last executing test programs:

23m56.380443798s ago: executing program 4 (id=66):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
socket(0x40000000015, 0x5, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

23m55.525092952s ago: executing program 4 (id=71):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
sendmmsg$inet6(r0, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x10, @empty, 0xfc}, 0x1c, 0x0}}], 0x1, 0x20000000)

23m54.848451821s ago: executing program 4 (id=73):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x9, 0x10, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="640000001e00530f00007000fbdbdf2520010000000000000000000000000002000002880a003300ff0200000000000000000000000000010d0000000000000024000900"], 0x64}, 0x1, 0x0, 0x0, 0x200040c0}, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000080)=0x6)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54d24f15655595860608d70566e425a6c36af37b33fac9d31c8a9c7044410d324b03e044e454d2092a62fea8f13441431ce248bfc73a6726ee61ba491d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d15ea05e97ed3dcad452db6e08a991e2c78b057f55de7fdeba7411ce65700c0a1ad7946ff7c355db87566e3e5abb7a37a06731ed19ddfa970bb58a27fd9fa194c092730319"})
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
unshare(0x4000280)
landlock_create_ruleset(&(0x7f0000000180)={0x100, 0x0, 0x80ffff}, 0x18, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001b40)=@expire={0xf8, 0x18, 0x1, 0x0, 0x0, {{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast2}, {@in6=@rand_addr=' \x01\x00'}, @in=@dev={0xac, 0x14, 0x14, 0x13}, {}, {}, {}, 0x0, 0x0, 0x0, 0x2}}}, 0xf8}}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000480)="2e0000dc2b204288e6b62aa73f72cc9f0ba1f848140000005e040602000000000e32a2bc3802000000d80fd382b12996e1a964e4c907bab801ec1a9e99d01a3d30f5972e503bcea5a208bab1b9a37c8ac7192c0f838c0a0a18e0dfc5b8f88bc147e53a41691f2c75208344beed4f4986282abafd6d6694db4edd3db68a42fb787e64d8dda8f5425a96b210ae9b90fd5526927c7b6358e0457b756e0666e4d8c60e48f3d8a3c63409d39661e2d28d3f2d600caa1a254c9001e4a44b7dccd87516ec40f5877d3419a066dce9e93d029420589c37a25c1ef016820011b418861adcc3a2d80b57fe4ff6faee9e59733568a1094550b21e295c055c3c2d3c6ea2c5173475", 0x102}], 0x1}, 0x40000)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0))

23m51.817982072s ago: executing program 4 (id=83):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000001900), 0xa0041, 0x0)
io_setup(0x6, &(0x7f0000001b00)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000001dc0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}])
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
getsockname$packet(r2, 0x0, &(0x7f00000000c0))
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
open_tree(r3, &(0x7f0000000040)='./file1\x00', 0x100)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r4, &(0x7f0000003480)={0x2020}, 0x2020)

23m51.451468864s ago: executing program 4 (id=84):
r0 = socket(0xa, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x11, @loopback, 0x0, 0x0, 'lblcr\x00', 0x0, 0x0, 0xfffffffc}, 0x2c)
setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r4, 0x0, &(0x7f0000000140)=""/75}, 0x20)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
read$FUSE(r3, &(0x7f0000000ec0)={0x2020}, 0x2020)
write$FUSE_GETXATTR(r3, 0x0, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r3, 0x800448d2, &(0x7f00000001c0)={0x0, 0x0})
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x101000000000000)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x6000000, 0x2000000000c0, 0x2000000000f0, 0x200000000120], 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000000000000ab00000000000000000000100000000000000400000000810317c11aa9efc48ef670e4f9c0000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00001200"/144]}, 0x108)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000780)={0x44, 0x0, &(0x7f0000000900)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x1, 0x0, &(0x7f0000000a40)="82"})

23m51.107997454s ago: executing program 4 (id=85):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
capset(&(0x7f0000000000), &(0x7f0000000280)={0x0, 0x0, 0x7fffffff, 0x4, 0xb})
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x48802)
ioctl$SCSI_IOCTL_SEND_COMMAND(r3, 0x1, &(0x7f0000000000)={0x0, 0x4, 0x4188a})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="ad4300000000009c260821"], 0x14}}, 0x0)

23m50.534302284s ago: executing program 32 (id=85):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
capset(&(0x7f0000000000), &(0x7f0000000280)={0x0, 0x0, 0x7fffffff, 0x4, 0xb})
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x48802)
ioctl$SCSI_IOCTL_SEND_COMMAND(r3, 0x1, &(0x7f0000000000)={0x0, 0x4, 0x4188a})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="ad4300000000009c260821"], 0x14}}, 0x0)

17.136799642s ago: executing program 1 (id=3763):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x44050)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180)=<r4=>0x0, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1})
r5 = syz_open_dev$ndb(0x0, 0x0, 0x88400)
ioctl$BLKZEROOUT(r5, 0x127f, &(0x7f00000002c0)={0x5, 0x9})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
syz_usb_ep_write(r0, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000")
syz_usb_control_io(r0, 0x0, 0x0)

14.888107002s ago: executing program 0 (id=3767):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
r2 = syz_io_uring_complete(0x0)
socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000480)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x7, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x36, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r7=>0x0})
r8 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r7, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c00000010004b0400000000000000007a000000", @ANYRES32=r7, @ANYBLOB="00000000000000000a000100aaaaaaaaaa000000e2f2"], 0x2c}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x20, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mm_khugepaged_scan_pmd\x00', r9, 0x0, 0x7fffffff}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
pselect6(0x40, &(0x7f0000000100), &(0x7f0000000000)={0x1f}, 0x0, 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000300)={0x0, 0xff, 0x8, 0x0, 0x2, "7f12ddb357f7adf97affffffff7d1800"})
r10 = syz_open_pts(r0, 0x0)
ioctl$TIOCVHANGUP(r10, 0x5437, 0x0)
r11 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r11, 0x29, 0x20, &(0x7f0000000040)={@private2, 0x800, 0x0, 0x2, 0x5, 0x0, 0xfffc}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00"/13], 0x48)

13.769149846s ago: executing program 1 (id=3770):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000001c0)={'vlan0\x00', 0x3a3215164b9f4d27})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000001840)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0000000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a216798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271fefc583eec8912c37562d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de7368ca69f6f8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a18159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b2059ba4b923a1188dd61dc7de058a4dfa7e85a8bdf1d41a2d8bd044d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4ae52066bb5d4045c958549b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9530243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a000000002a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd103c1962f4759286db3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e1dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd040000000000000034137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a175979d54000004408996ec5db6a4d15b71ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87492332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b24000000000000000070000000072716bc8e139c49b91c76bea3858f7ca208d31330d89069f96f66e2e7748a2ff93060ff073b3a113e47edf0672fda649e8ca5095f2a161bf60b876f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee62714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff42961f8f3b555d9e8aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e8173d3d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e00400000022f3e34b7524642c248aa813edaa626f000000000000000000000000000000005519fe545110a9c01d6f0da7b04d6eb1a47675aea60371f629ed3446beb20bf2bab80e451b4139dc6c87e6b395edc142e24b596f636f8c248beeb268dbbf120b26693f73a6362e7c6bff6b08514763f6fbe6c914baf7e25ac7e8d36babeb6c58d012cf7b1ffbe996204af87412b9b21da1dfb01aa5a4ff142deb3bd70d11cf71752bdb33f1dfb6ef107ef3cb0016b2b6dcffb0be5a95d56172098ebf6075cc048f94350e2adb108eabccfae942bbca66ea83139ab4062963be6d549907b17d95b248201322cd8cc6540b6e369c7ebd9b98ec3dab43e84ecf9e66be246847b40feadfebcbb566d4e243bd8f279db0c7f5320ca6bf5cea49671ca89eedbb79028af6d459d6fe81071e700136fdb9234ce00d6ce181421dc659fc73ad25cdf97e5a6f4e5e05394e70fdf1ef4b41c376ba0222a87d8d5609f535a6a6fbbd60fc633064a94c252ac127b7467ec036ed883e252cb8727208712e4296f106c6527ff939552e23c2140c0000000000000000000000000000000000000000000000707d178c32bafb18352f2840a48309d5fd326a0f3a352321543173b4bb9e92b431aa4b9bb916945ce250b8b1120930fd1784810b696a77fd0500257c3952a2f399557c8323b1b0ad995a9c02bf21f00d5b56c2a62e31e7ebfade7c5f091b373db013878526bb7f9179c2ff52dae8557ec08905963527edb6cdf98493a48a191182f29f358801a33d5e4b7e05912f0323c6c9536a0495d014e5d42832ac32a216c437baa696287b84356ab4bbc4c35e2b786ee0856426d1a67ca168850f858d20e8bb7d8fbf1ca251646c35373aefdf180d8dd9511beb88084ba4287faa0f45f3bcba"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r2, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r3, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r5, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r4, {0x2, 0x0, @loopback}, 0x4}}, 0x2e)
socket$packet(0x11, 0x3, 0x300)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = syz_io_uring_setup(0x24f6, &(0x7f0000000b80)={0x0, 0x0, 0x8000, 0x0, 0x10e}, 0x0, &(0x7f0000000140)=<r7=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, 0x0, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r8, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0)
syz_io_uring_submit(0x0, r7, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x8})
io_uring_enter(r6, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0xe, 0x0, &(0x7f00000004c0)="ad5ce39667bde4014c9745573838", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r9 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
getpid()
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)

13.515059599s ago: executing program 3 (id=3771):
r0 = socket$inet(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20020008008f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x0, 0x7}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000c40)=[{0x0}, {&(0x7f0000000580)=""/104, 0x68}, {&(0x7f0000000600)=""/78, 0x4e}, {0x0}, {0x0}, {&(0x7f0000000900)=""/206, 0xce}, {&(0x7f0000000a00)=""/154, 0x9a}, {&(0x7f0000000b40)=""/228, 0xe4}], 0x8)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2, 0x8}}, 0x20)
openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sysvipc/msg\x00', 0x0, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0)
unshare(0x8000600)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./bus\x00', &(0x7f0000002a40)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
rmdir(&(0x7f0000000040)='./bus\x00')
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000280)={0x0, 0x0, 0x3, 0x81, 0xffffffff})
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000540)="5802009400140091d491321dcea4acd70729723b4789c749380e24811f70c68fee4456254550a10004226c1aac9891343d24cfbb19f8e3e3bd94cd180f5db3", 0x3f}], 0x1)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64])

12.427066306s ago: executing program 3 (id=3772):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f00000004c0)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000040)={r2, 0x101, 0xf, 0x6, 0x7, 0x1}, &(0x7f0000001080)=0x14)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r3, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)
sendmmsg(r3, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x4, 0x8, 0xb, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r5}, &(0x7f0000000080), &(0x7f0000000300)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xd, &(0x7f00000004c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r6}, 0x10)

