last executing test programs:

7.748647497s ago: executing program 0 (id=746):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000000)={@multicast2, @local, 0x1, 0x2, [@loopback, @empty]}, 0x18)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f0000001f40)={0x2, 0xc001001f, 0x0, 0x0, 0x0, 0x54})

6.914857047s ago: executing program 3 (id=749):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x2000000000000001, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x40844)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(0xffffffffffffffff, 0xc0984124, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000040)={0x6, 'bond_slave_1\x00', {0x1}, 0xff7f})
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, 0x0)
add_key$user(0x0, 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x10000052, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x2}, 0x0)
syz_usb_connect(0x4, 0x5f, &(0x7f0000000080)=ANY=[@ANYRES16=r0, @ANYRES16, @ANYRESDEC=r0, @ANYRESDEC=r0, @ANYRES16=r0], 0x0)
r2 = socket$netlink(0x10, 0x3, 0x15)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8040}, 0x0)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff0100a600010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
recvmmsg(r2, &(0x7f0000000740)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x40010000, 0x0)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r3, 0x0, 0xca, &(0x7f00000002c0)={0x1, 0x4, 0x0, 0x0, @vifc_lcl_ifindex, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
setsockopt$MRT_FLUSH(r3, 0x0, 0xd4, &(0x7f0000000000)=0xe, 0x4)
getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x2, &(0x7f0000000240)=""/254, &(0x7f0000000040)=0xfe)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1}, 0x4)
socket$inet(0x2, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000300), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)

6.874034771s ago: executing program 0 (id=750):
pipe(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
splice(r0, 0x0, r1, &(0x7f00000002c0)=0x4, 0x6, 0x0)
ioctl$IOC_PR_REGISTER(r1, 0x401870c8, &(0x7f0000000180)={0x6186705b, 0xd22d, 0x1})
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0cc5605, &(0x7f0000000300)={0x6, @sliced={0x10, [0x400, 0x8b, 0x9, 0x7, 0x2, 0x800, 0xf, 0x800, 0x2, 0xff, 0x2, 0xb, 0x0, 0x8, 0xffff, 0x8000, 0x605c, 0x9, 0x9, 0xa0c7, 0x2, 0x8, 0x3, 0x40, 0x4c, 0x8, 0x40, 0xfff9, 0xb, 0x2, 0x3, 0x7, 0xc, 0x7, 0x5, 0x40, 0x9d4, 0xff, 0x79, 0xffff, 0x400, 0x4, 0x1, 0x0, 0x8, 0x200, 0x5, 0x8], 0x80000001}})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff}, './file0\x00'})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_encap(r3, 0x88, 0x64, &(0x7f0000000000)=0x2, 0x4)
openat$cgroup_freezer_state(r2, &(0x7f0000000040), 0x2, 0x0)
sendto$inet(r2, &(0x7f0000000080)="cfb843916788f6532d0b85db369f50b2526524dfe7e84f07c2e15c013244eda5ee01bc98f518e62a225fdf958dae826120ff4eb772180a2459ca80a2d36625556e6b654cfa3abe9ab8d7ec37df0e1723625ebc59a004dcec981297c29c364a14707d22759cc5774ea30539409bfce5a0063f207d894c95efb4d8a90449c9dfd7b43aa6577eb0905736d73325e47c8d6ca3715f131c708f897b6d7370d3911574926b8ae87b1e0a1ea804b669983e11cf2162a3d087114bcff1d1167a5b16f4ad95eb8cb429556edc88444822dea1bf49521bdcc7bb74ad", 0xd7, 0x20000000, &(0x7f00000001c0)={0x2, 0x4e21, @loopback}, 0x10)
remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x5, 0x8000)

6.658635198s ago: executing program 1 (id=751):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a14000000000a01040000000000000000010080032c000000030a01010000000000000000010000000900010073797a30000000000900030073797a3200000000a4000000060a010400000000000000000100000008000b40000000007c000480340001800b000100657874686472000024000280080001400000000c0800034000000000440001800c0001006269747769736500340002800800034000000004080001400000001408000240000000120c00058006000100886300000c000480080001006eee7e000900010073797a3000000000140000001100010000000000000000000700000a"], 0x10c}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000000c0)={0x0, 0xff, 0x6}, 0x8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000280)={0x3})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=ANY=[], 0x18}}, 0x20000000)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000500)="b8010000000f01c10f22a10f20e035800000000f22e066ba610066b80a0066ef66b832000f00d0b8010000000f01c166ba4300b0beee0f793c1e2e643e2e3e650f79288fc878c15b0e3f", 0x4a}], 0x1, 0x21, 0x0, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f0000000100))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

6.658371552s ago: executing program 2 (id=752):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000003c0)={0x0, 0x0, 0x80000, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r2, 0xc01864b0, &(0x7f00000000c0)={r1, 0x0, 0x4, 0x40, 0x4000})

6.25247973s ago: executing program 2 (id=753):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000001c0), 0x400400, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)=0xffff0018)
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x7c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0)
r2 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000580)=ANY=[@ANYBLOB="fd87a60ead5172e32910c54f1af023db9e998531b8e94c2623dea4dc806521ba085bee37804f66fdb89c40b2e1510d8c5c1e82ab80bff8e885fde01802b8d39e924340ed66cd6d7bc0252886a6a25ab5e578a4aaf9472f760f1ecaf8992e6c2205f8241e0fe9be08c80f2abafe585db08748b8bb51ae71f8cd248371f53226f61f07a9628bce02f4401c4dce9a525545d20a58e5a3dc"], 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
syz_usb_control_io$cdc_ecm(r2, &(0x7f0000000180)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r2, 0x82, 0xc38, &(0x7f0000000340)=ANY=[@ANYBLOB="7070114ecf1fdb27e3d52440b3f76294dec3347fa6a92ab70c1a785634182c3af26a2684144d4fb016cc7006b2947a11aed2c97c5c2cca69e38dd14513fbe5a8d8"])
r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000001440)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r3, r1, 0x0, 0x80000000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x33, &(0x7f0000000040)=0x29, 0x4)
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)
ioctl$EVIOCGKEYCODE_V2(r4, 0x80284504, &(0x7f0000000040)=""/185)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000140000001100"], 0x7c}}, 0x0)
r6 = syz_open_dev$usbmon(&(0x7f0000000100), 0x7fd, 0x400)
r7 = openat$cgroup_root(0xffffff9c, 0x0, 0x200002, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r7, &(0x7f0000000240)={0xa000001d})
mmap$usbmon(&(0x7f00009c1000/0x2000)=nil, 0x2000, 0x1000000, 0x8c012, r6, 0x4)
r8 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000004c0), 0x2000, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r8, 0x40085112, &(0x7f0000000500)=@echo=0x93)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r9, 0x84, 0x8, &(0x7f0000000640), &(0x7f0000000680)=0x4)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000480)={'wlan0\x00'})

6.163084847s ago: executing program 0 (id=754):
r0 = syz_open_dev$media(&(0x7f00000006c0), 0x9, 0x40b02)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x92, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0x2c95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x80000000, 0x20000006, 0x4d, 0x6, 0x5d, 0x8, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0xb, 0x3c5b, 0x1, 0x24, 0xd, 0x7, 0x100, 0x1, 0x4, 0x4, 0x7, 0x1, 0x8, 0x4c75, 0x80000000, 0xfffffffe, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x40017, 0x1, 0x7, 0x5, 0x3e, 0x3, 0x6, 0xffff, 0x0, 0x6, 0x4, 0x8008, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8, 0x5, 0xfffffff3, 0x129432e6, 0x40c8, 0xf9, 0xe, 0x2c0, 0x6c7, 0x8, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0xc6e8, 0x5, 0xea4, 0x0, 0xb94, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x200006, 0x3, 0xff, 0x5, 0x1000005, 0x5f2e, 0x2d, 0x4e2, 0x5, 0x4, 0xb, 0x2000004, 0x9, 0x80000001, 0x9, 0x6, 0x3, 0x8000, 0x1, 0xfe000000, 0x8, 0x2, 0x4, 0x4, 0x3, 0x8000, 0x9, 0x1, 0x3, 0x3, 0x81, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x3, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x8000, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x4000000, 0x1eb, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0xfffffffe, 0x3, 0x20000008, 0x4, 0x6d01, 0x2, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x8000004, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x4005, 0x4291, 0xac8, 0xca, 0x6, 0x3, 0x7ff, 0xbe, 0x4, 0x7, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x4, 0x2006, 0x80a2ed, 0x4, 0x3c484551], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x93a, 0x5, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x58, 0x9, 0x2, 0x101, 0x10000, 0x5, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x6, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0xffffffd9, 0xfffff000, 0x10010000, 0x0, 0x7e, 0x6, 0x9602, 0x7, 0xaf, 0x5, 0x6, 0x226, 0x2, 0x7, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0x80000000, 0x201, 0xffff3441, 0xfff]}, 0x45c)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ppoll(&(0x7f00000000c0)=[{}, {0xffffffffffffffff, 0x300}], 0x20000000000000dc, 0x0, 0x0, 0x0)

5.997730893s ago: executing program 1 (id=755):
r0 = syz_open_dev$media(&(0x7f00000006c0), 0x9, 0x40b02)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x92, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0x2c95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x80000000, 0x20000006, 0x4d, 0x6, 0x5d, 0x8, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0xb, 0x3c5b, 0x1, 0x24, 0xd, 0x7, 0x100, 0x1, 0x4, 0x4, 0x7, 0x1, 0x8, 0x4c75, 0x80000000, 0xfffffffe, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x40017, 0x1, 0x7, 0x5, 0x3e, 0x3, 0x6, 0xffff, 0x0, 0x6, 0x4, 0x8008, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8, 0x5, 0xfffffff3, 0x129432e6, 0x40c8, 0xf9, 0xe, 0x2c0, 0x6c7, 0x8, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0xc6e8, 0x5, 0xea4, 0x0, 0xb94, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x200006, 0x3, 0xff, 0x5, 0x1000005, 0x5f2e, 0x2d, 0x4e2, 0x5, 0x4, 0xb, 0x2000004, 0x9, 0x80000001, 0x9, 0x6, 0x3, 0x8000, 0x1, 0xfe000000, 0x8, 0x2, 0x4, 0x4, 0x3, 0x8000, 0x9, 0x1, 0x3, 0x3, 0x81, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x3, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x8000, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x4000000, 0x1eb, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0xfffffffe, 0x3, 0x20000008, 0x4, 0x6d01, 0x2, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x8000004, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x4005, 0x4291, 0xac8, 0xca, 0x6, 0x3, 0x7ff, 0xbe, 0x4, 0x7, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x4, 0x2006, 0x80a2ed, 0x4, 0x3c484551], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x93a, 0x5, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x58, 0x9, 0x2, 0x101, 0x10000, 0x5, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x6, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0xffffffd9, 0xfffff000, 0x10010000, 0x0, 0x7e, 0x6, 0x9602, 0x7, 0xaf, 0x5, 0x6, 0x226, 0x2, 0x7, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0x80000000, 0x201, 0xffff3441, 0xfff]}, 0x45c)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) (fail_nth: 6)

5.287460912s ago: executing program 0 (id=757):
r0 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
process_madvise(r5, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000000)=')', 0x1}, {&(0x7f0000000040)="4b142127", 0x4}], 0x3, 0x17, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000180), &(0x7f00000001c0)=0xc)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(r3, 0xd0009411, &(0x7f0000002100)={{0x0, 0x0, 0xffffffffffffffff, 0x6, 0x3, 0xffffffffffffffff, 0xad7, 0x7, 0x5c1, 0x8, 0x4, 0xfffffffffffffffb, 0x915, 0x33, 0x6cf}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r7, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000006c0)="0d18687da3e7f33aed145cf8ff2d1e5a18c0d5f9856f4824f41040f6987d0b531da10713ed151bc4867681f28e033aef683334d03864ed30590dd4ea64a20ecbbc1346c9f42510d91eec0632885b7da95ca85f4b1435c5c1e993a85257df5f19bdfc5e038a16e6a8aef907e347081fdb93cee93217e11f19cde423e6138bd1b79ee615527ccaf8049959ac6e32af46d777ccb8c26ca925f69590df13a81aee3213e80ba5cacf1f930b3cc49093d11594ef13325790b55efbdc2dd99ed1c3c609a49cc151870a", 0xc6}, {&(0x7f00000002c0)="9c811ff500139d7d28a5f0de630ec6041ed353d314e58721edf306c382ac611fe34479cb9e2585745ff3c61da74b06eb64f69a4e90d706178176dc533f123b66d04d51fb740c1efdf8db3b99ed18fb67c1f75ef7d55b3bb185f5f38665ea5e0918", 0x61}, {&(0x7f0000000380)="3f82090ccda4f8ce1b08afd200c6075794cdd2e0021e32a0f6267447162a2085457cf687e74d142e85e9c4ac6eefcdaa493bcb54152b1339a38d3898707b77a9333cfb7bdc7c523ab4aa869c6db252e8e93bc14cfccfdedf9bbaed10dbc3c315aaedb987b398dd67a155fc3644e2fda199e2cfaa69af7df7", 0x78}], 0x3}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000001800)="353a35d6094e4ee7d764b6993f65136c5d6b84d9b1324a0b25e094700c9a66f9181738098f32e3e48859c3878d53a9752474da0d6af299d849d48f2fa2c8c807d7a1521da940585790ff1e6f9da83e32b751d1af9cfac640c1361f5ae8b99c187dafe9ea854120f6eaab11e7fdeb3f2152ebdbc21520ca01f64bb821576deef4ed6696cdddc1768b5b4fbd68a687cb6ba52ecf5cc6f8f05062f26de19d6aaaeb6cbca00e46685f77d2b3e8dd9d0d099e799cd5a76c67ab283f790366f7f744508edc9e48fa101b89215bd330c4e706c1f09d781a5a50aef5e424a7a88b3241a338ca7411cda28aa167b5628b79e8a7d588efb69636181b9c54f6d296386c95f8a08e27d5792dcb20fa3b5b4f60c71f310b31bb1ab4a825c2dc10fac150a17d92bb51849d9eea53c78d427d8d1036dc906084046fcae09499c220ef50c2c7c475f392bc288eb5efb8032d1ade92e88e50a05a95dd5c6cbbdfb086fa53bca14d40c8c3f7149b39b16b7c7370978389366174db5fbc99dbe958f8c1690cd695dfbe6c384162a412c8d3cfd7cf223f9df4c67b92514111891f53d4e19826797302e1a87e7a627c52740bb3bd311771a68d349c0a68ef6f2a765f8220323add67b2b6695ca41adcda387a4264bcd94c8578a9ccca3b55ebcda45369b56068cfeec34abc2cbd94b9b12d057fa9d4328d57073f40e5ae64443e4a10ed400575bbd1168a170a0134b9ad28735dbd9603a9e417cce864f2141a92f57e1fdfcff4776f94a794d6db8d3e9e0ecc783956c7ab15a8d5639d3df1ac9da6057af913a563bd55b657f37cbf4cae2919aea6ff8a748eb4c036361b8866cc062bbad019f43d02b0c38bd6309f2baa53924466203ab8d00daaac4c9da846e645d64c10e47c32e9824e79ade4eeee7cbf71b1bb48f760800b04334745ab553dea12a85f0671eb07a4cc67ceaffa8269e0b052f25136cfb8a6b9327a2d165c42933642d3171ad00ebf0be485f5ed319021600a94072f251c8905a2451eba3ba7db2ec5fb8613463a796610629719166259ffa3261e06f09b5a69798b88848da9028ff7ed8a729c384374fce0f4f5cda3b61cc4d61da382c5708f26edb16e9b65d667ed61248dfbed35a6a886", 0x322}], 0x1}}], 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000500)=ANY=[@ANYRES64=0x0, @ANYRESDEC=r2, @ANYRES32=r1, @ANYRESDEC=0x0, @ANYRES8=r7, @ANYRESDEC=0x0])
read$FUSE(r1, 0x0, 0x0)
r8 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x7079, 0x400, 0x3, 0x288}, &(0x7f0000000340)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000000380)={{0x81, 0x8}, 0x100, './file0\x00'})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r8, 0x3516, 0x0, 0x0, 0x0, 0x0)

4.945862719s ago: executing program 1 (id=758):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0x20000000)

4.718715962s ago: executing program 1 (id=759):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
getsockopt$bt_hci(r1, 0x0, 0x3, &(0x7f0000000400)=""/110, &(0x7f00000001c0)=0x6e)
socket(0xf, 0xa, 0x2)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000800000000000000b07a1fe6d9dd6e5f36c3a4d042b7789158ef03db28c5446c8227394c0e574aaac57d6a20287989b3052f03385b7aa5fd586e196b19e1533f667e4c1e97be544320", @ANYRES32=0x1, @ANYBLOB="0500"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000100"/28], 0x50)
r3 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
writev(r3, &(0x7f00000014c0)=[{0x0}], 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1e000000ffffff7f02000000001a000000000000", @ANYRES32, @ANYBLOB="fc0200000000000000000000000000000000e735706f7337ee0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="040000000500000000000000fdffffffffffffff0000000000000000"], 0x50)
pipe2$watch_queue(0x0, 0x80)
write$sysctl(0xffffffffffffffff, &(0x7f0000000580)='1\x00', 0x2)
r4 = socket(0x10, 0x3, 0x0)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r5, 0x7a5, &(0x7f0000000200)={{@my=0x0}, 0x0, 0x1})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r5, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r5, 0x7a5, &(0x7f0000000240)={{@local, 0x1}, 0x1, 0x2, 0x8})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0x4}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_SPLIT_GSO={0x8}, @TCA_CAKE_FWMARK={0x8, 0x12, 0x10000}]}}]}, 0x44}}, 0x8850)
openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x281, 0x3)
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000140)='wg0\x00', 0x4)

3.806858613s ago: executing program 3 (id=761):
r0 = syz_open_dev$media(&(0x7f00000006c0), 0x9, 0x40b02)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, 0x0)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000100), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x1000)
ppoll(&(0x7f0000000040)=[{r1, 0x9620}], 0x1, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x100000f, 0x11, r1, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x4000)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x92, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0x2c95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x80000000, 0x20000006, 0x4d, 0x6, 0x5d, 0x8, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0xb, 0x3c5b, 0x1, 0x24, 0xd, 0x7, 0x100, 0x1, 0x4, 0x4, 0x7, 0x1, 0x8, 0x4c75, 0x80000000, 0xfffffffe, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x40017, 0x1, 0x7, 0x5, 0x403e, 0x3, 0x6, 0xffff, 0x0, 0x6, 0x4, 0x8008, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8, 0x5, 0xfffffff3, 0x129432e6, 0x40c8, 0xf9, 0xe, 0x2c0, 0x6c7, 0x8, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0xc6e8, 0x5, 0xea4, 0x0, 0xb94, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x200006, 0x3, 0xff, 0x5, 0x1000005, 0x5f2e, 0x2d, 0x4e2, 0x5, 0x4, 0xb, 0x2000004, 0x9, 0x80000001, 0x9, 0x6, 0x3, 0x8000, 0x1, 0xfe000000, 0x8, 0x2, 0x5, 0x4, 0x3, 0x8000, 0x9, 0x1, 0x3, 0x3, 0x81, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x3, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x8000, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x4000000, 0x1eb, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0xfffffffe, 0x3, 0x20000008, 0x4, 0x6d01, 0x2, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x8000004, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x4005, 0x4291, 0xac8, 0xca, 0x6, 0x3, 0x7ff, 0xbe, 0x4, 0x7, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x4, 0x2006, 0x80a2ed, 0x4, 0x3c484551], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x93a, 0x5, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x58, 0x9, 0x2, 0x101, 0x10000, 0x5, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x6, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0xffffffd9, 0xfffff000, 0x10010000, 0x0, 0x7e, 0x6, 0x9602, 0x7, 0xaf, 0x5, 0x6, 0x226, 0x2, 0x7, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0x80000000, 0x201, 0xffff3441, 0xfff]}, 0x45c)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000001c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00101}]})
pipe(0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000140)={0x10000001})
signalfd(0xffffffffffffffff, &(0x7f0000000300)={[0x100, 0x464f]}, 0x8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

3.135803583s ago: executing program 1 (id=763):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r3, &(0x7f00000020c0)={&(0x7f0000000640)={0x2, 0x4e20, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000280)=[@rdma_dest={0x18, 0x114, 0x1b, {0xe, 0x200}}], 0x18, 0x20000810}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000002780))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f00000000c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r2, 0x40082102, &(0x7f0000000140)=r4)

2.552077817s ago: executing program 3 (id=765):
r0 = syz_open_dev$I2C(&(0x7f0000000480), 0x0, 0x0)
ioctl$I2C_RDWR(r0, 0x707, 0x0)
r1 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000001040)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}], 0x1, 0xc8d1)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000200), 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x80, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_REPLY={0x1c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x133}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xcd}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x5ff}]}]}, 0x80}}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x2404c031}, 0x20000000)

2.518638198s ago: executing program 2 (id=766):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f0000000040)={0x0, 0x4, 0x2, 0x1, 0x3, 0x0, [{0x4, 0x2, 0x5, '\x00', 0x1088}, {0x5, 0x6, 0x4, '\x00', 0x1}, {0xfff, 0xe, 0x0, '\x00', 0x108}]}) (async)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@updpolicy={0xc0, 0x19, 0x1, 0xfffffffc, 0x0, {{@in=@dev={0xac, 0x14, 0x14, 0x2c}, @in6=@local, 0x4e22, 0x0, 0x4e24, 0x0, 0xa, 0x0, 0x60}, {0x0, 0x1000000000000401, 0xfffffffffffffffe, 0x40000000, 0x0, 0x1a, 0xfffffffffffffffe, 0xfffffffffffffffd}, {0x7a, 0x5, 0x0, 0x7fff}, 0x8, 0x0, 0x1, 0x0, 0x3, 0x2}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc0}}, 0x0)

2.374796459s ago: executing program 4 (id=767):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000001980)='pids.events\x00', 0x275a, 0x0)
preadv(r1, &(0x7f00000004c0)=[{&(0x7f0000001740)=""/12, 0xc}], 0x1, 0x4, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
lsm_list_modules(&(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f0000000100)=0x18, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@bridge_delneigh={0x28, 0x1c, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r4, 0x80, 0x4, 0x7}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}]}, 0x28}, 0x1, 0x0, 0x0, 0x40095}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000059010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a3100000d0058000000060a010400000000000000000100000008000b4000000000300004802c000180090001007866726d000000001c0002800800014000000000080002400000000505000300020000000900010073797a30"], 0xcc}}, 0x0)

2.3660701s ago: executing program 2 (id=768):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, 0x0, 0x0)
r3 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x7079, 0x400, 0x3, 0x288}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x3516, 0x41, 0x0, 0x0, 0x0)

2.282339305s ago: executing program 0 (id=769):
r0 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xe)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_ENABLE_PPS(r2, 0x3d13, 0x1)
read$FUSE(r1, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)=0x2)

