor??
[  722.178692][  T977] lenovo 0003:17EF:6047.0007: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.1-1/input0
[  723.107030][T12255] netlink: 'syz.4.1822': attribute type 5 has an invalid length.
[  723.120125][T12255] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1822'.
[  723.285351][   T24] usb 2-1: USB disconnect, device number 31
[  723.602000][T12267] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1825'.
[  725.907120][T12277] trusted_key: encrypted_key: master key parameter '�/�g��z4��j!/���P%�0���,U��>k�ᴒ��H������{>�encrypted' is invalid
[  726.871698][   T24] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  727.996162][   T24] usb 4-1: Using ep0 maxpacket: 32
[  728.129157][   T24] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  728.129190][   T24] usb 4-1: config 0 has no interface number 0
[  728.129221][   T24] usb 4-1: config 0 interface 2 has no altsetting 0
[  728.131474][   T24] usb 4-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  728.131505][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  728.131529][   T24] usb 4-1: Product: syz
[  728.131546][   T24] usb 4-1: Manufacturer: syz
[  728.131564][   T24] usb 4-1: SerialNumber: syz
[  728.592382][   T24] usb 4-1: config 0 descriptor??
[  729.337587][   T24] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  729.445981][   T24] snd-usb-audio 4-1:0.2: probe with driver snd-usb-audio failed with error -2
[  729.516193][   T24] usb 4-1: USB disconnect, device number 22
[  730.672051][T11898] udevd[11898]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  731.099189][T12324] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  731.132958][T12324] macvtap1: entered allmulticast mode
[  731.146148][T12324] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  731.401098][T12324] netdevsim netdevsim2 netdevsim0: left allmulticast mode
[  731.412989][T12324] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  733.391481][T12355] netlink: 'syz.4.1850': attribute type 4 has an invalid length.
[  733.477784][T12356] netlink: 'syz.4.1850': attribute type 4 has an invalid length.
[  734.529952][   T30] audit: type=1326 audit(1754546992.210:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12359 comm="syz.0.1852" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2a98d8ebe9 code=0x0
[  736.398282][T12379] FAULT_INJECTION: forcing a failure.
[  736.398282][T12379] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  736.428119][T12380] overlayfs: conflicting lowerdir path
[  736.437266][T12379] CPU: 0 UID: 0 PID: 12379 Comm: syz.0.1857 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  736.437296][T12379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  736.437309][T12379] Call Trace:
[  736.437319][T12379]  <TASK>
[  736.437335][T12379]  dump_stack_lvl+0x189/0x250
[  736.437367][T12379]  ? __pfx____ratelimit+0x10/0x10
[  736.437392][T12379]  ? __pfx_dump_stack_lvl+0x10/0x10
[  736.437416][T12379]  ? __pfx__printk+0x10/0x10
[  736.437443][T12379]  ? __might_fault+0xb0/0x130
[  736.437476][T12379]  should_fail_ex+0x414/0x560
[  736.437504][T12379]  _copy_from_user+0x2d/0xb0
[  736.437534][T12379]  drm_ioctl+0x58a/0xb10
[  736.437556][T12379]  ? smk_tskacc+0x2fc/0x370
[  736.437596][T12379]  ? __pfx_drm_set_client_name+0x10/0x10
[  736.437625][T12379]  ? __pfx_drm_ioctl+0x10/0x10
[  736.437661][T12379]  ? __fget_files+0x2a/0x420
[  736.437691][T12379]  ? bpf_lsm_file_ioctl+0x9/0x20
[  736.437715][T12379]  ? __pfx_drm_ioctl+0x10/0x10
[  736.437738][T12379]  __se_sys_ioctl+0xfc/0x170
[  736.437772][T12379]  do_syscall_64+0xfa/0x3b0
[  736.437796][T12379]  ? lockdep_hardirqs_on+0x9c/0x150
[  736.437818][T12379]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  736.437840][T12379]  ? clear_bhb_loop+0x60/0xb0
[  736.437866][T12379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  736.437888][T12379] RIP: 0033:0x7f2a98d8ebe9
[  736.437907][T12379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  736.437926][T12379] RSP: 002b:00007f2a99bd3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  736.437949][T12379] RAX: ffffffffffffffda RBX: 00007f2a98fb5fa0 RCX: 00007f2a98d8ebe9
[  736.437965][T12379] RDX: 0000200000000040 RSI: 00000000c01064d1 RDI: 0000000000000003
[  736.437979][T12379] RBP: 00007f2a99bd3090 R08: 0000000000000000 R09: 0000000000000000
[  736.437992][T12379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  736.438005][T12379] R13: 00007f2a98fb6038 R14: 00007f2a98fb5fa0 R15: 00007ffdfb3469f8
[  736.438040][T12379]  </TASK>
[  736.639115][    C0] vkms_vblank_simulate: vblank timer overrun
[  736.721205][T12381] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[  736.840970][T12382] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.1855'.
[  736.853922][T12382] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1855'.
[  737.546201][   T30] audit: type=1800 audit(1754546995.699:202): pid=12390 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.1860" name="file1" dev="tmpfs" ino=1846 res=0 errno=0
[  738.409119][T12414] netlink: 'syz.0.1864': attribute type 10 has an invalid length.