12.295857726s ago: executing program 0 (id=3773):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
gettid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00')
pread64(r4, &(0x7f0000000140)=""/15, 0xf, 0x4)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x89)
vmsplice(r3, &(0x7f0000000a80)=[{&(0x7f0000000300)="6758926ce1ec6b68b69a769ecaf829d294c64bd814cc1c5d8d3d2ae6135237e9441e4d6b108b52377c58d3d052d5aa9cfca550f6ee9a4878dd5cd2cfe432b33ce68c056d553458f39652890534514b2fcb3d58b712a1e56b24b69cdc9f30545adbea84f9a254a3ca0b3a124ae4ac70e508ce1cf8ce02bea74758911eacf5c3c1e55cc44b9cbcd77fa9888de72bfbd73908c0bde9c0ba221005bc40b9e316dbc5ba6a151e09f3e9ddc81c6dca2292ab03327864", 0xb3}, {&(0x7f0000000440)="feeb7518419e2cb197481e39401f568789e24dbec8dc388d21e0f7091b64334ef6e529d4248e1535ad6c9c85a6cab7ef33c6d62ca8eda413c8e0315a5600e6bceaef5c13d6f44bbd8feb5fa59992c8b41a50a30357101ba845f3e9ee432a7d6c3f8bd28ad7f52e136ce6025f4a4ee38fac816c911c55f399c13cd3388053b8fc8e6a31b0bbd0a8fc582c4471552ae09a7e6fa177c520e8bbb0a10ead2790924fabf72f16160504d5a098d884424bea5e85715e656af24cedb1db9d618fce33c75115295ddd64020c6e7affa52b6768e08ed65464000daccdd1a625d7ea8828f37968efa799c13f88bcffbd2b4e9bfaf57b8b86a32c8e35635a9fe7c48ff6", 0xfe}, {&(0x7f0000000980)="2d851eae96b5b9cea5c578df01ed14526134a492b7de6c4ac3fb3fc1586c63d29cdac3df7cb233d1147252a99db71539a8b32bde5a5f90c34da500b1f2a28671f526e72d7ff8139b848facaf96fda17bc82b2420892edb6a5145f414ba7ad3b9bd5ec0315ad38b3735f36b8e945f5393f3f75edbd0c128b0a687f28d01f6ed56d61f85a1989e4bd3093265926c0018728499ddf2a0503d9cedaf7c4d3dadcdf04d4d1a2eaa9ef16f17f9a019097dfdb86191a6b4e1fd2ea7355e235d571807bb13", 0xc1}, {&(0x7f0000000240)="7e4483d6f6faeacda05a85ffcd6efd2d2f39ada86b1f509b1902b0596c322734e43f5f09b8322b4440bd80e60fbb79accd128ab7883d16e2613ce060a0422380cbbf8abd35896bbd314acf4d", 0x4c}], 0x4, 0x0)
sendmsg$AUDIT_DEL_RULE(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)={0x424, 0x3f4, 0x200, 0x70bd29, 0x25dfdbff, {0x0, 0x1, 0x20, [0x5, 0x2, 0x6, 0x9, 0x3, 0x8, 0x6, 0xffff, 0x2e7, 0x101, 0x3, 0xfff, 0x8, 0xc, 0xe, 0x5c, 0x7b58, 0x6, 0x1, 0x0, 0x0, 0xe547, 0xc, 0x8ce, 0x0, 0x101, 0x800, 0x7, 0xb, 0x495e, 0x7, 0x200, 0x4, 0x2, 0x5, 0x1, 0x9, 0x7f, 0x6, 0xf, 0x622e9321, 0x2, 0x200, 0x8001, 0x4, 0x80000000, 0xa, 0x9, 0x5, 0xe, 0x0, 0x3, 0x9, 0x6, 0xee55, 0x6, 0x80, 0x4, 0xfa5, 0x3, 0x3, 0x101, 0x8, 0x5], [0x7f, 0x2, 0x4, 0x2, 0x4, 0x7, 0xc512, 0x10001, 0xf, 0xd, 0x81, 0xf, 0xd59f, 0x2, 0x9, 0x5, 0x5, 0x6, 0x5fe7a582, 0x5, 0x2558, 0xf, 0xf6, 0x9638, 0xe, 0x2, 0x2, 0x2, 0x1, 0x7, 0x7, 0x40, 0x1000, 0x2d, 0x6, 0xb8, 0x8, 0x4, 0x100, 0x0, 0x2, 0x7, 0x1, 0x6b55, 0x7, 0x6, 0x9, 0x8, 0x40, 0x1, 0x1, 0x70, 0x4, 0x48, 0xffff, 0x3, 0x5, 0x46046534, 0x4, 0x2c, 0x3, 0x3, 0x5, 0x1], [0x7, 0x6, 0x8000, 0xc, 0xe, 0xffff, 0x9, 0x3, 0x1000, 0x14231fd0, 0x6, 0x7, 0x0, 0xe, 0xd, 0x3, 0x800, 0x7, 0x8, 0x9, 0x0, 0x1, 0x8, 0x80000000, 0xfffffff7, 0x3, 0x2, 0x8, 0xbf0d, 0x9, 0x9, 0x5, 0x5, 0x81, 0x0, 0x3, 0x9, 0x7, 0x8, 0x6, 0x4, 0x7fffffff, 0x1b, 0x6, 0x7, 0x93fa, 0x5, 0x9, 0x5, 0x3, 0xdb6, 0x5, 0xcb, 0x3, 0x8, 0xfffffeb4, 0x0, 0x7, 0x728, 0x7, 0x6, 0xcd3b, 0x6, 0x3], [0x40, 0x7, 0x5, 0xe, 0x10, 0x3, 0x8, 0x3, 0x7, 0xfffff7c5, 0xff, 0x0, 0x64f3, 0x3, 0x3, 0xe5, 0x6, 0x1, 0x0, 0x6, 0x5, 0x3, 0xa, 0xffff7fff, 0xd2000000, 0x2, 0x3b1fe6d7, 0x5, 0x1a2, 0x2f7d, 0x1, 0x0, 0xffffffff, 0x81, 0x4, 0x0, 0x4, 0x3f2, 0x9, 0x0, 0x3, 0x10001, 0x2, 0xd5e, 0x1ff, 0x7fffffff, 0x1, 0x5, 0x2cb, 0x101, 0x5, 0x101, 0x6, 0x401, 0x80, 0x1, 0x21, 0x7, 0xe8, 0x9, 0xfffffffa, 0x89c, 0x8, 0x9], 0x4, ['-\x00', '\'\x00']}, [""]}, 0x424}, 0x1, 0x0, 0x0, 0x10}, 0x4048001)
sysinfo(0x0)

12.29477863s ago: executing program 2 (id=3774):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
gettid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00')
pread64(r4, &(0x7f0000000140)=""/15, 0xf, 0x4)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x89)
vmsplice(r3, &(0x7f0000000a80)=[{&(0x7f0000000300)="6758926ce1ec6b68b69a769ecaf829d294c64bd814cc1c5d8d3d2ae6135237e9441e4d6b108b52377c58d3d052d5aa9cfca550f6ee9a4878dd5cd2cfe432b33ce68c056d553458f39652890534514b2fcb3d58b712a1e56b24b69cdc9f30545adbea84f9a254a3ca0b3a124ae4ac70e508ce1cf8ce02bea74758911eacf5c3c1e55cc44b9cbcd77fa9888de72bfbd73908c0bde9c0ba221005bc40b9e316dbc5ba6a151e09f3e9ddc81c6dca2292ab03327864", 0xb3}, {&(0x7f0000000440)="feeb7518419e2cb197481e39401f568789e24dbec8dc388d21e0f7091b64334ef6e529d4248e1535ad6c9c85a6cab7ef33c6d62ca8eda413c8e0315a5600e6bceaef5c13d6f44bbd8feb5fa59992c8b41a50a30357101ba845f3e9ee432a7d6c3f8bd28ad7f52e136ce6025f4a4ee38fac816c911c55f399c13cd3388053b8fc8e6a31b0bbd0a8fc582c4471552ae09a7e6fa177c520e8bbb0a10ead2790924fabf72f16160504d5a098d884424bea5e85715e656af24cedb1db9d618fce33c75115295ddd64020c6e7affa52b6768e08ed65464000daccdd1a625d7ea8828f37968efa799c13f88bcffbd2b4e9bfaf57b8b86a32c8e35635a9fe7c48ff6", 0xfe}, {&(0x7f0000000980)="2d851eae96b5b9cea5c578df01ed14526134a492b7de6c4ac3fb3fc1586c63d29cdac3df7cb233d1147252a99db71539a8b32bde5a5f90c34da500b1f2a28671f526e72d7ff8139b848facaf96fda17bc82b2420892edb6a5145f414ba7ad3b9bd5ec0315ad38b3735f36b8e945f5393f3f75edbd0c128b0a687f28d01f6ed56d61f85a1989e4bd3093265926c0018728499ddf2a0503d9cedaf7c4d3dadcdf04d4d1a2eaa9ef16f17f9a019097dfdb86191a6b4e1fd2ea7355e235d571807bb13", 0xc1}, {&(0x7f0000000240)="7e4483d6f6faeacda05a85ffcd6efd2d2f39ada86b1f509b1902b0596c322734e43f5f09b8322b4440bd80e60fbb79accd128ab7883d16e2613ce060a0422380cbbf8abd35896bbd314acf4d", 0x4c}], 0x4, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x89)
sysinfo(0x0)

12.293285344s ago: executing program 5 (id=3775):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000340)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f00000003c0)={<r3=>0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000880)={r3, 0x80000})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$set_reqkey_keyring(0xf, 0xfffffffb)
syz_open_dev$video4linux(&(0x7f0000000180), 0x9, 0x8000)
mkdir(&(0x7f00000008c0)='./file0\x00', 0x80)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_open_dev$usbmon(&(0x7f0000000000), 0x2, 0x101800)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0x100f, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x9, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0xffffffff, 0xe661, 0x4, 0xb, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x0, 0x5, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0x9, 0x10000, 0x6, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x9, 0x420, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x2, 0xb, 0x4, 0x9, 0x8, 0x9, 0xb, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x1, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x2, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x3b, 0x800003, 0x200, 0x80, 0x5, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x5, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0xc, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0x80b, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0xf142, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x10000226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x1fd, 0xffff343e, 0xfff]}, 0x45c)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000002140)={0x26, 'hash\x00', 0x0, 0x0, 'sha224\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x7, &(0x7f0000000100)="fdffbf5d", 0x4)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x2202, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
accept4(r7, 0x0, 0x0, 0x800)

