last executing test programs:

5m11.477705314s ago: executing program 3 (id=948):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x4c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}}, 0x44)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000280)={'wg2\x00'})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast})
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x1108000, 0x1000, 0xbb28}, 0x20)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
writev(r4, &(0x7f0000019880)=[{&(0x7f0000000400)="fb", 0xffffff5c}, {&(0x7f00000197c0)="1902eb02d5e5f29e59e1a7caec33eb76d2430da474d87e367f6598d026438b65eda8341073b6752abdcee080c8e1e876b25227c37d7dd79886ce33f13e857c8eda1cecf6ac36c03dbf54e3cb5136da5a33fee76fb3113f8b6700e9e5fc006b8eed665fed48738d59395ad07438c3610ae3976aac75caf2facafa21c25be3c2", 0x7f}], 0x2)
poll(&(0x7f0000002100)=[{r4, 0x400}], 0x1, 0x2)
creat(&(0x7f0000001380)='./file0\x00', 0x4)
mount(&(0x7f0000001400)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000001480)='qnx4\x00', 0x0, 0x0)

5m10.311383639s ago: executing program 3 (id=953):
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xd)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005ec0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000005f00)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000006000)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd0600ffdbdb252100002008000300", @ANYRES32=r2, @ANYBLOB="0600eb00000800000400ec000a00060008021100000100000600f70000ff000008009e"], 0x44}, 0x1, 0x0, 0x0, 0x4048020}, 0x28000)

5m10.24942966s ago: executing program 3 (id=954):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,use', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfb010016e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e94d52bb50b43066c1de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x90, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x3ff, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000340)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x809000}}, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
ioctl$FIBMAP(r2, 0x401870c8, 0x0)

5m10.003217672s ago: executing program 3 (id=956):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='configfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="120141014813442024040075ae21018703010902120001000010000904b8070096d1ca00"], 0x0)
syz_clone(0x2000000, &(0x7f0000000100)="c15cf16868af32368f7363a85c9c4f4a6c61acd6bc", 0x15, &(0x7f0000000180), &(0x7f0000000200), &(0x7f0000000340)="c765bba7c55bd142bdeb092a96af016ac415c47b4332433fe033c701b709ae1733c6117a6cdd32fd942dc2092e749ce478db6e09477b7bf4997faf50ad69929d6b329d1f3b308e51ff1b919c50ba34f03da65af2aa6bf88e717ad32d06701665092b8fd6912e7b9d54de920f3e6a932c89ac9283ee530db080314b3e079d0ce8199dd5ef3dea951270fc4406ec6611b718018cbe615b9dab688a34644af8c89723f2fa2105b1f2380703b5a88c641bdd3d6e54c67ffce79e29f460d95d61eeb659333e1328192fe91a4ba4a5beac35fbc04cabd845f4daba4b8ac4f3379f607783b3d144182fe6389c")
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000240)='gfs2\x00', 0x200000, 0x0)

5m9.403416519s ago: executing program 3 (id=958):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000100)={0x2, @vbi={0x9, 0x7, 0x80000000, 0x34524742, [0x1000, 0x7], [0x9, 0xd6b2], 0x108}}) (fail_nth: 1)

5m8.334380447s ago: executing program 3 (id=965):
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000400)={'dt2815\x00', [0x0, 0x80000000, 0x2, 0x410002f, 0x88d7, 0x2080, 0xfffffffd, 0x3000f, 0x0, 0xffffffff, 0x200, 0xfff, 0x344, 0x2002, 0x0, 0x200, 0x9, 0x6, 0x84, 0xf, 0x61, 0x3ff, 0x4, 0x242, 0x5, 0xffffffff, 0x1ff, 0x807df, 0x8, 0xf3, 0x1]})

5m7.957236533s ago: executing program 32 (id=965):
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000400)={'dt2815\x00', [0x0, 0x80000000, 0x2, 0x410002f, 0x88d7, 0x2080, 0xfffffffd, 0x3000f, 0x0, 0xffffffff, 0x200, 0xfff, 0x344, 0x2002, 0x0, 0x200, 0x9, 0x6, 0x84, 0xf, 0x61, 0x3ff, 0x4, 0x242, 0x5, 0xffffffff, 0x1ff, 0x807df, 0x8, 0xf3, 0x1]})

6.330980479s ago: executing program 0 (id=2894):
r0 = landlock_create_ruleset(&(0x7f0000000080)={0x840c, 0x0, 0x3}, 0x18, 0x3)
landlock_restrict_self(r0, 0x6)
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=@migrate={0xac, 0x21, 0x1, 0x0, 0x1, {{@in6=@remote, @in6=@remote}}, [@migrate={0x50, 0x11, [{@in=@multicast1, @in=@local, @in=@local, @in=@broadcast, 0x3c, 0x4, 0x0, 0x3505, 0xa, 0x2}]}, @policy_type={0xa}]}, 0xac}}, 0x0)
landlock_restrict_self(r1, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009d000040"])
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)=@arm64={0x80, 0x40, 0x7, '\x00', 0x8001})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000300)='\x00', 0x81901)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
bind$unix(r6, &(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="20000000151401"], 0x20}, 0x1, 0x0, 0x0, 0x40880}, 0x24040800)
move_mount(r6, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x100)
getsockopt(r2, 0x5, 0x8000, &(0x7f0000000340)=""/210, &(0x7f0000000100)=0xd2)

6.013062727s ago: executing program 0 (id=2898):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd700008000000030000005800018044000400200001000a000004000000020000000000000000000000000000000100000000200002000a00000000000000fe800000000000000000000000fe00bbdd0000000d0001007564703a7379"], 0x6c}}, 0x0) (fail_nth: 14)

5.360687427s ago: executing program 0 (id=2901):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000)
setxattr$trusted_overlay_redirect(0x0, 0x0, 0x0, 0x0, 0x3)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="20000000151401"], 0x20}, 0x1, 0x0, 0x0, 0x40880}, 0x24040800)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/ipc\x00')
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, 0x0, 0x0) (async)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, 0x0, 0x0)
sendto$netrom(0xffffffffffffffff, 0x0, 0x0, 0x40, 0x0, 0x0) (async)
sendto$netrom(0xffffffffffffffff, 0x0, 0x0, 0x40, 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, 0x0, 0x0)
syz_open_dev$video(0x0, 0x7ff, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
open_tree(r3, &(0x7f0000000640)='\x00', 0x89901) (async)
r4 = open_tree(r3, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, 0x0, r4, 0x0, 0x275) (async)
move_mount(r3, 0x0, r4, 0x0, 0x275)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/route\x00')
statx(r5, 0x0, 0x1000, 0x10, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6) (async)
ptrace(0x10, r6)
ptrace(0x4207, r6) (async)
ptrace(0x4207, r6)
prlimit64(r6, 0xf, &(0x7f0000000000)={0x5, 0x9}, &(0x7f0000000040))
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ioctl$FBIOPAN_DISPLAY(r5, 0x4606, &(0x7f0000000140)={0x6a0, 0x30, 0x556, 0x280, 0x3, 0x2, 0x1, 0x0, {0x397a318c, 0x5, 0x1}, {0xe, 0x68, 0x1}, {0x5, 0x9}, {0x6, 0x7ff, 0x1}, 0x1, 0x0, 0x240000, 0x1, 0x0, 0x0, 0xfffff86d, 0x31, 0xe88, 0xfffffff7, 0x2, 0xd, 0x2c, 0x100, 0x0, 0x8})

4.495280655s ago: executing program 4 (id=2906):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x4)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x0, 0x7f})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x1, 0x0, &(0x7f00000001c0)=""/91, &(0x7f0000000480)=""/66})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x12, r2, 0x45809000)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x22052, r3, 0x2000)

4.46584976s ago: executing program 4 (id=2907):
r0 = socket(0x10, 0x80000, 0x0)
r1 = syz_usb_connect(0x3, 0x24, &(0x7f00000001c0)=ANY=[@ANYBLOB="120100008d1e632039102021a702f9ff0301090212000100ffc00009047d000ce4409802aff3c531664a08b09216ac6cbe908b12cff3481c783ee3402c14341388a132a520d0f1a7b2a7b36fc39875fc54134a9b19f0d4449936f454a61cb7747c76e1ae347477882115aa35bd59825d8dbe53023c3eafd5f11eadbeebf968ce702c7a51a4c55d7a68a25f90ef54f36a670a9d7b045230089210bcf5f1819826b6fbe7925171b7a10159104ff9b1a364d0bba592fa2deb056f119361579f15d640b14f7aeba442e6218975b2e9f7c981e54596539ee92c775c3cf9675a69158bf3656fd0ab3ca21124f36c973465d3ff626f902c203781aac4532cca4d8e72e7458f33bbfc9ea35be47c0d9e9410075459f6d4a4ff4f40232369f7a3be833eb90000"], 0x0)
syz_usb_disconnect(r1)
syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[], 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000100)={0x2ffc, 0x4000006, 0xfffffefc, 0x6}, 0x10)
r2 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f0000000180)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000100)={0x0, 0x11, r3, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000fc0)={0x0, 0x0, r3, r4, 0x9c, 0x6, 0x5f, 0xfcde, {0x7, 0x800, 0x81, 0x7, 0x2, 0xbc2, 0xd, 0x8, 0x7, 0x7, 0xd, 0x0, 0x7fff, 0x80000000, "a3f1d6cb5d9bbcf55d6e4889c09b0237d47a019646535f7a5b5fbc1d00"}})
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYRES32, @ANYRESHEX=r1], 0x1c}}, 0x804)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r5, 0x0, 0x0, 0x20000080, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback, 0xed6}, 0x1c)

4.388873384s ago: executing program 0 (id=2908):
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='v7\x00', 0x1c9, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
socket$inet_smc(0x2b, 0x1, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2400, 0x0)
pipe2$9p(&(0x7f00000000c0), 0x0)
pread64(r0, &(0x7f0000002240)=""/237, 0xed, 0x4eb)

4.263140549s ago: executing program 0 (id=2909):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=@newae={0x40, 0x1e, 0x1, 0x70bd26, 0x25dfdbfe, {{@in=@multicast2, 0x4d3, 0xa, 0x33}, @in=@broadcast, 0x4, 0x3505}}, 0x40}}, 0x90)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000240), r0)
sendmsg$NLBL_CIPSOV4_C_LIST(r3, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000500)={0x264, r4, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0xfffffffffffffd5d, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x1d4a1ba3}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x9a}]}, {0x2c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x7}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x277de116}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x3b}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xa6}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x189ad5e1}]}, {0x54, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xea}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x92}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3c16c94e}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x3c}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xcd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x66bd1460}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x56e64b1d}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x76c0aba0}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xe16870}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4e46817c}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x48}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x23}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xa1a224a}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x14c, 0x8, 0x0, 0x1, [{0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x9e}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x2a}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x5}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xfc}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6800a017}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xc3}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x14}, @NLBL_CIPSOV4_A_MLSLVLREM={0x2e, 0x6, 0x95}]}, {0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe6}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xa0}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7dd05e52}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5fbd9f3f}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x71e3b6db}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5568052a}]}, {0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6b9aa109}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xeb}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x80}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe7}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xbe}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7bc1f90f}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x752dc8f8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x60aa357c}]}, {0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5215df48}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xae}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x8340295}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x15965983}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4f4b334}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x12eed44f}]}, {0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x89}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2330236f}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xfc}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe9}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xb1}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x13315114}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe7}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3f50fc43}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x5d}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x44e9a169}]}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x10, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3e839350}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x7}]}]}, 0x264}, 0x1, 0x0, 0x0, 0x40800}, 0x8000)
syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010003000000ff1c1b1f1c4000010203010902240001010800fe09040000020301025f09210800060122cb0f09058103ff03"], 0x0)
r5 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb10000000010200090502"], 0x0)
syz_usb_control_io$cdc_ncm(r5, &(0x7f0000000400)={0x14, 0x0, &(0x7f00000001c0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r5, 0x82, 0xc38, &(0x7f0000000200)=ANY=[])
r6 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)
ioctl$EVIOCSKEYCODE_V2(r6, 0x40284504, &(0x7f0000000080)={0x74, 0x0, 0x4, 0x0, "d80004000000000000957f00003d4a100a000000000020020661e6e66b8b37ff"})
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r7=>0x0}, 0x800)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
ioctl$TCXONC(r8, 0x540a, 0x0)
ioctl$TCXONC(r8, 0x540a, 0x1)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000180)=@v3={0x3000000, [{0x0, 0x8}, {0x2, 0x70000000}], r7}, 0x18, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], &(0x7f00000002c0)=""/203, 0xfffffffffffffe5f)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x28, r2, 0x201, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x40800)

1.739222359s ago: executing program 1 (id=2920):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x12401, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
ioctl$TUNSETSNDBUF(r1, 0x400454d4, &(0x7f00000001c0)=0x1) (async)
ioctl$HIDIOCGNAME(r1, 0x80404806, &(0x7f0000000180))
pread64(r0, &(0x7f0000000080)=""/244, 0xf4, 0x0)

1.716486541s ago: executing program 0 (id=2921):
r0 = syz_open_dev$video(0x0, 0x7, 0x40)
ioctl$VIDIOC_CROPCAP(r0, 0xc02c563a, &(0x7f0000000080)={0x9, {0x6, 0x7, 0x706b, 0xffffffe1}, {0x8, 0x7, 0x8, 0x7ff}, {0x60ec}})
sendmsg(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="e8000000000000000b210000ff3f7c081e0f315b91fcaec7bf495d5c618332756cbb1bb9ce6d12b9d976d1f33aca41e50a3342bcd67c311f7885a05c3fcf2ae21f1498ec481e7ca2c3ca4c7b3bf94448f62e111e5a79929b9182cc977ba6ae766ce37bdaac6da997fbc15f0c79f42155b99a280667b51fdc7902d7be5ef41f953fedb32aceeada13250626957e2013d5b12cc916541ccbeb0d4060a4dd89664eaba2f6b4ede0c9e3dc1c9446d9284ebe0e46eee7bc145ff0a2779c025553298812978ea53a8c60f254f23344a80a0aac7b141787bad6b0ba090000005f2f3158f0d200000000000070000000000000000701000040000000afbb30c2946e41ef3167d1f6ed47aa1f52bad114a89dbed741f74a23cd8d915e2dcc74a4932646b90f90a9d3956d5cadb642ac79fcb0aae3654482188263abd27e9d57cc28032453dc75f333e1f367ab38b7e7719805a454e79802d07ec60c00b0000000000000000100000001"], 0x208}, 0x0)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0)
recvmmsg(r2, &(0x7f0000001dc0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdf0e}}], 0x1, 0x2002, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x40010, 0xffffffffffffffff, 0x2000)
syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120e410158a57543fa998889cd6501020301090212000100001008ca000904a88b7e45a73bd422a01eafc6ba3fec6c070070cfee00f616b11d8427d0cd0b0000000000000098c6934f77473f6c9d2b4bf6dccacb33c1d6c29d234e5c95ec1d906ff976f87a4ab12e4d5a0cde8fd7db93d458d22318c4dcccd6da13d1635042a465e70c92ab3d4a377f7e70865ec9ace30c9b36474a6c4e1864e48ba716fd3f71ed3f9c62b16516d7f1f52be4a2357aeb76fc743dfe7174d20ffafd2639e119e79dd3725f6e31852c049b9f92362761da709e9f77e31d724eea24cd189f9787b80c4f51ccecce1f494e20626305d3225890bcabd1caadfd911dc14a6b6e4947d9ad7a6ffa69244876243062dad6d4930ed138d337f767614022a14dbf86a1b9025cbed04de5b0b3605fd8712ffcc5b531d9ca840807e2c4dc13713248e34363448ade4360dddfc24e60f0a08b3e3e87ad1e000000"], 0x0)
timerfd_create(0x3, 0x80000)

1.542763436s ago: executing program 2 (id=2922):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="d80000001e0081054e81f782060000000000000006007c095dd2466518000e800a00142603600e1208000f0000000406a80016c00800094014000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791433a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad909d5e1cace81ed0bffece0b42a9eca0200e6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0) (fail_nth: 9)

1.475291473s ago: executing program 1 (id=2923):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000280)={'wpan3\x00'})
sendmsg$NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x8054}, 0x40910)

1.139930129s ago: executing program 1 (id=2924):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0xf)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x2100, 0x0)
mknod$loop(&(0x7f00000002c0)='./file1\x00', 0x2000, 0x0)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0)
mmap(&(0x7f000081c000/0x4000)=nil, 0x4000, 0x3000001, 0x12, r0, 0x45809000)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e22, @private=0xa010102}, 0x10)

1.073176197s ago: executing program 2 (id=2925):
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000400)={'c6xdigio\x00', [0x0, 0x80000000, 0x4, 0xfdf9, 0xa8da, 0x8f, 0x6, 0x44, 0x2, 0x3187, 0x200, 0xfff, 0x77382cfb, 0x2002, 0x0, 0x6, 0x8, 0x6, 0x84, 0xb, 0x0, 0x20000, 0x80, 0x55, 0x5, 0xad1, 0x1ff, 0x907df, 0x8, 0x40000f3, 0x3]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x11e)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0, {0x7}}, './file0\x00'})
ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r1, 0x4068aea3, &(0x7f0000000080))

919.132652ms ago: executing program 1 (id=2926):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0) (async)
bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e1d, @multicast2}, 0x10) (async)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
socket(0x28, 0x4, 0x6) (async)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r2, 0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000002000f000000050030000000000005002f000000000008000300", @ANYRES32=r5], 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r7 = openat$cgroup_devices(r6, 0x0, 0x2, 0x0)
write$cgroup_devices(r7, &(0x7f0000000200)=ANY=[], 0xa) (async)
socket$inet_icmp_raw(0x2, 0x3, 0x1) (async)
unshare(0x6a040000)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0) (async)
r9 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r9, 0x10c, 0x3, 0x0, 0x0) (async)
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, 0x0)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$nl_xfrm(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000001e00010026bd706e6e24139e07"], 0x40}}, 0x90)
brk(0x9) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x22052, r0, 0x2000) (async)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000940)}, 0x40)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

801.375051ms ago: executing program 2 (id=2927):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000300)={0x1c, r0, 0x62c21a4ade68aba1, 0x0, 0x2, {{0x32}, {@void, @val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x70, 0x0, 0x0, 0x48d4}, 0x40010)

745.730977ms ago: executing program 4 (id=2928):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r0, 0x0, 0x4000005)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x810, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1, 0xf5}, 0x1c)

627.292635ms ago: executing program 2 (id=2929):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000006000f000000050030000000000005002f000000000008000300", @ANYRES32=r2], 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x0)

586.654883ms ago: executing program 4 (id=2930):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)="1c0000005e007f029ea69801d76ab0a272a2a7b689cdbf4dda741a25c2", 0x1d}], 0x1, 0x0, 0x0, 0xffffffff}, 0x0)