[  738.417104][T12414] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1864'.
[  739.912828][T12419] netlink: 'syz.3.1865': attribute type 4 has an invalid length.
[  740.046227][T12421] netlink: 'syz.3.1865': attribute type 4 has an invalid length.
[  740.103761][ T5904] lo speed is unknown, defaulting to 1000
[  740.110088][  T977] lo speed is unknown, defaulting to 1000
[  740.454600][T12427] netlink: 260 bytes leftover after parsing attributes in process `syz.1.1867'.
[  741.535264][T12435] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1872'.
[  741.663763][T12440] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1873'.
[  742.726003][T12458] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  742.734922][T12458] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  742.908080][T12463] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.1876'.
[  742.955298][T12463] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1876'.
[  743.247586][  T977] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  743.824052][T12468] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1880'.
[  744.379192][   T30] audit: type=1326 audit(1754547002.088:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12473 comm="syz.3.1882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52b58ebe9 code=0x7ffc0000
[  744.423426][   T30] audit: type=1326 audit(1754547002.088:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12473 comm="syz.3.1882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52b58ebe9 code=0x7ffc0000
[  744.515837][   T30] audit: type=1326 audit(1754547002.106:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12473 comm="syz.3.1882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa52b58ebe9 code=0x7ffc0000
[  744.516237][T12480] netlink: 'syz.0.1883': attribute type 1 has an invalid length.
[  744.628889][   T30] audit: type=1326 audit(1754547002.106:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12473 comm="syz.3.1882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52b58ebe9 code=0x7ffc0000
[  744.728350][T12480] 8021q: adding VLAN 0 to HW filter on device bond1
[  744.738520][T12484] erspan0: entered allmulticast mode
[  744.790765][T12484] bond1: (slave erspan0): making interface the new active one
[  744.805208][T12484] bond1: (slave erspan0): Enslaving as an active interface with an up link
[  745.195186][ T5923] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  745.471703][ T5923] usb 4-1: config 0 has an invalid interface number: 9 but max is 0
[  745.488030][ T5923] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  745.530934][ T5923] usb 4-1: config 0 has no interface number 0
[  745.555312][ T5923] usb 4-1: config 0 interface 9 has no altsetting 0
[  745.581858][ T5923] usb 4-1: New USB device found, idVendor=44d9, idProduct=a055, bcdDevice= 0.00
[  745.808274][ T5923] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  745.830047][ T5923] usb 4-1: config 0 descriptor??
[  747.017707][T12488] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  747.248579][T12488] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  747.673232][ T5923] usb 4-1: string descriptor 0 read error: -71
[  747.680560][ T5923] hub 4-1:0.9: bad descriptor, ignoring hub
[  747.686643][ T5923] hub 4-1:0.9: probe with driver hub failed with error -5
[  747.765676][ T5923] usb 4-1: USB disconnect, device number 24
[  747.835518][T12507] netlink: 'syz.4.1890': attribute type 4 has an invalid length.
[  748.047946][T12513] netlink: 'syz.4.1890': attribute type 4 has an invalid length.
[  748.288471][T12518] FAULT_INJECTION: forcing a failure.
[  748.288471][T12518] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  748.301659][T12518] CPU: 1 UID: 0 PID: 12518 Comm: syz.3.1892 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  748.301689][T12518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  748.301699][T12518] Call Trace:
[  748.301706][T12518]  <TASK>
[  748.301713][T12518]  dump_stack_lvl+0x189/0x250
[  748.301735][T12518]  ? __pfx____ratelimit+0x10/0x10
[  748.301752][T12518]  ? __pfx_dump_stack_lvl+0x10/0x10
[  748.301769][T12518]  ? __pfx__printk+0x10/0x10
[  748.301799][T12518]  should_fail_ex+0x414/0x560
[  748.301819][T12518]  _copy_from_user+0x2d/0xb0
[  748.301842][T12518]  copy_from_sockptr+0x48/0x70
[  748.301865][T12518]  ip6_mroute_setsockopt+0x71a/0xf00
[  748.301894][T12518]  ? __pfx_ip6_mroute_setsockopt+0x10/0x10
[  748.301940][T12518]  do_ipv6_setsockopt+0x445/0x2fb0
[  748.301972][T12518]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  748.302003][T12518]  ? get_pid_task+0x20/0x1f0
[  748.302034][T12518]  ? rcu_read_lock_any_held+0xb3/0x120
[  748.302061][T12518]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  748.302090][T12518]  ? vfs_write+0x8d8/0xa90
[  748.302125][T12518]  ? __lock_acquire+0xab9/0xd20
[  748.302156][T12518]  ipv6_setsockopt+0x59/0x170
[  748.302173][T12518]  rawv6_setsockopt+0x23b/0x5b0
[  748.302191][T12518]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  748.302208][T12518]  ? sock_common_setsockopt+0x36/0xc0
[  748.302228][T12518]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  748.302250][T12518]  do_sock_setsockopt+0x179/0x1b0
[  748.302277][T12518]  __x64_sys_setsockopt+0x13f/0x1b0
[  748.302305][T12518]  do_syscall_64+0xfa/0x3b0
[  748.302322][T12518]  ? lockdep_hardirqs_on+0x9c/0x150
[  748.302338][T12518]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  748.302354][T12518]  ? clear_bhb_loop+0x60/0xb0
[  748.302372][T12518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  748.302387][T12518] RIP: 0033:0x7fa52b58ebe9
[  748.302408][T12518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  748.302422][T12518] RSP: 002b:00007fa52c384038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  748.302438][T12518] RAX: ffffffffffffffda RBX: 00007fa52b7b6090 RCX: 00007fa52b58ebe9
[  748.302449][T12518] RDX: 00000000000000d2 RSI: 0000000000000029 RDI: 0000000000000004
[  748.302458][T12518] RBP: 00007fa52c384090 R08: 000000000000005c R09: 0000000000000000
[  748.302468][T12518] R10: 0000200000000300 R11: 0000000000000246 R12: 0000000000000001
[  748.302478][T12518] R13: 00007fa52b7b6128 R14: 00007fa52b7b6090 R15: 00007ffed2154ee8
[  748.302501][T12518]  </TASK>
[  748.808719][ T5923] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  748.996758][T12519] netlink: 1284 bytes leftover after parsing attributes in process `syz.1.1893'.