10.152799451s ago: executing program 3 (id=3776):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
socket$can_raw(0x1d, 0x3, 0x1)
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e) (async, rerun: 32)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) (async, rerun: 32)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) (async)
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000080)={@dev, 0x400, 0x0, 0xff, 0x1}, 0x20) (async)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000040)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x200, 0x0, 0x3, 0xb, 0x13ec, 0x1}, 0x20) (async, rerun: 64)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000540), 0xffffffffffffffff) (async, rerun: 64)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, 0x0, 0x0) (async)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x44004}, 0x4000) (async)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) (async)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$SIOCX25GSUBSCRIP(0xffffffffffffffff, 0x89e0, 0x0) (async, rerun: 64)
bind$alg(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f0000003740)=<r8=>0x0)
sendmmsg(r5, &(0x7f0000004d80)=[{{&(0x7f00000000c0)=@ax25={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x8}, [@bcast, @bcast, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000180)="035a3b1e214343486082a71a2211bf2c9a74517d39b55a82ad28b6da23d2a74377d0ce146cb2016f417a1dbff74c8c4e2505f636f5294badf1d251dccb4db78b03bab9fa66e9", 0x46}, {&(0x7f0000000340)="43631a10c76c0cafc93583b0973206594e1fbd4c299598aa47fa3c9a4960605c1a778ce51ca5566524c6799a5f17659f11edae0d14a58ae17fcacd6aa2d9215ce9411137189418bdf114d80d1a36788da542c03be368da650a07eae1a1890acd13b7dd17f1547349f9d97929807ad71612885761f1c3a6a32dea4899f37000e35b81a8780e64deba0b0c7dbf50ce1c703f0214228f", 0x95}, {&(0x7f0000000400)="29bb3fdcd42c4b68a40d1440cf2b511d7b89db4813d4f6ff60a57197334e012fda398ff904a65f53249abc73de2b50eccfa11f331501c2109c1b4be663edd3cd97be4d0b1358ab57a9ab4f2150bda50164e573d2d62e75dd474518f3b820896b65b2e9d01cfead02d305037931a9abc8b26eea", 0x73}, {&(0x7f0000000480)="e0607f7c71e5ca691d486767ed0ffe7192a8c6ce5b23751928ce4bfaff72ea89790a3d5bffc02708b79d4ee32e856d3cfb42b9d388215f4e67f2079fb26da1ca6dc878dda97a2351f649ae04c50dca86f276e7d74f7fcad865b38be68bc90d59089ef9b8182a803415a64c3a995c7c5e629b6ef240853bf6073697c40d691bca679715881b6a8cb80e1760a3b4deab92501f99f11d", 0x95}, {&(0x7f0000000580)="86398706b51b668056a3e14b415292e231a212e81f097cad3261c398bf092f3eab9e3714f58c354a88f042076a18769e57f78a5e496b72b787c2946372e99ff159ee910174d8f213260004b2ec47e6e3bb3812a82b9d908715c5d4d3967401d38fc168f0fe3167fdaceee35327", 0x6d}, {&(0x7f0000000600)="ad0504d0902d5097f66308999f82a4f704919ae5a1a269801fba5ea1f22ecbb890f89c6066b1745acbf428fd524b4d762dbd9384d958d11b2ecd94959fd5d9ea5222ab02059cc0115fb02c93ed71e72f01bf7f31b55d3fd0df4196a42479156283adaec880d5296eb52216869e34cfd7993a6cc6d5f973e2", 0x78}], 0x6}}, {{&(0x7f0000000700)=@in6={0xa, 0x4e21, 0xe, @private2, 0x5}, 0x80, &(0x7f0000000800)=[{&(0x7f0000000780)="01ec84d2904171e856a5714d6a5abe6333a7062b2b7c8c12a08454c445e91afab1ccd5e2d9897fade8fd352ee3", 0x2d}], 0x1, &(0x7f0000000840)=[{0x38, 0x88, 0x3ff, "c7c5a886017f6b6483a9d1dd49053e7cca0e18f2bb73370037c2eef03e728687766a466bcac20302"}, {0xa0, 0x114, 0x1, "a0c605f405647da62303a52f13a8927f537f026f78c49b50e7f0b4fb14d8c966adc242ec70baf4de0f333ce0ea38133a40f10a6cd6e1936f7d55f5567f1d02d2970fd17f84b30490950f5531a172df2c9d78b8da047769276d40b3cfd179a610f1c899923e30cfa7ad3a6b5ea379f37d1546c63d8774e81e9b4c42356f25b747113e60a393b7df25b3"}, {0xf8, 0x10c, 0x0, "85f5ee2303f2477a54089907cdb2d9f7d952385e76cd3bf5afae10472373e8e367bdac786615e88efee6ef3238299f35a7d30c799d96e9c8b364cd436b8d550c308b6cba06b8e6c92c8aaec2b8e22d306f05a5ec895eed44c95ce15d15506b859ea5da1320e1f76deba4e74a0f2a4f9b086da2397eef851e4d60b793d8f3b93da44cfdefdcf08e765db7d53df6f13c1ef3c867569cc5c0e3c82115dc7b52f5a826a8a9cc9d09adc3c4f6af0ce6d1b5f3defb974a836eafbcf2036d0155f960c5492d8ab7d420c35fed28057a78cb1f1db0df96124ec910a934ef8cd747021f945123"}, {0xe0, 0x0, 0xb, "61943c6a44086df7f31d5d633cb94de6e7174bf5b563e12b4f94e2d96031321cf4881187b56e55b850874b344a2fabf12bee5a5dffe626f7a2656365d026cdc1a8b8ba01f7193f3b0e5c71fb59794f397ecbfb7f5a0cdfcb452b05dab5a66a2ac054b1a68b98f4b787fcec4c80101ce5e31ab54195e65e71b592b617c63c1c7884128ccad1569f32817bc1b0e9d0650adb1c70eb472cb92bd882547b43297d586b3692fdaf01f7fa8ac805857e9ae67cf3bb8a584c10277a0ec52144ec24f56d0e69e027df6bbb8e4720494c6d1a5252"}, {0x98, 0x88, 0x6, "8343d3f6a11cff55caaeaa31dad8c6f27395ba84cdf7ce8e96757ae6f93f7e0cbe0cb8f2850a450b050b1715dc624a4099fd3dd2e2e2dbce6a1efeb485c2ed4a9d7b660f515cb7679bfef946f8f080813554b88cceaad5ce8c89f0dcdb956b1f58c4da5a20748bbe2c8b2ca69460630108dc584e3c1488e53f2fea16b58b7e44cb96b2a08a8e99"}, {0xf8, 0x113, 0x8, "290b0d4649a0ca8e8b3b32dc0586534ec2f5ddbc6ced9f0cb399676440c65fe9af055ceccf3943376c88c17f62b1e322fa043f83f07c64e4c2a2f48ce621bfaeb7d2659cc2ffb7b6badec3b753b347367c13ad62c02f44d56e14bed72102a2017460f3ad0fba3aff4db3fb33c430967c45a2eda4e59919e482c78cbee83bd6ace95b59a3a2c79d8721694f23aa48d3b1760a16c157fdcb17abba23462dd3e934447bb36bb3aed8b51e8a260e37490a24a397d6b9ca02688122347fdf4e0a7cbb08b221009426b6ce66bc506ea93acf3158edc886ae229b3fa6ec3ea00fe59c225d4008dd"}, {0x60, 0x116, 0xb, "1f9ea8c4508437570ea8a9dca80850ff8772a5e41713153fab0f467e993b3cab011d941ecdff0f1f47dbc27d114fb5ff40eee4371a6cd4c60455ffcac911ec2dab58bd17edc7528273"}], 0x4a0}}, {{&(0x7f0000000d00)=@llc={0x1a, 0x127, 0x3, 0x1, 0x1, 0x0, @broadcast}, 0x80, &(0x7f0000000e40)=[{&(0x7f0000000d80)="5615a34723a774efe83ebe7af9727f77e011da31ce2ebce3ae01fc8621be5e8f2cc5d3105a49e03a2b6554045592eca051c99581ab3254a928e2b92e6ac6a019a30df291b97f448b1af7dea253e49392921a934365aa705aa4645d773f0ecd993095abef93bc032322011ed70708ecae3f5790a62dafc30464bf9c29267c5efb2809957e24f8fdacc8d7222da34b0de8f97935befe34a9256973602cfa6c13e34f38bd1a", 0xa4}], 0x1, &(0x7f0000002080)=ANY=[@ANYBLOB="10000000000000000100000001000000e800000000000000180100007f000000eb20a8bedbebb4b3fb1b42ecaad673cbac11c246136927675607a722602841333efc46d7dd070ef1bfb1c92d5cb5c1f49a2eed60ca49f64cc8aa05e081f035e6be70b70cdc22e79f1fe03658238759f91c9a504463c83dae88e73a4ed2eec3d6e542b8bb177d62f24d906ec7d1fb00c6a4afdbf411887604e63002f9da1d276af154eb5807847345638508f05f5fcddbcd86cf5e797c075091a1462d1b6c3e9500f34ecd9267473e996fa1f120a9ff65e4f366b31417727b52a43ff9ceea7a31aaaab44cc678faf651590bd71535a73fe8d45bc63fb54f00d0000000000000002900000001040000c1ae97bfe50d6bf2308d17f702b336164cd05af29adb4151d4c920557e3f6e6799dfc0ca7f9b3ab6a18421f81f5d9a4344fd82d7f3530a00df0f08167ba88d751aa2c75d379082a8256c7fc6eaf88f817e2fecb0b7cd67b91a2de42766d9b24103a076593ccb62e6418c830ec9058c6fc72c24fea91d3030ec5763753d303607250a681e3c7852f9277b7e4780eed3090b3d8af84825c84c98fa2c74d001a7f96538c19144ff4dcdca23b4954e8133a2820475c64ef5675acd547bbe00000000d8000000000000000901000004000000808a85ec9665b11577d45fa7c33675fb7d1ea2eda7cabec373202c862472bc5c8cd0a54ed33f0c1d4bfc7de147242c4afa81ee9044a06de0027869b9d16fcfe6f640c8739e6f8273a192d655f1fc6a556710578d055605cf4d66abf7c0eeae9eff6352f3a1275d6aedadbe2a86ed79429f9f763ead47757d58c24cda7ca6cff0ffd3d8013cac62899186ee4f61c592e0b6eb1c85987933fedcdeb93c4ae8a4fe2576d0bc8a2200a7bcc39b11cfa3ebb89db5ae4ce25afaeaae4a4bb2e0d7f9c55f1cdbc200000000e0000000000000000f0100000300070075442074594fbdb2867d34abe7134b7cb8f9eef6a94ebb200efeef07c4ae2f0e5aee042d4fbb589b53bf38407fa5ec15e62f2cbf7d54ad74db958fb641ae3f6e2896ffcf5c74af6d4af3cd32ebdd0ab684066a44ef9eee6e6f6d9f6831b5fd2959ed5f86abc2753d306008a40402558d87b253eae04d5e206df4b060f2e5c02100712d235c35b2336f76c26f243e9c3096d9f65931008c6a3af936007bc3693c4053ddf9323c6dd3d2081e3a7337247c3ed24e76b5abe5ed2f4ad91e0201291e11f6c195cff49f1cbb62455335850f46800000000000000018010000070000001428af142ee4c3e64ffa40f01108616e0f55a35bdc4f3e266f3f39cf4501b8942df247ce89d42b04c53f2ce3d947d8afc40e1fe1eb6860f7ed45e1d816a8aa15feb3dad3c3034a20b208248e7521f9c140f3a83b086bd9bcd446b9d2c922a1e02f006ca3a49532166000000000000000f80000000000000016010000694a08077b8f264adbbc305b1dfcd97076d652db4d53033e1b12bf70166704a0f3464129a6bb29aa5f57c3be64038ba979c8a482ef0d203e5b0b595fdfd29563b2866fe581fcb310f29a6448e74a2117e875122c13f79847d8cb4b2eae196287a0352698cd238247057c79f11e049c1bbb5b51c739543c07f94c53cd32c343d7d471f90408368a096e6422905df41ca82682799b3a0e2a737e8a826b7ad0c01f6f02dd82c24aa2ede2186f734f1ccd7f2a495692ddc5e57ee617ba7f11567accc37459c52bd79d40688f3bd06a36b25d80a77d4917e309ca7a5149a686f4b8ef24bb6701709683c4aeb0760098000000000000003a00000001000000929c2dc30c4f2a7ab24d7b9d5a92333bdae310eb39988fb742f27a42bf07f0e876088d42ae90c8e4ecbcf28e4cc944fd51f93c21bd5f1e2cb3d001a1302dd30ae502faab82f7a48331958faed3aeaf8a74ecd0e7eeee951344a221ae05e5505927c060e557161a36fe229ef9199657e73736473bb9cd164b1784c98e14f853ce45bc420000000000"], 0x590}}, {{&(0x7f0000000e80)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}}, 0x80, &(0x7f0000002840)=[{&(0x7f0000000f00)="bba2d39852cc195a4456185392943f2b00e9c57ba17a4b8389ac423060bb7cdf5bb5eb7791898f04a3a78829e0547a9164d34705592f597cf6e1865086c0a792e0844b9e15bd6b376dc67a7c1cfd5c3d47157eb3baafa3cc1d097f4d516ad674d6b712e5d80b2836e1c71e1994b7ab52d79ee657394271493c21a7a120d15f1fb32ae99bfea6ae992e5adb39ac4dd1c08db03758ad43a3b8afbf3caffed2688bc61b36e2fe52c667bc3cdb5d05738dddae259b8bb1f71127d52ac1c533c7c7", 0xbf}, {&(0x7f0000002640)="75f98ba356bd111e082a940b9b34e4f1bb0354f08aacd57579466c99950249f5b75120d2b73e5ec5f235cf21fd2e9d800111de866b826715cbd2113b629095be78981913f667af07dbf368e43b865a20ebbbe374e402cf57832b4b2bdb18f74b1774950401ebb8b0451054e203815bd5a7097c2ea54b60f56ec17d1c5c74ddb7a179c89c072dedf0e68e8710ca15f60215a893316592bae662b58a4671dbc8c981f8837bce13cefb8b4297f358b98d452a6201a68a53803859fcdf7935926a921df7aeb40e35bd95e6d279be12c7afeffa53d1b0042e41", 0xd7}, {&(0x7f0000002740)="1cb6184b12d656be4c6633c87317c1ad458296173c3de4ec67d9573e46af6052d08806290b7231ebb62ca95ea2738554f96fa1aa7b29110e8843e6483853dd101a7d82a3c1269f4bcc38dc479f63c1438a6aea8e3e6ab317704c858740fff62009da0700294803f8b661b8001216e87a829baf4e617cad672e2c5898895e0cc043c10cfce6407701d5197306a0c97019833262115f3205e58be01c86b547c43d632328bfc408afa1cc85cc169443f989e5b2a5c18e97fe1e0c7dc5a0225f5c18ba1acf86b7ca9b6774ad8caae9d23af44aca7271c48d452273cffe57bf112bebfe14d3b36f78bdbcec91ab2efa096139505a", 0xf2}, {&(0x7f0000000fc0)="b19777270730051744e66d932050f24cfa8e10103de871f4bb28c0ef79f45f61918a116ef03251d1f36513171cf66dce4f23bdf79010390564c9f4097bdbdec8f1ca6b2d2875e5804a15a626588e55d564c40fb436dc14a3138d8a5deb3e0f54f97e4d8f70", 0x65}], 0x4, &(0x7f0000002880)=[{0x48, 0x108, 0x2c, "b442c31b5dfb9496b8b625c5d4b5f0c7888d2bd3dc1c414906ee26d675390a84ea69b69288a1ccdff5f0eda143ccf260c5487b1a10dd"}, {0x90, 0x10c, 0x1, "4ca87c945f6151c540c51a8d283808342b5f160ac447433b800630173202e574a7fe52c4fcf6a02aa6a2857edb58af5c016cfe851f26e269bddb01db2774bbb708042180ce01952e88168239ea92dd0b2368cadf56accee850062a60132f341df6fdd36d7e5d3547f561a2214276cfa2585671b2076154bc29e2"}, {0x110, 0x10a, 0x2, "0670d584b3f8b2256382e390715f60a86e3f0d4570e5e9781f3c5d337b671c8e6438203d45cfb796bfb9651dc04705aa41753750e5abb8cbb3c23864a4c8895842ac0a33ef8e61b48ac175fbf1246d2d849ac0c42857b08ae29a262b01b128d58be3f4821737e5fe7cf1cd22bc94a2a21f4e83b7178ced1005cea764ac3c5d9a479da77315ba2ef4723dca5f7a42c8856e66627b0d43bed0efe0391a4a14d998a67496a4b72e6e5e448a9a6ed2b4be968609f2866a1ea45b974f5f5025718581b78138429bc2c18cbc43fa70ffcc4285a4f6c05a3738b84fbfb7a8714f1df2af92fc6e5c7f4f2536ded8cf577c52168d874de3ec1190c917cece21b875"}, {0xf0, 0x10b, 0xe, "8b94c31378493311d92445fc70b59fb70fb0dd9ad299b10279d873f6085c107f4f42757862d5afaeb52b6d38d3e0c8d3a82b59d9e908f52335d599e170bd26bbe6130a5809dba0753919d883124b59449afa7a60bb1977a95f7888b6f2c2deb25880a77516584e2e1a39c9e6dc469a3558067035491f008d5d5dd7b096da7c80f65aae41bffc738e3e4e51e8626b982a267f8e7ad73e5d1c271c8740e2f8ae98786e64ee26301be2ad62bc7b2d6779e32ef351015a568b757bfadf28aeea96bc5d97da6a354f389aec2c3f5a1fe879cfdbbe47197b60a1e7f6bc011f52"}, {0xe8, 0x1, 0x5d, "37ef63af675839c34d7755cf1713842878898f970ea5707d2b232473186ae15fe290f54b4a2c7198439cc835f81734a708ad5b7faa9f31941ad34664b1ef5ed161297a2168703fb46d38734bcf530ce3fd21cfdaf4223fa24a83b04a9c0f5678f1fe7b6b7d4a63bfe760678d07e2114bbdcdd13537afdb282b6cdac16387b6b7a4e96e9f6ae11b0f8cfb0f92a4bd874f577e999e7306539a75c7b83bf36075c5ad438369618e3fb95afe76ca173e1f98723de04a17f659a02171b3e805c2f7dceb44dff06cdb48bfa46f1616fcbcfed62f7af3612b"}, {0xc8, 0x8b, 0xdda, "9a3a3889e201cf074971ca44de22b6c0c0e236e8aafece2b8e7aee1dd20eabe3d4321f2c14659d1c77afe2a733f2a6f4cfcd5195aaf4cfeb19a27d53b6d806706c0942690abb9d0ef50140e514ce6a57da0569f0391444ebcd2de179a05847480f0bea8b89d957a1f0d00eb199f2c3f1605bbf16fb06198828913b6e81685ad5f783fbd8b0c118bc3590ba3e86d4eebf8b06c63e737266018f2a9bf1cbb0ea315d85045ee4415372b3bd8f52796746ae7ef34fb0c030"}, {0x88, 0x1, 0x1, "53c3b208526b8c783971f5502ca35c91541b812ccc5fae217064a137a1ce1e33c8661a866e652ad637a016573afb603c702187f904a38bd237d0e4a847923fe5bf130302133b5fd5239348a564213e813629b50fc73f1df623d1b1ac3d8cbb2e2e25d05d19c5e07b8d4af61c854bf1dad625337a"}], 0x510}}, {{&(0x7f0000002e00)=@nfc, 0x80, &(0x7f00000034c0)=[{&(0x7f0000002e80)="f72192acf5563242aed6cf18f00c1923bd9190e0f8910a968760b9a29c5e7f197a5fa6c03f62401c8480332f66e8796ab98687b8aedaf319944b30d1c8f6c0c4e2eb39e8260683d95f4c2af062d13762b9a4bd5a3bef9f9f95f8502d384e366fd48c6a479ca7e9f902a4994ccf868f8749dafb318af2dc5cb32a400f347cd73506432b87dc7e84bcc0f54290541665c659d340a283ea2ebfc476ac2a2bec792eb639b5ca414efbb137dac2ed651950807a534d09d5d1f840be89cd1a525bf747617393bd5b7bdea2a8dd9d", 0xcb}, {&(0x7f0000002f80)="fae168b0a21819d57ad29e3ce759d6c4b7ab083e574768b6a12b870bd778f878d34c28c3ed4f822e13c5cfc001577bb7d11c5b5285b096", 0x37}, {&(0x7f0000002fc0)="673d05bf98b3eb04953bffb562b51714799780cde71b9a9411da639f8b", 0x1d}, {&(0x7f0000003000)="b6b3751f40b9d52ffc2192996633320e6d192a28fe52011be80c3c60bf1e47fc5bfd56ec6ed7ecc105c80008527de0884350863f344e9e6543324415a1", 0x3d}, {&(0x7f0000003040)="8921822984d93e077e86265c0a8e0845b819a0a06558af21c3b75b648c60ea5f588bdb0228f0b167ef44c9ff769b0a8b82ff68b5f755a58f624b9ef08db447b3c3225aed7d9e9f36be08b31c11efcdef00e89af204fb64ae102e93dd274a25bbf3c7dc39a7ca94693db1a03719eccff924d5aafdc3aba75f829f5271374c9ee0ed24ab4c83adfb57c15f7952a8a426c3b3810f7b03cbafa330d10b808e68ee26c8d2d33db651db646501", 