549.356857ms ago: executing program 2 (id=2931):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f000095d000/0x2000)=nil, 0x2000, 0x2000001, 0x80010, r0, 0x4580a000)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001080)=ANY=[@ANYBLOB="c298ac08d23e4084754d1c000000", @ANYRES16=r1, @ANYBLOB="07000000000000000000020000000500050001000000"], 0x1c}}, 0x8004885)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000980), 0x2, 0x0)
r3 = getuid()
quotactl_fd$Q_GETFMT(r2, 0xffffffff80000402, r3, &(0x7f0000000000))
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x7fffffff, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x7, 0x3, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x80006, 0x1, 0x5, 0xffffffff, 0xe661, 0x4, 0x7, 0x5, 0x8, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x407, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x0, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x7, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x9, 0xea4, 0xffffffff, 0x4, 0x7, 0x7fff, 0x5a7c, 0x420, 0x8, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x40, 0xb, 0x4, 0x9, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0xfffffffe, 0x5, 0x9, 0x5, 0x3, 0x8, 0x1, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x8004, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x7e, 0x3, 0x4, 0x2950bfae, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0x2, 0x9, 0x7ff, 0x12b, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x400, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0xfd, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0xfffffffd, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f00000002c0)='.\x00', 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
read$FUSE(0xffffffffffffffff, &(0x7f0000004280)={0x2020, 0x0, <r5=>0x0, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000200)={0x50, 0x0, r5, {0x7, 0x1f, 0x1, 0x20004000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000066c0)="a062030607792c01386f28a428828947de99f79cc542703d923c7cb9d4e1f6fd95fbf2f747ab32f6fb041861fb3f87a88cb85405b4e73c0b6b12c81e42a9f13d82c32b7ddb172bcba1aac5c38f083747ac179f08d4d6d342a87ba8dd9bb7a9680f27433c3357b4f6ac97b19a973592f1ac6e7853a0b15ba42a28efb9cc30b146346b546018966e94976ca28f26a1950dd64c0adbb0c2e09bbd9caa9e7886a2b3d6e2b6d6616b718f1322ea2881ca59ef73948b1bcdc2dd3970e63cbc1043ce42af0ea1f95d17268cbc3ef062c8c31a537e94a20c1c505a6022d5ece7f51bd9c754d8c47cbe80bbb30b2159991a94dd3a25e64aff8a7a17374b5a71e0c7c241cbfd7f084e18a50bea512ada902210a3881ffcd42071ab09c4d80139d8980d6dc5d12c2595ced445caf22f80d8fb1a4c243da47fadb8e28e9c04fea820a8a2f032f5adff8b7d9269e63db68d196bf7f416405e52b6b8abd8bb9d9694b8b5eddae348209963738cd9710bd6c291af1c8eaf0e52d2f2f24bef8c8bc9f77eed40104e07c8ee1b4cb358fc73e2653fef6232b5e9f5d0be26b91a0b7967ed5e3bf10c449424ff4d11951d963677001d9576425d6a9c4503268a407d74854f5e1caacc0ccc463dc56e684db1d80b370da238915579ab82cdbd7d155adf10b96ed71100ea92834e8a4e4f5b7b831bff6fb4febe01bb398ea4065446f277f107aa3cc06e0b7a6e98434bf57744ba9ecb8effe704d7f852e16bc33ac113649f7540b7a7a67cf5493b400ce06e571d485af1732938b79ded4de7dad97a7e1c0be7bd479dc264647bb76503168423e3f6fc95f8ac8ea35e39f476ab54e88286fcf73eead1f794784465592fe4ad112ac63bbc3b3f35b87c40bc5fa6e3ca6cad878f9772a61a23aa00491a9e2442eb90a32af2bd74e99d075bcda20288bfc30f3b00a7e8e1a0b4791573abd65284bbb53e2b7d667239b95b332dd423e4d7c512de559bd53fde5285add9795bda81ec142620e693af9c787a4499dd76ca0d77d9c7c4043e537ec6c1cd0b9a642b12adc782a0e00f6c1ed7379d5fff4c2feb19182db977f657b195e4710ff00f78e35a146119897495b0e1a0068a6606292ee72bf65adcd2cd29b4e59a4b3f82eac77d5254013d03d2fb2511975558906741912d09304f0d4cf08c8f62690c67968c869f75a4025224d8e84baf7a42e01b4ecf7e55d7c45839778c2266880d1bb73e3aad618d1a4f8d5a16914d64d70438a88512649fd4caa90506e5a2d58a33ecaebc9b2e5f8a4fbeca57c829ae02fd2dc146e939c3d295ada7df4a07e74b356c6ffd7a9c546b9eddf7e013cbcb2b57ae0d225249f7e06a415681d9f597a060fd55e39bd56f04b863efeca458a0cbc54b660db50ca40d27a3fda3416860e691cfc780593f06b467700968bb918c32547e378b14b4e0dcd11cb0b2fb36ea70946ac62290184b4eed38b51c322a75367b50f558e063bf363341a17c28ddcbf9ce53da06f26303fd156423a25f686809bc9845a78e0cc3d94e04bc8da85f22a4a8ece2c4ac2c79e54dcc4eabc61e067060ad880377a71fe0c2c0305256e4f3c637575f086e4ae3d7ab5d106fde03d24c47dccba3da23a244c1f50a4f60cd8d71b77390c5ce6d5612fd0260a2f33389b064ae6acac783eca62874232fd3808fb2188151a43de6cebc7e245106183f7d929f1eeff6f972da3e3d967170247925fb0f04bf38e88d06321f9ff9d2c296553d842b69036a2b6de2aad3879aedee723ff00736f7b0dffe6182104105ff0f0b636f5192d6bb5ae7ef950825827d2f3d6285d83aedca3f31474e0ad50ce6290a0e546c30d900e5b4208ecc8b3aca0ba3d110fc3c0a7e004a53e5d0ba1cc1c2bb42c3dbcbb4ceb6674151932ae56f6b03cc34ce450c292fecd2456ddcf42b075e6fd49305fbf265a36f3cff61321dd60f16e844089d659130947672a2d059e04af9ef653e8afec926b5a5d411f60a2a435437095a1df8dc60a616bd1a1ce7b5251ed8f905becffebd635eee8ff0055c40f146f1350a406b853ecb005c6ede4dc270ce6751cff915aa27f5f6b0736da14c9949de599d57868c29cc97ad03bd89502a34b88ad29c8762d0dc24a6df759821882a32e70531cab51fa1752a4fc49cf0706cb24d203174b2940f29ef8b0ce65b40cfde4e0c7310c685cc8de8384e485a951192fa8c36c11f9b88a48caf027dca480caa4fccae70ea6c837eb82f926ad7691c7709f217220d71f6e374fb8522a84c118b5c25f3d56acfb25afbe676fc9e574b6c5a59c00a0bbeeff61fd82a1677f3da9bb596133db491a8f11b945d930c8a67de9ce80025c764d518efcbae25d9194dc96c31ed02c63b1ac976715f7233ffed7cb6e929bbb5afabd34bc37c095acd0abbbdb1ea48e40a30ac99550f0ccca19ecef5acb2604c48fffb53b352d114fac72d6fc019ddec558406668f773fed9476148133c0f9ca4d1fd7e70dd04bfa089dc57e5940f29a5fd33dc79913ff48853794fdaf891d71de94c4a4fed0544e09f2bd578b07003031b8602f08ca8a79fa5ebfd5477f4d4f031c3efe0db273446a99d0cbe21a3cf43f3b82774e4657bb4f9675adbaf71c52953f0b18a61e05a9c770536fbad215848f8238e8730b9085189ea4621780dac500d7d7dc7815b45e232f86592498f1515ac8c50306013524cc5f0a74b67bc85d435d332ce69f00641c86a3e91be84b78ac358f35b18d69679df4197d3be8554417cf44aee6dc623f68ce3388df18168efa1c87c776cbda792f6110b6af178eb8200a91dfb72c1e23b5e5a66b5a3ee3f4c2bba2ccac939dcb036006b86e894093922a95fd70baba9424a3d0327a0f209fe10b39f3cec3f669d301a2834e58fd56f94d622dccf653f08e776c9f3e1b0e5b3cdef133834b93c41c70438d51a0b127262868d49ca91623c3d8b75c2cce0b771b9ac941bb96029e782224a3686a7c0dd164e162ede667e0e5817e7bde85ad3bf30a6a5bdc420f751679be74a02f84aa93b971c3f45a67d155f7ecb1d5284660918dbf102bc16f496fb62a1290e6b88ddaff55740583cba13076afd623276634e0c11663be50766980949095003ef5bc6f90a98bbad436b67928513e70115224f672ca2a24e27bb98bd5288c49ea23d47ef13c5ff28c43ce53ca16a6caeccc1f601226253c4a38a88a93828f6c800547cadbaa6d7ad26db618cccd38a671507cad5ba0065ce2edba81a059b95c36c5d04ab456fd6fd81ec3738ebe546d973c0886a5e7b83dd9c2f58f5d6c19519e67575b3732a486555f8d8c4ae004a62e8d07ab2c8ef74cdb96aa99d75aeb1c25985996f281d71106910a3c3da17de35e04dbe00e2b7b75ec2fed177a7f2d04fbf68bd0b8af682b30911867d4d1497ba060b662f4e97a8e7fd3613015cc34302377497cd08bcdc29f06dae240820d2ccddbf8c95c76a4ba5d3e1b37a62369ce3f79fb74ebd9bc82c3fa3edad4034b6715c2853fa7781c974b5a4e541e8b69bf4bd653fcce4e4340d9409fe9112e4d253a3b7e9d43f4426127b10f2d5d3fcd2193490f7d933e0cc53dae552f2d7c9d77b8f9b27c59105cfae43a0aab314a0820fbb5684bf20986e3be215688b42938d272c4c0edd17bcdc84a514d2483456d6cfb4f5c1218859ee55bfc77da36c9c75734932a12fd03df38232063ed92024f8ee7c21f314129feb10670bb4d6a0ad4fb3dc57a64cfe6509a0770650cdec0efd5e0b1fd29433cf871c9ddbe648319bd481357326ac1eb32b4bef4ad89ab6122e92dc786decac88624a4a3963ae771f8023b9a92e446114764c53d7efc07e3ea77a9daac5cabbe648a223e249db62102ef7b7b6d06df46b6ff913911b89848a47aecc0563fb06b6d77fe1daf4541cf619105ab68e0bcdf7a05af22b0551323bf33dec8167df2b7fac62dc9e286dd3462f488c82ad194f7fd5d3ca72fe9c0c37cdb6d75684326e5cb30319ab333fc70bb197320acda161d2e685e78ac2cb1417223f64742b12a316d590b18a4173b2a105a381baf6f383ec2e81d04860b5cc536475d7c5d05bd6a7db1a5d93930bacba8c1de63707bd24785e19fc1f15ba724660ac00d0f2ebbcd5528b8cbe4f3ca332e8611e937a310fc79d234be6c1cd09d6a5cb06ab36a9d667188144c81f86aaf0851763573b36cc21462ba4f3d6e95d38d1e9b943085661d234ef6d079bc9d84c7447c85baba88263451ba10559e1ce326fee5074b26b54872e690a9a1e589e1c444daa3224b292bf9ec4a604dc512760084084f27386c89a1190b8905f0d720508c0ed69272f396725805480188aa4602a26e833c16aa5079c0577a8203ec0b2b929ef3b410bb427c168b7fefd1be652f06efc61c7a295a5d07a9fd61bd5bfe67ac5f74e485a66c92950a1b460257084ca3a3489943ad450300967234b487fa3def4010f9b715196562ebb0846b7ac3eba47646af6285582b4402f64aa684dff7d9cf81fbe1aa88959f7906f06839389f2ad56efb5029afe1d5ceac99a3e698f49ff0da7db06d7c9e94a8773a13fab93def139667b4dc6b741bd2769da7786acecbe315f9006bb6b72abe5bdc587d8d5aa8f67aaefef68197fd2e7874d9b7da2c3a5618720c12e8fc31db3e334c47abcbf10c6181ec14af4f9e90e19a35360a793b1e9b336e49b3ed67568a860cd4c298f967ba323d315821959629e5b7aaac367e1ddb8a1c5d61500afa69331a4c90861852f533657b28b97a343bc531a11ff634b157a6d859a35f0d2a595375e11a32457575f1d73da033bf5eeda12337b9fdd46bce192d3aaaa240a8c65bf47704d6aa64a9531f9de14a96fc9fe380db35dd5ec52321c67fb4c18abcaf22fbe8f602ed201232251317e1a1b71e1e2c924a92d84685de348eec97fed954b7f6681ddf521b4ee03a1aeb2e446ee2a7f4dfa37b1c53831139fc624c14dcc4d144ccdf758fd9f344b4cdc1df70f6a24fa78cab136c912d1ebffa7053ccbc9b9445762236dca409820f738370117d5c369dfc50fd42277f14eeaf29110aedcd503008c42914d04e219a8b6c01e337d04724919b07157e2275ba6365a9dba5ebc8019bd1aa1b8668023f64cf47e1b49b4fbcfc10d560bb74405c90751504db8100d8a8a1a3ff84d98f1262fbbd6b962f492b9531a7411c08e7e56eb0f838075f754b6a395b6b58a8e4c47eb46bfaba2ac94800a396749d18ba0e6219f8d616ec71a1e60b3bcc24e19d4a20ddbc6a871e6d7efa50a362610598d892a5adecbcfe217534deee3620dfc88c7992ec2e710e083ef0a50c20621405f654804d1af4f24d22b8ca48f26303e6969127a74f0b276a5624c3b84410d4d5ee3c62605876e60a88df2bd6e8db8c7e486fdb452178563e7add6bc126b721b9ef8b12181989b87031573a4010d88e34f15a2344e4808b74c99ad68f0c2aca4e8d504397c03e1328c4b1ec43fd902d206c3cfb63d7541ac57fdbc70b0033f87514286101231fe7e79668c802e1c23d61540cdf13a5e675b736e221ddc29ab747d9c64f6213f51d3c1ded2e2b0efc4e45183d90468f61ec1720f7a0b87947e2c54125cebe6563ee4415d886bbe869d17d36371c942c11db1e13c1dd40ed24cabaf7ee80eae6c4db934e982d9619d753dcd679c5650cd95d21582e31b259043a0d03371cd294f4cc028042c75070c9b534a2d79f164ab9d773295795280d1584ca664b53b263fe2e23534d27b0d85742fae8061e03187795129dd272041c6eb9c10c3406da1f752f4ca697bdbddd74975cd4dbba5687fb30ac4fd5d2579494eac73053a63821a852cf41a80f6668006f7e1c4e30b48d638ebab470c558d42baeed1adc8fc71f73e95f3ca212a4b009b508e89898727f805685e4e7650a2961d62c117d1ee9017236a6bffa0c36ae11bc52d346c83399e43c42cdb9f443aa307109a97ee66ceb7a29eeb2f1a2bb3ee1492229116db07301b2aa4126aee7775daa2d0eab4d206fae11b3c6b565dcc4c7b4dd1cf2abec81150d0629803f6eb221be384b8772fe6d6c4fa98c928a9d0a02e9ff8bb7a2168dbebe140323d93bee8983c496bccf752c372b795a3493624cefb3cfeb4307bd39826cac1ea3f18912deef1b8c8db30bc016990a477bc0a925fb36453a9e21354b2d7e6e3d4ca4dd20f27a8db05429d44b7a485365191dc4ba977a815958faf6434813a9f4046054763dd55dbb7fae892b746e169ae046ae3361a9f75cf622b03f75b1633da864395bd1c3a594fab0b1fb37f088dd1f2776e2b795c78635c2026a8ce7ff40968a1960786049a217dd8872ac0c01f4bafcf2d3d751dd46a5e1bec00540a9ca7afca3ef37575d4a8b1291d05be94913092890a9b4bfff39edbff307e5654896e79228777c0f8ea46c55bfe19e522bf457ab4e6b0167d776dbcd0160598370a12c4a03e4edc82b245a7608797b03d4ed89dfc2a5bf07b9fcb251fb8608553f3b3774818717a9aabe6b2ded811515ba454b390a6065bbc59552f3bfe51d38f139792e1aae60093a7c5770b52a1730feb1049c14a7d5261d644f6b738e22ee72aafa422bd93f61e1ccac0a5ef4726c66f61bb539acb937bd63da82c700c0860be90ce5621ced22b52b63d041266fc258fbfa6641aef22e97804e5138ad2ce4405eaf76bb0acd7fc61b2d6de4aabc5c28a850fcf219cff77c97d3cb6bec0067c171b912d11d82c56cbad56c0032a9657d4cdd1eacaca53f40f5e3fe911127e1cd30781351f180e1413933cee2d46ca0eea31ee01fe4e99a567edd0b10565d47b87c8a48366143e889e52d0ff13c920aea092c2545fa9b7056204fec156549d3c0a997bc1cf4a01338483bf5c69d6958ae038f1c3e3b84baeb2c1f9e064c0750602c34c6c483c316391d975f94f21f6dfe74e92c33228b408a9e2b9abcda33c497abba9c48a63e5c8f1a8d0f4c24d36a44e1601e8a09e8a5c7179bd4c44b17e542dd99cace87aab60a5e53325d544c991b6fa5deffa49fd886332980deeca9229cb2f67f495a7b743153854ed81e1623b12dbd65512d08a5732fee2db3fb455cf6df5a1701a2b8674633c6792162dc86ac76e30da225b0167a7e704ad33ba694f9c902afbeed58eef609874767053f59414d4d3eccbbcdbc7eba997c71f9b1f5139bb020d5dae1db6e2dcfbb51b5371b08bdbc3312b05ee6d8c03c8b5a7d4f23da45f276394f222b1a0bdf4e2603243cdba60ee0530387c88bb457ca9932f2283a4d55bb1195e6d325ed93f714e21908b1baafa467f1cec7fa26e5c384ee6828e77978bd1abd014de549a5e5966f2b2f4ba000f9d77f1abfe3a6c337cdb852c1ec59f61b63d543f3062dd2616a163ed7ca60168b0347b5c5646a678dafb4c502c333a0a48f0341b47f5c5946e42e571db0bfa0682a449ca64e71b5661a842975182399245c6de241512c67ac918d7e0c5cb66565010e881b8333567ca584321ead1c383b099d8bf1c56dac08cb218cde4226ad420d6d6313f9c4884d6394722304fdaa76e61db8c0d54eb1151344c41ce1130272928eecb2f9f0f23c752622374eb1223a80efcf0b937dff7d813d7be0340226c0a7b163741d9aecafcb7ddae5a219323323f621c802be82399e06d2e1cc582e759ffa303c5103f8a44d7129d2853b02e506abda57ad2836d7ff16f95232149fbeb8b62e586d3536bb4ae042ecd9e25d1dee789353071f9c89d4361000c47b763556e8902f1f25cbd8ae71679e03ff27db0ec75eeee3fccafc7fcf22c377ac60d3c61a43cb53abf6162118f2efc86a5ce80e69a02bc1db80018beeef6d567941232e4412a958ed012bf7a832c1eaf68134ecabc4927ad666b3d0f21d4e8d52fa37e0a9751124efed8bf47544299138a6f69d89e295677f12606c79b72451c263fca3eec22bf0c47c641159a0bbfb3b2b03154af533e5c06a149e52adcfae31bfc55f30064a8903c8d3b828d275a937b1e4adffa0597da5e253b50bd71b33f057ffeff0b2a0829b3bf33350fbe67c7c79034f80d69e6a21be495a848d328f416f15966491b218eab390544e39d498258ad80ddae248634c845cbe6f1c1e93e7c2b02075411e075fe936bcc75f4a4e1a3687cb3dbbb61cb31ddfbbc87a1859b3a48fccdd8e5915c8bf4eebe8f7093cef6a7a91c8682915f9908c854c483e90c9643467292884d284134dbaddafdbc74d94a5f9713719d62b4f6b4236803d210181847ca27129fde264156895f4e1822ef78a3b215ef56d7e36d2b94c93f5e931a0d13a3a3030061ce62de595eecf47eae6bf698530145757700df18f66fd7261a12c119d6679663b3c0f99d1705aebe66dc862eb21ccb7360b93f54507149b577abf521113991e06f345e8282fdc18de673e1ca7b188ee34b14f37f86ddcf97fef0b913c33cf8e5d5d33707dbcdbe4b27cef056670252f186735cdd02f6ed6bfe5318a704f00e34ffc4fda9855bf37c51be6a7423e44dd8a98883c8fa82ca37c90d681fb7a0db915576b50e49aff545b99aa3aa6343b814ba0bf64e53b2a1edcae2231bf20d65e4bb4da6dc8382120ede652adfb7c30a46e0ee784cbde74563d83eb8d89a1573fa104fddca9d4833c49dc904bda905426c7dee3e48b596c8ee201bea57fedb1a0649457eaac3c5b5f4519af3adb66f10b861e711cd4034448890e15047c2f8902588268b5645051f3f3968ed8d630e050ccef0d01b61ffeade51e4e72d8fd46bba4c20009396e984c424d174934a67a1930665fbea04c809e7cda0a2cdfd3a14d6b99c3a8d8b3691825830456876f188ff871fc861e4c6a0ca377dc1f0cb0f929f7eb1f5da045d9a588a393312acacca5c5a3b15bb1b488b08fc40ad65ae2c1df187eccd8377525a81d80df57579ae52f775fb2efdd172a41c370300fcc594c2635dcf50e9eb9d34fa8b4bbfd13078422e3a7734a8ae6cc09e39d07c7ee19838f8da4cbafe4162c8f8dc44e284840bd0a5c80bfc657c22e37e0d9a96dda34a51ce616c9ccdc95955cf85d93860da902ab30f11aa333eacc25c47981d8636038761ed4d84fcbb0ca92dd2e07863b9505b451c3c49e36a172527578123049ff2dc2b4e258a3f698a12ca4705a6fd0ce6bc4f1767b4d9c2e57c9ed1388527964ac96ff5e4cf5ad6fdb6a853b43905df32af8bd788b520fd526cbb95195a1bc00d654cb080acdf67938517a6cdac741d86730358be16465b4e1301f47f6a444c4e8d2980b8bd98a8dcd6617cde0b287e2d1f59167b5c445146fa49728111b8a2729428cabd02facb8fbddbdb2769680f288648d6baac53e0d909335da3e2b4c13ebd41f32820c9f491e9124ca444a0532f60e2816e15a5810baa91f64454aa355f9d362c7d1a461561689d08b1350a216b6f1bda57aae0706b3710a1b8e52a7e3084e600b5ee3dc540bba0c16267d549304a7840659a32e40070715c9bb912792d4a7b84fa06e73b9ddbc2f06c4edc19d25f5a198c7e3fc6226842e6215da5d826fcf5949612889f78e9de39d4e64b86b7033b5717a21f8f2b81c799a3fc0bfe6f5837b252eefa360c91a6148296bd19d50a343d909c1edf5261e70c8dfb2c488940cf236941ad3fd01247e37902a4bbfdd1839f7c92c260a2c494022fac08629303c8e54108d78ae2c94289c7f998ba3b622b48931ee7c17c59f5499d282467a1b8050acc94a0b17b21836c80b69f519b9b077d18e33c027faad562fa09f2cc6120f8cf5ee18cf7db9d729ffbb9de58885713215b7aebb8c98d9fa009be0a9ef3ceccdb2b31968db555b26c5c94e382d06ebf6d356e8caa85def5813dd1596d823924c4fb63dba5bd094cb64f204d1e59d31287715f831a1f0be95d8749f2166ba0b0b6b64a37991be1fe1c1e922835f2da0c074ec9413561d52166576b1c4f1e18f078dc046d1c284964b80217b55c59a474740c3649116b33e927479736bff6005859c7c00598f22cb8eca38af802f4c86836e8330492ac7ef3707890a8ff856dc7786ed769bba75b18484b257b3b022eeb51aa720639f79e6e6bd3d3c9a61f7822abe562867b4693f0b2f61135aaeaa510b31112efeec48d2602c6d4f2ddeeb51bb03ab18c18d8e127a37e22881febca47742b9332d3f2251003b1a46c40eca111d02446466b669568c70971bd33254ca577777f126f86f8a3665f065b645ff261e78e0f532e83a81b99c5de3488de74ca82daa0e4e7404eff911ae955acbb800f9f91b774e472bc14aa92817b6d85877b1861a6ca92c03c83b6f1490068bad8eab1f58c9e91e1029683de2ca45c99966966031ee86d8c9995f0612480e2a6d5396e8ae361d6fd2e24557613a1191f5019d4c8078628013512ea3a59532efffa6cfe4970d28d8c7aa8c866c4275ff2b0b4ef1a7e56854d7ee4bc445713da9349d13e30a4a802cb9db2f10280fd9ea043b5b3480441e8ed2d907eae1259befba9d87a04ce42b0010c70af157b90e0bf72549852fd122edd6cf3475f76852b13b4bf887cf32e25ad34aed7fd5a6e97b307f9b4ff1c07b2b55beef5ef3dd96eeb2a57720c18209d911a55341cee67e6ff577f7acaba01c2c9690b15a3b8aaa5b9d734196467a8c074b2eeeb5ae931ddf3deb15b1a8d603e72125c2e68ad206f2c4252a659f8248ff882a8e54126ebc0c77a46101072272460e683d465279a3695be6b64c9eeb4a576d95fd520be42eab5c95cbace0dfd80e2d67bab9f683a1cc9c006c02f0f90a21a0f51218c628f5608fbf1abc79aa63452bde1002383033578f32980e3779a8edeb226f6d3f9b36d8f07bddd7479b60346a4b4fa883940e3aef8ad8d834dad4405960a4409a6255e8753d0c0ad0960ff3ef48ce93fbe6b165e86eab36fccb8b989f5b54e6ccaa19749ff065a0a732d15c41b9072bbc6f07e1fd5a3df2775874e46b61ed50714e8c403fbed6884ec06f52ab71d2c191fcc56ac0b17ba3c46d2dab3e11c79383bd8867ff14b5fbca73b9ae594b6a09fb73a2e8f15aee59150e8d6d3dad9659025d045bbd1b9ca257c67bb78abe8f7eb9c8b3bc32951c41f7390bacc8c7059a2a9b078ab50413605aec604e4666a6ace765b0e7ab558fe6232f2703d07811e3d0ac5bf9434e87876e99250ee9db6527a8ccb4a3ee3bde738563c9746f941cf2cd7efacdbd2593cafdbe5171864b2982b54dc5a32c86638c0e650a331625033b8dd65851965ae791880349d5cd52548f4422a317f96ed79e7ccf3bd671e6dc70365f521c65206386eb1f99570a544d11b3d36fea285f8a3770ca303a965a0c1d598ebe3696e647be734ccf760d3d47dec75e236d7ac08019b6622a7b9f08bc8f0937ab75e75a047a7386befbd56fc4b2f89c852dadce8df946cb3fafe4eed2678caadf1a913ae32b2c0b8a37984cb700343c5e24609f8c5ddeff5e653837a9332a41c8e21466a13d79224125d5f6a4fef79b5adae7f4ab7d351c55400545edd3c00637bd27164828925e9bb5d79f1f1e6eb3270ab799ae38772f779565d92c47503de695f7aad7ddacda6f6c71e755b3737231b64715bf07849d3466e4f92239f733436ce674389bd16900", 0x2000, &(0x7f0000008b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x90, 0x0, 0x0, {0x100000000404, 0x0, 0xc, 0x0, 0x8000000, 0x0, {0x0, 0x0, 0x5, 0x0, 0x0, 0x20000000, 0x0, 0x1, 0x0, 0xa000, 0x0, 0x0, r6, 0x80000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
fstat(r2, &(0x7f00000009c0))
lstat(&(0x7f0000000940)='./file0\x00', &(0x7f0000000a40))
getresgid(&(0x7f0000000900), &(0x7f0000000300), &(0x7f0000000880))
getresgid(&(0x7f0000000b80), &(0x7f0000000bc0), &(0x7f0000000c00))
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000001180)={{{@in=@loopback, @in6=@dev}}, {{@in=@local}, 0x0, @in=@multicast1}}, &(0x7f00000010c0)=0xe8)
getgid()
creat(&(0x7f00000001c0)='./bus\x00', 0x77)
open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r9 = dup(r8)
write$UHID_INPUT(r9, &(0x7f0000000040)={0xf, {"a2e3ad214fc752f90b5e094f4bf70e0dd038e7ff7fc6e5539b1b4d078b089b3b0838721a0890e0878f0e1ac6e7049b3d6c959b4c9a240d9b67f3988f7ef319520100ffe8d178708c523c921b1b5b31320d075d0736cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f0000000c558cdc0a3621c56cea8d20fa911afe40db6ebe8cac64289fd3da232f1b5dbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000e0a37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146680400416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d483d4675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb53682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516ab68032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d95f2e8c77d95a3d3a6df40babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e08d4db9d76864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f39a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60559516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251aec29b32f8210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ac015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67784f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a700d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
sendmsg$nl_generic(r7, 0x0, 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x9471)

