last executing test programs:

19m46.266495723s ago: executing program 32 (id=1185):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000001c0)={0x1c, r1, 0x800, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xd}}, 0x6}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000400)="25eed0aee8c79f49b53c108367401019c41e56367aa3f23916ddf42df6a5ca47adc0f14939ee362a401f6425b5933ed45ac2e4089f33e87ea4fa53cb6f37fa25746f5805cefb6f78a3d525962f72cff39e3fd9074e3260c84fdfced1c00ba3c8cfcd6220a22b568b9ea6d0e366394ae3490b19d046c22e484b0aa11954836b45d4047ab5007b7b758a16f51f05661f02e1cc365db0bf3b54c3c468a8b5462008bc5ffb9db10bed599639774620b78184ada2301d9d494c2c7622d859213c2d7cc96412661b8f8afb818669f98776b43d6f8c598c00e43ade1e0808a35608882523edf4820dc6b1de1a71cb3dcec7265acaaeab264a1082660423eaf763e3d5e6756b9d2e4115906f4284e5e11388dae00c59c49d5bdc02592fbd96f69a586c8e6f36af50d6de76993809225f4a7dfbd1e7feee4438420c40ee1587ef9279cba9847f32d185f2405d680fd8776df5edc7c149279dc808c693dab77ec90071fff6b0b63f5eaadf5e2118dbeebbeb235b90b8b1b871af2ebc579d404578310950526b7be662a9d89be66d6a02522e7352357c02c3a56f8ff816331bd070041ba511613602956381e6d78b645d02dbc77a188168b6312a0998fe17cfd2940c8e5d39e5a95c50f8b0cee4a9c145b23997f830c08fe2e8af162363f4e14d78fd1275af0192483de50d521d85ed5dd21e51e9fba69d7c208ae998c914f5a2393f0594abb1228eb6df78d022707d2e705854e20338e898482ced2d8b853d8cd972bf7d2df97c7fbc2fffb60e9ec9335bf4e98c6d53244dabe2d1d038c75476b620b9263bda96ec2c61f3306dfcfb9f023c3c9678e0ef245b8c3de356f4c4dfe2d791e213b592f8106467517bd0eb3be609108ac41507edb9029c1975fe0c08e461b66b0850a9faf160e658fd770266fa0c70deab155084869592563fe0c136728a2999c6a5d40891a0de089cec58b1ffe2d40e44513b3d51c8c34935b75a351d0d7f9049e6e488585c819437a4e7b338cd5772a744fe79a21327f919ef4bdb9936a5dccd353a45e2642b8cad7aea0152de1d15577c37eff9fc206115e1ed9612183f5aa55ba23b2e2b77432f038b3cc3f0c189414de1402b002ba4464448d74fac86d1ab674a4eb3d8b6e8af11ee37145026fdedb952097fa069ddd516a76c8a647c0faf5a47a75a7294b0eba99291457e4614f0e985bd363de3593590e6f303e511220ce37e1e66711dac26dadaa5f26ab172ef6c7a2f53ed66c0813867e1d53e769efafac557c3977836517f216c53625d8752073fed32346d274613fef1f874d71a632a48220978d6efbf4fb938a46777f05b10cc71d1996772e2536a22b171e2cabffb9099e73026e56210a6162140681048fa9e55388619d83278ea60e5421eaade222b61237aae0d6684f19e090d88da58", 0x3f0, 0x4000, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fda000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000180)="0f7512660fe0860800d9fa0f01cb660f38808403003ea40f16d50f20000f01c867d1d6", 0x23}], 0x1, 0x10, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f40600", @ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

17m17.813537729s ago: executing program 33 (id=2468):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$caif_seqpacket(0x25, 0x5, 0x3)
recvmsg(r1, &(0x7f0000000b40)={0x0, 0x0, 0x0}, 0x1)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000001c0)={0x1c, r2, 0x800, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x4}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @empty}], 0x10)
sendmsg$inet_sctp(r4, &(0x7f0000000140)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x4000891)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000300)={0x0, 0x6}, 0x8)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000400)="25eed0aee8c79f49b53c108367401019c41e56367aa3f23916ddf42df6a5ca47adc0f14939ee362a401f6425b5933ed45ac2e4089f33e87ea4fa53cb6f37fa25746f5805cefb6f78a3d525962f72cff39e3fd9074e3260c84fdfced1c00ba3c8cfcd6220a22b568b9ea6d0e366394ae3490b19d046c22e484b0aa11954836b45d4047ab5007b7b758a16f51f05661f02e1cc365db0bf3b54c3c468a8b5462008bc5ffb9db10bed599639774620b78184ada2301d9d494c2c7622d859213c2d7cc96412661b8f8afb818669f98776b43d6f8c598c00e43ade1e0808a35608882523edf4820dc6b1de1a71cb3dcec7265acaaeab264a1082660423eaf763e3d5e6756b9d2e4115906f4284e5e11388dae00c59c49d5bdc02592fbd96f69a586c8e6f36af50d6de76993809225f4a7dfbd1e7feee4438420c40ee1587ef9279cba9847f32d185f2405d680fd8776df5edc7c149279dc808c693dab77ec90071fff6b0b63f5eaadf5e2118dbeebbeb235b90b8b1b871af2ebc579d404578310950526b7be662a9d89be66d6a02522e7352357c02c3a56f8ff816331bd070041ba511613602956381e6d78b645d02dbc77a188168b6312a0998fe17cfd2940c8e5d39e5a95c50f8b0cee4a9c145b23997f830c08fe2e8af162363f4e14d78fd1275af0192483de50d521d85ed5dd21e51e9fba69d7c208ae998c914f5a2393f0594abb1228eb6df78d022707d2e705854e20338e898482ced2d8b853d8cd972bf7d2df97c7fbc2fffb60e9ec9335bf4e98c6d53244dabe2d1d038c75476b620b9263bda96ec2c61f3306dfcfb9f023c3c9678e0ef245b8c3de356f4c4dfe2d791e213b592f8106467517bd0eb3be609108ac41507edb9029c1975fe0c08e461b66b0850a9faf160e658fd770266fa0c70deab1550", 0x292, 0x4000, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000cc0)={0x0, 0x21c}}, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r6 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r7, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r8, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

13m26.13803101s ago: executing program 34 (id=3950):
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000240)='gfs2\x00', 0x200000, 0x0) (async, rerun: 32)
r0 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c0000003e0007012dbd7000fcdbdf25047c000004000600140001800600060008000000080014"], 0x2c}}, 0x0) (async, rerun: 64)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/../file0\x00', 0x40000, 0x109) (rerun: 64)

10m20.874751596s ago: executing program 35 (id=4763):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0) (async)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002) (async)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r1}}) (async)
syz_clone(0x70300011, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
sendfile(r0, r0, 0x0, 0xb)

9m55.724988145s ago: executing program 36 (id=4850):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000140), 0x8900, 0x0)
pipe2$9p(&(0x7f0000000000), 0x4480)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x300000a, 0x12, r0, 0x93771000) (async)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x300000a, 0x12, r0, 0x93771000)

7m57.762509102s ago: executing program 37 (id=5575):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xd}}, [@NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x101, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x8, 0x2, 0x0, 0x1, [{0x4}]}]}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x25}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x70}, 0x1, 0x0, 0x0, 0x44800}, 0x0)
mount(&(0x7f0000000080)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000240)='hfs\x00', 0x2208080, 0x0)

3m51.54476024s ago: executing program 3 (id=7254):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x20011, r0, 0xf648d000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0xc, 0x6, 0x3, 0x0, 0x0, {0x2, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x10000000) (async)
sendmsg$IPSET_CMD_HEADER(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0xc, 0x6, 0x3, 0x0, 0x0, {0x2, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x10000000)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) (async)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x8)
setsockopt$ax25_int(r2, 0x101, 0x5, &(0x7f0000000280), 0x4) (async)
setsockopt$ax25_int(r2, 0x101, 0x5, &(0x7f0000000280), 0x4)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

3m51.352480211s ago: executing program 3 (id=7257):
r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPGETCONNINFO(r0, 0x800442d3, &(0x7f0000000180)={0x7, 0x8000, 0xee, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}, 'wg0\x00'})
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r1, 0x3ba0, &(0x7f0000000a40)={0x48, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1000})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
openat$rnullb(0xffffffffffffff9c, 0x0, 0x28200, 0x0)
syz_usb_connect(0x3, 0x24, &(0x7f00000001c0)=ANY=[@ANYBLOB="12011003943ae037a874d6092808711f0633b47f01020301090212000109028000090490"], &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0})
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000200), 0x216041, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(r1, 0x3b88, &(0x7f0000000240)={0xc, <r4=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r3, 0x3ba0, &(0x7f0000000280)={0x48, 0x2, r4})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x2c, 0x3e, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x17}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x2000c000)
write$UHID_INPUT(r2, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0xb00)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x13, r2, 0x0)
r6 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r6, 0x1, 0x3e, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}, 0xffffffff}, 0x1c)
memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[c9s[r\xf8\xfd\xca\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x5)
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000300)='./cgroup\x00', &(0x7f0000000080)='exfat\x00', 0x20a440, 0x0)

3m48.187187692s ago: executing program 3 (id=7270):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x840, 0x0) (async)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/devices.allow\x00', 0x2, 0x4)
mq_notify(r1, 0x0)
sendfile(r0, r0, 0x0, 0x7ffff000) (async)
io_setup(0x0, &(0x7f0000000000))

3m48.156590538s ago: executing program 3 (id=7271):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_LEAVE_OCB(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x4, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, ["", "", ""]}, 0x1c}}, 0x10000000)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan4\x00', <r3=>0x0})
sendmsg$NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r2, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8054}, 0x800)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r1)
sendmsg$IEEE802154_LIST_IFACE(r1, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x28, r4, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}]}, 0x28}, 0x1, 0x0, 0x0, 0x41}, 0x40011)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000400), r0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000480)={'erspan0\x00', &(0x7f0000000440)={'syztnl0\x00', <r6=>0x0, 0x1, 0x80, 0x3, 0x0, {{0x6, 0x4, 0x0, 0x33, 0x18, 0x65, 0x0, 0x0, 0x2f, 0x0, @multicast2, @remote, {[@end]}}}}})
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f00000004c0)=<r7=>0x0, &(0x7f0000000500)=0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000540)={'batadv0\x00', <r8=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000580)={'team0\x00', <r9=>0x0})
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000740)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x800a18}, 0xc, &(0x7f0000000700)={&(0x7f00000005c0)={0x104, r5, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x2c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x5}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1a}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xc3}]}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x14, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x6f}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x3c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x9}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x32}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r6}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x9}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_ADDR={0x4c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r7}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r8}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x9}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r9}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}]}]}, 0x104}, 0x1, 0x0, 0x0, 0x200048c0}, 0x4004000)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r0, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x6c, r5, 0x300, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x48, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x4}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x9}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}]}, 0x6c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000005)
sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(r1, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x20, r2, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x84)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r0)
sendmsg$NL80211_CMD_SET_WDS_PEER(r0, &(0x7f0000000b00)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x74, r10, 0x1, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x5, 0x32}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @random="c77b43bd04b9"}, @NL80211_ATTR_MAC={0xa, 0x6, @random="30b221e55021"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @random="dfb32bc4c298"}, @NL80211_ATTR_MAC={0xa, 0x6, @random="329e2b843945"}, @NL80211_ATTR_MAC={0xa}]}, 0x74}, 0x1, 0x0, 0x0, 0x4000}, 0x44000)
r11 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000b40)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000b80)=0x1c, 0x80000)
setsockopt$inet6_tcp_TCP_CONGESTION(r11, 0x6, 0xd, &(0x7f0000000bc0)='hybla\x00', 0x6)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000c00)={0x0, @reserved})
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r11, 0x84, 0x77, &(0x7f0000000cc0)={0x0, 0xffff, 0x4, [0x0, 0x6, 0x74, 0x8001]}, 0x10)
r12 = syz_usb_connect$uac1(0x4, 0x133, &(0x7f0000000d00)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x121, 0x3, 0x1, 0x3, 0x40, 0x3, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x81, 0x3}, [@processing_unit={0xc, 0x24, 0x7, 0x4, 0x3, 0x4e, "32942ad6fe"}, @output_terminal={0x9, 0x24, 0x3, 0x1, 0x307, 0x1, 0x3, 0x1}, @extension_unit={0xc, 0x24, 0x8, 0x6, 0xbd1e, 0x9, "060153e440"}, @feature_unit={0xd, 0x24, 0x6, 0x4, 0x2, 0x3, [0x3, 0x3, 0x5], 0x46}, @extension_unit={0xc, 0x24, 0x8, 0x6, 0x8000, 0x4, "10f799f522"}, @selector_unit={0xa, 0x24, 0x5, 0x3, 0x1, "d03947c29a"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x9, 0x5, 0x1}, @format_type_i_discrete={0xa, 0x24, 0x2, 0x1, 0x0, 0x4, 0x0, 0xf5, "2405"}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x9, 0x1, 0x3, "d7"}, @format_type_i_discrete={0x11, 0x24, 0x2, 0x1, 0x1, 0x3, 0xb, 0x4, "89bce65e3b6f41ad7b"}, @as_header={0x7, 0x24, 0x1, 0x94, 0x0, 0x5}]}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0x29, 0x2, 0x8, {0x7, 0x25, 0x1, 0x0, 0x9, 0xffff}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0xe, 0x24, 0x2, 0x1, 0x6, 0x4, 0x8, 0x8, "3ec079065252"}, @format_type_ii_discrete={0x11, 0x24, 0x2, 0x2, 0x3, 0x6, 0x12, "3e81e79380f36daf"}, @format_type_ii_discrete={0xc, 0x24, 0x2, 0x2, 0x0, 0x8, 0x4, "1e33b0"}, @as_header={0x7, 0x24, 0x1, 0x3, 0x2, 0x4}, @format_type_i_discrete={0x10, 0x24, 0x2, 0x1, 0x3, 0x3, 0x8, 0x7, "9f6aef89529dbcee"}, @format_type_i_continuous={0x9, 0x24, 0x2, 0x1, 0x7, 0x2, 0x0, 0x4, "", '-'}]}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0xb, 0x9, 0xf9, {0x7, 0x25, 0x1, 0x2, 0x0, 0xfffc}}}}}}}]}}, &(0x7f0000001040)={0xa, &(0x7f0000000e40)={0xa, 0x6, 0x50, 0x81, 0xf4, 0xc, 0x40, 0x1f}, 0x9e, &(0x7f0000000e80)={0x5, 0xf, 0x9e, 0x6, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x1, 0x8, 0x5, 0x4}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "8605394fd4c5bb1cb9e9af45ce42e027"}, @ext_cap={0x7, 0x10, 0x2, 0x2, 0x8, 0x1, 0x7}, @wireless={0xb, 0x10, 0x1, 0x8, 0x4, 0xe, 0x7, 0x2, 0x7}, @generic={0x66, 0x10, 0xb, "b1ae4320c6c7eafb1552314f1bef46e72beceec8288ba013fe64380ff578fd825f7f9f7fbb9de433b12fd0cc430d47056e4b5e4998f02fa3ddbaee068a74ba7d21a3dd4e047ca66f91c46cac63fe41a2c03c10724dbe58fae96a9d9e3af6d31e053aff"}, @ptm_cap={0x3}]}, 0x1, [{0xd1, &(0x7f0000000f40)=@string={0xd1, 0x3, "19575024ffe5a88ad9a1f125a53d2e593c12278d5c0b9faf3bf33f6b292621733a2c128485c4ffb1bcbaebe2dcec7adb9b5e321973aab3dc8cc13ddd3df18b5a93fc3deeacf7ea137c4f7ee941eca39d46f9eee551ad79c77c01da027894ed31722e10c0b22590767fd97ea45051b32e2518d557223c512aa2795bf592ee115d436abee3b9f104a35f37aecb42785cad8c59e9ca687c6a79b08ce6f3cd5c7e430588bf2cc4dfb3bc32cf34aacfe3c40417476fd10383c7da989b71b64ea668f993d7b9ba0cb6dd2a26a5bdb26be296"}}]})
syz_usb_control_io$uac1(r12, &(0x7f0000001200)={0x14, &(0x7f0000001080)={0x20, 0x10, 0x6d, {0x6d, 0x23, "df59ecd8237803661c74621519fdb37d100b165287933f7d2b3ac9fe490eb770b306a3246030b4ee55774e0609ac8c214b2c672c348536992acf8675854d41eaf7373b24228e1fd425581083ed98a4db7a4939a5af7722f045574f795e860705bb1e300d4ef15559a8dd3b"}}, &(0x7f0000001100)={0x0, 0x3, 0xee, @string={0xee, 0x3, "917628bc1fac860823755edc8d13201988d4f44ebd7b5130ff6b34e66ef748f9facae9bce739d64dc1522c0a454c6f96247b27bfb09c1381c895e1f7309aaf5fc2d50952948eef06724cd42dc97e96fc601fa5e622661abf7ecfc71b86de9c6ea9d34f3260624a21dd2aa925f316593621f4abdda671438ab0e9d2fe78fcf058a65d406777d9feada111e470e66d7399e14a0b4fb0b42ce36ee937a0381cf248a993e1966dd4264786e23c4c112f50e4cc2cfb5d39b2802d4553c569124873f080a97ea1a7bfb0536e1115323abadb5ced8f3aae32a2d094e2c3bfb61862072ff182abf5a14332fd2229d4b6"}}}, &(0x7f0000001500)={0x44, &(0x7f0000001240)={0x20, 0x17, 0xef, "9316a77447f0a5a3f614042b542c5539e85e9650d262cdcfb5760d64aa8528fa481b9b0be75033411530ffee6db7446f6b945b08e131750c7f4fadbc99f59039a42e198521e7cdc83eefd1738c29d5bfa5d3d3828a2dab9cb181003da70a3e855b8ec0d066c490ea46715260e9e21b9980485c09b750cb7f698574c3d6e124a0817bfbd9223c710b7817e82fd113bde5a67cc00fd63f5a178916326b1a38355b6d535dcd93facd83acb287ba2a64b9ca62b6931e7c217b07d657c1492907f67b31b11f11154697549e307f25144b1b9ffba26bd20bdb4aa93bb5357fd1e55510217cf7c9ac93e0e484df040f6dde66"}, &(0x7f0000001340)={0x0, 0xa, 0x1, 0x40}, &(0x7f0000001380)={0x0, 0x8, 0x1, 0x8}, &(0x7f00000013c0)={0x20, 0x81, 0x3, "71853f"}, &(0x7f0000001400)={0x20, 0x82, 0x3, "6d1c9e"}, &(0x7f0000001440)={0x20, 0x83, 0x1, "ed"}, &(0x7f0000001480)={0x20, 0x84, 0x2, "60b5"}, &(0x7f00000014c0)={0x20, 0x85, 0x3, "471b74"}})
fchdir(r11)
r13 = syz_open_dev$char_usb(0xc, 0xb4, 0x5)
ioctl$FICLONERANGE(r11, 0x4020940d, &(0x7f0000001580)={{r13}, 0x200000, 0x4fe, 0xb})
syz_usb_control_io(r12, &(0x7f0000001700)={0x2c, &(0x7f00000015c0)={0xaa3615e32437eee0, 0xa, 0x2c, {0x2c, 0xf, "1ae187cd67b65351b14b9568256dae9924a376cd8cc04848b861ed3338c7844252db53c79dac5bbf3601"}}, &(0x7f0000001600)={0x0, 0x3, 0x1a, @string={0x1a, 0x3, "5b20ab822f9a1ddb638f5aec2893d5eed4e9e388927e3d72"}}, &(0x7f0000001640)={0x0, 0xf, 0x2d, {0x5, 0xf, 0x2d, 0x2, [@ssp_cap={0x14, 0x10, 0xa, 0xf, 0x2, 0x6, 0xf000, 0x1, [0xff6000, 0x3f30]}, @ss_container_id={0x14, 0x10, 0x4, 0x8, "3b504d4faef843199311c67a6b74c7a4"}]}}, &(0x7f0000001680)={0x20, 0x29, 0xf, {0xf, 0x29, 0x1, 0x2, 0x9, 0x3, "3295a3a9", "4d2ae9c2"}}, &(0x7f00000016c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x2, 0x8, 0x9, 0x6, 0x5, 0x7, 0x8}}}, &(0x7f0000001bc0)={0x84, &(0x7f0000001740)={0x20, 0x43715b075616f1fa, 0xb5, "50be458906c06c6fd910eccdff2f92d49032ca9a00fe7792ef1e1fba109120cc7fc5d97498d2d24b31ebaa77cf7e44032425c06195df829c86f6894c1b28709885c6bdcae516e106a42a5d47a5e612e13016819fdc04ab54ae181280269a2037896ad2b2b1211851cb9aa50711f06b83a0f37aa15d7bf3bed0f08264d1ef88f4c2876a34d4cbcc8e05b8eb669b202fc772dc57e0a3e8aba7032684a1813309f1a71d7c0bbe1b0e4746b3daf5bb525ff65f0bc921de"}, &(0x7f0000001800)={0x0, 0xa, 0x1, 0x9}, &(0x7f0000001840)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000001880)={0x20, 0x0, 0x4, {0x2, 0x2}}, &(0x7f00000018c0)={0x20, 0x0, 0x8, {0x60, 0x20, [0x0]}}, &(0x7f0000001900)={0x40, 0x7, 0x2, 0x521c}, &(0x7f0000001940)={0x40, 0x9, 0x1, 0x4}, &(0x7f0000001980)={0x40, 0xb, 0x2, "7f7e"}, &(0x7f00000019c0)={0x40, 0xf, 0x2, 0x7ff}, &(0x7f0000001a00)={0x40, 0x13, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, &(0x7f0000001a40)={0x40, 0x17, 0x6, @local}, &(0x7f0000001a80)={0x40, 0x19, 0x2, "beda"}, &(0x7f0000001ac0)={0x40, 0x1a, 0x2, 0x100}, &(0x7f0000001b00)={0x40, 0x1c, 0x1, 0x2}, &(0x7f0000001b40)={0x40, 0x1e, 0x1, 0x1}, &(0x7f0000001b80)={0x40, 0x21, 0x1, 0x7}})
r14 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001c80), 0xc002, 0x0)
ioctl$INCFS_IOC_PERMIT_FILL(r0, 0x40046721, &(0x7f0000001cc0)={r14})

3m47.533498356s ago: executing program 3 (id=7273):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='huge=always,mode=000'])
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x800000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x1, &(0x7f0000002280)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}})
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
sendfile(r3, r3, 0x0, 0x7ffff000)

3m47.466542458s ago: executing program 3 (id=7274):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
bind(r1, 0x0, 0x0) (async)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async)
r3 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0) (async)
syz_usb_control_io$hid(r3, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="00222200000096230600000028c89300002406c8870600000093"], 0x0}, 0x0)
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000080)={0x2c, 0x4, 0x0, {0x4, 0x8, 0x4, 0x0, [0x0, 0x0, 0x0, 0x0]}}, 0x2c)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = socket$inet(0x2, 0x3, 0x8d)
setsockopt$inet_msfilter(r5, 0x0, 0x8, &(0x7f00000000c0)=ANY=[@ANYRESDEC], 0x1)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000280)={<r6=>0x0, @local, @local}, &(0x7f0000000500)=0x50)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@remote, 0x0, r6})
r7 = socket(0xa, 0x1, 0x0)
ioctl(r7, 0x8936, &(0x7f0000000000)) (async)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x25)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f00000000c0)={0x10200, 0x0, 0x8080000, 0x1000, &(0x7f0000846000/0x1000)=nil}) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) (async)
sendfile(r0, r0, 0x0, 0x7ffff000)
r9 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f00000002c0)=[@wr_crn={0x46, 0x20, {0x3, 0x7ff}}, @rdmsr={0x32, 0x18, {0x2c7}}, @wrmsr={0x1e, 0x20, {0x9d4, 0x1}}, @wrmsr={0x1e, 0x20, {0x2e4}}, @wrmsr={0x1e, 0x20, {0x8b9, 0x1000}}, @uexit={0x0, 0x18, 0x6}, @rdmsr={0x32, 0x18, {0x8b9}}, @cpuid={0x14, 0x18, {0x4, 0x4}}, @rdmsr={0x32, 0x18, {0xb1d}}], 0xf8})
ioctl$KVM_RUN(r9, 0xae80, 0x0)

3m32.385086208s ago: executing program 38 (id=7274):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
bind(r1, 0x0, 0x0) (async)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async)
r3 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0) (async)
syz_usb_control_io$hid(r3, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="00222200000096230600000028c89300002406c8870600000093"], 0x0}, 0x0)
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000080)={0x2c, 0x4, 0x0, {0x4, 0x8, 0x4, 0x0, [0x0, 0x0, 0x0, 0x0]}}, 0x2c)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = socket$inet(0x2, 0x3, 0x8d)
setsockopt$inet_msfilter(r5, 0x0, 0x8, &(0x7f00000000c0)=ANY=[@ANYRESDEC], 0x1)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000280)={<r6=>0x0, @local, @local}, &(0x7f0000000500)=0x50)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@remote, 0x0, r6})
r7 = socket(0xa, 0x1, 0x0)
ioctl(r7, 0x8936, &(0x7f0000000000)) (async)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x25)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f00000000c0)={0x10200, 0x0, 0x8080000, 0x1000, &(0x7f0000846000/0x1000)=nil}) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) (async)
sendfile(r0, r0, 0x0, 0x7ffff000)
r9 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f00000002c0)=[@wr_crn={0x46, 0x20, {0x3, 0x7ff}}, @rdmsr={0x32, 0x18, {0x2c7}}, @wrmsr={0x1e, 0x20, {0x9d4, 0x1}}, @wrmsr={0x1e, 0x20, {0x2e4}}, @wrmsr={0x1e, 0x20, {0x8b9, 0x1000}}, @uexit={0x0, 0x18, 0x6}, @rdmsr={0x32, 0x18, {0x8b9}}, @cpuid={0x14, 0x18, {0x4, 0x4}}, @rdmsr={0x32, 0x18, {0xb1d}}], 0xf8})
ioctl$KVM_RUN(r9, 0xae80, 0x0)

2m51.053552214s ago: executing program 7 (id=7600):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, &(0x7f0000000180)={'sit0\x00', &(0x7f0000000140)={@private1, @multicast2, 0x13, 0xffff}})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x5a534a15aa402d3d, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000080)="f1e45ef2363b6f0754246bffc3ee3db7ba3dae8597d512cca66ef0647cab0a8860d2c0e5a8ccc36a98020d4e08b971c4da2c8df1f34b58a8fce6f5bd2da65770428a15e493ce0e48858561c59a1ab8f4e8430f01fb61b58a8fc54f91482cbfaf95cd26098e65604829f82a4a9c5c0325e3efc1a6e951bf523a67bc4f5bd81a73b320567b7deeb28ea530401bb28d0a2ce655448e49eb0e34116cc87144ca59ac7353388662e6665e07", 0xa9}], 0x1)
nanosleep(&(0x7f0000000140)={0x0, 0x3938700}, &(0x7f0000000180))

2m50.809806613s ago: executing program 7 (id=7601):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000000904000001b504b100090581"], 0x0)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
fadvise64(r0, 0x7, 0x1ff, 0x1)

2m47.533539799s ago: executing program 7 (id=7619):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r0)
sendmsg$IEEE802154_LLSEC_LIST_DEV(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000140)={0x14, r1, 0x309, 0x70bd29, 0x25dfdbfa}, 0x14}, 0x1, 0x0, 0x0, 0x20040080}, 0x40400c0) (fail_nth: 4)

2m47.005528371s ago: executing program 7 (id=7622):
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000000)={0x0, 0x0, <r0=>0xffffffffffffffff})
ioctl$DRM_IOCTL_CONTROL(r0, 0x40086414, &(0x7f0000000040)={0x1, 0x3ea7})
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/key-users\x00', 0x0, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x80000000)
ioctl$DRM_IOCTL_AUTH_MAGIC(r1, 0x40046411, &(0x7f0000000100)=0x10001)
preadv(r1, &(0x7f00000002c0)=[{&(0x7f0000001580)=""/4081, 0xff1}], 0x1, 0x4, 0x3600)
pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x180800)
write$P9_RLERROR(r2, &(0x7f00000000c0)={0x19, 0x7, 0x1, {0x10, '/proc/key-users\x00'}}, 0x19)

2m46.826235406s ago: executing program 7 (id=7623):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x101802, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='comm\x00')
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000100)={@hyper})
exit(0x1ff)
setsockopt$MRT_DEL_VIF(r1, 0x0, 0xcb, &(0x7f0000000000)={0xffffffffffffffff, 0x8, 0x7f, 0x1, @vifc_lcl_addr=@multicast2, @remote}, 0x10)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
exit(0x8)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x400000b0, 0x0, 0xd}]})
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
writev(r0, &(0x7f0000000300)=[{&(0x7f0000000680)='X\x00', 0x2}], 0x1)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x101080, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0)

2m45.128940405s ago: executing program 7 (id=7636):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r3=>0x0})
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x1) (async)
syz_open_dev$ttys(0xc, 0x2, 0x1)
r4 = userfaultfd(0x1)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802, 0x0, 0x200}, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c00", @ANYRES16=r5], 0x20}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) (async)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r3, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x808)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r9, @ANYBLOB="08002600ad1600004000330010000000080211000000080211000000080211000001000000000000010001002d1a40000b0000000000000000040003000b0000000600500000000304006c"], 0x68}}, 0x0) (async)
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r9, @ANYBLOB="08002600ad1600004000330010000000080211000000080211000000080211000001000000000000010001002d1a40000b0000000000000000040003000b0000000600500000000304006c"], 0x68}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) (async)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
userfaultfd(0x801) (async)
r11 = userfaultfd(0x801)
ioctl$UFFDIO_API(r11, 0xc018aa3f, &(0x7f0000000440)={0xaa, 0x50})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) (async)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
mremap(&(0x7f0000d59000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000a91000/0x1000)=nil) (async)
mremap(&(0x7f0000d59000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000a91000/0x1000)=nil)
ioctl$UFFDIO_CONTINUE(r11, 0xc020aa08, 0x0) (async)
ioctl$UFFDIO_CONTINUE(r11, 0xc020aa08, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(r7, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x14, 0x0, 0x10, 0x70bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x48010}, 0x20005014)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)={0x1c, r10, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x44642, 0x108)
mount(&(0x7f0000000040)=@filename='\x00', &(0x7f00000000c0)='.\x00', &(0x7f0000000040)='ubifs\x00', 0x0, 0x0)
pipe2(&(0x7f0000000000)={<r12=>0x0, <r13=>0x0}, 0x0)
splice(r12, 0x0, r13, 0x0, 0x808, 0x6)