0xaa}, {&(0x7f0000003100)="171d6dd2770444dd8ed6bdb641798c7091e43ce4d6b146ae62a9e58b2e60ae9066b28a71313614f959d02c068cb45c4869c0db47f4fd0cb7bb6b5a1885486c09a24dfb1f1ac7028e02a2e3e39774f55e84c08f5f1368764b4e715cf7d4123da7ac1a860b43c41e8804f2b867244665bf4baa8cc5ec480688dec368a74b700a3f7f797fab895da3f8e8b59453282df006f97569d8adefcb862fb85e341fa6d9e02c54ddac1350923cb40e73c3294f4fc4fbe8d0939a346a799482ae890c5f1dd003a6d8e634d610b57eff9bac68397cb59ea890ef6765fe1328710132c242d55b660b6356994fd638fddbb191762aba", 0xef}, {&(0x7f0000003200)="5e9d756e7594534c2af77ddae05287a8acb095ec2698ae993cd8f8be1222cdbac54a6f8c8e7cd7703f6e585a9362ea648379cb2f870a660db124e275c8653292399548a92f8ccda6f9f0f4dc368a5c2e8f9c484c78c4", 0x56}, {&(0x7f0000003280)="ad9e36df534cbfb53824da5fb57a06371fe24cd7ab75993a26dfe15092e6e383375b739e180cead03a806204d75d33efdafabdad99f15918a5ef1447588afaab75e4ab3029867cd57d0175cb7be5aaba5c5431806ee682b9b95eed24192595fc907935475edfd6ddfe2e3dd46c7bbc8cf9e9865addcc40a1e9333a9ac328b54665e470eb7dba63ff64c236fe0167e6eedf7668b017c0292b8f571c5d54b9b8d34dd0b3cf8aa21acf86b187cd75d8339aba44933baa6f92574738687370f8025d588a5a012b77", 0xc6}, {&(0x7f0000003380)="8cce93f02d17d6ed782fd8fef2c7de9af46d4f392437f2dfc0c991df00cb51a72418b23405bdcf119d351e6d8cf545bba5c3acfb3c71d7cafb746a9e7982f762708503c99fed3cc8644625f670b9912c3d69b7ee8c37bd79996fbc688fb27e10d7258fb33bcb6eb1970a0404cb975b0270945c", 0x73}, {&(0x7f0000003400)="3a7b8f56061659cda10da2fccb02c3e51330be51b4d276829cef440303cd1dc88d52d0498f052e75e1cc22d438738b828cd1a3b6dcf47866e221c24dc5d95f3323b1404e45a58858058d313ac37986915c91d6eeaf6bf73a0e88c1662fe7b7fb3a170d666eaa8c2901d97f22a38c0c17ecf3f3aa93fbde7fc6e3d644c381834cf7c30a935737923f26f2", 0x8a}], 0xa, &(0x7f0000003580)=ANY=[@ANYBLOB="e8000000000000000000000009000000502ad04a9d8412f0c8c43f27f5e577a782b64600f28078ab2569b5219524f8eb6322eaf7fb50af10b74e453b57d7c2c4ea93bb291b58ff48676855a5dcc7f24725338c4e961db162dbc635867768f3b1360301b8cce58f5ecba515d32cd19607f437c2e6b766126059001d7f34a7cc132b4a3f5f30f5c0edef5127606f3696052da4aba0212904a07a2f58c6e16245e869e95a1bc054da8a92b2669da401912cbac1c9a4b97dd454e7709ea7f4059e689cc1ad72661f560eb9e74541cfe8de49a06384c724230d4e0e1d6fede737ffa1fdf5a279934d733107413c061736e8cc00000000000000a0000000000000001301000006000000488dd4542d45e25fc6a43cc92109a866283b0873d2bc7ef520abb13e3e1046e0496470237734285a2d16660abc390c70d9a326e569d0b4ec07489eecf9dea83aa7d70ca5a0d3120e625d4739307f733968f120c712baead371c47029e3aa7293d9770146551c31cc239d8b5102a5bff3b0a7073e35e499bf5be2874ac939c93f65"], 0x188}}, {{&(0x7f0000003780)=@nfc_llcp={0x27, r8, 0xffffffffffffffff, 0x2, 0xc4, 0x10, "f7f88c9415ba2358f82a819245b591ce80e05b1084b71c7973e73d25a2eac4c050f149459a803a4b11f8e025ccad47ca9d7475044004a0aea0f26d7b563287", 0x34}, 0x80, &(0x7f0000003800), 0x0, &(0x7f0000003840)=[{0x28, 0x10d, 0x8c, "0534ff17c74baeda4b1c042f81d9b4de4142"}], 0x28}}, {{&(0x7f0000003880)=@rc={0x1f, @any, 0x9}, 0x80, &(0x7f0000003bc0)=[{&(0x7f0000003900)="5a95f08fec9c19cbe35f890f1e2077587653373055e734f6b5a0168299cfa2ac913106ea54511d7266e3fcecff47d89dc0183546f475da6e7c2630ae94857b0ead6f05a47ff88d0e779cdbacd98e5fb5e35de0f577138d78f1344ad61ddd71d6d1eaef80b12f3006ccfc045df6359408b24ab3a2a4ed02d539e45d0892e6c096e9eec057e4c5033110526bb5ac8018c999708c0e473b074cd96e617f454bbe2411c51011f1115ba7a2acb102dd97e267b8d31733e68fda15e7b06080db9faddef7b1", 0xc2}, {&(0x7f0000003a00)="6d2876226356d849296e8a09bbb3c155e1c53ac96337f26abb734685a0cd7e3053c49063d0cddd316c66", 0x2a}, {&(0x7f0000003a40)="9b1e6dd604961f8ceced0eca7a1862086609925e817f317417c6099a797364d4283d031ea35b08e977bff7ead8885604344cc1c73fc33f42756bafdfb10273356dd00c5df9839ba1eb70bebcc5cebe6cc9738405bbbbb8e0975426c9aed63bc3d61061b905fee81bc2c115aa434cbd2cfcccee56bbc720", 0x77}, {&(0x7f0000003ac0)="77f0ef80392f3228b030a2696fbd1ccc6fb11f687a76badc854f5f95aeb0e6a35dae188cba877911598984f6e1b75aa9ea901ad8257cf8d7d8810546b138e4bb3ad51cb69319cb1ad843bcc18707b88374fb5231c9ab674de7768e679c2d7e5bacb75f80464e4d77a506d89e1be5c8b1bd867449f866a013036c33bd3255f74cad8e136c7007331334c2224470bee151944ee5dab8fd9d3d093296558769d2866e48168b10432e33b6d9291ff4a77857cbaa491965d24f7e708a8069eef9c306777ca6d49d56603329e18c689b17d57835bef2b737734d341bba3845a0a0d16d4a739a0710a5f1dae6e6c742ea47ea90", 0xf0}], 0x4, &(0x7f0000003c00)=[{0x70, 0x10e, 0x1, "712be0e18d03b99ff45c52b4234c7068364adbbf1a9d81b13f19867acda3094d6caa1c13484fe080b0bcaf5260bddbbcdf5f7b29d9bcc5fcbf2bf80ae798fc92bc6333374a46fd3505716fea65faf67bfc0f0199acabeda182997c4908"}, {0x18, 0x0, 0x8, '||M\f;'}, {0xb8, 0x84, 0x1ff8000, "323da838e8f1869b7531d54f0eba8575e84e0ab80c2b94d53d976cb3243181192525906ac4f121c1bee977b59eadd03083cde4477e05e8e9ae251b260d3d294d59a0df504b834a7fc2813a3452d41893a55f36c449cc25ec2ec1eac22c746bd59087ed71ef3969f507e59c8eb22fd291bb0a205057d28c8ddf37c48cfd1077ae83386765f9b6010ef42b4917f0dd936956e150d68cd2d53123cbb91659bed3411e1af4e68c"}, {0x30, 0x88, 0x7, "0f25e474513eab39dc69d8d9160e4c4a2341b40d1b75bc53338544d7aff889"}, {0x1010, 0x0, 0xeb59, "032a31d260c5a62d1abfbcec86f2882de51dd3ab49adec72b947da57d460d9717e7b3759d25b9b7ffa78339d93bf5af908d0e819ffbbc29f199f4b2f85064bad758ab25c4d6954516a45104f0f12b322463dfc9bf168e152f1cba9a536b93ca87e49151e17fa5b4ce4ac84449565859c6d5c8ba1f360787d6b314bfc3d48f6832cb8752b971293f3f79fc4719abcd4573333a87e0953a932e1ae1abb8956cb7647afcc0f9beda176d8c0a413fb274e509c403eaa655c61865aa12f59d99e75637dc22c12dae061bac48695dba89f728db3b01e076affa65d82a48956d7b8ac28548404542be01cb9f2de7ca627dd72e027b33d240a277c5006bda7e40429d0e01a24dc957c0836f743f143365f07e13435f887848783121695510a97aca08f09de24365a251750f5c025f1f66b1db0baf22e38e6ab3319773cdad7afc66d7c1ff6c7fce123e753be32d6037f67d04c49e27afc2147b2634acc665412e9bcbea1c4c9d679e5fab26b107c31585f3fbd4124fb96215901462298dee2958603b3cf0b7502bddf9c98616ef2ccc12e1298043db22d5d7aa2cba01f8b740109076ff988b54dcda39abd6d23036fd8a4000b692417e050dd7f351f7cc1a95239174e5c8dc68e984b44adad09a520f1da14d2c7389556d27210a5ab87e973c39c93629e021e85af8e58709596eb99913c73475e572615bf5f4c30748b7e6c5cdeeb6970f09e62c05d718d750607cb9b104e40c0bdad8d3277cddfc3c919226601191e3bf30939a59e7b6a9eca73f204521dbda0c0fe345c3e99698ea1fa025acf4434be063c52799bb84e8f338f0e5cf49e1c74a9c9978a9332cdd3d788547d5ee2664f74144d5de6eddf7e0a8953db0471e9a3be97742027d26d6bb2ead406b838b03cbd5c54697df581419bcc7b7655e0fdbb9ff48e0178a13cb201ba2152c879bf0d8fef0f7bc7cef335e62fdb8413bc2ab63785503e3585ecae39cca9a592e1a98ab33935f84b38cb19cb00063fb7beb4bbb8186882f8c4c219df55a15d3ad197ff80adc1ede505039d4b4b5b0e7f71ea96d2ab9d8f02388a5243b1a622e707ea8e0e2436b1ac00c20935309168832d3b05b02f49c81dbff8e7163661a53985b1bd83eac06713d887a34a5ff4cb0674a7d1eb1110a3a545d8ec4254cacabcfe461124c552603c5b535b6d1da0293742255b7244615ca01709544cda741285c57e3798855f1492ca2a11c51abeb3853f179c47fb99d4e0f80475cf1420ff7b937bc8c8f5f29a3878c82d91a4e13f2368f2a36bf642009c966cbd1b737b42e3d200f3839cd6b2e9cc606e890439892214c3a2888c11562d2a19c09b3a41c440d25eee7f0eff3639e8f1fc2a6a2408e54f23ce864a5b8ef9915b64f7ae968d436b8dc031bbd5471e9125300bab16cf70d3d5d5b1ae0b3c8fb0a62229c04c6415ef6a734b1f78412abfa6ae55b3894b23f2710ea5ee751331e2203ecbdf82cb7fd189c9cb3ec8940dca6c018c37283cb90c4ce953d9bd3278b9840f8dbd22915f6912a9f071c09ffc16da6fd8dbe5063d045d9e383a84b1ad6dd0dfdad9797f15a1b216f9d404bece2d8c0f5c18768460c6853ce426b8d6e1728df32ae881c0cda37b0aa581a1374f4a97cfe9c219721d39343cc6fd523034a106692793feb1835727f9dfbe6fddb9eb269f4d2acf6fe1ff46a9bd1b266ae5b6a037f6dd82976c896437b7d5e9f8440da92349ee15453629761d86f32e2708a653a3e7ff70dd40968ce02adab4d8837bd3f6307324ec6e40272db5bfbd4ee85a4426eb2dfede492fe065c5c029d20b83e58c52054460213fa5a1f89c5eaec7166de07afe591c2ccd7c2448dae6c04bfcfbeb3fd11f3a89348d42e133c0c058cfe44b562e95620d510bcd9715c6a2377c56d05ae9cba2024affe4558e01c2d886681e207ffecc0d27926cc36feb31b27077050f6c41fdac51a66246439d227dc615a346bdbeaf0911830926a58ecbaf6916d7531eb488347475671cb625467d2837d923b38cd671634b5801185d8e8c87fc7387c8bd36f3a9b3993d401a10f5c240737ac23c55345f36df2f1c30b9340fc76652b59107d78425ac3350a9caf0498378386aee91d9b2f13e12788e669fd1d3e447c83e94463339f7d66ddb506ff039ef69acb507be6e33abc98b72a61b49c9cd2b25b621f30dd269f1d61757fd254381c793c984337f2d24aff8d29796b812984a9f063e6c4f9b026ea369e051a661f39ad65f62a617f5befdb77adf527e00eff76dfd0536e327bc7ba2515552de9f7f90a74de1916dbd4b04ced02b817e34bed1aaca21be7e36375a38831d13d2ae42e49237c0cf351a71a10ed7aaedeac8a2da6ef977bb56fbd7e2e3d707843478a39575b014f1471d65d9dc55215d57970fb508b9cadacf02849386ca0afc5c66d74c0147d3d8a5bfad6d42ffe93e81d29c8bf0469c1bba9c1b06e7f3112bc203f24fd4755eaa538fca2dd488f91587196c3b51dd0bcb0deeb73b64a9c208a63afa784679c2ec6d2c19b5464b943c95908719391c96070418f1c6f0f5575cbb80c0abadbc23aa5845893edbce5c64a6488d70ddd900aea99db318de1fdb3dea5cf997bb7d47d5f830c6dd237bed5c259d9266bec2cda2cd44aa7eba06633a96a5ec1cf54c47351648ec7da5755dd8386af184d4086e20370fb6e7627d9841ee5eafbc2bc6f7ee3ba37e1241f8cf1a0fbeee1403ccc1f55d78fca562cf307ad1361ed06fd107c9c72393eca8860f83da04d38c6118b25ef12b73f4da9f2da8c576b88fb3d4c7f16c3bc5f37fb87d7b746176438efef3247e0805f00b647cb05324185a49a050ae9fc4c3c095b2a27b419a5611035caad21fbaab80531b05214c613c20c7274e6e1666f0d099f3354a051ac1c3357d6d6b9f066a59d05640567c080a49558e51f63ee4480df6a92a662422d3753db594a7cf0478dae8a5bfa5e81f81f85e6eb3b29fe8af2ca645bead11cea3c2d650c37b0ef00733b874eadd9514063e1cc6803cd6780e36f06121ac0364d111d316405407803ac395fc72821cba31854e593bee4e5bbfaebaf913505487a94fc36932478a3e12217b224a767b0258c4736672d8eb1c76b3204221af7bc02d8cce7507eaf0849f363efed8ed225a947ada42a9201c3c3041c50621acdd83486259d5934628a396fd769ccc5029b646087a4fce293ff0aa13c8b5526778f5ff8654c15ca7aa77a6a7989c37d6f4e52fcbc1174ef1f0859488d674785db95c1645d991011e709afa769ba4f092b1dc67c20a0855132b4c74ad58ba94c1281994fb90f2aa0c935aeb2f0108d5ec6a1771a7eb9b5fe8369a324d63e2ba47be555ad2d56939c1a1572314d5694d64e70c47ea3c993c31a827a64d7e4cb07f6d1d2d405bb2ce8554c73ffe2b48bedd2dc40f7ecef6c1989991be1591f16118caaa2a0e5f4f07e58b02749ece9637feac4e1e65cc0b3f2b77501c359c687e6f130d6817864008401d959a30b9837cb85467dd23d915aa1e32dd0144ab9bd7115714df68834963e030d22392be5d480f0a8d40732950c4cfe9a6b6d8f645b6db0f18cb4ad43b442ca23b950de2f930239d96c66f575b8b23ca3e644f2da71f12dac77291e474763f1d64796f27031d3ed371ebca1aa1836d5a368e792f191f64f4271ff5c1fe2dd41b303c7f12d56ae8e64073de9ce1a14ad0561b80e2a3841686c0287504956e7fa2e21b8569690407a8fb7521f924d850289128bd080bb3537ea9cf7c67a904db38128176a4bea32c88786682cfaca90d699dd536a856afe3ff00394c33629e919d116ca7ba519749384ba2897d1202a6cd3b2e1ae38d4348cd5010f4b590864e1b7f83d5a9874614831a4c85de067ddfb82ccb8b92db2f801c2578b13a196ab19e6da096411d1df3cb89992ec1be37b13cef81dd8cd2ad9d96b4dc04dd5c974e0dfcc731fa40bb31de67dc3eb047142f4818efb54f04a8abe4cb2394e45e467ca76a74a24d0594426c6f424dd38d94927b4da53e7548affac21bd4459fade8ab11f1330416fb69491b3a2f9a4490286cc4c6440435643de2dde6c7c7a0f9884cc276fdb31d197a78fcb68cea8d52865f04376af1fae1c6bd64bf404fb3fb4249eb2208c361f89d642fe56cd985bdbc3027adbfda303880cb451d74f7757ab83c6855cdd63e7d4219fa71a724e8934ad52bcf5fcf897598569e921e78f3b7d4a3fef150038431f12a54143a4d8ef1c12e75c1cd02225a07b431b15aa737ac8bd2a7f82bf7d450b85c442ba447a7fbb103435c823288a236e89df597f87ec9a4c2b3b08d5073c4d05aebb519a8101c870f9f2a31649a79b0cf3f477f637fb98732c5e349a939ccbcfd13c2eefcaa8e7c795aa9af203e2417eb564cd8c596376ec4659fe0639cbe58ba87038ffe96637cd252c7c9294accd77861e68404d588bccaa85ad326fd6588da79a4551f232b1c538a26c52a5b3d2b553f6f47705e0391a4c37ea692f517209a2f50895af037699d7f799c38dc815d918c4fda2dd8b391d860632cd1b09b20670cb9fb11d816c4889383d6af7ac394c9d923e7abba5712edb74755c8388d7d415113b4189ccc07fc3526af580f378570d42390a2f693ccfa41f73871c0c5878f2c98342a54e1b9f56f7c2ed34d8333b85d7e77d8a9468c4e15af043d841feb6e34407f150b807072fee2cb71ddb70c9dabfcaacf39976aa38f23ffdbece18d34e98ccc5d69fd98405e916edb84694cd8238c73281614401ae6fa40f03e5b18e274f07b9a84cde8abb4e67d6d35495bef6f63076c5a2db28ace1af9c46a06feb6e03d25354ceab804e39810222ba6116ca59c39397d69a8c4bdfec81330ef7f98c481bc1bfef3960df169bd1cdba511e2b604952908d8e37b8eb37eb23346ca78ccbce91ebe0020559ea4686236ed7dfe4dd3819b0a606286ff9037f3c9f43b917f660d74fe41b7172421384faaff4be10192626713df15f21f3eea1051ac9cb45640fd165fb3c3f4a701d269aa4191cdaca18fa9a40c1e214a3c536d50909c2e2a04a3606cf41bb81e747f8db31d758a0053b872cce0246e634ee650a3cee260b1e54938c0fac5e0655c252135f395bfe54433040af5cf3f388988432c3dc59104c8d31a24c7178377682dc8927444b6d80ce9f96328909c5c4237f13106a447a5880c1888e23d52b4007f943e1bd63efd5fa0a5eed41c7de82c4149eee7a3252e9499e3c7fae2026d6c1f073847dbd6e59c4652526cb8fbadd1cc59da346099e645022b8d85aa354358ddc97e0bbe2b5f51c1bfa77acbc8b071cb66c7bec8f6a3a3f2a4c727b3edadc5ba9230f5497b00c7d66b7890e57a95cbb42e66ca997b318bec539f7d7c956cbb76c792af3e2804306ed5c9f18b2358d3d28204cba99d86a8b267c06895b1a520eccd30e459765111b05db77fe2d2ff733cb71b305fc79eb56b553ed4dd599413a7f587283fb684428840cb8df507d89ecde6e6bc83c258196e88e6c4ea3ebc675cd6c65ff6220f7ca17d61b0162d337ba6b2e87ee378f65721f579d39a8e7f28b314a83da34f434f5745aff386cc75b3dc6b75cc4fc0cacabd0aa286157a0e5708c6b23bc0c7b1a1bdaff80815c8fdad5d5d62502950c66036ca203b186de22a3f02a33623cffdeeb15c59400f794f3c1d47cf7dc19f6984860da95f7fae61c094f60cd92a6d93dcdd700e6feb71ec76d8eb82af8e0efcbde2d45f0e9ed6e453e78fd478ad507fc7b4f52b82f80b49ea6daa0d5c270ae5ed4f2cd6ea462ac8c035"}], 0x1180}}], 0x7, 0x81) (async)
accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) (async, rerun: 64)
write$UHID_INPUT(r1, &(0x7f0000001040)={0xc, {"a2e3ad2147c752f91b231a0987f70e06d038e7ff7fc6e5539b324b078b089b080f384b090890e0878f0e1ac6e7049b334d959b729a240d5b67f3988f7ef3195201c0ffe8d178708c523c921b1b5d500f0d30090936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc90da8196c28d920bab05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d21487b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a158b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae7183cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a799567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461600000000000000206ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cef3d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f86b8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a75500000000d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) (rerun: 64)