459.319373ms ago: executing program 1 (id=2932):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000280)={'wpan3\x00'})
sendmsg$NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x8054}, 0x40910)

422.665588ms ago: executing program 1 (id=2933):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x202, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x48, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000640)=0x4)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x80, 0x3, 0xef, '\x00', 0x3})
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 5)

414.724845ms ago: executing program 4 (id=2934):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10) (async)
listen(r0, 0x0) (async)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
r2 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvfrom$unix(r2, &(0x7f0000000240)=""/148, 0x94, 0x10100, 0x0, 0x0) (async)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r3, 0xffffffffffffffff, 0x0) (async)
creat(&(0x7f0000000080)='./file0\x00', 0x11d) (async, rerun: 32)
mount(&(0x7f0000000180)=@rnullb, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='jfs\x00', 0x8010, 0x0) (rerun: 32)

39.186672ms ago: executing program 4 (id=2935):
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000400)={'c6xdigio\x00', [0x0, 0x80000000, 0x4, 0xfdf9, 0xa8da, 0x8f, 0x6, 0x44, 0x2, 0x3187, 0x200, 0xfff, 0x77382cfb, 0x2002, 0x0, 0x6, 0x8, 0x6, 0x84, 0xb, 0x0, 0x20000, 0x80, 0x55, 0x5, 0xad1, 0x1ff, 0x907df, 0x8, 0x40000f3, 0x3]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x11e)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0, {0x7}}, './file0\x00'})
ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r1, 0x4068aea3, &(0x7f0000000080))

0s ago: executing program 2 (id=2936):
r0 = socket(0x10, 0x80000, 0x0)
r1 = syz_usb_connect(0x3, 0x24, &(0x7f00000001c0)=ANY=[@ANYBLOB="120100008d1e632039102021a702f9ff0301090212000100ffc00009047d000ce4409802aff3c531664a08b09216ac6cbe908b12cff3481c783ee3402c14341388a132a520d0f1a7b2a7b36fc39875fc54134a9b19f0d4449936f454a61cb7747c76e1ae347477882115aa35bd59825d8dbe53023c3eafd5f11eadbeebf968ce702c7a51a4c55d7a68a25f90ef54f36a670a9d7b045230089210bcf5f1819826b6fbe7925171b7a10159104ff9b1a364d0bba592fa2deb056f119361579f15d640b14f7aeba442e6218975b2e9f7c981e54596539ee92c775c3cf9675a69158bf3656fd0ab3ca21124f36c973465d3ff626f902c203781aac4532cca4d8e72e7458f33bbfc9ea35be47c0d9e9410075459f6d4a4ff4f40232369f7a3be833eb90000"], 0x0)
syz_usb_disconnect(r1)
syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[], 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000100)={0x2ffc, 0x4000006, 0xfffffefc, 0x6}, 0x10)
r2 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f0000000180)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000100)={0x0, 0x11, r3, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000fc0)={0x0, 0x0, r3, r4, 0x9c, 0x6, 0x5f, 0xfcde, {0x7, 0x800, 0x81, 0x7, 0x2, 0xbc2, 0xd, 0x8, 0x7, 0x7, 0xd, 0x0, 0x7fff, 0x80000000, "a3f1d6cb5d9bbcf55d6e4889c09b0237d47a019646535f7a5b5fbc1d00"}})
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYRES32, @ANYRESHEX=r1], 0x1c}}, 0x804)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r5, 0x0, 0x0, 0x20000080, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback, 0xed6}, 0x1c)

kernel console output (not intermixed with test programs):