2.166530168s ago: executing program 1 (id=770):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r2 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, 0x0, 0x0)
fchdir(r2)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
socket$inet6(0xa, 0x0, 0x1)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r5 = semget$private(0x0, 0x2, 0x52)
semctl$SEM_STAT_ANY(r5, 0x0, 0x14, 0x0)
r6 = fcntl$dupfd(r4, 0x0, r4)
write$sndseq(r6, 0x0, 0x0)
read$snapshot(r6, 0x0, 0xffffffbf)
ioctl$SG_GET_PACK_ID(r4, 0x227c, &(0x7f0000000980))
sendmsg$key(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x2, 0x6, 0x2, 0x0, 0x2, 0x0, 0x2}, 0x10}}, 0x0)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4e20, 0xffffffff, @empty, 0x5}, 0x1c)
syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @local}, 0x10)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x40)
r7 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_control_io$printer(r7, 0x0, 0x0)
syz_usb_control_io(r7, 0x0, 0x0)
syz_usb_control_io$printer(r7, 0x0, 0x0)
syz_usb_control_io$hid(r7, 0x0, 0x0)
r8 = syz_usb_connect(0x0, 0x5a3, &(0x7f0000000780)={{0x12, 0x1, 0x310, 0x29, 0x15, 0x23, 0x10, 0xeef, 0x2, 0x2cc9, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x591, 0x3, 0x9, 0xa, 0xa0, 0x93, [{{0x9, 0x4, 0x29, 0x9, 0x2, 0x3, 0x72, 0xc1, 0x9, [@cdc_ncm={{0x5}, {0x5, 0x24, 0x0, 0x7f}, {0xd, 0x24, 0xf, 0x1, 0x8000, 0x4, 0x38, 0x6}, {0x6, 0x24, 0x1a, 0x1, 0x1}, [@mbim={0xc, 0x24, 0x1b, 0x1, 0x4, 0xd7, 0x1, 0xee, 0x7}, @country_functional={0x10, 0x24, 0x7, 0x3a, 0x7, [0x98, 0x5, 0x4, 0x9, 0xfffb]}, @call_mgmt={0x5, 0x24, 0x1, 0x1, 0x9}, @acm={0x4, 0x24, 0x2, 0x7}, @mbim_extended={0x8, 0x24, 0x1c, 0x3, 0x8, 0x6}]}], [{{0x9, 0x5, 0x80, 0x10, 0x10, 0x40, 0x0, 0xf7, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x2, 0x2}, @generic={0xb3, 0x3, "9545dcf806b1cf4b241f21984ba33b41300df50ec8a1d61eead7c8b88d7f28aa87696a4f44a57521fe5856cf9070512ba4e09b316fa30be914eadfa48659965b9b0261ea925940fb6da3292a46c18e0c900ae61a435b03b589ec90fc33db73ed91172733c8185c19c439a4057493bb477355ae766a4304f77d10a5b32d64c68312afbaba9a91315b6baa1d66e21c945d272e42fe07e61d357f6ec405301b1644db3670d51440d7bd238fdc7d40a83cca6d"}]}}, {{0x9, 0x5, 0x1, 0x3, 0x400, 0x1, 0x4, 0x0, [@generic={0xa9, 0xb, "c231ffb8e4ded4bb3445cea659219409128289c002ef775f91d5aa09ef478bb2f3a38e2325b9577b36646ac138d723e6ef8bbd9cd2f62210a0a09a0a2b31fab2449cd2e38d0a7bbb6eaaabb078c2f6974a0db8ac4ed384d70ab4dfa383cd5533b6c733ce07eb2350fa81035ede21467799b634d1bbd8578ef29fd726f84ecb327ff79f0c537f436ce1b14676a9a5fa4c3062e86d5e4f463e2c556811206be80779b663b5b6c907"}, @generic={0xf7, 0x11, "6a0010df6ef09094cd24a0821200f8277318d4a03271e5542ff652a33c3c3f2ff87faa9225ee37905537c21935ffebe4fbe19d8a1dbc382ef54967f8df082980c8ba6186afb5ee6d83ad1bc7d18d4e60efe1e3cf3f0b3c38de95cd6863ae108f3de01f3d853bea462c604036727c732e2237d0769bbf82eac946912563bbf259777d86531ea8529c62ed5e18cdce99c3b7ddb152393bfe7d2fbc7ec0de234f1f08fbb3517e28591f58bb1eeafe28c14e5582b208c3db42953a94d2f5cf3395af9335c0c71400ebc7f52eec5d6a4f8131330906bb0b03f3fca516e31055698e94a82b86a86e57789f64052c5481b8d9b3f05af804bf"}]}}]}}, {{0x9, 0x4, 0x69, 0xff, 0x2, 0xe, 0x1, 0x0, 0x8, [@cdc_ncm={{0xa, 0x24, 0x6, 0x0, 0x1, "5d1f1161be"}, {0x5, 0x24, 0x0, 0x1}, {0xd, 0x24, 0xf, 0x1, 0x4, 0x9, 0x0, 0x32}, {0x6, 0x24, 0x1a, 0x6, 0x1}, [@mbim={0xc, 0x24, 0x1b, 0xfffb, 0x1ff, 0x26, 0x81, 0x7fff, 0xfd}, @call_mgmt={0x5, 0x24, 0x1, 0x2, 0x9}, @mbim_extended={0x8, 0x24, 0x1c, 0x6, 0x28, 0x101}, @dmm={0x7, 0x24, 0x14, 0x569}]}], [{{0x9, 0x5, 0xe, 0x8, 0x400, 0x0, 0x5, 0xa, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x7f, 0x4}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x0, 0x6}]}}, {{0x9, 0x5, 0x4, 0x1c, 0x8, 0x6, 0x2, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0xd, 0x3}]}}]}}, {{0x9, 0x4, 0xfc, 0x7f, 0xa, 0x8b, 0x52, 0x8f, 0x5b, [@cdc_ecm={{0x9, 0x24, 0x6, 0x0, 0x0, "8b1a8a8d"}, {0x5, 0x24, 0x0, 0x4}, {0xd, 0x24, 0xf, 0x1, 0x0, 0xb0, 0x60f, 0xa}, [@obex={0x5, 0x24, 0x15, 0x5}, @ncm={0x6, 0x24, 0x1a, 0x8000, 0x12}, @dmm={0x7, 0x24, 0x14, 0x400, 0x3}, @network_terminal={0x7, 0x24, 0xa, 0x2, 0x7, 0x5, 0xa9}, @ncm={0x6, 0x24, 0x1a, 0x2, 0x14}]}], [{{0x9, 0x5, 0x3, 0x3, 0x400, 0x3, 0xc2, 0x7d, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x2, 0x7fff}, @uac_iso={0x7, 0x25, 0x1, 0x83, 0x3, 0x1}]}}, {{0x9, 0x5, 0x3, 0x0, 0x3ff, 0x6a, 0x10, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x4, 0x4}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0xae, 0xe}]}}, {{0x9, 0x5, 0x9, 0x10, 0x200, 0x5, 0x2, 0x40, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x8, 0x8}, @uac_iso={0x7, 0x25, 0x1, 0x3, 0xc, 0x8}]}}, {{0x9, 0x5, 0x80, 0x3, 0x20, 0x6, 0xa0, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x0, 0xff42}]}}, {{0x9, 0x5, 0x5, 0x2, 0x8, 0x8, 0x9, 0x4, [@generic={0xc6, 0x23, "4efa5ad41a28f28ebe0bde31faf82c5b03262c5bdb50f6e6229282df18cd5cf585306564af190e491b3722068f07d23b617aad5c07f122b39861edd74d429dff14a164626ff397d1c1f3614fca44c38e2c931e591452b86bc2ea79b660d41ed82030e2fde6b2ee4f9d5186a637f9ccd98fa5ecca79f03dd0c259f4dc00231389d337505bf4de9dbd4f36b0dbd52fce6de5b68949ccb6d3d032293102040f5dde6b685b9c5a3d5e249ec1d626f8695de5e22d0ee4037352661a0888338618cf4eced03ef5"}, @generic={0x33, 0x30, "79c883303227ef7b1575660636fece5a523163ca9b2d03c1bc9ea03b93ebfe846e789f8b4c13da9ea1cd7af1410d017edd"}]}}, {{0x9, 0x5, 0x4, 0xc, 0x400, 0x9, 0x0, 0x10, [@uac_iso={0x7, 0x25, 0x1, 0xc1, 0x1, 0x14}]}}, {{0x9, 0x5, 0x7, 0x3, 0x3ff, 0x8, 0xb2, 0x80, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x1, 0xc}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x8, 0x6}]}}, {{0x9, 0x5, 0x3, 0x0, 0x10, 0x85, 0x9, 0x9, [@generic={0x1e, 0x1d, "2977a3e84ee9ca0bfe64bc74fbed7e0e1d3adeb379e1f91efc393b5d"}]}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0x2, 0xe6, 0xb, [@generic={0x4d, 0xc, "5bd9223874e5feacdb87998b22667123c338117c768174fb997096593cd0122d67af939f5273f48b81ce80ed7912f344629d04f9be267a12587928de4577178ee722ed0167a7698f54a27b"}]}}, {{0x9, 0x5, 0xe, 0x18, 0x40, 0xe, 0xa, 0x2, [@generic={0x10, 0x11, "a4182b1cb7131ec26d888ff1f302"}]}}]}}]}}]}}, &(0x7f00000004c0)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x250, 0xfa, 0x9, 0xd, 0x8e739acfbc7f7002, 0x2}, 0x5, &(0x7f0000000080)={0x5, 0xf, 0x5}, 0x6, [{0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0xf8ff}}, {0x50, &(0x7f0000000240)=@string={0x50, 0x3, "7e2179d95333d9d1edfd77ca44aeed770d5c10a2dc961527a4b3f00d5cbbd1061396c115cdc3412ee18e375edc932c265ae18e4ac4c04d914537716ba3585c301ae02c4a84e273575264f83f78e3"}}, {0xc9, &(0x7f00000002c0)=@string={0xc9, 0x3, "572472163ee564272e5f59edd9e0807261c5e52c9c250513e16d2303d5adca9ed17f4e3d0242a7223dad062c34eb8f8f515c2abefe98f169c86b11f5ff16922e57d518c248ba439a9fe3cd5c3600592fa6f2ff3044f00687fbccab9201435f2cf81c9abf348f8dcb6142b6937244a95cfd3557d4f0575608ce65e8bfcf2659db9f3a31c98b8181abf4746a487c8c40aaf8b37124655396b3d80c0f1857d886ca257a47cff7efe11f4b25c4e5a9247051079ec6c713c0953a203513f29a7dea3535979bc1bb68c2"}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x1441}}, {0x51, &(0x7f0000000400)=ANY=[@ANYBLOB="51ce2ba4a2895f582776da55d6b26699f8d67c9ad89025c423448bac6268b2c253cc669b3717d0e1a0ef8baa507a0000a09a92126d129b334b94ca27ce68f92d68ba292bad56"]}, {0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x425}}]})
syz_usb_control_io$cdc_ecm(r8, 0x0, 0x0)

2.152551479s ago: executing program 3 (id=771):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
r1 = syz_io_uring_setup(0x502f, &(0x7f00000000c0)={0x0, 0xce2, 0x1, 0x0, 0x119}, &(0x7f0000000040), &(0x7f00000001c0))
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x84c0, 0x0, 0xffffffff, 0x121, 0x0, r1}, &(0x7f0000000000)=<r3=>0x0, &(0x7f00000003c0)=<r4=>0x0)
openat$cuse(0xffffff9c, &(0x7f0000000200), 0x2, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x9048}})
write$binfmt_aout(r0, &(0x7f0000000380)=ANY=[], 0xff2e)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r5, &(0x7f00000001c0)={0x16, 0x98, 0xfa00, {0x0, 0x4, 0xffffffffffffffff, 0x1c, 0x2, @ib={0x1b, 0x800, 0x10000, {"2f6c538c089045e8275eb5ae0e174bf2"}, 0x5, 0x7fff, 0x8}}}, 0xa0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000240)={<r6=>0xffffffffffffffff}, 0x106, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000300)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000400)=[{0x2, 0x0, [0xfff, 0x9, 0x80, 0x100, 0xffffffff, 0x6, 0x5, 0x1, 0x400, 0x401, 0x8, 0xffffffff, 0x8000, 0x7, 0x3, 0x1]}, {0x10, 0x0, [0x8, 0x400, 0x7, 0xc7, 0x401, 0x42, 0x8, 0xcce, 0xc1, 0x4, 0x10000, 0xc55f, 0x132, 0x6, 0xf598, 0x6e9b6aea]}, {0x28, 0x0, [0x2, 0x22, 0x4, 0x1, 0xac, 0x4, 0x6, 0x1000000, 0x1, 0x0, 0x61eb, 0x1, 0x73c, 0x2, 0x0, 0x6]}, {0x21, 0x0, [0x2, 0x4, 0x3, 0xfffffff7, 0x8, 0x2, 0x3, 0x4, 0x0, 0xf, 0x10000, 0x9, 0xfff, 0x18c, 0x9, 0x200]}], r6, 0x1, 0x1, 0x120}}, 0x20)

2.143349009s ago: executing program 4 (id=772):
r0 = syz_open_dev$I2C(&(0x7f0000000480), 0x0, 0x0)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000080)={0x0})
r1 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000001040)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}], 0x1, 0xc8d1)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000200), 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x80, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_REPLY={0x1c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x133}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xcd}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x5ff}]}]}, 0x80}}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x2404c031}, 0x20000000)

2.047440045s ago: executing program 0 (id=773):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000280)={{0x12, 0x1, 0x141, 0xf2, 0xc5, 0x96, 0x20, 0x16d0, 0x10b8, 0xde8e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x0, 0x83, 0xec, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0x2, 0x0, 0xa}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000100)={0x84, &(0x7f0000000000)={0x0, 0x30, 0xc, "00004700000040f400bec073"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x1d, &(0x7f0000000180)=@raw=[@ldst={0x2, 0x0, 0x3, 0xc, 0x1, 0x30, 0x3d49bce784c3ddd2}, @ringbuf_query, @map_idx={0x18, 0x2, 0x5, 0x0, 0x9}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x573}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}}], &(0x7f0000000080)='GPL\x00', 0x4, 0xb, &(0x7f00000000c0)=""/11, 0x40f00, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000340)={0x3, 0x7, 0x800, 0x2}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000380)=[0x1, 0xffffffffffffffff, 0x1, 0x1], &(0x7f00000003c0)=[{0x1, 0x2, 0x2, 0x4}, {0x5, 0x4, 0x4, 0x7}], 0x10, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='vnet_tx_trigger\x00', r1, 0x0, 0x5}, 0x18)
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000004c0)={0x2c, &(0x7f00000002c0)={0x0, 0x10, 0x28, "cdb2b1903776e5028b4f72640b4477f04cc1a816e8cec0d308e30256daaa43462da41cbadecc891a"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_connect(0x0, 0x36, &(0x7f0000000280)={{0x12, 0x1, 0x141, 0xf2, 0xc5, 0x96, 0x20, 0x16d0, 0x10b8, 0xde8e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x0, 0x83, 0xec, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0x2, 0x0, 0xa}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0) (async)
syz_usb_control_io$uac1(r0, 0x0, 0x0) (async)
syz_usb_control_io(r0, 0x0, &(0x7f0000000100)={0x84, &(0x7f0000000000)={0x0, 0x30, 0xc, "00004700000040f400bec073"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x1d, &(0x7f0000000180)=@raw=[@ldst={0x2, 0x0, 0x3, 0xc, 0x1, 0x30, 0x3d49bce784c3ddd2}, @ringbuf_query, @map_idx={0x18, 0x2, 0x5, 0x0, 0x9}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x573}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}}], &(0x7f0000000080)='GPL\x00', 0x4, 0xb, &(0x7f00000000c0)=""/11, 0x40f00, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000340)={0x3, 0x7, 0x800, 0x2}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000380)=[0x1, 0xffffffffffffffff, 0x1, 0x1], &(0x7f00000003c0)=[{0x1, 0x2, 0x2, 0x4}, {0x5, 0x4, 0x4, 0x7}], 0x10, 0x5}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='vnet_tx_trigger\x00', r1, 0x0, 0x5}, 0x18) (async)
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000004c0)={0x2c, &(0x7f00000002c0)={0x0, 0x10, 0x28, "cdb2b1903776e5028b4f72640b4477f04cc1a816e8cec0d308e30256daaa43462da41cbadecc891a"}, 0x0, 0x0, 0x0, 0x0}) (async)

1.311611534s ago: executing program 4 (id=774):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$FBIOBLANK(r0, 0x4611, 0x3) (async, rerun: 32)
socket$netlink(0x10, 0x3, 0x5) (async, rerun: 32)
syz_usb_connect$hid(0x0, 0x0, 0x0, &(0x7f00000003c0)={0x0, 0x0, 0x23, &(0x7f0000000080)={0x5, 0xf, 0x23, 0x2, [@ss_container_id={0x14, 0x10, 0x4, 0x0, "735987d5bcc12ea6384d76ad34e20d99"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x1}]}}) (async, rerun: 32)
syz_usb_connect$uac1(0x6, 0xb0, &(0x7f00000000c0)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9e, 0x3, 0x1, 0x4, 0x28, 0x8, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x7, 0x7}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0xed, 0x4, 0x4, {0x7, 0x25, 0x1, 0x81, 0x18, 0x581}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x80, 0x3, 0x6, 0xff, "87ead2", '!'}, @format_type_i_discrete={0xb, 0x24, 0x2, 0x1, 0x94, 0x4, 0xa9, 0x2, '^Tt'}, @format_type_i_continuous={0x9, 0x24, 0x2, 0x1, 0x63, 0x2, 0x1, 0x4, "dd"}, @format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0xa2, 0x1, 0x8, 0xfa, "", "34fd"}, @format_type_i_discrete={0xe, 0x24, 0x2, 0x1, 0x3d, 0x2, 0x4, 0x3, "58d58798c42d"}, @as_header={0x7, 0x24, 0x1, 0x9, 0x1}]}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0x4, 0x5, 0xcd, {0x7, 0x25, 0x1, 0x80, 0x3, 0x4}}}}}}}]}}, &(0x7f0000000280)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x200, 0x6, 0x64, 0x40, 0x10, 0x3}, 0x5, &(0x7f0000000040)={0x5, 0xf, 0x5}, 0x4, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x410}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0xc1a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x44b}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x42f}}]}) (async, rerun: 32)
syz_usb_connect$cdc_ecm(0x6, 0x8e, &(0x7f00000002c0)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7c, 0x1, 0x1, 0x4, 0x90, 0x4, [{{0x9, 0x4, 0x0, 0x6, 0x2, 0x2, 0x6, 0x0, 0x6, {{0xb, 0x24, 0x6, 0x0, 0x0, "f72f45d6ee4f"}, {0x5, 0x24, 0x0, 0xf0a}, {0xd, 0x24, 0xf, 0x1, 0xd4df, 0x9, 0x3, 0x80}, [@ncm={0x6, 0x24, 0x1a, 0x4, 0x30}, @country_functional={0x10, 0x24, 0x7, 0x5, 0x7f, [0xfffa, 0xd, 0x2da0, 0x7, 0x1]}, @country_functional={0x10, 0x24, 0x7, 0x3, 0x101, [0x6, 0x0, 0x0, 0x6, 0x2]}, @network_terminal={0x7, 0x24, 0xa, 0x9, 0xce, 0xf0, 0x2}, @country_functional={0xe, 0x24, 0x7, 0x8, 0x5, [0x4, 0x0, 0x9, 0x1]}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x20, 0x1, 0x5, 0x8}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0x9, 0xa, 0x8}}}}}]}}]}}, &(0x7f00000007c0)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x9, 0x1d, 0x8, 0x40, 0xfe}, 0x11, &(0x7f0000000400)={0x5, 0xf, 0x11, 0x1, [@ssp_cap={0xc, 0x10, 0xa, 0x1, 0x0, 0x7, 0xf00, 0xffff}]}, 0x6, [{0xdc, &(0x7f0000000440)=@string={0xdc, 0x3, "5c81ce64134b4bb0b007362039dcb9a193050f503d85d24266526e33c26d31a8e5a4da3edca0107238218d21d4b611234e8119700c615077968d4f1aa92cf9248e075e7967c6962fb7657ddb58ae3ae10a9d42a7d4702a80140b288b1cb4e62bdb867defce4e478321eca18c888ffe2a7b08fafe71fd60b2d0d01a6369224eafb3747b52a40e6dd0da7e4d71572f9c09a58a632b429bd50c516703f8a68d4e654b0d4cfde7e346731c1c4d803d6aa094ca7b59c31904f6ed4355ba0259b475a8a3146541e4db2433db205ae70e65a6c9d9d528613f65542fab26"}}, {0xd6, &(0x7f0000000540)=ANY=[@ANYBLOB="d6034b0e54dee4466c8d3fafa075b7630ab9e05301c081baf31af6d339ec8ded6ec88065f67ce794d12f53e7a5f3e6378bac650701912345f0f501bea5a6e135acd8f3663086f24e5ebbcacb52baf32af1b2089635d4ae8ddfed00a192156623ae80e94f05f435ab7fed4d86e7b1d2b9081409e7446fb1ccc423bb22db98b2f1b8ebace271f367c54ef59e9d790cb827e9e952182cb0316f59f41b564bf1caee9d03ba74ff4b297530b2412ce1242b6c8f7b58bb7d75f3c1d018cdcef5716f07c4191ab9f45e1ff39d67d6b3d52ce2573aa4a745d6e3"]}, {0x4, &(0x7f0000000640)=@lang_id={0x4, 0x3, 0x402}}, {0x4, &(0x7f0000000680)=@lang_id={0x4, 0x3, 0x860}}, {0x90, &(0x7f00000006c0)=@string={0x90, 0x3, "9e333e9640b4d6f51f48140d6550300d0525d4d515f7e8e0e9ee1b5233061d3d04b3c68047b5f72b6ae8568b0b64269c22d9ae16628c51819488ececbea3fc44fba7de4c01f7a1f00c1c18beb2f2ea5066718b080db8037ae56702e4c8d9a17d3879ebc83012fc09fcee0275fdfa4653f8d469c4dbe26c44eeda7dc0e97562b4db2c7f30814bdf8af80c9ced2189"}}, {0x4, &(0x7f0000000780)=@lang_id={0x4, 0x3, 0x1809}}]}) (async, rerun: 32)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="120100009f0e5b4035121800eef0000000010902120001000000000904"], 0x0) (rerun: 32)

889.164627ms ago: executing program 2 (id=775):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000000007911c00000000000850000009000000095000000f8000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
syz_open_dev$ttys(0xc, 0x2, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
bind$packet(r1, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000700)={'bridge_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="38000000540001000000000000c4000007008209", @ANYRES32=r3, @ANYBLOB="20000100", @ANYRES32=r4, @ANYBLOB="00000000e000030000000000000000000000000008"], 0x38}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x2000000)

818.055278ms ago: executing program 3 (id=776):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000d379)={&(0x7f0000000200)=ANY=[@ANYBLOB="1000000014000103"], 0x18}}, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r4)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r5, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}}, 0x0)
sendmsg$NL80211_CMD_JOIN_IBSS(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x80000000, 0x75}}}}, [@NL80211_ATTR_BSS_BASIC_RATES={0x24, 0x24, [{0x3, 0x1}, {0x60, 0x1}, {0x16, 0x1}, {0xb, 0x1}, {0x0, 0x1}, {0x24, 0x1}, {0xc, 0x1}, {0x30}, {0x6}, {0x9}, {0xc}, {0x2}, {0x16, 0x1}, {0x30, 0x1}, {0x5}, {0x2}, {0x18}, {0x5, 0x1}, {0x1}, {0x9}, {0x36}, {0x5}, {0x24, 0x1}, {0x6c, 0x1}, {0x6}, {0x34, 0x1}, {0x1, 0x1}, {0xb}, {0x4}, {0x12, 0x1}, {0x2}, {0xb}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000001}, 0x44041)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x2c, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x2c}}, 0x0)

670.606701ms ago: executing program 4 (id=777):
r0 = syz_open_dev$I2C(&(0x7f0000000480), 0x0, 0x0)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000080)={0x0})
r1 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000001040)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}], 0x1, 0xc8d1)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000200), 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x80, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_REPLY={0x1c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x133}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xcd}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x5ff}]}]}, 0x80}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)