2m30.096510489s ago: executing program 39 (id=7636):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r3=>0x0})
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x1) (async)
syz_open_dev$ttys(0xc, 0x2, 0x1)
r4 = userfaultfd(0x1)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802, 0x0, 0x200}, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c00", @ANYRES16=r5], 0x20}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) (async)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r3, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x808)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r9, @ANYBLOB="08002600ad1600004000330010000000080211000000080211000000080211000001000000000000010001002d1a40000b0000000000000000040003000b0000000600500000000304006c"], 0x68}}, 0x0) (async)
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r9, @ANYBLOB="08002600ad1600004000330010000000080211000000080211000000080211000001000000000000010001002d1a40000b0000000000000000040003000b0000000600500000000304006c"], 0x68}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) (async)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
userfaultfd(0x801) (async)
r11 = userfaultfd(0x801)
ioctl$UFFDIO_API(r11, 0xc018aa3f, &(0x7f0000000440)={0xaa, 0x50})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) (async)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
mremap(&(0x7f0000d59000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000a91000/0x1000)=nil) (async)
mremap(&(0x7f0000d59000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000a91000/0x1000)=nil)
ioctl$UFFDIO_CONTINUE(r11, 0xc020aa08, 0x0) (async)
ioctl$UFFDIO_CONTINUE(r11, 0xc020aa08, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180))
sendmsg$GTP_CMD_DELPDP(r7, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x14, 0x0, 0x10, 0x70bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x48010}, 0x20005014)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)={0x1c, r10, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x44642, 0x108)
mount(&(0x7f0000000040)=@filename='\x00', &(0x7f00000000c0)='.\x00', &(0x7f0000000040)='ubifs\x00', 0x0, 0x0)
pipe2(&(0x7f0000000000)={<r12=>0x0, <r13=>0x0}, 0x0)
splice(r12, 0x0, r13, 0x0, 0x808, 0x6)

2m19.388348359s ago: executing program 4 (id=7719):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x22052, r0, 0x93774000)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r5, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f0000000180)={0x48, 0x5, r5, 0x0, <r6=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r4, 0x3ba0, &(0x7f0000000680)={0x48, 0x7, r6, 0x0, 0x10000, 0x0, 0x2, 0x42876, 0x3d8e95})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r4, 0x3ba0, &(0x7f0000000400)={0x48, 0x7, 0xffffffffffffffff, 0x0, 0x10001, 0x0, 0x6, 0xa9613, 0x1000000})
r7 = syz_open_dev$radio(&(0x7f00000000c0), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r7, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000140)={0x98f903, 0xd, '\x00', @ptr=0x7fffffffffffffff}})
bind$phonet(0xffffffffffffffff, &(0x7f0000000000)={0x23, 0x80, 0x1}, 0x10)
r8 = socket$phonet_pipe(0x23, 0x5, 0x2)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r9=>0xffffffffffffffff})
sendmsg$unix(r9, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYRESDEC=r8], 0x18, 0x91}, 0x404c880)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r10, 0x0)
r11 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r11, &(0x7f0000000140)={0xa, 0x0, 0xffffffff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x5}, 0x1c)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r12, 0x8983, &(0x7f0000000580)={0x0, 'veth0_vlan\x00', {}, 0x4})
r13 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x250401, 0x0)
ioctl$SNAPSHOT_SET_SWAP_AREA(r13, 0x400c330d, &(0x7f0000000140)={0x6, 0x1})

2m19.070476917s ago: executing program 4 (id=7781):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x1002, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
close(r2)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2m18.61370511s ago: executing program 4 (id=7783):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x88)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0xd9084, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000001180)='./bus\x00')
chmod(&(0x7f0000000040)='./file0\x00', 0xae3663be869f751b)
lsetxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000100)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)

2m18.207965181s ago: executing program 4 (id=7787):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r0, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x8, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

2m17.589474335s ago: executing program 4 (id=7789):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
close_range(r0, 0xffffffffffffffff, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000002e00), 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
socket(0x10, 0x803, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x6000}})
write$FUSE_DIRENTPLUS(r1, &(0x7f00000001c0)=ANY=[@ANYBLOB="10000000", @ANYRES64=r1], 0x10)

2m17.480486601s ago: executing program 9 (id=7791):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x1002, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
close(r2)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2m17.205385806s ago: executing program 4 (id=7792):
ioctl$BTRFS_IOC_SUBVOL_CREATE(0xffffffffffffffff, 0x5000940e, &(0x7f0000000440)={{}, "31472094e0a840a486d95ae8814a1c8af02e470cb03bfa26b18df417244c1ecd9e9866e3a5400c4b492b1f16c67dca07d56e757053d77842580bf11a3bd083c81273f5b49d4b06cdd8d4b781134570fc44b7a9c81407308cd7f375931fb2130c0f2da109b67abe8e78dded7dcbec072e405ea0b98ab33c6dd77bf98c733d7ff84958c9c965469aa51629108521647b499ce9272e5defdf3d4818b17322178924e1a2270f93be23a8993b8efcdf19e0aa1b6bd534f37911dd6df8b2f099ff563ba26fea9ca0dfa7b947a3b0b3cf051b9fd411be6d73557fabe4078490167ee45731a0af140190e874f1097adc3dec3a8bd782b5ed3eea3ba480518444908b908ad9bf520bc627f7aa0b1bc0f64232023b555247f4ef27cdaf472aec07e6264c24d0e211c57d625e5d889b65de601590cf2535e1d9a1d8599cf72adfad6d64c96053854a8c354a5cf9301e4555de727429ee46ca90248355adff1ca62478285b7015c4f060a7a1a8c857682291c11ec68a47305a9cbbd36c191a0327acaf9a21e22922d179c9ff41774a63244f3013c3e349dedf30aaebb2cd081b3368c32bbe76757696bfa2b0c4dcd7834cead4665e3b4e9b5313220f3f6b7594fcd7a216329acefaccce9221b53dc455d67938daabf0d97a816aeef767097199ae0db1b00b8cb55c55d0d07229cf955c75f9287745b1fa0eb27e29f9adeffa298caa504f06606f5e48004a7f4fe191ecd2ca31af6318c8d46160030d0d9c8ee6c7aa84d120a224fba4453b1117150497833507bab56ad78e11b020184ac48fe798749ea3f7059f8972732eaeb5494f86b039b487f51042174d0f884de49bafd4fb0f726515a6710edbaa386428db865905286f94b34b9f5cd0a09ba1c75a554b8046dddfec6523ad14ffddc71eb5453a1aed2979a1f7519f922551414199833c7e601fb4dbd5573e937c7bb0b88ba1c09d46ae3427032d1f3faac6d33c9cd04c166c9de8726d69f0a40a8ee19eb7486312c8c3aa4472f86eb45782ce8f8db9bde149b6b7d3f448a344e6b0899d7e33811fd0712dfaa876dd8bb2c0b0af72e746d09811b19c2754221e463d4ca2462a89266bc430fa22cc44933b795b5cbdd943dd6cc987eb0588b2710140abc655403e9996af9f70f4b3e368189bbabdfb1c882899b4eb11e60a86a21241088c3bce0ac3d560d82ecf875476b15e6a53359bd4ca41c44511cfd09522143780f8f0b76fcb3e4175a06af8b803cbd206136f067361eb4ebcb9842db1214e02fafe4ff6bb2ae05c6eae129a0487b5d8366416df24e78752f3daf57d9b2bc86fad3a71b7c9925dd393ddc91c21ceb700d05eb8a747e5166f09a43dc71d7fe64b6e9b9305f2ded78a6372ba9ec48c60ddfafbb8bb700fc262e48c6d95cae87d56c346d9f0dd0c125d7a9b1cd327d3eed16256a59a66eae2fb30a3701f0c9c2e62858c87f53431a4fe6fedeac2a73641557cb817db2660c881f6cbc81d9812255c2f992013afbd15477478c580091d5ff9a7b537eeef4b4a47bb2c265009b3398ac48a525892825011fa9d0cf5bc05cb0beef887655ab4142567399d2dcf55c031ae4be4226d9efbf1275ddaa331f52621451d86d67f1a500f6117c5669cfe3edce91b18078aa968a6032691123e6142664cbe8d378e2fc88454734e9b0d78b5638d7fb49c8f5e9c0e47031d0dcaabb3155449ea46b3d804c2e8394ed7f8cc071b28ace512ac6f54aa2254449998bd1b8813c9f0df8639bcb677c99667b2c46a28fcaf40f3d55d393c04dcde0c28ef39bf975cc9166e3e2cc63850f35b66a44e9f8aedf86638ad98162334d0905fb663019e225cd40ca0ce8c71dd56db67b2c422f334017aeeee2473c569c337d1f094f4ebbc52def4f973cd1a69c068c5efcee99726e8b90dbfbd784264a204dcbb74e93a377198282b9301ad21f12f13034217ad3423108bc579451f8905e2c00ace1c8d6b2428ffda6883dc2de58d153335d1e89a5dc57015caef8055cba8ceb49af899e438a02f235d54b8ea3017b451a24bf2888c97fb648fa0b223fba212bfd61fb7c31a8866d022e12016d4b22fdee3340e44015912f11a7a62533207dac39e0d2f98b2587498be1064a781f5bae6c0158663bfab0967962a6589639aef689ca08c128f65da5caf2c17fa597937f05ee7fa091493a9cb11bfa4026c14291da41ffe43953f4b4e1ca1bb60fbee104502d19c32274fb2e32b31ff2b7b1a68c88fbe1dacef718ab05109ff33fe8d204f46573ac5ad30eb0756ee69373ce83bb3c130403cc04fa4f0baee1bb284aea00a1ef976c12ca5c9cd2a03ee98e399655458bfd0c510497154476f10e8a69ef4e667feb5ae7ed3e51521dcfba1aeeeab752ddd8720884c11bb5d861ca7a6d45b073f5f83eb3dca23803557f2c4e0ed1d805d904379ede74c0f8af7da5051caf7d3f0846a9be5882662c14a3efaba05a856002851941b807462007b9127b9cf05199f8828479f3c01dc3ec137f5bac057fd4c0dd4149a4edbd1ebea9eb3257113a5cc2a2040ae1fc3766af73034072325eb06b230e450c86cae8ef9f9f3da64e13039cdcce35542af9ff93ff500f994ac2bcd169b8c12ae896e9aa2fb95932eded2f08c6d5d9fc4cfc3ed55e5dd40267c590fdeb404dc1c6e17ce8f3e5c92a38c8a534c1e38a2f9fc3c07de22ec42e365030bbc1bd3953846975a9be045734b4c29774cf4d13ffe3896c70dd8d320788f89da53bb088d73cd59e33b46bb0a73de795ec4046fd9960bce339feabeab838fd0f17996f48465f6b782e278e4f4f4f060980bc5668a78adc554aa80e03312d5c6ef7ef08fc4e5628ee59e782488cf39dd28e8c2ae5a8c963e5281d15dd08783a012396d61e8cf605f31f7ab680d6e11f9483f9561ac95b36a729e0e99563730e9c483ed3bc814f0e5578a0e04e63702081f14f7323e62b98628f04c2bfbb4287f3e69657f3bc9da6db05de777f6b47a6c4154795a381b152099002c5e3083977b727d9efcc27a217eef04503f577816db4109e8c99785e87fd77391ab71bcc031aa518fb478ed4719dec33e1eda522968d5a8ef4323481c71c95ac75c5fdb13dbe794f9e442caaf8a9fc740d66140c7d6e115186839787a23474c7382a44627a0aa9e00c5be7d87c6bd4e516f6d4c8dadc9673bc29a4d3220ba707a5c7e5949491f68d0d5b0fcccf4356592277f27f83cc4a52c6f63aafb836be1402613334466bbaf084bfb6b47f3c46e2878312c8ec3ff9525aa2c0c5095b624bc8c552aef6f8a8cb98348f8a53d624def60644d0a206e2f1fd3c4ef77b2309685c8098e8d023070a912b2b2c5ba02ba1805fb01cec70867b105bc3da6192fe853a1374db1c779156813a913ed000a37b352d0432863a593bd4d1c85f18b761f3857627d631c8e72ee389104337679d0666b1052edfafe7634e4f6278d4159d4c338b2867ef67e713501f1acb6b714c4f05b8a3ead046755f199a8118d9ce085a580fdde9ad7b49519f584a79049b286a8062530d07aecc9d6a3bebbba8ea5df3b9452d34f996ae53bd1fbe0e58dbc9bb6eea8ca82c096143910d4e99293010e39b3a00eb1d28f80adbae23003debfb19d4a99f1aca32abf1fe2e2063a7a93af2dd3fbc1fc803d9589a91022c3d2782f09b080468a877a4ff343fcf6befae7e32d22723a14fa9e5fbfe3b9267e5c50a9ba0d98436cb5ebf31f039e49f1173bd417e88c7ea1e00175c89ad41c9cd810db5060104947fa060f7714a95c7e5f9e19d10a89002dede793ce86620c6b481684231f8e6586833085a42c9b4b8a5b67c5fc622038d22b6463f570aed1953e9e404bbaed2df3bf4bf7cb6d1d06cc4fb7402320de22b920810652b413ca907ca130c4fcf813b9dbe19d5eb17a6d2767bc43311ac3e6627bcc7b7d4f9106d59852e4fd15e77b3b25415a285e191851afe783f715c9bca66a548ff87cda8373325a42e59af468e492e7a8e8e7325d534b2b33344190c09156422b84de6069cdf7c9e51e9a1f896fc5e7785824f743427e43f38c8709c98faaef4a25a33fc8eaf45f7a0bac496a76d99fcbce228db5aaea3e90cfce41dda92865f43e1a6ee63cb586634c48141b42a075261ff4a624b253fccc67a58affb8d186bf93c00d4f9ae0ad8e7a365794219c1d06679276d9be9cdf9b4d2dae1c68b7f4d99857df60058c157fcbf763ee00da931668b1ad54ebc526f2e283089ff46cd5b30b75800a07d7876b93f46406855fb33f536e390455079cda87277a5c30474ecfd6f0b6aee3a13722af426cb0e160f2016074761f472e6c161cb09c6572ba96765c1a0bd0cf6674d7df825477c00ec04629a18e672053b7ffc3e2798e3f9927019d6d8fc2a606d2d43a5a71613b7d1f19cf43991af872d60579716d6f22daab22495304ddd0fe19f9e134528c8925be295af98cd15cec02992dabbbfa3d06594d85b15291936a9cdbdb69bfed80d3e784d62121a861d065b337470a109b7f36fed02f166af62b83057de7eb1487322179038fb6cc4981c3dab0ed706c8fc0fcdcea21b9f4350e459aa9e5701bd253aa13dd36a0d07841602c68587604ce014f5bb03dce4a2cfca07752f2cd4f99fa7c4cc8b5d1ff6aa6f159751df592f36cf382c5b57aa54d6b8bc0fa168c01e061cdf2fc713b40094a663484cf7a3fdc46c4e8710e460c5ee66fb8d00add8f25bdb262e47921d82086a798f8bda40e97411412fa3d6b1ee4c1837cfcbcf6336a203686b318dbb72a624a04eefd41d3dc07f99d6860496eb34a56d41a60eca9946434d381636b568cb782110faaf0f8f7ddb5b6a6357d0004b72ee73421139f8d25ae4234b80fa6ddbe9ed11c6b2a5144c2ff6c62378aeea02bb5834e56d079d683f78e23c77259e83a1e0f8d86b07bbe767d471d4258a0c0a9fbce87fa57e6452e8bcafe78d664df739f1568eac21a433748e92e4b1ddd86fea5ad757c74b8a443276f505762819d29c9071cdcf2862120ba100cd6046bdf17346c8fcdb1162f10735a153c8e39412d06d9eda832f5b8d43b654adcd140cd1fca322be8bd7a19705c2d9a1f6231d185d8523cd8a9d2fcfa71bdd8658328b0a7f23a8c5cc3296d4b8068813442c026809b0aa37718267ab8f00c7669c6be586285f9465aae2334cf085911df80909d1f607385b7c65e632bda90ee8c343bbd018e61936322b106b724de57349c9d53bbb7f1caadb05338b4264cb0c37bb5adaf92d82b8ecd66cf63dcceaffc51826176302ef4bbc5f35381a641e227a542580133ff44df133aa17da0d841aa14b58cc342297a42f595ec9f7c117c510a69cf7b4f7a7e28d843ed2bbc1f0b4ff47eaeebb2dcf57f8d0f37db42f89e66c159ac202f46ef08f179b9439abd9fc3a24eeda3f2e459ff3940d62bed5d7cce30c44787c7b0be5ec4054963e7189cebac4a822e4c328aa2ec8c7b69cb0d6a686a8f2e72fc2a45092742cd79473973a964eecea201675782eeb79661ce461efbda8f2cb14095213078f88747abec7db1aacf09bf960ac9c0998b6af8b77a6757ebde760dd8307d6246ec1c158ebe0a0f6554c26499861f3871baf31bca1f1cc253805fd738b4adc0e01a746f3bda648b7ba518f7b381d56d62aa6dc801442ff86b04cdb74b4a8fe1655a57885527a54e7e32fada1242aa35d80a185633460dbeaa186cbbab764a8ee182ba9be1b0c98bf8e7286d4c6be6a9791c06ec981f56953e94a9636f0033c6f963932f6965c011c0a993ca30bccca083b0f0368ab700f763"})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
write$FUSE_NOTIFY_RETRIEVE(r2, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
chdir(&(0x7f0000000100)='./file0\x00')

2m16.948417349s ago: executing program 9 (id=7794):
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000000240)={0x34, 0x2e, 0x503, 0x0, 0x0, "", [@nested={0x20, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @typed={0x8, 0x0, 0x0, 0x0, @fd}, @typed={0xc, 0xf, 0x0, 0x0, @u64}]}, @generic='^']}, 0x34}], 0x1}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x5, 0x90, 0x0, 0x0, 0x0, 0x1, 0x10, 0x1, 0x1, 0x8, 0x6, 0x0, 0x0, 0x0, 0x7, 0x0, 0x8, 0x0, 0x0, '\x00', 0x8, 0x3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m16.442177475s ago: executing program 9 (id=7797):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r0, &(0x7f00000021c0)="000000000000000000000000000000000000000000000000000000d455b4da00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bd1d8811cd8a942e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x2000, &(0x7f00000041c0)={&(0x7f00000001c0)={0x50, 0x0, 0x0, {0x7, 0x29, 0x7, 0x2110029, 0x100, 0x0, 0x1, 0x57, 0x0, 0x0, 0x80, 0x4020}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004300)="d5c2280baf4e05cfa1d1112770cf43a123827586f0f2675b130041ff58ba6533ea7947f2f65b1d458fe88a96133ea3927f41fa6976fad8c967c88679769ee674b80debcd1ec6ce1eb490888bd66a52141fa82f51882b22a8e36ff462b51560307cd0048156800ad137f359719a9c5d6ad6a8c999984f22461c4ca6614ca4cbbd5e9103a3459228e3bd35e3c1cd5f2a83fbefafe7c5a39617ba1d856f37977da077ffcf4d52f5bb3feffa9e100b0279cb635a61ae9f5f4491bb1c9f04c041818a1ae9a25cbca38c4b4754a8be4f52db20ca464b3b4faf0ea8ff193b414e7b7a4ec8aec2e77adc43d09c62d37fc0aa6296a56a9445f264a245d41e77de43c2694cc5885ebd454a3b78b60172e3e6a2fd79efa8b5fbbe827512aa0656920858da51616244ad32e53ed039a270c042662bc966a8fa05e23a51c76585a6f753e57c63b5a1dd11c4ce8773702c5c759471b79ee9bed600d99853afda9b675f071bdf6ff4eb99cb1ae0128ac1f8132f9b7bef82221276395e59f1323c9f9f6bb937a9db0bc2088670ffc3e6233ba73d4e324df7bc866e84e82ab707ab8aadd593913dd3533cddb396e804a63155ad6911962bc49bad21faba90b5570b62d98eb5328214a7198b36ea6df9a72dc248311040e01539112e1d6bcb4ed9d7fb70d22768ec6603e4727b6ed2616eb9108524985ccd70f1361f68b1fb7088829acdd59ec5af9e84409737f0d852a3c55993cb7398b5640c458bc036115b86de7b8e68f1cff882ee5707040571c3e5c9602c773459cfecad4917d8ba2902bd64a676e2c6e507d06dbc806c13c0fd18175087440ce7d7300dfe745b8e98ac63b400e449a3f2518c6112c9864fde68f580ebc2d72e4bbd03f16a7289be813c258b02f76ce901afdafc69046c947c9e801ac635b2a95cca291c052c7f8149c92aaeaab41edb34a70604a7538c4bb6486b983416843fe6a65d7b828d66deb991e71526b7627e71c6a795a02e787bc561ec4b65d4742a129c59bc71b323850cb416f3d32494d6dbfe3ea73cb473b093ae0b0ebbbd3e3251ece756b3cc381f05ea1b8c3f7fbcbb16fc446fc084725e6c3a608221aad8d8179112f9e5ee3697346a0dc0645e530df523cf4daea14764c25da2da863adebaccefc2c83a9257b3131ac2fe04a27bf3aea8979b6f3091b4fef99e203725368d297bad3b020273d0b606d2368e2ecb0776349cb86bbcbaa5c910636527e3cbeca06b4135170d8808c5f113fcd77ecb2f099d1e663617a46ffc5275c8fcc339d315ca1583f66fe7a7e6430405c0be889826c07fcafa17f04e08bc39570a1f499092d390c5dba82d259f652307ff941e9f1f569a48144da846f14452df295553de6ef4e9ba0cd98dd16cf89d8bead08eacd4eea71cc5f8232349f2d8519b1172c724d3bbc415c19c9e679b5a96bc9051cf6f243f243366622023ab1b7039a89152e7db97f291bb3f0213c445c25caf5f0a5a2b382c841cd8a490dc97d008966e94ed0b5ce07bcc0c13b39c349e4b596147a633f3a73ab6012a1582d3d283293bd7c01f99cdbad8e18d24867c39ed0dc3fc3cc800edd23af24b225acb2cca5aa264bcda40e1432cf2cc0050efdff48fd49ae4225a983d1b12facbaaba73294eb225fff64a677d0ed2cd71bab61b3fde8a1fdae638d2036283a8a4ff5a548d05cb706f56ce7e3f55a688fa6c70393c53c33be11f34a38f61f80c8e94e50fc9d7c3695d234705bb9e0b2a8316cf54d7963f548d49f153bf796d0970ed1264c19d79eb77fd0aad4844796cec73a08206b9eca76f2ad76318a20d52e7d3338eac40d03775cca0c2b29a451cb10bc141289c2703198e7137200a360463000fab97d0da72a7b4e8aadfa8a2e559a7d06bf49d6d4a932cb29994ef7ca0c1beabf05b898bb2338e89a67373d50614300f13523fe451d4058e5a522d364ec884099ee3c6e6db8d4ec1e5dc08d127b6301a308a1d6798878c28ef828b91b529a22b7519d249a189a7eb942b94ce26148ea8bf16a44261cd9691ba980ec2d0c710dbee41756cb39b88213ad5763239ae7636e983580c41a40b0f3a3af9fa6f995ed1981d073f63a623554bb01869bdfda190bc8d9507cc067b897e1c5f0d087cf8dfcb171169541fa3cce7c3a620544c74f2d3234935a0acf6c804c43992812925cbaaa24f497e7a00efb20c45c7acb80adb3322cbe0f08d1015b40f5ae1366003ebea977b7b95f803487d10aedca3fd018cfa7b267dae604ed0ada202cbebd731f86b7c6764911d4ff0c75a318ee43b1b556781ac58fbd773b2bd0dd693f9b12fa149bbe392cb2d6bf72015912f4a120e47654d42d14107c67b4502b5ad62044d0022c7f8b255a3e46da4bb8f9e44515e4076ce7b1aefd57c4e264b2cbee4a9e8612ce8517b028067644c927a9ce7564449c8fb0471a87b9b76f374c7c2559379a3004326bdc91be5ec52672dc5fac0883ec527f2a1248601bb9267c3123568b815b90b40ba06c250e3068dee2d7fc232141eaaa130443a5775d049464ec454a7c980d9eebaa4f67a75075a6bc28ded9a5f07fe658a2b9eafa37f14055155409d1aa50be6343d13d515d0531b84644d2f58c280d6d008dee95607f67eb74c900f664d97f411f4ac6afc18f11b6fb75e78b3ff25680ed3bbf5b20969678475b86faa02a751e4cec87735645753f245047371c9e6e2e7ab5a9ea3182b4c96934a21b9df3628b478f5ef705aeda49a0609d4b8f5bf34424581557d029438306002fd4e9cff5a2d4e7d5e23c2992032d314b8fbb46ccda250070fc1b679c9c8646c5fe22d8fe2e0fff73d8153fc46ef7885aeaa2d1eabbe455544d46fdef8e3ef9debfe589870942bcc7196e62736e927c311782b5e4da2889d530a7c1550bff4909d2055941655cbcc5c924a477c80fc3b8a904cd9e62f5fb005b5b00154db5becbe327c0f3ec8314ef3fb53977ec24ff7d15aa83a13b23ab99c5332306023005d2dfb70d3ea2aefababd019ae16d304c083e38997cc94bdeb746fc151849c98dc2a23554e6fe789d3aba8bf4e31133c7f93a3cdcd884271dfdd2c45be398a5349ef5d08456178dfafa31cb4c607f09394d71b3405b3d615c7c59c125db88f72380140345d24c56094711dd833221d6b7c5864d049585605c1301c31982d19e403b601b797fe99d0bbfe30d647a913da72b4c5306f6123e7c572828308a9a8f4c686d07125d0006229c2e890ff7d3c354dde61ccd3b26069a81a98e112e61a930f253d607cda5023f002a09df6b1371638d9661c5a06bed166434f07120ad21476de8ad47296af4b449d581cddc74f9be42a84596fb0634f330a856216a9b32b080c8b66e9f51a758b9ca2e1215ddfe633714ca512032f6547217b1a60fcdb27ac8a04bc7851718b38607bc92c13118a323c3221bad99a8639762abcc4a08654da9938aeb301c55546f5ae7f61439dd883a1b2dede156a57c805ab12337d5381a2fb25b32916a8827fc4de8e2ecc70eeebeb01659d6bf88055477b863fb897d5db275a0c222d261e7df79474858b721e57747fe8997faaf36f5f175b23dd3c5efb2b93fb5824da18d635cd7027a3b0b1c87e7c90a5681682b8a7c47dc82fdd3f329c7b60270100dec8ccdd310245b92f4b0bd9a92e1f2a5733b1b91966be15a4761b06f6fe3b05b60ee7964b4d028257c2210ca88031db0590190d3714c1b6ec86e2821dca03db2fc0c9f0ad9800d1773c8037e9b38c7eb7c99618b731e0526f8453c7e1bb67cffcc2d96cc297e1f917b13dd7dda2a8b12191ed107c1e076ffd4965b9415f830be97935cac23a87f07e26354273c2663c7ef19a27dfe08543fa057e1285c909051602981f5929078214058684bc80bed493f6ef853012cb654d180e414fd484f5cb2cfd06c9b753f417697ff42794649e05fcaa3d53ad0fdfbb0db57dc549115e59978b14dd621370d136176098af2f39a2de72482a29b616e8b308b3d9b46ac9abf3d57ff89fe59b5a97966cc4b97d06c20ee4fd765e1c2abce54dc271a7c7efe656648800c27a9988583b4b76572222cb28916b9ff5f6f649de93923179809405c879a90cb450f604cbe8af55cf2a6d844a59ab0393b394e09c79e1b3c403af6eba69330f6969f78a49eb7022e77a39363f11e07fcc69f670f63c11497352f3f5bfea0aee446da35428cebe28f1c2d23ef3ff97e16ceeb2f88ab19b2b69dcdcc81b947b483cc06c776c52232489f86f4c377eb38056042e2e9e0943fc0ef1490df472b9b244235598894a2ffc296f0a2e4257baca6a3ea8cfb1a22ea8295ab9e5faaa2a9e964ae7625dbf945cdbb369265f429d475ab69413cc5bcb89af57b1b966bd0076f799a401d4b46e5045aceb1ef36e5bbfb037bb7681f2a38ef1df9b84baa3598201d13a813165355bf052bb5e456dc0abdefed995b4eb37a39b313af800f6029243a6a7bec75a23389a90034cac8df6713b919028a14649d756d0093550278aad494de2dfeb76220fd3ee5be31f73839ace7f0d6da650e26f5ded30471ed55d2e814fc1b89102e5917b4e58840ecc211eaffa5a2937abeb882ccdf29308e3ac30e23d66ee79c29b4fb7e793a55e344cac298e30f1ca3333df8b58f43126a3404a61501ce06b75e6e6a4bf13dbfb05efd7b9b4219efd428c8f7f345884640d19f5515abcce05f315f00e65d9aa8022890a23da45ede06f455d66e0c96bbf7e9cc74eddca999a51174b4784eba8a9ebed13415de6bd0f160443d43b78181cfa381313a54e25f6751a38f290e5972ff7f70692e18c4737af2a7f6d4eac52ea594a22be4fd00fac1484e6d2d4d3196b49212b49598f5bc77b34d8a3633cf7212c869557d6eb27bf0d0a02555d9318194e9de9c9730ac72daee7cad6c2d4b248a8744515670766a8f1c739917fb859d98974532477989f4c24345f120f5320fdb8d8d56fa6ff2511e701bab399513cecb3e740e3761d02685a765f5267554d0f9243b51620197adc3b561b59c58f334307220db357c1121d7dbf593898b5d2c505f333445c084a6cbc6a7e5252724c83fcee85e304534780a01e7ecceb2ef53ffb6bc6cb9051b1400493ce55d62c01e972fff3cc7d0b68a2dd4d263c9191df1b629e323797f570083f122db3df6abb6fd6c4a351bb7500c7241e4392ac76e04259968e517a43e907cb0b0533d6750b9587a1a5d852639c6b789d333e848e3ad66cbf19c5ee5a641036cb7a858f822f657dec36cc134d6c1a629cfce1f1e24dbb73d09fba04f53b2c6309d71d92211a1f08535244eefcbb52e095626bcc78b950db1cb8facc3660fa705dceef155b00aef3291367ffcea06b5abe588bbdcea2637761308dc65509798b6a494dae4a75c1922c1234248dbfcabfaab3088a0dad09a135a45d75105314020f3ba8901dc39ee624a32e9f863ff55844974b44e57b30302cd0c349f3cc091befd5665f918c298ba89454fb811ce573e41f27490853a52abd6144e85d77de88c3f2e5506c8de40a3957e65936f3b294ce92610b63cec888cb16fe0e8a7af3dd142da96b57f602cc64ba69966724584c2872e5fc42348a324ff082a3ecfded82c3e5b7292d3726c4800176acab6a7a1479a0b5fea79f299e90ffdb1b3843e2349b8f8dc7881145b3796380474c2ceb57e27726c9e50b746a2b12a214fea9cfd6c668363fe6e402710665118928fedb2f4900322b0c7d2c348881ea52278dae765c14b51fd5e8f000602aa3978d83b76056410c2260931e35d841793c8a36b191f93c33c0e4e6367ef45a1cf5145d774861224afbb11a7b77bb94492ec49827f713f8309d80d22e17701046e04c5b277f7b423cbbada01e6d40beb56e755e583b8f3de4b67c4b5ac83771b805fa7af49de2fc8b9a223293d83e7eb4eea3a3af1d1221e5d458e7cab60eaf1b51550a1b125ce018d76096f16d922f4aba48a728ec1b7d4812fe2ca789261b6d8e0c8edb3ba9007649084899c4f6b7986c1cb4a98d412c801fb91675ee42e2bb511bff6700772d3c03a7cb6adb41cbddc33053f8f65c164e9bd47b931510046506b169216d0a04edc479bc51c28acc536ced3834a7a9ce8fb55b72fa186a559437bf41f04b733e05986c915bc19f1b2f99d3bae6c13873d32e3c809b71881c3075f8dd1746f36409ac7934c25236ee2752560fcdd5175037a6fc5f0da58a229418ce30f3e64f9eb6ff3fe4498f47fdd69ceac5e792c8c9f087316f334b7f75e3432d3f1d03ee97c8f16485ec906c94e6c9580f7d03d98a8da85ec118b77c6c1d3b2e99fbf4b45e66cb4f8817f786d1f90e1e5e250be8c240a9648a219a02e62acbd72d1b0c0b42c75065a35664ea6a03cb05ea179f2e8e50e3d7ed53d31cdc10cf5fce48781fa338e3ee819f410540f045cb0edd7b2d219993faaa97cf95aa6144e889a02069421291d05eade30693a751039fece452c22d1afba081d1c40178fed7684cae475fcc365484118a184670cd7aa2758bdb01058ea9b244d5241f627bc5be11c9395e3cb839b0eac7842a312e1fc8b4ddae2aa4ef907ca5c9b847785051323e16d5497c4424289496277475bba67da750fa05bd8be730e4aabaeb94641fa2263dd3d4eb511b4fa40b8cf8b16d7aded1163f2258add79b04e1eb888afa27d057de2523863fc2da38d44cc69ae2d455900eede5fce69d7e9f8707cdb2456a45dda14d257eee4982f86259b855a0293068aa4aeff9439bc06c8ed5a370fe46fa88fa9bb92872166ac69152d1cbb4720eec5b9a057890cbb838aef12091454fe721395b46f9fa29ec1829fedf65aaec1176bb9eb15511bd77e7d4fe7321b3e0dfda95e5c90c3663956477885d6d94b280f58edbc77e864dca73536cd4988bcde2a3edb91704ad59148d85a001e393cebdb56ee088fa1033cdc6fbcbea30e2974035bfe29cee1eace13e30950bb4658886dae7e565ffd7b71e41feecbcac35fd97c81a8fff9d2a1d43f183c6e984671e06645eb0a60228d1b6c12c28bc6eaa4b9125c57b48ced2e199ed3acf12dbe10af4a56f2f5dca829fd07fc3f7e0de6913c73be0ada3e43bcbe70de784de699d0b51d7a56a3eacaf5d7dcd77d73cfb82e04633574213e05dc98850d822bc6dc90dc3fd6184296287342e2243fe6f0cf94e6d02a1b900d0c718e2afbe7fea2fafa375f209fb9cef5d844b861a1029aa3dd7081e81fe6501bbb413dcd23e013f279ef87e082335ade324b7688054992ccc63fbf9153213ab6d07ed0b79945d19639aaa5dd10e53aafe57f1e323300246cb1d6ede1eb1f319ca6fe1b0cc8e733b34818425888110b6eabe2db302310d0a8bcdd5342146b29c535cc9a95a455c8926d77323a31b948d47dc611815a329654a252fd09dbcec5f3cd8bc7e465759eb8e72ff6fd4ef1f375e4e8762a58148622d14480b7bb9aca2eeab3367a7376c9c85e6ba1735e56a2fcc6baf92c8d21942883f318eab7a568fc7ff01885a7089aa7661b15d73799bc0b8f8ce6a3b61adb6949965a223850b6825616c036e099952e04fde7cf086b5e76d45b86ab78b322f9af580173f2e798a39df7cade0d365c9d46d3fb36970f8a99d7b20a1b275afff852126f21ac24ca8c34deb49ba511f4d9edb4f56941aaaa477253f9bfc9a25a2694bbbe3b917074dd4eb6f1be20395ac33dd932a7ccf0604d64257b5af3faf271c145c190a528e471a7f23a53b5f9ea1bd0cc36410e9c538e91dd01d162edde856087b60dcba2042e65b6ae7b81787bd3308db9eb025b6fd930a9eb74a30883b83cfa8be5270dd3ee3408db7f7b136adebb3ee30f0e0b8835a0ded325363e4a2991cafd4a73483954c0f5d3358b25780608fa48f3f527c7e617ec12eb017df33f5088676d8bc476da251e608394e3d8fc0883fd4d1804f8e07f5e12ffa4ee80365a88abf29936bf1b255539fef95f5cf3bebcd26817edb28e7b6adf4851dcfe8aa1aa097f67c51557326ccf9c46ee2780d491e87774324d4dcf26f2e472a5e199b0cdef01094ea72bd5ad5fe1be6c9d545df3dc5de550665d220718a2c0baed2833cfb1428e2d1c2b9ea1e29f4b07fd6c51492643d4000716cd1e8a4f9d58b6b04b805d8962495323fd62949b17348418201664c6f2f651f99d73f8d17bb5e52dba2e6f94fa33f816d74bb6a45bd6cbdbd07f530406227c8fd11f390e805bbc17bc0e81076a27c0be023b64777afec0a7a0c3f53f03bc2ca72ae2873d68217a1a6905f414c2cb1b9561dfd07850a026da5f5775a66f8f3a6bc29b48c8a81b06ba30994ba8e7e233e3a3a5d886767ea6de91fbfc0a594c2375d62e71c7209d87d0f6c7a79a0d80da328e93f08650ec745495c771410913d094e4190075b7225761172eb420c82ab493548f6de38e17d3e687a89ce77c67c58b875c48c8a4d1664cbc6f67df357e040444fcd515d92d5823fc3ef6485208b6f3eda8cd09ea3b004f7eb06ac268ae8c3bf571aa3f619222a47540f9af340c80c587f7226e3d715b18c3ee41f64777d3a0a09f32190ad67922f6ecc63c956a715c3c42a6aaaf5e588d119210083ceaa414820b62fef87a678cd3f24f8fa3cdb6629b041cd7555974313f56d1b0e117ea925dc95e18b5d3f4ba9812f1067022945c3f5d547370d45853c4db3c9ca4436d7e649e1ac3ec02f9c1e9139849b46027d4b276cb0eb4b09848999f466f528290e47ba9540ceca89390db3fcbacb1d566e22e917f01f4442bd4dd0d350d057ffdf5b3549ca559901e6ff5147bdc25c11b23f1678f02c20e4e2e6f339b262e2b82eae0b15b4227f1d514f99ec78fbcf80c8f6f243536f2d7a809de05ae5e1d676fe950ad3513f801bbe4d16737def4b5ec4b62f8562cd5432bd372645202edeb286662d7e8d0dadac5b91c903c2756bdc4f5a7c931f2c3f7feace2b83f5459a196000e2ed1e1b2accaa9d637d5e408340161331c4b0047bf2ab31d317bb1c8f6e1b3d52f9f240bd971a447942dd4b73301781656aad9ce9b01aed907b7eb3a78397b97e601b04a4cb028d327ef32cf20c34e8dad9c9b1f981ab5c06a2b0271852e2a1016ee460d8568391c9ece5a2b8f29cbc6f2d6cc2e66c30c96df548e67dd6ad8c1ff09dfa22b2e8b2c52a3948c4febb0910c2d34c0604a5ef930cd53be69a4bed9c9ee057178ece02a6b4df4624191590952888bdfafd2dbeca128d500872a8b236fba9623672c4dc15f56a761ee0c54026112fc464f72d3039587f009b94930dac0dbe444a939b38c0f5bce7aa366bfc2bb909db231178228846f71a56ab219e28cef1b102c1bfadbe8f0916d10a573b8cb38cc2cc2ec496a410a4e82847006d2ed4bac927a63a00416d0bfce59cc69aaf78ddc9566f23582999a655c8ad3b217486fb5a037ce089baf344d55bbd475be4e90b10e92c9c1bae3202c2d63355549f0ac95058724fea81ff9cec027e7b93e2cee43af81c6978fee5faf6216118785251b8ca023115b2f87d5d4b10c29aa3616628ab40a8ef36668ef57d7f9be505eabc01947ca222362818a71b3d63e5725a4d8a2c619b1867f70daa07703360d026d6f65247330be1ba84ddaaa7779591ca261beda4f4c094af65c5c276fe3bfb89f067c8c54af67e78f61bdc114ed4aa869c3adf282d7a8e7272579e9fd9e47611e0dc89f97561110e0141c69b1fa114e27b3d1e2c825ea008a370e08cd0a0610edef20cdd8a7cda0922fff046edfd2ff391a10ffce5dd6045619ce9af6b03f4193d858a76b201ed5beb0f11321707b7b593b23adaee4a0c0caf39dfeebcbd2948030435dc94ca00990c728502ec4686194f0f454304a422023c1b2c5b1ebbcd8cd50fa2d11361e3bbdc306e2739e27de300eda27b1c1ea62d773104cea77c18037c6bcc76423621b45abbe789b384bfdfb46efa1627ff29d9d840bf6e1f05e7e13fae6383e42ce153dcb062fa0cefd0fe9298ddbe77fd78d7036b5a815504b48267203da08ca685bfe8ae89c031074bbe5d3d6dcc6a3a8a8a4d3102765c3b714867f4516df62f214351b97bb8b5697a9f9a9dd78627342b239c524a3943d1d70f8cdd7391f05e7395731a8fc05210c6733ea256040bbbb53389229b84dafaaa3db1d5eca2971d9e550149461f1a672eae2319a99beed48934520666bc54b63085a744b5fc9a9b089b16c50ae945f74adcd4c5d064a12a6e103ef59bcc035a755ad31836eb7d04e5900d3800c822b96b466a9f6611f46b8a7d6131f91c625a5604de5bf01e5ca5d99a714c8dc1160260010f8d55f9125ee453b61c911bdf0824caa804c76d6512802875c5433de9b2e8b6c579a67fec5d2bc64ed3d1c313854221b75c9a0ed42af6f5354e7b1d1bf8661baa1261e68fc20d14b5652d25a536f208bff2b90fefa163a232696e655bcf95bed39355ec865e272fed582aae18858f5096ece40b9108efb00147f9c2ced59bfe2a79826851850ed95b35908dfb4d9ab7da0668a1fa8933ac4f6534e9598481477791fd1a1c269011ac9fe81f0491790e8aac121ffc00e38a7619a1855e6899abc2c670375a3ba4ac0cf652da89a70628cee1a35ae17b3490102e3c88ca324d06fce2151bc9de49472cf6e76ccb16d2a9cbf4161812e2c7758d73631024190fe9b71935de6968b289d3503b497f3f4b6306446ae9c312f8f1c63c1f7e62652173d9ed48cb128815bd44a12061f9b73fbdc6674ab9e0d01807f7bcfa0aa59168420e5ad8b72d7b576e273a1d229934fce2867689a41cb17767cf9defe1a96515a677ba08e10e187a3ce2f1d78e6b43b0d46c36163a1967b203df4f53379ee98422e973ab5c090adff21b5cc84fc78358021f681a0f0fd744f687e4f6c295470bf8f548d2d3dc841481dd51db9124cacde83bc9fef44a3e69e1cb28579d897f3013ac6133395328247fdcc152e5563678258936576196ced017c79bb6a4ea501a44cb25e5af1697afbdb3abb316837470ffdbe985ac3967334a90731602d3fac4f5c2758f04ec9c161a7cf330b7c7549fb62e6c15d07a7203c94edd3a8141c91b2029d6a90b14322337e6610822d9d7bff58c10d9c6cff71822f6456a421a65fdaa5d2c793f256a4e7a39f0d85d65fb95479eff79345c0615c9bbb4fb3324f9360b70dc709b0200042e8461b8cee9ce30beab3e276df48f41f001262fc14153f9764e13b50397442e00d7b11266bde10a3b7f83818086ff0015409679e4472d9e0215804fa9d21cebfa5cb5099cf88750cbeaaf58c2743f2746ea4cb73760ba88a07b91b68553716d563af5d7702219d0c600916dc54242d825c6d68320baf234a39f0b9ea9e6a4a72c4d5829b2f28508f54b33c7e0394a43fe23e7940d9b04bbe790d903a2d2c979e0ea79931b934d094fa2d5948c05cf278c341d788f2061ff617c9fa4700b1e1f0fbfa1b8c42848f2ea01cd318a8748c3336622ead25527ddbcd8a12ba3a5183f4419deb13558ed0ec99e73448c21ede0dbee9c01fc7675e54c60d4dee29c0f8fe81af6fe7b726f5d3c50dac634aefbf1ca6aa4df1b340a4109acf30939f6094c8591218729788111bfde98cd96d4b04b25bcd1bcb7f826241995573bae", 0x2000, &(0x7f0000008c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0x16, 0x0, 0x7, {0xf, 0xcbff, 0x0, {0x5, 0x5, 0x3, 0x6c, 0x7, 0x6, 0x1, 0x6, 0x101, 0x4000, 0xfffffffe, 0xffffffffffffffff, 0x0, 0x3, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff, 0x100)