 invalid length.
[  457.008737][T13002] hsr_slave_0: entered allmulticast mode
[  457.022709][T13002] team0: Device hsr_slave_0 is up. Set it down before adding it as a team port
[  457.335852][   T24] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  457.495884][   T24] usb 2-1: Using ep0 maxpacket: 32
[  457.597971][T13019] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2539'.
[  457.763212][   T24] usb 2-1: unable to get BOS descriptor or descriptor too short
[  457.776334][   T24] usb 2-1: unable to read config index 0 descriptor/start: -71
[  457.814801][   T24] usb 2-1: can't read configurations, error -71
[  458.649589][T13041] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2547'.
[  458.876207][   T24] usb 2-1: new low-speed USB device number 4 using dummy_hcd
[  459.038138][   T24] usb 2-1: unable to get BOS descriptor or descriptor too short
[  459.061381][   T24] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0x1 is Bulk; changing to Interrupt
[  459.084136][   T24] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0x82 is Bulk; changing to Interrupt
[  459.112898][   T24] usb 2-1: config 1 interface 0 has no altsetting 0
[  459.143334][   T24] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  459.163431][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  459.186374][   T24] usb 2-1: SerialNumber: Њ
[  459.195029][T13031] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  459.207258][T13031] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  459.307609][   T10] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[  459.450412][   T24] usb 2-1: USB disconnect, device number 4
[  459.475932][   T10] usb 5-1: Using ep0 maxpacket: 8
[  459.492405][   T10] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  459.509914][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  459.528498][   T10] usb 5-1: Product: syz
[  459.532718][   T10] usb 5-1: Manufacturer: syz
[  459.557857][   T10] usb 5-1: SerialNumber: syz
[  459.571361][   T10] usb 5-1: config 0 descriptor??
[  459.576403][    C0] vcan0: j1939_tp_rxtimer: 0xffff888033cf3800: rx timeout, send abort
[  459.813437][   T10] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  460.076492][    C0] vcan0: j1939_tp_rxtimer: 0xffff888033cf3800: abort rx timeout. Force session deactivation
[  460.094856][T13065] FAULT_INJECTION: forcing a failure.
[  460.094856][T13065] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  460.113154][T13065] CPU: 1 UID: 0 PID: 13065 Comm: syz.1.2554 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  460.113185][T13065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  460.113197][T13065] Call Trace:
[  460.113204][T13065]  <TASK>
[  460.113214][T13065]  dump_stack_lvl+0x189/0x250
[  460.113247][T13065]  ? __pfx____ratelimit+0x10/0x10
[  460.113269][T13065]  ? __pfx_dump_stack_lvl+0x10/0x10
[  460.113297][T13065]  ? __pfx__printk+0x10/0x10
[  460.113325][T13065]  ? __might_fault+0xb0/0x130
[  460.113366][T13065]  should_fail_ex+0x414/0x560
[  460.113400][T13065]  _copy_from_iter+0x1db/0x16f0
[  460.113429][T13065]  ? rcu_is_watching+0x15/0xb0
[  460.113455][T13065]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  460.113487][T13065]  ? __pfx__copy_from_iter+0x10/0x10
[  460.113513][T13065]  ? __build_skb_around+0x257/0x3e0
[  460.113542][T13065]  ? netlink_sendmsg+0x642/0xb30
[  460.113564][T13065]  ? skb_put+0x11b/0x210
[  460.113595][T13065]  netlink_sendmsg+0x6b2/0xb30
[  460.113628][T13065]  ? __pfx_netlink_sendmsg+0x10/0x10
[  460.113656][T13065]  ? aa_sock_msg_perm+0xf1/0x1d0
[  460.113685][T13065]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  460.113708][T13065]  ? __pfx_netlink_sendmsg+0x10/0x10
[  460.113733][T13065]  __sock_sendmsg+0x219/0x270
[  460.113759][T13065]  ____sys_sendmsg+0x505/0x830
[  460.113795][T13065]  ? __pfx_____sys_sendmsg+0x10/0x10
[  460.113832][T13065]  ? import_iovec+0x74/0xa0
[  460.113863][T13065]  ___sys_sendmsg+0x21f/0x2a0
[  460.113893][T13065]  ? __pfx____sys_sendmsg+0x10/0x10
[  460.113969][T13065]  ? __fget_files+0x2a/0x420
[  460.113990][T13065]  ? __fget_files+0x3a0/0x420
[  460.114022][T13065]  __x64_sys_sendmsg+0x19b/0x260
[  460.114054][T13065]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  460.114094][T13065]  ? __pfx_ksys_write+0x10/0x10
[  460.114111][T13065]  ? rcu_is_watching+0x15/0xb0
[  460.114139][T13065]  ? do_syscall_64+0xbe/0x3b0
[  460.114166][T13065]  do_syscall_64+0xfa/0x3b0
[  460.114186][T13065]  ? lockdep_hardirqs_on+0x9c/0x150
[  460.114207][T13065]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.114228][T13065]  ? clear_bhb_loop+0x60/0xb0
[  460.114253][T13065]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.114272][T13065] RIP: 0033:0x7fc18578e929
[  460.114292][T13065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  460.114309][T13065] RSP: 002b:00007fc1865db038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  460.114332][T13065] RAX: ffffffffffffffda RBX: 00007fc1859b5fa0 RCX: 00007fc18578e929
[  460.114348][T13065] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000004
[  460.114362][T13065] RBP: 00007fc1865db090 R08: 0000000000000000 R09: 0000000000000000
[  460.114375][T13065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  460.114389][T13065] R13: 0000000000000000 R14: 00007fc1859b5fa0 R15: 00007ffed2f7b258
[  460.114419][T13065]  </TASK>
[  460.399083][    C1] vkms_vblank_simulate: vblank timer overrun
[  460.447961][T13068] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  460.469373][T13068] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  460.481347][T13047] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  460.491747][T13047] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  460.506663][   T10] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  460.556438][   T10] usb 5-1: USB disconnect, device number 76
[  460.678001][ T5939] usb 1-1: new high-speed USB device number 99 using dummy_hcd
[  460.818576][ T5939] usb 1-1: device descriptor read/64, error -71
[  460.828807][T13072] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2556'.
[  460.979198][T13074] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2557'.
[  461.065869][ T5939] usb 1-1: new high-speed USB device number 100 using dummy_hcd
[  461.196686][ T5939] usb 1-1: device descriptor read/64, error -71
[  461.312675][ T5939] usb usb1-port1: attempt power cycle
[  461.475828][ T5958] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[  461.625916][ T5958] usb 5-1: device descriptor read/64, error -71
[  461.648208][T13090] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  461.667569][ T5939] usb 1-1: new high-speed USB device number 101 using dummy_hcd
[  461.706676][ T5939] usb 1-1: device descriptor read/8, error -71
[  461.897286][ T5958] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[  461.955939][ T5939] usb 1-1: new high-speed USB device number 102 using dummy_hcd
[  461.987801][ T5939] usb 1-1: device descriptor read/8, error -71
[  462.045812][ T5958] usb 5-1: device descriptor read/64, error -71
[  462.106569][ T5939] usb usb1-port1: unable to enumerate USB device
[  462.157856][ T5958] usb usb5-port1: attempt power cycle
[  462.276131][   T10] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  462.438527][   T10] usb 2-1: Using ep0 maxpacket: 8
[  462.460161][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  462.485908][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  462.495618][   T10] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  462.518764][ T5958] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[  462.526009][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[  462.556576][   T10] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  462.556678][ T5958] usb 5-1: device descriptor read/8, error -71
[  462.580020][   T10] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  462.599445][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  462.599955][T13110] netlink: 112 bytes leftover after parsing attributes in process `syz.2.2570'.
[  462.635773][   T10] usb 2-1: config 0 descriptor??
[  462.641743][T13100] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[  462.744963][T13112] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  462.815945][ T5958] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[  462.838584][ T5958] usb 5-1: device descriptor read/8, error -71
[  462.863160][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.870579][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.877645][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.884562][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.891625][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.898657][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.906252][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.913165][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.920582][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.927494][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.934400][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.942943][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.949913][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.956889][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.963774][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.971646][ T5958] usb usb5-port1: unable to enumerate USB device
[  462.979128][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.986090][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  462.993001][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  463.000164][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  463.007277][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  463.014287][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  463.021361][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  463.028306][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  463.035912][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  463.043661][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  463.050911][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  463.057911][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  463.064892][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  463.072324][T12188] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  463.130791][   T10] usb 2-1: USB disconnect, device number 5
[  463.131033][ T5850] Bluetooth: hci3: Opcode 0x0c03 failed: -71
[  463.435273][T13121] FAULT_INJECTION: forcing a failure.
[  463.435273][T13121] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  463.456088][T13121] CPU: 1 UID: 0 PID: 13121 Comm: syz.0.2574 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  463.456121][T13121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  463.456134][T13121] Call Trace:
[  463.456143][T13121]  <TASK>
[  463.456151][T13121]  dump_stack_lvl+0x189/0x250
[  463.456186][T13121]  ? __pfx____ratelimit+0x10/0x10
[  463.456211][T13121]  ? __pfx_dump_stack_lvl+0x10/0x10
[  463.456240][T13121]  ? __pfx__printk+0x10/0x10
[  463.456270][T13121]  ? __might_fault+0xb0/0x130
[  463.456313][T13121]  should_fail_ex+0x414/0x560
[  463.456348][T13121]  _copy_from_user+0x2d/0xb0
[  463.456378][T13121]  memdup_user+0x5e/0xd0
[  463.456402][T13121]  strndup_user+0x68/0xd0
[  463.456426][T13121]  __se_sys_mount+0xde/0x410
[  463.456450][T13121]  ? ksys_write+0x22a/0x250
[  463.456472][T13121]  ? __pfx___se_sys_mount+0x10/0x10
[  463.456490][T13121]  ? rcu_is_watching+0x15/0xb0
[  463.456518][T13121]  ? do_syscall_64+0xbe/0x3b0
[  463.456539][T13121]  ? __x64_sys_mount+0x20/0xc0
[  463.456565][T13121]  do_syscall_64+0xfa/0x3b0
[  463.456586][T13121]  ? lockdep_hardirqs_on+0x9c/0x150
[  463.456607][T13121]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  463.456628][T13121]  ? clear_bhb_loop+0x60/0xb0
[  463.456653][T13121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  463.456673][T13121] RIP: 0033:0x7fd65478e929
[  463.456691][T13121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  463.456709][T13121] RSP: 002b:00007fd65562c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  463.456733][T13121] RAX: ffffffffffffffda RBX: 00007fd6549b5fa0 RCX: 00007fd65478e929
[  463.456749][T13121] RDX: 0000200000000100 RSI: 0000200000002480 RDI: 0000200000002440
[  463.456762][T13121] RBP: 00007fd65562c090 R08: 00002000000002c0 R09: 0000000000000000
[  463.456776][T13121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  463.456788][T13121] R13: 0000000000000000 R14: 00007fd6549b5fa0 R15: 00007ffe496fdd78
[  463.456821][T13121]  </TASK>
[  463.666101][    C1] vkms_vblank_simulate: vblank timer overrun
[  464.003983][T13125] program syz.1.2576 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  464.051836][T13125] netlink: 763 bytes leftover after parsing attributes in process `syz.1.2576'.
[  464.093007][T13125] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2576'.
[  464.106338][T13125] netlink: 'syz.1.2576': attribute type 1 has an invalid length.
[  464.114112][T13125] netlink: 'syz.1.2576': attribute type 2 has an invalid length.
[  464.176498][T13125] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2576'.
[  464.233971][T13135] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2579'.
[  464.355523][T13137] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2580'.
[  464.636827][T13152] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2585'.
[  466.061508][T13190] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2599'.
[  466.109138][T13192] FAULT_INJECTION: forcing a failure.
[  466.109138][T13192] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  466.125096][T13192] CPU: 0 UID: 0 PID: 13192 Comm: syz.2.2600 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  466.125129][T13192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  466.125141][T13192] Call Trace:
[  466.125150][T13192]  <TASK>
[  466.125159][T13192]  dump_stack_lvl+0x189/0x250
[  466.125194][T13192]  ? __pfx____ratelimit+0x10/0x10
[  466.125218][T13192]  ? __pfx_dump_stack_lvl+0x10/0x10
[  466.125246][T13192]  ? __pfx__printk+0x10/0x10
[  466.125276][T13192]  ? __might_fault+0xb0/0x130
[  466.125317][T13192]  should_fail_ex+0x414/0x560
[  466.125354][T13192]  _copy_from_iter+0x1db/0x16f0
[  466.125395][T13192]  ? __pfx__copy_from_iter+0x10/0x10
[  466.125422][T13192]  ? file_tty_write+0x2a8/0x990
[  466.125455][T13192]  ? file_tty_write+0x2e8/0x990
[  466.125482][T13192]  ? rcu_is_watching+0x15/0xb0
[  466.125510][T13192]  ? kfree+0x4d/0x440
[  466.125543][T13192]  file_tty_write+0x486/0x990
[  466.125584][T13192]  vfs_write+0x548/0xa90
[  466.125623][T13192]  ? __pfx_tty_write+0x10/0x10
[  466.125652][T13192]  ? __pfx_vfs_write+0x10/0x10
[  466.125702][T13192]  ? __fget_files+0x2a/0x420
[  466.125735][T13192]  ksys_write+0x145/0x250
[  466.125757][T13192]  ? __pfx_ksys_write+0x10/0x10
[  466.125783][T13192]  ? do_syscall_64+0xbe/0x3b0
[  466.125811][T13192]  do_syscall_64+0xfa/0x3b0
[  466.125841][T13192]  ? lockdep_hardirqs_on+0x9c/0x150
[  466.125863][T13192]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.125884][T13192]  ? clear_bhb_loop+0x60/0xb0
[  466.125910][T13192]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.125930][T13192] RIP: 0033:0x7f559e98e929
[  466.125951][T13192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  466.125970][T13192] RSP: 002b:00007f559f762038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  466.125993][T13192] RAX: ffffffffffffffda RBX: 00007f559ebb5fa0 RCX: 00007f559e98e929
[  466.126009][T13192] RDX: 0000000000001006 RSI: 00002000000010c0 RDI: 0000000000000004
[  466.126022][T13192] RBP: 00007f559f762090 R08: 0000000000000000 R09: 0000000000000000
[  466.126036][T13192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  466.126048][T13192] R13: 0000000000000000 R14: 00007f559ebb5fa0 R15: 00007fff255f3178
[  466.126081][T13192]  </TASK>
[  466.275823][   T24] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  466.299219][    C1] vkms_vblank_simulate: vblank timer overrun
[  466.405850][ T5857] usb 1-1: new high-speed USB device number 103 using dummy_hcd
[  466.518210][   T24] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  466.527914][   T24] usb 2-1: config index 0 descriptor too short (expected 8192, got 27)
[  466.542799][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  466.556289][   T24] usb 2-1: config 0 has no interfaces?
[  466.563332][   T24] usb 2-1: config index 1 descriptor too short (expected 8192, got 27)
[  466.572250][ T5857] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  466.572759][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  466.599123][ T5857] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  466.626332][   T24] usb 2-1: config 0 has no interfaces?
[  466.633766][   T24] usb 2-1: config index 2 descriptor too short (expected 8192, got 27)
[  466.635740][ T5857] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  466.642740][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  466.677690][ T5857] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  466.683232][   T24] usb 2-1: config 0 has no interfaces?
[  466.706804][ T5857] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  466.707539][   T24] usb 2-1: config index 3 descriptor too short (expected 8192, got 27)
[  466.729118][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  466.743326][ T5857] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  466.743910][   T24] usb 2-1: config 0 has no interfaces?
[  466.776814][ T5857] usb 1-1: config 0 descriptor??
[  466.780950][   T24] usb 2-1: config index 4 descriptor too short (expected 8192, got 27)
[  466.780983][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  466.781005][   T24] usb 2-1: config 0 has no interfaces?
[  466.782310][   T24] usb 2-1: config index 5 descriptor too short (expected 8192, got 27)
[  466.782339][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  466.782359][   T24] usb 2-1: config 0 has no interfaces?
[  466.783485][   T24] usb 2-1: config index 6 descriptor too short (expected 8192, got 27)
[  466.783511][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  466.783531][   T24] usb 2-1: config 0 has no interfaces?
[  466.784653][   T24] usb 2-1: config index 7 descriptor too short (expected 8192, got 27)
[  466.784679][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  466.784699][   T24] usb 2-1: config 0 has no interfaces?
[  466.789016][   T24] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  466.789047][   T24] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  466.789069][   T24] usb 2-1: Product: syz
[  466.789086][   T24] usb 2-1: Manufacturer: syz
[  466.789104][   T24] usb 2-1: SerialNumber: syz
[  466.792440][   T24] usb 2-1: config 0 descriptor??
[  467.006064][   T24] usb 2-1: USB disconnect, device number 6
[  467.190391][ T5857] hid_parser_main: 5 callbacks suppressed
[  467.190409][ T5857] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  467.225812][ T5857] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  467.233282][ T5857] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  467.255810][ T5857] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  467.263367][ T5857] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  467.296260][ T5857] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  467.303734][ T5857] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  467.311399][ T5857] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  467.327136][ T5857] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  467.334687][ T5857] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  467.349589][ T5857] plantronics 0003:047F:FFFF.0015: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  467.448408][T13190] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  467.464787][T13190] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  467.498205][ T5958] usb 3-1: new high-speed USB device number 105 using dummy_hcd
[  467.539703][ T5857] usb 1-1: USB disconnect, device number 103
[  467.679148][ T5958] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  467.717860][ T5958] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  467.746145][ T5958] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  467.778327][ T5958] usb 3-1: config 0 descriptor??
[  467.989580][ T5958] usbhid 3-1:0.0: can't add hid device: -71
[  467.998671][ T5958] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  468.011519][ T5958] usb 3-1: USB disconnect, device number 105
[  468.144773][T13214] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2608'.
[  468.515914][   T10] usb 3-1: new high-speed USB device number 106 using dummy_hcd
[  468.669920][   T10] usb 3-1: device descriptor read/64, error -71
[  468.925801][   T10] usb 3-1: new high-speed USB device number 107 using dummy_hcd
[  469.076591][   T10] usb 3-1: device descriptor read/64, error -71
[  469.186423][   T10] usb usb3-port1: attempt power cycle
[  469.205749][    C0] vcan0: j1939_tp_rxtimer: 0xffff888033bd5c00: rx timeout, send abort
[  469.277823][T13240] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2619'.
[  469.299118][T13240] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2619'.
[  469.412441][T13238] FAULT_INJECTION: forcing a failure.
[  469.412441][T13238] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  469.431369][T13238] CPU: 1 UID: 0 PID: 13238 Comm: syz.0.2618 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  469.431401][T13238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  469.431414][T13238] Call Trace:
[  469.431423][T13238]  <TASK>
[  469.431431][T13238]  dump_stack_lvl+0x189/0x250
[  469.431467][T13238]  ? __pfx____ratelimit+0x10/0x10
[  469.431491][T13238]  ? __pfx_dump_stack_lvl+0x10/0x10
[  469.431519][T13238]  ? __pfx__printk+0x10/0x10
[  469.431551][T13238]  ? fs_reclaim_acquire+0x7d/0x100
[  469.431583][T13238]  should_fail_ex+0x414/0x560
[  469.431619][T13238]  prepare_alloc_pages+0x213/0x610
[  469.431652][T13238]  __alloc_frozen_pages_noprof+0x123/0x370
[  469.431680][T13238]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  469.431723][T13238]  alloc_pages_mpol+0x232/0x4a0
[  469.431760][T13238]  alloc_pages_noprof+0xa9/0x190
[  469.431792][T13238]  pte_alloc_one+0x21/0x170
[  469.431828][T13238]  __pte_alloc+0x25/0x1a0
[  469.431857][T13238]  __handle_mm_fault+0x49b3/0x5440
[  469.431907][T13238]  ? __pfx___handle_mm_fault+0x10/0x10
[  469.431953][T13238]  ? follow_page_pte+0xd03/0x13e0
[  469.431986][T13238]  ? __pfx___might_resched+0x10/0x10
[  469.432020][T13238]  handle_mm_fault+0x40a/0x8e0
[  469.432070][T13238]  __get_user_pages+0x1699/0x2ce0
[  469.432095][T13238]  ? __lock_acquire+0xab9/0xd20
[  469.432162][T13238]  __gup_longterm_locked+0xde9/0x1660
[  469.432207][T13238]  ? sanity_check_pinned_pages+0x1241/0x1300
[  469.432237][T13238]  ? gup_fast_fallback+0x195f/0x2010
[  469.432270][T13238]  gup_fast_fallback+0x1e6a/0x2010
[  469.432337][T13238]  ? __pfx_gup_fast_fallback+0x10/0x10
[  469.432367][T13238]  ? kernel_fpu_end+0xd2/0x120
[  469.432398][T13238]  ? __pfx_kernel_fpu_end+0x10/0x10
[  469.432430][T13238]  ? preempt_schedule_irq+0xde/0x150
[  469.432457][T13238]  ? pin_user_pages_fast+0x4d/0xb0
[  469.432489][T13238]  iov_iter_extract_pages+0x35a/0x5e0
[  469.432528][T13238]  extract_iter_to_sg+0xe46/0x24e0
[  469.432556][T13238]  ? __crypto_xor+0x17fa/0x1850
[  469.432585][T13238]  ? sanity_check_pinned_pages+0x123a/0x1300
[  469.432617][T13238]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  469.432643][T13238]  ? unpin_user_page+0xc9/0x1d0
[  469.432665][T13238]  ? __pfx_unpin_user_page+0x10/0x10
[  469.432706][T13238]  ? __asan_memset+0x22/0x50
[  469.432735][T13238]  hash_sendmsg+0x4f4/0x11d0
[  469.432785][T13238]  ? __pfx_hash_sendmsg+0x10/0x10
[  469.432804][T13238]  __sock_sendmsg+0x219/0x270
[  469.432829][T13238]  ____sys_sendmsg+0x52d/0x830
[  469.432865][T13238]  ? __pfx_____sys_sendmsg+0x10/0x10
[  469.432906][T13238]  ? import_iovec+0x74/0xa0
[  469.432938][T13238]  ___sys_sendmsg+0x21f/0x2a0
[  469.432968][T13238]  ? __pfx____sys_sendmsg+0x10/0x10
[  469.433046][T13238]  ? __fget_files+0x2a/0x420
[  469.433068][T13238]  ? __fget_files+0x3a0/0x420
[  469.433100][T13238]  __sys_sendmmsg+0x227/0x430
[  469.433136][T13238]  ? __pfx___sys_sendmmsg+0x10/0x10
[  469.433162][T13238]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  469.433214][T13238]  ? ksys_write+0x22a/0x250
[  469.433237][T13238]  ? __pfx_ksys_write+0x10/0x10
[  469.433254][T13238]  ? rcu_is_watching+0x15/0xb0
[  469.433288][T13238]  __x64_sys_sendmmsg+0xa0/0xc0
[  469.433319][T13238]  do_syscall_64+0xfa/0x3b0
[  469.433342][T13238]  ? lockdep_hardirqs_on+0x9c/0x150
[  469.433362][T13238]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.433383][T13238]  ? clear_bhb_loop+0x60/0xb0
[  469.433409][T13238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.433429][T13238] RIP: 0033:0x7fd65478e929
[  469.433449][T13238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  469.433468][T13238] RSP: 002b:00007fd65562c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  469.433492][T13238] RAX: ffffffffffffffda RBX: 00007fd6549b5fa0 RCX: 00007fd65478e929
[  469.433514][T13238] RDX: 0000000000000001 RSI: 0000200000003380 RDI: 0000000000000004
[  469.433527][T13238] RBP: 00007fd65562c090 R08: 0000000000000000 R09: 0000000000000000
[  469.433541][T13238] R10: 0000000020004000 R11: 0000000000000246 R12: 0000000000000001
[  469.433555][T13238] R13: 0000000000000000 R14: 00007fd6549b5fa0 R15: 00007ffe496fdd78
[  469.433588][T13238]  </TASK>
[  469.714048][    C0] vcan0: j1939_tp_rxtimer: 0xffff888033bd5c00: abort rx timeout. Force session deactivation
[  469.718308][    C1] vkms_vblank_simulate: vblank timer overrun
[  469.855415][    C1] vkms_vblank_simulate: vblank timer overrun
[  469.866577][   T10] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[  469.915810][   T10] usb 3-1: device descriptor read/8, error -71
[  469.961481][    C1] vkms_vblank_simulate: vblank timer overrun
[  470.145838][ T5857] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[  470.153596][   T10] usb 3-1: new high-speed USB device number 109 using dummy_hcd
[  470.182044][   T10] usb 3-1: device descriptor read/8, error -71
[  470.286810][ T5857] usb 5-1: device descriptor read/64, error -71
[  470.316191][   T10] usb usb3-port1: unable to enumerate USB device
[  470.552492][ T5857] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[  470.727777][ T5857] usb 5-1: device descriptor read/64, error -71
[  470.846559][ T5857] usb usb5-port1: attempt power cycle
[  471.058992][   T24] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  471.205831][ T5857] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[  471.226132][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  471.249004][ T5857] usb 5-1: device descriptor read/8, error -71
[  471.250515][   T24] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  471.300194][   T24] usb 2-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=d9.c3