471.745337ms ago: executing program 3 (id=778):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x5, 0x0, &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000}, 0x94)
syz_usb_connect$uac1(0x0, 0x94, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902820003010000000904000000010100000a24010000000201020c24020000000000000000000904010000010200000904010101010200000724010000000009050109000000000007250101000000090402000001020000090402010101ff0f0009240202000000000007240100000110090582"], 0x0)
r1 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
readv(r1, &(0x7f0000002380)=[{&(0x7f0000000040)=""/4096, 0x1000}, {&(0x7f0000001040)=""/245, 0xf5}], 0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x5b5d}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @empty}]}]}, @IFLA_ALT_IFNAME={0x14, 0x35, 'wg1\x00'}]}, 0x50}}, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000200), 0x2, 0x141121)
r4 = socket$igmp6(0xa, 0x3, 0x2)
sendmsg$inet6(r4, &(0x7f0000001c80)={&(0x7f0000001500)={0xa, 0x4e20, 0x6, @dev={0xfe, 0x80, '\x00', 0x1f}, 0x4}, 0x1c, &(0x7f0000001b00)=[{&(0x7f0000001540)="1e14ab13eef1fb8ad295c9d6a6527ce6795a20ecbc606e1ab89625f45c2dd6b8edd14938e51d64f8434c00d36fd96cf50987d828e2c048f786e4a1b885f5a98cf915e990373e06f51127b159c829", 0x4e}, {&(0x7f00000015c0)="55f447300508198b737bcee1c126d68c6c1ab7a88fbac644b2e769812c0333a234666651d42d55e06aa5f86eb2e74868dd7288abb2783fe89be711a4b5bcd740a26da6ab238e7520b66615bfcd0f1a4beebe764ca59d50edf8b54b28c9caaa2041ee9d2ee2f2d9b869ac882b81a74d92af9e4a906de948c22b375c490d119712d0d49df8b787f9c27fd6edd81680d066067aa0aa6ab4d6bd848ef725d252eeb44a491f42867a0ada3de3d8f9138ab57d96ee", 0xb2}, {&(0x7f0000001680)="edf8360186810ca4dbf98786ba96ec11db4b8d99f7953b8583aa15b7657d582f1865365e25ba0479211b129fe09c477c292c4b1b749da2fd0dad5e36e6ee51e9c038520260704f6548d7d33152a237d05de41179fa5a24506dc253216a01322d129661f0db7caea5273b736b56d1865c760514604a2451b7c4e82b631df52fd61091f7c378170712e3f5028897d7b77b484d7d3e500a9a391527e00b07885e69e036d831a82fbe583e4d44039a0b9dfd6982fca89d17db50624f08c5608d290e587faf69b363b3688bcfb98cebef7f9f5877e868b7839dcad73c6fe7b39053dfd11ef11b7c7fe15527de3bc52634bd26c0a2d223297df2e009fc6f74bcce04", 0xff}, {&(0x7f0000001780)="b6faa415af43400f5ac80f1d253fff3aa7482709696ac8ca7da8f016e0b7dd073d72fc4423143ad1f839de13a5a323d36c986c7f7c8cd34e6e7290ce1e5f9178a029668cf8179dff197c1869254603a53025a8bac1a8b467ec7e454093325b2f79db4fa1ada036e61c740e2661a147cb2d86e537a9855d140cbca33befeb54ba521534bafdbeacce6f038b00b677cd9776997cfe0cb19fdd0aeb18ce15be7059742f9819347c3dc87dd553388d66836ca953ff8af1e42fcbba5eba439a57c3ae35e4121e43de8404836f2bb261566438ea546122169ab0f4ad2b1597a2f7df4113cf795b3859a218dfdc8e5fb3e1", 0xee}, {&(0x7f0000001880)="58303c4df06f72ccf93b72da5a76ae9b886e5246bc8b293d5d12ebb0f70bee586283d0965791d3bef913a08a0e88c166dfa471177a01da9a5146e9ce67b09f871360d45ba4e4a1d872da897e597ae158fa909152cf7a8899b891d354996a6cb5840160a083cc1a95079e6368133f39a7b7a7b55e9ca13ceda61532526e7de9c971708b26314a4b9e81f166557a077d2a5241eab0cba070b3ec59eab71917a0d6c7b3d7b70b6c0b0456f2ddea76b02099d60acc635588720f5d8e4f9f72a281d26f89bc69a13e91e9e7d68665a0fde45d84cfad3018", 0xd5}, {&(0x7f0000001980)="1030419f115dd80e7f0863d508c6af67a1655a8872e85cfc626c6935f98fb37c4402cd12ea455d7f64da14954e818323e665ecc89417", 0x36}, {&(0x7f00000019c0)="88ee948c3db3756704d86f43dd7357389f4aa2a90c94ee9deb3bf90976bb570bc5373822264a5faae89340e386712a1e62423ceeb770c14ee299c99f86a2ba0393412a82822066fea797af3efb4c05817882725bcbeafd55869605898720675a99b1a3e19227e3a424c4a3684de782cfc1101f26661fe5ddbdf5e92f76bb", 0x7e}, {&(0x7f0000001a40)="939f610243857d95970a794d741696d2bd76841a0fe244ba784a4991b8ca3c53acee540a85871cbf1823ed1ce0454290cb7418bc74f1549d2182faa21c5c2210365ca0875b05f70e3828ac6c2a6b43bc79338d2c2c5fda4c1f2cf4cbafee4239052282d736b3f3a21bd256095ef67861791ad4d79a9f9413188b8344ba8c187d0f91d316ff58761ff3534b00c082210879d3c357f81230ab9f2f33f113576956e32826ad90031a4f4c925e416110b92edcd1e817d3", 0xb5}, {&(0x7f00000023c0)="8b8a1f249940a37a9b9cde06974c4fad957b1f905bfaea3fe13299f44e1aa17081f226ed97d574d3be3ffd8408480f40368d1077e083ea2a300835b45120f645afd22b29b4c62740d88b210001712cc78b5d9acefdcebc9910378403dab55f0613f0845aa56fa627248cf10db3c774170f11b4b5473ccb9df42fbb6fa08d2680282b6227c497edf8ef681654a91a0686f09000e36c8dccad3767a7eb26ddf75e63b22f2a967cac2d6c45d3fee019b8c404384495a176a11af0108e8ddb8ca5d08c918376a3350044c5cea347e6f72de4b28b2e05162916d4e7b0d06400e62ffd849350305d4551cf3891f3668e0842714ab08d0c009260cc2cebefd615316975d7bf7abb3dc37c2263d5619c931878435576d07da4fe1bb80fea1d612a7eb13b7529924db3d982d9d46d704d6ab61f7ae0c5cf9944cf74be75674b9273a6334b3a4003cccfec492262532f7f14fb09898592599c53d229697cc64391c24f53c5902ae33d880161fdc492b9a56ad95df6b552ebd15f27e728997f58db0a084d0a1c9999d51ca1d67d40d5c2e25245b2ea23907949a99359fd1715ce353987d7fc701f07bb3f3142604d996aea70a3728e68dd00a3402c4e6aa3f15fe3e024d3310e4dc9fc5fdeca4d08451b1314f84cbdf479ae63bce5c6cbb9dd8a17393a954f67ad2d4a61393a4c3187382b69f8f5672530ff7a9ba001cb03c6be1fc66854619e3f7c3dfa43cc65eeaec2258908d484482ec8d9b1b625f53c37adfb3b282c91cfd8ba8a0abc7b2a49e2011cbaa19da48fc12a53cfd4e2fcad98c5685f9a61beaa14b7e2f0ad2657e69c15db968ef580dd988164dc881a25f44b6a03f58a3d9514a5b7f3ddf74cc5055bcddadd11fde841b0bb3e38734142305d8708bf0c4adee8db3f83a6d3faa66897046023194984972d11795807cc0786768a1303498a61bd4fba2d10d0d331893816d0a7664e63590bee058afccb5398d29d44a0cfa9857eed37a612e65473f695fe13aa553be342c30311392b7bbe7dc3b4bba03b7975e956a072fba9ddb534cf3233323fc185df68919ad72ee772b4d9735e086057591a555b96f747cd6e10d7c59e387f2d589ae2d41db39c5dbd767d3c9eb22fd96016cba46b0fb1fbeac3df7f93f3680dde1cfdddd1b4209163db19460103e99e2138dff1879821a41a8da1fe5370a20cac6f3720b875507a5242d5722a0dff03cd3f5854bf2859aa7dfb55e7fe1c6ecd920be5225bf1f9b05baf23bcf8588f4d7212d3fe6e17bb4d15b0a0abf1bfde862aa4b87584521a91700db32a7807576483c49af9e065a2292e5bb5f59e0e0dd30ff416eb0e00393a50f8cccad820fa2bdf8d3d497606ebf98fe65277071efdc65fd76abe97cefa0feef24f70091cf85f587ddb981fb210a8bc943fa6070053259c0662a04a0654a7f5cb02056cba0a3c32a5e624d1cb1a8f350b1ec4e4017aefc0361bf89bc246b1715f70baa6c30cb03ba663df34fc7eea660292915197ffeccddac42f6051d57db4c74ef7b8ce88b7758c4a473f0aee6dc2eb1344b0f9f851c452385a8c289aeda7e14bc0c5bbc504aaeceb741bfb42b6690105fbfc33e1844bfb073205764d4ee7b5a851222648009c6ac66f2c186d23f93eb0407699f634dd343c27cd42f9b7faad75090b8c209d303e5c9b66327871780d238ec106fdd7421c46ffd66980c81d79c6b9eb284ca2e8b4ab09c9054cff40abc6a7a8ea1de36d8f487b81ea472e2aed6d5b371368dcaf3b17ed646bc8a07786f7af9422657cf6858e55f1277e182e321e53aa508bb4e2ebc090b11bd986302ee2d3acd2096d963d93ebaecd966d2707a86365b4ab006dad6ec20b8217b9a8075e8364fbfff0f2ffa975195f773d672ab74e328c1074d5247b372b0a2f8bb184f98229f8900e97dd1de41f6df261219c5e714d1150516b19aece51d4f608fd7ea6eaf944e81e9e8dc10928b759ff2de63da4ae2b0c419a17a07341b7713712c6353c448b34271c994897234ca9d0fe1285b2446038186cbc25c4c0efe714459cacc97aad98cd0c685f1411b6accbb44e804e9bc109cb169b7006282f13fec37360c4d55af6deadcdd707fbc2b5a8af6468be00373890f5418db6933d375ddeca985f1a1699928168b09b3f7ffd39ae2bb06fb7ec87e941917f6fba9451ad73e428bd62b7239ba9f9d7ce90eb552a7efdf8bbf3a7fde8fad3870af29ac726547a7fb081627b0ad8d76b0590069205acf77767a05c5a576dce97c927290734d2a7d0be4f85b1ad7a38c4c53d80b12457b48a653d3335c2b37d01efb03afd276c40604372c700108887124a91978568676e394cad06f424c4026cf505a7a1bf02bf788e3cad18d91b5f4600c5173426ff60beed0acd43a9b367e187a212b96bbb125735ab3db1fc6ba517b1ed5adc8ff6915d71853fb143b9f8dc7b0f536d16ccba4a7c827d4555c61ecd767c767efbb36cc483eb1e5a9249733c031f68e6afe660a4df57f66c15c432685bf98df4320a54d3a3ec3bb3cad1dd0316cdb8f17546d1b97276b4c3ca06889155d83b5c6f273a9e14e6ae590b505503a0d4dcea96d644a4a0a5108a6b77434e08f43ac8f113c2d5b7c3e93f2a45f0c5d07159a60a8ca3a70c8a06d950dcfb2389f0a6423666f0fa7a0eda3a94983ac876e01706e2533987363746a1cb004769afbc47a7252e15a3c5f71dc86dbef6491ecda9502e6fc6f19d48acf6e7246e7785547de409e9b90daa1a4c21eefd9696710af4a3e6aaf9e3e7e69adbda86d14c01f59473db071a83a447fc8e1d1519746986e462da0e9d7b56b56d5e50d07a01053269529bfd095ff8a88fbee06c67920f2deeae90c2e9a8090e1f45772c910b6050c839e5c26c12e93f900ed9d2e9f6284ae1a13aceb71d4e518509c03231f115cd7a83a6c4c7205533807fda65778eb985ec3920e288ff736edc8c07d8275cfe638a8599fa3f03a4d8dea080ac04fae2452b97a7bcac21f0cd5d7cc092f68b05506e9354353d135ef912ef1be25c6bde1d4254b61b8fae5c313275e38e70095961364185df4bf57bde352e9c9e87515c4a846dfc9faec625287228a14529fbda245faefc26e72d92faa20364b6bc379faf5cb1b7b0ba785c2fcbf99c26c25cd4f1bc18fb9b345e201b1b5d8f5887c0fc3bf2bbe01b685df66c470d17a4276305000c4cca4847ea285daa9222533d7007add428545b75979ba5c068da3fb36757276214adf180d6b3d651c8f8de0e19ad720a34f5f719a2be26f18c7a7ee99be483277098cb2b28a28d03c8c3b80fac01683b9150600e43a2d278d546f932ed0b2f03e7ed8ca70bea91c96ed67b152a7c6749396cf99f1e5a9a44f364b3145ff46f3a5ea2fc90500e2c80274e9d960c59bd41e4d925efaf8913bcdcf6a373b243197ab17bf0b9a3940b8b3ec5389111de354bcd18c983ec9b8b68a0a6dfed904596127681be7565890e679d6e910bfa6d34ca6a3ba0cdf4b798d4f3e060d9452846f19318a7ab358637696092d7ef383debf89e6b35226b9666bde65dd6c2377d43e318eaf6bf2d551335b5cb0dee4530ae513abc903ae532d55492b790cac2c58592dd120e6920b1e8c6af6671d625724bcb49bfa6d468bd4eb22c4fca2a0f0e41e5e53c0f7abee9bab50ea293f25221c8e5027f354682de10eb53983dba15df6abbd68e59c006ec31915842ad8b421bfadd94a9d635b01a0ad7409b6886757b45a02ffcd80c885eeba91ec54eaa3daad510742c591adea19335415a7f8fabdad441e7a8a14644e2099297416d322c3730529a9303ef2d1170979216ed95907468bbe5c757cc27c4792ce94caadacfd6712eba322ee06632e68b272f641d104adbc71ea078b42cedc988efd53ccbb8636a9aa7aea8560867b9ac4dee03e0489a732d7d7db72a9e49cc955985e5271e8101b1dfb898bce455c83cd6faf509c869905d4e60a3bdccdfd4d8b84873c86a722236498ecd86c54f7de163d529ceaa162f64c6e4f305f484d8ab4184d78b274b01fdc601a46d702b30c8ccb2c9f7f8532d15af4ac61f6fdf88a30ea6d5aec2c2b3930f3104f15babad9a6b98f615e2697e0f8b8529ade9866cd3d01fa98134e8857a9526157acaaf4f77239caee98ec0d246a93f5882bc6ca45bf8f96a2b901315659148b6e4e8175adfd990745a3e5c3a173f273b0fdabfdbdf6e0e2c1712f7bea227df677527c1096c919c610ace3e10cfd0b7c37eee93b30ed9c5c57176cd8cbfa1448f273d3faaa67e9248ef0fd1dd1c1597684bea13f3f772857f14be7ee540454700a3c529b26c3b3972756db49478329d2dfe46f3bd65ab6705f076fd33fb99ef2e987565b3c7b91822b8f0b063b54ff13a030dfdb9dd743ac5620b960fcdd0fb075f9b5b41bf0918460f096a2e19e7bcc1d2c28460e593d9a00f28a7a468d13f84ac5244341b5a9f719873475490a61e9a24a243725c01dd6e1b882e34c7ce3159916a383998229a4ab99076cd6bb7a5a1d46385645d19b68f010b56a6d4c5de86db60cd57f8f436b47f0bfbceebf4ea08bdd11aa8b322871cb7763839cfc1155deb29e4961b7bd694a1925897ed9effebf0d4126b2732df469eb5a34f85fc2ad1a21f81c8f4695954714b4b0e7368428ad40a47d241e8ebc575263f2478b01987955d5bab850e5f1b0f892739cb089d1428683f569bb9e613414bdee34faa607d94302d7fe5940f84153a51c4529b11a35b863feda39df6e4da1c5b4a0b64f747426ac6aa06cc781b0dfc7fc48c4b8725a5a867f09a44ee4065900a1c0ed18078a6288bc136e089e26978b904f3c975fd518b271dec63cd67db0b957e9d1f73a560742025d5322bab1932b792faacc1364e1543e47b1df92671049173946c5b1212ff944d300fe3ae8754396c551f8cfef5bbe970669fcae57742be8fde1df8db63687eb5134b189cfe20f447c454eac3477296b7663a2457c98918d22d14b479b59f238a8ec4e1c9d55f88e9f8c454ac8e0ec4ddc1eed385e58460b0a0bc1f2773eb6526acd25d4603d16157649feb286154383b19943a772e0747c960aa70133bea72ace7381bf1e17f5cadb3066edf6c27e43b58ab5a81fbe3c71165962b39e09a30e56c36e5e5f3abfa7760a3cd4332565dbe1d8c4b8cda8ce2c00ad34c2bebcf5ad42cd3b764ad1925834facff7ebf99e6f06c9ee6795966acb49de2f70d72b63fefd6058586578c6f4bcd8e5977b25d2efe9a10f78eb6b0418462f6b320d2a95703ed9364082fdc33ab5b502e2ed5966079e109b0f2d62ff9a13d95a3385139ef04cb05116358be964e36fdb81d7ea7dbdab7f0ba33242d55bc15f6ae7c2d7fab2fda0185dde83f578389d2b588dd3b0381a44553e2d42c055cafd74b2f0c5b66bcd2f8a25390e1534ca58bc4dcf88e93184833ee14bd3c0b30187afdd65246eb54b6f029dc0a869f3568609561e74e559adec67fbaa784cfe1aaded810feeef0d8a4b100cbcc47f23a79a820ff43286d72ce58fb5b0c33d072277a2a62a08d02e3cc7ca85b1501c5aec8a7e774942b25f68e12e6f8b08cfc752db02a93afec19cb857c23fcb4aa2bfe50af865293b2a4e38ccde960a3b3d77ab0c5d59ce1790834ca122b058b3574cdd0ea1c58c93a9af147dcd4c9993af8417ddbc9d4576057965a6bec1a6b9034ec6ab392f5c47857dc67996ced6eee3c346eaaa218919eccb10ce29cd465dcbf5068d72dfc927063264cd427f6e279b2ecf0e5e4c7887188339187f3db370d985b7c3cd640eaf6cccc5c9ddd1a", 0x1000}], 0x9, &(0x7f0000001b80)=[@hoplimit_2292={{0x10, 0x29, 0x8, 0x1}}, @hoplimit_2292={{0x10, 0x29, 0x8, 0x1}}, @dstopts={{0x3c, 0x29, 0x37, {0x21, 0x4, '\x00', [@calipso={0x7, 0x20, {0x1, 0x6, 0x9, 0xb, [0x0, 0x5, 0x1]}}]}}}, @tclass={{0x10, 0x29, 0x43, 0x9}}, @rthdrdstopts={{0x34, 0x29, 0x37, {0x67, 0x3, '\x00', [@enc_lim={0x4, 0x1, 0xf8}, @ra={0x5, 0x2, 0xf001}, @jumbo={0xc2, 0x4, 0x8}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x81}]}}}, @hopopts_2292={{0x24, 0x29, 0x36, {0x2c, 0x1, '\x00', [@pad1, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}]}}}], 0xc4}, 0x40000)
r5 = dup(r3)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000007340)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000f00)="f1bf762b2df497800dcf425815085540a84b34e45a2dd0c3d6959de25e4b4099be1063e1fa1aa0551a8a566a38d445c8402a7de6a415fdc02268a82f7a81246c1d9fd8535d43baacb265ad29f678e05a457003a96a3366bdeb013a8071a7c7121d79215fb3719541d13bcd571cdfd0f947dfc4bf39462818ec015a8cc563478821a523aae22623dcd131f619735980753532d31e06529ec717b0f44ecb205014e379fcccf44f79c6b1ffe1efcc6c6022124d077a367b1b00bc79158a55cb6ba852541a52f84cd61dc7be74d97a5f79ea1d9722c68345ab2e57ac77785d14de0f1c63b1fecae05e09a1e7220f122dbc127d26ca959ad4d4360b6de6661599c2c8dfa01462b1679baa2fa10c1f48db81126af7c6b960441310102ed902635b36f2f209a5062564acd554ab4fc7205500378435c802d64ef48edcd0c92a8c538f490e8ac794fd0d456b9e05781ea508e419bd33fa70cd8df0c041bbdd73a1101ccbb9b58b8d89ce948816dd6ecb61ef15161f1ba4c5dea93adc83f810ae92f1243894aa582464ad805e150f0aca68bbbb2e4fe3d8c2053d8eeccdbbe259dc9a557124492a5e3105ae0b32ae5fc87194ac37455dad4712dd68e9102b26ebb7cdb137a7acb653442c97b5d8fdc76069555375f185b1b1385ef606528aedbbfc75082be35f1bf77ec19dfcd506fe9094e95d78da6ba8b1526f30658e501471b8edbfe9e117c7aee5a3a484fcde922fba28a3960750ab5f52f1dd27841d977e4b5883f1cceabb8478487bfd031e1e5f0896cbf8489cce0280b4cf914ea97445df382b63ce9c82ae56a05699287ca6bbeaf1fa24393203a4366a89388d8e260dc7e9d0d5d8345e2764650dfe8f8414f37cf750c516ed99e5ba59926b1eb3c0cc16a289d42682fd9fdf7eff5566da634983d7ba64621290fd3a616da3c6be3e854c8d27d8ce28363506c0ea41527be5d9d1bdf49be227f2949298c29a0c6d2ed07038a6cab167bd60b8a71f3a25de8242ca88c6f9166c6bf0996c4484b632898cc4b1de741b153093d85b3ac83849a361147deb3d5eb77e21491c88b4adc955c9b1e5fd41f1d7379d01cb36e165703fe0de180fd236e892fe2901a361fd1168e7fa25d0f6eb21a2a3ab290ea4e6f8f611dec443a089efb13fc92477d3aa7a977b74e6a6e85cf99b98e2dfbe717870b987729c4aa98a98311d822bd662060fe3bb55adb9d9c44d95b50cd214b8da99ad6fe849fb3acd9eedbe6c78761e2c6887774eb2e942cebcf4be4a662fe6166e7be02217d90d09ef84d3edd40ddb253004f09d1221c8ef2aa68e0a80cd0ba83fdce38e30a6e50cc99804c3f7802cfd2fee86e9ee88ae506eb57c632620d9777b3890c0854ec5e6562c9b0af383a332368c1534eec05ba36e91d09d1aca5993c1fdf24880e02d57f3d735d1674807841ba280fb6aef0f878815b027f828bb630c92c75e5e1c439e9e1e497b69b5460c8c5bf7ae8f50b67fec3cd62bc0b67b5fc472d23d4e9bc27c9cd3db01a230612ed3b3f387e6f02700a5e72f0166214cdaa80b2b64d15e805305aaee0812444dc28ce2717432852cc0524617c027afd340993f9de4f843c02a70ace7a6eafa98d67118f8c86b3bc72589226607e876793c4bc88f0e1aab31df9dbe75731af87d908bb35a194e7ba8a98c9ddb74446e3558ccebefe197375afbf2cfddf893b95a9ace4ca4cd5e067e196af1fc6ad0f510b011226a7e3ab49e9bea546fd6f5923f8d37484f3249597548e3f50c1a0a49ea7d967f10ecee53236d346ccb310bbe9117d247497f6f59ae558e29def6bca99b8269f4743df005d2377a1da748ea92342892dc02ff0428ceaa5bffd7f19aa3da258fcf257f74896623ebddd6436f446dade95137831bc2b6d7ad30ac373c6a68aad234c87172244ede7fc7304c891bce153072bd10621250578ba2abba3ef4aabd016dc08a8305bc15525070186388ade5a98039c3b4ef2fe2cd145811b58ee091cd82f6bd0b0cc5b7d7c9ec8a7ebb20f4d4c63c76b403072a7b36a054328c70ed491326f664f70540daa91f074aa675453b88419c9b71fca890a8dcb00d4c93f4483e35eec899d41d07295d75e0ee22793789711d677d825b90a99ed605dba9ad08186b670c566364cdb7e3e127e66f1a", 0x5f9}, {0x0}], 0x2}}], 0x1, 0x80)

434.711629ms ago: executing program 2 (id=779):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0), 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
add_key(0x0, &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080), 0x0, 0xfffffffffffffffe)
preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffc, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x30, 0x0, 0x0, 0x0})

245.615419ms ago: executing program 4 (id=780):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000000007911c00000000000850000009000000095000000f8000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94)
syz_open_dev$ttys(0xc, 0x2, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
socket$netlink(0x10, 0x3, 0x2)
bind$packet(r1, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x6)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000700)={'bridge_slave_1\x00', <r4=>0x0})
r5 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r5, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e20}, 0x15)
connect$unix(r5, &(0x7f0000000580)=@abs={0x1, 0x0, 0x4e20}, 0x15)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="38000000540001000000000000c4000007008209", @ANYRES32=r3, @ANYBLOB="20000100", @ANYRES32=r4, @ANYBLOB="00000000e000030000000000000000000000000008"], 0x38}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

0s ago: executing program 4 (id=781):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r2, r1, 0x0)
r3 = syz_open_dev$video(&(0x7f00000000c0), 0x7, 0x0)
ioctl$VIDIOC_S_FMT(r3, 0xc0cc5605, &(0x7f0000000100)={0x1, @pix_mp={0x86f, 0x0, 0x30314752, 0x0, 0x9, [{}, {}, {}, {0x0, 0x81}, {0x0, 0x5}, {}, {0x0, 0xffffffec}, {0x0, 0x62}], 0x3}})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000480)="05c0124a"})
pipe2(&(0x7f0000001180)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x4000)
vmsplice(r4, &(0x7f0000000140)=[{&(0x7f0000000100)="eb", 0x20000101}], 0x1, 0x0)
fcntl$setpipe(r4, 0x407, 0x10005)
r5 = syz_io_uring_setup(0x4cf7, &(0x7f0000000580)={0x0, 0x8917, 0x2, 0x3, 0xbfdffffb}, &(0x7f0000000280)=<r6=>0x0, &(0x7f0000000340)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r5, 0x47f6, 0x0, 0x2, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="48000000100600"/20, @ANYRES32=0x0, @ANYBLOB="0000000000040000140012800b00010067656e6576650000040002801400030067656e65766531000000000000000000"], 0x48}}, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000440)={0x10, 0x0, &(0x7f0000000180)=[@request_death], 0x0, 0x0, 0x0})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc01cf509, &(0x7f0000000040)={<r9=>r0, 0x6, 0x1})
syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), r9)
write$P9_RWRITE(r4, &(0x7f0000000240)={0xb, 0x77, 0x2, 0xffffffff}, 0xb)
r10 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r10, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r10, 0x1, 0x8, &(0x7f0000000300), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r10, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r10)
r11 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r11, 0xc008561c, &(0x7f0000000040)={0xf0f024})
ioctl$vim2m_VIDIOC_S_FMT(r11, 0xc0d05605, &(0x7f0000000540)={0x2, @win={{0x2, 0x1, 0x80000000, 0xcb81}, 0x1, 0x9, &(0x7f00000007c0)={{0x4, 0xf, 0xbaf, 0x8000}}, 0x7f, 0x0, 0x6}})

kernel console output (not intermixed with test programs):