[  749.053185][T12519] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1893'.
[  749.083026][ T5923] usb 4-1: Using ep0 maxpacket: 16
[  749.159873][ T5923] usb 4-1: New USB device found, idVendor=10b9, idProduct=8000, bcdDevice=c0.fa
[  749.431024][ T5923] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  749.439152][ T5923] usb 4-1: Product: syz
[  749.487014][ T5923] usb 4-1: Manufacturer: syz
[  749.503473][ T5923] usb 4-1: SerialNumber: syz
[  749.536637][ T5923] usb 4-1: config 0 descriptor??
[  750.123580][ T5904] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  750.415073][ T5904] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  750.459321][ T5904] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  750.494307][ T5904] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  750.578046][ T5904] usb 2-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00
[  750.624032][ T5904] usb 2-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[  750.671373][ T5904] usb 2-1: Product: syz
[  750.703247][ T5904] usb 2-1: config 0 descriptor??
[  751.302373][ T5923] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  751.351716][ T5904] waltop 0003:172F:0037.0008: unknown main item tag 0x0
[  751.366397][ T5923] dvb_usb_af9015 4-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  751.366570][ T5904] waltop 0003:172F:0037.0008: unknown main item tag 0x0
[  751.403725][ T5904] waltop 0003:172F:0037.0008: unknown main item tag 0x0
[  752.167691][T12555] team0: No ports can be present during mode change
[  752.226907][ T5923] usb 4-1: USB disconnect, device number 25
[  752.823080][ T5904] waltop 0003:172F:0037.0008: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  752.915092][ T5904] usb 2-1: USB disconnect, device number 32
[  753.338767][T12561] fido_id[12561]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  754.243144][T12572] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1906'.
[  754.528236][   T10] usb 1-1: new low-speed USB device number 32 using dummy_hcd
[  754.690514][   T10] usb 1-1: device descriptor read/64, error -71
[  754.845826][T12593] delete_channel: no stack
[  754.946930][T12600] overlayfs: missing 'lowerdir'
[  754.963008][T12600] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  754.966485][   T10] usb 1-1: new low-speed USB device number 33 using dummy_hcd
[  755.050981][   T30] audit: type=1800 audit(1754547012.068:207): pid=12600 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.1918" name="file1" dev="tmpfs" ino=1908 res=0 errno=0
[  755.308535][   T10] usb 1-1: device descriptor read/64, error -71
[  755.480958][   T10] usb usb1-port1: attempt power cycle
[  755.814672][T12612] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1924'.
[  755.827446][T12612] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1924'.
[  755.982493][   T10] usb 1-1: new low-speed USB device number 34 using dummy_hcd
[  756.015274][   T10] usb 1-1: device descriptor read/8, error -71
[  756.074704][T12616] lo speed is unknown, defaulting to 1000
[  757.257504][   T10] usb 1-1: new low-speed USB device number 35 using dummy_hcd
[  757.649118][   T10] usb 1-1: device descriptor read/8, error -71
[  757.677983][T12626] delete_channel: no stack
[  757.790934][   T10] usb usb1-port1: unable to enumerate USB device
[  758.378085][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  758.415697][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  759.561047][T12657] netlink: 'syz.1.1936': attribute type 4 has an invalid length.
[  759.616229][T12657] netlink: 'syz.1.1936': attribute type 4 has an invalid length.
[  759.704993][T12651] syzkaller1: entered promiscuous mode
[  759.710652][T12651] syzkaller1: entered allmulticast mode
[  762.151342][T12669] netlink: 'syz.3.1940': attribute type 4 has an invalid length.
[  762.386988][T12672] netlink: 'syz.3.1940': attribute type 4 has an invalid length.
[  762.388457][ T5923] lo speed is unknown, defaulting to 1000
[  762.661717][ T5904] lo speed is unknown, defaulting to 1000
[  763.315023][T12679] delete_channel: no stack
[  764.337572][T12697] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  769.302519][ T5923] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  769.690474][ T5923] usb 4-1: Using ep0 maxpacket: 8
[  769.846649][ T5923] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[  769.911339][ T5923] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  769.945032][T12738] netlink: 'syz.0.1959': attribute type 2 has an invalid length.