[  471.327316][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  471.357445][   T24] usb 2-1: Product: syz
[  471.361687][   T24] usb 2-1: Manufacturer: syz
[  471.385841][   T24] usb 2-1: SerialNumber: syz
[  471.393889][   T24] usb 2-1: config 0 descriptor??
[  471.505809][ T5857] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[  471.536684][ T5857] usb 5-1: device descriptor read/8, error -71
[  471.613439][T13267] netlink: 'syz.1.2629': attribute type 10 has an invalid length.
[  471.625308][T13267] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  471.657751][ T5958] usb 2-1: USB disconnect, device number 7
[  471.658790][ T5857] usb usb5-port1: unable to enumerate USB device
[  472.854602][T13289] 9pnet_fd: p9_fd_create_unix (13289): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  472.884224][    C1] vkms_vblank_simulate: vblank timer overrun
[  473.255865][ T5857] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  473.310392][   T30] audit: type=1326 audit(1751723534.051:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13297 comm="syz.4.2642" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f027d38e929 code=0x0
[  473.332099][    C1] vkms_vblank_simulate: vblank timer overrun
[  473.359223][T13300] openvswitch: netlink: Tunnel attr 294 out of range max 16
[  473.386258][T13301] 9pnet_fd: Insufficient options for proto=fd
[  473.443185][ T5857] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  473.468080][ T5857] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  473.494629][ T5857] usb 2-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1
[  473.512393][ T5857] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  473.530174][ T5857] usb 2-1: Product: syz
[  473.544736][ T5857] usb 2-1: Manufacturer: syz
[  473.544835][ T5857] usb 2-1: SerialNumber: syz
[  473.554942][ T5857] usb 2-1: config 0 descriptor??
[  473.762866][   T30] audit: type=1800 audit(1751723534.501:15): pid=13291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2639" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  473.783350][    C1] vkms_vblank_simulate: vblank timer overrun
[  473.832357][ T5857] usb 2-1: USB disconnect, device number 8
[  474.037987][T13309] trusted_key: encrypted_key: keylen parameter is missing
[  474.411652][T13315] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2649'.
[  474.887882][T13324] binder: 13323:13324 ioctl c0306201 200000000540 returned -14
[  475.172658][T13329] /dev/loop4: Can't open blockdev
[  476.050256][T13351] binder: BINDER_SET_CONTEXT_MGR already set
[  476.058247][T13351] binder: 13350:13351 ioctl 4018620d 200000000040 returned -16
[  476.072919][T13351] binder: 13350:13351 ioctl c0306201 2000000003c0 returned -14
[  476.345841][   T24] usb 3-1: new high-speed USB device number 110 using dummy_hcd
[  476.363496][T13358] syzkaller1: entered promiscuous mode
[  476.381397][T13358] syzkaller1: entered allmulticast mode
[  476.525914][   T24] usb 3-1: Using ep0 maxpacket: 32
[  476.535132][   T24] usb 3-1: too many configurations: 186, using maximum allowed: 8
[  476.562601][   T24] usb 3-1: unable to read config index 0 descriptor/start: -61
[  476.579013][   T24] usb 3-1: can't read configurations, error -61
[  476.745854][   T24] usb 3-1: new high-speed USB device number 111 using dummy_hcd
[  476.905844][ T5958] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[  476.925584][   T24] usb 3-1: Using ep0 maxpacket: 32
[  476.945095][   T24] usb 3-1: too many configurations: 186, using maximum allowed: 8
[  476.971025][   T24] usb 3-1: unable to read config index 0 descriptor/start: -61
[  476.985933][   T24] usb 3-1: can't read configurations, error -61
[  477.002966][   T24] usb usb3-port1: attempt power cycle
[  477.060327][ T5958] usb 5-1: device descriptor read/64, error -71
[  477.146033][T12188] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  477.168402][T12188] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  477.191538][T12188] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  477.203772][T12188] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  477.215168][T12188] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  477.302229][T13366] lo speed is unknown, defaulting to 1000
[  477.325974][ T5958] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[  477.345831][   T24] usb 3-1: new high-speed USB device number 112 using dummy_hcd
[  477.381158][   T24] usb 3-1: Using ep0 maxpacket: 32
[  477.399615][ T3012] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  477.415154][   T24] usb 3-1: too many configurations: 186, using maximum allowed: 8
[  477.450847][   T24] usb 3-1: unable to read config index 0 descriptor/start: -61
[  477.468661][   T24] usb 3-1: can't read configurations, error -61
[  477.486051][ T5958] usb 5-1: device descriptor read/64, error -71
[  477.555596][ T3012] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  477.597200][ T5958] usb usb5-port1: attempt power cycle
[  477.606207][   T24] usb 3-1: new high-speed USB device number 113 using dummy_hcd
[  477.647417][   T24] usb 3-1: Using ep0 maxpacket: 32
[  477.666395][   T24] usb 3-1: too many configurations: 186, using maximum allowed: 8
[  477.706364][   T24] usb 3-1: unable to read config index 0 descriptor/start: -61
[  477.723799][ T3012] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  477.744778][   T24] usb 3-1: can't read configurations, error -61
[  477.751615][   T24] usb usb3-port1: unable to enumerate USB device
[  477.843562][ T3012] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  477.965842][ T5958] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[  477.987801][ T5958] usb 5-1: device descriptor read/8, error -71
[  478.212794][ T3012] bridge_slave_1: left allmulticast mode
[  478.220248][ T3012] bridge_slave_1: left promiscuous mode
[  478.230100][ T3012] bridge0: port 2(bridge_slave_1) entered disabled state
[  478.244419][ T3012] bridge_slave_0: left allmulticast mode
[  478.253642][ T3012] bridge_slave_0: left promiscuous mode
[  478.259488][ T5958] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[  478.271519][ T3012] bridge0: port 1(bridge_slave_0) entered disabled state
[  478.298790][ T5958] usb 5-1: device descriptor read/8, error -71
[  478.417650][ T5958] usb usb5-port1: unable to enumerate USB device
[  478.888485][ T3012] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  478.904551][ T3012] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  478.928759][ T3012] bond0 (unregistering): Released all slaves
[  478.953566][T13366] chnl_net:caif_netlink_parms(): no params data found
[  479.163473][T13380] comedi comedi3: pcl724: a I/O base address must be specified
[  479.169528][ T3012] tipc: Disabling bearer <udp:syz1>
[  479.177205][ T3012] tipc: Left network mode
[  479.213002][T13383] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2677'.
[  479.289766][T12188] Bluetooth: hci3: command tx timeout
[  479.482694][T13366] bridge0: port 1(bridge_slave_0) entered blocking state
[  479.490649][T13366] bridge0: port 1(bridge_slave_0) entered disabled state
[  479.526062][T13366] bridge_slave_0: entered allmulticast mode
[  479.534279][T13366] bridge_slave_0: entered promiscuous mode
[  479.572710][T13366] bridge0: port 2(bridge_slave_1) entered blocking state
[  479.594340][T13366] bridge0: port 2(bridge_slave_1) entered disabled state
[  479.616053][T13366] bridge_slave_1: entered allmulticast mode
[  479.624192][T13366] bridge_slave_1: entered promiscuous mode
[  479.798514][   T43] usb 1-1: new high-speed USB device number 104 using dummy_hcd
[  479.882681][T13366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  479.972852][T13366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  479.985826][   T43] usb 1-1: config 128 has an invalid interface number: 138 but max is 0
[  479.994221][   T43] usb 1-1: config 128 has no interface number 0
[  480.020111][   T43] usb 1-1: config 128 interface 138 has no altsetting 0
[  480.034811][   T43] usb 1-1: New USB device found, idVendor=05ac, idProduct=0241, bcdDevice=c1.78
[  480.050355][   T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  480.059111][   T43] usb 1-1: Product: syz
[  480.063320][   T43] usb 1-1: Manufacturer: syz
[  480.072309][   T43] usb 1-1: SerialNumber: syz
[  480.135998][ T5857] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[  480.231273][T13366] team0: Port device team_slave_0 added
[  480.305524][T13366] team0: Port device team_slave_1 added
[  480.314219][ T5857] usb 5-1: Using ep0 maxpacket: 8
[  480.328661][ T5857] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  480.351314][ T5857] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  480.382573][   T43] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:128.138/input/input23
[  480.385761][ T5857] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  480.443070][ T5857] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[  480.453751][ T5205] bcm5974 1-1:128.138: could not read from device
[  480.471345][ T5857] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  480.471819][   T43] usb 1-1: USB disconnect, device number 104
[  480.496482][ T5205] bcm5974 1-1:128.138: could not read from device
[  480.515988][ T5857] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  480.525088][ T5857] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.575367][ T5857] usb 5-1: config 0 descriptor??
[  480.583875][ T3012] hsr_slave_0: left promiscuous mode
[  480.590790][T13402] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  480.617442][ T3012] hsr_slave_1: left promiscuous mode
[  480.634114][ T3012] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  480.649896][ T3012] batman_adv: batadv0: Removing interface: batadv_slave_1
[  480.676757][ T3012] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  480.694561][T13408] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2686'.
[  480.704086][ T3012] batman_adv: batadv0: Removing interface: virt_wifi0
[  480.761537][ T3012] veth1_macvtap: left promiscuous mode
[  480.782554][ T3012] veth0_macvtap: left promiscuous mode
[  480.800966][ T3012] veth1_vlan: left promiscuous mode
[  480.823643][ T3012] veth0_vlan: left promiscuous mode
[  480.834597][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.845516][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.853058][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.861122][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.869961][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.882452][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.889897][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.897355][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.904422][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.911985][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.919052][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.926517][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.933630][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.940765][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.947809][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.954806][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.962572][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.970780][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.982871][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.990133][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  480.997310][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  481.004298][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  481.011337][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  481.018441][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  481.025497][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  481.033785][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  481.040966][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  481.048000][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  481.055898][ T5850] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  481.070375][ T5939] usb 5-1: USB disconnect, device number 89
[  481.076698][T12188] Bluetooth: hci0: Opcode 0x0c03 failed: -71
[  481.159961][T13411] tipc: Failed to remove unknown binding: 66,1,1/0:2353015898/2353015900
[  481.199822][ T3012] pim6reg (unregistering): left allmulticast mode
[  481.372397][T12188] Bluetooth: hci3: command tx timeout
[  482.376008][   T43] usb 1-1: new full-speed USB device number 105 using dummy_hcd
[  482.458860][ T3012] team0 (unregistering): Port device team_slave_1 removed
[  482.538022][   T43] usb 1-1: config 0 has an invalid interface number: 63 but max is 0
[  482.560067][   T43] usb 1-1: config 0 has no interface number 0
[  482.573150][   T43] usb 1-1: config 0 interface 63 has no altsetting 0
[  482.589752][ T3012] team0 (unregistering): Port device team_slave_0 removed
[  482.603848][   T43] usb 1-1: New USB device found, idVendor=07ca, idProduct=a800, bcdDevice=2b.5e
[  482.629360][   T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  482.652949][   T43] usb 1-1: Product: syz
[  482.670226][   T43] usb 1-1: Manufacturer: syz
[  482.684935][   T43] usb 1-1: SerialNumber: syz
[  482.721671][   T43] usb 1-1: config 0 descriptor??
[  482.742756][   T43] dvb-usb: found a 'AVerMedia AverTV DVB-T USB 2.0 (A800)' in warm state.
[  482.782999][   T43] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  482.794703][   T43] dvbdev: DVB: registering new adapter (AVerMedia AverTV DVB-T USB 2.0 (A800))
[  482.821346][   T43] usb 1-1: media controller created
[  482.835662][   T43] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  482.884024][   T43] dvb-usb: bulk message failed: -22 (6/0)
[  482.908319][   T43] dvb-usb: bulk message failed: -22 (6/0)
[  482.916686][   T43] dvb-usb: no frontend was attached by 'AVerMedia AverTV DVB-T USB 2.0 (A800)'
[  483.030043][   T43] rc_core: IR keymap rc-avermedia-m135a not found
[  483.040281][   T43] Registered IR keymap rc-empty
[  483.048163][T13442] netlink: 148 bytes leftover after parsing attributes in process `syz.0.2693'.
[  483.065569][   T43] rc rc0: AVerMedia AverTV DVB-T USB 2.0 (A800) as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0
[  483.084614][   T43] input: AVerMedia AverTV DVB-T USB 2.0 (A800) as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0/input24
[  483.116604][   T43] dvb-usb: schedule remote query interval to 150 msecs.
[  483.124258][   T43] dvb-usb: AVerMedia AverTV DVB-T USB 2.0 (A800) successfully initialized and connected.
[  483.445860][T12188] Bluetooth: hci3: command tx timeout
[  483.705057][   T36] smc: removing ib device syz0
[  483.749816][T13366] batman_adv: batadv0: Adding interface: batadv_slave_0
[  483.769343][T13366] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  483.799693][T13366] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  483.814736][T12782] lo speed is unknown, defaulting to 1000
[  483.821642][T12782] syz0: Port: 1 Link DOWN
[  483.834205][T13366] batman_adv: batadv0: Adding interface: batadv_slave_1
[  483.902273][T13366] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  484.024307][T13444] netlink: 280 bytes leftover after parsing attributes in process `syz.4.2697'.
[  484.025284][T13366] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  484.063356][T13424] netlink: 'syz.0.2693': attribute type 29 has an invalid length.
[  484.083987][T13441] netlink: 'syz.0.2693': attribute type 29 has an invalid length.
[  484.150586][   T43] dvb-usb: error -19 while querying for an remote control event.
[  484.164534][   T24] usb 1-1: USB disconnect, device number 105
[  484.167720][T13444] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2697'.
[  484.400612][   T24] dvb-usb: AVerMedia AverTV DVB-T USB 2.0 (A800) successfully deinitialized and disconnected.
[  484.687137][ T5857] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[  484.707429][T13366] hsr_slave_0: entered promiscuous mode
[  484.736461][T13366] hsr_slave_1: entered promiscuous mode
[  484.867218][ T5857] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  484.889008][ T5857] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  484.925534][ T5857] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  484.956776][ T5857] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  484.993715][ T5857] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  485.021787][ T5857] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  485.133465][ T5857] usb 5-1: config 0 descriptor??
[  485.475669][T13463] syz.0.2705: attempt to access beyond end of device
[  485.475669][T13463] loop0: rw=0, sector=0, nr_sectors = 1 limit=0
[  485.532590][T13463] hpfs: hpfs_map_sector(): read error
[  485.535879][T12188] Bluetooth: hci3: command tx timeout
[  485.572358][ T5857] hid_parser_main: 5 callbacks suppressed
[  485.572385][ T5857] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  485.595813][ T5857] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  485.603711][ T5857] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  485.611770][ T5857] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  485.619604][ T5857] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  485.627494][ T5857] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  485.634930][ T5857] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  485.642653][ T5857] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  485.675474][ T5857] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  485.695839][ T5857] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  485.766693][ T5857] plantronics 0003:047F:FFFF.0016: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  485.891211][ T5857] usb 5-1: USB disconnect, device number 90
[  486.196391][T13482] FAULT_INJECTION: forcing a failure.
[  486.196391][T13482] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  486.234196][T13482] CPU: 1 UID: 0 PID: 13482 Comm: syz.0.2710 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  486.234229][T13482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  486.234242][T13482] Call Trace:
[  486.234252][T13482]  <TASK>
[  486.234261][T13482]  dump_stack_lvl+0x189/0x250
[  486.234298][T13482]  ? __pfx____ratelimit+0x10/0x10
[  486.234321][T13482]  ? __pfx_dump_stack_lvl+0x10/0x10
[  486.234350][T13482]  ? __pfx__printk+0x10/0x10
[  486.234395][T13482]  should_fail_ex+0x414/0x560
[  486.234432][T13482]  _copy_to_user+0x31/0xb0
[  486.234465][T13482]  kvm_arch_vcpu_ioctl+0x236d/0x2a40
[  486.234498][T13482]  ? __lock_acquire+0xab9/0xd20
[  486.234522][T13482]  ? kvm_arch_vcpu_ioctl+0xcbf/0x2a40
[  486.234548][T13482]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  486.234577][T13482]  ? __lock_acquire+0xab9/0xd20
[  486.234624][T13482]  ? is_bpf_text_address+0x26/0x2b0
[  486.234655][T13482]  ? is_bpf_text_address+0x292/0x2b0
[  486.234677][T13482]  ? is_bpf_text_address+0x26/0x2b0
[  486.234703][T13482]  ? kernel_text_address+0xa5/0xe0
[  486.234725][T13482]  ? __kernel_text_address+0xd/0x40
[  486.234744][T13482]  ? unwind_get_return_address+0x4d/0x90
[  486.234771][T13482]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  486.234800][T13482]  ? arch_stack_walk+0xfc/0x150
[  486.234843][T13482]  ? stack_trace_save+0x9c/0xe0
[  486.234876][T13482]  ? stack_depot_save_flags+0x40/0x900
[  486.234917][T13482]  ? kasan_save_track+0x4f/0x80
[  486.234952][T13482]  ? kasan_save_track+0x3e/0x80
[  486.234998][T13482]  ? __lock_acquire+0xab9/0xd20
[  486.235032][T13482]  ? __mutex_trylock_common+0x153/0x260
[  486.235064][T13482]  ? __pfx___mutex_trylock_common+0x10/0x10
[  486.235099][T13482]  ? rcu_is_watching+0x15/0xb0
[  486.235126][T13482]  ? trace_contention_end+0x39/0x120
[  486.235155][T13482]  ? __mutex_lock+0x330/0xe80
[  486.235181][T13482]  ? kasan_quarantine_put+0xdd/0x220
[  486.235214][T13482]  ? kvm_vcpu_ioctl+0x22e/0xe90
[  486.235246][T13482]  ? __pfx___mutex_lock+0x10/0x10
[  486.235271][T13482]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  486.235303][T13482]  ? do_vfs_ioctl+0xbe8/0x1430
[  486.235335][T13482]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  486.235370][T13482]  kvm_vcpu_ioctl+0x74d/0xe90
[  486.235407][T13482]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  486.235434][T13482]  ? __lock_acquire+0xab9/0xd20
[  486.235488][T13482]  ? __fget_files+0x2a/0x420
[  486.235515][T13482]  ? __fget_files+0x2a/0x420
[  486.235535][T13482]  ? __fget_files+0x3a0/0x420
[  486.235556][T13482]  ? __fget_files+0x2a/0x420
[  486.235583][T13482]  ? bpf_lsm_file_ioctl+0x9/0x20
[  486.235611][T13482]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  486.235641][T13482]  __se_sys_ioctl+0xf9/0x170
[  486.235674][T13482]  do_syscall_64+0xfa/0x3b0
[  486.235693][T13482]  ? lockdep_hardirqs_on+0x9c/0x150
[  486.235714][T13482]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  486.235732][T13482]  ? clear_bhb_loop+0x60/0xb0
[  486.235759][T13482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  486.235779][T13482] RIP: 0033:0x7fd65478e929
[  486.235798][T13482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  486.235817][T13482] RSP: 002b:00007fd65562c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  486.235840][T13482] RAX: ffffffffffffffda RBX: 00007fd6549b5fa0 RCX: 00007fd65478e929
[  486.235856][T13482] RDX: 0000200000000040 RSI: 00000000c008ae88 RDI: 0000000000000005
[  486.235870][T13482] RBP: 00007fd65562c090 R08: 0000000000000000 R09: 0000000000000000
[  486.235884][T13482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  486.235896][T13482] R13: 0000000000000000 R14: 00007fd6549b5fa0 R15: 00007ffe496fdd78
[  486.235931][T13482]  </TASK>
[  486.593650][    C1] vkms_vblank_simulate: vblank timer overrun
[  486.922894][T13486] comedi comedi3: pcl724: a I/O base address must be specified
[  487.505990][ T5857] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[  487.594920][T13366] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  487.626808][T13366] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  487.644467][T13366] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  487.664150][T13366] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  487.702160][ T5857] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  487.738331][ T5857] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  487.766414][ T5857] usb 5-1: Product: syz
[  487.777343][ T5857] usb 5-1: Manufacturer: syz
[  487.792231][ T5857] usb 5-1: SerialNumber: syz
[  487.833676][ T5857] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  487.861763][T12782] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  487.954874][T13366] 8021q: adding VLAN 0 to HW filter on device bond0
[  487.986946][T13366] 8021q: adding VLAN 0 to HW filter on device team0
[  488.005158][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  488.012412][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  488.053599][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  488.060830][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  488.329320][T13507] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  488.344335][T13507] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  488.463602][T12430] usb 5-1: USB disconnect, device number 91
[  488.542757][T13366] 8021q: adding VLAN 0 to HW filter on device batadv0
[  488.624587][T13366] veth0_vlan: entered promiscuous mode
[  488.644713][T13366] veth1_vlan: entered promiscuous mode
[  488.704304][T13366] veth0_macvtap: entered promiscuous mode
[  488.722032][T13366] veth1_macvtap: entered promiscuous mode
[  488.758696][T13366] batman_adv: batadv0: Interface activated: batadv_slave_0
[  488.779988][T13366] batman_adv: batadv0: Interface activated: batadv_slave_1
[  488.799019][ T3000] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  488.828275][ T3000] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  488.842305][ T3000] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  488.854733][ T3000] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  488.966283][T12782] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  488.973413][T12782] ath9k_htc: Failed to initialize the device
[  489.018223][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  489.025778][T12430] usb 5-1: ath9k_htc: USB layer deinitialized
[  489.055840][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  489.145175][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  489.200136][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  490.081308][T13541] syzkaller0: entered promiscuous mode
[  490.107091][T13541] syzkaller0: entered allmulticast mode
[  490.496012][T13559] IPVS: length: 145 != 8
[  490.750233][T13551] /dev/rnullb0: Can't open blockdev
[  492.219042][T13592] netlink: 5128 bytes leftover after parsing attributes in process `syz.1.2748'.
[  492.238358][T13592] netlink: 5128 bytes leftover after parsing attributes in process `syz.1.2748'.
[  492.299634][T13592] netlink: 584 bytes leftover after parsing attributes in process `syz.1.2748'.
[  492.599382][T12782] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  492.765105][T12782] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  492.785299][T12782] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  492.805905][T12782] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  492.825264][T12782] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  492.843832][T12782] usb 2-1: SerialNumber: syz
[  493.077635][T12782] usb 2-1: 0:2 : does not exist
[  493.088344][T12782] usb 2-1: unit 5 not found!
[  493.132833][T12782] usb 2-1: USB disconnect, device number 9
[  494.095577][T13595] netlink: 2384 bytes leftover after parsing attributes in process `syz.1.2749'.
[  495.127727][T13600] FAULT_INJECTION: forcing a failure.
[  495.127727][T13600] name failslab, interval 1, probability 0, space 0, times 0
[  495.158226][T13600] CPU: 0 UID: 0 PID: 13600 Comm: syz.1.2751 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  495.158257][T13600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  495.158270][T13600] Call Trace:
[  495.158279][T13600]  <TASK>
[  495.158289][T13600]  dump_stack_lvl+0x189/0x250
[  495.158325][T13600]  ? __pfx____ratelimit+0x10/0x10
[  495.158348][T13600]  ? __pfx_dump_stack_lvl+0x10/0x10
[  495.158377][T13600]  ? __pfx__printk+0x10/0x10
[  495.158415][T13600]  ? __pfx___might_resched+0x10/0x10
[  495.158439][T13600]  ? fs_reclaim_acquire+0x7d/0x100
[  495.158469][T13600]  should_fail_ex+0x414/0x560
[  495.158505][T13600]  should_failslab+0xa8/0x100
[  495.158527][T13600]  kmem_cache_alloc_noprof+0x73/0x3c0
[  495.158557][T13600]  ? __kernfs_new_node+0xd7/0x7e0
[  495.158590][T13600]  __kernfs_new_node+0xd7/0x7e0
[  495.158615][T13600]  ? __lock_acquire+0xab9/0xd20
[  495.158648][T13600]  ? __pfx___kernfs_new_node+0x10/0x10
[  495.158676][T13600]  ? kernfs_root+0x1c/0x230
[  495.158710][T13600]  ? kernfs_root+0x1c/0x230
[  495.158735][T13600]  ? kernfs_root+0x1c/0x230
[  495.158756][T13600]  ? kernfs_root+0x1c/0x230
[  495.158786][T13600]  kernfs_new_node+0x102/0x210
[  495.158820][T13600]  __kernfs_create_file+0x4b/0x2e0