nterface version 1
[  251.874752][    T9] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  251.894887][ T7747] netlink: 8 bytes leftover after parsing attributes in process `syz.1.475'.
[  251.931860][ T7747] netlink: 'syz.1.475': attribute type 30 has an invalid length.
[  251.948793][    T9] usb 3-1: USB disconnect, device number 12
[  252.016436][ T5913] usb 1-1: Using ep0 maxpacket: 32
[  252.028989][ T5913] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  252.050998][ T5913] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.105463][ T5913] usb 1-1: config 0 descriptor??
[  252.125831][ T7747] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  252.135297][ T5913] gspca_main: sunplus-2.14.0 probing 041e:400b
[  252.142577][ T7747] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  252.152140][ T7747] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  252.161647][ T7747] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  252.224581][ T7753] netlink: 'syz.4.476': attribute type 1 has an invalid length.
[  252.483377][ T7753] netlink: 28 bytes leftover after parsing attributes in process `syz.4.476'.
[  252.856365][    T9] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  252.886322][ T5929] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  253.037246][    T9] usb 3-1: config 0 has no interfaces?
[  253.112213][    T9] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  253.138106][ T5929] usb 4-1: config 0 has no interfaces?
[  253.152887][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.166284][ T5922] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  253.268977][ T5929] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  253.278918][ T5929] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.288508][    T9] usb 3-1: Product: syz
[  253.297241][ T5929] usb 4-1: Product: syz
[  253.304409][    T9] usb 3-1: Manufacturer: syz
[  253.309208][ T5929] usb 4-1: Manufacturer: syz
[  253.309231][ T5929] usb 4-1: SerialNumber: syz
[  253.325973][ T5929] usb 4-1: config 0 descriptor??
[  253.336446][ T5922] usb 2-1: Using ep0 maxpacket: 32
[  253.341833][    T9] usb 3-1: SerialNumber: syz
[  253.347018][ T7742] fuse: Bad value for 'group_id'
[  253.362331][ T7742] fuse: Bad value for 'group_id'
[  253.380469][ T5922] usb 2-1: config 33 has an invalid interface number: 147 but max is 8
[  253.399242][ T5922] usb 2-1: config 33 has an invalid descriptor of length 0, skipping remainder of the config
[  253.432990][    T9] usb 3-1: config 0 descriptor??
[  253.441811][ T5922] usb 2-1: config 33 has 1 interface, different from the descriptor's value: 9
[  253.457387][ T5913] gspca_sunplus: reg_w_riv err -71
[  253.462796][ T5913] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[  253.475612][ T5922] usb 2-1: config 33 has no interface number 0
[  253.500166][ T5913] usb 1-1: USB disconnect, device number 15
[  253.515802][ T7766] netlink: 'syz.1.479': attribute type 8 has an invalid length.
[  253.640838][ T7762] FAULT_INJECTION: forcing a failure.
[  253.640838][ T7762] name failslab, interval 1, probability 0, space 0, times 0
[  253.655457][ T7762] CPU: 1 UID: 0 PID: 7762 Comm: syz.3.477 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  253.655486][ T7762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  253.655499][ T7762] Call Trace:
[  253.655508][ T7762]  <TASK>
[  253.655517][ T7762]  dump_stack_lvl+0x189/0x250
[  253.655551][ T7762]  ? __pfx____ratelimit+0x10/0x10
[  253.655582][ T7762]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.655606][ T7762]  ? __pfx__printk+0x10/0x10
[  253.655634][ T7762]  ? fs_reclaim_acquire+0x7d/0x100
[  253.655672][ T7762]  should_fail_ex+0x414/0x560
[  253.655706][ T7762]  ? seq_read_iter+0x1fd/0xe10
[  253.655725][ T7762]  should_failslab+0xa8/0x100
[  253.655752][ T7762]  __kvmalloc_node_noprof+0x161/0x5f0
[  253.655778][ T7762]  ? seq_read_iter+0x1fd/0xe10
[  253.655796][ T7762]  ? __pfx___schedule+0x10/0x10
[  253.655829][ T7762]  seq_read_iter+0x1fd/0xe10
[  253.655852][ T7762]  ? aa_file_perm+0x11f/0xed0
[  253.655877][ T7762]  ? __asan_memset+0x22/0x50
[  253.655917][ T7762]  seq_read+0x2e2/0x3d0
[  253.655947][ T7762]  ? __pfx_seq_read+0x10/0x10
[  253.655978][ T7762]  ? aa_file_perm+0x11f/0xed0
[  253.655995][ T7762]  ? rw_verify_area+0x1bc/0x650
[  253.656023][ T7762]  ? __pfx_seq_read+0x10/0x10
[  253.656041][ T7762]  proc_reg_read+0x1e6/0x2e0
[  253.656067][ T7762]  vfs_readv+0x5aa/0x850
[  253.656094][ T7762]  ? __pfx_proc_reg_read+0x10/0x10
[  253.656117][ T7762]  ? __pfx_vfs_readv+0x10/0x10
[  253.656161][ T7762]  ? __fget_files+0x2a/0x420
[  253.656192][ T7762]  ? __fget_files+0x3a0/0x420
[  253.656216][ T7762]  ? __fget_files+0x2a/0x420
[  253.656252][ T7762]  __ia32_compat_sys_preadv+0x1bf/0x2c0
[  253.656282][ T7762]  ? __pfx___ia32_compat_sys_preadv+0x10/0x10
[  253.656312][ T7762]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  253.656332][ T7762]  ? lockdep_hardirqs_on+0x9c/0x150
[  253.656364][ T7762]  __do_fast_syscall_32+0xb6/0x2b0
[  253.656388][ T7762]  do_fast_syscall_32+0x34/0x80
[  253.656404][ T7762]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  253.656423][ T7762] RIP: 0023:0xf7f16539
[  253.656437][ T7762] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  253.656451][ T7762] RSP: 002b:00000000f4ff455c EFLAGS: 00000206 ORIG_RAX: 000000000000014d
[  253.656470][ T7762] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080001b80
[  253.656481][ T7762] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  253.656490][ T7762] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  253.656499][ T7762] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  253.656509][ T7762] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  253.656533][ T7762]  </TASK>
[  253.975535][ T7775] bridge0: port 3(syz_tun) entered blocking state
[  253.982670][ T7775] bridge0: port 3(syz_tun) entered disabled state
[  253.989487][ T7775] syz_tun: entered allmulticast mode
[  253.997349][ T7775] syz_tun: entered promiscuous mode
[  254.004165][ T7775] bridge0: port 3(syz_tun) entered blocking state
[  254.011125][ T7775] bridge0: port 3(syz_tun) entered forwarding state
[  254.122611][ T5922] usb 2-1: string descriptor 0 read error: -71
[  254.129090][ T5922] usb 2-1: New USB device found, idVendor=046d, idProduct=c090, bcdDevice= 0.40
[  254.143365][ T5922] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.156916][ T5922] usb 2-1: rejected 1 configuration due to insufficient available bus power
[  254.165904][ T5922] usb 2-1: no configuration chosen from 1 choice
[  254.174900][ T5922] usb 2-1: USB disconnect, device number 13
[  255.284275][   T43] usb 4-1: USB disconnect, device number 25
[  256.117676][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  256.124125][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  256.505178][ T7805] sctp: [Deprecated]: syz.4.487 (pid 7805) Use of int in max_burst socket option deprecated.
[  256.505178][ T7805] Use struct sctp_assoc_value instead
[  256.534999][ T7803] netlink: 32 bytes leftover after parsing attributes in process `syz.0.486'.
[  256.735002][ T7805] FAULT_INJECTION: forcing a failure.
[  256.735002][ T7805] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  256.773160][ T7805] CPU: 1 UID: 0 PID: 7805 Comm: syz.4.487 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  256.773182][ T7805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  256.773190][ T7805] Call Trace:
[  256.773196][ T7805]  <TASK>
[  256.773201][ T7805]  dump_stack_lvl+0x189/0x250
[  256.773222][ T7805]  ? __pfx____ratelimit+0x10/0x10
[  256.773242][ T7805]  ? __pfx_dump_stack_lvl+0x10/0x10
[  256.773257][ T7805]  ? __pfx__printk+0x10/0x10
[  256.773281][ T7805]  should_fail_ex+0x414/0x560
[  256.773302][ T7805]  _copy_to_user+0x31/0xb0
[  256.773317][ T7805]  simple_read_from_buffer+0xe1/0x170
[  256.773336][ T7805]  proc_fail_nth_read+0x1df/0x250
[  256.773356][ T7805]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  256.773374][ T7805]  ? rw_verify_area+0x258/0x650
[  256.773387][ T7805]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  256.773405][ T7805]  vfs_read+0x200/0x980
[  256.773421][ T7805]  ? __pfx___mutex_lock+0x10/0x10
[  256.773434][ T7805]  ? __pfx_vfs_read+0x10/0x10
[  256.773448][ T7805]  ? __fget_files+0x2a/0x420
[  256.773466][ T7805]  ? __fget_files+0x3a0/0x420
[  256.773480][ T7805]  ? __fget_files+0x2a/0x420
[  256.773501][ T7805]  ksys_read+0x145/0x250
[  256.773517][ T7805]  ? __pfx_ksys_read+0x10/0x10
[  256.773531][ T7805]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  256.773543][ T7805]  ? lockdep_hardirqs_on+0x9c/0x150
[  256.773563][ T7805]  __do_fast_syscall_32+0xb6/0x2b0
[  256.773576][ T7805]  ? lockdep_hardirqs_on+0x9c/0x150
[  256.773596][ T7805]  do_fast_syscall_32+0x34/0x80
[  256.773633][ T7805]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  256.773647][ T7805] RIP: 0023:0xf7f07539
[  256.773658][ T7805] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  256.773669][ T7805] RSP: 002b:00000000f5026590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  256.773684][ T7805] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5026620
[  256.773692][ T7805] RDX: 000000000000000f RSI: 00000000f7393ff4 RDI: 0000000000000000
[  256.773700][ T7805] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  256.773706][ T7805] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  256.773713][ T7805] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  256.773731][ T7805]  </TASK>
[  257.245168][ T5913] usb 3-1: USB disconnect, device number 13
[  258.080330][ T7829] FAULT_INJECTION: forcing a failure.
[  258.080330][ T7829] name failslab, interval 1, probability 0, space 0, times 0
[  258.106136][ T7829] CPU: 0 UID: 0 PID: 7829 Comm: syz.1.495 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  258.106166][ T7829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  258.106179][ T7829] Call Trace:
[  258.106187][ T7829]  <TASK>
[  258.106195][ T7829]  dump_stack_lvl+0x189/0x250
[  258.106225][ T7829]  ? __pfx____ratelimit+0x10/0x10
[  258.106256][ T7829]  ? __pfx_dump_stack_lvl+0x10/0x10
[  258.106279][ T7829]  ? __pfx__printk+0x10/0x10
[  258.106313][ T7829]  ? __pfx___might_resched+0x10/0x10
[  258.106342][ T7829]  should_fail_ex+0x414/0x560
[  258.106376][ T7829]  should_failslab+0xa8/0x100
[  258.106403][ T7829]  __kmalloc_noprof+0xcb/0x4f0
[  258.106425][ T7829]  ? security_sk_alloc+0x52/0x390
[  258.106459][ T7829]  security_sk_alloc+0x52/0x390
[  258.106484][ T7829]  sk_prot_alloc+0x101/0x220
[  258.106518][ T7829]  ? sk_alloc+0x24/0x370
[  258.106543][ T7829]  sk_alloc+0x3a/0x370
[  258.106572][ T7829]  __netlink_create+0x65/0x260
[  258.106595][ T7829]  ? __pfx_genl_release+0x10/0x10
[  258.106624][ T7829]  netlink_create+0x3ca/0x590
[  258.106650][ T7829]  ? __pfx_genl_unbind+0x10/0x10
[  258.106674][ T7829]  ? __pfx_genl_bind+0x10/0x10
[  258.106705][ T7829]  __sock_create+0x4b3/0x9f0
[  258.106734][ T7829]  __sys_socket+0xd7/0x1b0
[  258.106756][ T7829]  __ia32_compat_sys_socketcall+0x6df/0x9c0
[  258.106784][ T7829]  ? __fget_files+0x3a0/0x420
[  258.106814][ T7829]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[  258.106842][ T7829]  ? fput+0xa0/0xd0
[  258.106870][ T7829]  ? ksys_write+0x22a/0x250
[  258.106902][ T7829]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  258.106922][ T7829]  ? lockdep_hardirqs_on+0x9c/0x150
[  258.106954][ T7829]  __do_fast_syscall_32+0xb6/0x2b0
[  258.106975][ T7829]  ? lockdep_hardirqs_on+0x9c/0x150
[  258.107007][ T7829]  do_fast_syscall_32+0x34/0x80
[  258.107028][ T7829]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  258.107051][ T7829] RIP: 0023:0xf70ee539
[  258.107068][ T7829] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  258.107087][ T7829] RSP: 002b:00000000f50dd4f0 EFLAGS: 00000206 ORIG_RAX: 0000000000000066
[  258.107108][ T7829] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000f50dd500
[  258.107123][ T7829] RDX: 00000000f7453ff4 RSI: 0000000000000000 RDI: 00000000f7453ff4
[  258.107135][ T7829] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  258.107147][ T7829] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  258.107159][ T7829] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  258.107188][ T7829]  </TASK>
[  258.382689][ T5936] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  258.405014][ T7831] netlink: 28 bytes leftover after parsing attributes in process `syz.4.496'.
[  258.414255][ T7831] netlink: 28 bytes leftover after parsing attributes in process `syz.4.496'.
[  258.460214][ T7833] FAULT_INJECTION: forcing a failure.
[  258.460214][ T7833] name failslab, interval 1, probability 0, space 0, times 0
[  258.464001][ T7831] ip6gretap0: entered promiscuous mode
[  258.491674][ T7831] syz_tun: entered promiscuous mode
[  258.497002][ T7833] CPU: 1 UID: 0 PID: 7833 Comm: syz.2.497 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  258.497031][ T7833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  258.497042][ T7833] Call Trace:
[  258.497050][ T7833]  <TASK>
[  258.497059][ T7833]  dump_stack_lvl+0x189/0x250
[  258.497089][ T7833]  ? __pfx____ratelimit+0x10/0x10
[  258.497120][ T7833]  ? __pfx_dump_stack_lvl+0x10/0x10
[  258.497144][ T7833]  ? __pfx__printk+0x10/0x10
[  258.497178][ T7833]  ? __pfx___might_resched+0x10/0x10
[  258.497199][ T7833]  ? fs_reclaim_acquire+0x7d/0x100
[  258.497231][ T7833]  should_fail_ex+0x414/0x560
[  258.497265][ T7833]  should_failslab+0xa8/0x100
[  258.497293][ T7833]  __kmalloc_cache_noprof+0x70/0x3d0
[  258.497315][ T7833]  ? do_proc_control+0x215/0xe40
[  258.497337][ T7833]  do_proc_control+0x215/0xe40
[  258.497369][ T7833]  proc_control_compat+0x129/0x170
[  258.497398][ T7833]  ? __pfx_proc_control_compat+0x10/0x10
[  258.497438][ T7833]  usbdev_ioctl+0x13ba/0x20c0
[  258.497467][ T7833]  ? __fget_files+0x2a/0x420
[  258.497493][ T7833]  ? __pfx_usbdev_ioctl+0x10/0x10
[  258.497517][ T7833]  ? __fget_files+0x3a0/0x420
[  258.497539][ T7833]  ? __fget_files+0x2a/0x420
[  258.497565][ T7833]  ? bpf_lsm_file_ioctl_compat+0x9/0x20
[  258.497588][ T7833]  __ia32_compat_sys_ioctl+0x540/0x840
[  258.497611][ T7833]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  258.497632][ T7833]  ? __fget_files+0x3a0/0x420
[  258.497663][ T7833]  ? fput+0xa0/0xd0
[  258.497689][ T7833]  ? ksys_write+0x22a/0x250
[  258.497718][ T7833]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  258.497737][ T7833]  ? lockdep_hardirqs_on+0x9c/0x150
[  258.497766][ T7833]  __do_fast_syscall_32+0xb6/0x2b0
[  258.497785][ T7833]  ? lockdep_hardirqs_on+0x9c/0x150
[  258.497821][ T7833]  do_fast_syscall_32+0x34/0x80
[  258.497839][ T7833]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  258.497870][ T7833] RIP: 0023:0xf705e539
[  258.497886][ T7833] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  258.497902][ T7833] RSP: 002b:00000000f504e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  258.497922][ T7833] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0105500
[  258.497934][ T7833] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  258.497945][ T7833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  258.497955][ T7833] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  258.497965][ T7833] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  258.497994][ T7833]  </TASK>
[  258.776055][ T5936] usb 1-1: Using ep0 maxpacket: 32
[  258.785260][ T5936] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  258.794658][ T5936] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.807167][ T5936] usb 1-1: config 0 descriptor??
[  258.807200][ T7837] FAULT_INJECTION: forcing a failure.
[  258.807200][ T7837] name failslab, interval 1, probability 0, space 0, times 0
[  258.824799][ T5936] gspca_main: sunplus-2.14.0 probing 041e:400b
[  258.861869][ T7837] CPU: 0 UID: 0 PID: 7837 Comm: syz.2.499 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  258.861903][ T7837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  258.861914][ T7837] Call Trace:
[  258.861922][ T7837]  <TASK>
[  258.861930][ T7837]  dump_stack_lvl+0x189/0x250
[  258.861958][ T7837]  ? __pfx____ratelimit+0x10/0x10
[  258.861987][ T7837]  ? __pfx_dump_stack_lvl+0x10/0x10
[  258.862009][ T7837]  ? __pfx__printk+0x10/0x10
[  258.862040][ T7837]  ? __pfx___might_resched+0x10/0x10
[  258.862070][ T7837]  should_fail_ex+0x414/0x560
[  258.862105][ T7837]  should_failslab+0xa8/0x100
[  258.862133][ T7837]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  258.862158][ T7837]  ? __alloc_skb+0x112/0x2d0
[  258.862178][ T7837]  ? __pfx___mutex_trylock_common+0x10/0x10
[  258.862210][ T7837]  __alloc_skb+0x112/0x2d0
[  258.862238][ T7837]  netlink_dump+0x1b1/0xe60
[  258.862266][ T7837]  ? __netlink_lookup+0xbd/0x810
[  258.862299][ T7837]  ? __pfx_netlink_dump+0x10/0x10
[  258.862338][ T7837]  ? netlink_lookup+0x30/0x200
[  258.862360][ T7837]  ? netlink_lookup+0x30/0x200
[  258.862398][ T7837]  ? netlink_lookup+0x30/0x200
[  258.862428][ T7837]  __netlink_dump_start+0x5cb/0x7e0
[  258.862463][ T7837]  rtnetlink_rcv_msg+0x9eb/0xb70
[  258.862487][ T7837]  ? __pfx_rtm_dump_nexthop+0x10/0x10
[  258.862515][ T7837]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  258.862537][ T7837]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  258.862556][ T7837]  ? ref_tracker_free+0x63a/0x7d0
[  258.862584][ T7837]  ? __pfx_rtnl_dumpit+0x10/0x10
[  258.862605][ T7837]  ? __pfx_rtm_dump_nexthop+0x10/0x10
[  258.862635][ T7837]  ? __skb_clone+0x63/0x7a0
[  258.862670][ T7837]  netlink_rcv_skb+0x208/0x470
[  258.862695][ T7837]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  258.862719][ T7837]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  258.862768][ T7837]  ? netlink_deliver_tap+0x2e/0x1b0
[  258.862791][ T7837]  ? netlink_deliver_tap+0x2e/0x1b0
[  258.862821][ T7837]  netlink_unicast+0x759/0x8e0
[  258.862856][ T7837]  netlink_sendmsg+0x805/0xb30
[  258.862892][ T7837]  ? __pfx_netlink_sendmsg+0x10/0x10
[  258.862920][ T7837]  ? __import_iovec+0x5d4/0x7f0
[  258.862940][ T7837]  ? aa_sock_msg_perm+0x94/0x160
[  258.862972][ T7837]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  258.863001][ T7837]  ? __pfx_netlink_sendmsg+0x10/0x10
[  258.863026][ T7837]  __sock_sendmsg+0x219/0x270
[  258.863049][ T7837]  ____sys_sendmsg+0x505/0x830
[  258.863083][ T7837]  ? __pfx_____sys_sendmsg+0x10/0x10
[  258.863129][ T7837]  ___sys_sendmsg+0x21f/0x2a0
[  258.863158][ T7837]  ? __pfx____sys_sendmsg+0x10/0x10
[  258.863228][ T7837]  ? __fget_files+0x2a/0x420
[  258.863253][ T7837]  ? __fget_files+0x3a0/0x420
[  258.863292][ T7837]  __sys_sendmsg+0x164/0x220
[  258.863321][ T7837]  ? __pfx___sys_sendmsg+0x10/0x10
[  258.863364][ T7837]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  258.863386][ T7837]  ? lockdep_hardirqs_on+0x9c/0x150
[  258.863419][ T7837]  __do_fast_syscall_32+0xb6/0x2b0
[  258.863440][ T7837]  ? lockdep_hardirqs_on+0x9c/0x150
[  258.863475][ T7837]  do_fast_syscall_32+0x34/0x80
[  258.863496][ T7837]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  258.863518][ T7837] RIP: 0023:0xf705e539
[  258.863536][ T7837] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  258.863553][ T7837] RSP: 002b:00000000f504e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  258.863575][ T7837] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  258.863589][ T7837] RDX: 0000000000000044 RSI: 0000000000000000 RDI: 0000000000000000
[  258.863601][ T7837] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  258.863612][ T7837] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  258.863624][ T7837] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  258.863656][ T7837]  </TASK>
[  260.318680][ T7822] fuse: Bad value for 'group_id'
[  260.323743][ T7822] fuse: Bad value for 'group_id'
[  260.619490][ T5936] gspca_sunplus: reg_w_riv err -110
[  260.624915][ T5936] sunplus 1-1:0.0: probe with driver sunplus failed with error -110
[  260.671489][ T5913] usb 1-1: USB disconnect, device number 16
[  261.759340][ T7871] input: syz1 as /devices/virtual/input/input33
[  262.976356][ T5936] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  263.136507][ T5936] usb 4-1: Using ep0 maxpacket: 32
[  263.144224][ T5936] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 39456, setting to 1024
[  263.156867][ T5936] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  263.190486][ T5936] usb 4-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= a.f5
[  263.210358][ T5936] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.260005][ T5936] usb 4-1: Product: syz
[  263.273390][ T5936] usb 4-1: Manufacturer: syz
[  263.297054][ T5936] usb 4-1: SerialNumber: syz
[  263.327433][ T5936] usb 4-1: config 0 descriptor??
[  263.350129][ T7885] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  263.363975][ T5936] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  263.444902][ T7902] netlink: 12 bytes leftover after parsing attributes in process `syz.0.518'.
[  263.449109][ T7901] netlink: 8 bytes leftover after parsing attributes in process `syz.4.517'.
[  263.465431][ T7901] netlink: 'syz.4.517': attribute type 30 has an invalid length.
[  263.561300][ T7901] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  263.570461][ T7901] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  263.579387][ T7901] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  263.588212][ T7901] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  263.755330][   T30] kauditd_printk_skb: 65 callbacks suppressed
[  263.755345][   T30] audit: type=1326 audit(1752293267.636:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7884 comm="syz.3.513" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f16539 code=0x0
[  263.839300][ T7905] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  263.848183][ T7905] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  264.288194][ T5913] IPVS: starting estimator thread 0...
[  264.394211][ T5938] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  264.402080][ T7916] IPVS: using max 47 ests per chain, 112800 per kthread
[  264.726275][ T5938] usb 3-1: Using ep0 maxpacket: 32
[  264.974284][ T5938] usb 3-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  265.013046][ T5938] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.042639][ T5938] usb 3-1: config 0 descriptor??
[  265.340251][ T5938] gspca_main: sunplus-2.14.0 probing 041e:400b
[  265.627798][ T7927] usb usb8: usbfs: process 7927 (syz.1.523) did not claim interface 0 before use
[  265.736645][ T5922] usb 4-1: USB disconnect, device number 26
[  266.141901][ T7932] input: syz1 as /devices/virtual/input/input34
[  266.586792][ T7911] fuse: Bad value for 'group_id'
[  266.601326][ T7911] fuse: Bad value for 'group_id'
[  266.641783][ T5938] gspca_sunplus: reg_w_riv err -71
[  266.647245][ T5938] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  266.666260][ T5938] usb 3-1: USB disconnect, device number 14
[  267.129304][ T7940] FAULT_INJECTION: forcing a failure.
[  267.129304][ T7940] name failslab, interval 1, probability 0, space 0, times 0
[  267.189804][ T7940] CPU: 0 UID: 0 PID: 7940 Comm: syz.1.528 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  267.189837][ T7940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  267.189848][ T7940] Call Trace:
[  267.189857][ T7940]  <TASK>
[  267.189866][ T7940]  dump_stack_lvl+0x189/0x250
[  267.189897][ T7940]  ? __pfx____ratelimit+0x10/0x10
[  267.189928][ T7940]  ? __pfx_dump_stack_lvl+0x10/0x10
[  267.189951][ T7940]  ? __pfx__printk+0x10/0x10
[  267.189982][ T7940]  ? __pfx___might_resched+0x10/0x10
[  267.190005][ T7940]  ? fs_reclaim_acquire+0x7d/0x100
[  267.190039][ T7940]  should_fail_ex+0x414/0x560
[  267.190074][ T7940]  should_failslab+0xa8/0x100
[  267.190101][ T7940]  __kmalloc_noprof+0xcb/0x4f0
[  267.190124][ T7940]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  267.190145][ T7940]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  267.190182][ T7940]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  267.190221][ T7940]  genl_family_rcv_msg_doit+0xb8/0x300
[  267.190259][ T7940]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  267.190292][ T7940]  ? rcu_is_watching+0x15/0xb0
[  267.190318][ T7940]  ? apparmor_capable+0x137/0x1b0
[  267.190344][ T7940]  ? bpf_lsm_capable+0x9/0x20
[  267.190365][ T7940]  ? security_capable+0x7e/0x2e0
[  267.190402][ T7940]  genl_rcv_msg+0x60e/0x790
[  267.190439][ T7940]  ? __pfx_genl_rcv_msg+0x10/0x10
[  267.190465][ T7940]  ? ref_tracker_free+0x63a/0x7d0
[  267.190491][ T7940]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  267.190516][ T7940]  ? __pfx_nl80211_channel_switch+0x10/0x10
[  267.190540][ T7940]  ? __pfx_nl80211_post_doit+0x10/0x10
[  267.190568][ T7940]  ? __pfx_ref_tracker_free+0x10/0x10
[  267.190610][ T7940]  netlink_rcv_skb+0x208/0x470
[  267.190636][ T7940]  ? __pfx_genl_rcv_msg+0x10/0x10
[  267.190666][ T7940]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  267.190711][ T7940]  ? down_read+0x1ad/0x2e0
[  267.190735][ T7940]  genl_rcv+0x28/0x40