2m16.133524808s ago: executing program 9 (id=7800):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_SE(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4040001)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x109202)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file1\x00', 0x0, 0x824000, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000340)='\x00', 0x9801)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000080)='./file0/../file0/../file0/../file0\x00', &(0x7f00000000c0)='./file0\x00')

2m15.924865592s ago: executing program 9 (id=7801):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0xf4}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
lstat(&(0x7f0000000880)='./file0\x00', 0x0)

2m15.751195144s ago: executing program 8 (id=7802):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000083c0)={0x2020, 0x0, <r1=>0x0}, 0x49e8648f)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r2, 0xc0506617, 0x0)

2m15.462103249s ago: executing program 9 (id=7804):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'veth0_to_team\x00', 0x400})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000100)={'caif0\x00', 0x400})

2m15.456132405s ago: executing program 8 (id=7805):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x10a)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)

2m14.621844703s ago: executing program 40 (id=7804):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'veth0_to_team\x00', 0x400})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000100)={'caif0\x00', 0x400})

2m14.603163938s ago: executing program 8 (id=7807):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c)
connect$pppl2tp(r1, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x6, @private0}}}, 0x3a)
connect$inet6(r0, &(0x7f0000000480)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}, 0x1, 0x1}}, 0x2e)
write(r2, 0x0, 0x0)

2m14.289475711s ago: executing program 8 (id=7809):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_SE(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4040001)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x109202)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file1\x00', 0x0, 0x824000, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000340)='\x00', 0x9801)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000080)='./file0/../file0/../file0/../file0\x00', &(0x7f00000000c0)='./file0\x00')

2m14.024228814s ago: executing program 8 (id=7811):
unshare(0x62040200)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="080086dd0001110004000041a60c6e"], 0x7a)

2m13.643809514s ago: executing program 8 (id=7812):
socket$inet6(0xa, 0x1, 0x200)
sendmsg$NL80211_CMD_DEL_MPATH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x20000000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x90, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x1, 0x8, 0x6, 0x0, 0x0, 0x0, 0x7, 0x0, 0xff, 0xff, 0x0, '\x00', 0x40})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x78)

2m12.818680283s ago: executing program 41 (id=7812):
socket$inet6(0xa, 0x1, 0x200)
sendmsg$NL80211_CMD_DEL_MPATH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x20000000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x90, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x1, 0x8, 0x6, 0x0, 0x0, 0x0, 0x7, 0x0, 0xff, 0xff, 0x0, '\x00', 0x40})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x78)

2m1.708053404s ago: executing program 42 (id=7792):
ioctl$BTRFS_IOC_SUBVOL_CREATE(0xffffffffffffffff, 0x5000940e, &(0x7f0000000440)={{}, "31472094e0a840a486d95ae8814a1c8af02e470cb03bfa26b18df417244c1ecd9e9866e3a5400c4b492b1f16c67dca07d56e757053d77842580bf11a3bd083c81273f5b49d4b06cdd8d4b781134570fc44b7a9c81407308cd7f375931fb2130c0f2da109b67abe8e78dded7dcbec072e405ea0b98ab33c6dd77bf98c733d7ff84958c9c965469aa51629108521647b499ce9272e5defdf3d4818b17322178924e1a2270f93be23a8993b8efcdf19e0aa1b6bd534f37911dd6df8b2f099ff563ba26fea9ca0dfa7b947a3b0b3cf051b9fd411be6d73557fabe4078490167ee45731a0af140190e874f1097adc3dec3a8bd782b5ed3eea3ba480518444908b908ad9bf520bc627f7aa0b1bc0f64232023b555247f4ef27cdaf472aec07e6264c24d0e211c57d625e5d889b65de601590cf2535e1d9a1d8599cf72adfad6d64c96053854a8c354a5cf9301e4555de727429ee46ca90248355adff1ca62478285b7015c4f060a7a1a8c857682291c11ec68a47305a9cbbd36c191a0327acaf9a21e22922d179c9ff41774a63244f3013c3e349dedf30aaebb2cd081b3368c32bbe76757696bfa2b0c4dcd7834cead4665e3b4e9b5313220f3f6b7594fcd7a216329acefaccce9221b53dc455d67938daabf0d97a816aeef767097199ae0db1b00b8cb55c55d0d07229cf955c75f9287745b1fa0eb27e29f9adeffa298caa504f06606f5e48004a7f4fe191ecd2ca31af6318c8d46160030d0d9c8ee6c7aa84d120a224fba4453b1117150497833507bab56ad78e11b020184ac48fe798749ea3f7059f8972732eaeb5494f86b039b487f51042174d0f884de49bafd4fb0f726515a6710edbaa386428db865905286f94b34b9f5cd0a09ba1c75a554b8046dddfec6523ad14ffddc71eb5453a1aed2979a1f7519f922551414199833c7e601fb4dbd5573e937c7bb0b88ba1c09d46ae3427032d1f3faac6d33c9cd04c166c9de8726d69f0a40a8ee19eb7486312c8c3aa4472f86eb45782ce8f8db9bde149b6b7d3f448a344e6b0899d7e33811fd0712dfaa876dd8bb2c0b0af72e746d09811b19c2754221e463d4ca2462a89266bc430fa22cc44933b795b5cbdd943dd6cc987eb0588b2710140abc655403e9996af9f70f4b3e368189bbabdfb1c882899b4eb11e60a86a21241088c3bce0ac3d560d82ecf875476b15e6a53359bd4ca41c44511cfd09522143780f8f0b76fcb3e4175a06af8b803cbd206136f067361eb4ebcb9842db1214e02fafe4ff6bb2ae05c6eae129a0487b5d8366416df24e78752f3daf57d9b2bc86fad3a71b7c9925dd393ddc91c21ceb700d05eb8a747e5166f09a43dc71d7fe64b6e9b9305f2ded78a6372ba9ec48c60ddfafbb8bb700fc262e48c6d95cae87d56c346d9f0dd0c125d7a9b1cd327d3eed16256a59a66eae2fb30a3701f0c9c2e62858c87f53431a4fe6fedeac2a73641557cb817db2660c881f6cbc81d9812255c2f992013afbd15477478c580091d5ff9a7b537eeef4b4a47bb2c265009b3398ac48a525892825011fa9d0cf5bc05cb0beef887655ab4142567399d2dcf55c031ae4be4226d9efbf1275ddaa331f52621451d86d67f1a500f6117c5669cfe3edce91b18078aa968a6032691123e6142664cbe8d378e2fc88454734e9b0d78b5638d7fb49c8f5e9c0e47031d0dcaabb3155449ea46b3d804c2e8394ed7f8cc071b28ace512ac6f54aa2254449998bd1b8813c9f0df8639bcb677c99667b2c46a28fcaf40f3d55d393c04dcde0c28ef39bf975cc9166e3e2cc63850f35b66a44e9f8aedf86638ad98162334d0905fb663019e225cd40ca0ce8c71dd56db67b2c422f334017aeeee2473c569c337d1f094f4ebbc52def4f973cd1a69c068c5efcee99726e8b90dbfbd784264a204dcbb74e93a377198282b9301ad21f12f13034217ad3423108bc579451f8905e2c00ace1c8d6b2428ffda6883dc2de58d153335d1e89a5dc57015caef8055cba8ceb49af899e438a02f235d54b8ea3017b451a24bf2888c97fb648fa0b223fba212bfd61fb7c31a8866d022e12016d4b22fdee3340e44015912f11a7a62533207dac39e0d2f98b2587498be1064a781f5bae6c0158663bfab0967962a6589639aef689ca08c128f65da5caf2c17fa597937f05ee7fa091493a9cb11bfa4026c14291da41ffe43953f4b4e1ca1bb60fbee104502d19c32274fb2e32b31ff2b7b1a68c88fbe1dacef718ab05109ff33fe8d204f46573ac5ad30eb0756ee69373ce83bb3c130403cc04fa4f0baee1bb284aea00a1ef976c12ca5c9cd2a03ee98e399655458bfd0c510497154476f10e8a69ef4e667feb5ae7ed3e51521dcfba1aeeeab752ddd8720884c11bb5d861ca7a6d45b073f5f83eb3dca23803557f2c4e0ed1d805d904379ede74c0f8af7da5051caf7d3f0846a9be5882662c14a3efaba05a856002851941b807462007b9127b9cf05199f8828479f3c01dc3ec137f5bac057fd4c0dd4149a4edbd1ebea9eb3257113a5cc2a2040ae1fc3766af73034072325eb06b230e450c86cae8ef9f9f3da64e13039cdcce35542af9ff93ff500f994ac2bcd169b8c12ae896e9aa2fb95932eded2f08c6d5d9fc4cfc3ed55e5dd40267c590fdeb404dc1c6e17ce8f3e5c92a38c8a534c1e38a2f9fc3c07de22ec42e365030bbc1bd3953846975a9be045734b4c29774cf4d13ffe3896c70dd8d320788f89da53bb088d73cd59e33b46bb0a73de795ec4046fd9960bce339feabeab838fd0f17996f48465f6b782e278e4f4f4f060980bc5668a78adc554aa80e03312d5c6ef7ef08fc4e5628ee59e782488cf39dd28e8c2ae5a8c963e5281d15dd08783a012396d61e8cf605f31f7ab680d6e11f9483f9561ac95b36a729e0e99563730e9c483ed3bc814f0e5578a0e04e63702081f14f7323e62b98628f04c2bfbb4287f3e69657f3bc9da6db05de777f6b47a6c4154795a381b152099002c5e3083977b727d9efcc27a217eef04503f577816db4109e8c99785e87fd77391ab71bcc031aa518fb478ed4719dec33e1eda522968d5a8ef4323481c71c95ac75c5fdb13dbe794f9e442caaf8a9fc740d66140c7d6e115186839787a23474c7382a44627a0aa9e00c5be7d87c6bd4e516f6d4c8dadc9673bc29a4d3220ba707a5c7e5949491f68d0d5b0fcccf4356592277f27f83cc4a52c6f63aafb836be1402613334466bbaf084bfb6b47f3c46e2878312c8ec3ff9525aa2c0c5095b624bc8c552aef6f8a8cb98348f8a53d624def60644d0a206e2f1fd3c4ef77b2309685c8098e8d023070a912b2b2c5ba02ba1805fb01cec70867b105bc3da6192fe853a1374db1c779156813a913ed000a37b352d0432863a593bd4d1c85f18b761f3857627d631c8e72ee389104337679d0666b1052edfafe7634e4f6278d4159d4c338b2867ef67e713501f1acb6b714c4f05b8a3ead046755f199a8118d9ce085a580fdde9ad7b49519f584a79049b286a8062530d07aecc9d6a3bebbba8ea5df3b9452d34f996ae53bd1fbe0e58dbc9bb6eea8ca82c096143910d4e99293010e39b3a00eb1d28f80adbae23003debfb19d4a99f1aca32abf1fe2e2063a7a93af2dd3fbc1fc803d9589a91022c3d2782f09b080468a877a4ff343fcf6befae7e32d22723a14fa9e5fbfe3b9267e5c50a9ba0d98436cb5ebf31f039e49f1173bd417e88c7ea1e00175c89ad41c9cd810db5060104947fa060f7714a95c7e5f9e19d10a89002dede793ce86620c6b481684231f8e6586833085a42c9b4b8a5b67c5fc622038d22b6463f570aed1953e9e404bbaed2df3bf4bf7cb6d1d06cc4fb7402320de22b920810652b413ca907ca130c4fcf813b9dbe19d5eb17a6d2767bc43311ac3e6627bcc7b7d4f9106d59852e4fd15e77b3b25415a285e191851afe783f715c9bca66a548ff87cda8373325a42e59af468e492e7a8e8e7325d534b2b33344190c09156422b84de6069cdf7c9e51e9a1f896fc5e7785824f743427e43f38c8709c98faaef4a25a33fc8eaf45f7a0bac496a76d99fcbce228db5aaea3e90cfce41dda92865f43e1a6ee63cb586634c48141b42a075261ff4a624b253fccc67a58affb8d186bf93c00d4f9ae0ad8e7a365794219c1d06679276d9be9cdf9b4d2dae1c68b7f4d99857df60058c157fcbf763ee00da931668b1ad54ebc526f2e283089ff46cd5b30b75800a07d7876b93f46406855fb33f536e390455079cda87277a5c30474ecfd6f0b6aee3a13722af426cb0e160f2016074761f472e6c161cb09c6572ba96765c1a0bd0cf6674d7df825477c00ec04629a18e672053b7ffc3e2798e3f9927019d6d8fc2a606d2d43a5a71613b7d1f19cf43991af872d60579716d6f22daab22495304ddd0fe19f9e134528c8925be295af98cd15cec02992dabbbfa3d06594d85b15291936a9cdbdb69bfed80d3e784d62121a861d065b337470a109b7f36fed02f166af62b83057de7eb1487322179038fb6cc4981c3dab0ed706c8fc0fcdcea21b9f4350e459aa9e5701bd253aa13dd36a0d07841602c68587604ce014f5bb03dce4a2cfca07752f2cd4f99fa7c4cc8b5d1ff6aa6f159751df592f36cf382c5b57aa54d6b8bc0fa168c01e061cdf2fc713b40094a663484cf7a3fdc46c4e8710e460c5ee66fb8d00add8f25bdb262e47921d82086a798f8bda40e97411412fa3d6b1ee4c1837cfcbcf6336a203686b318dbb72a624a04eefd41d3dc07f99d6860496eb34a56d41a60eca9946434d381636b568cb782110faaf0f8f7ddb5b6a6357d0004b72ee73421139f8d25ae4234b80fa6ddbe9ed11c6b2a5144c2ff6c62378aeea02bb5834e56d079d683f78e23c77259e83a1e0f8d86b07bbe767d471d4258a0c0a9fbce87fa57e6452e8bcafe78d664df739f1568eac21a433748e92e4b1ddd86fea5ad757c74b8a443276f505762819d29c9071cdcf2862120ba100cd6046bdf17346c8fcdb1162f10735a153c8e39412d06d9eda832f5b8d43b654adcd140cd1fca322be8bd7a19705c2d9a1f6231d185d8523cd8a9d2fcfa71bdd8658328b0a7f23a8c5cc3296d4b8068813442c026809b0aa37718267ab8f00c7669c6be586285f9465aae2334cf085911df80909d1f607385b7c65e632bda90ee8c343bbd018e61936322b106b724de57349c9d53bbb7f1caadb05338b4264cb0c37bb5adaf92d82b8ecd66cf63dcceaffc51826176302ef4bbc5f35381a641e227a542580133ff44df133aa17da0d841aa14b58cc342297a42f595ec9f7c117c510a69cf7b4f7a7e28d843ed2bbc1f0b4ff47eaeebb2dcf57f8d0f37db42f89e66c159ac202f46ef08f179b9439abd9fc3a24eeda3f2e459ff3940d62bed5d7cce30c44787c7b0be5ec4054963e7189cebac4a822e4c328aa2ec8c7b69cb0d6a686a8f2e72fc2a45092742cd79473973a964eecea201675782eeb79661ce461efbda8f2cb14095213078f88747abec7db1aacf09bf960ac9c0998b6af8b77a6757ebde760dd8307d6246ec1c158ebe0a0f6554c26499861f3871baf31bca1f1cc253805fd738b4adc0e01a746f3bda648b7ba518f7b381d56d62aa6dc801442ff86b04cdb74b4a8fe1655a57885527a54e7e32fada1242aa35d80a185633460dbeaa186cbbab764a8ee182ba9be1b0c98bf8e7286d4c6be6a9791c06ec981f56953e94a9636f0033c6f963932f6965c011c0a993ca30bccca083b0f0368ab700f763"})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
write$FUSE_NOTIFY_RETRIEVE(r2, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
chdir(&(0x7f0000000100)='./file0\x00')

2m0.306027521s ago: executing program 1 (id=7816):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$fuseblk(&(0x7f0000000240), &(0x7f0000000100)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x1000}})

1m59.819505154s ago: executing program 1 (id=7817):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x802, 0x0)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
getpeername$packet(r0, &(0x7f0000000000)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000001c0)={'ip6tnl0\x00', &(0x7f0000000100)={'syztnl2\x00', r1, 0x29, 0xf, 0x4, 0x0, 0x18, @private2, @private1, 0x1, 0x8000, 0x2, 0xf}})