[  495.158845][T13600]  sysfs_add_file_mode_ns+0x238/0x300
[  495.158878][T13600]  internal_create_group+0x66d/0x1110
[  495.158926][T13600]  ? __pfx_internal_create_group+0x10/0x10
[  495.158954][T13600]  ? kernfs_add_one+0xf0/0x520
[  495.158990][T13600]  sysfs_create_groups+0x59/0x120
[  495.159029][T13600]  device_add_attrs+0xe0/0x5a0
[  495.159058][T13600]  ? __pfx_device_add_attrs+0x10/0x10
[  495.159086][T13600]  ? device_add_class_symlinks+0x21f/0x240
[  495.159111][T13600]  device_add+0x496/0xb50
[  495.159131][T13600]  ? device_initialize+0x24b/0x440
[  495.159155][T13600]  netdev_register_kobject+0x178/0x310
[  495.159192][T13600]  register_netdevice+0x126c/0x1ae0
[  495.159250][T13600]  ? __pfx_register_netdevice+0x10/0x10
[  495.159284][T13600]  ? __pfx_l2tp_session_register+0x10/0x10
[  495.159315][T13600]  ? l2tp_eth_create+0x37b/0xbd0
[  495.159342][T13600]  l2tp_eth_create+0x7ef/0xbd0
[  495.159368][T13600]  ? l2tp_eth_create+0x37b/0xbd0
[  495.159393][T13600]  ? __pfx_l2tp_eth_create+0x10/0x10
[  495.159427][T13600]  l2tp_nl_cmd_session_create+0x730/0xc20
[  495.159462][T13600]  ? __pfx_l2tp_nl_cmd_session_create+0x10/0x10
[  495.159494][T13600]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  495.159535][T13600]  genl_family_rcv_msg_doit+0x212/0x300
[  495.159597][T13600]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  495.159643][T13600]  ? bpf_lsm_capable+0x9/0x20
[  495.159670][T13600]  ? security_capable+0x7e/0x2e0
[  495.159707][T13600]  genl_rcv_msg+0x60e/0x790
[  495.159745][T13600]  ? __pfx_genl_rcv_msg+0x10/0x10
[  495.159770][T13600]  ? ref_tracker_free+0x63a/0x7d0
[  495.159788][T13600]  ? __pfx_l2tp_nl_cmd_session_create+0x10/0x10
[  495.159812][T13600]  ? __pfx_ref_tracker_free+0x10/0x10
[  495.159845][T13600]  netlink_rcv_skb+0x208/0x470
[  495.159872][T13600]  ? __pfx_genl_rcv_msg+0x10/0x10
[  495.159903][T13600]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  495.159949][T13600]  ? down_read+0x1ad/0x2e0
[  495.159978][T13600]  genl_rcv+0x28/0x40
[  495.160036][T13600]  netlink_unicast+0x75b/0x8d0
[  495.160072][T13600]  netlink_sendmsg+0x805/0xb30
[  495.160109][T13600]  ? __pfx_netlink_sendmsg+0x10/0x10
[  495.160138][T13600]  ? aa_sock_msg_perm+0xf1/0x1d0
[  495.160168][T13600]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  495.160190][T13600]  ? __pfx_netlink_sendmsg+0x10/0x10
[  495.160213][T13600]  __sock_sendmsg+0x219/0x270
[  495.160238][T13600]  ____sys_sendmsg+0x505/0x830
[  495.160272][T13600]  ? __pfx_____sys_sendmsg+0x10/0x10
[  495.160309][T13600]  ? import_iovec+0x74/0xa0
[  495.160344][T13600]  ___sys_sendmsg+0x21f/0x2a0
[  495.160375][T13600]  ? __pfx____sys_sendmsg+0x10/0x10
[  495.160445][T13600]  ? __fget_files+0x2a/0x420
[  495.160468][T13600]  ? __fget_files+0x3a0/0x420
[  495.160503][T13600]  __x64_sys_sendmsg+0x19b/0x260
[  495.160532][T13600]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  495.160571][T13600]  ? __pfx_ksys_write+0x10/0x10
[  495.160587][T13600]  ? rcu_is_watching+0x15/0xb0
[  495.160618][T13600]  ? do_syscall_64+0xbe/0x3b0
[  495.160647][T13600]  do_syscall_64+0xfa/0x3b0
[  495.160669][T13600]  ? lockdep_hardirqs_on+0x9c/0x150
[  495.160691][T13600]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.160712][T13600]  ? clear_bhb_loop+0x60/0xb0
[  495.160739][T13600]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.160758][T13600] RIP: 0033:0x7ff48d38e929
[  495.160778][T13600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  495.160796][T13600] RSP: 002b:00007ff48e265038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  495.160820][T13600] RAX: ffffffffffffffda RBX: 00007ff48d5b5fa0 RCX: 00007ff48d38e929
[  495.160835][T13600] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005
[  495.160848][T13600] RBP: 00007ff48e265090 R08: 0000000000000000 R09: 0000000000000000
[  495.160861][T13600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  495.160872][T13600] R13: 0000000000000000 R14: 00007ff48d5b5fa0 R15: 00007ffe219ea7d8
[  495.160906][T13600]  </TASK>
[  496.042992][T13609] netlink: 'syz.1.2754': attribute type 21 has an invalid length.
[  496.054200][T13609] netlink: 6 bytes leftover after parsing attributes in process `syz.1.2754'.
[  496.395845][T12782] usb 1-1: new high-speed USB device number 106 using dummy_hcd
[  496.546078][T12782] usb 1-1: Using ep0 maxpacket: 32
[  496.553735][T12782] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  496.579180][T12782] usb 1-1: config 0 has no interface number 0
[  496.589861][T12782] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  496.617052][T12782] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  496.625101][T12782] usb 1-1: Product: syz
[  496.649194][T12782] usb 1-1: Manufacturer: syz
[  496.653858][T12782] usb 1-1: SerialNumber: syz
[  496.684415][T12782] usb 1-1: config 0 descriptor??
[  496.710313][T12782] smsc95xx v2.0.0
[  496.714098][T12782] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  496.753472][T12782] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -22
[  496.792586][T13629] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2762'.
[  497.091040][T13639] FAULT_INJECTION: forcing a failure.
[  497.091040][T13639] name failslab, interval 1, probability 0, space 0, times 0
[  497.104284][T13639] CPU: 1 UID: 0 PID: 13639 Comm: syz.2.2767 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  497.104317][T13639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  497.104330][T13639] Call Trace:
[  497.104339][T13639]  <TASK>
[  497.104349][T13639]  dump_stack_lvl+0x189/0x250
[  497.104385][T13639]  ? __pfx____ratelimit+0x10/0x10
[  497.104408][T13639]  ? __pfx_dump_stack_lvl+0x10/0x10
[  497.104438][T13639]  ? __pfx__printk+0x10/0x10
[  497.104475][T13639]  ? __pfx___might_resched+0x10/0x10
[  497.104501][T13639]  ? fs_reclaim_acquire+0x7d/0x100
[  497.104529][T13639]  should_fail_ex+0x414/0x560
[  497.104566][T13639]  should_failslab+0xa8/0x100
[  497.104589][T13639]  __kmalloc_cache_noprof+0x70/0x3d0
[  497.104630][T13639]  ? __se_sys_mount+0x165/0x410
[  497.104658][T13639]  ? memdup_user+0x99/0xd0
[  497.104686][T13639]  __se_sys_mount+0x165/0x410
[  497.104715][T13639]  ? __pfx___se_sys_mount+0x10/0x10
[  497.104736][T13639]  ? rcu_is_watching+0x15/0xb0
[  497.104768][T13639]  ? do_syscall_64+0xbe/0x3b0
[  497.104791][T13639]  ? __x64_sys_mount+0x20/0xc0
[  497.104817][T13639]  do_syscall_64+0xfa/0x3b0
[  497.104839][T13639]  ? lockdep_hardirqs_on+0x9c/0x150
[  497.104860][T13639]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  497.104881][T13639]  ? clear_bhb_loop+0x60/0xb0
[  497.104907][T13639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  497.104927][T13639] RIP: 0033:0x7f559e98e929
[  497.104957][T13639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  497.104976][T13639] RSP: 002b:00007f559f741038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  497.105000][T13639] RAX: ffffffffffffffda RBX: 00007f559ebb6080 RCX: 00007f559e98e929
[  497.105015][T13639] RDX: 0000200000000080 RSI: 0000200000000400 RDI: 0000000000000000
[  497.105030][T13639] RBP: 00007f559f741090 R08: 0000200000000780 R09: 0000000000000000
[  497.105044][T13639] R10: 0000000001010412 R11: 0000000000000246 R12: 0000000000000001
[  497.105058][T13639] R13: 0000000000000000 R14: 00007f559ebb6080 R15: 00007fff255f3178
[  497.105091][T13639]  </TASK>
[  497.125809][T12782] usb 5-1: new high-speed USB device number 92 using dummy_hcd
[  497.330308][   T43] usb 1-1: USB disconnect, device number 106
[  497.755865][T12782] usb 5-1: Using ep0 maxpacket: 32
[  497.763434][T12782] usb 5-1: config 1 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  497.795817][T12782] usb 5-1: config 1 interface 0 has no altsetting 0
[  497.819720][T12782] usb 5-1: New USB device found, idVendor=07c0, idProduct=1125, bcdDevice= 0.40
[  497.851727][T12782] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  497.865779][T12782] usb 5-1: Product: syz
[  497.869990][T12782] usb 5-1: Manufacturer: syz
[  497.896073][T12782] usb 5-1: SerialNumber: syz
[  498.138051][T12782] usbhid 5-1:1.0: can't add hid device: -71
[  498.150237][T12782] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  498.179186][T12782] usb 5-1: USB disconnect, device number 92
[  498.297657][ T5939] usb 3-1: new high-speed USB device number 114 using dummy_hcd
[  498.456889][ T5939] usb 3-1: Using ep0 maxpacket: 16
[  498.480810][ T5939] usb 3-1: config 8 has an invalid interface number: 206 but max is 0
[  498.492280][ T5939] usb 3-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  498.503940][ T5939] usb 3-1: config 8 has no interface number 0
[  498.512892][ T5939] usb 3-1: config 8 interface 206 altsetting 1 has an endpoint descriptor with address 0xF7, changing to 0x87
[  498.529406][ T5939] usb 3-1: config 8 interface 206 altsetting 1 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  498.541007][ T5939] usb 3-1: config 8 interface 206 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  498.557908][ T5939] usb 3-1: config 8 interface 206 has no altsetting 0
[  498.575117][ T5939] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=35.bb
[  498.587094][   T43] usb 1-1: new high-speed USB device number 107 using dummy_hcd
[  498.595413][ T5939] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.608621][ T5939] usb 3-1: Product: syz
[  498.612827][ T5939] usb 3-1: Manufacturer: syz
[  498.618827][ T5939] usb 3-1: SerialNumber: syz
[  498.706146][T12782] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  498.756874][   T43] usb 1-1: Using ep0 maxpacket: 16
[  498.764666][   T43] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  498.801244][   T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  498.833469][   T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  498.846868][ T5939] garmin_gps 3-1:8.206: Garmin GPS usb/tty converter detected
[  498.855894][   T43] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  498.870736][ T5939] garmin_gps ttyUSB0: garmin_write_bulk - usb_submit_urb(write bulk) failed with status = -8
[  498.886510][T12782] usb 2-1: Using ep0 maxpacket: 8
[  498.892236][   T43] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  498.898062][T12782] usb 2-1: config 1 interface 0 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  498.906409][ T5939] garmin_gps ttyUSB0: probe with driver garmin_gps failed with error -8
[  498.928983][   T43] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  498.941364][   T43] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  498.946202][T12782] usb 2-1: config 1 interface 0 has no altsetting 0
[  498.959264][ T5939] usb 3-1: USB disconnect, device number 114
[  498.965453][   T43] usb 1-1: Manufacturer: syz
[  498.970175][T12782] usb 2-1: New USB device found, idVendor=0eef, idProduct=0001, bcdDevice= 0.40
[  498.970208][T12782] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.970231][T12782] usb 2-1: Product: syz
[  498.970248][T12782] usb 2-1: Manufacturer: syz
[  498.970265][T12782] usb 2-1: SerialNumber: syz
[  499.011487][ T5939] garmin_gps 3-1:8.206: device disconnected
[  499.030431][   T43] usb 1-1: config 0 descriptor??
[  499.192680][T13663] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  499.202004][T13663] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  499.233632][T12782] usbhid 2-1:1.0: can't add hid device: -71
[  499.249767][T12782] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  499.265098][T12782] usb 2-1: USB disconnect, device number 10
[  499.337887][   T43] rc_core: IR keymap rc-hauppauge not found
[  499.366727][   T43] Registered IR keymap rc-empty
[  499.371804][   T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  499.415890][   T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  499.451306][   T43] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  499.471886][   T43] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input26
[  499.500412][   T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  499.526880][   T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  499.546884][   T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  499.574203][   T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  499.608313][T12782] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  499.616100][   T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  499.635895][   T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  499.655984][   T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  499.669827][T13675] RDS: rds_bind could not find a transport for ::ffff:172.30.1.3, load rds_tcp or rds_rdma?
[  499.681077][   T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  499.696427][T13675] RDS: rds_bind could not find a transport for ::ffff:172.30.1.3, load rds_tcp or rds_rdma?
[  499.716088][T13675] RDS: rds_bind could not find a transport for ::ffff:172.30.1.3, load rds_tcp or rds_rdma?
[  499.740384][   T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  499.775901][   T43] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  499.819754][   T43] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  499.833808][   T43] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  499.844022][T12782] usb 2-1: Using ep0 maxpacket: 8
[  499.871436][T12782] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  499.891701][T12782] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  499.902086][T12430] usb 1-1: USB disconnect, device number 107
[  499.935796][T12782] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  499.952961][T12782] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  499.995213][T12782] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  500.024511][T12782] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  500.052695][T12782] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.297624][T13663] netlink: 4344 bytes leftover after parsing attributes in process `syz.1.2777'.
[  500.307080][T12782] usb 2-1: usb_control_msg returned -32
[  500.313696][T12782] usbtmc 2-1:16.0: can't read capabilities
[  500.625934][T13710] overlayfs: failed to resolve './file0': -2
[  500.716249][T12782] usb 3-1: new high-speed USB device number 115 using dummy_hcd
[  500.767379][ T5857] usb 2-1: USB disconnect, device number 11
[  500.895899][T12782] usb 3-1: Using ep0 maxpacket: 8
[  500.917009][T12782] usb 3-1: unable to read config index 0 descriptor/start: -61
[  500.935150][T12782] usb 3-1: can't read configurations, error -61
[  501.066289][T12782] usb 3-1: new high-speed USB device number 116 using dummy_hcd
[  501.246336][ T5857] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  501.254171][T12782] usb 3-1: Using ep0 maxpacket: 8
[  501.269942][T12782] usb 3-1: unable to read config index 0 descriptor/start: -61
[  501.295944][T12782] usb 3-1: can't read configurations, error -61
[  501.313052][T12782] usb usb3-port1: attempt power cycle
[  501.371132][T13734] netlink: 'syz.0.2806': attribute type 21 has an invalid length.
[  501.379932][T13734] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2806'.
[  501.447446][ T5857] usb 2-1: unable to get BOS descriptor or descriptor too short
[  501.471263][ T5857] usb 2-1: not running at top speed; connect to a high speed hub
[  501.487659][ T5857] usb 2-1: config 8 interface 0 altsetting 7 endpoint 0x3 has invalid wMaxPacketSize 0
[  501.506406][ T5857] usb 2-1: config 8 interface 0 has no altsetting 0
[  501.528252][T13738] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  501.531265][ T5857] usb 2-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5
[  501.565994][ T5857] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  501.591632][ T5857] usb 2-1: Product: syz
[  501.596577][ T5857] usb 2-1: Manufacturer: syz
[  501.601206][ T5857] usb 2-1: SerialNumber: syz
[  501.666242][T12782] usb 3-1: new high-speed USB device number 117 using dummy_hcd
[  501.704631][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  501.713990][T12782] usb 3-1: Using ep0 maxpacket: 8
[  501.715359][T13738] batman_adv: batadv0: Removing interface: batadv_slave_0
[  501.733988][T12782] usb 3-1: unable to read config index 0 descriptor/start: -61
[  501.738015][T13742] program syz.0.2810 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  501.744728][T12782] usb 3-1: can't read configurations, error -61
[  501.772789][T13742] netlink: 763 bytes leftover after parsing attributes in process `syz.0.2810'.
[  501.861498][ T5857] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  501.885831][ T5857] usb 2-1: selecting invalid altsetting 0
[  501.916597][T12782] usb 3-1: new high-speed USB device number 118 using dummy_hcd
[  501.956837][T12782] usb 3-1: Using ep0 maxpacket: 8
[  501.980408][T12782] usb 3-1: unable to read config index 0 descriptor/start: -61
[  502.002027][T12782] usb 3-1: can't read configurations, error -61
[  502.026350][T12782] usb usb3-port1: unable to enumerate USB device
[  502.050672][ T5857] snd-usb-audio 2-1:8.0: probe with driver snd-usb-audio failed with error -12
[  502.069301][ T5857] usb 2-1: USB disconnect, device number 12
[  502.195795][T12782] usb 3-1: new high-speed USB device number 119 using dummy_hcd
[  502.220031][ T5919] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[  502.358791][T12782] usb 3-1: Using ep0 maxpacket: 8
[  502.369619][T12782] usb 3-1: unable to read config index 0 descriptor/start: -61
[  502.377918][T12782] usb 3-1: can't read configurations, error -61
[  502.404793][ T5919] usb 5-1: Using ep0 maxpacket: 8
[  502.424339][ T5919] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  502.455879][ T5919] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  502.478801][ T5919] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  502.498405][ T5919] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  502.508466][T12782] usb 3-1: new high-speed USB device number 120 using dummy_hcd
[  502.529450][ T5919] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  502.555815][ T5919] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  502.631576][ T5919] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  502.649469][T13751] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  502.659917][ T5857] IPVS: starting estimator thread 0...
[  502.667852][T12782] usb 3-1: Using ep0 maxpacket: 8
[  502.694208][T12782] usb 3-1: unable to read config index 0 descriptor/start: -61
[  502.705383][T12782] usb 3-1: can't read configurations, error -61
[  502.716377][ T5919] usb 5-1: config 0 descriptor??
[  502.721985][T12782] usb usb3-port1: attempt power cycle
[  502.762915][T12188] Bluetooth: hci0: urb ffff88802561fc00 submission failed (90)
[  502.765994][T13753] IPVS: using max 26 ests per chain, 62400 per kthread
[  503.095793][T12782] usb 3-1: new high-speed USB device number 121 using dummy_hcd
[  503.104458][T13762] comedi comedi3: s526: a I/O base address must be specified
[  503.128650][T12782] usb 3-1: Using ep0 maxpacket: 8
[  503.139500][T12782] usb 3-1: unable to read config index 0 descriptor/start: -61
[  503.150587][T12782] usb 3-1: can't read configurations, error -61
[  503.288754][T12782] usb 3-1: new high-speed USB device number 122 using dummy_hcd
[  503.326662][T12782] usb 3-1: Using ep0 maxpacket: 8
[  503.339143][T12782] usb 3-1: unable to read config index 0 descriptor/start: -61
[  503.352579][T12782] usb 3-1: can't read configurations, error -61
[  503.369858][T12782] usb usb3-port1: unable to enumerate USB device
[  503.869167][T13779] binder_alloc: binder_alloc_mmap_handler: 13778 200000ffd000-200001000000 already mapped failed -16
[  503.938344][T13793] binder: BINDER_SET_CONTEXT_MGR already set
[  503.958380][T13792] netlink: 'syz.0.2820': attribute type 2 has an invalid length.
[  503.985979][T13779] binder_alloc: binder_alloc_mmap_handler: 13778 200000ffd000-200001000000 already mapped failed -16
[  504.022066][T13793] binder: 13778:13793 ioctl 4018620d 200000000040 returned -16
[  504.042033][T13792] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2820'.
[  504.540029][T12188] Bluetooth: hci4: unexpected cc 0x080e length: 7 > 3
[  504.801190][T13815] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2828'.
[  504.928612][ T5919] usb 3-1: new high-speed USB device number 123 using dummy_hcd
[  504.967944][T12782] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  504.984922][ T5857] usb 5-1: USB disconnect, device number 93
[  505.087289][ T5919] usb 3-1: Using ep0 maxpacket: 32
[  505.101832][ T5919] usb 3-1: config 0 has an invalid interface number: 125 but max is 0
[  505.117844][ T5919] usb 3-1: config 0 has no interface number 0
[  505.128612][T12782] usb 2-1: config 0 has no interfaces?
[  505.141774][T12782] usb 2-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  505.151480][   T30] audit: type=1326 audit(1751723565.891:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13820 comm="syz.4.2831" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f027d38e929 code=0x0
[  505.173593][ T5919] usb 3-1: config 0 interface 125 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  505.187493][T12782] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  505.198715][T13822] netlink: 'syz.4.2831': attribute type 21 has an invalid length.
[  505.207469][T13822] netlink: 'syz.4.2831': attribute type 13 has an invalid length.
[  505.215308][T13822] netlink: 160 bytes leftover after parsing attributes in process `syz.4.2831'.
[  505.225038][T12782] usb 2-1: Product: syz
[  505.234896][T12782] usb 2-1: Manufacturer: syz
[  505.241631][T12782] usb 2-1: SerialNumber: syz
[  505.247040][ T5919] usb 3-1: New USB device found, idVendor=1039, idProduct=2120, bcdDevice= 2.a7
[  505.258499][ T5919] usb 3-1: New USB device strings: Mfr=249, Product=255, SerialNumber=3
[  505.272610][ T5919] usb 3-1: Product: syz
[  505.278961][ T5919] usb 3-1: Manufacturer: syz
[  505.283913][ T5919] usb 3-1: SerialNumber: syz
[  505.289273][T12782] r8152-cfgselector 2-1: Unknown version 0x0000
[  505.295594][T12782] r8152-cfgselector 2-1: config 0 descriptor??
[  505.308485][ T5919] usb 3-1: config 0 descriptor??
[  505.536673][ T5919] usb 3-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2120) Rev (0X2A7): Eagle II
[  505.929284][T12782] r8152-cfgselector 2-1: USB disconnect, device number 13
[  506.084470][T13831] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2835'.
[  506.094228][T13831] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2835'.
[  506.111457][T13831] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2835'.
[  506.121588][T13831] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2835'.
[  506.133098][T13831] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2835'.
[  506.133928][T13834] XFS (rnullb0): Invalid superblock magic number
[  506.231771][ T5919] usb 3-1: reset high-speed USB device number 123 using dummy_hcd
[  506.561341][T13843] comedi comedi3: pcl812: a I/O base address must be specified
[  506.665859][   T43] usb 1-1: new high-speed USB device number 108 using dummy_hcd
[  506.667825][ T5919] ueagle-atm 3-1:0.125: usbatm_usb_probe: bind failed: -19!
[  506.688677][ T5919] usb 3-1: USB disconnect, device number 123
[  506.859269][   T43] usb 1-1: Using ep0 maxpacket: 16
[  506.897346][   T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  506.915801][   T43] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  506.924984][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.961327][T13858] FAULT_INJECTION: forcing a failure.
[  506.961327][T13858] name failslab, interval 1, probability 0, space 0, times 0
[  506.973329][   T43] usb 1-1: config 0 descriptor??
[  506.976477][T13858] CPU: 0 UID: 0 PID: 13858 Comm: syz.4.2843 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  506.976505][T13858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  506.976516][T13858] Call Trace:
[  506.976524][T13858]  <TASK>
[  506.976534][T13858]  dump_stack_lvl+0x189/0x250
[  506.976565][T13858]  ? __pfx____ratelimit+0x10/0x10
[  506.976586][T13858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  506.976611][T13858]  ? __pfx__printk+0x10/0x10
[  506.976642][T13858]  ? __pfx___might_resched+0x10/0x10
[  506.976664][T13858]  ? fs_reclaim_acquire+0x7d/0x100
[  506.976689][T13858]  should_fail_ex+0x414/0x560
[  506.976720][T13858]  should_failslab+0xa8/0x100
[  506.976740][T13858]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  506.976767][T13858]  ? __alloc_skb+0x112/0x2d0
[  506.976794][T13858]  __alloc_skb+0x112/0x2d0
[  506.976820][T13858]  sock_wmalloc+0xb2/0x130
[  506.976848][T13858]  pppoe_sendmsg+0x2a8/0x790
[  506.976887][T13858]  ? __pfx_pppoe_sendmsg+0x10/0x10
[  506.976913][T13858]  ? aa_sock_msg_perm+0xf1/0x1d0
[  506.976941][T13858]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  506.976960][T13858]  ? __pfx_pppoe_sendmsg+0x10/0x10
[  506.976985][T13858]  __sock_sendmsg+0x219/0x270
[  506.977008][T13858]  ____sys_sendmsg+0x52d/0x830
[  506.977038][T13858]  ? __pfx_____sys_sendmsg+0x10/0x10
[  506.977072][T13858]  ? import_iovec+0x74/0xa0
[  506.977102][T13858]  ___sys_sendmsg+0x21f/0x2a0
[  506.977128][T13858]  ? __pfx____sys_sendmsg+0x10/0x10
[  506.977198][T13858]  ? __might_fault+0xb0/0x130
[  506.977228][T13858]  __sys_sendmmsg+0x227/0x430
[  506.977258][T13858]  ? __pfx___sys_sendmmsg+0x10/0x10
[  506.977280][T13858]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  506.977328][T13858]  ? ksys_write+0x22a/0x250
[  506.977348][T13858]  ? __pfx_ksys_write+0x10/0x10
[  506.977362][T13858]  ? rcu_is_watching+0x15/0xb0
[  506.977393][T13858]  __x64_sys_sendmmsg+0xa0/0xc0
[  506.977419][T13858]  do_syscall_64+0xfa/0x3b0
[  506.977439][T13858]  ? lockdep_hardirqs_on+0x9c/0x150
[  506.977458][T13858]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  506.977477][T13858]  ? clear_bhb_loop+0x60/0xb0
[  506.977499][T13858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  506.977517][T13858] RIP: 0033:0x7f027d38e929
[  506.977534][T13858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  506.977551][T13858] RSP: 002b:00007f027e2c2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  506.977572][T13858] RAX: ffffffffffffffda RBX: 00007f027d5b5fa0 RCX: 00007f027d38e929
[  506.977585][T13858] RDX: 0000000000000484 RSI: 0000200000001340 RDI: 0000000000000003
[  506.977598][T13858] RBP: 00007f027e2c2090 R08: 0000000000000000 R09: 0000000000000000
[  506.977609][T13858] R10: 0000000024048084 R11: 0000000000000246 R12: 0000000000000002
[  506.977621][T13858] R13: 0000000000000000 R14: 00007f027d5b5fa0 R15: 00007ffdeabbda18
[  506.977651][T13858]  </TASK>
[  507.692639][   T43] hid_parser_main: 5 callbacks suppressed
[  507.692664][   T43] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0
[  507.732621][   T43] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0
[  507.743743][   T43] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0
[  507.772024][   T43] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0
[  507.790415][   T43] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0
[  507.816812][   T43] mcp2221 0003:04D8:00DD.0017: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[  507.847884][T13887] FAULT_INJECTION: forcing a failure.