9.616532625s ago: executing program 0 (id=3777):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace$setregs(0xd, r5, 0x2, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f00000000c0)=0x7, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000000), r1)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r1, &(0x7f0000001200)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001240)=ANY=[@ANYBLOB="7c000000f861479557c996c8d4a58a28ad744ec62fc2b93cd5226605e43a71b1a03f76d1588533ef49a69be8211e56176af9c6ce744bd4a363c89d2056b1cf37e4b878a49d162166449954f22cf1bc3b8d4512d85896c344544fcb154699c40fb0b9fb4a9b903805842be8283cc03162e45b525eb726dffa54067aa25de1ebc873c3a4f5133416821ada03016816762c86970424c14bfcbb63fc4048c7ee4f6f3d58cb441ae59036d2320a7fff8344a587a60a04b1", @ANYRES16=0x0, @ANYBLOB="00002bbd7000ffdbdf25070000000500010000000000080005000000000014000200fe8000000000000000000000000000aa08000500e0000001140006006e657470636930000000000000000000140006006261746164765f736c6176655f3000001400060076657468315f746f5f7465616d0000"], 0x7c}, 0x1, 0x0, 0x0, 0x40081}, 0x4000804)
sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01020000010000ecffff0300260005000400ac35000114000600626f6e643000000000000000000000001400070000000000000d00000000ffffac1e0001050005"], 0x4c}, 0x8, 0x3000000000002}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x2000}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x3}]}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x60}}, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/crypto\x00', 0x0, 0x0)
read$hiddev(r7, &(0x7f00000000c0)=""/4092, 0xffc)
pread64(r7, &(0x7f00000013c0)=""/208, 0x31, 0x401)