1m59.377162301s ago: executing program 1 (id=7818):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000640)=[{0x6, 0x0, 0x0, 0xea}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
sendmmsg$inet(r0, &(0x7f0000001780)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000680)="48ca8b98825ad05ecffa939c1c3f3abe962e289527340a9df3ca6a2d07954526dbc1734e9a6e1e26e4fa634d92009ed008cc3a7e5f36b40685bae810134441fdc3d3a30034038c5ae30a2ecc9ab1e87c3783b1f44bf73bcd89aa1fa45ca62dffe4e3863c445fa43350f4cb136cbfc130c556a37442fad8258458834fc01cbed5a5a48487795104f157aff0", 0x8b}, {&(0x7f0000000740)="97d17744aa9566d244b4a6a7bac3043aad7ead0625c7a01517485ca1171e2d8b21659736b5247ad8288fdd48f9bc2cdf7ab29c70255fbab7766e6e0d0d3fa89bad35b4aed5a0965fe952f739534fd4b4af3050df9aa7d23396b9d8f3b227083db9ab8c639c9ee9792923dcfe9d05a323c798", 0x72}, {&(0x7f0000000280)="d0dc81873ef03a796b2a22ba029070ad1380604c9fc692", 0x17}, {&(0x7f0000003080)="a215c0add719490a88f0d497e7474605b479d0bf7c45bcd50a800ae0c7e17ce91084d3491f6b2184392d7888e788218807041334ac000b350bebb7807372730252929d527debd50bf4ed68741fea46196196d35252a3a0619c272fde934ba108207cd2e8f77f385b23a855432b2264e437d9f5ee1c86e9d799a5ec523385469331", 0x81}], 0x4}}, {{0x0, 0x0, &(0x7f0000000980)=[{0x0}, {&(0x7f0000001a40)="f6ebd69cb61b04dbd8e4dc5f132da95cea069c4cf1c50489523f8e2bfaf472441fc9ebaebd435dc0be7c9fa1dae115b46dfffa947c43edc40e0b95cc166de9fde1ec361ce6d6a73600b2d484b8457469b28fb04cb38d8a13e483efc4f4102fe6accce43ef76ae1bf1f34d051501c250a10a879323c67e9e14be35a0ff24a9c56a06c2489f5068b43198feed152c7749f5368a07f20c68ed5192c6c90d48e69046294b1b97c873d09691413243175e8e0091e5b5d8f09f771e2b5ea45f1806a77788434c435e029e8d6c3eb8dd5ce365c52794fdeba397f17c239169772f93af2a9044137b11b0e2e8e03996120b5bd749ee87140dd44a0a2b7472470809acd7a635e842a104ce4ef522cf1c29a602ab806adc85d00bc0bce12d80aad3c94b4e84d25800876137f071ac2eca2ab5b41110bb1b92d7ead272e52679b26359424687374065f02a29a37f53fe6c611953c3fac4898b32df7435e0bca7fdb5153bd2c6b90614e6d437c7b0f0fdf132d6cf57a7225d52116fe404d4b7dceb4a332e623cfa298623cf64728dc66104bc16c799341c5182da780e898bcf71a3561d8f3c60b4077fbb83fdffe581e5f4dfa6497c1a6a7b3f616e22322189ea75aa4960109e0ea55d2eec2646f7339d35d70b0890624bdcea5e9a6b50530005beffd3a74204fcb754ecc7b3b6328b0f586d4ec3a680c2ccba4fae25c93646a3a511d214429338a531b7c97b0e71fef2b65325b651bfb79bec3bd983955e3a6ae6f25420373b705cd5a0ae4e88b0cb798dcdff1840e9c223afd2c2b775ec47d469dbcfc3291351d158f29e91bb8e026a83c3e1119f354b4d6de223fc3841d43b0fcb5ec44322b83e54fce32d21b42e82a9309fbb0a83307dd531372cdcebb9e3ada079fb014445dd3926473befecaea1fa995b8e65422c93715a52aba5634713227b9ab695b7f77e2ff044fb7e94b917cd37ad642a555bb8d2b884252c48147e3545d2a4b448e8be5aa61f7a14257e9f0f777c9a012b15a1c9139d8a4af53cd48c5a70c0729734947c3ac75eacf941fd1aeb771d9c789f04a95155b5154909441ca153df09dfcbde5472c37ebc5a8788e6cc606014e478fe7e2257309929c09351de59cd3de9f2f3ef3a4e7801019cf34833d5c9f55ed06e388948afbaac5224f0bd51ae32d13de5aec183b5906615ede66537a70d07aa75df2d3ca8cd2ff049728d60b8c7d52d8dee72b062e16b00e064a5de0a44ae0f3e0e50cda01e5f44d966727bde3fdcdb40f53669379e790a841e63549b1bcc6fe8b523f8ca110666611543dba205ac9282839b83f62af961b3743bcf5eb16a4182b10f647aec2b4ca6dce273803ad36b70afa6f04be62d3605b11c053a4bd6963adfca9a145edc0259d93295eed70b44abc59878101801563190a3121a049ef8b77ef44950ea7c6af543387aa37e40800eb03d5f45aaa73f0e23b2eacff9744afb4fb2a4f5a04644fd23302c80fe1389d61d6a589e27ccc7067a5ce6fa2f79b6ed5279a59ecb11074bf31beb27dee216255b003cfed235abba923f70f82f059de8254ce74cfbe709cb0fc8898a3a45acdc2d98a83b1abc22b69c9843c2787f6109c9c7f655c12bd5e7e2b8d60535c50ad4eebcaf4650d9c8d297658abcc802008b13c7edef23e65d645fde267dae6d9db8db53c5b4481370ea24f6657ae740ea0074b787cc47ff24617ed30012816998967f942c963f0abde5d76c9d7e036b4130a1e6c3dd27a010e3b62b17167e91b3df5126f679f0fd7dfce334b10b20f3aeb60628342d735f2488bd2b69b7c20c0d18b7b3efb7e59384383ce09c9508da0952c744627b8dcf15644406579f18d23295a15f3cc92b2ee54474afda3dac13c552f9bae4938354a15360eb2d5991541e332819d852881d0e22376a3977a06df6bf86a0c54237eb89b85be61e8ac7fad3f26ae8cba397736fe0977028ae6eb3342b0e74d93164eb5f7494f66571ac6b734034083007575e1f1e2bc882cb641623336e275c59e2a30ec98ff913cd9df5e7af4c977d8e5549c443d99785337548d36cd617fc82e4386ce36795bf3d4004ded873252a692758ef89175cdd54b08097a6f73d443ae583e42458534acd5aeebc46771b1e624632242f570ab622d2ee8a68f359e11780676e8340ced6c6b7b38632518a1e6f16e502a8c47c8a1b12038ebe181c3edbe3223a611aa060c768744aa8f9c78048a8c3c4d6805930a375af1d02503b639b952d78be871a8ea148f0cf8afb71cafca4d99631f672f531e88a1b8d27716ab2cef302416aa21da7c8206cb6fcd5e66fe966f9ad7b46b617ff02f613b51fee7bf9ec709310b3f126c1f88951855713010e2be1c9d17bf094fb6358c5c9e9970b186eaa123a06f051ad7a4b7e339b163e9f9e5d9108f0e142c33bee0cfc33e469755f14c40c6311bf79221501057e43074f06ff098bab5827acb10e9890697aeb94fd30d241ed521319bb65865396739514be568b99e30002cf5b69c01e550a4258a396840d8d786490609755bcb90e293b01418389a649be1791b3fae9d946666e3b46817bc49f1b84ba99fe5244a26de6a11811cda82e7432b9b4fc8fcd94b7f8b9b78af1a76fbf45297e7e2956b56489132a6be34825af94e7b6c5a33f9f4e5bd962436d603ab73df5a2c33117295046532b3f3207371681c17333fb5f51742f0edb4da3c2d5cefa31a8a772e1d9099adf30e532eaf1ad3a874b830c79fa9665af7f42b50ed581f9099670ef923c2f182690d17c638e90bfa439d21ef8ed5e1a1946b977278bb93da72e58f5c7e78bece53fac3435017072bd4d2385debfb7f29e8b83fff12d0493200142a0c070c239b41b6caac4a8c6294cfec3adbfe056481387e674bda09e08a70ab6678be35f8c1ce7701b82b0edad73dd7d6da94be26197f4b92948e389c2e67a272004427dbf4db45dde59195f9c1c51913b968f97e1cad5707508757952eef02c07ae3feaea1cd90e85b7da429dcf9271c81a6e45cbe7966b3aca0edd532b1a084fc19ea6235e7226cff78b4ccabcb3caef6fe31c7280b435efa2deaf9acc6a7cfb8ba7fa47f3d56b96e4765b6e074408e2d67d6e37139db80fb19c3a9e0a0236f4d776af7ffbe175c5aa30ce0c0496cdf25a54fb122a77fb738a1b56b12c5b26b80568d6c513c6c1f02d3f8acc33cae368d433d1685d785060355bc3690c0ec28a98dfbde3d4686d0fe0861867ebf5cb2c37db8930e3c645739b16564074cb326ec3ee8ff4a5b480e755f063c9e6b3f6ea4bf558ae90e0f3d32d422a0fc284d2fbb0b08af9609180647160803ad18f0a90aaffe76af020063b306c330b0192b527bf3b945648467f53751b44d4ccbf1e8111e0888e80a0e68bfe2c6ab325254f2ad633a9471d7b20117488167f172603e19627fcd179effdeb5f030ff764bb160f91ddc9cd8aa281ee0e2701594fb8fa3a803390b3ff7ed7130693bb74ec856d5fa83b0671518f71002561312244cfb5668415c278d24f5ee5f0617eb3aed7c7d52baa9b5e3d69b9f2baa09d1834505686198987d5a0517a94d5fc39bc64db3dd531eddea09942bb4b51d2964ab48f0b4c753f356d53271d6bd5727f220e6cd56d6866e3bfc1b542b9022bc5fa8a46ea2b4c1208994b5f2ba8631f2e1af84fa9bec1c7d23dee4d2528e49db4e75ce60ab1ab78a31974e49171818603b03c242fdb016d399b865ccacad3f6957009c54065181583a7de2ebb2cf41323ebdf73169a64617ca56600bc693cebc9de80a292f866c8a5314bc69468f50e4b0ce94e46083403e74a95d7be4704ae9f2c58f5f6bc8f29cf94930b179a538779f0596bc0987a6b1dbd8cfdf49eed49317b175e4d87cdedf6fe17ccca3b0ef2c45c3c5d1f76f52a4920eb091f46614d2c2b7779b737c8381d2c0273496cd15a3b6982a15bd22e03c17bbb1bf85f0b215a40f07dbe0452a024f23e51427cd79c60905ceb73e2b314af315ed8ecb7ac937e83b8cc6f2fc253790e27bd38dcd458dce255a10eef8412e71c500d4f58e7eddb61d5dba88df2a3303fb64ead5a84a806b0e62f60a391595c8781d1e481f7a9edffa6075067a69aa", 0xb56}], 0x2}}], 0x2, 0x4000040)

1m59.230760014s ago: executing program 1 (id=7819):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_SE(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4040001)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x109202)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file1\x00', 0x0, 0x824000, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000340)='\x00', 0x9801)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000080)='./file0/../file0/../file0/../file0\x00', &(0x7f00000000c0)='./file0\x00')

1m59.0178938s ago: executing program 1 (id=7820):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
pipe(&(0x7f0000019480))
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89101)
socket$netlink(0x10, 0x3, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r1, @ANYBLOB="05"], 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
openat$rnullb(0xffffffffffffff9c, 0x0, 0x1cbd81, 0x0)

1m58.305550052s ago: executing program 1 (id=7821):
r0 = socket(0x8000000010, 0x2, 0x0)
ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000040)={'vcan0\x00', 0x1800})

1m57.675289027s ago: executing program 43 (id=7821):
r0 = socket(0x8000000010, 0x2, 0x0)
ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000040)={'vcan0\x00', 0x1800})

15.492823542s ago: executing program 0 (id=8176):
socket$tipc(0x1e, 0x5, 0x0)
write$binfmt_format(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8000040000000001, 0xffffffffffffffff})
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r3, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

14.966055581s ago: executing program 0 (id=8182):
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000100)={0x0, 0x0, @ioapic={0x8000000, 0x5, 0x6, 0x100, 0x0, [{0x8, 0xb, 0xb, '\x00', 0x9}, {0x1, 0x1, 0x1}, {0x44, 0x5, 0x0, '\x00', 0x10}, {0x8, 0x1, 0x9, '\x00', 0x9}, {0x5, 0x5, 0x2, '\x00', 0xb6}, {0x3e, 0xc, 0x7, '\x00', 0x1}, {0x1, 0x5, 0x6, '\x00', 0x7f}, {0x8, 0x80, 0x4, '\x00', 0x81}, {0xfd, 0x4}, {0x3, 0x0, 0x4, '\x00', 0x7}, {0x8, 0x5, 0x5, '\x00', 0x3}, {0x5, 0x6, 0xc, '\x00', 0x40}, {0x2, 0xd, 0x7, '\x00', 0x40}, {0x7, 0x7, 0x5, '\x00', 0x2}, {0xfe, 0xd0, 0xfa, '\x00', 0x2}, {0x4d, 0x9, 0x8, '\x00', 0x5}, {0xa, 0x5, 0x83, '\x00', 0x4}, {0xe, 0x1, 0x67}, {0x5, 0x3, 0x6, '\x00', 0x4}, {0x8, 0xff, 0x8e, '\x00', 0xd1}, {0x7f, 0x7, 0x1, '\x00', 0x8}, {0x5, 0x1, 0x5, '\x00', 0x3}, {0x5, 0x2, 0x40, '\x00', 0x1}, {0x3, 0xf7, 0x9, '\x00', 0x6b}]}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x82042, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
socket(0x10, 0x3, 0x0)
shutdown(0xffffffffffffffff, 0x1000000)
fchown(0xffffffffffffffff, 0x0, 0xee01)
pipe(0x0)
fstat(0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000000000071000040"])

14.569471502s ago: executing program 5 (id=8184):
socket(0x8, 0x800, 0x81)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, &(0x7f0000000600)={0x44, 0x0, 0x0, &(0x7f0000000440)={0x0, 0x8, 0x1, 0x7b}, 0x0, 0x0, 0x0, 0x0, 0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x10c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x30)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x2000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x142)
fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000080)={{}, {0x1, 0x5}, [], {0x4, 0x3}, [], {0x10, 0x7}, {0x20, 0x4}}, 0x24, 0x3)
llistxattr(&(0x7f00000006c0)='./file0\x00', 0x0, 0x0)

14.488825793s ago: executing program 0 (id=8185):
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454ca, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f478e"])
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
getsockopt$packet_int(0xffffffffffffffff, 0x107, 0xe, 0x0, &(0x7f00000000c0))
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r1, 0x80286722, &(0x7f0000000100)={&(0x7f00000002c0)=""/162, 0xa2, 0xfffffff7, 0xff})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0xdb, 0x4002004c4, 0x1000, 0x2, 0x8, 0x0, 0x5, 0x0, 0x9, 0xfffffffffffffffc, 0x6], 0xeeee8000, 0x2113c0})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = syz_kvm_add_vcpu$x86(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x50})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000004c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13.838792326s ago: executing program 0 (id=8189):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0xc0002, 0x0)
close(r2)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYRES64=0x0, @ANYRESDEC=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000018000000006574683a73382948805392610f64a0a79c0e530656ce07931c3d9e58aed8d8ac6c95132a95797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x40001081)
close_range(r0, 0xffffffffffffffff, 0x0)

13.752533741s ago: executing program 5 (id=8190):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000000480)={0x2c, 0x10, 0x1, 0x2, 0x25dfdbfe, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x7}, @nested={0x4, 0x11}, @typed={0xc, 0x10, 0x0, 0x0, @u64=0x5}]}, 0x2c}], 0x1}, 0x0)

9.639639818s ago: executing program 6 (id=8203):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x10)
sendto$inet(r0, 0x0, 0x0, 0x820, &(0x7f0000000100)={0x2, 0x4e21, @multicast1}, 0x10)

9.21736002s ago: executing program 6 (id=8205):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
getsockopt$sock_buf(r3, 0x1, 0x10, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000002bc0)={0x0, 0x0, &(0x7f0000002b80)={&(0x7f0000002b00)=ANY=[@ANYBLOB="240000000706010100000000000000000500000a05000100070800000800064000000005"], 0x24}, 0x1, 0x0, 0x0, 0x20044010}, 0x4)
connect$inet(r2, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10)
sendmmsg$inet(r2, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e02, @multicast1}, 0x10, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f0000000080)}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x1}}], 0x3, 0x20000000)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r5 = fsopen(&(0x7f0000000140)='tracefs\x00', 0x1)
fsconfig$FSCONFIG_SET_PATH(r5, 0x3, 0x0, 0x0, 0xffffffffffffff9c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
sendfile(r0, r0, 0x0, 0x7ffff000)

8.820929004s ago: executing program 6 (id=8207):
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x910c6369b34d9ce4, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r1)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="310300000000000000000800000008000300", @ANYRES32=r3, @ANYBLOB="8cc369d2f006be7ab6135a8ac1c61207e0e63cc045a92a1345c7ee13a8d1f6"], 0x1c}}, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000180)=0x4, 0x2)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000000))
ioctl$PPPIOCSDEBUG(r4, 0x40047440, 0x0)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r0, 0x80089419, &(0x7f00000000c0))
r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x66002, 0x0)
getsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x50, r5, 0x2000)

3.566222566s ago: executing program 2 (id=8215):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000006c0), 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000002600)=[{{0x0, 0x0, &(0x7f0000002080)=[{&(0x7f0000001080)="75e093d731b4b278125336fe0aef805e09850d119f6379a0e6a44154f07bad81afb0587618562c9522ba0c39c7c4a5263fc606be871b17de94b7b57363467e8ef243367370053bb508af8459fe3994d400b85230d639b3643a67de2c7888491df44c7f4146cadab7097b9969ad910392819e3c057f29f16000edc33254ce4bebb872423cf25e944c9fd1d8ae1bb9b4cc4733b67b1867adc84b5c9be19116e0374e57ab714bf2024e481081b1485a62b6b9cbc74fa3674238e693816c7ed2979fc646300daf301b04a632606e594bb534211ee651a7e702d6890e7d71710f2fdff51cc5e41e26105a884fe9c16211e0b2bf71a8fda27f6529f3f0b72151b68f2796835fce69931cfbd0184d32811af4dff048e7b3c2", 0x115}], 0x1}}], 0x1, 0x4008844)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000001080), 0x0, 0x0, &(0x7f0000001180)={0x0})
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000700)={0xffffffffffffffff, 0x3, 0x3, 0x0, 0x7})
mount(&(0x7f0000000100)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000240)='udf\x00', 0x808000, 0x0)

3.30134317s ago: executing program 2 (id=8216):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, "7f12ddc1517600000000000000000000000002"})
sendfile(r0, r0, 0x0, 0x7ffff000)
syz_usb_connect(0x0, 0x5d, &(0x7f0000000b00)=ANY=[@ANYBLOB="12010000551b8920b822276080c20102030109024b0001000000000904000000020a000005"], 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1, 0x41)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000001ac0)={0x0, 0x7f00, &(0x7f0000000080)={&(0x7f0000000300)={0x3c, r4, 0x1, 0xfffffffe, 0x0, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r5}}]}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xfb2e77a8993c1937}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xffff}]}, 0x3c}}, 0x20000000)
epoll_pwait(r2, &(0x7f0000000040)=[{}, {}], 0x2, 0xfffffff9, &(0x7f0000000080)={[0x8]}, 0x8)

1.610442772s ago: executing program 2 (id=8217):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r0, &(0x7f0000000000)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, 0x3, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x1c) (async)
r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0x40405514, &(0x7f0000000540)={{0x0, 0x0, 0x4, 0x0, 'syz0\x00'}, 0x0, [0xfffffffffffffe00, 0x0, 0x218, 0xdaf, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfffffffffffffffc, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x40, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4000000000000000, 0x2000, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xff, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x750, 0xd1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x3, 0xc, 0x2, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x40000000, 0x0, 0x0, 0x3, 0x0, 0x2]})
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x66002, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r2, 0x2000)

1.257950084s ago: executing program 5 (id=8218):
socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x4, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f00000001c0)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x145f, 0x212, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x8, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xc}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)={0x0, 0x0, 0x13, {0x13, 0x0, "a7ea3163fd3bc518194b120c1e73d54cfc"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_procs(r1, 0x0, 0x2, 0x0)
unshare(0x22020600)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz1\x00', 0x1ff)

1.25760784s ago: executing program 2 (id=8219):
syz_genetlink_get_family_id$batadv(&(0x7f00000021c0), 0xffffffffffffffff)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x9, 0x4, 0x6, 0xfffa}, 0x1d, [0x1, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x2, 0x4d, 0x39cc191a, 0x5c, 0x9, 0x5, 0xfffff807, 0x0, 0x5, 0x48, 0x0, 0x2ab, 0x4, 0x7, 0x4, 0x3c5b, 0x7fff, 0xa, 0x9, 0x1, 0x1f461e2c, 0x7, 0xe661, 0x7fff, 0xb, 0x3, 0x7fff, 0x4c74, 0x80000000, 0x800242, 0xffffffff, 0xe, 0x0, 0x71, 0x2, 0x7, 0x3, 0x2, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x3, 0x80092aa, 0x4, 0x1, 0x30000000, 0x80, 0xdee9, 0x7, 0x6, 0x8, 0x800004, 0x1, 0x40], [0x4, 0xffff, 0x12f, 0x6, 0x10, 0xfffffff3, 0x4f6, 0xcb, 0xf9, 0xd, 0x2bf, 0x5, 0xb933, 0xfffffffc, 0x3, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x40, 0x1, 0x0, 0xfffffffe, 0x0, 0x4, 0x8000, 0x9, 0x3fe, 0x401, 0x6, 0x4, 0xfb, 0x5, 0x8cd, 0x5f31, 0x4, 0x900000, 0x2, 0x2, 0x9, 0x4, 0x9, 0x8, 0x5, 0x6, 0xb, 0xa, 0x1, 0x9, 0x9, 0x2, 0x7f, 0x9, 0x1, 0x3, 0x9, 0xffffffff, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x400005], [0x6, 0x3, 0x80000400, 0x2, 0xff, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x400, 0x800001, 0xb, 0x5, 0x5, 0x1005, 0x0, 0x1f0, 0xfffffffd, 0x2, 0x86, 0x1, 0x9, 0x6, 0x9, 0x5, 0x2, 0x2, 0x800, 0x8, 0x5, 0x8001, 0x7, 0x38, 0x800003, 0x440, 0x80, 0x3, 0xcc52, 0x950bfaf, 0x1000, 0xa2, 0x7, 0x53cf697b, 0xfffffff9, 0x6, 0xac8, 0x3f, 0x10002, 0x40e, 0x7ff, 0x3, 0x0, 0x1, 0xffff, 0x1, 0x6, 0x1d, 0x7, 0x3, 0x6, 0xaaed, 0x4, 0xff], [0x81, 0xbb31, 0x203, 0x8, 0x5, 0x1, 0x6, 0x5, 0x0, 0x3, 0x80ce7, 0x1ff, 0x3, 0x7, 0x71, 0x1003, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xe620, 0x2, 0x2, 0x1, 0x2, 0x14c, 0x9, 0x6, 0x4, 0xffffffff, 0x80000000, 0x7, 0x8, 0xc6, 0x2b16, 0x0, 0xffff, 0x3, 0x40000004, 0x100, 0x20009602, 0x4, 0x2, 0xffff, 0x6, 0x1, 0x10080, 0x6, 0x8, 0x30b1d693, 0x5a2b, 0xc, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
r0 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000a8d0}, 0x0)
ppoll(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0)
r1 = getpid()
tkill(r1, 0x2f)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x0, 0x0}, 0x10)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000040)={@my=0x1})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
syz_io_uring_setup(0x2, &(0x7f0000000040)={0x0, 0x800389b, 0x4000, 0x1, 0x323}, 0x0, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
close_range(r2, 0xffffffffffffffff, 0x0)

1.137453065s ago: executing program 0 (id=8220):
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="817bb97cdac2f8f819447aa4a50c293af36b43cab2641b7753df26944b52221c70", 0x21}], 0x1}, 0x24040050)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f478e"])
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, &(0x7f0000000000)=0x100, 0x3)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9, 0x0, 0x7], 0xeeee8000, 0x2113c0})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000300)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x10000, 0x0, 0x2}])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.097598661s ago: executing program 6 (id=8221):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
cachestat(r0, &(0x7f0000000000)={0x10, 0x9}, 0x0, 0x20)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
fadvise64(r1, 0x7, 0x1ff, 0x1)
sendfile(r1, r1, &(0x7f0000001000)=0x7fffffff, 0x7ffff000)

899.211157ms ago: executing program 6 (id=8222):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r0)
sendmsg$IEEE802154_LLSEC_LIST_DEV(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000140)={0x14, r1, 0x309, 0x70bd29, 0x25dfdbfa}, 0x14}, 0x1, 0x0, 0x0, 0x20040080}, 0x40400c0)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)={0x88, r2, 0x0, 0x70bd27, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}}]}, 0x88}, 0x1, 0x0, 0x0, 0x203d5643cac9d88a}, 0x800)

778.893648ms ago: executing program 0 (id=8223):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000010bd28710000000000000109022400010000000009040100010300000009210200000122050009058103"], 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r2, 0x4030ae7b, &(0x7f0000000080)={0xfffffffffffff000, 0x5, 0x1, 0x7, 0x3})
pipe2(&(0x7f0000001040)={<r3=>0xffffffffffffffff}, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x84000)
tee(r3, r4, 0xfffffffffffffc01, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000040)={0x4, 0x5}, 0x0)
syz_io_uring_setup(0xcbf, &(0x7f00000000c0)={0x0, 0xd94b, 0x40, 0x3, 0x256}, 0x0, 0x0)
tee(r3, r4, 0x60000000000, 0x0)
r5 = syz_open_dev$swradio(&(0x7f0000002440), 0x1, 0x2)
ioctl$VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f0000002680)={0xf0f071, 0x8c000005})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f00000005c0)=ANY=[@ANYBLOB="200f05"], 0x0, 0x0, 0x0, 0x0}, 0x0)
socket$kcm(0x29, 0x2, 0x0)
mount(&(0x7f0000000100)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='aufs\x00', 0x210000, 0x0)

641.464893ms ago: executing program 6 (id=8224):
syz_usb_connect(0x5, 0x34, &(0x7f0000000500)={{0x12, 0x1, 0x110, 0xc2, 0xbc, 0x77, 0x10, 0xbfd, 0x106, 0xec89, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x22, 0x1, 0x35, 0x7, 0x20, 0xce, [{{0x9, 0x4, 0xf0, 0x0, 0x1, 0xff, 0xff, 0xff, 0xd, [@generic={0x7, 0x5, "c2be1b820f"}], [{{0x9, 0x5, 0xf, 0xc, 0x20, 0xd, 0x1f, 0x6}}]}}]}}]}}, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000400)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write(r0, &(0x7f0000000100)="3b000100010000", 0x7)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x20011, r1, 0x6c3ca000)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000001, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000000)={0xfd3, 0xe259, 0x4}, 0xc)
fallocate(r1, 0x28, 0x5, 0x9d7)

464.247956ms ago: executing program 5 (id=8225):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x80044941, &(0x7f00000030c0))
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r5 = dup3(r4, r3, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x2})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000100)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000001040)={0x4c, 0x0, &(0x7f0000000ec0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x44, 0x0, &(0x7f0000000740)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2ff8, 0x0, &(0x7f0000000300)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000180)={0x73622a85, 0xa, 0x2})
ioctl$IOMMU_TEST_OP_ACCESS_RW$syz(r1, 0x3ba0, &(0x7f00000001c0)={0x48, 0x8, r2, 0x0, 0x3, 0x276069, 0x0, 0x0, 0x10004})
r7 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x66002, 0x0)
ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000240)=0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r7, 0x2000)

288.780362ms ago: executing program 5 (id=8226):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x10)
sendto$inet(r0, 0x0, 0x0, 0x806, &(0x7f0000000100)={0x2, 0x4e21, @multicast1}, 0x10)

270.723008ms ago: executing program 2 (id=8227):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x1c1342, 0x0)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sendfile(r1, r0, 0x0, 0x7ffff002)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x1c1342, 0x0) (async)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
sendfile(r1, r0, 0x0, 0x7ffff002) (async)

52.024186ms ago: executing program 5 (id=8228):
creat(&(0x7f0000000140)='./file0\x00', 0x71)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000240), 0x802, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000002080)=ANY=[@ANYBLOB='\v\x00\x00\x00syz0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00syz0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00syz0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x006\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00+'], 0x143)
syz_usb_connect(0x2, 0x24, &(0x7f00000002c0)={{0x12, 0x1, 0x110, 0x9e, 0xdc, 0x17, 0x40, 0x1286, 0x2046, 0x7e5f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xca, 0x0, 0x40, 0x8, [{{0x9, 0x4, 0x71, 0x9, 0x0, 0xff, 0x4, 0x1, 0x4}}]}}]}}, 0x0)
write$UHID_INPUT2(r0, &(0x7f0000000400), 0x6)
mount(&(0x7f0000000180)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000000)='hfsplus\x00', 0x208083, 0x0)
creat(&(0x7f0000000140)='./file0\x00', 0x71) (async)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000240), 0x802, 0x0) (async)
write$UHID_CREATE2(r0, &(0x7f0000002080)=ANY=[@ANYBLOB='\v\x00\x00\x00syz0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00syz0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00syz0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x006\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00+'], 0x143) (async)
syz_usb_connect(0x2, 0x24, &(0x7f00000002c0)={{0x12, 0x1, 0x110, 0x9e, 0xdc, 0x17, 0x40, 0x1286, 0x2046, 0x7e5f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xca, 0x0, 0x40, 0x8, [{{0x9, 0x4, 0x71, 0x9, 0x0, 0xff, 0x4, 0x1, 0x4}}]}}]}}, 0x0) (async)
write$UHID_INPUT2(r0, &(0x7f0000000400), 0x6) (async)
mount(&(0x7f0000000180)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000000)='hfsplus\x00', 0x208083, 0x0) (async)