[  267.190770][ T7940]  netlink_unicast+0x759/0x8e0
[  267.190805][ T7940]  netlink_sendmsg+0x805/0xb30
[  267.190842][ T7940]  ? __pfx_netlink_sendmsg+0x10/0x10
[  267.190869][ T7940]  ? __import_iovec+0x5d4/0x7f0
[  267.190889][ T7940]  ? aa_sock_msg_perm+0x94/0x160
[  267.190919][ T7940]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  267.190946][ T7940]  ? __pfx_netlink_sendmsg+0x10/0x10
[  267.190971][ T7940]  __sock_sendmsg+0x219/0x270
[  267.190995][ T7940]  ____sys_sendmsg+0x505/0x830
[  267.191027][ T7940]  ? __pfx_____sys_sendmsg+0x10/0x10
[  267.191073][ T7940]  ___sys_sendmsg+0x21f/0x2a0
[  267.191102][ T7940]  ? __pfx____sys_sendmsg+0x10/0x10
[  267.191170][ T7940]  ? __fget_files+0x2a/0x420
[  267.191196][ T7940]  ? __fget_files+0x3a0/0x420
[  267.191233][ T7940]  __sys_sendmsg+0x164/0x220
[  267.191261][ T7940]  ? __pfx___sys_sendmsg+0x10/0x10
[  267.191303][ T7940]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  267.191323][ T7940]  ? lockdep_hardirqs_on+0x9c/0x150
[  267.191356][ T7940]  __do_fast_syscall_32+0xb6/0x2b0
[  267.191378][ T7940]  ? lockdep_hardirqs_on+0x9c/0x150
[  267.191412][ T7940]  do_fast_syscall_32+0x34/0x80
[  267.191432][ T7940]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  267.191455][ T7940] RIP: 0023:0xf70ee539
[  267.191474][ T7940] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  267.191490][ T7940] RSP: 002b:00000000f50de55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  267.191513][ T7940] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[  267.191527][ T7940] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  267.191539][ T7940] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  267.191550][ T7940] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  267.191562][ T7940] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  267.191593][ T7940]  </TASK>
[  267.593030][ T7943] 8021q: adding VLAN 0 to HW filter on device bond2
[  267.986907][ T5922] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  268.248444][ T7961] netlink: 60 bytes leftover after parsing attributes in process `syz.3.533'.
[  268.437536][ T5922] usb 2-1: Using ep0 maxpacket: 8
[  268.451182][ T7961] netlink: 16 bytes leftover after parsing attributes in process `syz.3.533'.
[  268.469510][ T5922] usb 2-1: unable to get BOS descriptor or descriptor too short
[  268.496161][ T7961] netlink: 60 bytes leftover after parsing attributes in process `syz.3.533'.
[  268.515475][ T5922] usb 2-1: config 4 interface 0 has no altsetting 0
[  268.535213][ T5922] usb 2-1: string descriptor 0 read error: -22
[  268.542712][ T5922] usb 2-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  268.564250][ T5922] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.595565][ T7949] bond1: (slave veth0_to_bond): Releasing backup interface
[  268.625648][ T7949] bond2: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  268.800652][ T5922] usb 2-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  269.094810][ T7943] bond2: (slave veth19): Enslaving as an active interface with an up link
[  269.134305][ T5922] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  269.165460][ T5922] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  269.197549][ T5922] usb 2-1: media controller created
[  269.307836][ T5922] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  269.400441][ T7972] netlink: 8 bytes leftover after parsing attributes in process `syz.1.529'.
[  270.487378][ T5922] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  270.676110][ T5922] usb 3-1: Using ep0 maxpacket: 16
[  270.714568][ T5922] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  270.724354][ T5922] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  270.736217][ T5922] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  270.745372][ T5922] usb 3-1: config 1 has no interface number 1
[  270.751953][ T5922] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  270.766263][ T5922] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  270.786390][ T5922] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  270.796492][ T5922] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.014543][ T5913] usb 2-1: USB disconnect, device number 14
[  271.049880][ T5922] usb 3-1: Product: syz
[  271.068584][ T5922] usb 3-1: Manufacturer: syz
[  271.083297][ T5922] usb 3-1: SerialNumber: syz
[  271.440045][ T7985] wg1: entered promiscuous mode
[  271.445511][ T7985] wg1: entered allmulticast mode
[  272.124272][ T7994] FAULT_INJECTION: forcing a failure.
[  272.124272][ T7994] name failslab, interval 1, probability 0, space 0, times 0
[  272.230695][ T7994] CPU: 1 UID: 0 PID: 7994 Comm: syz.3.540 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  272.230726][ T7994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  272.230738][ T7994] Call Trace:
[  272.230747][ T7994]  <TASK>
[  272.230755][ T7994]  dump_stack_lvl+0x189/0x250
[  272.230785][ T7994]  ? __pfx____ratelimit+0x10/0x10
[  272.230821][ T7994]  ? __pfx_dump_stack_lvl+0x10/0x10
[  272.230845][ T7994]  ? __pfx__printk+0x10/0x10
[  272.230880][ T7994]  ? __pfx___might_resched+0x10/0x10
[  272.230910][ T7994]  should_fail_ex+0x414/0x560
[  272.230945][ T7994]  should_failslab+0xa8/0x100
[  272.230974][ T7994]  __kmalloc_cache_node_noprof+0x73/0x3d0
[  272.231000][ T7994]  ? __get_vm_area_node+0x13f/0x300
[  272.231030][ T7994]  __get_vm_area_node+0x13f/0x300
[  272.231061][ T7994]  __vmalloc_node_range_noprof+0x301/0x12f0
[  272.231088][ T7994]  ? xt_compat_init_offsets+0xd3/0x1c0
[  272.231116][ T7994]  ? __pfx___mutex_trylock_common+0x10/0x10
[  272.231154][ T7994]  ? trace_contention_end+0x39/0x120
[  272.231192][ T7994]  ? stack_depot_save_flags+0x40/0x900
[  272.231224][ T7994]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  272.231252][ T7994]  ? __pfx___mutex_lock+0x10/0x10
[  272.231274][ T7994]  ? kasan_save_track+0x4f/0x80
[  272.231297][ T7994]  ? xt_compat_init_offsets+0xd3/0x1c0
[  272.231324][ T7994]  vmalloc_noprof+0xb2/0xf0
[  272.231350][ T7994]  ? xt_compat_init_offsets+0xd3/0x1c0
[  272.231380][ T7994]  xt_compat_init_offsets+0xd3/0x1c0
[  272.231411][ T7994]  translate_compat_table+0x1b8/0x1750
[  272.231465][ T7994]  ? __pfx_translate_compat_table+0x10/0x10
[  272.231515][ T7994]  ? _copy_from_user+0x94/0xb0
[  272.231545][ T7994]  do_arpt_set_ctl+0x9d9/0xf10
[  272.231578][ T7994]  ? __mutex_trylock_common+0x153/0x260
[  272.231608][ T7994]  ? __pfx_do_arpt_set_ctl+0x10/0x10
[  272.231641][ T7994]  ? rcu_is_watching+0x15/0xb0
[  272.231685][ T7994]  ? nf_setsockopt+0x221/0x290
[  272.231717][ T7994]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  272.231742][ T7994]  ? __pfx___mutex_lock+0x10/0x10
[  272.231771][ T7994]  ? __pfx___mutex_lock+0x10/0x10
[  272.231793][ T7994]  ? rcu_read_lock_any_held+0xb3/0x120
[  272.231828][ T7994]  nf_setsockopt+0x26f/0x290
[  272.231855][ T7994]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  272.231880][ T7994]  smc_setsockopt+0x22f/0xab0
[  272.231917][ T7994]  ? __pfx_smc_setsockopt+0x10/0x10
[  272.231952][ T7994]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  272.231980][ T7994]  ? __pfx_smc_setsockopt+0x10/0x10
[  272.232011][ T7994]  do_sock_setsockopt+0x257/0x3e0
[  272.232039][ T7994]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  272.232062][ T7994]  ? __fget_files+0x2a/0x420
[  272.232094][ T7994]  ? __fget_files+0x3a0/0x420
[  272.232118][ T7994]  ? __fget_files+0x2a/0x420
[  272.232154][ T7994]  __ia32_sys_setsockopt+0x18b/0x220
[  272.232187][ T7994]  __do_fast_syscall_32+0xb6/0x2b0
[  272.232208][ T7994]  ? lockdep_hardirqs_on+0x9c/0x150
[  272.232242][ T7994]  do_fast_syscall_32+0x34/0x80
[  272.232263][ T7994]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  272.232286][ T7994] RIP: 0023:0xf7f16539
[  272.232303][ T7994] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  272.232321][ T7994] RSP: 002b:00000000f503655c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[  272.232343][ T7994] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  272.232357][ T7994] RDX: 0000000000000060 RSI: 0000000080000500 RDI: 0000000000000424
[  272.232370][ T7994] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  272.232382][ T7994] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  272.232394][ T7994] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  272.232425][ T7994]  </TASK>
[  272.232683][ T7994] syz.3.540: vmalloc error: size 32, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  272.624842][ T7994] CPU: 0 UID: 0 PID: 7994 Comm: syz.3.540 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  272.624871][ T7994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  272.624882][ T7994] Call Trace:
[  272.624891][ T7994]  <TASK>
[  272.624899][ T7994]  dump_stack_lvl+0x189/0x250
[  272.624928][ T7994]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  272.624959][ T7994]  ? __pfx_dump_stack_lvl+0x10/0x10
[  272.624981][ T7994]  ? __pfx__printk+0x10/0x10
[  272.625000][ T7994]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  272.625025][ T7994]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  272.625058][ T7994]  warn_alloc+0x214/0x310
[  272.625092][ T7994]  ? __pfx_warn_alloc+0x10/0x10
[  272.625117][ T7994]  ? __get_vm_area_node+0x13f/0x300
[  272.625135][ T7994]  ? __get_vm_area_node+0x2b5/0x300
[  272.625154][ T7994]  __vmalloc_node_range_noprof+0x326/0x12f0
[  272.625173][ T7994]  ? __pfx___mutex_trylock_common+0x10/0x10
[  272.625207][ T7994]  ? trace_contention_end+0x39/0x120
[  272.625245][ T7994]  ? stack_depot_save_flags+0x40/0x900
[  272.625273][ T7994]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  272.625290][ T7994]  ? __pfx___mutex_lock+0x10/0x10
[  272.625303][ T7994]  ? kasan_save_track+0x4f/0x80
[  272.625316][ T7994]  ? xt_compat_init_offsets+0xd3/0x1c0
[  272.625340][ T7994]  vmalloc_noprof+0xb2/0xf0
[  272.625365][ T7994]  ? xt_compat_init_offsets+0xd3/0x1c0
[  272.625392][ T7994]  xt_compat_init_offsets+0xd3/0x1c0
[  272.625421][ T7994]  translate_compat_table+0x1b8/0x1750
[  272.625460][ T7994]  ? __pfx_translate_compat_table+0x10/0x10
[  272.625494][ T7994]  ? _copy_from_user+0x94/0xb0
[  272.625523][ T7994]  do_arpt_set_ctl+0x9d9/0xf10
[  272.625555][ T7994]  ? __mutex_trylock_common+0x153/0x260
[  272.625582][ T7994]  ? __pfx_do_arpt_set_ctl+0x10/0x10
[  272.625615][ T7994]  ? rcu_is_watching+0x15/0xb0
[  272.625648][ T7994]  ? nf_setsockopt+0x221/0x290
[  272.625679][ T7994]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  272.625711][ T7994]  ? __pfx___mutex_lock+0x10/0x10
[  272.625737][ T7994]  ? __pfx___mutex_lock+0x10/0x10
[  272.625753][ T7994]  ? rcu_read_lock_any_held+0xb3/0x120
[  272.625773][ T7994]  nf_setsockopt+0x26f/0x290
[  272.625790][ T7994]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  272.625809][ T7994]  smc_setsockopt+0x22f/0xab0
[  272.625851][ T7994]  ? __pfx_smc_setsockopt+0x10/0x10
[  272.625884][ T7994]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  272.625908][ T7994]  ? __pfx_smc_setsockopt+0x10/0x10
[  272.625937][ T7994]  do_sock_setsockopt+0x257/0x3e0
[  272.625965][ T7994]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  272.625987][ T7994]  ? __fget_files+0x2a/0x420
[  272.626018][ T7994]  ? __fget_files+0x3a0/0x420
[  272.626042][ T7994]  ? __fget_files+0x2a/0x420
[  272.626075][ T7994]  __ia32_sys_setsockopt+0x18b/0x220
[  272.626107][ T7994]  __do_fast_syscall_32+0xb6/0x2b0
[  272.626128][ T7994]  ? lockdep_hardirqs_on+0x9c/0x150
[  272.626161][ T7994]  do_fast_syscall_32+0x34/0x80
[  272.626181][ T7994]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  272.626204][ T7994] RIP: 0023:0xf7f16539
[  272.626221][ T7994] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  272.626238][ T7994] RSP: 002b:00000000f503655c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[  272.626260][ T7994] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  272.626273][ T7994] RDX: 0000000000000060 RSI: 0000000080000500 RDI: 0000000000000424
[  272.626285][ T7994] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  272.626297][ T7994] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  272.626309][ T7994] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  272.626348][ T7994]  </TASK>
[  273.005456][ T7994] Mem-Info:
[  273.008912][ T7994] active_anon:5859 inactive_anon:0 isolated_anon:0
[  273.008912][ T7994]  active_file:6621 inactive_file:39884 isolated_file:0
[  273.008912][ T7994]  unevictable:768 dirty:345 writeback:0
[  273.008912][ T7994]  slab_reclaimable:10307 slab_unreclaimable:101958
[  273.008912][ T7994]  mapped:30712 shmem:1361 pagetables:1173
[  273.008912][ T7994]  sec_pagetables:0 bounce:0
[  273.008912][ T7994]  kernel_misc_reclaimable:0
[  273.008912][ T7994]  free:1319075 free_pcp:14811 free_cma:0
[  273.054521][ T7994] Node 0 active_anon:23436kB inactive_anon:0kB active_file:26484kB inactive_file:159336kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:122848kB dirty:1380kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12188kB pagetables:4568kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  273.088836][ T7994] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:124kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  273.122796][ T7994] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  273.154598][ T7994] lowmem_reserve[]: 0 2498 2500 2500 2500
[  273.160783][ T7994] Node 0 DMA32 free:1354244kB boost:0kB min:34248kB low:42808kB high:51368kB reserved_highatomic:0KB free_highatomic:0KB active_anon:23360kB inactive_anon:0kB active_file:26484kB inactive_file:157772kB unevictable:1536kB writepending:1388kB present:3129332kB managed:2558396kB mlocked:0kB bounce:0kB free_pcp:41804kB local_pcp:20400kB free_cma:0kB
[  273.194901][ T7994] lowmem_reserve[]: 0 0 1 1 1
[  273.199913][ T7994] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1564kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  273.230240][ T7994] lowmem_reserve[]: 0 0 0 0 0
[  273.235066][ T7994] Node 1 Normal free:3906772kB boost:0kB min:55632kB low:69540kB high:83448kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:17280kB local_pcp:8096kB free_cma:0kB
[  273.268869][ T7994] lowmem_reserve[]: 0 0 0 0 0
[  273.273736][ T7994] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  273.287615][ T7994] Node 0 DMA32: 1131*4kB (UME) 479*8kB (UME) 314*16kB (UME) 225*32kB (UME) 141*64kB (UME) 31*128kB (UM) 10*256kB (UM) 7*512kB (UME) 3*1024kB (UME) 3*2048kB (UM) 319*4096kB (M) = 1355556kB
[  273.306697][ T7994] Node 0 Normal: 0*4kB 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB
[  273.319852][ T7994] Node 1 Normal: 171*4kB (UE) 51*8kB (UME) 41*16kB (UME) 74*32kB (UME) 27*64kB (UME) 6*128kB (UME) 3*256kB (UM) 4*512kB (UME) 2*1024kB (ME) 2*2048kB (UE) 950*4096kB (M) = 3906772kB
[  273.340279][ T7994] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  273.350001][ T7994] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  273.359400][ T7994] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  273.369038][ T7994] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  273.378757][ T7994] 47864 total pagecache pages
[  273.383468][ T7994] 0 pages in swap cache
[  273.388765][ T7994] Free swap  = 124996kB
[  273.389398][ T5922] usb 3-1: 2:1 : no or invalid class specific endpoint descriptor
[  273.393026][ T7994] Total swap = 124996kB
[  273.405400][ T7994] 2097051 pages RAM
[  273.410649][ T5922] usb 3-1: found format II with max.bitrate = 0, frame size=0
[  273.419712][ T7994] 0 pages HighMem/MovableOnly
[  273.420271][ T5922] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  273.424438][ T7994] 425410 pages reserved
[  273.449777][ T7994] 0 pages cma reserved
[  273.485112][ T5922] usb 3-1: USB disconnect, device number 15
[  273.579688][ T5854] udevd[5854]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  273.906541][ T8012] 8021q: adding VLAN 0 to HW filter on device bond3
[  273.957644][ T8015] IPv6: NLM_F_REPLACE set, but no existing node found!
[  274.259918][ T8012] bond3: (slave veth19): Enslaving as an active interface with an up link
[  274.287340][ T8014] bond2: (slave veth0_to_bond): Releasing backup interface
[  274.316961][ T8014] bond3: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  274.533463][ T5913] IPVS: starting estimator thread 0...
[  274.619888][ T8034] FAULT_INJECTION: forcing a failure.
[  274.619888][ T8034] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  274.664032][ T8033] IPVS: using max 47 ests per chain, 112800 per kthread
[  274.690923][ T8034] CPU: 1 UID: 0 PID: 8034 Comm: syz.1.553 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  274.690953][ T8034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  274.690963][ T8034] Call Trace:
[  274.690968][ T8034]  <TASK>
[  274.690974][ T8034]  dump_stack_lvl+0x189/0x250
[  274.690994][ T8034]  ? __pfx____ratelimit+0x10/0x10
[  274.691014][ T8034]  ? __pfx_dump_stack_lvl+0x10/0x10
[  274.691028][ T8034]  ? __pfx__printk+0x10/0x10
[  274.691051][ T8034]  should_fail_ex+0x414/0x560
[  274.691072][ T8034]  _copy_to_user+0x31/0xb0
[  274.691088][ T8034]  simple_read_from_buffer+0xe1/0x170
[  274.691115][ T8034]  proc_fail_nth_read+0x1df/0x250
[  274.691148][ T8034]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  274.691178][ T8034]  ? rw_verify_area+0x258/0x650
[  274.691200][ T8034]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  274.691222][ T8034]  vfs_read+0x200/0x980
[  274.691239][ T8034]  ? __pfx___mutex_lock+0x10/0x10
[  274.691252][ T8034]  ? __pfx_vfs_read+0x10/0x10
[  274.691266][ T8034]  ? __fget_files+0x2a/0x420
[  274.691285][ T8034]  ? __fget_files+0x3a0/0x420
[  274.691299][ T8034]  ? __fget_files+0x2a/0x420
[  274.691320][ T8034]  ksys_read+0x145/0x250
[  274.691335][ T8034]  ? __pfx_ksys_read+0x10/0x10
[  274.691350][ T8034]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  274.691362][ T8034]  ? lockdep_hardirqs_on+0x9c/0x150
[  274.691381][ T8034]  __do_fast_syscall_32+0xb6/0x2b0
[  274.691394][ T8034]  ? lockdep_hardirqs_on+0x9c/0x150
[  274.691414][ T8034]  do_fast_syscall_32+0x34/0x80
[  274.691426][ T8034]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  274.691444][ T8034] RIP: 0023:0xf70ee539
[  274.691455][ T8034] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  274.691466][ T8034] RSP: 002b:00000000f50bd590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  274.691481][ T8034] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50bd620
[  274.691490][ T8034] RDX: 000000000000000f RSI: 00000000f7453ff4 RDI: 0000000000000000
[  274.691497][ T8034] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  274.691504][ T8034] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  274.691511][ T8034] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  274.691529][ T8034]  </TASK>
[  275.282033][ T8040] input: syz1 as /devices/virtual/input/input36
[  275.296232][   T10] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  275.456244][   T10] usb 3-1: Using ep0 maxpacket: 32
[  275.464181][   T10] usb 3-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  275.477952][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.558367][   T10] usb 3-1: config 0 descriptor??
[  275.582542][   T10] gspca_main: sunplus-2.14.0 probing 041e:400b
[  275.749044][ T8042] FAULT_INJECTION: forcing a failure.
[  275.749044][ T8042] name failslab, interval 1, probability 0, space 0, times 0
[  275.763322][ T8042] CPU: 0 UID: 0 PID: 8042 Comm: syz.1.557 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  275.763344][ T8042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  275.763352][ T8042] Call Trace:
[  275.763357][ T8042]  <TASK>
[  275.763363][ T8042]  dump_stack_lvl+0x189/0x250
[  275.763382][ T8042]  ? __pfx____ratelimit+0x10/0x10
[  275.763402][ T8042]  ? __pfx_dump_stack_lvl+0x10/0x10
[  275.763429][ T8042]  ? __pfx__printk+0x10/0x10
[  275.763448][ T8042]  ? __pfx___might_resched+0x10/0x10
[  275.763466][ T8042]  should_fail_ex+0x414/0x560
[  275.763487][ T8042]  should_failslab+0xa8/0x100
[  275.763504][ T8042]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  275.763519][ T8042]  ? __alloc_skb+0x112/0x2d0
[  275.763536][ T8042]  __alloc_skb+0x112/0x2d0
[  275.763552][ T8042]  inet6_ifmcaddr_notify+0xeb/0x1d0
[  275.763567][ T8042]  ? __pfx_inet6_ifmcaddr_notify+0x10/0x10
[  275.763591][ T8042]  __ipv6_dev_mc_dec+0x305/0x390
[  275.763610][ T8042]  ipv6_mc_destroy_dev+0x33c/0x5a0
[  275.763624][ T8042]  ? addrconf_ifdown+0x1396/0x1880
[  275.763642][ T8042]  addrconf_ifdown+0x139e/0x1880
[  275.763665][ T8042]  ? tls_dev_event+0x717/0xec0
[  275.763677][ T8042]  ? __pfx_addrconf_ifdown+0x10/0x10
[  275.763700][ T8042]  addrconf_notify+0x1bc/0x1010
[  275.763720][ T8042]  notifier_call_chain+0x1b3/0x3e0
[  275.763741][ T8042]  unregister_netdevice_many_notify+0x15d8/0x2320
[  275.763769][ T8042]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  275.763793][ T8042]  ? __mod_timer+0xb37/0xf30
[  275.763815][ T8042]  ? lockdep_hardirqs_on+0x9c/0x150
[  275.763838][ T8042]  unregister_netdevice_queue+0x33c/0x380
[  275.763856][ T8042]  ? __pfx_queue_delayed_work_on+0x10/0x10
[  275.763872][ T8042]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  275.763887][ T8042]  ? linkwatch_urgent_event+0x62/0x3a0
[  275.763910][ T8042]  __tun_detach+0xda4/0x1560
[  275.763932][ T8042]  ? __pfx_tun_chr_close+0x10/0x10
[  275.763945][ T8042]  tun_chr_close+0x10a/0x1c0
[  275.763958][ T8042]  __fput+0x449/0xa70
[  275.763983][ T8042]  fput_close_sync+0x119/0x200
[  275.764001][ T8042]  ? dnotify_flush+0x1db/0x5e0
[  275.764018][ T8042]  ? __pfx_fput_close_sync+0x10/0x10
[  275.764036][ T8042]  ? do_raw_spin_unlock+0x122/0x240
[  275.764058][ T8042]  __ia32_sys_close+0x7f/0x110
[  275.764071][ T8042]  __do_fast_syscall_32+0xb6/0x2b0
[  275.764083][ T8042]  ? lockdep_hardirqs_on+0x9c/0x150
[  275.764104][ T8042]  do_fast_syscall_32+0x34/0x80
[  275.764116][ T8042]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  275.764130][ T8042] RIP: 0023:0xf70ee539
[  275.764142][ T8042] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  275.764158][ T8042] RSP: 002b:00000000f50de55c EFLAGS: 00000206 ORIG_RAX: 0000000000000006
[  275.764180][ T8042] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  275.764194][ T8042] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  275.764204][ T8042] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  275.764215][ T8042] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  275.764226][ T8042] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  275.764257][ T8042]  </TASK>
[  276.216149][   T10] gspca_sunplus: reg_w_riv err -110
[  276.221641][   T10] sunplus 3-1:0.0: probe with driver sunplus failed with error -110
[  276.706835][   T10] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  276.867356][   T10] usb 5-1: Using ep0 maxpacket: 32
[  276.879426][   T10] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10
[  276.891354][   T10] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024
[  276.909327][   T10] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  276.912217][ T8059] netlink: 4 bytes leftover after parsing attributes in process `syz.1.565'.
[  276.946026][ T8059] netlink: 4 bytes leftover after parsing attributes in process `syz.1.565'.
[  276.948835][   T10] usb 5-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  276.972578][   T10] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  277.006059][   T10] usb 5-1: Product: syz
[  277.010499][   T10] usb 5-1: Manufacturer: syz
[  277.025397][   T10] usb 5-1: SerialNumber: syz
[  277.054319][   T10] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input38
[  277.288449][ T8044] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.368773][ T8044] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  277.413939][ T8044] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.437949][ T8044] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  277.472000][   T10] usb 5-1: USB disconnect, device number 18
[  277.523298][   T10] appletouch 5-1:1.0: input: appletouch disconnected
[  277.654923][   T43] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  277.860385][ T5936] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  277.914794][   T43] usb 4-1: config 0 has no interfaces?
[  277.924318][   T43] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  277.934068][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.952869][   T43] usb 4-1: Product: syz
[  277.992446][ T5922] usb 3-1: USB disconnect, device number 16
[  278.046200][ T5936] usb 1-1: Using ep0 maxpacket: 32
[  278.052529][   T43] usb 4-1: Manufacturer: syz
[  278.053233][ T5936] usb 1-1: config 1 has an invalid interface number: 46 but max is 1
[  278.065497][ T5936] usb 1-1: config 1 has no interface number 1
[  278.326976][ T5936] usb 1-1: config 1 interface 46 altsetting 0 endpoint 0x7 has invalid maxpacket 1023, setting to 64
[  278.651772][ T5936] usb 1-1: config 1 interface 46 altsetting 0 endpoint 0xE has invalid maxpacket 1024, setting to 64