[  507.847884][T13887] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  507.868925][T13887] CPU: 1 UID: 0 PID: 13887 Comm: syz.1.2851 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  507.868957][T13887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  507.868971][T13887] Call Trace:
[  507.868980][T13887]  <TASK>
[  507.868989][T13887]  dump_stack_lvl+0x189/0x250
[  507.869026][T13887]  ? __pfx____ratelimit+0x10/0x10
[  507.869050][T13887]  ? __pfx_dump_stack_lvl+0x10/0x10
[  507.869079][T13887]  ? __pfx__printk+0x10/0x10
[  507.869123][T13887]  should_fail_ex+0x414/0x560
[  507.869160][T13887]  _copy_to_user+0x31/0xb0
[  507.869194][T13887]  simple_read_from_buffer+0xe1/0x170
[  507.869222][T13887]  proc_fail_nth_read+0x1df/0x250
[  507.869254][T13887]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  507.869284][T13887]  ? rw_verify_area+0x258/0x650
[  507.869314][T13887]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  507.869342][T13887]  vfs_read+0x200/0x980
[  507.869380][T13887]  ? __pfx___mutex_lock+0x10/0x10
[  507.869404][T13887]  ? __pfx_vfs_read+0x10/0x10
[  507.869438][T13887]  ? __fget_files+0x2a/0x420
[  507.869466][T13887]  ? __fget_files+0x3a0/0x420
[  507.869487][T13887]  ? __fget_files+0x2a/0x420
[  507.869521][T13887]  ksys_read+0x145/0x250
[  507.869543][T13887]  ? __pfx_ksys_read+0x10/0x10
[  507.869571][T13887]  ? rcu_is_watching+0x15/0xb0
[  507.869603][T13887]  ? do_syscall_64+0xbe/0x3b0
[  507.869631][T13887]  do_syscall_64+0xfa/0x3b0
[  507.869653][T13887]  ? lockdep_hardirqs_on+0x9c/0x150
[  507.869675][T13887]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  507.869705][T13887]  ? clear_bhb_loop+0x60/0xb0
[  507.869731][T13887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  507.869752][T13887] RIP: 0033:0x7ff48d38d33c
[  507.869772][T13887] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  507.869789][T13887] RSP: 002b:00007ff48e265030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  507.869813][T13887] RAX: ffffffffffffffda RBX: 00007ff48d5b5fa0 RCX: 00007ff48d38d33c
[  507.869829][T13887] RDX: 000000000000000f RSI: 00007ff48e2650a0 RDI: 0000000000000005
[  507.869843][T13887] RBP: 00007ff48e265090 R08: 0000000000000000 R09: 0000000000000000
[  507.869857][T13887] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000002
[  507.869870][T13887] R13: 0000000000000000 R14: 00007ff48d5b5fa0 R15: 00007ffe219ea7d8
[  507.869904][T13887]  </TASK>
[  508.107137][    C1] vkms_vblank_simulate: vblank timer overrun
[  508.153321][    C1] usb 1-1: input irq status -75 received
[  508.565934][T12188] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  508.576126][T12188] Bluetooth: hci4: Injecting HCI hardware error event
[  508.585188][T12188] Bluetooth: hci4: hardware error 0x00
[  508.721304][T13907] binder: 13906:13907 ioctl c018620c 0 returned -14
[  508.732825][T13907] netlink: 244 bytes leftover after parsing attributes in process `syz.4.2857'.
[  509.121369][T13918] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  509.133506][T13917] tipc: Disabling bearer <eth:syzkaller0>
[  509.176027][ T5857] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  509.335942][ T5857] usb 2-1: Using ep0 maxpacket: 8
[  509.356071][   T24] usb 3-1: new full-speed USB device number 124 using dummy_hcd
[  509.377288][ T5857] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  509.395958][ T5857] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  509.417672][ T5857] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  509.445866][ T5857] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  509.496841][T12782] usb 1-1: USB disconnect, device number 108
[  509.506034][   T24] usb 3-1: device descriptor read/64, error -71
[  509.531544][ T5857] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  509.566050][ T5857] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.746083][   T24] usb 3-1: new full-speed USB device number 125 using dummy_hcd
[  509.791238][ T5857] usb 2-1: GET_CAPABILITIES returned 0
[  509.816057][ T5857] usbtmc 2-1:16.0: can't read capabilities
[  509.907685][   T24] usb 3-1: device descriptor read/64, error -71
[  509.993543][T13940] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2869'.
[  510.009226][ T5939] usb 2-1: USB disconnect, device number 14
[  510.030074][   T24] usb usb3-port1: attempt power cycle
[  510.061233][T13940] fuse: Unknown parameter 'gőSp_id'
[  510.076068][   T43] usb 1-1: new high-speed USB device number 109 using dummy_hcd
[  510.198454][T13943] FAULT_INJECTION: forcing a failure.
[  510.198454][T13943] name failslab, interval 1, probability 0, space 0, times 0
[  510.212636][T13943] CPU: 0 UID: 0 PID: 13943 Comm: syz.4.2870 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  510.212677][T13943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  510.212691][T13943] Call Trace:
[  510.212700][T13943]  <TASK>
[  510.212718][T13943]  dump_stack_lvl+0x189/0x250
[  510.212752][T13943]  ? __pfx____ratelimit+0x10/0x10
[  510.212776][T13943]  ? __pfx_dump_stack_lvl+0x10/0x10
[  510.212805][T13943]  ? __pfx__printk+0x10/0x10
[  510.212838][T13943]  ? __pfx___might_resched+0x10/0x10
[  510.212863][T13943]  ? fs_reclaim_acquire+0x7d/0x100
[  510.212891][T13943]  should_fail_ex+0x414/0x560
[  510.212927][T13943]  should_failslab+0xa8/0x100
[  510.212950][T13943]  __kmalloc_noprof+0xcb/0x4f0
[  510.212978][T13943]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  510.213015][T13943]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  510.213053][T13943]  genl_family_rcv_msg_doit+0xb8/0x300
[  510.213091][T13943]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  510.213123][T13943]  ? rcu_is_watching+0x15/0xb0
[  510.213154][T13943]  ? apparmor_capable+0x137/0x1b0
[  510.213178][T13943]  ? bpf_lsm_capable+0x9/0x20
[  510.213206][T13943]  ? security_capable+0x7e/0x2e0
[  510.213242][T13943]  genl_rcv_msg+0x60e/0x790
[  510.213277][T13943]  ? __pfx_genl_rcv_msg+0x10/0x10
[  510.213305][T13943]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  510.213324][T13943]  ? __pfx_nl802154_wpan_phy_netns+0x10/0x10
[  510.213344][T13943]  ? __pfx_nl802154_post_doit+0x10/0x10
[  510.213382][T13943]  netlink_rcv_skb+0x208/0x470
[  510.213408][T13943]  ? __pfx_genl_rcv_msg+0x10/0x10
[  510.213438][T13943]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  510.213481][T13943]  ? down_read+0x1ad/0x2e0
[  510.213510][T13943]  genl_rcv+0x28/0x40
[  510.213535][T13943]  netlink_unicast+0x75b/0x8d0
[  510.213572][T13943]  netlink_sendmsg+0x805/0xb30
[  510.213607][T13943]  ? __pfx_netlink_sendmsg+0x10/0x10
[  510.213635][T13943]  ? aa_sock_msg_perm+0xf1/0x1d0
[  510.213678][T13943]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  510.213700][T13943]  ? __pfx_netlink_sendmsg+0x10/0x10
[  510.213725][T13943]  __sock_sendmsg+0x219/0x270
[  510.213752][T13943]  ____sys_sendmsg+0x505/0x830
[  510.213785][T13943]  ? __pfx_____sys_sendmsg+0x10/0x10
[  510.213824][T13943]  ? import_iovec+0x74/0xa0
[  510.213858][T13943]  ___sys_sendmsg+0x21f/0x2a0
[  510.213888][T13943]  ? __pfx____sys_sendmsg+0x10/0x10
[  510.213958][T13943]  ? __fget_files+0x2a/0x420
[  510.213980][T13943]  ? __fget_files+0x3a0/0x420
[  510.214016][T13943]  __x64_sys_sendmsg+0x19b/0x260
[  510.214048][T13943]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  510.214087][T13943]  ? __pfx_ksys_write+0x10/0x10
[  510.214103][T13943]  ? rcu_is_watching+0x15/0xb0
[  510.214135][T13943]  ? do_syscall_64+0xbe/0x3b0
[  510.214162][T13943]  do_syscall_64+0xfa/0x3b0
[  510.214183][T13943]  ? lockdep_hardirqs_on+0x9c/0x150
[  510.214205][T13943]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.214225][T13943]  ? clear_bhb_loop+0x60/0xb0
[  510.214250][T13943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.214271][T13943] RIP: 0033:0x7f027d38e929
[  510.214290][T13943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  510.214307][T13943] RSP: 002b:00007f027e2c2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  510.214330][T13943] RAX: ffffffffffffffda RBX: 00007f027d5b5fa0 RCX: 00007f027d38e929
[  510.214346][T13943] RDX: 0000000004000000 RSI: 0000200000000280 RDI: 0000000000000004
[  510.214360][T13943] RBP: 00007f027e2c2090 R08: 0000000000000000 R09: 0000000000000000
[  510.214373][T13943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  510.214386][T13943] R13: 0000000000000000 R14: 00007f027d5b5fa0 R15: 00007ffdeabbda18
[  510.214419][T13943]  </TASK>
[  510.215800][   T43] usb 1-1: device descriptor read/64, error -71
[  510.665788][   T24] usb 3-1: new full-speed USB device number 126 using dummy_hcd
[  510.707151][   T24] usb 3-1: device descriptor read/8, error -71
[  510.725813][T12188] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  510.856062][   T43] usb 1-1: new high-speed USB device number 110 using dummy_hcd
[  510.949382][   T24] usb 3-1: new full-speed USB device number 127 using dummy_hcd
[  511.009351][   T24] usb 3-1: device descriptor read/8, error -71
[  511.018048][   T43] usb 1-1: device descriptor read/64, error -71
[  511.120371][   T24] usb usb3-port1: unable to enumerate USB device
[  511.130680][   T43] usb usb1-port1: attempt power cycle
[  511.495863][   T43] usb 1-1: new high-speed USB device number 111 using dummy_hcd
[  511.526574][   T43] usb 1-1: device descriptor read/8, error -71
[  511.766100][   T43] usb 1-1: new high-speed USB device number 112 using dummy_hcd
[  511.766202][T12782] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  511.785806][ T5919] usb 5-1: new high-speed USB device number 94 using dummy_hcd
[  511.806432][   T43] usb 1-1: device descriptor read/8, error -71
[  511.916424][   T43] usb usb1-port1: unable to enumerate USB device
[  511.959321][T12782] usb 2-1: Using ep0 maxpacket: 16
[  511.964565][ T5919] usb 5-1: Using ep0 maxpacket: 32
[  511.973129][ T5919] usb 5-1: config 0 has an invalid interface number: 125 but max is 0
[  511.989753][ T5919] usb 5-1: config 0 has no interface number 0
[  511.997545][T12782] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  512.013088][ T5919] usb 5-1: config 0 interface 125 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  512.035134][T12782] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  512.044827][T12782] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  512.064833][ T5919] usb 5-1: New USB device found, idVendor=1039, idProduct=2120, bcdDevice= 2.a7
[  512.078393][T12782] usb 2-1: Product: syz
[  512.082601][T12782] usb 2-1: Manufacturer: syz
[  512.090096][ T5919] usb 5-1: New USB device strings: Mfr=249, Product=255, SerialNumber=3
[  512.101145][T12782] usb 2-1: SerialNumber: syz
[  512.106850][ T5919] usb 5-1: Product: syz
[  512.113131][ T5919] usb 5-1: Manufacturer: syz
[  512.124908][T12782] usb 2-1: config 0 descriptor??
[  512.130806][ T5919] usb 5-1: SerialNumber: syz
[  512.143666][T12782] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  512.159435][ T5919] usb 5-1: config 0 descriptor??
[  512.164695][T12782] em28xx 2-1:0.0: DVB interface 0 found: bulk
[  512.381722][ T5919] usb 5-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2120) Rev (0X2A7): Eagle II
[  512.518698][T13982] FAULT_INJECTION: forcing a failure.
[  512.518698][T13982] name failslab, interval 1, probability 0, space 0, times 0
[  512.533824][T13982] CPU: 0 UID: 0 PID: 13982 Comm: syz.2.2887 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  512.533853][T13982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  512.533866][T13982] Call Trace:
[  512.533883][T13982]  <TASK>
[  512.533892][T13982]  dump_stack_lvl+0x189/0x250
[  512.533932][T13982]  ? __pfx____ratelimit+0x10/0x10
[  512.533955][T13982]  ? __pfx_dump_stack_lvl+0x10/0x10
[  512.533983][T13982]  ? __pfx__printk+0x10/0x10
[  512.534017][T13982]  ? __pfx___might_resched+0x10/0x10
[  512.534043][T13982]  ? fs_reclaim_acquire+0x7d/0x100
[  512.534069][T13982]  should_fail_ex+0x414/0x560
[  512.534104][T13982]  should_failslab+0xa8/0x100
[  512.534126][T13982]  __kmalloc_cache_noprof+0x70/0x3d0
[  512.534155][T13982]  ? __se_sys_mount+0x165/0x410
[  512.534175][T13982]  ? memdup_user+0x99/0xd0
[  512.534203][T13982]  __se_sys_mount+0x165/0x410
[  512.534231][T13982]  ? __pfx___se_sys_mount+0x10/0x10
[  512.534250][T13982]  ? rcu_is_watching+0x15/0xb0
[  512.534283][T13982]  ? do_syscall_64+0xbe/0x3b0
[  512.534305][T13982]  ? __x64_sys_mount+0x20/0xc0
[  512.534329][T13982]  do_syscall_64+0xfa/0x3b0
[  512.534351][T13982]  ? lockdep_hardirqs_on+0x9c/0x150
[  512.534373][T13982]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.534393][T13982]  ? clear_bhb_loop+0x60/0xb0
[  512.534418][T13982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.534438][T13982] RIP: 0033:0x7f559e98e929
[  512.534458][T13982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  512.534477][T13982] RSP: 002b:00007f559f762038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  512.534500][T13982] RAX: ffffffffffffffda RBX: 00007f559ebb5fa0 RCX: 00007f559e98e929
[  512.534516][T13982] RDX: 0000200000000100 RSI: 0000200000002480 RDI: 0000200000002440
[  512.534530][T13982] RBP: 00007f559f762090 R08: 00002000000002c0 R09: 0000000000000000
[  512.534545][T13982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  512.534557][T13982] R13: 0000000000000000 R14: 00007f559ebb5fa0 R15: 00007fff255f3178
[  512.534589][T13982]  </TASK>
[  512.976460][T12782] em28xx 2-1:0.0: chip ID is em28178
[  513.035824][ T5919] usb 5-1: reset high-speed USB device number 94 using dummy_hcd
[  513.169146][T13991] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  513.264362][T12782] em28xx 2-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  513.286318][T12782] em28xx 2-1:0.0: board has no eeprom
[  513.397227][T12782] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  513.405203][T12782] em28xx 2-1:0.0: dvb set to bulk mode.
[  513.439734][ T5857] em28xx 2-1:0.0: Binding DVB extension
[  513.457678][T12782] usb 2-1: USB disconnect, device number 15
[  513.486389][T12782] em28xx 2-1:0.0: Disconnecting em28xx
[  513.633958][ T5857] em28xx 2-1:0.0: Registering input extension
[  513.786528][ T5857] rc_core: IR keymap rc-pinnacle-pctv-hd not found
[  513.795988][   T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  513.820035][ T5857] Registered IR keymap rc-empty
[  513.841884][ T5857] rc rc0: PCTV tripleStick (292e) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  513.879207][ T5857] input: PCTV tripleStick (292e) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input27
[  513.916669][ T5857] em28xx 2-1:0.0: Input extension successfully initialized
[  513.926031][   T10] usb 3-1: device descriptor read/64, error -71
[  513.945095][T12782] em28xx 2-1:0.0: Closing input extension
[  514.050540][T12782] em28xx 2-1:0.0: Freeing device
[  514.177154][   T10] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  514.268296][T14006] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2894'.
[  514.326849][   T10] usb 3-1: device descriptor read/64, error -71
[  514.451008][T14012] tipc: Started in network mode
[  514.456905][   T10] usb usb3-port1: attempt power cycle
[  514.464155][T14012] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  514.473877][T14012] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:00fe:00bb
[  514.482654][T14012] FAULT_INJECTION: forcing a failure.
[  514.482654][T14012] name failslab, interval 1, probability 0, space 0, times 0
[  514.517127][T14012] CPU: 0 UID: 0 PID: 14012 Comm: syz.0.2898 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  514.517159][T14012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  514.517172][T14012] Call Trace:
[  514.517181][T14012]  <TASK>
[  514.517190][T14012]  dump_stack_lvl+0x189/0x250
[  514.517225][T14012]  ? __pfx____ratelimit+0x10/0x10
[  514.517245][T14012]  ? __pfx_dump_stack_lvl+0x10/0x10
[  514.517271][T14012]  ? __pfx__printk+0x10/0x10
[  514.517297][T14012]  ? __lock_acquire+0xab9/0xd20
[  514.517332][T14012]  should_fail_ex+0x414/0x560
[  514.517363][T14012]  should_failslab+0xa8/0x100
[  514.517383][T14012]  __kmalloc_cache_noprof+0x70/0x3d0
[  514.517410][T14012]  ? tipc_disc_create+0x6e/0x4a0
[  514.517435][T14012]  tipc_disc_create+0x6e/0x4a0
[  514.517453][T14012]  ? __tipc_nl_bearer_enable+0xab3/0x13f0
[  514.517482][T14012]  __tipc_nl_bearer_enable+0xdee/0x13f0
[  514.517505][T14012]  ? __pfx___mutex_trylock_common+0x10/0x10
[  514.517541][T14012]  ? __pfx___tipc_nl_bearer_enable+0x10/0x10
[  514.517563][T14012]  ? trace_contention_end+0x39/0x120
[  514.517604][T14012]  ? tipc_nl_bearer_enable+0x17/0x40
[  514.517633][T14012]  ? __pfx___mutex_lock+0x10/0x10
[  514.517663][T14012]  ? __nla_parse+0x40/0x60
[  514.517687][T14012]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  514.517716][T14012]  ? genl_family_rcv_msg_attrs_parse+0x212/0x2a0
[  514.517751][T14012]  tipc_nl_bearer_enable+0x22/0x40
[  514.517776][T14012]  genl_family_rcv_msg_doit+0x212/0x300
[  514.517814][T14012]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  514.517873][T14012]  genl_rcv_msg+0x60e/0x790
[  514.517911][T14012]  ? __pfx_genl_rcv_msg+0x10/0x10
[  514.517945][T14012]  ? ref_tracker_free+0x63a/0x7d0
[  514.517964][T14012]  ? __pfx_tipc_nl_bearer_enable+0x10/0x10
[  514.517991][T14012]  ? __pfx_ref_tracker_free+0x10/0x10
[  514.518025][T14012]  netlink_rcv_skb+0x208/0x470
[  514.518050][T14012]  ? __pfx_genl_rcv_msg+0x10/0x10
[  514.518082][T14012]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  514.518126][T14012]  ? down_read+0x1ad/0x2e0
[  514.518154][T14012]  genl_rcv+0x28/0x40
[  514.518181][T14012]  netlink_unicast+0x75b/0x8d0
[  514.518217][T14012]  netlink_sendmsg+0x805/0xb30
[  514.518253][T14012]  ? __pfx_netlink_sendmsg+0x10/0x10
[  514.518281][T14012]  ? aa_sock_msg_perm+0xf1/0x1d0
[  514.518311][T14012]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  514.518334][T14012]  ? __pfx_netlink_sendmsg+0x10/0x10
[  514.518358][T14012]  __sock_sendmsg+0x219/0x270
[  514.518385][T14012]  ____sys_sendmsg+0x505/0x830
[  514.518421][T14012]  ? __pfx_____sys_sendmsg+0x10/0x10
[  514.518459][T14012]  ? import_iovec+0x74/0xa0
[  514.518494][T14012]  ___sys_sendmsg+0x21f/0x2a0
[  514.518524][T14012]  ? __pfx____sys_sendmsg+0x10/0x10
[  514.518597][T14012]  ? __fget_files+0x2a/0x420
[  514.518619][T14012]  ? __fget_files+0x3a0/0x420
[  514.518654][T14012]  __x64_sys_sendmsg+0x19b/0x260
[  514.518684][T14012]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  514.518724][T14012]  ? __pfx_ksys_write+0x10/0x10
[  514.518742][T14012]  ? rcu_is_watching+0x15/0xb0
[  514.518774][T14012]  ? do_syscall_64+0xbe/0x3b0
[  514.518802][T14012]  do_syscall_64+0xfa/0x3b0
[  514.518824][T14012]  ? lockdep_hardirqs_on+0x9c/0x150
[  514.518844][T14012]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.518864][T14012]  ? clear_bhb_loop+0x60/0xb0
[  514.518891][T14012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.518911][T14012] RIP: 0033:0x7fd65478e929
[  514.518938][T14012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  514.518955][T14012] RSP: 002b:00007fd65562c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  514.518980][T14012] RAX: ffffffffffffffda RBX: 00007fd6549b5fa0 RCX: 00007fd65478e929
[  514.518995][T14012] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  514.519008][T14012] RBP: 00007fd65562c090 R08: 0000000000000000 R09: 0000000000000000
[  514.519021][T14012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  514.519033][T14012] R13: 0000000000000000 R14: 00007fd6549b5fa0 R15: 00007ffe496fdd78
[  514.519069][T14012]  </TASK>
[  514.520566][T14012] tipc: Disabling bearer <udp:sy>
[  514.931453][ T5919] ueagle-atm 5-1:0.125: usbatm_usb_probe: bind failed: -19!
[  514.942287][ T5919] usb 5-1: USB disconnect, device number 94
[  514.946314][T14012] tipc: Enabling of bearer <udp:sy> rejected, failed to create discoverer
[  514.990664][T12782] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  515.141975][T12782] usb 2-1: device descriptor read/64, error -71
[  515.195803][   T10] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  515.226582][   T10] usb 3-1: device descriptor read/8, error -71
[  515.282362][   T30] audit: type=1326 audit(1751723576.021:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14018 comm="syz.0.2901" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd65478e929 code=0x0
[  515.385887][T12782] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  515.476107][   T10] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  515.507003][   T10] usb 3-1: device descriptor read/8, error -71
[  515.526033][T12782] usb 2-1: device descriptor read/64, error -71
[  515.626292][   T10] usb usb3-port1: unable to enumerate USB device
[  515.638878][T12782] usb usb2-port1: attempt power cycle
[  515.991565][T12782] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  516.016636][T12782] usb 2-1: device descriptor read/8, error -71
[  516.216010][   T43] usb 5-1: new high-speed USB device number 95 using dummy_hcd
[  516.267932][T12782] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  516.296788][T12782] usb 2-1: device descriptor read/8, error -71
[  516.388610][   T10] usb 1-1: new high-speed USB device number 113 using dummy_hcd
[  516.407990][   T43] usb 5-1: Using ep0 maxpacket: 32
[  516.409081][T12782] usb usb2-port1: unable to enumerate USB device
[  516.421449][   T43] usb 5-1: config 0 has an invalid interface number: 125 but max is 0
[  516.438987][   T43] usb 5-1: config 0 has no interface number 0
[  516.445169][   T43] usb 5-1: config 0 interface 125 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  516.468750][   T43] usb 5-1: New USB device found, idVendor=1039, idProduct=2120, bcdDevice= 2.a7
[  516.514705][   T43] usb 5-1: New USB device strings: Mfr=249, Product=255, SerialNumber=3
[  516.523530][   T43] usb 5-1: Product: syz
[  516.528026][   T43] usb 5-1: Manufacturer: syz
[  516.532701][   T43] usb 5-1: SerialNumber: syz
[  516.549547][   T43] usb 5-1: config 0 descriptor??
[  516.566066][   T10] usb 1-1: Using ep0 maxpacket: 16
[  516.577685][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  516.591176][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  516.605459][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  516.622148][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  516.632459][   T10] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  516.688959][   T10] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  516.700434][   T10] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  516.717014][   T10] usb 1-1: Manufacturer: syz
[  516.725084][   T10] usb 1-1: config 0 descriptor??
[  516.802920][   T43] usb 5-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2120) Rev (0X2A7): Eagle II
[  516.987197][T14053] FAULT_INJECTION: forcing a failure.
[  516.987197][T14053] name failslab, interval 1, probability 0, space 0, times 0
[  517.015852][T14053] CPU: 1 UID: 0 PID: 14053 Comm: syz.2.2912 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  517.015883][T14053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  517.015896][T14053] Call Trace:
[  517.015904][T14053]  <TASK>
[  517.015914][T14053]  dump_stack_lvl+0x189/0x250
[  517.015949][T14053]  ? __pfx____ratelimit+0x10/0x10
[  517.015972][T14053]  ? __pfx_dump_stack_lvl+0x10/0x10
[  517.016002][T14053]  ? __pfx__printk+0x10/0x10
[  517.016034][T14053]  ? __pfx___might_resched+0x10/0x10
[  517.016062][T14053]  ? fs_reclaim_acquire+0x7d/0x100
[  517.016090][T14053]  should_fail_ex+0x414/0x560
[  517.016126][T14053]  should_failslab+0xa8/0x100
[  517.016148][T14053]  __kmalloc_noprof+0xcb/0x4f0
[  517.016177][T14053]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  517.016213][T14053]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  517.016250][T14053]  genl_family_rcv_msg_doit+0xb8/0x300
[  517.016289][T14053]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  517.016320][T14053]  ? rcu_is_watching+0x15/0xb0
[  517.016350][T14053]  ? apparmor_capable+0x137/0x1b0
[  517.016376][T14053]  ? bpf_lsm_capable+0x9/0x20
[  517.016404][T14053]  ? security_capable+0x7e/0x2e0
[  517.016440][T14053]  genl_rcv_msg+0x60e/0x790
[  517.016477][T14053]  ? __pfx_genl_rcv_msg+0x10/0x10
[  517.016506][T14053]  ? __pfx_ieee802154_add_iface+0x10/0x10
[  517.016554][T14053]  netlink_rcv_skb+0x208/0x470
[  517.016579][T14053]  ? __pfx_genl_rcv_msg+0x10/0x10
[  517.016622][T14053]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  517.016668][T14053]  ? down_read+0x1ad/0x2e0
[  517.016696][T14053]  genl_rcv+0x28/0x40
[  517.016722][T14053]  netlink_unicast+0x75b/0x8d0
[  517.016759][T14053]  netlink_sendmsg+0x805/0xb30
[  517.016794][T14053]  ? __pfx_netlink_sendmsg+0x10/0x10
[  517.016823][T14053]  ? aa_sock_msg_perm+0xf1/0x1d0
[  517.016852][T14053]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  517.016876][T14053]  ? __pfx_netlink_sendmsg+0x10/0x10
[  517.016901][T14053]  __sock_sendmsg+0x219/0x270
[  517.016927][T14053]  ____sys_sendmsg+0x505/0x830
[  517.016963][T14053]  ? __pfx_____sys_sendmsg+0x10/0x10
[  517.017001][T14053]  ? import_iovec+0x74/0xa0
[  517.017035][T14053]  ___sys_sendmsg+0x21f/0x2a0
[  517.017067][T14053]  ? __pfx____sys_sendmsg+0x10/0x10
[  517.017139][T14053]  ? __fget_files+0x2a/0x420
[  517.017160][T14053]  ? __fget_files+0x3a0/0x420
[  517.017196][T14053]  __x64_sys_sendmsg+0x19b/0x260
[  517.017228][T14053]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  517.017268][T14053]  ? __pfx_ksys_write+0x10/0x10
[  517.017284][T14053]  ? rcu_is_watching+0x15/0xb0
[  517.017316][T14053]  ? do_syscall_64+0xbe/0x3b0
[  517.017344][T14053]  do_syscall_64+0xfa/0x3b0
[  517.017365][T14053]  ? lockdep_hardirqs_on+0x9c/0x150
[  517.017386][T14053]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.017407][T14053]  ? clear_bhb_loop+0x60/0xb0
[  517.017433][T14053]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.017454][T14053] RIP: 0033:0x7f559e98e929
[  517.017473][T14053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  517.017491][T14053] RSP: 002b:00007f559f762038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  517.017514][T14053] RAX: ffffffffffffffda RBX: 00007f559ebb5fa0 RCX: 00007f559e98e929
[  517.017529][T14053] RDX: 0000000000040800 RSI: 0000200000000280 RDI: 0000000000000004
[  517.017543][T14053] RBP: 00007f559f762090 R08: 0000000000000000 R09: 0000000000000000
[  517.017556][T14053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  517.017569][T14053] R13: 0000000000000000 R14: 00007f559ebb5fa0 R15: 00007fff255f3178
[  517.017611][T14053]  </TASK>
[  517.374315][    C1] vkms_vblank_simulate: vblank timer overrun
[  517.380414][   T10] rc_core: IR keymap rc-hauppauge not found
[  517.387112][   T10] Registered IR keymap rc-empty
[  517.392245][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  517.418930][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  517.460459][   T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  517.598513][   T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input28