9.614915605s ago: executing program 2 (id=3778):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x15, 0x0, &(0x7f0000000280))
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000140)=0x7ffd)
ioctl$PPPIOCSPASS(r4, 0x40107447, &(0x7f0000000180)={0x0, 0x0})

9.546965078s ago: executing program 5 (id=3779):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x8)
r5 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405668, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40186f40, &(0x7f0000000440)=0x1f)
syz_clone(0x120e1100, 0x0, 0x0, 0x0, 0x0, 0x0)

9.480129857s ago: executing program 1 (id=3780):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace$setregs(0xd, r5, 0x2, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f00000000c0)=0x7, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000000), r1)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r1, &(0x7f0000001200)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001240)=ANY=[@ANYBLOB="7c000000f861479557c996c8d4a58a28ad744ec62fc2b93cd5226605e43a71b1a03f76d1588533ef49a69be8211e56176af9c6ce744bd4a363c89d2056b1cf37e4b878a49d162166449954f22cf1bc3b8d4512d85896c344544fcb154699c40fb0b9fb4a9b903805842be8283cc03162e45b525eb726dffa54067aa25de1ebc873c3a4f5133416821ada03016816762c86970424c14bfcbb63fc4048c7ee4f6f3d58cb441ae59036d2320a7fff8344a587a60a04b1", @ANYRES16=0x0, @ANYBLOB="00002bbd7000ffdbdf25070000000500010000000000080005000000000014000200fe8000000000000000000000000000aa08000500e0000001140006006e657470636930000000000000000000140006006261746164765f736c6176655f3000001400060076657468315f746f5f7465616d"], 0x7c}, 0x1, 0x0, 0x0, 0x40081}, 0x4000804)
sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01020000010000ecffff0300260005000400ac35000114000600626f6e643000000000000000000000001400070000000000000d00000000ffffac1e0001050005"], 0x4c}, 0x8, 0x3000000000002}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x2000}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x3}]}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x60}}, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/crypto\x00', 0x0, 0x0)
read$hiddev(r7, &(0x7f00000000c0)=""/4092, 0xffc)
pread64(r7, &(0x7f00000013c0)=""/208, 0x31, 0x401)

8.48863523s ago: executing program 5 (id=3781):
socket$can_bcm(0x1d, 0x2, 0x2)
fsopen(&(0x7f00000007c0)='erofs\x00', 0x1)
socket$inet6(0xa, 0x800000000000002, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0xa0602, 0x0)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180200000000000000000000000000008500000061000000850000007d000000950000000000000088f4756552cd36f647e61979a9763ce061c04cd7c926e5e466c67f9d2828487e0a32cc42cc6e37cdf5afb02c7eae43d02f989a44"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x46)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000480)="e02742e8680d85ff978a762f86dd", 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
r4 = syz_io_uring_setup(0x10d2, &(0x7f0000000540)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f0000000600)=<r5=>0x0, &(0x7f00000005c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x4, 0x1cd83f7c25e05491, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x100, 0x1, {0x3}})
io_uring_enter(r4, 0x47bc, 0x0, 0x0, 0x0, 0x0)

8.208291258s ago: executing program 3 (id=3782):
r0 = socket$inet(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20020008008f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x0, 0x7}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000c40)=[{0x0}, {&(0x7f0000000580)=""/104, 0x68}, {&(0x7f0000000600)=""/78, 0x4e}, {0x0}, {0x0}, {&(0x7f0000000900)=""/206, 0xce}, {&(0x7f0000000a00)=""/154, 0x9a}, {&(0x7f0000000b40)=""/228, 0xe4}], 0x8)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2, 0x8}}, 0x20)
openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sysvipc/msg\x00', 0x0, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0)
unshare(0x8000600)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./bus\x00', &(0x7f0000002a40)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
rmdir(&(0x7f0000000040)='./bus\x00')
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000280)={0x0, 0x0, 0x3, 0x81, 0xffffffff})
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000540)="5802009400140091d491321dcea4acd70729723b4789c749380e24811f70c68fee4456254550a10004226c1aac9891343d24cfbb19f8e3e3bd94cd180f5db3", 0x3f}], 0x1)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64])