0s ago: executing program 2 (id=8229):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x109900, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'nr0\x00', 0x6132})
ioctl$TUNSETGROUP(r0, 0x541b, 0x0)
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000240)={0x0, 0x9, [@local, @random="a94fb76efd67", @broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @multicast, @broadcast, @broadcast, @remote, @local]})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
syz_usb_connect(0x0, 0x34, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000092e1300833280102d52a00000001090222006d49b17f0009040000000e010000082403"], 0x0)
r2 = userfaultfd(0x80800)
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000ffb000/0x3000)=nil, &(0x7f0000358000/0x1000)=nil, 0x3000})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x38, r4, 0x4, 0x70bd2c, 0x25dfdbfc, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x2}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x3b0}]}, 0x38}, 0x1, 0x0, 0x0, 0x2400c004}, 0x42001)
ioctl$I2C_TIMEOUT(0xffffffffffffffff, 0x702, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x9, 0x28011, r1, 0x2000)

kernel console output (not intermixed with test programs):

 space 0, times 0
[ 1178.014237][T30191] CPU: 1 UID: 0 PID: 30191 Comm: syz.9.7582 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1178.014269][T30191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1178.014283][T30191] Call Trace:
[ 1178.014292][T30191]  <TASK>
[ 1178.014302][T30191]  dump_stack_lvl+0x189/0x250
[ 1178.014337][T30191]  ? __pfx____ratelimit+0x10/0x10
[ 1178.014368][T30191]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1178.014399][T30191]  ? __pfx__printk+0x10/0x10
[ 1178.014428][T30191]  ? __might_fault+0xb0/0x130
[ 1178.014464][T30191]  should_fail_ex+0x414/0x560
[ 1178.014497][T30191]  _copy_from_user+0x2d/0xb0
[ 1178.014521][T30191]  ___sys_sendmsg+0x158/0x2a0
[ 1178.014549][T30191]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1178.014611][T30191]  ? __fget_files+0x2a/0x420
[ 1178.014640][T30191]  ? __fget_files+0x3a0/0x420
[ 1178.014682][T30191]  __x64_sys_sendmsg+0x19b/0x260
[ 1178.014709][T30191]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1178.014743][T30191]  ? __pfx_ksys_write+0x10/0x10
[ 1178.014767][T30191]  ? rcu_is_watching+0x15/0xb0
[ 1178.014800][T30191]  ? do_syscall_64+0xbe/0x3b0
[ 1178.014835][T30191]  do_syscall_64+0xfa/0x3b0
[ 1178.014863][T30191]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1178.014892][T30191]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1178.014913][T30191]  ? clear_bhb_loop+0x60/0xb0
[ 1178.014939][T30191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1178.014985][T30191] RIP: 0033:0x7fa778d8e9a9
[ 1178.015003][T30191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1178.015021][T30191] RSP: 002b:00007fa779cb9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1178.015044][T30191] RAX: ffffffffffffffda RBX: 00007fa778fb5fa0 RCX: 00007fa778d8e9a9
[ 1178.015060][T30191] RDX: 00000000040400c0 RSI: 0000200000000180 RDI: 0000000000000004
[ 1178.015074][T30191] RBP: 00007fa779cb9090 R08: 0000000000000000 R09: 0000000000000000
[ 1178.015088][T30191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1178.015101][T30191] R13: 0000000000000000 R14: 00007fa778fb5fa0 R15: 00007ffefc9a6528
[ 1178.015134][T30191]  </TASK>
[ 1179.013065][ T5930] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[ 1179.064066][T30240] FAULT_INJECTION: forcing a failure.
[ 1179.064066][T30240] name failslab, interval 1, probability 0, space 0, times 0
[ 1179.112294][T30240] CPU: 1 UID: 0 PID: 30240 Comm: syz.9.7596 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1179.112325][T30240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1179.112339][T30240] Call Trace:
[ 1179.112348][T30240]  <TASK>
[ 1179.112357][T30240]  dump_stack_lvl+0x189/0x250
[ 1179.112392][T30240]  ? __pfx____ratelimit+0x10/0x10
[ 1179.112423][T30240]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1179.112453][T30240]  ? __pfx__printk+0x10/0x10
[ 1179.112489][T30240]  ? __pfx___might_resched+0x10/0x10
[ 1179.112520][T30240]  should_fail_ex+0x414/0x560
[ 1179.112553][T30240]  should_failslab+0xa8/0x100
[ 1179.112580][T30240]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1179.112605][T30240]  ? __alloc_skb+0x112/0x2d0
[ 1179.112630][T30240]  __alloc_skb+0x112/0x2d0
[ 1179.112655][T30240]  netlink_sendmsg+0x5c6/0xb30
[ 1179.112698][T30240]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1179.112734][T30240]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1179.112768][T30240]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1179.112799][T30240]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1179.112832][T30240]  __sock_sendmsg+0x219/0x270
[ 1179.112865][T30240]  ____sys_sendmsg+0x505/0x830
[ 1179.112895][T30240]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1179.112978][T30240]  ? import_iovec+0x74/0xa0
[ 1179.113005][T30240]  ___sys_sendmsg+0x21f/0x2a0
[ 1179.113029][T30240]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1179.113090][T30240]  ? __fget_files+0x2a/0x420
[ 1179.113119][T30240]  ? __fget_files+0x3a0/0x420
[ 1179.113160][T30240]  __x64_sys_sendmsg+0x19b/0x260
[ 1179.113187][T30240]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1179.113221][T30240]  ? __pfx_ksys_write+0x10/0x10
[ 1179.113246][T30240]  ? rcu_is_watching+0x15/0xb0
[ 1179.113277][T30240]  ? do_syscall_64+0xbe/0x3b0
[ 1179.113312][T30240]  do_syscall_64+0xfa/0x3b0
[ 1179.113341][T30240]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1179.113371][T30240]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1179.113391][T30240]  ? clear_bhb_loop+0x60/0xb0
[ 1179.113417][T30240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1179.113438][T30240] RIP: 0033:0x7fa778d8e9a9
[ 1179.113458][T30240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1179.113476][T30240] RSP: 002b:00007fa779cb9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1179.113500][T30240] RAX: ffffffffffffffda RBX: 00007fa778fb5fa0 RCX: 00007fa778d8e9a9
[ 1179.113515][T30240] RDX: 00000000040400c0 RSI: 0000200000000180 RDI: 0000000000000004
[ 1179.113529][T30240] RBP: 00007fa779cb9090 R08: 0000000000000000 R09: 0000000000000000
[ 1179.113542][T30240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1179.113555][T30240] R13: 0000000000000000 R14: 00007fa778fb5fa0 R15: 00007ffefc9a6528
[ 1179.113587][T30240]  </TASK>
[ 1179.447139][ T5930] usb 2-1: Using ep0 maxpacket: 16
[ 1179.478890][ T5930] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[ 1179.487275][ T5930] usb 2-1: config 0 has no interface number 0
[ 1179.493774][ T5930] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1179.504833][ T5930] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1179.514682][ T5930] usb 2-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1179.524003][ T5930] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1179.548149][ T5930] usb 2-1: config 0 descriptor??
[ 1179.573141][   T10] usb 9-1: new full-speed USB device number 107 using dummy_hcd
[ 1179.689788][T30250] /dev/sg0: Can't lookup blockdev
[ 1179.748661][   T10] usb 9-1: config 0 has an invalid interface number: 254 but max is 0
[ 1179.781606][   T10] usb 9-1: config 0 has no interface number 0
[ 1179.796528][   T10] usb 9-1: config 0 interface 254 has no altsetting 0
[ 1179.815843][   T10] usb 9-1: New USB device found, idVendor=0499, idProduct=1051, bcdDevice=54.79
[ 1179.847616][   T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1179.880570][   T10] usb 9-1: Product: syz
[ 1179.894902][   T10] usb 9-1: Manufacturer: syz
[ 1179.908521][   T10] usb 9-1: SerialNumber: syz
[ 1179.931751][   T10] usb 9-1: config 0 descriptor??
[ 1179.960394][T30225] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1179.998778][T30225] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1180.032454][T30225] MTD: Couldn't look up '/dev/rnullb0': -15
[ 1180.045133][T30225] /dev/rnullb0: Can't lookup blockdev
[ 1180.055497][ T5930] usbhid 2-1:0.1: can't add hid device: -71
[ 1180.068682][ T5930] usbhid 2-1:0.1: probe with driver usbhid failed with error -71
[ 1180.115509][ T5930] usb 2-1: USB disconnect, device number 15
[ 1180.188403][T30266] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1180.218356][T30266] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1180.242848][T30238] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1180.267735][T30238] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1180.297180][T30238] cgroup: No subsys list or none specified
[ 1180.308053][T30266] cgroup: No subsys list or none specified
[ 1180.373444][T30266] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[ 1180.381189][T30270] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[ 1180.395311][T30266] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[ 1180.418941][T30270] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[ 1180.461899][T30266] overlayfs: missing 'lowerdir'
[ 1180.543357][T30270] overlayfs: missing 'lowerdir'
[ 1180.753445][   T10] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[ 1180.804704][T30286] netlink: 'syz.9.7602': attribute type 10 has an invalid length.
[ 1180.883348][   T10] snd-usb-audio 9-1:0.254: probe with driver snd-usb-audio failed with error -2
[ 1180.920301][   T10] usb 9-1: USB disconnect, device number 107
[ 1180.927924][T30286] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1180.959218][T25582] udevd[25582]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.254/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1181.040582][T30294] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1181.089317][T30294] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1181.118201][T30294] syz.1.7604: attempt to access beyond end of device
[ 1181.118201][T30294] loop1: rw=0, sector=64, nr_sectors = 1 limit=0
[ 1181.154088][T30294] syz.1.7604: attempt to access beyond end of device
[ 1181.154088][T30294] loop1: rw=0, sector=256, nr_sectors = 1 limit=0
[ 1181.185407][T30294] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[ 1181.207931][T30294] syz.1.7604: attempt to access beyond end of device
[ 1181.207931][T30294] loop1: rw=0, sector=512, nr_sectors = 1 limit=0
[ 1181.236301][T30294] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[ 1181.263139][ T5912] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 1181.277058][T30294] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[ 1181.307022][T30294] UDF-fs: Scanning with blocksize 512 failed
[ 1181.351008][T30294] syz.1.7604: attempt to access beyond end of device
[ 1181.351008][T30294] loop1: rw=0, sector=64, nr_sectors = 2 limit=0
[ 1181.378681][T30294] syz.1.7604: attempt to access beyond end of device
[ 1181.378681][T30294] loop1: rw=0, sector=512, nr_sectors = 2 limit=0
[ 1181.403750][T30294] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[ 1181.438966][T30294] syz.1.7604: attempt to access beyond end of device
[ 1181.438966][T30294] loop1: rw=0, sector=1024, nr_sectors = 2 limit=0
[ 1181.466723][T30294] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[ 1181.483048][ T5912] usb 2-1: Using ep0 maxpacket: 16
[ 1181.490103][T30294] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[ 1181.504378][ T5912] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1181.523014][ T5912] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1181.531327][ T5912] usb 2-1: Product: syz
[ 1181.537087][T30294] UDF-fs: Scanning with blocksize 1024 failed
[ 1181.544027][ T5912] usb 2-1: Manufacturer: syz
[ 1181.548677][ T5912] usb 2-1: SerialNumber: syz
[ 1181.555061][T30294] syz.1.7604: attempt to access beyond end of device
[ 1181.555061][T30294] loop1: rw=0, sector=64, nr_sectors = 4 limit=0
[ 1181.579385][ T5912] usb 2-1: config 0 descriptor??
[ 1181.594028][ T5912] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[ 1181.608821][ T5912] usb 2-1: Detected FT232H
[ 1181.614840][T30294] syz.1.7604: attempt to access beyond end of device
[ 1181.614840][T30294] loop1: rw=0, sector=1024, nr_sectors = 4 limit=0
[ 1181.629192][T30294] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[ 1181.660045][T30294] syz.1.7604: attempt to access beyond end of device
[ 1181.660045][T30294] loop1: rw=0, sector=2048, nr_sectors = 4 limit=0
[ 1181.673676][   T10] usb 9-1: new high-speed USB device number 108 using dummy_hcd
[ 1181.720528][T30294] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[ 1181.743225][T30294] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[ 1181.767890][T30294] UDF-fs: Scanning with blocksize 2048 failed
[ 1181.791392][T30294] syz.1.7604: attempt to access beyond end of device
[ 1181.791392][T30294] loop1: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1181.833415][T30294] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[ 1181.844039][   T10] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[ 1181.849662][T30294] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[ 1181.852077][   T10] usb 9-1: config 0 has no interface number 0
[ 1181.852125][   T10] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1181.868795][T30294] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[ 1181.917310][T30294] UDF-fs: Scanning with blocksize 4096 failed
[ 1181.920538][   T10] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1181.952996][   T10] usb 9-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18
[ 1181.972338][T30294] UDF-fs: warning (device loop1): udf_fill_super: No partition found (1)
[ 1181.972372][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1182.016385][ T5912] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1182.028908][ T5912] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1182.037775][   T10] usb 9-1: config 0 descriptor??
[ 1182.057559][ T5912] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71
[ 1182.087218][ T5912] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1182.098263][T30321] MTD: Couldn't look up '/dev/rnullb0': -15
[ 1182.114457][ T5912] usb 2-1: USB disconnect, device number 16
[ 1182.152065][ T5912] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1182.192401][T30321] loop2: detected capacity change from 0 to 7
[ 1182.196097][ T5912] ftdi_sio 2-1:0.0: device disconnected
[ 1182.222229][T30321] Dev loop2: unable to read RDB block 7
[ 1182.231995][T30321]  loop2: unable to read partition table
[ 1182.241129][T30321] loop2: partition table beyond EOD, truncated
[ 1182.249263][T30321] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1182.316905][T30327] /dev/rnullb0: Can't lookup blockdev
[ 1182.507318][   T10] input: HID 04d9:a055 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.1/0003:04D9:A055.005A/input/input88
[ 1182.659890][T30335] /dev/rnullb0: Can't lookup blockdev
[ 1182.792033][   T10] holtek_kbd 0003:04D9:A055.005A: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.8-1/input1
[ 1182.855856][   T10] usb 9-1: USB disconnect, device number 108
[ 1182.997342][T30342] fido_id[30342]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/9-1/report_descriptor': No such file or directory
[ 1183.103932][T30351] /dev/rnullb0: Can't lookup blockdev
[ 1183.231533][T30356] FAULT_INJECTION: forcing a failure.
[ 1183.231533][T30356] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1183.286486][T30356] CPU: 1 UID: 0 PID: 30356 Comm: syz.7.7619 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1183.286519][T30356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1183.286533][T30356] Call Trace:
[ 1183.286542][T30356]  <TASK>
[ 1183.286552][T30356]  dump_stack_lvl+0x189/0x250
[ 1183.286587][T30356]  ? __pfx____ratelimit+0x10/0x10
[ 1183.286618][T30356]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1183.286647][T30356]  ? __pfx__printk+0x10/0x10
[ 1183.286676][T30356]  ? __might_fault+0xb0/0x130
[ 1183.286712][T30356]  should_fail_ex+0x414/0x560
[ 1183.286752][T30356]  _copy_from_iter+0x1db/0x16f0
[ 1183.286778][T30356]  ? rcu_is_watching+0x15/0xb0
[ 1183.286806][T30356]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[ 1183.286832][T30356]  ? __pfx__copy_from_iter+0x10/0x10
[ 1183.286867][T30356]  ? __build_skb_around+0x257/0x3e0
[ 1183.286892][T30356]  ? netlink_sendmsg+0x642/0xb30
[ 1183.286923][T30356]  ? skb_put+0x11b/0x210
[ 1183.286947][T30356]  netlink_sendmsg+0x6b2/0xb30
[ 1183.286988][T30356]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1183.287024][T30356]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1183.287057][T30356]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1183.287087][T30356]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1183.287120][T30356]  __sock_sendmsg+0x219/0x270
[ 1183.287151][T30356]  ____sys_sendmsg+0x505/0x830
[ 1183.287179][T30356]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1183.287211][T30356]  ? import_iovec+0x74/0xa0
[ 1183.287237][T30356]  ___sys_sendmsg+0x21f/0x2a0
[ 1183.287262][T30356]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1183.287322][T30356]  ? __fget_files+0x2a/0x420
[ 1183.287351][T30356]  ? __fget_files+0x3a0/0x420
[ 1183.287392][T30356]  __x64_sys_sendmsg+0x19b/0x260
[ 1183.287419][T30356]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1183.287452][T30356]  ? __pfx_ksys_write+0x10/0x10
[ 1183.287477][T30356]  ? rcu_is_watching+0x15/0xb0
[ 1183.287509][T30356]  ? do_syscall_64+0xbe/0x3b0
[ 1183.287544][T30356]  do_syscall_64+0xfa/0x3b0
[ 1183.287573][T30356]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1183.287601][T30356]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1183.287622][T30356]  ? clear_bhb_loop+0x60/0xb0
[ 1183.287647][T30356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1183.287667][T30356] RIP: 0033:0x7f263158e9a9
[ 1183.287686][T30356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1183.287704][T30356] RSP: 002b:00007f2632324038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1183.287735][T30356] RAX: ffffffffffffffda RBX: 00007f26317b5fa0 RCX: 00007f263158e9a9
[ 1183.287751][T30356] RDX: 00000000040400c0 RSI: 0000200000000180 RDI: 0000000000000004
[ 1183.287765][T30356] RBP: 00007f2632324090 R08: 0000000000000000 R09: 0000000000000000
[ 1183.287778][T30356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1183.287791][T30356] R13: 0000000000000000 R14: 00007f26317b5fa0 R15: 00007ffe99262ef8
[ 1183.287823][T30356]  </TASK>
[ 1183.575116][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1183.743099][ T5930] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[ 1183.896247][ T5930] usb 2-1: config 0 has an invalid interface number: 108 but max is 0
[ 1183.904689][ T5930] usb 2-1: config 0 has no interface number 0
[ 1183.910838][ T5930] usb 2-1: config 0 interface 108 altsetting 253 bulk endpoint 0xE has invalid maxpacket 1024
[ 1183.925183][ T5930] usb 2-1: config 0 interface 108 has no altsetting 0
[ 1183.932032][ T5930] usb 2-1: New USB device found, idVendor=05f9, idProduct=ffff, bcdDevice= e.b7
[ 1183.941613][ T5930] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1183.969909][ T5930] usb 2-1: config 0 descriptor??
[ 1183.983841][T30357] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1183.994136][ T5930] usbserial_generic 2-1:0.108: The "generic" usb-serial driver is only for testing and one-off prototypes.
[ 1184.014511][ T5930] usbserial_generic 2-1:0.108: Tell linux-usb@vger.kernel.org to add your device to a proper driver.
[ 1184.051783][ T5930] usbserial_generic 2-1:0.108: generic converter detected
[ 1184.094264][ T5930] usb 2-1: generic converter now attached to ttyUSB0
[ 1184.103056][   T30] audit: type=1804 audit(2000000077.431:775): pid=30378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.7623" name="/newroot/dev/rnullb0" dev="devtmpfs" ino=3966 res=1 errno=0
[ 1184.124382][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1184.202612][ T5930] usb 2-1: USB disconnect, device number 17
[ 1184.238112][ T5930] generic ttyUSB0: generic converter now disconnected from ttyUSB0
[ 1184.266384][ T5930] usbserial_generic 2-1:0.108: device disconnected
[ 1184.328373][T30384] tty tty37: ldisc open failed (-12), clearing slot 36
[ 1184.472488][T30394] MTD: Couldn't look up '/dev/rnullb0': -15
[ 1184.481239][T30394] /dev/rnullb0: Can't lookup blockdev
[ 1184.683269][T20651] usb 9-1: new high-speed USB device number 109 using dummy_hcd
[ 1184.776338][T30403] FAULT_INJECTION: forcing a failure.
[ 1184.776338][T30403] name failslab, interval 1, probability 0, space 0, times 0
[ 1184.821658][T30403] CPU: 1 UID: 0 PID: 30403 Comm: syz.9.7631 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1184.821692][T30403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1184.821706][T30403] Call Trace:
[ 1184.821716][T30403]  <TASK>
[ 1184.821725][T30403]  dump_stack_lvl+0x189/0x250
[ 1184.821760][T30403]  ? __pfx____ratelimit+0x10/0x10
[ 1184.821792][T30403]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1184.821821][T30403]  ? __pfx__printk+0x10/0x10
[ 1184.821854][T30403]  ? __pfx___might_resched+0x10/0x10
[ 1184.821882][T30403]  ? fs_reclaim_acquire+0x7d/0x100
[ 1184.821915][T30403]  should_fail_ex+0x414/0x560
[ 1184.821949][T30403]  should_failslab+0xa8/0x100
[ 1184.821980][T30403]  __kmalloc_noprof+0xcb/0x4f0
[ 1184.822004][T30403]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 1184.822035][T30403]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 1184.822070][T30403]  genl_start+0x180/0x6c0
[ 1184.822093][T30403]  ? netlink_lookup+0x30/0x200
[ 1184.822131][T30403]  __netlink_dump_start+0x469/0x7e0
[ 1184.822171][T30403]  genl_family_rcv_msg_dumpit+0x1e7/0x2c0
[ 1184.822202][T30403]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[ 1184.822226][T30403]  ? genl_get_cmd+0x67f/0x910
[ 1184.822255][T30403]  ? __pfx_genl_start+0x10/0x10
[ 1184.822277][T30403]  ? __pfx_genl_dumpit+0x10/0x10
[ 1184.822299][T30403]  ? __pfx_genl_done+0x10/0x10
[ 1184.822339][T30403]  genl_rcv_msg+0x5da/0x790
[ 1184.822371][T30403]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1184.822395][T30403]  ? __pfx_ieee802154_llsec_dump_devs+0x10/0x10
[ 1184.822437][T30403]  netlink_rcv_skb+0x205/0x470
[ 1184.822470][T30403]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1184.822497][T30403]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1184.822553][T30403]  ? down_read+0x1ad/0x2e0
[ 1184.822578][T30403]  genl_rcv+0x28/0x40
[ 1184.822600][T30403]  netlink_unicast+0x759/0x8e0
[ 1184.822643][T30403]  netlink_sendmsg+0x805/0xb30
[ 1184.822686][T30403]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1184.822722][T30403]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1184.822756][T30403]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1184.822787][T30403]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1184.822820][T30403]  __sock_sendmsg+0x219/0x270
[ 1184.822852][T30403]  ____sys_sendmsg+0x505/0x830
[ 1184.822882][T30403]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1184.822915][T30403]  ? import_iovec+0x74/0xa0
[ 1184.822942][T30403]  ___sys_sendmsg+0x21f/0x2a0
[ 1184.822968][T30403]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1184.823029][T30403]  ? __fget_files+0x2a/0x420
[ 1184.823059][T30403]  ? __fget_files+0x3a0/0x420
[ 1184.823101][T30403]  __x64_sys_sendmsg+0x19b/0x260
[ 1184.823127][T30403]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1184.823162][T30403]  ? __pfx_ksys_write+0x10/0x10
[ 1184.823185][T30403]  ? rcu_is_watching+0x15/0xb0
[ 1184.823218][T30403]  ? do_syscall_64+0xbe/0x3b0
[ 1184.823252][T30403]  do_syscall_64+0xfa/0x3b0
[ 1184.823281][T30403]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1184.823309][T30403]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1184.823330][T30403]  ? clear_bhb_loop+0x60/0xb0
[ 1184.823355][T30403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1184.823376][T30403] RIP: 0033:0x7fa778d8e9a9
[ 1184.823395][T30403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1184.823415][T30403] RSP: 002b:00007fa779cb9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1184.823438][T30403] RAX: ffffffffffffffda RBX: 00007fa778fb5fa0 RCX: 00007fa778d8e9a9
[ 1184.823454][T30403] RDX: 00000000040400c0 RSI: 0000200000000180 RDI: 0000000000000004
[ 1184.823468][T30403] RBP: 00007fa779cb9090 R08: 0000000000000000 R09: 0000000000000000
[ 1184.823481][T30403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1184.823495][T30403] R13: 0000000000000000 R14: 00007fa778fb5fa0 R15: 00007ffefc9a6528
[ 1184.823528][T30403]  </TASK>
[ 1185.188118][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1185.297337][T20651] usb 9-1: config 220 has an invalid interface number: 76 but max is 2
[ 1185.307943][T20651] usb 9-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[ 1185.317760][T20651] usb 9-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1185.328408][T20651] usb 9-1: config 220 has no interface number 2
[ 1185.335417][T20651] usb 9-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1185.351287][T20651] usb 9-1: config 220 interface 0 has no altsetting 0
[ 1185.358221][T20651] usb 9-1: config 220 interface 76 has no altsetting 0
[ 1185.365219][T20651] usb 9-1: config 220 interface 1 has no altsetting 0
[ 1185.379387][T20651] usb 9-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1185.388710][T20651] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1185.396907][T20651] usb 9-1: Product: syz
[ 1185.401097][T20651] usb 9-1: Manufacturer: syz
[ 1185.407748][T20651] usb 9-1: SerialNumber: syz
[ 1185.733973][T20651] usb 9-1: selecting invalid altsetting 0
[ 1185.740356][T20651] usb 9-1: Found UVC 7.01 device syz (8086:0b07)
[ 1185.784429][T20651] usb 9-1: No valid video chain found.
[ 1185.817881][T20651] usb 9-1: selecting invalid altsetting 0
[ 1185.833042][T20651] usbtest 9-1:220.1: probe with driver usbtest failed with error -22
[ 1185.855967][T20651] usb 9-1: USB disconnect, device number 109
[ 1185.943236][T15528] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[ 1186.117256][T15528] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1186.154801][T15528] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1186.180243][T15528] usb 2-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00
[ 1186.202895][T15528] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1186.226895][T15528] usb 2-1: config 0 descriptor??
[ 1186.685830][T30425] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1186.722342][T30425] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1186.789242][T30451] /dev/rnullb0: Can't lookup blockdev
[ 1186.843968][T15528] usbhid 2-1:0.0: can't add hid device: -71
[ 1186.853076][T15528] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1186.853640][T30451] /dev/rnullb0: Can't lookup blockdev
[ 1186.893273][T15528] usb 2-1: USB disconnect, device number 18
[ 1187.022723][T30457] x_tables: ip_tables: TPROXY.0 target: invalid size 16 (kernel) != (user) 24
[ 1187.069640][T30462] FAULT_INJECTION: forcing a failure.
[ 1187.069640][T30462] name failslab, interval 1, probability 0, space 0, times 0
[ 1187.091135][T30462] CPU: 1 UID: 0 PID: 30462 Comm: syz.9.7643 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1187.091168][T30462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1187.091182][T30462] Call Trace:
[ 1187.091202][T30462]  <TASK>
[ 1187.091212][T30462]  dump_stack_lvl+0x189/0x250
[ 1187.091247][T30462]  ? __pfx____ratelimit+0x10/0x10
[ 1187.091279][T30462]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1187.091310][T30462]  ? __pfx__printk+0x10/0x10
[ 1187.091346][T30462]  ? __pfx___might_resched+0x10/0x10
[ 1187.091372][T30462]  ? fs_reclaim_acquire+0x7d/0x100
[ 1187.091405][T30462]  should_fail_ex+0x414/0x560
[ 1187.091438][T30462]  should_failslab+0xa8/0x100
[ 1187.091466][T30462]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1187.091490][T30462]  ? genl_start+0x1c9/0x6c0
[ 1187.091520][T30462]  genl_start+0x1c9/0x6c0
[ 1187.091543][T30462]  ? netlink_lookup+0x30/0x200
[ 1187.091581][T30462]  __netlink_dump_start+0x469/0x7e0
[ 1187.091622][T30462]  genl_family_rcv_msg_dumpit+0x1e7/0x2c0
[ 1187.091653][T30462]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[ 1187.091678][T30462]  ? genl_get_cmd+0x67f/0x910
[ 1187.091708][T30462]  ? __pfx_genl_start+0x10/0x10
[ 1187.091730][T30462]  ? __pfx_genl_dumpit+0x10/0x10
[ 1187.091752][T30462]  ? __pfx_genl_done+0x10/0x10
[ 1187.091792][T30462]  genl_rcv_msg+0x5da/0x790
[ 1187.091824][T30462]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1187.091848][T30462]  ? __pfx_ieee802154_llsec_dump_devs+0x10/0x10
[ 1187.091890][T30462]  netlink_rcv_skb+0x205/0x470
[ 1187.091922][T30462]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1187.091948][T30462]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1187.091999][T30462]  ? down_read+0x1ad/0x2e0
[ 1187.092022][T30462]  genl_rcv+0x28/0x40
[ 1187.092045][T30462]  netlink_unicast+0x759/0x8e0
[ 1187.092086][T30462]  netlink_sendmsg+0x805/0xb30
[ 1187.092130][T30462]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1187.092165][T30462]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1187.092207][T30462]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1187.092238][T30462]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1187.092272][T30462]  __sock_sendmsg+0x219/0x270
[ 1187.092304][T30462]  ____sys_sendmsg+0x505/0x830
[ 1187.092333][T30462]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1187.092367][T30462]  ? import_iovec+0x74/0xa0
[ 1187.092394][T30462]  ___sys_sendmsg+0x21f/0x2a0
[ 1187.092421][T30462]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1187.092484][T30462]  ? __fget_files+0x2a/0x420
[ 1187.092516][T30462]  ? __fget_files+0x3a0/0x420
[ 1187.092557][T30462]  __x64_sys_sendmsg+0x19b/0x260
[ 1187.092584][T30462]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1187.092619][T30462]  ? __pfx_ksys_write+0x10/0x10
[ 1187.092645][T30462]  ? rcu_is_watching+0x15/0xb0
[ 1187.092677][T30462]  ? do_syscall_64+0xbe/0x3b0
[ 1187.092714][T30462]  do_syscall_64+0xfa/0x3b0
[ 1187.092743][T30462]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1187.092772][T30462]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1187.092793][T30462]  ? clear_bhb_loop+0x60/0xb0
[ 1187.092818][T30462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1187.092840][T30462] RIP: 0033:0x7fa778d8e9a9
[ 1187.092858][T30462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1187.092877][T30462] RSP: 002b:00007fa779cb9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1187.092899][T30462] RAX: ffffffffffffffda RBX: 00007fa778fb5fa0 RCX: 00007fa778d8e9a9
[ 1187.092920][T30462] RDX: 00000000040400c0 RSI: 0000200000000180 RDI: 0000000000000004
[ 1187.092933][T30462] RBP: 00007fa779cb9090 R08: 0000000000000000 R09: 0000000000000000
[ 1187.092945][T30462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1187.092958][T30462] R13: 0000000000000000 R14: 00007fa778fb5fa0 R15: 00007ffefc9a6528
[ 1187.092990][T30462]  </TASK>
[ 1187.450940][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1187.787808][T30472] /dev/rnullb0: Can't lookup blockdev
[ 1188.265988][T30487] netlink: 20 bytes leftover after parsing attributes in process `syz.9.7651'.
[ 1188.303911][T30487] /dev/rnullb0: Can't lookup blockdev
[ 1188.393086][   T10] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 1188.583088][   T10] usb 2-1: Using ep0 maxpacket: 8
[ 1188.588501][T30503] netlink: 328 bytes leftover after parsing attributes in process `syz.8.7654'.
[ 1188.599824][   T10] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[ 1188.610453][T30503] bio_check_eod: 2 callbacks suppressed
[ 1188.610472][T30503] syz.8.7654: attempt to access beyond end of device
[ 1188.610472][T30503] nbd8: rw=0, sector=1, nr_sectors = 1 limit=0
[ 1188.629949][   T10] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1188.648475][   T10] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1188.669976][T30503] qnx4: unable to read the superblock
[ 1188.682248][   T10] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1188.703248][   T10] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1188.725315][   T10] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1188.750874][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1188.872590][T30509] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[ 1188.891184][T30509] overlayfs: missing 'lowerdir'
[ 1188.896787][ T5912] usb 10-1: new high-speed USB device number 82 using dummy_hcd
[ 1188.986820][   T10] usb 2-1: usb_control_msg returned -32
[ 1189.020594][   T10] usbtmc 2-1:16.0: can't read capabilities
[ 1189.059420][ T5912] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1189.089431][ T5912] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1189.115479][T30512] /dev/rnullb0: Can't lookup blockdev
[ 1189.117289][ T5912] usb 10-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00
[ 1189.148662][ T5912] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1189.161269][ T5912] usb 10-1: config 0 descriptor??
[ 1189.339456][T30517] usbtmc 2-1:16.0: usb_control_msg returned -32
[ 1189.351138][T30517] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1189.383231][T30517] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1189.476520][ T5930] usb 2-1: USB disconnect, device number 19
[ 1189.706853][ T5912] lenovo 0003:17EF:6067.005B: item fetching failed at offset 0/2
[ 1189.744210][ T5912] lenovo 0003:17EF:6067.005B: hid_parse failed
[ 1189.750508][ T5912] lenovo 0003:17EF:6067.005B: probe with driver lenovo failed with error -22
[ 1189.937342][ T5930] usb 10-1: USB disconnect, device number 82
[ 1190.185872][T30547] /dev/rnullb0: Can't lookup blockdev
[ 1190.665222][T30564] loop2: detected capacity change from 0 to 7
[ 1190.716317][T30565] /dev/rnullb0: Can't lookup blockdev
[ 1190.753281][T30564] Dev loop2: unable to read RDB block 7
[ 1190.758947][T30564]  loop2: unable to read partition table
[ 1190.811404][T30564] loop2: partition table beyond EOD, truncated
[ 1190.852834][T30564] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1190.964960][T30572] /dev/rnullb0: Can't lookup blockdev
[ 1191.103837][T30579] /dev/rnullb0: Can't lookup blockdev
[ 1191.281351][T30585] FAULT_INJECTION: forcing a failure.
[ 1191.281351][T30585] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1191.323559][T30585] CPU: 1 UID: 0 PID: 30585 Comm: syz.9.7675 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1191.323591][T30585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1191.323604][T30585] Call Trace:
[ 1191.323613][T30585]  <TASK>
[ 1191.323623][T30585]  dump_stack_lvl+0x189/0x250