[  770.149191][ T5923] usb 4-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  770.158923][ T5923] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  770.166991][ T5923] usb 4-1: Product: syz
[  770.171266][ T5923] usb 4-1: Manufacturer: syz
[  770.175905][ T5923] usb 4-1: SerialNumber: syz
[  770.198917][ T5923] usb 4-1: config 0 descriptor??
[  771.575465][ T5923] streamzap 4-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0200
[  771.790695][ T5923] usb 4-1: USB disconnect, device number 26
[  772.773271][T12765] syzkaller1: entered promiscuous mode
[  772.779113][T12765] syzkaller1: entered allmulticast mode
[  773.975634][T12783] netlink: 'syz.3.1973': attribute type 4 has an invalid length.
[  774.250348][T12787] netlink: 'syz.3.1973': attribute type 4 has an invalid length.
[  774.444641][ T5954] lo speed is unknown, defaulting to 1000
[  774.450511][   T10] lo speed is unknown, defaulting to 1000
[  774.617489][T12793] netlink: 'syz.1.1975': attribute type 10 has an invalid length.
[  774.625460][T12793] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1975'.
[  776.042953][T12797] netlink: 'syz.0.1977': attribute type 4 has an invalid length.
[  776.112710][T12799] netlink: 'syz.0.1977': attribute type 4 has an invalid length.
[  778.384705][   T10] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  778.613991][   T10] usb 4-1: Using ep0 maxpacket: 32
[  778.632812][   T10] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  778.657686][   T10] usb 4-1: config 0 has no interface number 0
[  778.674821][   T10] usb 4-1: config 0 interface 2 has no altsetting 0
[  778.715478][   T10] usb 4-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  778.735195][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  778.766575][   T10] usb 4-1: Product: syz
[  778.795686][   T10] usb 4-1: Manufacturer: syz
[  778.852717][   T10] usb 4-1: SerialNumber: syz
[  778.886811][   T10] usb 4-1: config 0 descriptor??
[  779.150326][T12808] vlan2: entered promiscuous mode
[  779.318346][   T10] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  779.467963][   T10] snd-usb-audio 4-1:0.2: probe with driver snd-usb-audio failed with error -2
[  779.669553][T12849] netlink: 'syz.4.1994': attribute type 4 has an invalid length.
[  780.003021][   T10] usb 4-1: USB disconnect, device number 27
[  780.079845][T12844] udevd[12844]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  780.336909][T12854] syz.4.1996 (12854): /proc/12852/oom_adj is deprecated, please use /proc/12852/oom_score_adj instead.
[  781.482909][T12856] Invalid ELF header magic: != ELF
[  783.960639][T12885] netlink: 'syz.3.2006': attribute type 4 has an invalid length.
[  787.505197][T12911] 9pnet_fd: Insufficient options for proto=fd
[  787.665300][T12923] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2015'.
[  788.782524][T12936] netlink: 'syz.3.2020': attribute type 4 has an invalid length.
[  791.293525][ T5954] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  792.088003][T12967] delete_channel: no stack
[  792.170288][ T5954] usb 5-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  792.334045][ T5954] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  792.343887][ T5954] usb 5-1: Product: syz
[  792.348201][ T5954] usb 5-1: Manufacturer: syz
[  792.356613][ T5954] usb 5-1: SerialNumber: syz
[  792.374264][ T5954] usb 5-1: config 0 descriptor??
[  792.385592][ T5954] gspca_main: sunplus-2.14.0 probing 055f:c230
[  792.591409][T12978] netlink: 'syz.3.2035': attribute type 10 has an invalid length.
[  792.599500][T12978] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2035'.
[  793.222409][ T5954] gspca_sunplus: reg_r err -110
[  793.262796][ T5954] sunplus 5-1:0.0: probe with driver sunplus failed with error -110
[  793.307109][ T5954] usb 5-1: USB disconnect, device number 34
[  793.667723][T12983] netlink: 'syz.0.2034': attribute type 4 has an invalid length.
[  793.968874][   T30] audit: type=1804 audit(1754547048.334:208): pid=12989 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.2037" name="file0" dev="tmpfs" ino=2114 res=1 errno=0
[  794.018060][T12991] netlink: 'syz.0.2034': attribute type 4 has an invalid length.
[  794.702294][T12984] netlink: 'syz.1.2036': attribute type 4 has an invalid length.
[  795.760027][T13009] delete_channel: no stack
[  796.220965][T13016] bridge0: entered promiscuous mode
[  796.229895][T13016] macvlan2: entered promiscuous mode
[  796.318553][T13018] macvlan3: entered promiscuous mode
[  796.708175][T13024] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2048'.
[  797.238713][T13034] netlink: 'syz.4.2052': attribute type 4 has an invalid length.