8.205882731s ago: executing program 0 (id=3783):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
gettid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00')
pread64(r4, &(0x7f0000000140)=""/15, 0xf, 0x4)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x89)
vmsplice(r3, &(0x7f0000000a80)=[{&(0x7f0000000300)="6758926ce1ec6b68b69a769ecaf829d294c64bd814cc1c5d8d3d2ae6135237e9441e4d6b108b52377c58d3d052d5aa9cfca550f6ee9a4878dd5cd2cfe432b33ce68c056d553458f39652890534514b2fcb3d58b712a1e56b24b69cdc9f30545adbea84f9a254a3ca0b3a124ae4ac70e508ce1cf8ce02bea74758911eacf5c3c1e55cc44b9cbcd77fa9888de72bfbd73908c0bde9c0ba221005bc40b9e316dbc5ba6a151e09f3e9ddc81c6dca2292ab03327864", 0xb3}, {&(0x7f0000000440)="feeb7518419e2cb197481e39401f568789e24dbec8dc388d21e0f7091b64334ef6e529d4248e1535ad6c9c85a6cab7ef33c6d62ca8eda413c8e0315a5600e6bceaef5c13d6f44bbd8feb5fa59992c8b41a50a30357101ba845f3e9ee432a7d6c3f8bd28ad7f52e136ce6025f4a4ee38fac816c911c55f399c13cd3388053b8fc8e6a31b0bbd0a8fc582c4471552ae09a7e6fa177c520e8bbb0a10ead2790924fabf72f16160504d5a098d884424bea5e85715e656af24cedb1db9d618fce33c75115295ddd64020c6e7affa52b6768e08ed65464000daccdd1a625d7ea8828f37968efa799c13f88bcffbd2b4e9bfaf57b8b86a32c8e35635a9fe7c48ff6", 0xfe}, {&(0x7f0000000980)="2d851eae96b5b9cea5c578df01ed14526134a492b7de6c4ac3fb3fc1586c63d29cdac3df7cb233d1147252a99db71539a8b32bde5a5f90c34da500b1f2a28671f526e72d7ff8139b848facaf96fda17bc82b2420892edb6a5145f414ba7ad3b9bd5ec0315ad38b3735f36b8e945f5393f3f75edbd0c128b0a687f28d01f6ed56d61f85a1989e4bd3093265926c0018728499ddf2a0503d9cedaf7c4d3dadcdf04d4d1a2eaa9ef16f17f9a019097dfdb86191a6b4e1fd2ea7355e235d571807bb13", 0xc1}, {&(0x7f0000000240)="7e4483d6f6faeacda05a85ffcd6efd2d2f39ada86b1f509b1902b0596c322734e43f5f09b8322b4440bd80e60fbb79accd128ab7883d16e2613ce060a0422380cbbf8abd35896bbd314acf4d", 0x4c}], 0x4, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x89)
sendmsg$AUDIT_DEL_RULE(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)={0x424, 0x3f4, 0x200, 0x70bd29, 0x25dfdbff, {0x0, 0x1, 0x20, [0x5, 0x2, 0x6, 0x9, 0x3, 0x8, 0x6, 0xffff, 0x2e7, 0x101, 0x3, 0xfff, 0x8, 0xc, 0xe, 0x5c, 0x7b58, 0x6, 0x1, 0x0, 0x0, 0xe547, 0xc, 0x8ce, 0x0, 0x101, 0x800, 0x7, 0xb, 0x495e, 0x7, 0x200, 0x4, 0x2, 0x5, 0x1, 0x9, 0x7f, 0x6, 0xf, 0x622e9321, 0x2, 0x200, 0x8001, 0x4, 0x80000000, 0xa, 0x9, 0x5, 0xe, 0x0, 0x3, 0x9, 0x6, 0xee55, 0x6, 0x80, 0x4, 0xfa5, 0x3, 0x3, 0x101, 0x8, 0x5], [0x7f, 0x2, 0x4, 0x2, 0x4, 0x7, 0xc512, 0x10001, 0xf, 0xd, 0x81, 0xf, 0xd59f, 0x2, 0x9, 0x5, 0x5, 0x6, 0x5fe7a582, 0x5, 0x2558, 0xf, 0xf6, 0x9638, 0xe, 0x2, 0x2, 0x2, 0x1, 0x7, 0x7, 0x40, 0x1000, 0x2d, 0x6, 0xb8, 0x8, 0x4, 0x100, 0x0, 0x2, 0x7, 0x1, 0x6b55, 0x7, 0x6, 0x9, 0x8, 0x40, 0x1, 0x1, 0x70, 0x4, 0x48, 0xffff, 0x3, 0x5, 0x46046534, 0x4, 0x2c, 0x3, 0x3, 0x5, 0x1], [0x7, 0x6, 0x8000, 0xc, 0xe, 0xffff, 0x9, 0x3, 0x1000, 0x14231fd0, 0x6, 0x7, 0x0, 0xe, 0xd, 0x3, 0x800, 0x7, 0x8, 0x9, 0x0, 0x1, 0x8, 0x80000000, 0xfffffff7, 0x3, 0x2, 0x8, 0xbf0d, 0x9, 0x9, 0x5, 0x5, 0x81, 0x0, 0x3, 0x9, 0x7, 0x8, 0x6, 0x4, 0x7fffffff, 0x1b, 0x6, 0x7, 0x93fa, 0x5, 0x9, 0x5, 0x3, 0xdb6, 0x5, 0xcb, 0x3, 0x8, 0xfffffeb4, 0x0, 0x7, 0x728, 0x7, 0x6, 0xcd3b, 0x6, 0x3], [0x40, 0x7, 0x5, 0xe, 0x10, 0x3, 0x8, 0x3, 0x7, 0xfffff7c5, 0xff, 0x0, 0x64f3, 0x3, 0x3, 0xe5, 0x6, 0x1, 0x0, 0x6, 0x5, 0x3, 0xa, 0xffff7fff, 0xd2000000, 0x2, 0x3b1fe6d7, 0x5, 0x1a2, 0x2f7d, 0x1, 0x0, 0xffffffff, 0x81, 0x4, 0x0, 0x4, 0x3f2, 0x9, 0x0, 0x3, 0x10001, 0x2, 0xd5e, 0x1ff, 0x7fffffff, 0x1, 0x5, 0x2cb, 0x101, 0x5, 0x101, 0x6, 0x401, 0x80, 0x1, 0x21, 0x7, 0xe8, 0x9, 0xfffffffa, 0x89c, 0x8, 0x9], 0x4, ['-\x00', '\'\x00']}, [""]}, 0x424}, 0x1, 0x0, 0x0, 0x10}, 0x4048001)

7.024729326s ago: executing program 3 (id=3784):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x6, 0x0, 0x7fff0006}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f00000010c0)={@in6={{0xa, 0x0, 0x0, @mcast2}}, 0x0, 0x0, 0x1b, 0x0, "61a1ed8439cde8054f2ade8e9f5fe76b933e1c473214081e33dffa0f46311e02551a46c801d8820400005b98cb9fb96d225d602392f816d0bdcc09b5063087117402d8004f1fe97f61fd27a05f7115ae"}, 0xd8)
fcntl$getownex(r2, 0x10, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x20000841, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @empty}, 0x1c)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000500)={0x0, @in6={{0xa, 0x4e20, 0x8, @private2={0xfc, 0x2, '\x00', 0x1}, 0x9}}, 0xa, 0xb130, 0x9f, 0xc, 0x0, 0x200, 0xc}, 0x9c)
sendmsg$IPSET_CMD_CREATE(r4, 0x0, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc3}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
syz_emit_ethernet(0x7e, &(0x7f0000000380)={@broadcast, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "ff690b", 0x48, 0x2f, 0xff, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x8100, 0x0, 0x0, [0x5, 0x401]}, {0x0, 0x0, 0x0, 0x0, 0x100}}}}}}}, 0x0)
write$cgroup_int(r5, &(0x7f0000000040)=0x1c9, 0x12)
mkdir(&(0x7f0000000140)='./file0\x00', 0x12)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='debugfs\x00', 0x10040, 0x0)
mount$tmpfs(0x0, &(0x7f0000000380)='./file0\x00', 0x0, 0x1830022, &(0x7f0000001900)=ANY=[@ANYBLOB='mode=0000'])

7.023217809s ago: executing program 2 (id=3785):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
prlimit64(r2, 0x7, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
r7 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405668, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40186f40, &(0x7f0000000440)=0x1f)

7.021070206s ago: executing program 0 (id=3786):
r0 = socket$inet(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20020008008f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x0, 0x7}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000c40)=[{&(0x7f0000000400)=""/187, 0xbb}, {&(0x7f0000000580)=""/104, 0x68}, {0x0}, {0x0}, {&(0x7f0000000900)=""/206, 0xce}, {&(0x7f0000000a00)=""/154, 0x9a}, {&(0x7f0000000b40)=""/228, 0xe4}], 0x7)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2, 0x8}}, 0x20)
openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sysvipc/msg\x00', 0x0, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000540)="5802009400140091d491321dcea4acd70729723b4789c749380e24811f70c68fee4456254550a10004226c1aac9891343d24cfbb19f8e3e3bd94cd180f5db3", 0x3f}], 0x1)

6.093239246s ago: executing program 1 (id=3787):
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x1c, 0x15, 0xc3, 0x8, 0x2040, 0x9301, 0xe4fb, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9a, 0xf0, 0x3}}]}}]}}, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x3a, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb05, 0x1a30, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x30, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0xfd, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x3, 0x0, 0x1, {0x22, 0x45}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x0, 0x2}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$session_to_parent(0x12)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
splice(0xffffffffffffffff, &(0x7f0000000380), 0xffffffffffffffff, &(0x7f0000000440)=0x2, 0x10001, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f0000000240)={0x0, 0x0, 0x1, 0x1ffd, 0x6, 0x2})
chdir(&(0x7f0000000080)='./file1\x00')
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x101800, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r5, 0x40049366, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000016c0)={0x8, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}}, &(0x7f0000000080)='GPL\x00', 0xd, 0xff7, &(0x7f0000002e00)=""/4087, 0x0, 0xa1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

6.087109565s ago: executing program 5 (id=3788):
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
fcntl$getownex(0xffffffffffffffff, 0x409, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000300), 0x0)
syz_emit_vhci(0x0, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, 0x0, &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r4}, 0x10)
mount$nfs(&(0x7f0000000040)='@\a', 0x0, 0x0, 0x28, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x40000000015, 0x5, 0x0)
ioctl$VIDIOC_QUERYCTRL(0xffffffffffffffff, 0xc0445624, &(0x7f00000000c0)={0x88004005, 0x0, "679c51ecbc83d1e22e845e3ede57135adc714d432546da16827000", 0xfffffffd, 0x749, 0x0, 0x2})
r5 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r5, 0x0)
ioctl$SIOCX25SFACILITIES(r5, 0x89e3, 0x0)

5.015804358s ago: executing program 0 (id=3789):
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x1c, 0x15, 0xc3, 0x8, 0x2040, 0x9301, 0xe4fb, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9a, 0xf0, 0x3}}]}}]}}, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x3a, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb05, 0x1a30, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x30, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0xfd, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x3, 0x0, 0x1, {0x22, 0x45}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x0, 0x2}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$session_to_parent(0x12)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
splice(r2, &(0x7f0000000380), 0xffffffffffffffff, &(0x7f0000000440)=0x2, 0x10001, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r6, 0x560a, &(0x7f0000000240)={0x0, 0x0, 0x1, 0x1ffd, 0x6, 0x2})
chdir(&(0x7f0000000080)='./file1\x00')
r7 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x101800, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r7, 0x40049366, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000016c0)={0x8, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}}, &(0x7f0000000080)='GPL\x00', 0xd, 0xff7, &(0x7f0000002e00)=""/4087, 0x0, 0xa1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