[ 1191.323658][T30585]  ? __pfx____ratelimit+0x10/0x10
[ 1191.323698][T30585]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1191.323727][T30585]  ? __pfx__printk+0x10/0x10
[ 1191.323770][T30585]  should_fail_ex+0x414/0x560
[ 1191.323802][T30585]  _copy_to_user+0x31/0xb0
[ 1191.323829][T30585]  simple_read_from_buffer+0xe1/0x170
[ 1191.323864][T30585]  proc_fail_nth_read+0x1b3/0x220
[ 1191.323891][T30585]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1191.323918][T30585]  ? rw_verify_area+0x2a6/0x4d0
[ 1191.323943][T30585]  ? __lock_acquire+0xab9/0xd20
[ 1191.323964][T30585]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1191.323989][T30585]  vfs_read+0x1fd/0x980
[ 1191.324014][T30585]  ? fdget_pos+0x247/0x320
[ 1191.324038][T30585]  ? __pfx___mutex_lock+0x10/0x10
[ 1191.324070][T30585]  ? __pfx_vfs_read+0x10/0x10
[ 1191.324098][T30585]  ? __fget_files+0x2a/0x420
[ 1191.324134][T30585]  ? __fget_files+0x3a0/0x420
[ 1191.324162][T30585]  ? __fget_files+0x2a/0x420
[ 1191.324203][T30585]  ksys_read+0x145/0x250
[ 1191.324233][T30585]  ? __pfx_ksys_read+0x10/0x10
[ 1191.324257][T30585]  ? rcu_is_watching+0x15/0xb0
[ 1191.324291][T30585]  ? do_syscall_64+0xbe/0x3b0
[ 1191.324327][T30585]  do_syscall_64+0xfa/0x3b0
[ 1191.324356][T30585]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1191.324385][T30585]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1191.324407][T30585]  ? clear_bhb_loop+0x60/0xb0
[ 1191.324433][T30585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1191.324454][T30585] RIP: 0033:0x7fa778d8d3bc
[ 1191.324473][T30585] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1191.324493][T30585] RSP: 002b:00007fa779cb9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1191.324516][T30585] RAX: ffffffffffffffda RBX: 00007fa778fb5fa0 RCX: 00007fa778d8d3bc
[ 1191.324533][T30585] RDX: 000000000000000f RSI: 00007fa779cb90a0 RDI: 0000000000000003
[ 1191.324547][T30585] RBP: 00007fa779cb9090 R08: 0000000000000000 R09: 0000000000000000
[ 1191.324561][T30585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1191.324574][T30585] R13: 0000000000000000 R14: 00007fa778fb5fa0 R15: 00007ffefc9a6528
[ 1191.324607][T30585]  </TASK>
[ 1192.429368][T30614] syzkaller1: entered promiscuous mode
[ 1192.445092][T30614] syzkaller1: entered allmulticast mode
[ 1193.211306][T30634] netlink: 'syz.9.7686': attribute type 29 has an invalid length.
[ 1193.233910][T30634] netlink: 'syz.9.7686': attribute type 29 has an invalid length.
[ 1193.264262][T30634] netlink: 500 bytes leftover after parsing attributes in process `syz.9.7686'.
[ 1193.866452][T30655] FAULT_INJECTION: forcing a failure.
[ 1193.866452][T30655] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1193.900815][T30655] CPU: 0 UID: 0 PID: 30655 Comm: syz.1.7691 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1193.900848][T30655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1193.900862][T30655] Call Trace:
[ 1193.900871][T30655]  <TASK>
[ 1193.900881][T30655]  dump_stack_lvl+0x189/0x250
[ 1193.900917][T30655]  ? __pfx____ratelimit+0x10/0x10
[ 1193.900948][T30655]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1193.900978][T30655]  ? __pfx__printk+0x10/0x10
[ 1193.901008][T30655]  ? __might_fault+0xb0/0x130
[ 1193.901043][T30655]  should_fail_ex+0x414/0x560
[ 1193.901074][T30655]  _copy_from_user+0x2d/0xb0
[ 1193.901099][T30655]  __sys_sendto+0x25c/0x520
[ 1193.901123][T30655]  ? __pfx___sys_sendto+0x10/0x10
[ 1193.901140][T30655]  ? __mutex_unlock_slowpath+0x1a1/0x760
[ 1193.901185][T30655]  ? __fget_files+0x3a0/0x420
[ 1193.901227][T30655]  ? ksys_write+0x22a/0x250
[ 1193.901256][T30655]  ? __pfx_ksys_write+0x10/0x10
[ 1193.901280][T30655]  ? rcu_is_watching+0x15/0xb0
[ 1193.901312][T30655]  __x64_sys_sendto+0xde/0x100
[ 1193.901335][T30655]  do_syscall_64+0xfa/0x3b0
[ 1193.901365][T30655]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1193.901394][T30655]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.901415][T30655]  ? clear_bhb_loop+0x60/0xb0
[ 1193.901440][T30655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.901466][T30655] RIP: 0033:0x7f4bcc78e9a9
[ 1193.901484][T30655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1193.901502][T30655] RSP: 002b:00007f4bcd5cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1193.901524][T30655] RAX: ffffffffffffffda RBX: 00007f4bcc9b5fa0 RCX: 00007f4bcc78e9a9
[ 1193.901540][T30655] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1193.901553][T30655] RBP: 00007f4bcd5cf090 R08: 0000200000000100 R09: 0000000000000010
[ 1193.901568][T30655] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[ 1193.901581][T30655] R13: 0000000000000000 R14: 00007f4bcc9b5fa0 R15: 00007fff72ff4208
[ 1193.901614][T30655]  </TASK>
[ 1194.523191][ T5930] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1194.561101][T30670] /dev/rnullb0: Can't lookup blockdev
[ 1194.686334][ T5930] usb 2-1: Using ep0 maxpacket: 32
[ 1194.701153][ T5930] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[ 1194.712084][ T5930] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1194.757219][ T5930] usb 2-1: config 0 descriptor??
[ 1194.772323][ T5930] gspca_main: sq930x-2.14.0 probing 041e:403c
[ 1195.021853][T30677] overlayfs: failed to resolve './file0': -2
[ 1195.220489][T30681] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1195.229752][T30681] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1195.573608][T30691] FAULT_INJECTION: forcing a failure.
[ 1195.573608][T30691] name failslab, interval 1, probability 0, space 0, times 0
[ 1195.619475][T30691] CPU: 1 UID: 0 PID: 30691 Comm: syz.8.7701 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1195.619507][T30691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1195.619529][T30691] Call Trace:
[ 1195.619538][T30691]  <TASK>
[ 1195.619547][T30691]  dump_stack_lvl+0x189/0x250
[ 1195.619583][T30691]  ? __pfx____ratelimit+0x10/0x10
[ 1195.619613][T30691]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1195.619644][T30691]  ? __pfx__printk+0x10/0x10
[ 1195.619678][T30691]  ? __lock_acquire+0xab9/0xd20
[ 1195.619711][T30691]  should_fail_ex+0x414/0x560
[ 1195.619742][T30691]  should_failslab+0xa8/0x100
[ 1195.619769][T30691]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1195.619791][T30691]  ? dst_alloc+0x105/0x170
[ 1195.619819][T30691]  dst_alloc+0x105/0x170
[ 1195.619840][T30691]  ? ip_check_mc_rcu+0x443/0x680
[ 1195.619864][T30691]  ip_route_output_key_hash_rcu+0x14e1/0x23d0
[ 1195.619900][T30691]  ? ip_route_output_key_hash+0xde/0x2e0
[ 1195.619926][T30691]  ip_route_output_key_hash+0x1b9/0x2e0
[ 1195.619954][T30691]  ? __lock_acquire+0xab9/0xd20
[ 1195.619978][T30691]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[ 1195.620021][T30691]  ip_route_output_flow+0x2a/0x150
[ 1195.620041][T30691]  ? security_sk_classify_flow+0x70/0x180
[ 1195.620069][T30691]  raw_sendmsg+0x1039/0x18b0
[ 1195.620108][T30691]  ? __pfx_raw_sendmsg+0x10/0x10
[ 1195.620152][T30691]  ? aa_sk_perm+0x81e/0x950
[ 1195.620186][T30691]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1195.620212][T30691]  ? tomoyo_socket_sendmsg_permission+0x216/0x300
[ 1195.620248][T30691]  ? sock_rps_record_flow+0x19/0x410
[ 1195.620278][T30691]  ? inet_sendmsg+0x2f4/0x370
[ 1195.620302][T30691]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1195.620337][T30691]  __sock_sendmsg+0x19c/0x270
[ 1195.620370][T30691]  __sys_sendto+0x3bd/0x520
[ 1195.620394][T30691]  ? __pfx___sys_sendto+0x10/0x10
[ 1195.620411][T30691]  ? __mutex_unlock_slowpath+0x1a1/0x760
[ 1195.620456][T30691]  ? __fget_files+0x3a0/0x420
[ 1195.620500][T30691]  ? ksys_write+0x22a/0x250
[ 1195.620539][T30691]  ? __pfx_ksys_write+0x10/0x10
[ 1195.620563][T30691]  ? rcu_is_watching+0x15/0xb0
[ 1195.620596][T30691]  __x64_sys_sendto+0xde/0x100
[ 1195.620620][T30691]  do_syscall_64+0xfa/0x3b0
[ 1195.620649][T30691]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1195.620677][T30691]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1195.620697][T30691]  ? clear_bhb_loop+0x60/0xb0
[ 1195.620722][T30691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1195.620742][T30691] RIP: 0033:0x7f9c3b38e9a9
[ 1195.620761][T30691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1195.620780][T30691] RSP: 002b:00007f9c3c1ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1195.620802][T30691] RAX: ffffffffffffffda RBX: 00007f9c3b5b5fa0 RCX: 00007f9c3b38e9a9
[ 1195.620817][T30691] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1195.620829][T30691] RBP: 00007f9c3c1ff090 R08: 0000200000000100 R09: 0000000000000010
[ 1195.620844][T30691] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[ 1195.620857][T30691] R13: 0000000000000000 R14: 00007f9c3b5b5fa0 R15: 00007ffd513d23c8
[ 1195.620890][T30691]  </TASK>
[ 1195.928523][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1195.975156][ T5930] gspca_sq930x: reg_w 0305 fd00 failed -71
[ 1195.981155][ T5930] sq930x 2-1:0.0: probe with driver sq930x failed with error -71
[ 1196.083098][T15529] usb 10-1: new high-speed USB device number 83 using dummy_hcd
[ 1196.239506][ T5845] Bluetooth: hci1: ACL packet for unknown connection handle 200
[ 1196.250415][T15529] usb 10-1: Using ep0 maxpacket: 32
[ 1196.279739][T15529] usb 10-1: config 0 has an invalid interface number: 67 but max is 0
[ 1196.288751][T15529] usb 10-1: config 0 has no interface number 0
[ 1196.338680][T15529] usb 10-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1196.343165][ T5930] usb 2-1: USB disconnect, device number 20
[ 1196.418058][T15529] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1196.460311][T15529] usb 10-1: Product: syz
[ 1196.479398][T15529] usb 10-1: Manufacturer: syz
[ 1196.498377][T15529] usb 10-1: SerialNumber: syz
[ 1196.547749][T15529] usb 10-1: config 0 descriptor??
[ 1196.585496][T15529] smsc95xx v2.0.0
[ 1196.986131][T15529] smsc95xx 10-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1197.023056][T15529] smsc95xx 10-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1197.649126][T30730] ref_tracker: memory allocation failure, unreliable refcount tracker.
[ 1197.719841][T30733] /dev/rnullb0: Can't lookup blockdev
[ 1197.763119][ T5912] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 1197.933410][ T5912] usb 2-1: Using ep0 maxpacket: 32
[ 1197.941862][ T5912] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1197.961078][ T5912] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1197.971332][ T5912] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1197.984537][ T5912] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1197.993227][   T10] usb 9-1: new high-speed USB device number 110 using dummy_hcd
[ 1198.008638][ T5912] usb 2-1: config 0 descriptor??
[ 1198.163181][   T10] usb 9-1: Using ep0 maxpacket: 16
[ 1198.174348][   T10] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1198.191937][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1198.216871][   T10] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1198.240276][   T10] usb 9-1: New USB device found, idVendor=0c72, idProduct=000c, bcdDevice=f6.59
[ 1198.259522][   T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1198.277520][   T10] usb 9-1: Product: syz
[ 1198.282018][   T10] usb 9-1: Manufacturer: syz
[ 1198.289246][   T10] usb 9-1: SerialNumber: syz
[ 1198.310438][   T10] usb 9-1: config 0 descriptor??
[ 1198.339250][   T10] peak_usb 9-1:0.0 can0: sending cmd f=0x6 n=0x1 failure: -8
[ 1198.347709][   T10] peak_usb 9-1:0.0: unable to read PCAN-USB serial number (err -8)
[ 1198.424369][   T10] peak_usb 9-1:0.0: probe with driver peak_usb failed with error -8
[ 1198.491796][ T5912] savu 0003:1E7D:2D5A.005C: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0
[ 1198.764247][T30742] /dev/rnullb0: Can't lookup blockdev
[ 1198.879759][T30743] /dev/rnullb0: Can't lookup blockdev
[ 1198.920428][   T43] usb 9-1: USB disconnect, device number 110
[ 1199.042644][T30747] tmpfs: Bad value for 'mpol'
[ 1199.211033][T30751] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1199.235677][T30751] binder: 30750:30751 ioctl 4018620d 0 returned -22
[ 1199.603075][ T5930] usb 9-1: new high-speed USB device number 111 using dummy_hcd
[ 1199.775773][ T5930] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1199.794285][ T5930] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1199.805148][ T5930] usb 9-1: config 1 interface 0 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1199.819415][ T5930] usb 9-1: config 1 interface 0 has no altsetting 0
[ 1199.830107][ T5930] usb 9-1: string descriptor 0 read error: -22
[ 1199.839407][ T5930] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1199.851062][ T5930] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1199.873828][   T43] usb 2-1: reset high-speed USB device number 21 using dummy_hcd
[ 1199.887210][ T5930] usb 9-1: bad CDC descriptors
[ 1200.103490][ T5930] usb 9-1: USB disconnect, device number 111
[ 1200.651502][T15529] smsc95xx 10-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000011c: -71
[ 1200.689237][T15529] smsc95xx 10-1:0.67: probe with driver smsc95xx failed with error -71
[ 1200.739000][T15529] usb 10-1: USB disconnect, device number 83
[ 1201.033928][T30771] FAULT_INJECTION: forcing a failure.
[ 1201.033928][T30771] name failslab, interval 1, probability 0, space 0, times 0
[ 1201.093880][T30771] CPU: 0 UID: 0 PID: 30771 Comm: syz.8.7724 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1201.093911][T30771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1201.093925][T30771] Call Trace:
[ 1201.093934][T30771]  <TASK>
[ 1201.093944][T30771]  dump_stack_lvl+0x189/0x250
[ 1201.093980][T30771]  ? __pfx____ratelimit+0x10/0x10
[ 1201.094009][T30771]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1201.094039][T30771]  ? __pfx__printk+0x10/0x10
[ 1201.094073][T30771]  ? __pfx___might_resched+0x10/0x10
[ 1201.094103][T30771]  should_fail_ex+0x414/0x560
[ 1201.094135][T30771]  should_failslab+0xa8/0x100
[ 1201.094162][T30771]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1201.094186][T30771]  ? __alloc_skb+0x112/0x2d0
[ 1201.094211][T30771]  __alloc_skb+0x112/0x2d0
[ 1201.094239][T30771]  __ip_append_data+0x2dae/0x40c0
[ 1201.094285][T30771]  ? __pfx_raw_getfrag+0x10/0x10
[ 1201.094326][T30771]  ? ipv4_mtu+0x23/0x5c0
[ 1201.094348][T30771]  ? __pfx___ip_append_data+0x10/0x10
[ 1201.094371][T30771]  ? ipv4_mtu+0x4b2/0x5c0
[ 1201.094389][T30771]  ? ipv4_mtu+0x23/0x5c0
[ 1201.094410][T30771]  ? __pfx_ipv4_mtu+0x10/0x10
[ 1201.094430][T30771]  ? ip_setup_cork+0x577/0x9a0
[ 1201.094452][T30771]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1201.094484][T30771]  ip_append_data+0x10e/0x190
[ 1201.094511][T30771]  ? __pfx_raw_getfrag+0x10/0x10
[ 1201.094535][T30771]  raw_sendmsg+0x13d8/0x18b0
[ 1201.094575][T30771]  ? __pfx_raw_sendmsg+0x10/0x10
[ 1201.094619][T30771]  ? aa_sk_perm+0x81e/0x950
[ 1201.094654][T30771]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1201.094680][T30771]  ? tomoyo_socket_sendmsg_permission+0x216/0x300
[ 1201.094718][T30771]  ? sock_rps_record_flow+0x19/0x410
[ 1201.094748][T30771]  ? inet_sendmsg+0x2f4/0x370
[ 1201.094772][T30771]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1201.094807][T30771]  __sock_sendmsg+0x19c/0x270
[ 1201.094850][T30771]  __sys_sendto+0x3bd/0x520
[ 1201.094874][T30771]  ? __pfx___sys_sendto+0x10/0x10
[ 1201.094891][T30771]  ? __mutex_unlock_slowpath+0x1a1/0x760
[ 1201.094937][T30771]  ? __fget_files+0x3a0/0x420
[ 1201.094981][T30771]  ? ksys_write+0x22a/0x250
[ 1201.095011][T30771]  ? __pfx_ksys_write+0x10/0x10
[ 1201.095034][T30771]  ? rcu_is_watching+0x15/0xb0
[ 1201.095066][T30771]  __x64_sys_sendto+0xde/0x100
[ 1201.095090][T30771]  do_syscall_64+0xfa/0x3b0
[ 1201.095121][T30771]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1201.095149][T30771]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1201.095170][T30771]  ? clear_bhb_loop+0x60/0xb0
[ 1201.095195][T30771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1201.095216][T30771] RIP: 0033:0x7f9c3b38e9a9
[ 1201.095235][T30771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1201.095254][T30771] RSP: 002b:00007f9c3c1ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1201.095276][T30771] RAX: ffffffffffffffda RBX: 00007f9c3b5b5fa0 RCX: 00007f9c3b38e9a9
[ 1201.095292][T30771] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1201.095304][T30771] RBP: 00007f9c3c1ff090 R08: 0000200000000100 R09: 0000000000000010
[ 1201.095319][T30771] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[ 1201.095331][T30771] R13: 0000000000000000 R14: 00007f9c3b5b5fa0 R15: 00007ffd513d23c8
[ 1201.095364][T30771]  </TASK>
[ 1201.654025][T20651] usb 2-1: USB disconnect, device number 21
[ 1201.771971][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1201.809492][   T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1201.819534][   T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1201.830041][   T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1201.837157][T15529] usb 10-1: new high-speed USB device number 84 using dummy_hcd
[ 1201.846145][   T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1202.025312][T15529] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1202.043048][T15529] usb 10-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1202.071292][T30781] /dev/rnullb0: Can't lookup blockdev
[ 1202.083458][T15529] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1202.118367][T15529] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1202.160306][T15529] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1202.202718][T15529] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1202.219876][T15529] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1202.262720][T15529] usb 10-1: Product: syz
[ 1202.280402][T15529] usb 10-1: Manufacturer: syz
[ 1202.355254][T15529] cdc_wdm 10-1:1.0: skipping garbage
[ 1202.373115][T15529] cdc_wdm 10-1:1.0: skipping garbage
[ 1202.412854][T15529] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[ 1202.434073][T15529] cdc_wdm 10-1:1.0: Unknown control protocol
[ 1202.658090][T30798] /dev/rnullb0: Can't lookup blockdev
[ 1202.907748][T30804] netlink: 80 bytes leftover after parsing attributes in process `syz.1.7730'.
[ 1203.155895][ T5912] usb 10-1: USB disconnect, device number 84
[ 1203.283089][T20651] usb 9-1: new high-speed USB device number 112 using dummy_hcd
[ 1203.310800][T30776] chnl_net:caif_netlink_parms(): no params data found
[ 1203.440476][T20651] usb 9-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36
[ 1203.467537][T20651] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1203.481609][T30776] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1203.491463][T30776] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1203.498915][T30776] bridge_slave_0: entered allmulticast mode
[ 1203.513168][T30776] bridge_slave_0: entered promiscuous mode
[ 1203.513796][T20651] usb 9-1: config 0 descriptor??
[ 1203.527511][T30776] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1203.536121][T30776] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1203.543695][T30776] bridge_slave_1: entered allmulticast mode
[ 1203.552016][T30776] bridge_slave_1: entered promiscuous mode
[ 1203.598259][T30776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1203.611945][T30776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1203.766253][T30776] team0: Port device team_slave_0 added
[ 1203.776564][T30776] team0: Port device team_slave_1 added
[ 1203.808385][T20651] kaweth 9-1:0.0: Firmware present in device.
[ 1203.908347][T30776] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1203.922994][T30776] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1203.952750][T30776] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1203.964250][ T5845] Bluetooth: hci4: command tx timeout
[ 1203.977574][T30776] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1203.984672][T30776] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1203.985769][T30824] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1204.011499][T30776] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1204.082301][T30824] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1204.125040][T20651] kaweth 9-1:0.0: Error reading configuration (-71), no net device created
[ 1204.129239][T30776] hsr_slave_0: entered promiscuous mode
[ 1204.171876][T20651] kaweth 9-1:0.0: probe with driver kaweth failed with error -5
[ 1204.172092][T30776] hsr_slave_1: entered promiscuous mode
[ 1204.206846][T20651] usb 9-1: USB disconnect, device number 112
[ 1204.243980][T30776] debugfs: 'hsr0' already exists in 'hsr'
[ 1204.250875][T30776] Cannot create hsr debugfs directory
[ 1204.310476][T30832] random: crng reseeded on system resumption
[ 1204.545128][T30840] /dev/rnullb0: Can't lookup blockdev
[ 1206.034180][ T5845] Bluetooth: hci4: command tx timeout
[ 1206.113114][ T5912] usb 10-1: new full-speed USB device number 85 using dummy_hcd
[ 1206.308877][ T5912] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1206.354951][ T5912] usb 10-1: New USB device found, idVendor=05ac, idProduct=027d, bcdDevice= 0.00
[ 1206.374682][ T5912] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1206.420464][ T5912] usb 10-1: config 0 descriptor??
[ 1206.575941][T30882] binder: BINDER_SET_CONTEXT_MGR already set
[ 1206.582064][T30882] binder: 30881:30882 ioctl 4018620d 2000000002c0 returned -16
[ 1206.899723][ T5912] apple 0003:05AC:027D.005D: hidraw0: USB HID vff.ff Device [HID 05ac:027d] on usb-dummy_hcd.9-1/input0
[ 1207.069952][T15529] usb 10-1: USB disconnect, device number 85
[ 1207.180062][T30890] fido_id[30890]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.9/usb10/report_descriptor': No such file or directory
[ 1207.226548][T30776] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1207.300998][T30776] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1207.366182][T30776] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1207.412495][T30776] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1207.778590][T30776] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1207.887026][T30776] 8021q: adding VLAN 0 to HW filter on device team0
[ 1207.941744][ T2982] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1207.949020][ T2982] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1208.079819][ T2982] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1208.087078][ T2982] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1208.118579][ T5845] Bluetooth: hci4: command tx timeout
[ 1208.548989][T30937] netlink: 224 bytes leftover after parsing attributes in process `syz.1.7762'.
[ 1209.069978][T30776] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1210.055429][T30977] binder: 30976:30977 ioctl c0306201 200000000080 returned -14
[ 1210.144171][ T5912] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[ 1210.161154][T30776] veth0_vlan: entered promiscuous mode
[ 1210.194690][   T51] Bluetooth: hci4: command tx timeout
[ 1210.263984][T30776] veth1_vlan: entered promiscuous mode
[ 1210.323153][ T5912] usb 2-1: Using ep0 maxpacket: 32
[ 1210.337813][ T5912] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[ 1210.373339][ T5912] usb 2-1: config 0 has no interface number 0
[ 1210.386391][T30776] veth0_macvtap: entered promiscuous mode
[ 1210.393064][ T5912] usb 2-1: config 0 interface 184 has no altsetting 0
[ 1210.420297][ T5912] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1210.430248][ T5912] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1210.440920][T30776] veth1_macvtap: entered promiscuous mode
[ 1210.458557][ T5912] usb 2-1: Product: syz
[ 1210.462797][ T5912] usb 2-1: Manufacturer: syz
[ 1210.479434][ T5912] usb 2-1: SerialNumber: syz
[ 1210.514286][ T5912] usb 2-1: config 0 descriptor??
[ 1210.536313][ T5912] smsc75xx v1.0.0
[ 1210.546599][T30776] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1210.598224][T30776] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1210.657413][ T2982] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1210.677858][ T2982] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1210.736712][ T2982] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1210.757711][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1210.976188][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1211.026425][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1211.125490][ T2982] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1211.162857][ T2982] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1211.543121][ T5912] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[ 1211.573372][ T5912] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1211.759612][ T5930] hid_parser_main: 24 callbacks suppressed
[ 1211.759637][ T5930] hid-generic 0000:0000:0000.005E: unknown main item tag 0x0
[ 1211.778495][T31017] KVM: debugfs: duplicate directory 31017-5
[ 1211.802860][ T5912] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1211.831097][ T5930] hid-generic 0000:0000:0000.005E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1211.873116][ T5912] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[ 1211.906702][ T5912] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[ 1211.935398][ T5912] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1211.981324][ T5912] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[ 1212.043456][ T5912] usb 2-1: USB disconnect, device number 22
[ 1212.099704][T31020] fido_id[31020]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1212.194051][ T5845] Bluetooth: hci6: Opcode 0x1003 failed: -110
[ 1212.200774][   T51] Bluetooth: hci6: command 0x1003 tx timeout
[ 1212.703087][T20651] usb 9-1: new high-speed USB device number 113 using dummy_hcd
[ 1212.898663][T20651] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1212.939697][T20651] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1212.976394][T20651] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1213.008335][T20651] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1213.035354][T20651] usb 9-1: SerialNumber: syz
[ 1213.300459][T20651] usb 9-1: 0:2 : does not exist
[ 1213.370614][T20651] usb 9-1: USB disconnect, device number 113
[ 1213.442579][T31057] KVM: debugfs: duplicate directory 31057-5
[ 1213.540131][T30352] udevd[30352]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1215.129821][T31100] KVM: debugfs: duplicate directory 31100-5
[ 1215.461251][   T13] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1215.517253][T31107] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1215.749719][   T13] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1215.957857][   T13] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1216.152088][   T13] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1216.969621][   T13] bridge_slave_1: left allmulticast mode
[ 1217.003417][   T13] bridge_slave_1: left promiscuous mode
[ 1217.009714][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1217.091540][   T13] bridge_slave_0: left allmulticast mode
[ 1217.115222][   T13] bridge_slave_0: left promiscuous mode
[ 1217.136429][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1217.314767][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1217.337757][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1217.347676][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1217.365439][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1217.373501][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1218.384221][   T13] dvmrp0 (unregistering): left allmulticast mode
[ 1218.714549][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1218.726493][   T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1218.741870][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1218.751321][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1218.763184][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1219.278532][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1219.307597][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1219.333736][   T13] bond0 (unregistering): (slave wlan1): Releasing backup interface
[ 1219.358912][   T13] bond0 (unregistering): Released all slaves
[ 1219.423141][   T10] syz0: Port: 1 Link DOWN
[ 1219.473689][ T5845] Bluetooth: hci0: command tx timeout
[ 1219.523333][   T13] : left promiscuous mode
[ 1219.673562][   T13] tipc: Disabling bearer <udp:syz0>
[ 1219.693457][   T13] tipc: Left network mode
[ 1220.833622][ T5845] Bluetooth: hci1: command tx timeout
[ 1221.201982][T31134] chnl_net:caif_netlink_parms(): no params data found
[ 1221.396336][   T13] : left promiscuous mode
[ 1221.418802][   T13] hsr_slave_1: left promiscuous mode
[ 1221.433943][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1221.441389][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1221.474253][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1221.481707][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1221.550413][   T13] veth1_macvtap: left promiscuous mode
[ 1221.556470][ T5845] Bluetooth: hci0: command tx timeout
[ 1221.571036][   T13] veth0_macvtap: left promiscuous mode
[ 1221.577382][   T13] veth1_vlan: left promiscuous mode
[ 1221.582839][   T13] veth0_vlan: left promiscuous mode
[ 1222.916178][ T5845] Bluetooth: hci1: command tx timeout
[ 1223.597552][   T13] team0 (unregistering): Port device team_slave_1 removed
[ 1223.633389][ T5845] Bluetooth: hci0: command tx timeout
[ 1223.787354][   T13] team0 (unregistering): Port device team_slave_0 removed
[ 1223.920928][ T2928] smc: removing ib device syz0
[ 1224.993653][ T5845] Bluetooth: hci1: command tx timeout
[ 1225.723067][ T5845] Bluetooth: hci0: command tx timeout
[ 1226.185940][T31134] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1226.203264][T31134] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1226.210629][T31134] bridge_slave_0: entered allmulticast mode
[ 1226.306256][T31134] bridge_slave_0: entered promiscuous mode
[ 1226.367868][T31134] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1226.376028][T31134] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1226.383854][T31134] bridge_slave_1: entered allmulticast mode
[ 1226.495504][T31134] bridge_slave_1: entered promiscuous mode
[ 1226.596242][T31140] chnl_net:caif_netlink_parms(): no params data found
[ 1226.730670][T31134] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1226.844240][T31134] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1227.074093][ T5845] Bluetooth: hci1: command tx timeout
[ 1227.373785][T31134] team0: Port device team_slave_0 added
[ 1227.595032][T31134] team0: Port device team_slave_1 added
[ 1228.009010][T31140] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1228.044159][T31140] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1228.051543][T31140] bridge_slave_0: entered allmulticast mode
[ 1228.115752][T31140] bridge_slave_0: entered promiscuous mode
[ 1228.149308][T31140] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1228.187508][T31140] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1228.213411][T31140] bridge_slave_1: entered allmulticast mode
[ 1228.274228][T31140] bridge_slave_1: entered promiscuous mode
[ 1228.446143][T31134] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1228.472995][T31134] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1228.567458][T31134] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1228.864118][T31134] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1228.871129][T31134] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1229.027136][T31134] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1229.247583][T31140] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1229.414244][T31140] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1230.041621][T31140] team0: Port device team_slave_0 added
[ 1230.069368][T31140] team0: Port device team_slave_1 added
[ 1230.411091][   T51] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1230.424963][   T51] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1230.437452][   T51] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1230.453235][   T51] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1230.467898][   T51] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1230.728470][T31134] hsr_slave_0: entered promiscuous mode
[ 1230.780747][T31134] hsr_slave_1: entered promiscuous mode
[ 1230.855607][T31134] debugfs: 'hsr0' already exists in 'hsr'
[ 1230.861409][T31134] Cannot create hsr debugfs directory
[ 1231.173985][T31140] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1231.182701][T31140] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1231.297283][T31140] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1231.499221][T31140] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1231.523092][T31140] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1231.633098][T31140] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1232.056436][   T13] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1232.506393][   T13] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1232.600013][ T5845] Bluetooth: hci6: command tx timeout
[ 1232.606863][T31140] hsr_slave_0: entered promiscuous mode
[ 1232.647101][T31140] hsr_slave_1: entered promiscuous mode
[ 1232.686383][T31140] debugfs: 'hsr0' already exists in 'hsr'
[ 1232.692193][T31140] Cannot create hsr debugfs directory
[ 1232.990943][   T13] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1233.313848][   T13] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1234.023922][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1234.038273][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1234.055650][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1234.073457][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1234.084721][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1234.673134][   T51] Bluetooth: hci6: command tx timeout
[ 1235.982420][   T13] bridge_slave_1: left allmulticast mode
[ 1235.997293][   T13] bridge_slave_1: left promiscuous mode
[ 1236.017071][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1236.078227][   T13] bridge_slave_0: left allmulticast mode
[ 1236.093052][   T13] bridge_slave_0: left promiscuous mode
[ 1236.098923][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1236.193107][   T51] Bluetooth: hci3: command tx timeout
[ 1236.773324][   T51] Bluetooth: hci6: command tx timeout
[ 1237.590731][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1237.613908][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1237.645077][   T13] bond0 (unregistering): Released all slaves