[  278.669573][ T5936] usb 1-1: config 1 interface 46 altsetting 0 endpoint 0xB has invalid maxpacket 1024, setting to 64
[  278.699944][ T5936] usb 1-1: config 1 interface 0 has no altsetting 0
[  278.724999][ T5936] usb 1-1: New USB device found, idVendor=0707, idProduct=0201, bcdDevice=64.6e
[  278.734424][ T5936] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.748994][   T43] usb 4-1: SerialNumber: syz
[  278.748999][ T5936] usb 1-1: Product: �
[  278.763505][ T5936] usb 1-1: Manufacturer: 瀿ꃙ���ᄻ�崰���䪊�⌔劗꿧☥넔嚺顴迪嶦Ѹꈓ澦谲�彭�蓴鄕莅막ꋘ웾뷹�晲呴Ⳮ휦릥м躠봃왊ᶚ貄鋑ϳ�톳笊὾㌧�஑�敮쫉翙皹ᣇ�ڈ律馆䵠�褡㰤찆얒䞲腙⚄昴ౡ즬ᥒႸ㮻컶鴌뭦曳ﹾ髸�翳丣烢ṭ㊌投侄젵䮱ﱆ븅䜵颦眊날蠇㜺堢
[  278.820859][   T43] usb 4-1: config 0 descriptor??
[  278.914045][ T5936] usb 1-1: SerialNumber: à  
[  279.542115][   T30] audit: type=1800 audit(1752293283.426:78): pid=8089 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.573" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  279.612264][ T8072] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  279.618905][ T8072] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  279.726366][ T8072] vhci_hcd vhci_hcd.0: Device attached
[  279.769649][ T8091] vhci_hcd: connection closed
[  279.770244][   T49] vhci_hcd: stop threads
[  279.844022][   T49] vhci_hcd: release socket
[  279.852141][   T49] vhci_hcd: disconnect device
[  279.859500][ T5936] pegasus 1-1:1.46: probe with driver pegasus failed with error -71
[  279.893903][ T5936] pegasus 1-1:1.0: probe with driver pegasus failed with error -71
[  279.916264][ T5938] vhci_hcd: vhci_device speed not set
[  279.934809][ T5936] usb 1-1: USB disconnect, device number 17
[  279.956752][ T8065] netlink: 8 bytes leftover after parsing attributes in process `syz.3.567'.
[  280.233083][ T8088] syz.2.572 (8088): drop_caches: 2
[  281.006204][   T43] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  281.069915][ T5922] usb 4-1: USB disconnect, device number 27
[  281.247581][   T43] usb 2-1: device descriptor read/64, error -71
[  281.247681][ T5938] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  281.437961][ T5938] usb 3-1: config 1 has no interfaces?
[  281.453461][ T5938] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  281.477483][ T5938] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.508741][ T5938] usb 3-1: Product: syz
[  281.513219][ T5938] usb 3-1: Manufacturer: syz
[  281.526867][ T5938] usb 3-1: SerialNumber: syz
[  281.586089][   T43] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  283.396163][  T120] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  283.568972][  T120] usb 2-1: Using ep0 maxpacket: 32
[  283.596355][  T120] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  283.618638][  T120] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.659651][  T120] usb 2-1: config 0 descriptor??
[  283.693432][  T120] gspca_main: sunplus-2.14.0 probing 041e:400b
[  283.976276][ T5936] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  284.126085][ T5936] usb 1-1: device descriptor read/64, error -71
[  284.324926][ T5938] usb 3-1: USB disconnect, device number 17
[  284.606041][ T5936] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  284.766064][ T5936] usb 1-1: device descriptor read/64, error -71
[  284.886387][ T5936] usb usb1-port1: attempt power cycle
[  284.926095][ T8141] input: syz1 as /devices/virtual/input/input39
[  285.043067][  T120] gspca_sunplus: reg_w_riv err -71
[  285.048413][  T120] sunplus 2-1:0.0: probe with driver sunplus failed with error -71
[  285.059965][  T120] usb 2-1: USB disconnect, device number 17
[  285.236263][ T5936] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  285.257050][ T5936] usb 1-1: device descriptor read/8, error -71
[  285.266126][ T5922] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  285.542903][ T5936] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  285.586794][ T5936] usb 1-1: device descriptor read/8, error -71
[  285.725871][ T5936] usb usb1-port1: unable to enumerate USB device
[  285.736099][ T5922] usb 3-1: Using ep0 maxpacket: 32
[  285.756742][ T5922] usb 3-1: config 1 has an invalid interface number: 46 but max is 1
[  285.774683][ T5922] usb 3-1: config 1 has no interface number 1
[  285.792455][ T5922] usb 3-1: config 1 interface 46 altsetting 0 endpoint 0x7 has invalid maxpacket 1023, setting to 64
[  285.854528][ T5922] usb 3-1: config 1 interface 46 altsetting 0 endpoint 0xE has invalid maxpacket 1024, setting to 64
[  285.893851][ T5922] usb 3-1: config 1 interface 46 altsetting 0 endpoint 0xB has invalid maxpacket 1024, setting to 64
[  285.934485][ T5922] usb 3-1: config 1 interface 0 has no altsetting 0
[  285.965478][ T5922] usb 3-1: New USB device found, idVendor=0707, idProduct=0201, bcdDevice=64.6e
[  285.981986][ T5922] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.993219][ T5922] usb 3-1: Product: �
[  286.000751][ T5922] usb 3-1: Manufacturer: 瀿ꃙ���ᄻ�崰���䪊�⌔劗꿧☥넔嚺顴迪嶦Ѹꈓ澦谲�彭�蓴鄕莅막ꋘ웾뷹�晲呴Ⳮ휦릥м躠봃왊ᶚ貄鋑ϳ�톳笊὾㌧�஑�敮쫉翙皹ᣇ�ڈ律馆䵠�褡㰤찆얒䞲腙⚄昴ౡ즬ᥒႸ㮻컶鴌뭦曳ﹾ髸�翳丣烢ṭ㊌投侄젵䮱ﱆ븅䜵颦眊날蠇㜺堢
[  286.046395][ T5922] usb 3-1: SerialNumber: à  
[  286.306469][ T8143] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  286.313069][ T8143] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  286.382465][ T8143] vhci_hcd vhci_hcd.0: Device attached
[  286.414964][ T8153] vhci_hcd: connection closed
[  286.415262][   T49] vhci_hcd: stop threads
[  286.429247][   T49] vhci_hcd: release socket
[  286.433722][   T49] vhci_hcd: disconnect device
[  286.452507][ T5922] pegasus 3-1:1.46: probe with driver pegasus failed with error -71
[  286.460671][   T43] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  286.557775][ T5922] pegasus 3-1:1.0: probe with driver pegasus failed with error -71
[  286.636429][ T5922] usb 3-1: USB disconnect, device number 18
[  286.726968][   T43] usb 5-1: config 0 has no interfaces?
[  286.770341][ T8160] input: syz1 as /devices/virtual/input/input40
[  286.884015][   T43] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  286.900431][   T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.926616][   T43] usb 5-1: Product: syz
[  286.941073][   T43] usb 5-1: Manufacturer: syz
[  286.945747][   T43] usb 5-1: SerialNumber: syz
[  286.976444][   T43] usb 5-1: config 0 descriptor??
[  287.219638][ T8152] netlink: 8 bytes leftover after parsing attributes in process `syz.4.590'.
[  287.486026][   T43] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[  287.740823][   T43] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  287.759931][   T43] usb 2-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[  287.769293][   T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.801801][   T43] usb 2-1: Product: syz
[  287.817756][   T43] usb 2-1: Manufacturer: syz
[  287.835314][   T43] usb 2-1: SerialNumber: syz
[  287.959905][   T43] usb 2-1: config 0 descriptor??
[  288.657814][ T8181] bond0: (slave veth0_to_hsr): Error: Device can not be enslaved while up
[  288.688801][ T8181] FAULT_INJECTION: forcing a failure.
[  288.688801][ T8181] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  288.722153][ T8181] CPU: 0 UID: 0 PID: 8181 Comm: syz.0.599 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  288.722184][ T8181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  288.722196][ T8181] Call Trace:
[  288.722204][ T8181]  <TASK>
[  288.722214][ T8181]  dump_stack_lvl+0x189/0x250
[  288.722243][ T8181]  ? __pfx____ratelimit+0x10/0x10
[  288.722275][ T8181]  ? __pfx_dump_stack_lvl+0x10/0x10
[  288.722310][ T8181]  ? __pfx__printk+0x10/0x10
[  288.722352][ T8181]  should_fail_ex+0x414/0x560
[  288.722387][ T8181]  _copy_to_user+0x31/0xb0
[  288.722413][ T8181]  simple_read_from_buffer+0xe1/0x170
[  288.722444][ T8181]  proc_fail_nth_read+0x1df/0x250
[  288.722475][ T8181]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  288.722508][ T8181]  ? rw_verify_area+0x258/0x650
[  288.722530][ T8181]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  288.722559][ T8181]  vfs_read+0x200/0x980
[  288.722588][ T8181]  ? __pfx___mutex_lock+0x10/0x10
[  288.722611][ T8181]  ? __pfx_vfs_read+0x10/0x10
[  288.722635][ T8181]  ? __fget_files+0x2a/0x420
[  288.722666][ T8181]  ? __fget_files+0x3a0/0x420
[  288.722690][ T8181]  ? __fget_files+0x2a/0x420
[  288.722727][ T8181]  ksys_read+0x145/0x250
[  288.722752][ T8181]  ? __pfx_ksys_read+0x10/0x10
[  288.722777][ T8181]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  288.722798][ T8181]  ? lockdep_hardirqs_on+0x9c/0x150
[  288.722831][ T8181]  __do_fast_syscall_32+0xb6/0x2b0
[  288.722853][ T8181]  ? lockdep_hardirqs_on+0x9c/0x150
[  288.722893][ T8181]  do_fast_syscall_32+0x34/0x80
[  288.722914][ T8181]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  288.722937][ T8181] RIP: 0023:0xf704e539
[  288.722955][ T8181] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  288.722973][ T8181] RSP: 002b:00000000f503e590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  288.722996][ T8181] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f503e620
[  288.723010][ T8181] RDX: 000000000000000f RSI: 00000000f73b3ff4 RDI: 0000000000000000
[  288.723022][ T8181] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  288.723034][ T8181] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  288.723045][ T8181] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  288.723076][ T8181]  </TASK>
[  289.202325][ T5922] usb 5-1: USB disconnect, device number 19
[  289.316428][ T8191] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(39)
[  289.323815][ T8191] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  289.324091][ T8191] vhci_hcd vhci_hcd.0: Device attached
[  289.566332][ T5938] usb 37-1: new high-speed USB device number 2 using vhci_hcd
[  289.626066][ T5922] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  289.746495][ T8198] input: syz1 as /devices/virtual/input/input41
[  289.776799][ T5922] usb 5-1: Using ep0 maxpacket: 32
[  289.791459][ T5922] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  289.807668][ T5922] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.837267][ T5922] usb 5-1: config 0 descriptor??
[  289.849492][ T5922] gspca_main: sunplus-2.14.0 probing 041e:400b
[  289.963588][ T8192] vhci_hcd: connection reset by peer
[  290.031227][   T12] vhci_hcd: stop threads
[  290.056034][   T12] vhci_hcd: release socket
[  290.075144][   T12] vhci_hcd: disconnect device
[  290.123252][ T5936] usb 2-1: USB disconnect, device number 18
[  290.707927][ T5936] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  290.911146][ T5936] usb 2-1: config 0 has no interfaces?
[  290.929791][ T5936] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  290.939246][ T5936] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.951347][ T5936] usb 2-1: Product: syz
[  290.955535][ T5936] usb 2-1: Manufacturer: syz
[  291.002144][ T5936] usb 2-1: SerialNumber: syz
[  291.025860][ T5936] usb 2-1: config 0 descriptor??
[  291.249813][ T8210] netlink: 8 bytes leftover after parsing attributes in process `syz.1.607'.
[  291.275350][ T5922] gspca_sunplus: reg_w_riv err -71
[  291.280717][ T5922] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  291.308219][ T5922] usb 5-1: USB disconnect, device number 20
[  291.313548][ T8214] input: syz1 as /devices/virtual/input/input42
[  291.491636][ T8216] @: renamed from vlan0 (while UP)
[  292.024160][ T8224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.611'.
[  292.114413][ T5922] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  292.276176][ T5922] usb 1-1: Using ep0 maxpacket: 8
[  292.328459][ T8225] bond2: (slave veth0_to_bond): Releasing backup interface
[  292.380165][ T5922] usb 1-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  292.389467][ T5922] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.529920][ T5922] usb 1-1: Product: syz
[  292.544494][ T5922] usb 1-1: Manufacturer: syz
[  292.554869][ T5922] usb 1-1: SerialNumber: syz
[  292.684428][ T8232] input: syz1 as /devices/virtual/input/input43
[  292.770663][ T5922] usb 1-1: config 0 descriptor??
[  292.827503][ T5922] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  293.057846][ T5922] gspca_sonixj: reg_r err -32
[  293.062718][ T5922] sonixj 1-1:0.0: probe with driver sonixj failed with error -32
[  293.346146][ T5937] usb 2-1: USB disconnect, device number 19
[  293.965450][ T5937] usb 1-1: USB disconnect, device number 22
[  293.977185][ T8253] input: syz1 as /devices/virtual/input/input44
[  294.116229][ T5922] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  294.266542][ T5922] usb 2-1: device descriptor read/64, error -71
[  294.386444][ T8258] geneve3: entered promiscuous mode
[  294.546274][ T5922] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  294.647123][ T8264] input: syz1 as /devices/virtual/input/input45
[  294.704552][ T5922] usb 2-1: device descriptor read/64, error -71
[  294.728789][ T5938] vhci_hcd: vhci_device speed not set
[  294.829051][ T5922] usb usb2-port1: attempt power cycle
[  295.136182][ T5937] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  295.226082][ T5922] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  295.286768][ T5922] usb 2-1: device descriptor read/8, error -71
[  295.313960][ T5937] usb 1-1: config 0 has no interfaces?
[  295.335624][ T5937] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  295.345809][ T5937] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.357655][ T5937] usb 1-1: Product: syz
[  295.363099][ T5937] usb 1-1: Manufacturer: syz
[  295.638921][ T5937] usb 1-1: SerialNumber: syz
[  295.786092][ T5922] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  295.909767][ T5922] usb 2-1: device descriptor read/8, error -71
[  296.039037][ T5922] usb usb2-port1: unable to enumerate USB device
[  296.062009][ T5937] usb 1-1: config 0 descriptor??
[  296.367835][ T8277] netlink: 8 bytes leftover after parsing attributes in process `syz.0.628'.
[  296.704325][ T8298] input: syz1 as /devices/virtual/input/input46
[  296.948774][ T8304] FAULT_INJECTION: forcing a failure.
[  296.948774][ T8304] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.964923][ T8304] CPU: 1 UID: 0 PID: 8304 Comm: syz.1.638 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  296.964952][ T8304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  296.964963][ T8304] Call Trace:
[  296.964971][ T8304]  <TASK>
[  296.964980][ T8304]  dump_stack_lvl+0x189/0x250
[  296.965002][ T8304]  ? __pfx____ratelimit+0x10/0x10
[  296.965022][ T8304]  ? __pfx_dump_stack_lvl+0x10/0x10
[  296.965036][ T8304]  ? __pfx__printk+0x10/0x10
[  296.965052][ T8304]  ? __might_fault+0xb0/0x130
[  296.965073][ T8304]  should_fail_ex+0x414/0x560
[  296.965094][ T8304]  _copy_from_user+0x2d/0xb0
[  296.965108][ T8304]  get_compat_msghdr+0xad/0x4a0
[  296.965129][ T8304]  ? __pfx_get_compat_msghdr+0x10/0x10
[  296.965152][ T8304]  ___sys_recvmsg+0x17f/0x510
[  296.965180][ T8304]  ? __pfx____sys_recvmsg+0x10/0x10
[  296.965210][ T8304]  ? __fget_files+0x3a0/0x420
[  296.965232][ T8304]  do_recvmmsg+0x36a/0x770
[  296.965253][ T8304]  ? __pfx_do_recvmmsg+0x10/0x10
[  296.965276][ T8304]  ? __pfx_vfs_write+0x10/0x10
[  296.965300][ T8304]  __sys_recvmmsg+0x19d/0x280
[  296.965317][ T8304]  ? __pfx___sys_recvmmsg+0x10/0x10
[  296.965331][ T8304]  ? ksys_write+0x22a/0x250
[  296.965350][ T8304]  __ia32_compat_sys_recvmmsg_time32+0xbf/0xe0
[  296.965370][ T8304]  __do_fast_syscall_32+0xb6/0x2b0
[  296.965382][ T8304]  ? lockdep_hardirqs_on+0x9c/0x150
[  296.965403][ T8304]  do_fast_syscall_32+0x34/0x80
[  296.965420][ T8304]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  296.965438][ T8304] RIP: 0023:0xf70ee539
[  296.965452][ T8304] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  296.965469][ T8304] RSP: 002b:00000000f50de55c EFLAGS: 00000206 ORIG_RAX: 0000000000000151
[  296.965493][ T8304] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  296.965507][ T8304] RDX: 00000000b69a67d5 RSI: 0000000000012141 RDI: 0000000000000000
[  296.965520][ T8304] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  296.965531][ T8304] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  296.965543][ T8304] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  296.965573][ T8304]  </TASK>
[  297.106026][ T5938] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  297.695000][ T8310] wg1: entered promiscuous mode
[  297.744843][ T8310] wg1: entered allmulticast mode
[  298.032255][ T8314] input: syz1 as /devices/virtual/input/input47
[  298.036755][ T5938] usb 5-1: config 0 has no interfaces?
[  298.066333][ T5938] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  298.104199][ T5938] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  298.136544][ T5938] usb 5-1: Product: syz
[  298.140851][ T5938] usb 5-1: Manufacturer: syz
[  298.154902][ T5938] usb 5-1: SerialNumber: syz
[  298.211278][ T5938] usb 5-1: config 0 descriptor??
[  298.510018][ T8302] netlink: 8 bytes leftover after parsing attributes in process `syz.4.637'.
[  298.694066][ T5938] usb 1-1: USB disconnect, device number 23
[  298.862123][ T8331] syzkaller1: tun_chr_ioctl cmd 2147767506
[  298.910555][ T8332] netlink: 60 bytes leftover after parsing attributes in process `syz.0.647'.
[  298.923079][ T8330] FAULT_INJECTION: forcing a failure.
[  298.923079][ T8330] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  298.939714][ T8330] CPU: 1 UID: 0 PID: 8330 Comm: syz.0.647 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  298.939745][ T8330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  298.939757][ T8330] Call Trace:
[  298.939766][ T8330]  <TASK>
[  298.939774][ T8330]  dump_stack_lvl+0x189/0x250
[  298.939803][ T8330]  ? __pfx____ratelimit+0x10/0x10
[  298.939833][ T8330]  ? __pfx_dump_stack_lvl+0x10/0x10
[  298.939856][ T8330]  ? __pfx__printk+0x10/0x10
[  298.939883][ T8330]  ? __might_fault+0xb0/0x130
[  298.939920][ T8330]  should_fail_ex+0x414/0x560
[  298.939954][ T8330]  _copy_to_iter+0x575/0x16f0
[  298.939990][ T8330]  ? __pfx__copy_to_iter+0x10/0x10
[  298.940007][ T8330]  ? __skb_try_recv_from_queue+0x2b2/0x730
[  298.940042][ T8330]  ? __skb_try_recv_datagram+0x3da/0x4e0
[  298.940076][ T8330]  __skb_datagram_iter+0xf8/0x990
[  298.940106][ T8330]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  298.940144][ T8330]  skb_copy_datagram_iter+0xc5/0x230
[  298.940182][ T8330]  netlink_recvmsg+0x2ab/0xa30
[  298.940218][ T8330]  ? __pfx_netlink_recvmsg+0x10/0x10
[  298.940248][ T8330]  ? aa_sock_msg_perm+0x94/0x160
[  298.940279][ T8330]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  298.940306][ T8330]  ? security_socket_recvmsg+0x7e/0x2e0
[  298.940327][ T8330]  ? __pfx_netlink_recvmsg+0x10/0x10
[  298.940351][ T8330]  sock_recvmsg+0x229/0x270
[  298.940375][ T8330]  ____sys_recvmsg+0x1c9/0x460
[  298.940410][ T8330]  ? __pfx_____sys_recvmsg+0x10/0x10
[  298.940433][ T8330]  ? get_compat_msghdr+0x37e/0x4a0
[  298.940481][ T8330]  ? get_pid_task+0x20/0x1f0
[  298.940517][ T8330]  ___sys_recvmsg+0x1b5/0x510
[  298.940551][ T8330]  ? __pfx____sys_recvmsg+0x10/0x10
[  298.940604][ T8330]  ? __fget_files+0x3a0/0x420
[  298.940643][ T8330]  __sys_recvmsg+0x161/0x220
[  298.940671][ T8330]  ? __pfx___sys_recvmsg+0x10/0x10
[  298.940713][ T8330]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  298.940734][ T8330]  ? lockdep_hardirqs_on+0x9c/0x150
[  298.940764][ T8330]  __do_fast_syscall_32+0xb6/0x2b0
[  298.940784][ T8330]  ? lockdep_hardirqs_on+0x9c/0x150
[  298.940817][ T8330]  do_fast_syscall_32+0x34/0x80
[  298.940837][ T8330]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  298.940861][ T8330] RIP: 0023:0xf704e539
[  298.940878][ T8330] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  298.940895][ T8330] RSP: 002b:00000000f503e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000174
[  298.940918][ T8330] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  298.940932][ T8330] RDX: 0000000040000100 RSI: 0000000000000000 RDI: 0000000000000000
[  298.940944][ T8330] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  298.940955][ T8330] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  298.940967][ T8330] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  298.940998][ T8330]  </TASK>
[  298.942429][ T8330] netlink: 60 bytes leftover after parsing attributes in process `syz.0.647'.
[  299.689506][ T8339] input: syz1 as /devices/virtual/input/input48
[  299.733035][ T8343] input: syz1 as /devices/virtual/input/input49
[  300.016574][ T8351] netlink: 4 bytes leftover after parsing attributes in process `syz.3.652'.
[  300.436117][ T8352] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  300.447271][ T8352] raw_sendmsg: syz.1.653 forgot to set AF_INET. Fix it!
[  300.524411][ T8353] bond3: (slave veth0_to_bond): Releasing backup interface
[  300.535348][ T5922] usb 5-1: USB disconnect, device number 21
[  300.726007][ T8352] netlink: 60 bytes leftover after parsing attributes in process `syz.1.653'.
[  300.747557][ T8361] input: syz1 as /devices/virtual/input/input50
[  300.754155][ T8350] netlink: 60 bytes leftover after parsing attributes in process `syz.1.653'.
[  301.701111][ T8375] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  301.981218][ T8379] input: syz1 as /devices/virtual/input/input51
[  303.051904][ T8387] input: syz1 as /devices/virtual/input/input52
[  303.198964][ T8381] bond2: (slave veth17): Releasing backup interface
[  303.313601][ T8391] netlink: 'syz.3.663': attribute type 9 has an invalid length.
[  303.685266][ T8401] FAULT_INJECTION: forcing a failure.
[  303.685266][ T8401] name failslab, interval 1, probability 0, space 0, times 0
[  303.740018][ T8401] CPU: 0 UID: 0 PID: 8401 Comm: syz.0.667 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  303.740050][ T8401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  303.740061][ T8401] Call Trace:
[  303.740069][ T8401]  <TASK>
[  303.740078][ T8401]  dump_stack_lvl+0x189/0x250
[  303.740118][ T8401]  ? __pfx____ratelimit+0x10/0x10
[  303.740148][ T8401]  ? __pfx_dump_stack_lvl+0x10/0x10
[  303.740170][ T8401]  ? __pfx__printk+0x10/0x10
[  303.740202][ T8401]  ? __pfx___might_resched+0x10/0x10
[  303.740223][ T8401]  ? fs_reclaim_acquire+0x7d/0x100
[  303.740253][ T8401]  should_fail_ex+0x414/0x560
[  303.740285][ T8401]  should_failslab+0xa8/0x100
[  303.740311][ T8401]  __kmalloc_cache_noprof+0x70/0x3d0
[  303.740333][ T8401]  ? rtnl_newlink+0xed/0x1c70
[  303.740353][ T8401]  ? kasan_save_free_info+0x46/0x50
[  303.740393][ T8401]  rtnl_newlink+0xed/0x1c70
[  303.740411][ T8401]  ? netlink_sendmsg+0x805/0xb30
[  303.740432][ T8401]  ? __sock_sendmsg+0x219/0x270
[  303.740446][ T8401]  ? ____sys_sendmsg+0x505/0x830
[  303.740468][ T8401]  ? ___sys_sendmsg+0x21f/0x2a0
[  303.740488][ T8401]  ? __sys_sendmsg+0x164/0x220
[  303.740509][ T8401]  ? __do_fast_syscall_32+0xb6/0x2b0
[  303.740526][ T8401]  ? do_fast_syscall_32+0x34/0x80
[  303.740544][ T8401]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  303.740576][ T8401]  ? __pfx_rtnl_newlink+0x10/0x10
[  303.740623][ T8401]  ? kasan_quarantine_put+0xdd/0x220
[  303.740643][ T8401]  ? lockdep_hardirqs_on+0x9c/0x150
[  303.740679][ T8401]  ? nlmon_xmit+0xb0/0x100
[  303.740698][ T8401]  ? kmem_cache_free+0x18f/0x400
[  303.740729][ T8401]  ? __local_bh_enable_ip+0x12d/0x1c0
[  303.740752][ T8401]  ? lockdep_hardirqs_on+0x9c/0x150
[  303.740781][ T8401]  ? __local_bh_enable_ip+0x12d/0x1c0
[  303.740802][ T8401]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  303.740828][ T8401]  ? __dev_queue_xmit+0x27e/0x3a70
[  303.740870][ T8401]  ? __lock_acquire+0xab9/0xd20
[  303.740919][ T8401]  ? __pfx_rtnl_newlink+0x10/0x10
[  303.740941][ T8401]  rtnetlink_rcv_msg+0x7cf/0xb70
[  303.740967][ T8401]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  303.740987][ T8401]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  303.741006][ T8401]  ? ref_tracker_free+0x63a/0x7d0
[  303.741039][ T8401]  ? __copy_skb_header+0xa7/0x550
[  303.741066][ T8401]  ? __pfx_ref_tracker_free+0x10/0x10
[  303.741095][ T8401]  ? __skb_clone+0x63/0x7a0
[  303.741137][ T8401]  netlink_rcv_skb+0x208/0x470
[  303.741164][ T8401]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  303.741187][ T8401]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  303.741227][ T8401]  ? netlink_deliver_tap+0x2e/0x1b0
[  303.741250][ T8401]  ? netlink_deliver_tap+0x2e/0x1b0
[  303.741280][ T8401]  netlink_unicast+0x759/0x8e0
[  303.741315][ T8401]  netlink_sendmsg+0x805/0xb30
[  303.741350][ T8401]  ? __pfx_netlink_sendmsg+0x10/0x10
[  303.741376][ T8401]  ? __import_iovec+0x5d4/0x7f0
[  303.741397][ T8401]  ? aa_sock_msg_perm+0x94/0x160
[  303.741428][ T8401]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  303.741456][ T8401]  ? __pfx_netlink_sendmsg+0x10/0x10
[  303.741482][ T8401]  __sock_sendmsg+0x219/0x270
[  303.741506][ T8401]  ____sys_sendmsg+0x505/0x830
[  303.741537][ T8401]  ? __pfx_____sys_sendmsg+0x10/0x10
[  303.741581][ T8401]  ___sys_sendmsg+0x21f/0x2a0
[  303.741610][ T8401]  ? __pfx____sys_sendmsg+0x10/0x10
[  303.741677][ T8401]  ? __fget_files+0x2a/0x420
[  303.741701][ T8401]  ? __fget_files+0x3a0/0x420
[  303.741739][ T8401]  __sys_sendmsg+0x164/0x220