[  797.949960][T13042] delete_channel: no stack
[  797.953422][ T5954] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  798.122445][ T5954] usb 1-1: Using ep0 maxpacket: 8
[  798.151735][ T5954] usb 1-1: unable to get BOS descriptor or descriptor too short
[  798.179670][ T5954] usb 1-1: unable to read config index 0 descriptor/start: -61
[  798.187408][ T5954] usb 1-1: can't read configurations, error -61
[  798.338284][ T5954] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  798.521169][ T5954] usb 1-1: Using ep0 maxpacket: 8
[  798.529442][ T5954] usb 1-1: unable to get BOS descriptor or descriptor too short
[  798.547965][ T5954] usb 1-1: unable to read config index 0 descriptor/start: -61
[  798.561468][ T5954] usb 1-1: can't read configurations, error -61
[  798.576775][ T5954] usb usb1-port1: attempt power cycle
[  798.969641][ T5954] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  799.003914][ T5954] usb 1-1: Using ep0 maxpacket: 8
[  799.021935][ T5954] usb 1-1: unable to get BOS descriptor or descriptor too short
[  799.064421][ T5954] usb 1-1: unable to read config index 0 descriptor/start: -61
[  799.081619][ T5954] usb 1-1: can't read configurations, error -61
[  799.241267][ T5954] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  799.312505][ T5954] usb 1-1: Using ep0 maxpacket: 8
[  799.335391][ T5954] usb 1-1: unable to get BOS descriptor or descriptor too short
[  799.373446][ T5954] usb 1-1: unable to read config index 0 descriptor/start: -61
[  799.417380][ T5954] usb 1-1: can't read configurations, error -61
[  799.477067][ T5954] usb usb1-port1: unable to enumerate USB device
[  800.717913][T13080] netlink: 'syz.2.2065': attribute type 4 has an invalid length.
[  801.224688][T13073] netlink: 'syz.0.2064': attribute type 29 has an invalid length.
[  801.319734][T13075] netlink: 'syz.0.2064': attribute type 29 has an invalid length.
[  910.643570][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  910.650064][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  916.661746][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  916.668740][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P13089/1:b..l
[  916.677174][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=54117, q=543 ncpus=2)
[  916.684914][    C0] task:syz.1.2068      state:R  running task     stack:23752 pid:13089 tgid:13086 ppid:5838   task_flags:0x400140 flags:0x00004006
[  916.699402][    C0] Call Trace:
[  916.702698][    C0]  <TASK>
[  916.705674][    C0]  __schedule+0x16aa/0x4c90
[  916.710213][    C0]  ? preempt_schedule_irq+0xb5/0x150
[  916.715517][    C0]  ? __pfx___schedule+0x10/0x10
[  916.720397][    C0]  ? do_syscall_64+0x2bd/0x3b0
[  916.725202][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  916.730515][    C0]  preempt_schedule_irq+0xb5/0x150
[  916.735640][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  916.741377][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  916.747212][    C0]  irqentry_exit+0x6f/0x90
[  916.751659][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  916.757653][    C0] RIP: 0010:lock_acquire+0xc9/0x360
[  916.762866][    C0] Code: fe 10 85 c0 0f 85 eb 00 00 00 65 48 8b 04 25 08 90 9c 92 83 b8 ec 0a 00 00 00 0f 85 d5 00 00 00 48 c7 44 24 30 00 00 00 00 9c <8f> 44 24 30 4c 89 74 24 10 4d 89 fe 4c 8b 7c 24 30 fa 48 c7 c7 59
[  916.782491][    C0] RSP: 0018:ffffc9001d0f7180 EFLAGS: 00000246
[  916.788566][    C0] RAX: ffff88807cc18000 RBX: 0000000000000000 RCX: c90b5be1d0f17700
[  916.796544][    C0] RDX: 0000000000000000 RSI: ffffffff8228aec5 RDI: 1ffffffff1c27e1c
[  916.804643][    C0] RBP: ffffffff8228aea9 R08: 0000000000000000 R09: 0000000000000000
[  916.812634][    C0] R10: dffffc0000000000 R11: fffff94000275ac9 R12: 0000000000000002
[  916.820631][    C0] R13: ffffffff8e13f0e0 R14: 0000000000000000 R15: 0000000000000000
[  916.828633][    C0]  ? percpu_ref_put+0x19/0x180
[  916.833418][    C0]  ? percpu_ref_put+0x35/0x180
[  916.838206][    C0]  ? percpu_ref_put+0x19/0x180
[  916.842979][    C0]  percpu_ref_put+0x35/0x180
[  916.847581][    C0]  ? percpu_ref_put+0x19/0x180
[  916.852352][    C0]  __mem_cgroup_uncharge_folios+0xf0/0x1c0
[  916.858173][    C0]  ? __pfx___mem_cgroup_uncharge_folios+0x10/0x10
[  916.864595][    C0]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  916.870510][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  916.876857][    C0]  ? __page_cache_release+0x94c/0xbe0
[  916.882268][    C0]  folios_put_refs+0x551/0x640
[  916.887077][    C0]  ? __pfx_folios_put_refs+0x10/0x10
[  916.892389][    C0]  ? folio_batch_remove_exceptionals+0x18c/0x1f0
[  916.898738][    C0]  shmem_undo_range+0x49e/0x14b0
[  916.903698][    C0]  ? arch_irq_work_raise+0x6d/0x80
[  916.908834][    C0]  ? __irq_work_queue_local+0x1d7/0x550
[  916.914414][    C0]  ? mas_next_slot+0xc27/0xcf0
[  916.919209][    C0]  ? __pfx_shmem_undo_range+0x10/0x10
[  916.924729][    C0]  ? __pfx_bpf_trace_run4+0x10/0x10
[  916.929968][    C0]  ? percpu_counter_add_batch+0xea/0x1e0
[  916.935633][    C0]  shmem_evict_inode+0x272/0xa70
[  916.940597][    C0]  ? inode_wait_for_writeback+0xf9/0x290
[  916.946247][    C0]  ? __pfx_shmem_evict_inode+0x10/0x10