[ 1237.711686][T31226] chnl_net:caif_netlink_parms(): no params data found
[ 1238.273609][   T51] Bluetooth: hci3: command tx timeout
[ 1238.651113][   T13] hsr_slave_0: left promiscuous mode
[ 1238.685898][   T13] hsr_slave_1: left promiscuous mode
[ 1238.692474][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1238.723727][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1238.744031][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1238.751580][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1238.833220][   T51] Bluetooth: hci6: command tx timeout
[ 1238.833694][   T13] veth0_macvtap: left promiscuous mode
[ 1238.853266][   T13] veth1_vlan: left promiscuous mode
[ 1238.863675][   T13] veth0_vlan: left promiscuous mode
[ 1238.923604][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1240.353149][   T51] Bluetooth: hci3: command tx timeout
[ 1240.414770][   T13] team0 (unregistering): Port device team_slave_1 removed
[ 1240.604155][   T13] team0 (unregistering): Port device team_slave_0 removed
[ 1242.216320][T31226] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1242.253698][T31226] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1242.261275][T31226] bridge_slave_0: entered allmulticast mode
[ 1242.295361][T31226] bridge_slave_0: entered promiscuous mode
[ 1242.341374][T31276] chnl_net:caif_netlink_parms(): no params data found
[ 1242.433576][   T51] Bluetooth: hci3: command tx timeout
[ 1242.442611][T31226] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1242.473377][T31226] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1242.480836][T31226] bridge_slave_1: entered allmulticast mode
[ 1242.515579][T31226] bridge_slave_1: entered promiscuous mode
[ 1242.581935][T31134] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1242.601356][T31134] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1242.720800][T31140] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1242.894215][T31226] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1242.914291][T31134] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1242.937935][T31134] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1243.095002][T31140] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1243.146281][T31226] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1243.369260][T31140] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1243.516538][T31226] team0: Port device team_slave_0 added
[ 1243.645911][T31140] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1243.769437][T31226] team0: Port device team_slave_1 added
[ 1244.029463][   T13] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1244.168837][T31226] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1244.184400][T31226] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1244.243005][T31226] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1244.265436][T31276] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1244.272632][T31276] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1244.303565][T31276] bridge_slave_0: entered allmulticast mode
[ 1244.311511][T31276] bridge_slave_0: entered promiscuous mode
[ 1244.350686][T31276] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1244.363679][T31276] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1244.371091][T31276] bridge_slave_1: entered allmulticast mode
[ 1244.395708][T31276] bridge_slave_1: entered promiscuous mode
[ 1244.519769][   T13] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1244.565523][T31226] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1244.572526][T31226] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1244.642973][T31226] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1244.782414][   T13] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1244.901094][T31276] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1245.035454][   T13] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1245.124370][T31276] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1245.202796][T31226] hsr_slave_0: entered promiscuous mode
[ 1245.235729][T31226] hsr_slave_1: entered promiscuous mode
[ 1245.242313][T31226] debugfs: 'hsr0' already exists in 'hsr'
[ 1245.263001][T31226] Cannot create hsr debugfs directory
[ 1245.352722][T31276] team0: Port device team_slave_0 added
[ 1245.456763][T31276] team0: Port device team_slave_1 added
[ 1245.653566][T31276] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1245.660576][T31276] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1245.723091][T31276] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1245.854700][T31276] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1245.861712][T31276] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1245.921453][T31276] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1245.998252][T31140] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1246.030105][T31140] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1246.173399][T31140] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1246.208323][T31140] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1246.533802][T31276] hsr_slave_0: entered promiscuous mode
[ 1246.554438][T31276] hsr_slave_1: entered promiscuous mode
[ 1246.561201][T31276] debugfs: 'hsr0' already exists in 'hsr'
[ 1246.583093][T31276] Cannot create hsr debugfs directory
[ 1246.636817][   T13] bridge_slave_1: left allmulticast mode
[ 1246.651012][   T13] bridge_slave_1: left promiscuous mode
[ 1246.663464][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1246.690651][   T13] bridge_slave_0: left allmulticast mode
[ 1246.703463][   T13] bridge_slave_0: left promiscuous mode
[ 1246.709757][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1248.006369][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1248.026108][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1248.055556][   T13] bond0 (unregistering): Released all slaves
[ 1248.100023][T31134] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1249.011034][T31134] 8021q: adding VLAN 0 to HW filter on device team0
[ 1249.491510][T30283] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1249.498726][T30283] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1249.840021][   T13] hsr_slave_0: left promiscuous mode
[ 1249.875246][   T13] hsr_slave_1: left promiscuous mode
[ 1249.881958][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1249.903012][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1249.914820][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1249.922260][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1250.011671][   T13] veth1_macvtap: left promiscuous mode
[ 1250.030996][   T13] veth0_macvtap: left promiscuous mode
[ 1250.043586][   T13] veth1_vlan: left promiscuous mode
[ 1250.050965][   T13] veth0_vlan: left promiscuous mode
[ 1251.694859][   T13] team0 (unregistering): Port device team_slave_1 removed
[ 1251.890404][   T13] team0 (unregistering): Port device team_slave_0 removed
[ 1253.765614][T30283] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1253.772868][T30283] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1254.294504][T31134] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1254.502701][T31140] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1254.659759][T31226] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1255.091415][T31140] 8021q: adding VLAN 0 to HW filter on device team0
[ 1255.122484][T31226] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1255.154021][T31226] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1255.186943][T24718] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1255.194279][T24718] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1255.479112][T31226] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1255.732189][ T2982] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1255.739454][ T2982] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1256.045283][T31134] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1256.228157][T31140] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1256.638832][T31276] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1256.679283][T31276] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1256.747982][T31276] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1256.785417][T31276] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1257.027388][T31226] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1257.089683][T31140] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1257.163684][T31226] 8021q: adding VLAN 0 to HW filter on device team0
[ 1257.308911][ T2982] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1257.316140][ T2982] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1257.378709][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1257.385936][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1257.477093][T31134] veth0_vlan: entered promiscuous mode
[ 1257.556651][T31134] veth1_vlan: entered promiscuous mode
[ 1257.644879][T31276] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1257.731161][T31226] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1257.832000][T31276] 8021q: adding VLAN 0 to HW filter on device team0
[ 1257.880420][T31134] veth0_macvtap: entered promiscuous mode
[ 1257.969146][T24718] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1257.976402][T24718] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1258.036142][T31134] veth1_macvtap: entered promiscuous mode
[ 1258.110670][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1258.117932][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1258.232395][T31134] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1258.366918][T31134] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1258.471157][T31140] veth0_vlan: entered promiscuous mode
[ 1258.506923][   T36] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1258.569391][   T36] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1258.593593][   T36] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1258.602373][   T36] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1258.678989][T31140] veth1_vlan: entered promiscuous mode
[ 1258.862649][T31226] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1258.916262][T31140] veth0_macvtap: entered promiscuous mode
[ 1259.007239][T31140] veth1_macvtap: entered promiscuous mode
[ 1259.054111][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1259.061994][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1259.210755][T31140] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1259.299244][T30283] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1259.318892][T31140] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1259.333114][T30283] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1259.405875][T30283] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1259.423861][T30283] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1259.471441][T30283] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1259.493903][T30283] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1259.525602][T31226] veth0_vlan: entered promiscuous mode
[ 1259.587680][T31370] binder: 31369:31370 ioctl c0306201 0 returned -14
[ 1259.600912][T31276] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1259.626957][T31226] veth1_vlan: entered promiscuous mode
[ 1260.020646][T31226] veth0_macvtap: entered promiscuous mode
[ 1260.059686][T31276] veth0_vlan: entered promiscuous mode
[ 1260.081971][T24718] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1260.110249][T24718] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1260.162877][T31226] veth1_macvtap: entered promiscuous mode
[ 1260.239753][T31276] veth1_vlan: entered promiscuous mode
[ 1260.315132][T30283] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1260.338787][T31226] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1260.346170][T30283] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1260.417234][T31226] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1260.467526][T31376] binder: 31375:31376 ioctl c0306201 2000000001c0 returned -14
[ 1260.479532][T31276] veth0_macvtap: entered promiscuous mode
[ 1260.544192][T24718] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1260.583923][T24718] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1260.632514][T31276] veth1_macvtap: entered promiscuous mode
[ 1260.665731][T24718] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1260.697495][T24718] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1260.851790][T31276] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1260.911698][T31276] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1260.984177][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1261.001172][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1261.072157][ T2982] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1261.112047][ T2982] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1261.166015][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1261.210632][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1261.426045][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1261.463060][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1261.470652][T31388] binder: 31387:31388 ioctl c0306201 0 returned -14
[ 1261.625321][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1261.686617][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1261.836044][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1261.876366][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1263.104719][ T5912] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[ 1263.276969][ T5912] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1263.307675][ T5912] usb 7-1: New USB device found, idVendor=044f, idProduct=b300, bcdDevice= 0.00
[ 1263.349440][ T5912] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1263.408180][ T5912] usb 7-1: config 0 descriptor??
[ 1263.592196][T31430] binder: 31429:31430 ioctl c0306201 0 returned -14
[ 1263.870736][ T5912] thrustmaster 0003:044F:B300.005F: unknown main item tag 0x0
[ 1263.901330][ T5912] thrustmaster 0003:044F:B300.005F: unknown main item tag 0x0
[ 1263.910628][ T5912] thrustmaster 0003:044F:B300.005F: unknown main item tag 0x0
[ 1263.918432][ T5912] thrustmaster 0003:044F:B300.005F: unknown main item tag 0x0
[ 1263.927886][ T5912] thrustmaster 0003:044F:B300.005F: unknown main item tag 0x0
[ 1263.955276][ T5912] thrustmaster 0003:044F:B300.005F: unknown main item tag 0x0
[ 1263.983657][ T5870] usb 1-1: new high-speed USB device number 71 using dummy_hcd
[ 1263.991472][ T5912] thrustmaster 0003:044F:B300.005F: unknown main item tag 0x0
[ 1264.015747][ T5912] thrustmaster 0003:044F:B300.005F: hidraw0: USB HID v0.2f Device [HID 044f:b300] on usb-dummy_hcd.6-1/input0
[ 1264.102582][ T5912] thrustmaster 0003:044F:B300.005F: no inputs found
[ 1264.158458][ T5912] usb 7-1: USB disconnect, device number 30
[ 1264.173462][ T5870] usb 1-1: Using ep0 maxpacket: 32
[ 1264.193857][ T5870] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[ 1264.225729][ T5870] usb 1-1: config 0 has no interface number 0
[ 1264.271209][ T5870] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1264.291382][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1264.306740][ T5870] usb 1-1: Product: syz
[ 1264.310980][ T5870] usb 1-1: Manufacturer: syz
[ 1264.339372][ T5870] usb 1-1: SerialNumber: syz
[ 1264.369488][ T5870] usb 1-1: config 0 descriptor??
[ 1264.411694][ T5870] smsc95xx v2.0.0
[ 1264.420023][T31443] fido_id[31443]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[ 1265.021494][ T5870] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[ 1265.075742][ T5870] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1265.104832][ T5870] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1265.137623][ T5870] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[ 1265.196846][ T5870] usb 1-1: USB disconnect, device number 71
[ 1265.397911][T15528] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[ 1265.573968][T15528] usb 7-1: Using ep0 maxpacket: 32
[ 1265.609993][T15528] usb 7-1: config 0 has an invalid interface number: 184 but max is 0
[ 1265.643224][T15528] usb 7-1: config 0 has no interface number 0
[ 1265.679200][T15528] usb 7-1: config 0 interface 184 has no altsetting 0
[ 1265.722744][T15528] usb 7-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1265.753436][T15528] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1265.765777][T15528] usb 7-1: Product: syz
[ 1265.770013][T15528] usb 7-1: Manufacturer: syz
[ 1265.825012][T15528] usb 7-1: SerialNumber: syz
[ 1265.854486][T15528] usb 7-1: config 0 descriptor??
[ 1265.905614][T15528] smsc75xx v1.0.0
[ 1266.523570][T15528] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[ 1266.565273][T15528] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1267.149306][T31513] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1267.431608][T15528] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1267.470827][T15528] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[ 1267.512426][T15528] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1267.528382][T15528] smsc75xx 7-1:0.184: probe with driver smsc75xx failed with error -71
[ 1267.576921][T15528] usb 7-1: USB disconnect, device number 31
[ 1269.578558][T31577] binder: 31575:31577 ioctl c0306201 0 returned -14
[ 1269.983290][   T43] usb 1-1: new high-speed USB device number 72 using dummy_hcd
[ 1270.184378][   T43] usb 1-1: Using ep0 maxpacket: 32
[ 1270.215120][   T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1270.258578][   T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1270.321035][   T43] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 1270.384370][   T43] usb 1-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[ 1270.420181][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1270.469070][   T43] usb 1-1: config 0 descriptor??
[ 1271.043257][   T43] input: HID 0458:5011 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5011.0060/input/input89
[ 1271.256690][   T43] input: HID 0458:5011 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5011.0060/input/input90
[ 1271.598331][T31618] binder: 31616:31618 ioctl c0306201 0 returned -14
[ 1271.694822][   T43] kye 0003:0458:5011.0060: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.0-1/input0
[ 1271.809931][   T43] usb 1-1: USB disconnect, device number 72
[ 1272.140815][T31624] fido_id[31624]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory
[ 1272.513229][   T43] usb 1-1: new high-speed USB device number 73 using dummy_hcd
[ 1272.725082][   T43] usb 1-1: Using ep0 maxpacket: 16
[ 1272.745126][   T43] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[ 1272.773133][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1272.803884][   T43] usb 1-1: config 0 descriptor??
[ 1272.850196][   T43] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[ 1272.883050][ T5951] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[ 1273.029621][   T43] usb 1-1: Detected FT232A
[ 1273.055028][   T43] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1273.068648][ T5951] usb 7-1: Using ep0 maxpacket: 32
[ 1273.090742][ T5951] usb 7-1: config 0 has an invalid interface number: 67 but max is 0
[ 1273.119465][ T5951] usb 7-1: config 0 has no interface number 0
[ 1273.149148][ T5951] usb 7-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1273.198863][ T5951] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1273.225774][ T5951] usb 7-1: Product: syz
[ 1273.240266][ T5951] usb 7-1: Manufacturer: syz
[ 1273.242361][ T5870] usb 1-1: USB disconnect, device number 73
[ 1273.260588][ T5951] usb 7-1: SerialNumber: syz
[ 1273.297192][ T5870] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1273.314802][ T5951] usb 7-1: config 0 descriptor??
[ 1273.336986][ T5951] smsc95xx v2.0.0
[ 1273.347242][ T5870] ftdi_sio 1-1:0.0: device disconnected
[ 1273.643557][T15562] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[ 1273.743913][ T5951] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1273.772296][ T5951] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1273.849986][T15562] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1273.908657][T15562] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1273.942621][T15562] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1273.971598][T15562] usb 3-1: Product: syz
[ 1273.976416][T15562] usb 3-1: Manufacturer: syz
[ 1273.993250][T15562] usb 3-1: SerialNumber: syz
[ 1274.200353][T31676] binder: 31675:31676 ioctl c0306201 0 returned -14
[ 1274.425832][ T5951] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000104: -71
[ 1274.440991][ T5951] smsc95xx 7-1:0.67: probe with driver smsc95xx failed with error -71
[ 1274.516137][ T5951] usb 7-1: USB disconnect, device number 32
[ 1275.043116][T15562] cdc_ncm 3-1:1.0: bind() failure
[ 1275.054641][T15562] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[ 1275.061521][T15562] cdc_ncm 3-1:1.1: bind() failure
[ 1275.255519][T15562] usb 3-1: USB disconnect, device number 8
[ 1275.290622][T31697] input: syz1 as /devices/virtual/input/input91
[ 1275.669205][T31710] binder: 31708:31710 ioctl c0306201 0 returned -14
[ 1276.745618][T15562] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[ 1276.914828][T15562] usb 3-1: config 0 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1276.957101][T15562] usb 3-1: config 0 interface 0 altsetting 64 endpoint 0x2 has an invalid bInterval 244, changing to 11
[ 1277.009248][T15562] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1277.039729][T15562] usb 3-1: New USB device found, idVendor=172f, idProduct=0034, bcdDevice= 0.00
[ 1277.081206][T15562] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1277.148535][T15562] usb 3-1: config 0 descriptor??
[ 1277.468062][T31756] binder: 31753:31756 ioctl c0306201 0 returned -14
[ 1277.620715][T15562] waltop 0003:172F:0034.0061: hidraw0: USB HID v4.f9 Device [HID 172f:0034] on usb-dummy_hcd.2-1/input0
[ 1277.822487][   T43] usb 3-1: USB disconnect, device number 9
[ 1277.972255][T31765] fido_id[31765]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[ 1278.223279][T31773] binder: 31771:31773 ioctl c0306201 0 returned -14
[ 1279.983308][T31822] binder: 31821:31822 ioctl c0306201 0 returned -14
[ 1281.079226][   T30] audit: type=1326 audit(2000000174.411:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31841 comm="syz.2.7956" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f110d18e9a9 code=0x0
[ 1281.288143][T31850] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1281.663632][T31862] binder: 31861:31862 ioctl c0306201 0 returned -14
[ 1282.263136][   T43] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[ 1282.434823][   T43] usb 3-1: Using ep0 maxpacket: 32
[ 1282.453596][   T43] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[ 1282.486778][   T43] usb 3-1: config 0 has no interface number 0
[ 1282.509044][   T43] usb 3-1: config 0 interface 184 has no altsetting 0
[ 1282.538566][   T43] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1282.555706][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1282.587836][   T43] usb 3-1: Product: syz
[ 1282.626398][   T43] usb 3-1: Manufacturer: syz
[ 1282.633387][   T43] usb 3-1: SerialNumber: syz
[ 1282.659522][   T43] usb 3-1: config 0 descriptor??
[ 1282.709917][   T43] smsc75xx v1.0.0
[ 1283.534730][   T43] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[ 1283.576391][   T43] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[ 1283.620094][   T43] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1283.673457][   T43] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[ 1283.699027][   T43] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[ 1283.767588][   T43] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1283.818237][   T43] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71
[ 1283.877973][   T43] usb 3-1: USB disconnect, device number 10
[ 1284.805360][   T30] audit: type=1326 audit(2000000178.141:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31912 comm="syz.0.7971" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8abbd8e9a9 code=0x0
[ 1284.876397][   T30] audit: type=1800 audit(2000000178.171:778): pid=31866 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.7962" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1285.088928][T31922] binder: 31921:31922 ioctl c0306201 0 returned -14
[ 1286.879611][T31964] binder: 31963:31964 ioctl c0306201 0 returned -14
[ 1287.432066][T31980] binder: 31979:31980 ioctl c0306201 0 returned -14
[ 1287.525793][   T30] audit: type=1326 audit(2000000180.861:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31981 comm="syz.6.7989" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1e0958e9a9 code=0x0
[ 1287.651895][T31985] binder: 31984:31985 unknown command 0
[ 1287.672387][T31985] binder: 31984:31985 ioctl c0306201 200000000300 returned -22
[ 1287.704151][ T5870] usb 1-1: new high-speed USB device number 74 using dummy_hcd
[ 1287.876654][ T5870] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1287.912477][ T5870] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1287.935243][ T5870] usb 1-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[ 1287.972607][ T5870] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1288.007980][ T5870] usb 1-1: config 0 descriptor??
[ 1288.965504][ T5870] usbhid 1-1:0.0: can't add hid device: -71
[ 1288.999745][ T5870] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1289.042369][ T5870] usb 1-1: USB disconnect, device number 74
[ 1290.484502][T32039] binder: 32038:32039 ioctl c0306201 0 returned -14
[ 1290.953520][T15528] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[ 1291.157969][T15528] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1291.212482][T15528] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1291.289777][T15528] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1291.323145][T15528] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1291.372288][T15528] usb 7-1: SerialNumber: syz
[ 1291.618853][T15528] usb 7-1: 0:2 : does not exist
[ 1291.710179][T15528] usb 7-1: USB disconnect, device number 33
[ 1291.805029][T31444] udevd[31444]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1291.949111][T32060] overlay: filesystem on ./bus not supported as upperdir
[ 1292.603182][ T5951] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[ 1292.773051][ T5951] usb 7-1: Using ep0 maxpacket: 32
[ 1292.789642][ T5951] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1292.813176][ T5951] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1292.851863][ T5951] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1292.889689][ T5951] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1292.962745][ T5951] usb 7-1: config 0 descriptor??
[ 1293.021884][ T5951] hub 7-1:0.0: USB hub found
[ 1293.222164][ T5951] hub 7-1:0.0: 1 port detected
[ 1293.316292][T32088] binder: 32087:32088 ioctl c0306201 0 returned -14
[ 1293.838595][ T5951] hub 7-1:0.0: activate --> -90
[ 1293.915539][ T5870] usb 1-1: new high-speed USB device number 75 using dummy_hcd
[ 1294.073054][ T5870] usb 1-1: Using ep0 maxpacket: 32
[ 1294.101696][ T5870] usb 1-1: config 0 interface 0 altsetting 182 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1294.132457][ T5870] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1294.149724][ T5870] usb 1-1: New USB device found, idVendor=046d, idProduct=c532, bcdDevice= 0.00
[ 1294.191700][ T5870] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1294.241883][   T43] usb 7-1: USB disconnect, device number 34
[ 1294.252449][ T5870] usb 1-1: config 0 descriptor??
[ 1294.553143][ T5951] usb 7-1-port1: config error
[ 1294.728226][ T5870] logitech-djreceiver 0003:046D:C532.0062: item fetching failed at offset 0/2
[ 1294.771067][ T5870] logitech-djreceiver 0003:046D:C532.0062: logi_dj_probe: parse failed
[ 1294.813035][ T5870] logitech-djreceiver 0003:046D:C532.0062: probe with driver logitech-djreceiver failed with error -22
[ 1294.933560][ T5870] usb 1-1: USB disconnect, device number 75
[ 1295.916350][T32129] fuse: root generation should be zero
[ 1296.124403][T32135] binder: 32134:32135 ioctl c0306201 0 returned -14
[ 1297.583928][T32175] fuse: Bad value for 'fd'
[ 1297.670865][T32177] binder: 32176:32177 ioctl c0306201 0 returned -14
[ 1297.888185][T32160] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1297.917474][T32160] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1297.936003][T32160] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1297.956612][T32160] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1298.005282][T32160] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1298.041981][T32160] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1298.068662][T32160] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1298.103166][T32160] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1298.134411][T32160] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1298.153224][T32160] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1298.191593][T32160] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1298.225658][T32160] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1298.245307][T32160] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1298.291006][T32160] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1298.312217][T32160] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1298.333146][T32160] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1298.359041][T32160] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1299.243561][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1299.248201][T32213] netlink: 2 bytes leftover after parsing attributes in process `syz.5.8052'.
[ 1299.355789][T32215] binder: 32214:32215 ioctl c0306201 0 returned -14
[ 1299.953144][ T5845] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1299.961421][ T5845] Bluetooth: hci5: command 0x0405 tx timeout
[ 1300.090978][T20855] usb 1-1: new high-speed USB device number 76 using dummy_hcd
[ 1300.114952][T32237] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1300.155612][T32242] binder: 32241:32242 ioctl 4018620d 0 returned -22
[ 1300.194365][T32237] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1300.273046][T32237] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1300.283918][T20855] usb 1-1: Using ep0 maxpacket: 16
[ 1300.301930][T20855] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1300.340388][T20855] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1300.357001][T32237] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1300.364209][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.373940][T20855] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1300.381986][T20855] usb 1-1: SerialNumber: syz
[ 1300.452083][T20855] hub 1-1:1.0: bad descriptor, ignoring hub
[ 1300.483140][T20855] hub 1-1:1.0: probe with driver hub failed with error -5
[ 1300.514530][T32246] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1301.015781][ T5951] usb 1-1: reset high-speed USB device number 76 using dummy_hcd
[ 1301.212032][ T5951] usb 1-1: device firmware changed
[ 1301.263324][ T5951] usb 1-1: USB disconnect, device number 76
[ 1301.303186][ T5912] usb 3-1: new low-speed USB device number 11 using dummy_hcd
[ 1301.495112][ T5912] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1301.536010][ T5912] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1301.557259][ T5912] usb 3-1: config 0 descriptor??
[ 1301.613351][ T5951] usb 1-1: new high-speed USB device number 77 using dummy_hcd
[ 1301.823432][ T5951] usb 1-1: Using ep0 maxpacket: 16
[ 1301.850549][ T5951] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1301.902591][ T5951] usb 1-1: string descriptor 0 read error: -22
[ 1301.914967][ T5951] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1301.938745][ T5951] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1301.953337][T32237] Bluetooth: hci7: command 0x1003 tx timeout
[ 1301.960032][   T51] Bluetooth: hci7: Opcode 0x1003 failed: -110
[ 1301.983060][ T5951] hub 1-1:1.0: bad descriptor, ignoring hub
[ 1301.989061][ T5951] hub 1-1:1.0: probe with driver hub failed with error -5
[ 1302.033537][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1302.193661][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1302.273439][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1302.293465][ T5951] usb 1-1: USB disconnect, device number 77
[ 1302.311421][T32273] binder: 32272:32273 ioctl c0306201 0 returned -14
[ 1302.353053][   T51] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1302.440214][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1302.822389][ T5912] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1302.861315][ T5912] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1302.920878][ T5912] asix 3-1:0.0: probe with driver asix failed with error -71
[ 1302.988272][ T5912] usb 3-1: USB disconnect, device number 11
[ 1303.163112][T20855] usb 6-1: new high-speed USB device number 59 using dummy_hcd
[ 1303.371467][T20855] usb 6-1: config 0 has an invalid interface number: 16 but max is 0
[ 1303.401100][T20855] usb 6-1: config 0 has no interface number 0
[ 1303.424696][T20855] usb 6-1: config 0 interface 16 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1303.476504][T20855] usb 6-1: config 0 interface 16 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1303.536721][T20855] usb 6-1: config 0 interface 16 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1303.604070][T20855] usb 6-1: New USB device found, idVendor=28bd, idProduct=0905, bcdDevice= 0.00
[ 1303.650804][T20855] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1303.706394][T20855] usb 6-1: config 0 descriptor??
[ 1304.113197][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1304.167893][T20855] uclogic 0003:28BD:0905.0063: interface is invalid, ignoring
[ 1304.273212][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1304.353511][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1304.369076][T20855] usb 6-1: USB disconnect, device number 59
[ 1304.433357][   T51] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1304.516069][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1304.540678][T32324] binder: 32323:32324 ioctl c0306201 0 returned -14