[  303.741767][ T8401]  ? __pfx___sys_sendmsg+0x10/0x10
[  303.741809][ T8401]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  303.741830][ T8401]  ? lockdep_hardirqs_on+0x9c/0x150
[  303.741861][ T8401]  __do_fast_syscall_32+0xb6/0x2b0
[  303.741881][ T8401]  ? lockdep_hardirqs_on+0x9c/0x150
[  303.741915][ T8401]  do_fast_syscall_32+0x34/0x80
[  303.741936][ T8401]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  303.741958][ T8401] RIP: 0023:0xf704e539
[  303.741999][ T8401] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  303.742017][ T8401] RSP: 002b:00000000f503e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  303.742040][ T8401] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800002c0
[  303.742054][ T8401] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  303.742067][ T8401] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  303.742079][ T8401] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  303.742091][ T8401] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  303.742135][ T8401]  </TASK>
[  304.246013][   T43] usb 5-1: new low-speed USB device number 22 using dummy_hcd
[  304.265535][ T8405] input: syz1 as /devices/virtual/input/input53
[  304.426076][   T43] usb 5-1: device descriptor read/64, error -71
[  304.776662][   T43] usb 5-1: new low-speed USB device number 23 using dummy_hcd
[  305.049061][ T5938] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  305.049088][   T43] usb 5-1: device descriptor read/64, error -71
[  305.216523][   T43] usb usb5-port1: attempt power cycle
[  305.379590][ T5938] usb 4-1: config 0 has no interfaces?
[  305.403551][ T5938] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  305.424537][ T5938] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.463870][ T5938] usb 4-1: Product: syz
[  305.473964][ T5938] usb 4-1: Manufacturer: syz
[  305.531645][ T5938] usb 4-1: SerialNumber: syz
[  305.555104][ T5938] usb 4-1: config 0 descriptor??
[  305.776225][   T43] usb 5-1: new low-speed USB device number 24 using dummy_hcd
[  305.822172][   T43] usb 5-1: device descriptor read/8, error -71
[  306.095549][ T8416] netlink: 8 bytes leftover after parsing attributes in process `syz.3.671'.
[  306.206040][   T43] usb 5-1: new low-speed USB device number 25 using dummy_hcd
[  306.404270][   T43] usb 5-1: device descriptor read/8, error -71
[  306.530741][   T43] usb usb5-port1: unable to enumerate USB device
[  307.614594][ T8433] FAULT_INJECTION: forcing a failure.
[  307.614594][ T8433] name failslab, interval 1, probability 0, space 0, times 0
[  307.660479][ T8428] netlink: 40 bytes leftover after parsing attributes in process `syz.4.674'.
[  307.701074][ T8433] CPU: 1 UID: 0 PID: 8433 Comm: syz.2.675 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  307.701106][ T8433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.701117][ T8433] Call Trace:
[  307.701126][ T8433]  <TASK>
[  307.701134][ T8433]  dump_stack_lvl+0x189/0x250
[  307.701164][ T8433]  ? __pfx____ratelimit+0x10/0x10
[  307.701195][ T8433]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.701218][ T8433]  ? __pfx__printk+0x10/0x10
[  307.701251][ T8433]  ? __pfx___might_resched+0x10/0x10
[  307.701274][ T8433]  ? fs_reclaim_acquire+0x7d/0x100
[  307.701307][ T8433]  should_fail_ex+0x414/0x560
[  307.701351][ T8433]  should_failslab+0xa8/0x100
[  307.701378][ T8433]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  307.701402][ T8433]  ? __alloc_skb+0x112/0x2d0
[  307.701430][ T8433]  __alloc_skb+0x112/0x2d0
[  307.701454][ T8433]  netlink_ack+0x146/0xa50
[  307.701475][ T8433]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  307.701495][ T8433]  ? ref_tracker_free+0x63a/0x7d0
[  307.701521][ T8433]  ? __copy_skb_header+0xa7/0x550
[  307.701547][ T8433]  ? __pfx_ref_tracker_free+0x10/0x10
[  307.701576][ T8433]  ? __skb_clone+0x63/0x7a0
[  307.701609][ T8433]  netlink_rcv_skb+0x28c/0x470
[  307.701634][ T8433]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  307.701656][ T8433]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  307.701693][ T8433]  ? netlink_deliver_tap+0x2e/0x1b0
[  307.701716][ T8433]  ? netlink_deliver_tap+0x2e/0x1b0
[  307.701745][ T8433]  netlink_unicast+0x759/0x8e0
[  307.701778][ T8433]  netlink_sendmsg+0x805/0xb30
[  307.701813][ T8433]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.701840][ T8433]  ? __import_iovec+0x5d4/0x7f0
[  307.701860][ T8433]  ? aa_sock_msg_perm+0x94/0x160
[  307.701891][ T8433]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  307.701919][ T8433]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.701978][ T8433]  __sock_sendmsg+0x219/0x270
[  307.702013][ T8433]  ____sys_sendmsg+0x52d/0x830
[  307.702046][ T8433]  ? __pfx_____sys_sendmsg+0x10/0x10
[  307.702089][ T8433]  ___sys_sendmsg+0x21f/0x2a0
[  307.702116][ T8433]  ? __pfx____sys_sendmsg+0x10/0x10
[  307.702182][ T8433]  ? __fget_files+0x2a/0x420
[  307.702207][ T8433]  ? __fget_files+0x3a0/0x420
[  307.702245][ T8433]  __sys_sendmmsg+0x28e/0x430
[  307.702276][ T8433]  ? __pfx___sys_sendmmsg+0x10/0x10
[  307.702311][ T8433]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  307.702358][ T8433]  ? ksys_write+0x22a/0x250
[  307.702404][ T8433]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[  307.702435][ T8433]  __do_fast_syscall_32+0xb6/0x2b0
[  307.702456][ T8433]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.702490][ T8433]  do_fast_syscall_32+0x34/0x80
[  307.702516][ T8433]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  307.702539][ T8433] RIP: 0023:0xf705e539
[  307.702557][ T8433] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  307.702574][ T8433] RSP: 002b:00000000f504e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[  307.702597][ T8433] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  307.702611][ T8433] RDX: 0000000000000235 RSI: 0000000000000000 RDI: 0000000000000000
[  307.702623][ T8433] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  307.702635][ T8433] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  307.702646][ T8433] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  307.702677][ T8433]  </TASK>
[  308.269670][  T120] usb 4-1: USB disconnect, device number 28
[  308.604247][ T8449] netlink: 32 bytes leftover after parsing attributes in process `syz.2.679'.
[  308.997310][  T120] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  309.121038][ T8463] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge0, syncid = 2, id = 0
[  309.260082][  T120] usb 5-1: config 0 has no interfaces?
[  309.272926][  T120] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  309.291890][  T120] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  309.307560][  T120] usb 5-1: Product: syz
[  309.318901][  T120] usb 5-1: Manufacturer: syz
[  309.327765][  T120] usb 5-1: SerialNumber: syz
[  309.348052][  T120] usb 5-1: config 0 descriptor??
[  309.778809][ T8454] veth1_macvtap: left promiscuous mode
[  309.886046][   T43] usb 3-1: new low-speed USB device number 19 using dummy_hcd
[  309.923317][ T8454] veth1_macvtap: entered promiscuous mode
[  310.042875][   T43] usb 3-1: Invalid ep0 maxpacket: 64
[  310.196075][   T43] usb 3-1: new low-speed USB device number 20 using dummy_hcd
[  310.356260][   T43] usb 3-1: Invalid ep0 maxpacket: 64
[  310.362217][   T43] usb usb3-port1: attempt power cycle
[  310.540106][ T8488] binder_alloc: 8487: pid 8487 spamming oneway? 1 buffers allocated for a total size of 4096
[  310.626473][ T8489] binder: 8487:8489 ioctl 1279 80000280 returned -22
[  310.736479][   T43] usb 3-1: new low-speed USB device number 21 using dummy_hcd
[  310.787917][   T43] usb 3-1: Invalid ep0 maxpacket: 64
[  310.942000][   T43] usb 3-1: new low-speed USB device number 22 using dummy_hcd
[  311.010495][   T43] usb 3-1: Invalid ep0 maxpacket: 64
[  311.030086][   T43] usb usb3-port1: unable to enumerate USB device
[  311.662227][ T8454] syz.4.685 (8454) used greatest stack depth: 19672 bytes left
[  311.755255][   T43] usb 5-1: USB disconnect, device number 26
[  311.881678][ T8510] netlink: 'syz.0.701': attribute type 21 has an invalid length.
[  311.980941][ T8509] FAULT_INJECTION: forcing a failure.
[  311.980941][ T8509] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  312.104009][   T36] veth1_macvtap: left promiscuous mode
[  312.136329][ T8509] CPU: 1 UID: 0 PID: 8509 Comm: syz.4.702 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  312.136363][ T8509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  312.136374][ T8509] Call Trace:
[  312.136382][ T8509]  <TASK>
[  312.136390][ T8509]  dump_stack_lvl+0x189/0x250
[  312.136412][ T8509]  ? __pfx____ratelimit+0x10/0x10
[  312.136432][ T8509]  ? __pfx_dump_stack_lvl+0x10/0x10
[  312.136446][ T8509]  ? __pfx__printk+0x10/0x10
[  312.136470][ T8509]  should_fail_ex+0x414/0x560
[  312.136491][ T8509]  _copy_to_user+0x31/0xb0
[  312.136507][ T8509]  simple_read_from_buffer+0xe1/0x170
[  312.136526][ T8509]  proc_fail_nth_read+0x1df/0x250
[  312.136545][ T8509]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  312.136564][ T8509]  ? rw_verify_area+0x258/0x650
[  312.136577][ T8509]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  312.136594][ T8509]  vfs_read+0x200/0x980
[  312.136611][ T8509]  ? __pfx___mutex_lock+0x10/0x10
[  312.136624][ T8509]  ? __pfx_vfs_read+0x10/0x10
[  312.136638][ T8509]  ? __fget_files+0x2a/0x420
[  312.136657][ T8509]  ? __fget_files+0x3a0/0x420
[  312.136676][ T8509]  ? __fget_files+0x2a/0x420
[  312.136697][ T8509]  ksys_read+0x145/0x250
[  312.136712][ T8509]  ? __pfx_ksys_read+0x10/0x10
[  312.136727][ T8509]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  312.136739][ T8509]  ? lockdep_hardirqs_on+0x9c/0x150
[  312.136758][ T8509]  __do_fast_syscall_32+0xb6/0x2b0
[  312.136770][ T8509]  ? lockdep_hardirqs_on+0x9c/0x150
[  312.136790][ T8509]  do_fast_syscall_32+0x34/0x80
[  312.136803][ T8509]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  312.136817][ T8509] RIP: 0023:0xf7f07539
[  312.136828][ T8509] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  312.136839][ T8509] RSP: 002b:00000000f5026590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  312.136854][ T8509] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5026620
[  312.136863][ T8509] RDX: 000000000000000f RSI: 00000000f7393ff4 RDI: 0000000000000000
[  312.136870][ T8509] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  312.136877][ T8509] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  312.136884][ T8509] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  312.136902][ T8509]  </TASK>
[  312.374889][    C1] vkms_vblank_simulate: vblank timer overrun
[  312.934721][ T8512] netlink: 'syz.2.703': attribute type 10 has an invalid length.
[  313.142820][ T8504] netlink: 72 bytes leftover after parsing attributes in process `syz.1.700'.
[  313.206883][ T8504] netlink: 2 bytes leftover after parsing attributes in process `syz.1.700'.
[  313.230431][ T8512] team0: Port device macvlan0 added
[  313.289706][ T8518] FAULT_INJECTION: forcing a failure.
[  313.289706][ T8518] name failslab, interval 1, probability 0, space 0, times 0
[  313.380342][ T8518] CPU: 0 UID: 0 PID: 8518 Comm: syz.4.705 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  313.380383][ T8518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  313.380395][ T8518] Call Trace:
[  313.380403][ T8518]  <TASK>
[  313.380416][ T8518]  dump_stack_lvl+0x189/0x250
[  313.380446][ T8518]  ? __pfx____ratelimit+0x10/0x10
[  313.380476][ T8518]  ? __pfx_dump_stack_lvl+0x10/0x10
[  313.380499][ T8518]  ? __pfx__printk+0x10/0x10
[  313.380532][ T8518]  ? __pfx___might_resched+0x10/0x10
[  313.380554][ T8518]  ? fs_reclaim_acquire+0x7d/0x100
[  313.380586][ T8518]  should_fail_ex+0x414/0x560
[  313.380620][ T8518]  should_failslab+0xa8/0x100
[  313.380648][ T8518]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  313.380673][ T8518]  ? __alloc_skb+0x112/0x2d0
[  313.380700][ T8518]  __alloc_skb+0x112/0x2d0
[  313.380728][ T8518]  netlink_ack+0x146/0xa50
[  313.380748][ T8518]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  313.380768][ T8518]  ? ref_tracker_free+0x63a/0x7d0
[  313.380795][ T8518]  ? __copy_skb_header+0xa7/0x550
[  313.380824][ T8518]  ? __pfx_ref_tracker_free+0x10/0x10
[  313.380852][ T8518]  ? __skb_clone+0x63/0x7a0
[  313.380887][ T8518]  netlink_rcv_skb+0x28c/0x470
[  313.380912][ T8518]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  313.380934][ T8518]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  313.380973][ T8518]  ? netlink_deliver_tap+0x2e/0x1b0
[  313.380996][ T8518]  ? netlink_deliver_tap+0x2e/0x1b0
[  313.381027][ T8518]  netlink_unicast+0x759/0x8e0
[  313.381061][ T8518]  netlink_sendmsg+0x805/0xb30
[  313.381095][ T8518]  ? __pfx_netlink_sendmsg+0x10/0x10
[  313.381122][ T8518]  ? __import_iovec+0x5d4/0x7f0
[  313.381141][ T8518]  ? aa_sock_msg_perm+0x94/0x160
[  313.381172][ T8518]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  313.381200][ T8518]  ? __pfx_netlink_sendmsg+0x10/0x10
[  313.381225][ T8518]  __sock_sendmsg+0x219/0x270
[  313.381248][ T8518]  ____sys_sendmsg+0x505/0x830
[  313.381279][ T8518]  ? __pfx_____sys_sendmsg+0x10/0x10
[  313.381324][ T8518]  ___sys_sendmsg+0x21f/0x2a0
[  313.381352][ T8518]  ? __pfx____sys_sendmsg+0x10/0x10
[  313.381426][ T8518]  ? __fget_files+0x2a/0x420
[  313.381452][ T8518]  ? __fget_files+0x3a0/0x420
[  313.381489][ T8518]  __sys_sendmsg+0x164/0x220
[  313.381517][ T8518]  ? __pfx___sys_sendmsg+0x10/0x10
[  313.381560][ T8518]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  313.381581][ T8518]  ? lockdep_hardirqs_on+0x9c/0x150
[  313.381614][ T8518]  __do_fast_syscall_32+0xb6/0x2b0
[  313.381635][ T8518]  ? lockdep_hardirqs_on+0x9c/0x150
[  313.381669][ T8518]  do_fast_syscall_32+0x34/0x80
[  313.381689][ T8518]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  313.381712][ T8518] RIP: 0023:0xf7f07539
[  313.381730][ T8518] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  313.381747][ T8518] RSP: 002b:00000000f502655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  313.381769][ T8518] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  313.381783][ T8518] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  313.381794][ T8518] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  313.381805][ T8518] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  313.381818][ T8518] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  313.381848][ T8518]  </TASK>
[  313.983679][ T8520] netlink: 4128 bytes leftover after parsing attributes in process `syz.2.706'.
[  314.040598][ T8520] openvswitch: netlink: Flow key attr not present in new flow.
[  314.041050][ T8525] netlink: 4 bytes leftover after parsing attributes in process `syz.2.706'.
[  314.160509][ T8520] vcan0: tx drop: invalid sa for name 0x0000000000000400
[  314.298121][   T43] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  314.487741][   T43] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  314.517617][   T43] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  314.547022][   T43] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  314.566032][   T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.603069][   T43] usb 5-1: config 0 descriptor??
[  314.625014][   T43] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  315.206059][   T10] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  315.413391][   T10] usb 3-1: Using ep0 maxpacket: 32
[  315.439173][   T10] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  315.451744][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  315.463808][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  315.476539][   T10] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  315.486405][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.537291][   T10] usb 3-1: config 0 descriptor??
[  315.551706][ T8547] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  315.589446][   T10] hub 3-1:0.0: USB hub found
[  316.001740][ T8547] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  316.011689][ T8547] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  316.026179][   T10] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  316.106298][ T5937] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  316.216112][   T43] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  316.229852][   T10] usbhid 3-1:0.0: can't add hid device: -71
[  316.237173][   T10] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  316.268634][ T5937] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  316.281005][   T10] usb 3-1: USB disconnect, device number 23
[  316.294664][ T5937] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  316.311906][ T5937] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  316.323991][ T5937] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  316.341570][ T5937] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  316.353445][ T5937] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.364134][ T5937] usb 1-1: config 0 descriptor??
[  316.378652][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  316.392826][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  316.403977][   T43] usb 2-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  316.420081][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.449780][   T43] usb 2-1: config 0 descriptor??
[  316.809340][ T5937] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  317.043026][ T8568] FAULT_INJECTION: forcing a failure.
[  317.043026][ T8568] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  317.083004][ T5922] usb 5-1: USB disconnect, device number 27
[  317.086601][ T8568] CPU: 0 UID: 0 PID: 8568 Comm: syz.2.719 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  317.086628][ T8568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  317.086639][ T8568] Call Trace:
[  317.086647][ T8568]  <TASK>
[  317.086654][ T8568]  dump_stack_lvl+0x189/0x250
[  317.086682][ T8568]  ? __pfx____ratelimit+0x10/0x10
[  317.086711][ T8568]  ? __pfx_dump_stack_lvl+0x10/0x10
[  317.086732][ T8568]  ? __pfx__printk+0x10/0x10
[  317.086769][ T8568]  should_fail_ex+0x414/0x560
[  317.086806][ T8568]  _copy_to_user+0x31/0xb0
[  317.086831][ T8568]  simple_read_from_buffer+0xe1/0x170
[  317.086859][ T8568]  proc_fail_nth_read+0x1df/0x250
[  317.086889][ T8568]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  317.086918][ T8568]  ? rw_verify_area+0x258/0x650
[  317.086938][ T8568]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  317.086963][ T8568]  vfs_read+0x200/0x980
[  317.086989][ T8568]  ? __pfx___mutex_lock+0x10/0x10
[  317.087008][ T8568]  ? __pfx_vfs_read+0x10/0x10
[  317.087031][ T8568]  ? __fget_files+0x2a/0x420
[  317.087058][ T8568]  ? __fget_files+0x3a0/0x420
[  317.087088][ T8568]  ? __fget_files+0x2a/0x420
[  317.087120][ T8568]  ksys_read+0x145/0x250
[  317.087142][ T8568]  ? __pfx_ksys_read+0x10/0x10
[  317.087165][ T8568]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  317.087183][ T8568]  ? lockdep_hardirqs_on+0x9c/0x150
[  317.087213][ T8568]  __do_fast_syscall_32+0xb6/0x2b0
[  317.087231][ T8568]  ? lockdep_hardirqs_on+0x9c/0x150
[  317.087262][ T8568]  do_fast_syscall_32+0x34/0x80
[  317.087280][ T8568]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  317.087301][ T8568] RIP: 0023:0xf705e539
[  317.087316][ T8568] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  317.087332][ T8568] RSP: 002b:00000000f504e590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  317.087352][ T8568] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f504e620
[  317.087365][ T8568] RDX: 000000000000000f RSI: 00000000f73c3ff4 RDI: 0000000000000000
[  317.087376][ T8568] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  317.087386][ T8568] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  317.087397][ T8568] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  317.087425][ T8568]  </TASK>
[  317.317569][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  317.333248][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  317.580715][ T8575] loop8: detected capacity change from 0 to 79
[  317.646542][ T8576] loop8: detected capacity change from 79 to 78
[  317.996804][ T5922] usb 3-1: new low-speed USB device number 24 using dummy_hcd
[  318.056852][ T5929] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  318.164511][ T5922] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  318.178765][ T5922] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  318.189611][ T5922] usb 3-1: New USB device found, idVendor=046d, idProduct=c090, bcdDevice= 0.00
[  318.199715][ T5922] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.214258][ T5922] usb 3-1: config 0 descriptor??
[  318.226086][ T5929] usb 5-1: Using ep0 maxpacket: 32
[  318.238415][ T5929] usb 5-1: config 0 has an invalid interface number: 67 but max is 0
[  318.247732][ T5929] usb 5-1: config 0 has no interface number 0
[  318.261639][ T5929] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  318.271758][ T5929] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  318.280871][ T5929] usb 5-1: Product: syz
[  318.285472][ T5929] usb 5-1: Manufacturer: syz
[  318.290943][ T5929] usb 5-1: SerialNumber: syz
[  318.303659][ T5929] usb 5-1: config 0 descriptor??
[  318.318598][ T5929] smsc95xx v2.0.0
[  318.359158][   T43] usbhid 2-1:0.0: can't add hid device: -71
[  318.372047][   T43] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  318.384748][   T43] usb 2-1: USB disconnect, device number 24
[  318.558682][ T5929] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  318.599932][ T5929] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  318.631018][ T5929] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  318.651199][ T5929] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -71
[  318.657295][ T8581] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  318.682516][ T5929] usb 5-1: USB disconnect, device number 28
[  318.696580][ T8581] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  318.783139][ T5922] logitech-hidpp-device 0003:046D:C090.0009: collection stack underflow
[  318.801982][ T5922] logitech-hidpp-device 0003:046D:C090.0009: item 0 1 0 12 parsing failed
[  318.813676][ T5922] logitech-hidpp-device 0003:046D:C090.0009: hidpp_probe:parse failed
[  318.822314][ T5922] logitech-hidpp-device 0003:046D:C090.0009: probe with driver logitech-hidpp-device failed with error -22
[  318.842907][   T43] usb 1-1: USB disconnect, device number 24
[  318.999478][   T10] usb 3-1: USB disconnect, device number 24
[  319.108885][ T8597] netlink: 'syz.1.728': attribute type 9 has an invalid length.
[  319.829231][ T8597] syz.1.728 (8597) used greatest stack depth: 19448 bytes left
[  320.420003][ T8617] bond2: (slave veth0_to_bond): Releasing backup interface
[  320.433880][ T8617] bond2: (slave veth0_to_bond): the permanent HWaddr of slave - aa:aa:aa:aa:aa:1d - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  320.504385][ T5922] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  320.686312][   T43] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  320.706037][ T5922] usb 2-1: Using ep0 maxpacket: 16
[  320.714400][ T5922] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  320.726142][ T5922] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  320.742114][ T5922] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  320.751585][ T5922] usb 2-1: config 1 has no interface number 1
[  320.758871][ T5922] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  320.772353][ T5922] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  320.809770][ T5922] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  320.823138][ T5922] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.852940][   T43] usb 4-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  320.862393][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.870648][ T5929] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  320.921285][   T43] usb 4-1: Product: syz
[  320.925511][   T43] usb 4-1: Manufacturer: syz
[  320.933884][ T5922] usb 2-1: Product: syz
[  320.960416][ T5922] usb 2-1: Manufacturer: syz
[  321.046492][   T43] usb 4-1: SerialNumber: syz
[  321.051315][ T5922] usb 2-1: SerialNumber: syz
[  321.067532][   T43] usb 4-1: config 0 descriptor??
[  321.152734][ T5929] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  321.213895][ T5929] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0093, bcdDevice=23.5a
[  321.256285][ T5929] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.323516][ T8616] wg1: entered promiscuous mode
[  321.329391][ T5929] usb 5-1: Product: syz
[  321.333628][ T5929] usb 5-1: Manufacturer: syz
[  321.346304][ T8616] wg1: entered allmulticast mode
[  321.363014][ T5929] usb 5-1: SerialNumber: syz
[  321.381884][ T5929] usb 5-1: config 0 descriptor??
[  321.610015][ T5929] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-8
[  321.688103][ T5929] dvb_usb_af9035 5-1:0.0: probe with driver dvb_usb_af9035 failed with error -8