[  916.951721][    C0]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  916.957840][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  916.963081][    C0]  ? __pfx_shmem_evict_inode+0x10/0x10
[  916.968584][    C0]  evict+0x501/0x9c0
[  916.972512][    C0]  ? __pfx_evict+0x10/0x10
[  916.976950][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  916.982171][    C0]  ? _raw_spin_unlock+0x28/0x50
[  916.987048][    C0]  ? iput+0x6d8/0x9d0
[  916.991109][    C0]  __dentry_kill+0x209/0x660
[  916.995821][    C0]  ? dput+0x37/0x2b0
[  916.999760][    C0]  dput+0x19f/0x2b0
[  917.003591][    C0]  __fput+0x68e/0xa70
[  917.007602][    C0]  task_work_run+0x1d1/0x260
[  917.012223][    C0]  ? __pfx_task_work_run+0x10/0x10
[  917.017348][    C0]  ? preempt_schedule_common+0x83/0xd0
[  917.022836][    C0]  ? userfaultfd_unmap_complete+0x278/0x2d0
[  917.028774][    C0]  get_signal+0x11c5/0x1310
[  917.033290][    C0]  ? preempt_schedule_thunk+0x16/0x30
[  917.038688][    C0]  ? up_write+0x1f2/0x420
[  917.043034][    C0]  arch_do_signal_or_restart+0x9a/0x750
[  917.048598][    C0]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  917.053733][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  917.059898][    C0]  ? hugetlbfs_get_inode+0x448/0x660
[  917.065280][    C0]  ? exit_to_user_mode_loop+0x40/0x110
[  917.070769][    C0]  exit_to_user_mode_loop+0x75/0x110
[  917.076075][    C0]  do_syscall_64+0x2bd/0x3b0
[  917.080683][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  917.085912][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  917.091998][    C0]  ? clear_bhb_loop+0x60/0xb0
[  917.096694][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  917.102597][    C0] RIP: 0033:0x7f253638ebe9
[  917.107017][    C0] RSP: 002b:00007f253721a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  917.115445][    C0] RAX: 0000200000000000 RBX: 00007f25365b5fa0 RCX: 00007f253638ebe9
[  917.123426][    C0] RDX: 0000000000000000 RSI: 0000000000ff5000 RDI: 0000200000000000
[  917.131405][    C0] RBP: 00007f2536411e19 R08: ffffffffffffffff R09: 0000000000000000
[  917.139398][    C0] R10: 000200000005c832 R11: 0000000000000246 R12: 0000000000000000
[  917.147389][    C0] R13: 00007f25365b6038 R14: 00007f25365b5fa0 R15: 00007fff2efae498
[  917.155484][    C0]  </TASK>
[  917.158521][    C0] rcu: rcu_preempt kthread starved for 605 jiffies! g54117 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  917.169556][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  917.179533][    C0] rcu: RCU grace-period kthread stack dump:
[  917.185464][    C0] task:rcu_preempt     state:R  running task     stack:27128 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  917.199000][    C0] Call Trace:
[  917.202288][    C0]  <TASK>
[  917.205256][    C0]  __schedule+0x16aa/0x4c90
[  917.209788][    C0]  ? schedule+0x165/0x360
[  917.214126][    C0]  ? __pfx___schedule+0x10/0x10
[  917.219023][    C0]  ? schedule+0x91/0x360
[  917.223291][    C0]  schedule+0x165/0x360
[  917.227466][    C0]  schedule_timeout+0x12b/0x270
[  917.232342][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  917.237739][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  917.243654][    C0]  ? __pfx_process_timeout+0x10/0x10
[  917.248957][    C0]  ? prepare_to_swait_event+0x341/0x380
[  917.254536][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[  917.259442][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  917.264652][    C0]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[  917.270812][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  917.276104][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  917.281407][    C0]  ? finish_swait+0xcd/0x1f0
[  917.286015][    C0]  rcu_gp_kthread+0x99/0x390
[  917.290616][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  917.295821][    C0]  ? __kthread_parkme+0x7b/0x200
[  917.300791][    C0]  ? __kthread_parkme+0x1a1/0x200
[  917.306163][    C0]  kthread+0x70e/0x8a0
[  917.310353][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  917.315564][    C0]  ? __pfx_kthread+0x10/0x10
[  917.320174][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  917.325392][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  917.330596][    C0]  ? __pfx_kthread+0x10/0x10
[  917.335233][    C0]  ret_from_fork+0x3fc/0x770
[  917.339857][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  917.344981][    C0]  ? __switch_to_asm+0x39/0x70
[  917.349756][    C0]  ? __switch_to_asm+0x33/0x70
[  917.354534][    C0]  ? __pfx_kthread+0x10/0x10
[  917.359143][    C0]  ret_from_fork_asm+0x1a/0x30
[  917.363946][    C0]  </TASK>
[  917.366982][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  917.373332][    C0] Sending NMI from CPU 0 to CPUs 1:
[  917.378563][    C1] NMI backtrace for cpu 1
[  917.378579][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  917.378599][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  917.378611][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  917.378634][    C1] Code: 53 de 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 ad 21 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  917.378652][    C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c2
[  917.378668][    C1] RAX: 18078dbc09e87300 RBX: ffffffff81976918 RCX: 18078dbc09e87300