[ 1304.928989][T32314] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1304.944482][T32314] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1304.950654][T32314] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1304.977785][T32314] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1305.010885][T32314] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1305.069178][T32314] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1305.105932][T32314] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1305.285282][T32336] binder: BINDER_SET_CONTEXT_MGR already set
[ 1305.291336][T32336] binder: 32335:32336 ioctl 4018620d 2000000002c0 returned -16
[ 1305.405058][T32343] binder: BINDER_SET_CONTEXT_MGR already set
[ 1305.433049][T32343] binder: 32339:32343 ioctl 40046207 0 returned -16
[ 1305.983149][ T5912] usb 1-1: new high-speed USB device number 78 using dummy_hcd
[ 1306.191806][ T5912] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1306.230491][ T5912] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1306.273235][T32237] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1306.280886][ T5912] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1306.318418][ T5912] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1306.372965][ T5912] usb 1-1: SerialNumber: syz
[ 1306.617362][ T5912] usb 1-1: 0:2 : does not exist
[ 1306.629171][T32369] binder: 32368:32369 ioctl c0306201 0 returned -14
[ 1306.700091][ T5912] usb 1-1: USB disconnect, device number 78
[ 1306.854243][T31444] udevd[31444]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1306.996039][T32237] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1307.002141][T32237] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1307.008384][   T51] Bluetooth: hci5: command 0x0405 tx timeout
[ 1307.073357][T25318] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1307.079656][T32237] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1307.153462][T25318] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1307.255472][  T982] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[ 1307.498207][  T982] usb 3-1: Using ep0 maxpacket: 32
[ 1307.523293][  T982] usb 3-1: config 0 has an invalid interface number: 230 but max is 0
[ 1307.546630][  T982] usb 3-1: config 0 has no interface number 0
[ 1307.558325][  T982] usb 3-1: config 0 interface 230 has no altsetting 0
[ 1307.609726][  T982] usb 3-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[ 1307.654704][  T982] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1307.683027][  T982] usb 3-1: Product: syz
[ 1307.699692][  T982] usb 3-1: Manufacturer: syz
[ 1307.742317][  T982] usb 3-1: SerialNumber: syz
[ 1307.777835][  T982] usb 3-1: config 0 descriptor??
[ 1307.825926][  T982] ums-usbat 3-1:0.230: USB Mass Storage device detected
[ 1307.869660][  T982] ums-usbat 3-1:0.230: Quirks match for vid 0781 pid 0005: 1
[ 1310.147764][  T982] ums-usbat 3-1:0.230: probe with driver ums-usbat failed with error -5
[ 1311.383522][T20855] usb 3-1: USB disconnect, device number 12
[ 1311.863165][T20855] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[ 1312.084828][T20855] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1312.094532][T20855] usb 3-1: config 0 has an invalid interface number: 150 but max is 0
[ 1312.102745][T20855] usb 3-1: config 0 has no interface number 0
[ 1312.138551][T20855] usb 3-1: config 0 interface 150 has no altsetting 0
[ 1312.176656][T20855] usb 3-1: New USB device found, idVendor=2863, idProduct=bc94, bcdDevice=ba.24
[ 1312.196578][T20855] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1312.217634][T20855] usb 3-1: Product: syz
[ 1312.221871][T20855] usb 3-1: Manufacturer: syz
[ 1312.242981][T20855] usb 3-1: SerialNumber: syz
[ 1312.264024][T20855] usb 3-1: config 0 descriptor??
[ 1312.499313][T20855] usb-storage 3-1:0.150: USB Mass Storage device detected
[ 1312.624396][T20855] usb 3-1: USB disconnect, device number 13
[ 1316.453107][T32421] binder: 32420:32421 ioctl c0306201 0 returned -14
[ 1317.332979][T15528] usb 6-1: new full-speed USB device number 60 using dummy_hcd
[ 1317.514157][T15528] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1317.556770][T15528] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[ 1317.634945][T15528] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1317.672929][T15528] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1317.711670][T15528] usb 6-1: SerialNumber: syz
[ 1317.753217][T15528] cdc_acm 6-1:1.0: Control and data interfaces are not separated!
[ 1317.795611][T15528] cdc_acm 6-1:1.0: This needs exactly 3 endpoints
[ 1317.824379][T15528] cdc_acm 6-1:1.0: probe with driver cdc_acm failed with error -22
[ 1317.860779][T32456] 9pnet_fd: p9_fd_create_unix (32456): problem connecting socket: ./file0: -5
[ 1317.981453][T20855] usb 6-1: USB disconnect, device number 60
[ 1318.322164][T32468] binder: 32467:32468 ioctl c0306201 0 returned -14
[ 1318.498440][T32472] netlink: 56 bytes leftover after parsing attributes in process `syz.6.8112'.
[ 1318.631902][T32477] overlayfs: conflicting lowerdir path
[ 1318.706004][T32478] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[ 1318.736952][T32480] netlink: 56 bytes leftover after parsing attributes in process `syz.5.8122'.
[ 1320.506473][T32529] overlayfs: conflicting lowerdir path
[ 1320.554521][T32529] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[ 1321.023073][  T982] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[ 1321.213648][  T982] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1321.255649][  T982] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1321.313139][  T982] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1321.340294][  T982] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1321.379242][  T982] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1321.434886][  T982] usb 3-1: config 0 descriptor??
[ 1322.082272][  T982] usb 3-1: string descriptor 0 read error: -71
[ 1322.126061][  T982] uclogic 0003:256C:006D.0064: failed retrieving string descriptor #200: -71
[ 1322.145540][  T982] uclogic 0003:256C:006D.0064: failed retrieving pen parameters: -71
[ 1322.167359][  T982] uclogic 0003:256C:006D.0064: failed probing pen v2 parameters: -71
[ 1322.215292][  T982] uclogic 0003:256C:006D.0064: failed probing parameters: -71
[ 1322.243029][  T982] uclogic 0003:256C:006D.0064: probe with driver uclogic failed with error -71
[ 1322.311872][  T982] usb 3-1: USB disconnect, device number 14
[ 1325.259186][T32602] binder: 32601:32602 ioctl c0306201 2000000001c0 returned -14
[ 1332.413086][   T43] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[ 1332.594010][   T43] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1332.634425][   T43] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1332.673287][   T43] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1332.742985][   T43] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1332.803020][   T43] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1332.842844][   T43] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1332.859100][T32654] binder: 32653:32654 ioctl c0306201 0 returned -14
[ 1332.900397][   T43] usb 7-1: config 0 descriptor??
[ 1333.008609][T24718] Bluetooth: hci7: Frame reassembly failed (-84)
[ 1333.341697][   T43] plantronics 0003:047F:FFFF.0065: ignoring exceeding usage max
[ 1333.422806][   T43] plantronics 0003:047F:FFFF.0065: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[ 1334.585731][T32690] overlayfs: failed to clone upperpath
[ 1335.073320][T25318] Bluetooth: hci7: Opcode 0x1003 failed: -110
[ 1335.074626][T32237] Bluetooth: hci7: command 0x1003 tx timeout
[ 1335.423361][T32707] binder: 32706:32707 ioctl c0306201 0 returned -14
[ 1335.453988][T15528] usb 7-1: USB disconnect, device number 35
[ 1336.245644][T32732] overlayfs: failed to clone upperpath
[ 1337.164016][T32757] netlink: 'syz.5.8190': attribute type 16 has an invalid length.
[ 1340.844903][  T346] binder: 345:346 ioctl c0306201 0 returned -14
[ 1341.798615][ T5912] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[ 1342.035637][ T5912] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1342.053262][ T5912] usb 3-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00
[ 1342.062381][ T5912] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1342.121996][ T5912] usb 3-1: config 0 descriptor??
[ 1342.614717][ T5912] uclogic 0003:145F:0212.0066: interface is invalid, ignoring
[ 1343.364797][T15562] usb 3-1: USB disconnect, device number 15
[ 1343.629143][  T371] /dev/rnullb0: Can't lookup blockdev
[ 1344.042979][T15528] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1344.215325][T15528] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1344.252649][T15528] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1344.273415][T15528] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1344.303152][T15528] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1344.322554][T15528] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1344.362328][T15528] usb 3-1: config 0 descriptor??
[ 1345.013063][T15528] usb 3-1: string descriptor 0 read error: -22
[ 1345.425796][T15528] input: HID 256c:006d as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0067/input/input93
[ 1345.580318][T15528] uclogic 0003:256C:006D.0067: input,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[ 1345.648253][T15528] usb 3-1: USB disconnect, device number 16
[ 1345.842837][  T374] fido_id[374]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[ 1347.683423][T20855] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[ 1347.873241][T20855] usb 3-1: Using ep0 maxpacket: 32
[ 1347.884638][T20855] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1347.934561][T20855] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[ 1347.943842][T20855] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1347.951870][T20855] usb 3-1: Product: syz
[ 1347.992954][T20855] usb 3-1: Manufacturer: syz
[ 1347.997641][T20855] usb 3-1: SerialNumber: syz
[ 1348.020794][T20855] usb 3-1: config 0 descriptor??
[ 1348.045142][T20855] cdc_ether 3-1:0.0: skipping garbage
[ 1348.050611][T20855] usb 3-1: bad CDC descriptors
[ 1348.078497][T20855] usb 3-1: unsupported MDLM descriptors
[ 1348.383130][  T392] nbd0: detected capacity change from 0 to 127
[ 1348.404467][T25318] block nbd0: Receive control failed (result -32)
[ 1348.405878][T20855] usb 3-1: USB disconnect, device number 17
[ 1348.427982][T32608] block nbd0: Dead connection, failed to find a fallback
[ 1348.436769][T32608] block nbd0: shutting down sockets
[ 1348.444466][T32608] blk_print_req_error: 10 callbacks suppressed
[ 1348.444484][T32608] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.462526][T32608] buffer_io_error: 10 callbacks suppressed
[ 1348.462543][T32608] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1348.477057][T32608] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.486508][T32608] Buffer I/O error on dev nbd0, logical block 1, async page read
[ 1348.494882][T32608] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.504373][T32608] Buffer I/O error on dev nbd0, logical block 2, async page read
[ 1348.512443][T32608] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.543250][T32608] Buffer I/O error on dev nbd0, logical block 3, async page read
[ 1348.551478][T32608] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.582959][T32608] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1348.608809][T32608] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.642531][T32608] Buffer I/O error on dev nbd0, logical block 1, async page read
[ 1348.691590][T32608] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.707586][T32608] Buffer I/O error on dev nbd0, logical block 2, async page read
[ 1348.753527][T32608] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.773595][T32608] Buffer I/O error on dev nbd0, logical block 3, async page read
[ 1348.793207][T32608] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.812632][T32608] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1348.833306][T32608] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.852993][T32608] Buffer I/O error on dev nbd0, logical block 1, async page read
[ 1348.887382][T32608] ldm_validate_partition_table(): Disk read failed.
[ 1348.905596][T32608] Dev nbd0: unable to read RDB block 0
[ 1348.930381][T32608]  nbd0: unable to read partition table
[ 1349.014249][T32608] ldm_validate_partition_table(): Disk read failed.
[ 1349.034164][T32608] Dev nbd0: unable to read RDB block 0
[ 1349.076268][T32608]  nbd0: unable to read partition table
[ 1350.223329][T20855] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[ 1350.383126][T15562] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[ 1350.433335][T20855] usb 1-1: Using ep0 maxpacket: 16
[ 1350.454176][T20855] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1350.462243][T20855] usb 1-1: config 0 has no interface number 0
[ 1350.509038][T20855] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1350.551111][T20855] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1350.583556][T15562] usb 7-1: Using ep0 maxpacket: 16
[ 1350.599323][T20855] usb 1-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1350.610740][T15562] usb 7-1: config 53 has an invalid interface number: 240 but max is 0
[ 1350.633025][T15562] usb 7-1: config 53 has no interface number 0
[ 1350.639370][T15562] usb 7-1: config 53 interface 240 altsetting 0 has an endpoint descriptor with address 0xC2, changing to 0x82
[ 1350.661336][T20855] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1350.679442][T20855] usb 1-1: config 0 descriptor??
[ 1350.713242][T15562] usb 7-1: config 53 interface 240 altsetting 0 endpoint 0x82 has invalid maxpacket 33307, setting to 1024
[ 1350.745988][T15562] usb 7-1: config 53 interface 240 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1350.778870][T15562] usb 7-1: config 53 interface 240 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1350.833653][T15562] usb 7-1: New USB device found, idVendor=0bfd, idProduct=0106, bcdDevice=ec.89
[ 1350.865328][T15562] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1350.889784][T15562] usb 7-1: Product: syz
[ 1350.904099][T15562] usb 7-1: Manufacturer: syz
[ 1350.913591][   T31] INFO: task syz.7.7636:30422 blocked for more than 143 seconds.
[ 1350.921817][T15562] usb 7-1: SerialNumber: syz
[ 1350.929871][   T31]       Not tainted 6.16.0-rc6-next-20250718-syzkaller #0
[ 1350.955917][  T417] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1350.970536][   T31]       Blocked by coredump.
[ 1350.993584][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1351.015052][   T31] task:syz.7.7636      state:D stack:25096 pid:30422 tgid:30422 ppid:29604  task_flags:0x40044c flags:0x00004006
[ 1351.033197][ T5951] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[ 1351.062445][   T31] Call Trace:
[ 1351.070507][   T31]  <TASK>
[ 1351.078546][   T31]  __schedule+0x1737/0x4d30
[ 1351.093012][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1351.119400][   T31]  ? schedule+0x165/0x360
[ 1351.139020][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1351.158049][   T31]  ? __pfx___schedule+0x10/0x10
[ 1351.176707][   T31]  ? schedule+0x91/0x360
[ 1351.201289][   T31]  schedule+0x165/0x360
[ 1351.203032][ T5951] usb 3-1: Using ep0 maxpacket: 8
[ 1351.215993][  T417] Bluetooth: MGMT ver 1.23
[ 1351.225821][ T5951] usb 3-1: config 73 has too many interfaces: 109, using maximum allowed: 32
[ 1351.242541][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1351.243590][ T5951] usb 3-1: config 73 has an invalid descriptor of length 0, skipping remainder of the config
[ 1351.271317][   T31]  rwsem_down_read_slowpath+0x5fd/0x8f0
[ 1351.301695][   T31]  ? rwsem_down_read_slowpath+0x4b8/0x8f0
[ 1351.307195][ T5951] usb 3-1: config 73 has 1 interface, different from the descriptor's value: 109
[ 1351.327312][   T31]  ? __pfx_rwsem_down_read_slowpath+0x10/0x10
[ 1351.329967][T15562] kvaser_usb 7-1:53.240: error -ENODEV: Cannot get usb endpoint(s)
[ 1351.366443][   T31]  ? exit_mm+0xcc/0x2c0
[ 1351.370700][   T31]  ? __pfx_mm_release+0x10/0x10
[ 1351.373265][ T5951] usb 3-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5
[ 1351.411780][T15562] usb 7-1: USB disconnect, device number 36
[ 1351.417891][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1351.428197][ T5951] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1351.450247][   T31]  down_read+0x98/0x2e0
[ 1351.473099][   T31]  exit_mm+0xcc/0x2c0
[ 1351.493342][   T31]  ? __pfx_exit_mm+0x10/0x10
[ 1351.522924][   T31]  ? rcu_is_watching+0x15/0xb0
[ 1351.527788][   T31]  do_exit+0x648/0x2300
[ 1351.583009][   T31]  ? do_raw_spin_lock+0x121/0x290
[ 1351.588138][   T31]  ? __pfx_do_exit+0x10/0x10
[ 1351.602764][   T31]  ? cgroup_freezing+0x20/0x350
[ 1351.608196][   T31]  do_group_exit+0x21c/0x2d0
[ 1351.613214][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1351.618575][   T31]  get_signal+0x1286/0x1340
[ 1351.623946][   T31]  arch_do_signal_or_restart+0x9a/0x750
[ 1351.629562][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1351.636182][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[ 1351.641795][   T31]  exit_to_user_mode_loop+0x75/0x110
[ 1351.647733][   T31]  do_syscall_64+0x2bd/0x3b0
[ 1351.652388][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1351.657814][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1351.665131][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1351.669886][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1351.676825][   T31] RIP: 0033:0x7f263158e9e3
[ 1351.681318][   T31] RSP: 002b:00007ffe99262e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1351.689921][   T31] RAX: fffffffffffffffc RBX: 00007f262fbf76c0 RCX: 00007f263158e9e3
[ 1351.693905][ T5951] usb 3-1: string descriptor 0 read error: -71
[ 1351.717730][   T31] RDX: 0000000000000000 RSI: 0000000000021000 RDI: 0000000000000000
[ 1351.749250][   T31] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[ 1351.768678][ T5951] uvcvideo 3-1:73.0: probe with driver uvcvideo failed with error -22
[ 1351.777540][   T31] R10: 0000000000020022 R11: 0000000000000246 R12: 00007ffe99262ff0
[ 1351.824306][   T31] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
[ 1351.829414][ T5951] usb 3-1: USB disconnect, device number 18
[ 1351.883132][   T31]  </TASK>
[ 1351.891055][   T31] INFO: task syz.7.7636:30424 blocked for more than 144 seconds.
[ 1351.926039][   T31]       Not tainted 6.16.0-rc6-next-20250718-syzkaller #0
[ 1351.950520][   T31]       Blocked by coredump.
[ 1351.965597][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1351.994785][   T31] task:syz.7.7636      state:D stack:24168 pid:30424 tgid:30422 ppid:29604  task_flags:0x40054c flags:0x00004004
[ 1352.047810][   T31] Call Trace:
[ 1352.058934][   T31]  <TASK>
[ 1352.070264][   T31]  __schedule+0x1737/0x4d30
[ 1352.086472][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1352.101419][   T31]  ? schedule+0x165/0x360
[ 1352.121675][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1352.138464][   T31]  ? __pfx___schedule+0x10/0x10
[ 1352.155090][   T31]  ? schedule+0x91/0x360
[ 1352.168610][   T31]  schedule+0x165/0x360
[ 1352.182057][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1352.202437][   T31]  rwsem_down_read_slowpath+0x5fd/0x8f0
[ 1352.222932][   T31]  ? rwsem_down_read_slowpath+0x4b8/0x8f0
[ 1352.242358][   T31]  ? __pfx_rwsem_down_read_slowpath+0x10/0x10
[ 1352.258773][   T31]  ? exit_mm+0xcc/0x2c0
[ 1352.267918][   T31]  ? __pfx_mm_release+0x10/0x10
[ 1352.280304][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1352.292676][   T31]  down_read+0x98/0x2e0
[ 1352.303819][   T31]  exit_mm+0xcc/0x2c0
[ 1352.318649][   T31]  ? __pfx_exit_mm+0x10/0x10
[ 1352.333897][   T31]  ? rcu_is_watching+0x15/0xb0
[ 1352.353186][   T31]  do_exit+0x648/0x2300
[ 1352.357461][   T31]  ? do_raw_spin_lock+0x121/0x290
[ 1352.378465][   T31]  ? __pfx_do_exit+0x10/0x10
[ 1352.386707][   T31]  ? cgroup_freezing+0x20/0x350
[ 1352.397218][   T31]  do_group_exit+0x21c/0x2d0
[ 1352.407452][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1352.420160][   T31]  get_signal+0x1286/0x1340
[ 1352.437714][   T31]  arch_do_signal_or_restart+0x9a/0x750
[ 1352.451772][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1352.465237][   T31]  ? __fget_files+0x2a/0x420
[ 1352.482437][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[ 1352.507711][   T31]  exit_to_user_mode_loop+0x75/0x110
[ 1352.528545][   T31]  do_syscall_64+0x2bd/0x3b0
[ 1352.546105][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1352.561362][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1352.583096][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1352.606781][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1352.631646][   T31] RIP: 0033:0x7f263158e9a9
[ 1352.642725][   T31] RSP: 002b:00007f2632324038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1352.659428][   T31] RAX: fffffffffffffff2 RBX: 00007f26317b5fa0 RCX: 00007f263158e9a9
[ 1352.671618][   T31] RDX: 0000000000000000 RSI: 00000000c020aa08 RDI: 000000000000000b
[ 1352.695655][   T31] RBP: 00007f2631610d69 R08: 0000000000000000 R09: 0000000000000000
[ 1352.709710][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1352.721986][   T31] R13: 0000000000000000 R14: 00007f26317b5fa0 R15: 00007ffe99262ef8
[ 1352.762373][   T31]  </TASK>
[ 1352.773607][   T31] INFO: task syz.7.7636:30429 blocked for more than 145 seconds.
[ 1352.802032][   T31]       Not tainted 6.16.0-rc6-next-20250718-syzkaller #0
[ 1352.822798][   T31]       Blocked by coredump.
[ 1352.851047][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1352.884968][   T31] task:syz.7.7636      state:D stack:27208 pid:30429 tgid:30422 ppid:29604  task_flags:0x40044c flags:0x00004004
[ 1352.903314][   T31] Call Trace:
[ 1352.906743][   T31]  <TASK>
[ 1352.909792][   T31]  __schedule+0x1737/0x4d30
[ 1352.921931][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1352.928241][   T31]  ? schedule+0x165/0x360
[ 1352.943080][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1352.950145][   T31]  ? __pfx___schedule+0x10/0x10
[ 1352.965663][   T31]  ? schedule+0x91/0x360
[ 1352.970073][   T31]  schedule+0x165/0x360
[ 1353.008927][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1353.015592][   T31]  rwsem_down_read_slowpath+0x5fd/0x8f0
[ 1353.021207][   T31]  ? rwsem_down_read_slowpath+0x4b8/0x8f0
[ 1353.053154][   T31]  ? __pfx_rwsem_down_read_slowpath+0x10/0x10
[ 1353.059519][   T31]  ? exit_mm+0xcc/0x2c0
[ 1353.081601][   T31]  ? __pfx_mm_release+0x10/0x10
[ 1353.100445][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1353.121514][   T31]  down_read+0x98/0x2e0
[ 1353.143304][   T31]  exit_mm+0xcc/0x2c0
[ 1353.147481][   T31]  ? __pfx_exit_mm+0x10/0x10
[ 1353.152133][   T31]  ? rcu_is_watching+0x15/0xb0
[ 1353.178789][   T31]  do_exit+0x648/0x2300
[ 1353.193083][   T31]  ? do_raw_spin_lock+0x121/0x290
[ 1353.198230][   T31]  ? __pfx_do_exit+0x10/0x10
[ 1353.219002][   T31]  ? cgroup_freezing+0x20/0x350
[ 1353.240866][   T31]  do_group_exit+0x21c/0x2d0
[ 1353.253213][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1353.258513][   T31]  get_signal+0x1286/0x1340
[ 1353.273319][   T31]  arch_do_signal_or_restart+0x9a/0x750
[ 1353.279236][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1353.296591][   T31]  ? __fget_files+0x2a/0x420
[ 1353.301368][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[ 1353.311580][   T31]  exit_to_user_mode_loop+0x75/0x110
[ 1353.321176][   T31]  do_syscall_64+0x2bd/0x3b0
[ 1353.330752][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1353.349340][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1353.358402][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1353.369109][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1353.378217][   T31] RIP: 0033:0x7f263158e9a9
[ 1353.382764][   T31] RSP: 002b:00007f262f3d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1353.399605][   T31] RAX: fffffffffffffff2 RBX: 00007f26317b6160 RCX: 00007f263158e9a9
[ 1353.417533][   T31] RDX: 0000000000000000 RSI: 00000000c020aa08 RDI: 000000000000000b
[ 1353.427934][   T31] RBP: 00007f2631610d69 R08: 0000000000000000 R09: 0000000000000000
[ 1353.463030][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1353.485064][   T31] R13: 0000000000000000 R14: 00007f26317b6160 R15: 00007ffe99262ef8
[ 1353.516531][   T31]  </TASK>
[ 1353.531382][   T31] 
[ 1353.531382][   T31] Showing all locks held in the system:
[ 1353.613128][   T31] 1 lock held by khungtaskd/31:
[ 1353.654995][   T31]  #0: ffffffff8e53d8a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1353.668125][T20855] uclogic 0003:28BD:0071.0068: failed retrieving string descriptor #100: -71
[ 1353.693301][   T31] 2 locks held by getty/5607:
[ 1353.698070][   T31]  #0: ffff88814cea70a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1353.698887][T20855] uclogic 0003:28BD:0071.0068: failed retrieving pen parameters: -71
[ 1353.740784][T20855] uclogic 0003:28BD:0071.0068: pen probing failed: -71
[ 1353.749029][   T31]  #1: ffffc900036ce2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[ 1353.759304][T20855] uclogic 0003:28BD:0071.0068: failed probing parameters: -71
[ 1353.759436][T20855] uclogic 0003:28BD:0071.0068: probe with driver uclogic failed with error -71
[ 1353.797294][T20855] usb 1-1: USB disconnect, device number 79
[ 1353.849468][   T31] 4 locks held by kworker/1:5/20855:
[ 1353.878726][   T31]  #0: ffff888021eb9548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1353.932979][   T31]  #1: ffffc90002ea7bc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1353.983165][   T31]  #2: ffff88802813f198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a20
[ 1353.992192][   T31]  #3: ffff8880b8739f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[ 1354.013085][   T31] 1 lock held by syz.7.7636/30422:
[ 1354.018360][   T31]  #0: ffff88806fac4d20 (&mm->mmap_lock){++++}-{4:4}, at: exit_mm+0xcc/0x2c0
[ 1354.048966][   T31] 1 lock held by syz.7.7636/30424:
[ 1354.063848][   T31]  #0: ffff88806fac4d20 (&mm->mmap_lock){++++}-{4:4}, at: exit_mm+0xcc/0x2c0
[ 1354.072762][   T31] 1 lock held by syz.7.7636/30426:
[ 1354.102826][   T31] 1 lock held by syz.7.7636/30429:
[ 1354.108059][   T31]  #0: ffff88806fac4d20 (&mm->mmap_lock){++++}-{4:4}, at: exit_mm+0xcc/0x2c0
[ 1354.152938][   T31] 5 locks held by syz.4.7792/31061:
[ 1354.158250][   T31] 1 lock held by syz.2.8229/432:
[ 1354.182918][   T31]  #0: ffffffff8e543200 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[ 1354.206806][   T31] 1 lock held by sed/462:
[ 1354.222263][   T31] 
[ 1354.253458][   T31] =============================================
[ 1354.253458][   T31] 
[ 1354.283309][   T31] NMI backtrace for cpu 1
[ 1354.283330][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1354.283356][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1354.283369][   T31] Call Trace:
[ 1354.283378][   T31]  <TASK>
[ 1354.283387][   T31]  dump_stack_lvl+0x189/0x250
[ 1354.283424][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1354.283454][   T31]  ? __pfx__printk+0x10/0x10
[ 1354.283497][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[ 1354.283525][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1354.283551][   T31]  ? __pfx__printk+0x10/0x10
[ 1354.283583][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1354.283609][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1354.283639][   T31]  watchdog+0xf93/0xfe0
[ 1354.283665][   T31]  ? watchdog+0x1de/0xfe0
[ 1354.283692][   T31]  kthread+0x70e/0x8a0
[ 1354.283724][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1354.283744][   T31]  ? __pfx_kthread+0x10/0x10
[ 1354.283776][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1354.283802][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1354.283830][   T31]  ? __pfx_kthread+0x10/0x10
[ 1354.283860][   T31]  ret_from_fork+0x3f9/0x770
[ 1354.283887][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1354.283917][   T31]  ? __switch_to_asm+0x39/0x70
[ 1354.283934][   T31]  ? __switch_to_asm+0x33/0x70
[ 1354.283950][   T31]  ? __pfx_kthread+0x10/0x10
[ 1354.283981][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1354.284014][   T31]  </TASK>
[ 1354.284022][   T31] Sending NMI from CPU 1 to CPUs 0:
[ 1354.436627][    C0] NMI backtrace for cpu 0
[ 1354.436645][    C0] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1354.436668][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1354.436681][    C0] Workqueue: bat_events batadv_mcast_mla_update
[ 1354.436706][    C0] RIP: 0010:__lock_acquire+0x45c/0xd20
[ 1354.436729][    C0] Code: f9 ff bd ff ff ff ff 0f 4c e9 ff c5 45 8d 7c 24 01 49 ff cc 44 89 f9 83 c1 fe 78 44 44 89 e3 81 e3 ff ff ff 7f 83 f9 31 73 1d <48> 8d 0c 9b 8b 8c cf 10 0b 00 00 31 c1 41 ff cf 49 ff cc f7 c1 00
[ 1354.436745][    C0] RSP: 0018:ffffc90000127288 EFLAGS: 00000083
[ 1354.436759][    C0] RAX: 0000000000020007 RBX: 0000000000000001 RCX: 0000000000000001
[ 1354.436771][    C0] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffff88801d2b0000
[ 1354.436782][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff81730195
[ 1354.436794][    C0] R10: ffffc900001274d8 R11: ffffffff81ac9660 R12: 0000000000000001
[ 1354.436806][    C0] R13: 0000000000000001 R14: ffff88801d2b0b40 R15: 0000000000000003
[ 1354.436818][    C0] FS:  0000000000000000(0000) GS:ffff8881257ab000(0000) knlGS:0000000000000000
[ 1354.436833][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1354.436845][    C0] CR2: 00007fbc4d60a662 CR3: 0000000076f72000 CR4: 00000000003526f0
[ 1354.436861][    C0] DR0: 0000000000000002 DR1: 0004000000000002 DR2: 0000000000000408
[ 1354.436874][    C0] DR3: 1000000100000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1354.436886][    C0] Call Trace:
[ 1354.436893][    C0]  <TASK>
[ 1354.436905][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1354.436929][    C0]  lock_acquire+0x120/0x360
[ 1354.436947][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1354.436974][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1354.436995][    C0]  ? kthread+0x70e/0x8a0
[ 1354.437020][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1354.437042][    C0]  unwind_next_frame+0xc2/0x2390
[ 1354.437065][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1354.437091][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1354.437113][    C0]  ? worker_thread+0x8a0/0xda0
[ 1354.437136][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1354.437163][    C0]  arch_stack_walk+0x11c/0x150
[ 1354.437190][    C0]  ? kthread+0x70e/0x8a0
[ 1354.437215][    C0]  stack_trace_save+0x9c/0xe0
[ 1354.437240][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1354.437269][    C0]  ? __lock_acquire+0xab9/0xd20
[ 1354.437288][    C0]  kasan_save_track+0x3e/0x80
[ 1354.437304][    C0]  ? kasan_save_track+0x3e/0x80
[ 1354.437326][    C0]  ? kasan_save_free_info+0x46/0x50
[ 1354.437349][    C0]  ? __kasan_slab_free+0x62/0x70
[ 1354.437365][    C0]  ? kfree+0x18e/0x440
[ 1354.437381][    C0]  ? batadv_mcast_mla_update+0x3293/0x3640
[ 1354.437399][    C0]  ? process_scheduled_works+0xade/0x17b0
[ 1354.437418][    C0]  ? worker_thread+0x8a0/0xda0
[ 1354.437438][    C0]  ? kthread+0x70e/0x8a0
[ 1354.437483][    C0]  kasan_save_free_info+0x46/0x50
[ 1354.437506][    C0]  __kasan_slab_free+0x62/0x70
[ 1354.437523][    C0]  ? batadv_mcast_mla_update+0x3293/0x3640
[ 1354.437541][    C0]  kfree+0x18e/0x440
[ 1354.437556][    C0]  ? do_raw_spin_unlock+0x122/0x240
[ 1354.437584][    C0]  batadv_mcast_mla_update+0x3293/0x3640
[ 1354.437608][    C0]  ? __pfx_batadv_mcast_mla_update+0x10/0x10
[ 1354.437628][    C0]  ? __lock_acquire+0xab9/0xd20
[ 1354.437655][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1354.437679][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 1354.437698][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 1354.437719][    C0]  process_scheduled_works+0xade/0x17b0
[ 1354.437752][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1354.437779][    C0]  worker_thread+0x8a0/0xda0
[ 1354.437811][    C0]  kthread+0x70e/0x8a0
[ 1354.437837][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1354.437857][    C0]  ? __pfx_kthread+0x10/0x10
[ 1354.437883][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1354.437904][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1354.437928][    C0]  ? __pfx_kthread+0x10/0x10
[ 1354.437952][    C0]  ret_from_fork+0x3f9/0x770
[ 1354.438002][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1354.438025][    C0]  ? __switch_to_asm+0x39/0x70
[ 1354.438041][    C0]  ? __switch_to_asm+0x33/0x70
[ 1354.438055][    C0]  ? __pfx_kthread+0x10/0x10
[ 1354.438080][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1354.438103][    C0]  </TASK>
[ 1354.452399][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1354.452425][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1354.452460][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1354.452477][   T31] Call Trace:
[ 1354.452489][   T31]  <TASK>
[ 1354.452500][   T31]  dump_stack_lvl+0x99/0x250
[ 1354.452541][   T31]  ? __asan_memcpy+0x40/0x70
[ 1354.452578][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1354.452613][   T31]  ? __pfx__printk+0x10/0x10
[ 1354.452662][   T31]  vpanic+0x281/0x750
[ 1354.452693][   T31]  ? __pfx_vpanic+0x10/0x10
[ 1354.452719][   T31]  ? __x2apic_send_IPI_mask+0x1e4/0x260
[ 1354.452756][   T31]  ? preempt_schedule+0xae/0xc0
[ 1354.452792][   T31]  ? preempt_schedule_common+0x83/0xd0
[ 1354.452833][   T31]  panic+0xb9/0xc0
[ 1354.452861][   T31]  ? __pfx_panic+0x10/0x10
[ 1354.452892][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1354.452929][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[ 1354.452963][   T31]  watchdog+0xfd2/0xfe0
[ 1354.452995][   T31]  ? watchdog+0x1de/0xfe0
[ 1354.453027][   T31]  kthread+0x70e/0x8a0
[ 1354.453075][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1354.453101][   T31]  ? __pfx_kthread+0x10/0x10
[ 1354.453138][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1354.453170][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1354.453202][   T31]  ? __pfx_kthread+0x10/0x10
[ 1354.453238][   T31]  ret_from_fork+0x3f9/0x770
[ 1354.453270][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1354.453308][   T31]  ? __switch_to_asm+0x39/0x70
[ 1354.453328][   T31]  ? __switch_to_asm+0x33/0x70
[ 1354.453350][   T31]  ? __pfx_kthread+0x10/0x10
[ 1354.453384][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1354.453426][   T31]  </TASK>
[ 1355.014584][   T31] Kernel Offset: disabled
[ 1355.018931][   T31] Rebooting in 86400 seconds..