[  321.884812][ T5929] usb 5-1: USB disconnect, device number 29
[  322.559975][ T8639] FAULT_INJECTION: forcing a failure.
[  322.559975][ T8639] name failslab, interval 1, probability 0, space 0, times 0
[  322.572847][ T8639] CPU: 1 UID: 0 PID: 8639 Comm: syz.0.739 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  322.572870][ T8639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  322.572877][ T8639] Call Trace:
[  322.572883][ T8639]  <TASK>
[  322.572888][ T8639]  dump_stack_lvl+0x189/0x250
[  322.572907][ T8639]  ? __pfx____ratelimit+0x10/0x10
[  322.572928][ T8639]  ? __pfx_dump_stack_lvl+0x10/0x10
[  322.572942][ T8639]  ? __pfx__printk+0x10/0x10
[  322.572958][ T8639]  ? nf_nat_setup_info+0x1d43/0x2660
[  322.572982][ T8639]  should_fail_ex+0x414/0x560
[  322.573002][ T8639]  should_failslab+0xa8/0x100
[  322.573022][ T8639]  kmem_cache_alloc_noprof+0x73/0x3c0
[  322.573036][ T8639]  ? dst_alloc+0x105/0x170
[  322.573055][ T8639]  dst_alloc+0x105/0x170
[  322.573074][ T8639]  ip_route_input_rcu+0x138c/0x2ff0
[  322.573099][ T8639]  ? __pfx_ip_route_input_rcu+0x10/0x10
[  322.573120][ T8639]  ? __lock_acquire+0xab9/0xd20
[  322.573136][ T8639]  ? ip_route_input_noref+0x98/0x250
[  322.573154][ T8639]  ? ip_route_input_noref+0x98/0x250
[  322.573173][ T8639]  ? ip_check_mc_rcu+0x443/0x680
[  322.573190][ T8639]  ? ip_route_input_noref+0x98/0x250
[  322.573208][ T8639]  ip_route_input_noref+0x167/0x250
[  322.573227][ T8639]  ? __pfx_ip_route_input_noref+0x10/0x10
[  322.573246][ T8639]  ? __pfx_udp_v4_early_demux+0x10/0x10
[  322.573269][ T8639]  ? ipt_do_table+0x2a3/0x1640
[  322.573282][ T8639]  ? __pfx_ipt_do_table+0x10/0x10
[  322.573298][ T8639]  ip_rcv_finish_core+0x5af/0x1c00
[  322.573319][ T8639]  ip_rcv_finish+0x14c/0x2f0
[  322.573335][ T8639]  NF_HOOK+0x309/0x3a0
[  322.573350][ T8639]  ? __pfx_ip_rcv_finish+0x10/0x10
[  322.573363][ T8639]  ? NF_HOOK+0x9a/0x3a0
[  322.573375][ T8639]  ? __pfx_NF_HOOK+0x10/0x10
[  322.573387][ T8639]  ? ip_rcv_core+0x7f7/0xd00
[  322.573401][ T8639]  ? __pfx_ip_rcv_finish+0x10/0x10
[  322.573419][ T8639]  ? __pfx_ip_rcv+0x10/0x10
[  322.573431][ T8639]  __netif_receive_skb+0x143/0x380
[  322.573446][ T8639]  ? netif_receive_skb+0x115/0x790
[  322.573464][ T8639]  netif_receive_skb+0x1cb/0x790
[  322.573483][ T8639]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  322.573497][ T8639]  ? __pfx_netif_receive_skb+0x10/0x10
[  322.573518][ T8639]  ? tun_rx_batched+0x160/0x730
[  322.573532][ T8639]  tun_rx_batched+0x1b9/0x730
[  322.573544][ T8639]  ? __lock_acquire+0xab9/0xd20
[  322.573559][ T8639]  ? __pfx_tun_rx_batched+0x10/0x10
[  322.573573][ T8639]  ? tun_get_user+0x2549/0x3ce0
[  322.573593][ T8639]  tun_get_user+0x298e/0x3ce0
[  322.573607][ T8639]  ? tun_get_user+0x693/0x3ce0
[  322.573632][ T8639]  ? tun_get_user+0x2549/0x3ce0
[  322.573651][ T8639]  ? aa_file_perm+0x11f/0xed0
[  322.573663][ T8639]  ? __pfx_tun_get_user+0x10/0x10
[  322.573676][ T8639]  ? aa_file_perm+0x3e7/0xed0
[  322.573694][ T8639]  ? ref_tracker_alloc+0x318/0x460
[  322.573710][ T8639]  ? __lock_acquire+0xab9/0xd20
[  322.573723][ T8639]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  322.573744][ T8639]  ? tun_get+0x1c/0x2f0
[  322.573759][ T8639]  ? tun_get+0x1c/0x2f0
[  322.573771][ T8639]  ? tun_get+0x1c/0x2f0
[  322.573785][ T8639]  tun_chr_write_iter+0x113/0x200
[  322.573800][ T8639]  vfs_write+0x54b/0xa90
[  322.573816][ T8639]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  322.573829][ T8639]  ? __pfx_vfs_write+0x10/0x10
[  322.573848][ T8639]  ? __fget_files+0x2a/0x420
[  322.573868][ T8639]  ksys_write+0x145/0x250
[  322.573883][ T8639]  ? __pfx_ksys_write+0x10/0x10
[  322.573898][ T8639]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  322.573910][ T8639]  ? lockdep_hardirqs_on+0x9c/0x150
[  322.573930][ T8639]  __do_fast_syscall_32+0xb6/0x2b0
[  322.573942][ T8639]  ? lockdep_hardirqs_on+0x9c/0x150
[  322.573962][ T8639]  do_fast_syscall_32+0x34/0x80
[  322.573974][ T8639]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  322.573988][ T8639] RIP: 0023:0xf704e539
[  322.573999][ T8639] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  322.574009][ T8639] RSP: 002b:00000000f503e520 EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[  322.574024][ T8639] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 00000000800002c0
[  322.574032][ T8639] RDX: 0000000000000086 RSI: 00000000f73b3ff4 RDI: 0000000000000000
[  322.574039][ T8639] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  322.574046][ T8639] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  322.574053][ T8639] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  322.574070][ T8639]  </TASK>
[  323.009577][    C1] vkms_vblank_simulate: vblank timer overrun
[  323.450797][   T43] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  323.466380][   T43] asix 4-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  323.482168][   T43] asix 4-1:0.0: probe with driver asix failed with error -71
[  323.494158][   T43] usb 4-1: USB disconnect, device number 29
[  323.514177][ T5922] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor
[  323.527358][ T5922] usb 2-1: found format II with max.bitrate = 0, frame size=0
[  323.536130][ T5922] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  323.578568][ T5922] usb 2-1: USB disconnect, device number 25
[  323.620776][ T5854] udevd[5854]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  323.623449][ T8649] loop2: detected capacity change from 0 to 7
[  323.709393][ T8649] Dev loop2: unable to read RDB block 7
[  323.715237][ T8649]  loop2: unable to read partition table
[  323.721515][ T8649] loop2: partition table beyond EOD, truncated
[  323.729539][ T8649] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  324.669057][ T8661] FAULT_INJECTION: forcing a failure.
[  324.669057][ T8661] name failslab, interval 1, probability 0, space 0, times 0
[  324.715834][ T8661] CPU: 1 UID: 0 PID: 8661 Comm: syz.2.747 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  324.715870][ T8661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  324.715883][ T8661] Call Trace:
[  324.715890][ T8661]  <TASK>
[  324.715898][ T8661]  dump_stack_lvl+0x189/0x250
[  324.715929][ T8661]  ? __pfx____ratelimit+0x10/0x10
[  324.715959][ T8661]  ? __pfx_dump_stack_lvl+0x10/0x10
[  324.715983][ T8661]  ? __pfx__printk+0x10/0x10
[  324.716017][ T8661]  ? ref_tracker_alloc+0x318/0x460
[  324.716051][ T8661]  should_fail_ex+0x414/0x560
[  324.716085][ T8661]  should_failslab+0xa8/0x100
[  324.716112][ T8661]  kmem_cache_alloc_noprof+0x73/0x3c0
[  324.716135][ T8661]  ? skb_clone+0x212/0x3a0
[  324.716167][ T8661]  skb_clone+0x212/0x3a0
[  324.716207][ T8661]  __netlink_deliver_tap+0x404/0x850
[  324.716246][ T8661]  ? netlink_deliver_tap+0x2e/0x1b0
[  324.716271][ T8661]  netlink_deliver_tap+0x19c/0x1b0
[  324.716297][ T8661]  netlink_unicast+0x730/0x8e0
[  324.716332][ T8661]  netlink_sendmsg+0x805/0xb30
[  324.716368][ T8661]  ? __pfx_netlink_sendmsg+0x10/0x10
[  324.716395][ T8661]  ? __import_iovec+0x5d4/0x7f0
[  324.716415][ T8661]  ? aa_sock_msg_perm+0x94/0x160
[  324.716446][ T8661]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  324.716475][ T8661]  ? __pfx_netlink_sendmsg+0x10/0x10
[  324.716500][ T8661]  __sock_sendmsg+0x219/0x270
[  324.716525][ T8661]  ____sys_sendmsg+0x505/0x830
[  324.716557][ T8661]  ? __pfx_____sys_sendmsg+0x10/0x10
[  324.716603][ T8661]  ___sys_sendmsg+0x21f/0x2a0
[  324.716632][ T8661]  ? __pfx____sys_sendmsg+0x10/0x10
[  324.716701][ T8661]  ? __fget_files+0x2a/0x420
[  324.716725][ T8661]  ? __fget_files+0x3a0/0x420
[  324.716763][ T8661]  __sys_sendmsg+0x164/0x220
[  324.716792][ T8661]  ? __pfx___sys_sendmsg+0x10/0x10
[  324.716835][ T8661]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  324.716856][ T8661]  ? lockdep_hardirqs_on+0x9c/0x150
[  324.716888][ T8661]  __do_fast_syscall_32+0xb6/0x2b0
[  324.716910][ T8661]  ? lockdep_hardirqs_on+0x9c/0x150
[  324.716943][ T8661]  do_fast_syscall_32+0x34/0x80
[  324.716963][ T8661]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  324.716987][ T8661] RIP: 0023:0xf705e539
[  324.717004][ T8661] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  324.717022][ T8661] RSP: 002b:00000000f504e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  324.717045][ T8661] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  324.717059][ T8661] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  324.717071][ T8661] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  324.717082][ T8661] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  324.717094][ T8661] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  324.717126][ T8661]  </TASK>
[  324.996169][    C1] vkms_vblank_simulate: vblank timer overrun
[  325.452027][ T8669] netlink: 5 bytes leftover after parsing attributes in process `syz.1.751'.
[  325.484124][ T8673] pimreg: entered allmulticast mode
[  325.501512][ T8673] pimreg: left allmulticast mode
[  325.547891][ T8669] netlink: 12 bytes leftover after parsing attributes in process `syz.1.751'.
[  325.600018][ T8674] mmap: syz.0.750 (8674) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  326.222908][ T8685] FAULT_INJECTION: forcing a failure.
[  326.222908][ T8685] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.240671][ T8685] CPU: 1 UID: 0 PID: 8685 Comm: syz.1.755 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  326.240699][ T8685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  326.240710][ T8685] Call Trace:
[  326.240718][ T8685]  <TASK>
[  326.240727][ T8685]  dump_stack_lvl+0x189/0x250
[  326.240756][ T8685]  ? __pfx____ratelimit+0x10/0x10
[  326.240787][ T8685]  ? __pfx_dump_stack_lvl+0x10/0x10
[  326.240812][ T8685]  ? __pfx__printk+0x10/0x10
[  326.240853][ T8685]  should_fail_ex+0x414/0x560
[  326.240888][ T8685]  _copy_to_user+0x31/0xb0
[  326.240916][ T8685]  simple_read_from_buffer+0xe1/0x170
[  326.240947][ T8685]  proc_fail_nth_read+0x1df/0x250
[  326.240978][ T8685]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  326.241010][ T8685]  ? rw_verify_area+0x258/0x650
[  326.241032][ T8685]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  326.241061][ T8685]  vfs_read+0x200/0x980
[  326.241089][ T8685]  ? __pfx_poll_select_finish+0x10/0x10
[  326.241125][ T8685]  ? __pfx_vfs_read+0x10/0x10
[  326.241148][ T8685]  ? set_compat_user_sigmask+0xc1/0x1b0
[  326.241173][ T8685]  ? __pfx_set_compat_user_sigmask+0x10/0x10
[  326.241198][ T8685]  ? count_memcg_event_mm+0x21/0x260
[  326.241245][ T8685]  ksys_read+0x145/0x250
[  326.241271][ T8685]  ? __pfx_ksys_read+0x10/0x10
[  326.241304][ T8685]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  326.241326][ T8685]  ? lockdep_hardirqs_on+0x9c/0x150
[  326.241359][ T8685]  __do_fast_syscall_32+0xb6/0x2b0
[  326.241381][ T8685]  ? lockdep_hardirqs_on+0x9c/0x150
[  326.241416][ T8685]  do_fast_syscall_32+0x34/0x80
[  326.241436][ T8685]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  326.241461][ T8685] RIP: 0023:0xf70ee539
[  326.241480][ T8685] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  326.241498][ T8685] RSP: 002b:00000000f50de590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  326.241521][ T8685] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f50de620
[  326.241535][ T8685] RDX: 000000000000000f RSI: 00000000f7453ff4 RDI: 0000000000000000
[  326.241547][ T8685] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  326.241558][ T8685] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  326.241570][ T8685] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  326.241602][ T8685]  </TASK>
[  326.478791][    C1] vkms_vblank_simulate: vblank timer overrun
[  327.080410][ T8688] netlink: 8 bytes leftover after parsing attributes in process `syz.4.756'.
[  327.096086][ T8688] netlink: 12 bytes leftover after parsing attributes in process `syz.4.756'.
[  327.116191][ T8688] netlink: 'syz.4.756': attribute type 20 has an invalid length.
[  327.316132][ T5922] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  327.752776][ T8687] delete_channel: no stack
[  327.892199][ T5922] usb 3-1: device descriptor read/64, error -71
[  328.206090][ T5922] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  328.366070][ T5922] usb 3-1: device descriptor read/64, error -71
[  328.486086][ T5922] usb usb3-port1: attempt power cycle
[  328.600767][   T30] audit: type=1326 audit(1752293332.476:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.3.761" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f16539 code=0x7ffc0000
[  328.622628][    C1] vkms_vblank_simulate: vblank timer overrun
[  328.806150][   T30] audit: type=1326 audit(1752293332.476:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.3.761" exe="/root/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7f16539 code=0x7ffc0000
[  328.866076][ T5922] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  328.910525][ T8712] FAULT_INJECTION: forcing a failure.
[  328.910525][ T8712] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  328.923952][ T8712] CPU: 1 UID: 0 PID: 8712 Comm: syz.4.762 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  328.923982][ T8712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  328.924000][ T8712] Call Trace:
[  328.924009][ T8712]  <TASK>
[  328.924018][ T8712]  dump_stack_lvl+0x189/0x250
[  328.924048][ T8712]  ? __pfx____ratelimit+0x10/0x10
[  328.924079][ T8712]  ? __pfx_dump_stack_lvl+0x10/0x10
[  328.924103][ T8712]  ? __pfx__printk+0x10/0x10
[  328.924151][ T8712]  should_fail_ex+0x414/0x560
[  328.924187][ T8712]  _copy_to_user+0x31/0xb0
[  328.924214][ T8712]  simple_read_from_buffer+0xe1/0x170
[  328.924246][ T8712]  proc_fail_nth_read+0x1df/0x250
[  328.924278][ T8712]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  328.924310][ T8712]  ? rw_verify_area+0x258/0x650
[  328.924332][ T8712]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  328.924362][ T8712]  vfs_read+0x200/0x980
[  328.924390][ T8712]  ? __pfx___mutex_lock+0x10/0x10
[  328.924412][ T8712]  ? __pfx_vfs_read+0x10/0x10
[  328.924437][ T8712]  ? __fget_files+0x2a/0x420
[  328.924469][ T8712]  ? __fget_files+0x3a0/0x420
[  328.924492][ T8712]  ? __fget_files+0x2a/0x420
[  328.924528][ T8712]  ksys_read+0x145/0x250
[  328.924554][ T8712]  ? __pfx_ksys_read+0x10/0x10
[  328.924580][ T8712]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  328.924599][ T8712]  ? lockdep_hardirqs_on+0x9c/0x150
[  328.924631][ T8712]  __do_fast_syscall_32+0xb6/0x2b0
[  328.924653][ T8712]  ? lockdep_hardirqs_on+0x9c/0x150
[  328.924687][ T8712]  do_fast_syscall_32+0x34/0x80
[  328.924707][ T8712]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  328.924731][ T8712] RIP: 0023:0xf7f07539
[  328.924750][ T8712] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  328.924767][ T8712] RSP: 002b:00000000f5026590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  328.924790][ T8712] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f5026620
[  328.924804][ T8712] RDX: 000000000000000f RSI: 00000000f7393ff4 RDI: 0000000000000000
[  328.924817][ T8712] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  328.924828][ T8712] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  328.924840][ T8712] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  328.924872][ T8712]  </TASK>
[  328.925309][ T5922] usb 3-1: device descriptor read/8, error -71
[  329.104489][    C1] vkms_vblank_simulate: vblank timer overrun
[  329.263066][   T30] audit: type=1326 audit(1752293333.076:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.3.761" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f16539 code=0x7fc00000
[  330.546177][   T43] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  330.805999][   T43] usb 1-1: Using ep0 maxpacket: 32
[  331.057777][   T43] usb 1-1: config 0 interface 0 has no altsetting 0
[  331.069296][   T43] usb 1-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  331.078594][   T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  331.099719][   T43] usb 1-1: Product: syz
[  331.116463][   T43] usb 1-1: Manufacturer: syz
[  331.125975][   T43] usb 1-1: SerialNumber: syz
[  331.196121][ T5929] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  331.212634][   T43] usb 1-1: config 0 descriptor??
[  331.389559][ T8755] netlink: 4 bytes leftover after parsing attributes in process `syz.3.776'.
[  331.409165][ T5929] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  331.440889][ T5929] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  331.457409][ T5929] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.487057][ T5929] usb 2-1: config 0 descriptor??
[  331.493650][ T3824] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID
[  331.518328][ T5929] pwc: Askey VC010 type 2 USB webcam detected.
[  331.587139][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  331.636163][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  331.652564][   T43] gs_usb 1-1:0.0: Configuring for 1 interfaces
[  331.669882][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  331.683756][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  331.804737][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  331.813130][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  331.900800][ T5922] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  331.910625][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  331.935546][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  331.973096][ T5929] pwc: recv_control_msg error -32 req 02 val 2b00
[  331.984515][ T5929] pwc: recv_control_msg error -32 req 02 val 2700
[  331.994390][ T5929] pwc: recv_control_msg error -32 req 02 val 2c00
[  331.995682][ T8732] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  332.066836][ T5922] usb 4-1: Using ep0 maxpacket: 16
[  332.146022][ T5922] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  332.160296][ T5922] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  332.193855][ T8743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  332.203815][ T5922] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  332.205576][ T8732] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.215702][ T5922] usb 4-1: config 1 has no interface number 1
[  332.227283][ T8743] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.228524][   T36] ------------[ cut here ]------------
[  332.241416][   T36] WARNING: CPU: 1 PID: 36 at net/wireless/ibss.c:37 __cfg80211_ibss_joined+0x3ca/0x440
[  332.251656][   T36] Modules linked in:
[  332.255943][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  332.268309][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  332.278746][   T36] Workqueue: cfg80211 cfg80211_event_work
[  332.284595][   T36] RIP: 0010:__cfg80211_ibss_joined+0x3ca/0x440
[  332.290875][   T36] Code: 00 00 00 75 69 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d e9 98 cf a2 00 cc e8 62 03 f1 f6 90 0f 0b 90 eb bd e8 57 03 f1 f6 90 <0f> 0b 90 4c 8b 6c 24 18 eb ad e8 47 03 f1 f6 90 0f 0b 90 e9 de fd
[  332.311028][   T36] RSP: 0018:ffffc90000ac78e0 EFLAGS: 00010293
[  332.317593][   T36] RAX: ffffffff8acf3319 RBX: dffffc0000000000 RCX: ffff8881432f1e00
[  332.325625][   T36] RDX: 0000000000000000 RSI: ffffffff8d998a4b RDI: ffffffff8be29dc0
[  332.333699][   T36] RBP: ffffc90000ac79b8 R08: ffffffff8fa1f3f7 R09: 1ffffffff1f43e7e
[  332.341816][   T36] R10: dffffc0000000000 R11: fffffbfff1f43e7f R12: ffff88805fe40d90
[  332.349918][   T36] R13: 1ffff92000158f24 R14: ffff88802470b338 R15: 0000000000000006
[  332.358177][   T36] FS:  0000000000000000(0000) GS:ffff888125d1b000(0000) knlGS:0000000000000000
[  332.367294][   T36] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  332.374204][   T36] CR2: 00000000f4ffa528 CR3: 0000000078780000 CR4: 00000000003526f0
[  332.382284][   T36] Call Trace:
[  332.385585][   T36]  <TASK>
[  332.388554][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  332.393783][   T36]  ? __pfx___cfg80211_ibss_joined+0x10/0x10
[  332.399748][   T36]  ? cfg80211_event_work+0x24/0x60
[  332.405054][   T36]  ? __pfx___mutex_lock+0x10/0x10
[  332.410405][   T36]  cfg80211_process_wdev_events+0x38a/0x4f0
[  332.416817][   T36]  cfg80211_process_rdev_events+0xa1/0x110
[  332.422725][   T36]  cfg80211_event_work+0x2c/0x60
[  332.427719][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  332.433455][   T36]  process_scheduled_works+0xae1/0x17b0
[  332.439144][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  332.445155][   T36]  worker_thread+0x8a0/0xda0
[  332.449790][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  332.456180][   T36]  ? __kthread_parkme+0x7b/0x200
[  332.461142][   T36]  kthread+0x70e/0x8a0
[  332.465241][   T36]  ? __pfx_worker_thread+0x10/0x10
[  332.470468][   T36]  ? __pfx_kthread+0x10/0x10
[  332.475474][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  332.480730][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  332.486023][   T36]  ? __pfx_kthread+0x10/0x10
[  332.490759][   T36]  ret_from_fork+0x3fc/0x770
[  332.495378][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  332.500538][   T36]  ? __switch_to_asm+0x39/0x70
[  332.505341][   T36]  ? __switch_to_asm+0x33/0x70
[  332.510152][   T36]  ? __pfx_kthread+0x10/0x10
[  332.514861][   T36]  ret_from_fork_asm+0x1a/0x30
[  332.519942][   T36]  </TASK>
[  332.522982][   T36] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  332.530265][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  332.542323][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  332.552378][   T36] Workqueue: cfg80211 cfg80211_event_work
[  332.558107][   T36] Call Trace:
[  332.561383][   T36]  <TASK>
[  332.564320][   T36]  dump_stack_lvl+0x99/0x250
[  332.568912][   T36]  ? __asan_memcpy+0x40/0x70
[  332.573502][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[  332.578704][   T36]  ? __pfx__printk+0x10/0x10
[  332.583476][   T36]  panic+0x2db/0x790
[  332.587383][   T36]  ? __pfx_panic+0x10/0x10
[  332.591942][   T36]  ? show_trace_log_lvl+0x4fb/0x550
[  332.597236][   T36]  ? ret_from_fork_asm+0x1a/0x30
[  332.602278][   T36]  __warn+0x31b/0x4b0
[  332.606274][   T36]  ? __cfg80211_ibss_joined+0x3ca/0x440
[  332.611949][   T36]  ? __cfg80211_ibss_joined+0x3ca/0x440
[  332.617536][   T36]  report_bug+0x2be/0x4f0
[  332.621901][   T36]  ? __cfg80211_ibss_joined+0x3ca/0x440
[  332.627484][   T36]  ? __cfg80211_ibss_joined+0x3ca/0x440
[  332.633025][   T36]  ? __cfg80211_ibss_joined+0x3cc/0x440
[  332.638579][   T36]  handle_bug+0x84/0x160
[  332.642829][   T36]  exc_invalid_op+0x1a/0x50
[  332.647354][   T36]  asm_exc_invalid_op+0x1a/0x20
[  332.652215][   T36] RIP: 0010:__cfg80211_ibss_joined+0x3ca/0x440
[  332.658395][   T36] Code: 00 00 00 75 69 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d e9 98 cf a2 00 cc e8 62 03 f1 f6 90 0f 0b 90 eb bd e8 57 03 f1 f6 90 <0f> 0b 90 4c 8b 6c 24 18 eb ad e8 47 03 f1 f6 90 0f 0b 90 e9 de fd
[  332.678119][   T36] RSP: 0018:ffffc90000ac78e0 EFLAGS: 00010293
[  332.684295][   T36] RAX: ffffffff8acf3319 RBX: dffffc0000000000 RCX: ffff8881432f1e00
[  332.692265][   T36] RDX: 0000000000000000 RSI: ffffffff8d998a4b RDI: ffffffff8be29dc0
[  332.700324][   T36] RBP: ffffc90000ac79b8 R08: ffffffff8fa1f3f7 R09: 1ffffffff1f43e7e
[  332.708393][   T36] R10: dffffc0000000000 R11: fffffbfff1f43e7f R12: ffff88805fe40d90
[  332.716452][   T36] R13: 1ffff92000158f24 R14: ffff88802470b338 R15: 0000000000000006
[  332.724607][   T36]  ? __cfg80211_ibss_joined+0x3c9/0x440
[  332.730185][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  332.735401][   T36]  ? __pfx___cfg80211_ibss_joined+0x10/0x10
[  332.741380][   T36]  ? cfg80211_event_work+0x24/0x60
[  332.746683][   T36]  ? __pfx___mutex_lock+0x10/0x10
[  332.751799][   T36]  cfg80211_process_wdev_events+0x38a/0x4f0
[  332.757837][   T36]  cfg80211_process_rdev_events+0xa1/0x110
[  332.763648][   T36]  cfg80211_event_work+0x2c/0x60
[  332.768615][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  332.774336][   T36]  process_scheduled_works+0xae1/0x17b0
[  332.779923][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  332.786043][   T36]  worker_thread+0x8a0/0xda0
[  332.790680][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  332.797045][   T36]  ? __kthread_parkme+0x7b/0x200
[  332.802088][   T36]  kthread+0x70e/0x8a0
[  332.806252][   T36]  ? __pfx_worker_thread+0x10/0x10
[  332.811458][   T36]  ? __pfx_kthread+0x10/0x10
[  332.816080][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  332.821290][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  332.826596][   T36]  ? __pfx_kthread+0x10/0x10
[  332.831189][   T36]  ret_from_fork+0x3fc/0x770
[  332.835782][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  332.840914][   T36]  ? __switch_to_asm+0x39/0x70
[  332.845729][   T36]  ? __switch_to_asm+0x33/0x70
[  332.850506][   T36]  ? __pfx_kthread+0x10/0x10
[  332.855111][   T36]  ret_from_fork_asm+0x1a/0x30
[  332.859912][   T36]  </TASK>
[  332.863385][   T36] Kernel Offset: disabled
[  332.867730][   T36] Rebooting in 86400 seconds..