[  917.378683][    C1] RDX: 0000000000000001 RSI: ffffffff8d982fba RDI: ffffffff8be1ba40
[  917.378695][    C1] RBP: ffffc90000197f20 R08: ffff8880b8732f5b R09: 1ffff110170e65eb
[  917.378710][    C1] R10: dffffc0000000000 R11: ffffed10170e65ec R12: ffffffff8fa0b3f0
[  917.378724][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff11003ad4b40
[  917.378737][    C1] FS:  0000000000000000(0000) GS:ffff888125d57000(0000) knlGS:0000000000000000
[  917.378752][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  917.378765][    C1] CR2: 000055a5b6615fb0 CR3: 0000000073d3e000 CR4: 00000000003526f0
[  917.378782][    C1] Call Trace:
[  917.378791][    C1]  <TASK>
[  917.378798][    C1]  default_idle+0x13/0x20
[  917.378820][    C1]  default_idle_call+0x74/0xb0
[  917.378844][    C1]  do_idle+0x1e8/0x510
[  917.378869][    C1]  ? __pfx_do_idle+0x10/0x10
[  917.378886][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  917.378915][    C1]  cpu_startup_entry+0x44/0x60
[  917.378942][    C1]  start_secondary+0x101/0x110
[  917.378969][    C1]  common_startup_64+0x13e/0x147
[  917.379002][    C1]  </TASK>
[  917.638502][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  917.644901][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
SYZFAIL: failed to send rpc
fd=3 want=376 sent=0 n=-1 (errno 32: Broken pipe)
[  918.262810][T13120] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  918.308695][T13120] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  918.319450][T13120] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  918.327746][T13120] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  918.340910][T13120] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  918.468628][ T5844] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  918.476116][ T5844] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  918.485500][ T5844] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  918.494136][ T5844] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  918.502301][ T5844] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  918.684180][T13119] lo speed is unknown, defaulting to 1000
[  919.767331][ T2963] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  919.829313][T13119] chnl_net:caif_netlink_parms(): no params data found
[  919.868711][ T2963] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  919.969890][ T2963] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  920.074459][ T2963] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  920.092461][T13119] bridge0: port 1(bridge_slave_0) entered blocking state
[  920.100467][T13119] bridge0: port 1(bridge_slave_0) entered disabled state
[  920.108061][T13119] bridge_slave_0: entered allmulticast mode
[  920.116479][T13119] bridge_slave_0: entered promiscuous mode
[  920.125343][T13119] bridge0: port 2(bridge_slave_1) entered blocking state
[  920.134432][T13119] bridge0: port 2(bridge_slave_1) entered disabled state
[  920.147126][T13119] bridge_slave_1: entered allmulticast mode
[  920.155236][T13119] bridge_slave_1: entered promiscuous mode
[  920.289104][T13119] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  920.302033][T13119] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  920.464710][T13119] team0: Port device team_slave_0 added
[  920.472100][ T2963] bridge_slave_1: left allmulticast mode
[  920.481064][ T2963] bridge_slave_1: left promiscuous mode
[  920.488563][ T2963] bridge0: port 2(bridge_slave_1) entered disabled state
[  920.503885][ T2963] bridge_slave_0: left allmulticast mode
[  920.509571][ T2963] bridge_slave_0: left promiscuous mode
[  920.516469][ T2963] bridge0: port 1(bridge_slave_0) entered disabled state
[  920.760260][ T2963] dvmrp1 (unregistering): left allmulticast mode
[  920.779085][T13120] Bluetooth: hci5: command tx timeout
[  920.964107][ T2963] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  920.980295][ T2963] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  920.990744][ T2963] bond0 (unregistering): Released all slaves
[  921.014785][T13119] team0: Port device team_slave_1 added
[  921.145524][T13119] batman_adv: batadv0: Adding interface: batadv_slave_0
[  921.157067][T13119] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  921.184890][T13119] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  921.198614][T13119] batman_adv: batadv0: Adding interface: batadv_slave_1
[  921.213843][T13119] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  921.241020][T13119] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  921.363748][T13119] hsr_slave_0: entered promiscuous mode
[  921.372382][T13119] hsr_slave_1: entered promiscuous mode
[  921.382500][T13119] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  921.391024][T13119] Cannot create hsr debugfs directory
[  921.508453][ T2963] hsr_slave_0: left promiscuous mode
[  921.514772][ T2963] hsr_slave_1: left promiscuous mode
[  921.524699][ T2963] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  921.535567][ T2963] batman_adv: batadv0: Removing interface: batadv_slave_0
[  921.544522][ T2963] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  921.552754][ T2963] batman_adv: batadv0: Removing interface: batadv_slave_1
[  921.588735][ T2963] veth1_macvtap: left promiscuous mode
[  921.600613][ T2963] veth0_macvtap: left promiscuous mode