[  517.685290][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  517.780687][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  517.853284][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  517.945535][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  518.001689][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  518.045995][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  518.063839][T14062] comedi comedi3: mpc624: a I/O base address must be specified
[  518.085969][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  518.087422][T14062] FAULT_INJECTION: forcing a failure.
[  518.087422][T14062] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  518.120265][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  518.125765][   T43] usb 5-1: reset high-speed USB device number 95 using dummy_hcd
[  518.147270][T14062] CPU: 1 UID: 0 PID: 14062 Comm: syz.2.2916 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  518.147303][T14062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  518.147315][T14062] Call Trace:
[  518.147324][T14062]  <TASK>
[  518.147334][T14062]  dump_stack_lvl+0x189/0x250
[  518.147368][T14062]  ? __pfx____ratelimit+0x10/0x10
[  518.147392][T14062]  ? __pfx_dump_stack_lvl+0x10/0x10
[  518.147420][T14062]  ? __pfx__printk+0x10/0x10
[  518.147461][T14062]  should_fail_ex+0x414/0x560
[  518.147495][T14062]  _copy_to_user+0x31/0xb0
[  518.147525][T14062]  simple_read_from_buffer+0xe1/0x170
[  518.147553][T14062]  proc_fail_nth_read+0x1df/0x250
[  518.147583][T14062]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  518.147622][T14062]  ? rw_verify_area+0x258/0x650
[  518.147651][T14062]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  518.147677][T14062]  vfs_read+0x200/0x980
[  518.147712][T14062]  ? __pfx___mutex_lock+0x10/0x10
[  518.147735][T14062]  ? __pfx_vfs_read+0x10/0x10
[  518.147765][T14062]  ? __fget_files+0x2a/0x420
[  518.147792][T14062]  ? __fget_files+0x3a0/0x420
[  518.147812][T14062]  ? __fget_files+0x2a/0x420
[  518.147843][T14062]  ksys_read+0x145/0x250
[  518.147865][T14062]  ? __pfx_ksys_read+0x10/0x10
[  518.147890][T14062]  ? rcu_is_watching+0x15/0xb0
[  518.147921][T14062]  ? do_syscall_64+0xbe/0x3b0
[  518.147949][T14062]  do_syscall_64+0xfa/0x3b0
[  518.147969][T14062]  ? lockdep_hardirqs_on+0x9c/0x150
[  518.147990][T14062]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.148008][T14062]  ? clear_bhb_loop+0x60/0xb0
[  518.148032][T14062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.148050][T14062] RIP: 0033:0x7f559e98d33c
[  518.148068][T14062] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  518.148086][T14062] RSP: 002b:00007f559f762030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  518.148108][T14062] RAX: ffffffffffffffda RBX: 00007f559ebb5fa0 RCX: 00007f559e98d33c
[  518.148122][T14062] RDX: 000000000000000f RSI: 00007f559f7620a0 RDI: 0000000000000004
[  518.148136][T14062] RBP: 00007f559f762090 R08: 0000000000000000 R09: 0000000000000000
[  518.148148][T14062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  518.148160][T14062] R13: 0000000000000000 R14: 00007f559ebb5fa0 R15: 00007fff255f3178
[  518.148192][T14062]  </TASK>
[  518.157561][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  518.445935][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  518.468461][   T10] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  518.495997][   T10] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  518.519424][   T10] usb 1-1: USB disconnect, device number 113
[  518.933732][T14080] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2922'.
[  518.943520][T14080] FAULT_INJECTION: forcing a failure.
[  518.943520][T14080] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  518.959796][T14080] CPU: 0 UID: 0 PID: 14080 Comm: syz.2.2922 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  518.959826][T14080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  518.959838][T14080] Call Trace:
[  518.959847][T14080]  <TASK>
[  518.959856][T14080]  dump_stack_lvl+0x189/0x250
[  518.959891][T14080]  ? __pfx____ratelimit+0x10/0x10
[  518.959915][T14080]  ? __pfx_dump_stack_lvl+0x10/0x10
[  518.959945][T14080]  ? __pfx__printk+0x10/0x10
[  518.959985][T14080]  should_fail_ex+0x414/0x560
[  518.960021][T14080]  _copy_to_user+0x31/0xb0
[  518.960052][T14080]  simple_read_from_buffer+0xe1/0x170
[  518.960080][T14080]  proc_fail_nth_read+0x1df/0x250
[  518.960109][T14080]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  518.960137][T14080]  ? rw_verify_area+0x258/0x650
[  518.960166][T14080]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  518.960194][T14080]  vfs_read+0x200/0x980
[  518.960231][T14080]  ? __pfx___mutex_lock+0x10/0x10
[  518.960254][T14080]  ? __pfx_vfs_read+0x10/0x10
[  518.960284][T14080]  ? __fget_files+0x2a/0x420
[  518.960314][T14080]  ? __fget_files+0x3a0/0x420
[  518.960334][T14080]  ? __fget_files+0x2a/0x420
[  518.960366][T14080]  ksys_read+0x145/0x250
[  518.960390][T14080]  ? __pfx_ksys_read+0x10/0x10
[  518.960416][T14080]  ? rcu_is_watching+0x15/0xb0
[  518.960449][T14080]  ? do_syscall_64+0xbe/0x3b0
[  518.960477][T14080]  do_syscall_64+0xfa/0x3b0
[  518.960498][T14080]  ? lockdep_hardirqs_on+0x9c/0x150
[  518.960521][T14080]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.960541][T14080]  ? clear_bhb_loop+0x60/0xb0
[  518.960565][T14080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.960584][T14080] RIP: 0033:0x7f559e98d33c
[  518.960612][T14080] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  518.960630][T14080] RSP: 002b:00007f559f762030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  518.960653][T14080] RAX: ffffffffffffffda RBX: 00007f559ebb5fa0 RCX: 00007f559e98d33c
[  518.960669][T14080] RDX: 000000000000000f RSI: 00007f559f7620a0 RDI: 0000000000000004
[  518.960682][T14080] RBP: 00007f559f762090 R08: 0000000000000000 R09: 0000000000000000
[  518.960693][T14080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  518.960706][T14080] R13: 0000000000000000 R14: 00007f559ebb5fa0 R15: 00007fff255f3178
[  518.960738][T14080]  </TASK>
[  519.215767][ T5939] usb 1-1: new high-speed USB device number 114 using dummy_hcd
[  519.376597][ T5939] usb 1-1: device descriptor read/64, error -71
[  519.467033][T14087] comedi comedi3: c6xdigio: a I/O base address must be specified
[  519.646234][ T5939] usb 1-1: new high-speed USB device number 115 using dummy_hcd
[  519.656354][   T43] ueagle-atm 5-1:0.125: usbatm_usb_probe: bind failed: -19!
[  519.677069][   T43] usb 5-1: USB disconnect, device number 95
[  519.806042][ T5939] usb 1-1: device descriptor read/64, error -71
[  519.916188][ T5939] usb usb1-port1: attempt power cycle
[  520.133917][T14111] FAULT_INJECTION: forcing a failure.
[  520.133917][T14111] name failslab, interval 1, probability 0, space 0, times 0
[  520.156190][T14111] CPU: 1 UID: 0 PID: 14111 Comm: syz.1.2933 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  520.156221][T14111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  520.156233][T14111] Call Trace:
[  520.156241][T14111]  <TASK>
[  520.156250][T14111]  dump_stack_lvl+0x189/0x250
[  520.156280][T14111]  ? __pfx____ratelimit+0x10/0x10
[  520.156299][T14111]  ? __pfx_dump_stack_lvl+0x10/0x10
[  520.156321][T14111]  ? __pfx__printk+0x10/0x10
[  520.156348][T14111]  ? __pfx___might_resched+0x10/0x10
[  520.156374][T14111]  should_fail_ex+0x414/0x560
[  520.156403][T14111]  should_failslab+0xa8/0x100
[  520.156420][T14111]  __kmalloc_cache_node_noprof+0x73/0x3d0
[  520.156455][T14111]  ? __get_vm_area_node+0x13f/0x300
[  520.156483][T14111]  __get_vm_area_node+0x13f/0x300
[  520.156511][T14111]  __vmalloc_node_range_noprof+0x301/0x12f0
[  520.156536][T14111]  ? copy_process+0x544/0x3b80
[  520.156567][T14111]  ? percpu_ref_get_many+0x19/0x140
[  520.156583][T14111]  ? percpu_ref_get_many+0x19/0x140
[  520.156620][T14111]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  520.156647][T14111]  ? memcpy_and_pad+0x48/0x80
[  520.156668][T14111]  __vmalloc_node_noprof+0xc2/0x110
[  520.156691][T14111]  ? copy_process+0x544/0x3b80
[  520.156710][T14111]  ? copy_process+0x544/0x3b80
[  520.156733][T14111]  dup_task_struct+0x3e7/0x860
[  520.156759][T14111]  copy_process+0x544/0x3b80
[  520.156806][T14111]  ? __pfx_copy_process+0x10/0x10
[  520.156838][T14111]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  520.156865][T14111]  vhost_task_create+0x1c4/0x290
[  520.156888][T14111]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  520.156914][T14111]  ? __pfx_vhost_task_create+0x10/0x10
[  520.156944][T14111]  ? __pfx_vhost_task_fn+0x10/0x10
[  520.156977][T14111]  ? kasan_save_track+0x4f/0x80
[  520.156997][T14111]  ? kasan_save_track+0x3e/0x80
[  520.157022][T14111]  kvm_mmu_post_init_vm+0x147/0x2b0
[  520.157043][T14111]  kvm_arch_vcpu_ioctl_run+0xdc/0x1940
[  520.157075][T14111]  ? __mutex_trylock_common+0x153/0x260
[  520.157100][T14111]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  520.157128][T14111]  ? rcu_is_watching+0x15/0xb0
[  520.157149][T14111]  ? look_up_lock_class+0x74/0x170
[  520.157168][T14111]  ? register_lock_class+0x51/0x320
[  520.157191][T14111]  ? __lock_acquire+0xab9/0xd20
[  520.157236][T14111]  kvm_vcpu_ioctl+0x95c/0xe90
[  520.157266][T14111]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  520.157286][T14111]  ? __lock_acquire+0xab9/0xd20
[  520.157322][T14111]  ? __fget_files+0x2a/0x420
[  520.157342][T14111]  ? __fget_files+0x2a/0x420
[  520.157358][T14111]  ? __fget_files+0x3a0/0x420
[  520.157374][T14111]  ? __fget_files+0x2a/0x420
[  520.157394][T14111]  ? bpf_lsm_file_ioctl+0x9/0x20
[  520.157416][T14111]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  520.157438][T14111]  __se_sys_ioctl+0xf9/0x170
[  520.157463][T14111]  do_syscall_64+0xfa/0x3b0
[  520.157480][T14111]  ? lockdep_hardirqs_on+0x9c/0x150
[  520.157496][T14111]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.157512][T14111]  ? clear_bhb_loop+0x60/0xb0
[  520.157532][T14111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.157547][T14111] RIP: 0033:0x7ff48d38e929
[  520.157562][T14111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  520.157577][T14111] RSP: 002b:00007ff48e243038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  520.157603][T14111] RAX: ffffffffffffffda RBX: 00007ff48d5b6080 RCX: 00007ff48d38e929
[  520.157616][T14111] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  520.157626][T14111] RBP: 00007ff48e243090 R08: 0000000000000000 R09: 0000000000000000
[  520.157636][T14111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  520.157646][T14111] R13: 0000000000000000 R14: 00007ff48d5b6080 R15: 00007ffe219ea7d8
[  520.157672][T14111]  </TASK>
[  520.157873][T14111] syz.1.2933: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[  520.422341][T14116] comedi comedi3: c6xdigio: a I/O base address must be specified
[  520.425826][T14111] ,cpuset=
[  520.451583][T14116] ==================================================================
[  520.475972][T14111] syz1
[  520.490962][T14116] BUG: KASAN: slab-use-after-free in sysfs_remove_file_ns+0x3d/0x70
[  520.490996][T14116] Read of size 8 at addr ffff888030537a30 by task syz.4.2935/14116
[  520.499778][    C1] vkms_vblank_simulate: vblank timer overrun
[  520.507727][T14116] 
[  520.507745][T14116] CPU: 0 UID: 0 PID: 14116 Comm: syz.4.2935 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  520.507770][T14116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  520.507783][T14116] Call Trace:
[  520.507793][T14116]  <TASK>
[  520.507803][T14116]  dump_stack_lvl+0x189/0x250
[  520.507839][T14116]  ? __kasan_check_byte+0x12/0x40
[  520.507868][T14116]  ? __pfx_dump_stack_lvl+0x10/0x10
[  520.507892][T14116]  ? lock_release+0x4b/0x3e0
[  520.507916][T14116]  ? __virt_addr_valid+0x4a5/0x5c0
[  520.507944][T14116]  print_report+0xd2/0x2b0
[  520.507964][T14116]  ? sysfs_remove_file_ns+0x3d/0x70
[  520.507984][T14116]  kasan_report+0x118/0x150
[  520.508011][T14116]  ? sysfs_remove_file_ns+0x3d/0x70
[  520.508033][T14116]  sysfs_remove_file_ns+0x3d/0x70
[  520.508053][T14116]  bus_remove_driver+0x198/0x2f0
[  520.508081][T14116]  comedi_device_detach+0x134/0x720
[  520.508108][T14116]  ? comedi_request_region+0x11a/0x180
[  520.508128][T14116]  comedi_device_attach+0x568/0x670
[  520.508149][T14116]  comedi_unlocked_ioctl+0x686/0xf40
[  520.508178][T14116]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  520.508213][T14116]  ? __lock_acquire+0xab9/0xd20
[  520.508240][T14116]  ? __fget_files+0x2a/0x420
[  520.508261][T14116]  ? __fget_files+0x2a/0x420
[  520.508279][T14116]  ? __fget_files+0x3a0/0x420
[  520.508297][T14116]  ? __fget_files+0x2a/0x420
[  520.508317][T14116]  ? bpf_lsm_file_ioctl+0x9/0x20
[  520.508342][T14116]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  520.508367][T14116]  __se_sys_ioctl+0xf9/0x170
[  520.508394][T14116]  do_syscall_64+0xfa/0x3b0
[  520.508415][T14116]  ? lockdep_hardirqs_on+0x9c/0x150
[  520.508433][T14116]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.508451][T14116]  ? clear_bhb_loop+0x60/0xb0
[  520.508472][T14116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.508491][T14116] RIP: 0033:0x7f027d38e929
[  520.508509][T14116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  520.508525][T14116] RSP: 002b:00007f027e2c2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  520.508547][T14116] RAX: ffffffffffffffda RBX: 00007f027d5b5fa0 RCX: 00007f027d38e929
[  520.508561][T14116] RDX: 0000200000000400 RSI: 0000000040946400 RDI: 0000000000000003
[  520.508574][T14116] RBP: 00007f027d410b39 R08: 0000000000000000 R09: 0000000000000000
[  520.508587][T14116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  520.508598][T14116] R13: 0000000000000000 R14: 00007f027d5b5fa0 R15: 00007ffdeabbda18
[  520.508618][T14116]  </TASK>
[  520.508626][T14116] 
[  520.517672][T14111] ,mems_allowed=0-1
[  520.523698][T14116] Allocated by task 8353:
[  520.532368][ T5939] usb 1-1: new high-speed USB device number 116 using dummy_hcd
[  520.539646][T14116]  kasan_save_track+0x3e/0x80
[  520.539681][T14116]  __kasan_kmalloc+0x93/0xb0
[  520.539706][T14116]  __kmalloc_cache_noprof+0x230/0x3d0
[  520.547561][T14111] 
[  520.555303][T14116]  bus_add_driver+0x162/0x640
[  520.563188][T14111] CPU: 1 UID: 0 PID: 14111 Comm: syz.1.2933 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  520.563214][T14111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  520.563225][T14111] Call Trace:
[  520.563234][T14111]  <TASK>
[  520.563243][T14111]  dump_stack_lvl+0x189/0x250
[  520.563272][T14111]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  520.563295][T14111]  ? __pfx_dump_stack_lvl+0x10/0x10
[  520.563320][T14111]  ? __pfx__printk+0x10/0x10
[  520.563346][T14111]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  520.563372][T14111]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  520.563404][T14111]  warn_alloc+0x214/0x310
[  520.563431][T14111]  ? __pfx_warn_alloc+0x10/0x10
[  520.563452][T14111]  ? __get_vm_area_node+0x13f/0x300
[  520.563482][T14111]  ? __get_vm_area_node+0x2b5/0x300
[  520.563516][T14111]  __vmalloc_node_range_noprof+0x326/0x12f0
[  520.563555][T14111]  ? percpu_ref_get_many+0x19/0x140
[  520.563581][T14111]  ? percpu_ref_get_many+0x19/0x140
[  520.563613][T14111]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  520.563644][T14111]  ? memcpy_and_pad+0x48/0x80
[  520.563668][T14111]  __vmalloc_node_noprof+0xc2/0x110
[  520.563695][T14111]  ? copy_process+0x544/0x3b80
[  520.563717][T14111]  ? copy_process+0x544/0x3b80
[  520.563743][T14111]  dup_task_struct+0x3e7/0x860
[  520.563773][T14111]  copy_process+0x544/0x3b80
[  520.563827][T14111]  ? __pfx_copy_process+0x10/0x10
[  520.563864][T14111]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  520.563891][T14111]  vhost_task_create+0x1c4/0x290
[  520.563918][T14111]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  520.563946][T14111]  ? __pfx_vhost_task_create+0x10/0x10
[  520.563980][T14111]  ? __pfx_vhost_task_fn+0x10/0x10
[  520.564017][T14111]  ? kasan_save_track+0x4f/0x80
[  520.564039][T14111]  ? kasan_save_track+0x3e/0x80
[  520.564068][T14111]  kvm_mmu_post_init_vm+0x147/0x2b0
[  520.564092][T14111]  kvm_arch_vcpu_ioctl_run+0xdc/0x1940
[  520.564128][T14111]  ? __mutex_trylock_common+0x153/0x260
[  520.564156][T14111]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  520.564188][T14111]  ? rcu_is_watching+0x15/0xb0
[  520.564211][T14111]  ? look_up_lock_class+0x74/0x170
[  520.564234][T14111]  ? register_lock_class+0x51/0x320
[  520.564261][T14111]  ? __lock_acquire+0xab9/0xd20
[  520.564313][T14111]  kvm_vcpu_ioctl+0x95c/0xe90
[  520.564346][T14111]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  520.564369][T14111]  ? __lock_acquire+0xab9/0xd20
[  520.564410][T14111]  ? __fget_files+0x2a/0x420
[  520.564434][T14111]  ? __fget_files+0x2a/0x420
[  520.564453][T14111]  ? __fget_files+0x3a0/0x420
[  520.564471][T14111]  ? __fget_files+0x2a/0x420
[  520.564494][T14111]  ? bpf_lsm_file_ioctl+0x9/0x20
[  520.564518][T14111]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  520.564543][T14111]  __se_sys_ioctl+0xf9/0x170
[  520.564578][T14111]  do_syscall_64+0xfa/0x3b0
[  520.564597][T14111]  ? lockdep_hardirqs_on+0x9c/0x150
[  520.564615][T14111]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.564633][T14111]  ? clear_bhb_loop+0x60/0xb0
[  520.564655][T14111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.564673][T14111] RIP: 0033:0x7ff48d38e929
[  520.564690][T14111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  520.564706][T14111] RSP: 002b:00007ff48e243038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  520.564727][T14111] RAX: ffffffffffffffda RBX: 00007ff48d5b6080 RCX: 00007ff48d38e929
[  520.564741][T14111] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  520.564752][T14111] RBP: 00007ff48e243090 R08: 0000000000000000 R09: 0000000000000000
[  520.564764][T14111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  520.564775][T14111] R13: 0000000000000000 R14: 00007ff48d5b6080 R15: 00007ffe219ea7d8
[  520.564806][T14111]  </TASK>
[  520.564813][T14111] Mem-Info:
[  520.566139][T14116]  driver_register+0x23a/0x320
[  520.566167][T14116]  c6xdigio_attach+0x94/0x890
[  520.574256][T14111] active_anon:8724 inactive_anon:0 isolated_anon:0
[  520.574256][T14111]  active_file:11778 inactive_file:51414 isolated_file:0
[  520.574256][T14111]  unevictable:768 dirty:124 writeback:0
[  520.574256][T14111]  slab_reclaimable:10151 slab_unreclaimable:97294
[  520.574256][T14111]  mapped:25472 shmem:1376 pagetables:1472
[  520.574256][T14111]  sec_pagetables:0 bounce:0
[  520.574256][T14111]  kernel_misc_reclaimable:0
[  520.574256][T14111]  free:1306220 free_pcp:17732 free_cma:0
[  520.576966][T14116]  comedi_device_attach+0x520/0x670
[  520.576988][T14116]  comedi_unlocked_ioctl+0x686/0xf40
[  520.577012][T14116]  __se_sys_ioctl+0xf9/0x170
[  520.577035][T14116]  do_syscall_64+0xfa/0x3b0
[  520.577055][T14116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.577074][T14116] 
[  520.577081][T14116] Freed by task 14087:
[  520.577091][T14116]  kasan_save_track+0x3e/0x80
[  520.577117][T14116]  kasan_save_free_info+0x46/0x50
[  520.577139][T14116]  __kasan_slab_free+0x62/0x70
[  520.577166][T14116]  kfree+0x18e/0x440
[  520.577191][T14116]  kobject_put+0x22b/0x480
[  520.577211][T14116]  bus_remove_driver+0x245/0x2f0
[  520.577238][T14116]  comedi_device_detach+0x134/0x720
[  520.577267][T14116]  comedi_device_attach+0x568/0x670
[  520.577285][T14116]  comedi_unlocked_ioctl+0x686/0xf40
[  520.577311][T14116]  __se_sys_ioctl+0xf9/0x170
[  520.577336][T14116]  do_syscall_64+0xfa/0x3b0
[  520.594433][ T5939] usb 1-1: device descriptor read/8, error -71
[  520.599171][T14116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.599201][T14116] 
[  520.599209][T14116] The buggy address belongs to the object at ffff888030537a00
[  520.599209][T14116]  which belongs to the cache kmalloc-256 of size 256
[  520.599227][T14116] The buggy address is located 48 bytes inside of
[  520.599227][T14116]  freed 256-byte region [ffff888030537a00, ffff888030537b00)
[  520.599249][T14116] 
[  520.599256][T14116] The buggy address belongs to the physical page:
[  520.601643][T14111] Node 0 active_anon:34896kB inactive_anon:0kB active_file:47112kB inactive_file:205412kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:101844kB dirty:496kB writeback:0kB shmem:3968kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11896kB pagetables:5740kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  520.613208][T14116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x30536
[  520.613231][T14116] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  520.613248][T14116] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  520.613269][T14116] page_type: f5(slab)
[  520.623431][T14111] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:244kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:44kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  520.626700][T14116] raw: 00fff00000000040 ffff88801a841b40 ffffea000078b600 dead000000000004
[  520.626721][T14116] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  520.626741][T14116] head: 00fff00000000040 ffff88801a841b40 ffffea000078b600 dead000000000004
[  520.626758][T14116] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  520.626777][T14116] head: 00fff00000000001 ffffea0000c14d81 00000000ffffffff 00000000ffffffff
[  520.626794][T14116] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  520.626806][T14116] page dumped because: kasan: bad access detected
[  520.626824][T14116] page_owner tracks the page as allocated
[  520.626834][T14116] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5854, tgid 5854 (syz-executor), ts 92233455542, free_ts 92199361954
[  520.626872][T14116]  post_alloc_hook+0x240/0x2a0
[  520.626903][T14116]  get_page_from_freelist+0x21e4/0x22c0
[  520.626924][T14116]  __alloc_frozen_pages_noprof+0x181/0x370
[  520.626946][T14116]  alloc_pages_mpol+0x232/0x4a0
[  520.626974][T14116]  allocate_slab+0x8a/0x370
[  520.626994][T14116]  ___slab_alloc+0xbeb/0x1410
[  520.627012][T14116]  __kmalloc_noprof+0x305/0x4f0
[  520.627039][T14116]  fib_create_info+0x1728/0x3210
[  520.627060][T14116]  fib_table_insert+0xc6/0x1b50
[  520.627084][T14116]  fib_magic+0x2c4/0x390
[  520.627098][T14116]  fib_add_ifaddr+0x144/0x5f0
[  520.627124][T14116]  fib_netdev_event+0x382/0x490
[  520.627140][T14116]  notifier_call_chain+0x1b3/0x3e0
[  520.627164][T14116]  __dev_notify_flags+0x18d/0x2e0
[  520.627189][T14116]  netif_change_flags+0xe8/0x1a0
[  520.627213][T14116]  do_setlink+0xc55/0x41c0
[  520.627236][T14116] page last free pid 15 tgid 15 stack trace:
[  520.663790][T14111] Node 0 
[  520.664366][T14116]  __free_frozen_pages+0xb80/0xd80
[  520.683337][T14111] DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  520.684009][T14116]  rcu_core+0xca5/0x1710
[  520.703499][T14111] lowmem_reserve[]:
[  520.705126][T14116]  handle_softirqs+0x283/0x870
[  520.732302][T14111]  0
[  520.735139][T14116]  run_ksoftirqd+0x9b/0x100
[  520.757184][T14111]  2496
[  520.760372][T14116]  smpboot_thread_fn+0x53f/0xa60
[  520.821762][T14111]  2497
[  520.826003][T14116]  kthread+0x70e/0x8a0
[  520.826042][T14116]  ret_from_fork+0x3fc/0x770
[  520.826065][T14116]  ret_from_fork_asm+0x1a/0x30
[  520.826084][T14116] 
[  520.826090][T14116] Memory state around the buggy address:
[  520.826103][T14116]  ffff888030537900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  520.826119][T14116]  ffff888030537980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  520.826132][T14116] >ffff888030537a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  520.826144][T14116]                                      ^
[  520.826158][T14116]  ffff888030537a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  520.826172][T14116]  ffff888030537b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  520.826184][T14116] ==================================================================
[  520.871064][T14116] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  520.871086][T14116] CPU: 0 UID: 0 PID: 14116 Comm: syz.4.2935 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) 
[  520.871111][T14116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  520.871123][T14116] Call Trace:
[  520.871131][T14116]  <TASK>
[  520.871140][T14116]  dump_stack_lvl+0x99/0x250
[  520.871172][T14116]  ? __asan_memcpy+0x40/0x70
[  520.871197][T14116]  ? __pfx_dump_stack_lvl+0x10/0x10
[  520.871223][T14116]  ? __pfx__printk+0x10/0x10
[  520.871253][T14116]  panic+0x2db/0x790
[  520.871274][T14116]  ? __pfx_preempt_schedule+0x10/0x10
[  520.871295][T14116]  ? __pfx_panic+0x10/0x10
[  520.871320][T14116]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  520.871338][T14116]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  520.871358][T14116]  ? sysfs_remove_file_ns+0x3d/0x70
[  520.871378][T14116]  check_panic_on_warn+0x89/0xb0
[  520.871397][T14116]  ? sysfs_remove_file_ns+0x3d/0x70
[  520.871416][T14116]  end_report+0x78/0x160
[  520.871443][T14116]  kasan_report+0x129/0x150
[  520.871471][T14116]  ? sysfs_remove_file_ns+0x3d/0x70
[  520.871494][T14116]  sysfs_remove_file_ns+0x3d/0x70
[  520.871514][T14116]  bus_remove_driver+0x198/0x2f0
[  520.871547][T14116]  comedi_device_detach+0x134/0x720
[  520.871576][T14116]  ? comedi_request_region+0x11a/0x180
[  520.871597][T14116]  comedi_device_attach+0x568/0x670
[  520.871619][T14116]  comedi_unlocked_ioctl+0x686/0xf40
[  520.871647][T14116]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  520.871681][T14116]  ? __lock_acquire+0xab9/0xd20
[  520.871710][T14116]  ? __fget_files+0x2a/0x420
[  520.871731][T14116]  ? __fget_files+0x2a/0x420
[  520.871750][T14116]  ? __fget_files+0x3a0/0x420
[  520.871768][T14116]  ? __fget_files+0x2a/0x420
[  520.871789][T14116]  ? bpf_lsm_file_ioctl+0x9/0x20
[  520.871813][T14116]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  520.871837][T14116]  __se_sys_ioctl+0xf9/0x170
[  520.871886][T14116]  do_syscall_64+0xfa/0x3b0
[  520.871906][T14116]  ? lockdep_hardirqs_on+0x9c/0x150
[  520.871926][T14116]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.871945][T14116]  ? clear_bhb_loop+0x60/0xb0
[  520.871966][T14116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.871984][T14116] RIP: 0033:0x7f027d38e929
[  520.872000][T14116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  520.872017][T14116] RSP: 002b:00007f027e2c2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  520.872040][T14116] RAX: ffffffffffffffda RBX: 00007f027d5b5fa0 RCX: 00007f027d38e929
[  520.872055][T14116] RDX: 0000200000000400 RSI: 0000000040946400 RDI: 0000000000000003
[  520.872069][T14116] RBP: 00007f027d410b39 R08: 0000000000000000 R09: 0000000000000000
[  520.872081][T14116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  520.872094][T14116] R13: 0000000000000000 R14: 00007f027d5b5fa0 R15: 00007ffdeabbda18
[  520.872114][T14116]  </TASK>
[  520.874060][T14116] Kernel Offset: disabled