[  921.607371][ T2963] veth1_vlan: left promiscuous mode
[  921.617523][ T2963] veth0_vlan: left promiscuous mode
[  922.194368][ T2963] team_slave_1 (unregistering): left promiscuous mode
[  922.208703][ T2963] team0 (unregistering): Port device team_slave_1 removed
[  922.251809][ T2963] team_slave_0 (unregistering): left promiscuous mode
[  922.262911][ T2963] team0 (unregistering): Port device team_slave_0 removed
[  922.990940][T13120] Bluetooth: hci5: command tx timeout
[  923.019663][T13119] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  923.049688][T13119] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  923.072881][T13119] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  923.107674][T13119] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  923.317153][ T9968] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  923.359900][T13119] 8021q: adding VLAN 0 to HW filter on device bond0
[  923.387213][T13119] 8021q: adding VLAN 0 to HW filter on device team0
[  923.430935][ T9968] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  923.459252][ T9972] bridge0: port 1(bridge_slave_0) entered blocking state
[  923.466525][ T9972] bridge0: port 1(bridge_slave_0) entered forwarding state
[  923.481357][ T9972] bridge0: port 2(bridge_slave_1) entered blocking state
[  923.489917][ T9972] bridge0: port 2(bridge_slave_1) entered forwarding state
[  923.543319][ T9968] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  923.609865][ T9968] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  923.906340][ T9968] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  924.013863][ T9968] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  924.120027][ T9968] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  924.165993][T13119] 8021q: adding VLAN 0 to HW filter on device batadv0
[  924.265723][ T9968] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  924.746565][T13119] veth0_vlan: entered promiscuous mode
[  924.794653][ T9968] bond0: (slave netdevsim0): Releasing backup interface
[  924.818557][T13119] veth1_vlan: entered promiscuous mode
[  924.887397][T13119] veth0_macvtap: entered promiscuous mode
[  924.961287][T13119] veth1_macvtap: entered promiscuous mode
[  925.081225][ T9968] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  925.117600][T13119] batman_adv: batadv0: Interface activated: batadv_slave_0
[  925.158092][ T9968] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  925.180176][T13119] batman_adv: batadv0: Interface activated: batadv_slave_1
[  925.198479][T13119] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  925.208438][T13119] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  925.214528][T13120] Bluetooth: hci5: command tx timeout
[  925.233404][T13119] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  925.242822][T13119] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  925.285197][ T9968] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  925.412573][ T9968] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  925.480038][ T5964] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  925.499711][ T5964] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  925.629941][ T5964] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  925.645415][ T5964] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  925.704487][ T9968] bridge0: port 2(bridge_slave_1) entered disabled state
[  925.725963][ T9968] bridge_slave_0: left allmulticast mode
[  925.732283][ T9968] bridge_slave_0: left promiscuous mode
[  925.742584][ T9968] bridge0: port 1(bridge_slave_0) entered disabled state
[  925.755742][ T9968] bridge_slave_1: left allmulticast mode
[  925.761852][ T9968] bridge_slave_1: left promiscuous mode
[  925.767610][ T9968] bridge0: port 2(bridge_slave_1) entered disabled state
[  925.779049][ T9968] bridge_slave_0: left allmulticast mode
[  925.785293][ T9968] bridge_slave_0: left promiscuous mode
[  925.791022][ T9968] bridge0: port 1(bridge_slave_0) entered disabled state
[  925.801763][ T9968] bridge_slave_1: left allmulticast mode
[  925.808302][ T9968] bridge_slave_1: left promiscuous mode
[  925.814253][ T9968] bridge0: port 2(bridge_slave_1) entered disabled state
[  925.823140][ T9968] bridge_slave_0: left allmulticast mode
[  925.829151][ T9968] bridge_slave_0: left promiscuous mode
[  925.837107][ T9968] bridge0: port 1(bridge_slave_0) entered disabled state
[  925.848171][ T9968] team0: left allmulticast mode
[  925.853181][ T9968] team_slave_0: left allmulticast mode
[  925.862103][ T9968] team_slave_1: left allmulticast mode
[  925.869626][ T9968] bridge0: port 3(team0) entered disabled state
[  925.881279][ T9968] bridge_slave_1: left allmulticast mode
[  925.886949][ T9968] bridge_slave_1: left promiscuous mode
[  925.892916][ T9968] bridge0: port 2(bridge_slave_1) entered disabled state
[  925.902875][ T9968] bridge_slave_0: left allmulticast mode
[  925.908552][ T9968] bridge_slave_0: left promiscuous mode
[  925.914422][ T9968] bridge0: port 1(bridge_slave_0) entered disabled state
[  926.395020][ T9968] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  926.406030][ T9968] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  926.422123][ T9968] bond0 (unregistering): Released all slaves