4.228432513s ago: executing program 5 (id=3790):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000cc0)={0x1, @pix_mp={0x0, 0x0, 0xb5315258}})
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000440)=ANY=[@ANYRES64=r0], &(0x7f00000002c0)='GPL\x00', 0x5, 0xbc, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, r0, 0x25d8b000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000000c0), 0x0, 0x4000800)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095", @ANYRESDEC=r1], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='sched_switch\x00', r3, 0x0, 0x6}, 0x18)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r7, 0x0, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r7, 0x29, 0x3b, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
epoll_create(0x10001)

3.826003684s ago: executing program 2 (id=3791):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x8)
r5 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405668, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40186f40, &(0x7f0000000440)=0x1f)
syz_clone(0x120e1100, 0x0, 0x0, 0x0, 0x0, 0x0)

3.095862091s ago: executing program 5 (id=3792):
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x1c, 0x15, 0xc3, 0x8, 0x2040, 0x9301, 0xe4fb, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9a, 0xf0, 0x3}}]}}]}}, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x3a, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb05, 0x1a30, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x30, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0xfd, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x3, 0x0, 0x1, {0x22, 0x45}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x0, 0x2}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$session_to_parent(0x12)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
splice(r2, &(0x7f0000000380), 0xffffffffffffffff, &(0x7f0000000440)=0x2, 0x10001, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r6, 0x560a, &(0x7f0000000240)={0x0, 0x0, 0x1, 0x1ffd, 0x6, 0x2})
open(&(0x7f00000000c0)='.\x00', 0x101800, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000016c0)={0x8, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}}, &(0x7f0000000080)='GPL\x00', 0xd, 0xff7, &(0x7f0000002e00)=""/4087, 0x0, 0xa1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.208617626s ago: executing program 2 (id=3793):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace$setregs(0xd, r5, 0x2, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f00000000c0)=0x7, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000000), r1)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r1, &(0x7f0000001200)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001240)=ANY=[@ANYBLOB="7c000000f861479557c996c8d4a58a28ad744ec62fc2b93cd5226605e43a71b1a03f76d1588533ef49a69be8211e56176af9c6ce744bd4a363c89d2056b1cf37e4b878a49d162166449954f22cf1bc3b8d4512d85896c344544fcb154699c40fb0b9fb4a9b903805842be8283cc03162e45b525eb726dffa54067aa25de1ebc873c3a4f5133416821ada03016816762c86970424c14bfcbb63fc4048c7ee4f6f3d58cb441ae59036d2320a7fff8344a587a60a04b1", @ANYRES16=0x0, @ANYBLOB="00002bbd7000ffdbdf25070000000500010000000000080005000000000014000200fe8000000000000000000000000000aa08000500e0000001140006006e657470636930000000000000000000140006006261746164765f736c6176655f3000001400060076657468315f746f5f7465616d0000"], 0x7c}, 0x1, 0x0, 0x0, 0x40081}, 0x4000804)
sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01020000010000ecffff0300260005000400ac35000114000600626f6e643000000000000000000000001400070000000000000d00000000ffffac1e0001050005"], 0x4c}, 0x8, 0x3000000000002}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x2000}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x3}]}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x60}}, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/crypto\x00', 0x0, 0x0)
read$hiddev(r7, &(0x7f00000000c0)=""/4092, 0xffc)
pread64(r7, &(0x7f00000013c0)=""/208, 0x31, 0x401)

1.145205571s ago: executing program 1 (id=3794):
r0 = socket$inet(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20020008008f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x0, 0x7}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000c40)=[{&(0x7f0000000400)=""/187, 0xbb}, {&(0x7f0000000580)=""/104, 0x68}, {&(0x7f0000000600)=""/78, 0x4e}, {0x0}, {0x0}, {&(0x7f0000000900)=""/206, 0xce}, {&(0x7f0000000a00)=""/154, 0x9a}, {&(0x7f0000000b40)=""/228, 0xe4}], 0x8)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sysvipc/msg\x00', 0x0, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0)
unshare(0x8000600)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./bus\x00', &(0x7f0000002a40)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
rmdir(&(0x7f0000000040)='./bus\x00')
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000280)={0x0, 0x0, 0x3, 0x81, 0xffffffff})
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000540)="5802009400140091d491321dcea4acd70729723b4789c749380e24811f70c68fee4456254550a10004226c1aac9891343d24cfbb19f8e3e3bd94cd180f5db3", 0x3f}], 0x1)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64])

1.130453016s ago: executing program 2 (id=3795):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)="93bffc", 0x3}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000a00)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b933aa9169f5f7b51dd5319b8016623d1863d70581691a79a6678db1e5e7fa1c98c5b9e4a87272e9c4a1bd98dbb2ab76919ba5c1020e80bd0659e82d861dc6fe4c62639134c504aa438689d2", 0xc6}], 0x1}}], 0x2, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x254, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x3, 0x43, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x0, 0x0, 0x2}}}}}]}}]}}, 0x0)
write$UHID_INPUT(r0, &(0x7f0000001780)={0xffffdd86, {"d99abce8bf878fbdc1e2880574c996d188c2098e5cd05e141c84a9fa7715eaa6f4eb2274c962d9ab4a63f1c49c2493e66dc32e20513f2c1d6d8d575a48c1610c82623e557e8f2a788d1ede446cfdbcc06278f39988a71f47b2dde0274c59f9064d17574698774426e4f21ccd86d54c8f74b5937b16909dbfd9511beca3a86e76c002e5565c7d3f07e09cdb11a223543e8b95420ca562dfa1bdb92220db81fa8110fe02f7abd4bb7d33c69209b665544bd28d73b04a7da2318a89deab7ac6dd0f3d3789e6a39db065b2b8bcbcb6ab2efa2a0da04a43382bd3c748694b27efa32ea1b7c9e90a0a93bf215345df252ecb7a6bd497f75e700fd95810eacaea6ee9948cf1495b431933c8d3ff43e1dd94993b42a2b6628864b50dbec583c5a383ab3cc88130e6fe5985585a9fd04b2257b91a89f259bdd4d8fdb27ea43333eca9af87f98f47cc97ae87bc1fb75a764ac48edbc7149a12262f5ba1dc5f4ce2679d9c379f853e68465e6d6390cc3d22e37595d97cccd7ddce3af698a076c762e668179d08c2cefb42b39c5017d6bd4801c8e5f55704eaf870d1a45bdaea16a97ce1060535b5d2579e2db23b76531094daac5be119be79e72462d28b035787b84de9e8777e064e45bdc762f3a4d7fc1df9aa1252a210fbd01448558101598a5f387caea3a6e99fe62275d92831e2cd1d1a4114b76ff47e76b5c1127e24de76dedcf338439048e9bba05765fa85d7cd58e321438bd3e663c11c0605a83b57e15e41df8b8e52759194edaf1f7df5f1873efe01970a8265e487672812ec4856e19f4a84e19a472d78c7cebc7c4cf2a571c01d3680bfcfe1782c686df27fb81041a545ac82687683fc599ab5ec1d846465c1abfe6e24f9a9149b39a4738ae839c7b437cd1c8ac59f41a03fa7e640fc913b64877a4f856137e31f3a6fd109de6e30060a63d56858955a68889a49317ab82e82a738a2697e294f5afebd746519567a5cedd4b3a8f87105115e6989b67d1f250e8d9a795d2d118265d65b863b45c0c39fc56721d3558767584e544f351edd6b2c828cba3939e9f64449011696e25302a89e15c224b671eb294a713f4644b6e82c44303e0bd104f833384388ef836382481ec13080c35dcc075fcd6cb760f713980a70d9b69bf2c0d5cd1883e7c55f3dae2da23038c14b4fef91fbe7333f8d3507cd15fe4c6edf24d637dd96d45ddc705c2f07ca0cb1193dbb469c35c57efcf11f3adfe8c50b2de685be50c3abe3072a0944573a37a5298f12f4bffccd2ab884e90cf0e8a57d1f5c16793d5a65e42fc5270e36024815a8047bcdc12bf0c138e47aca993f9c7cf3a88198e43c2691c69b9620436f41eebc9295b96c21043157785ed183ae2f75cf4ed44c5502292d45820b76a5388220fb0cc51972ac9d120308c568ab5d79d73f80d829f2af2a203486e70e8992efee0b409572fb3d8ceaf2e7dc55faf6dbe32f59108c1cfd429dcc6f35162da8bc11204ab5fb9b362dc77f817bf33014d391bf2ee04fb44e6d11ea574c14b81380a03ad9e24aa741b4ca937c58ef4259a02c40c205b0a4790c11b66c11fa05598f94589ac52d9dd81cac2a34547d73939ef315da5ac14c44701d5f5b33fec66d3a3b9cc1d334decdb99d6a46280bdc61bd9d8ab1f73b07ac45240b57cf6ded8b2fd2f6e72bd2f5894c0b56f0e35d8ef5d1298dd56ce8bf41e30002de29274d01b620794d42368401c08af68847948f6869ea0258cc3a2cf7093ef90bb02ced0e73ceb6708e7b3395febb68aa0986c52b99ba031a4634ea7c8a0c420913293d13b60e32a8087273242ae34eb72d20b0f210193d653f52e66057e3644fd5b108a2ee4ce941b87a15d37b62c2dafcd08f8ad5cd9485201181d67bed8a1f47e31403695af9177c349fe96c4b7d17dad9cef14c69977f22e4613e2307cc3c1b6db1671012186a0d77f0eabec3f9e2b14238102a938c8bd208b68d5b802f735316aef456fbbf1c39272e03a56831f765a3d77d082dfb718febb8c69319da1874cb3b142309ec7943f3233bebd3591224e46c39fa0ef7cc1e0969cae6297bb320eb289ba7eb66481c081d85bfe0f221190810130ce306ff0b92fa30e4c8b400cd9ecfc60e937a154c8b37fa21c2c3e318a114938c922bcde9cbd5987a2e8090b83f880d4042be7ee8085fda3dc3f0bdd4ac68da90a9b7b340ecaf99b6f17ee4d77190f1e1cdabd31eac74eb92ae5cc321595f3718be9bbd8e0d7c3e00c1e4ce51a20811abd1da599e93bd1fe87ff65087f2418ddba9dbd1416fe4c909a0d16425636bbee058aa2cf11e21ee2816efa99115648d4b3f6b28f6297432888b322ff9deebf5224add42866e3ee454db01ab66832a81851529a06bed759b1590bf7e0b1db7581d4306debc372c6c9026953207b624db4163cbf12ae76c2f4da23f6b0d293dfbcd52a8bcfabce18577115ed030947ec68fbcc5c00a684d8ea31f3b2620df754b4fa9a5d934e960b4cd4e0edd0ba9008c639844725054377c1e2d1a9250052d44658279579fdf5522a3d11e64ee47355a36cd182a67a84943db40a11ae521ad1ffa09f6f9eac5ee7024ad79c57966d9f9dce425770d4ba37d2a8cba0df00e67d206cf2e2939c1a37afa696bed5416cda2cbaeeb218d8810472c2b880979c506f89c0d51e344b4940eac5857ff85d5567cd71ebde97fd87e79d18d66c45b99b853da358123a20cfdf0954a662fff8869c1c3b6d0fe530845bad1defa488f7b8794dc7f2da6d50ad7e2e692a79a57da0f04c2b5c229c21d7650735d62b0a0b91e34ed59cdd8681ad22bf34784f1ae453a688f5add7bc4b1493d06a684b2e6df88d5c24ed8fee8396cf3f7d416a0caf85d7e784b1b35c5ecb0f3cda86783a847be239650128765738f234f78403e77bd3e27525c4f986009aa3b4c1f843f4f16e3dc459d163433852d0923ce62ba23f534ba020109028ce5f6d238d9ad4664482ce78d57fa72034446c540ed6fd2af04a2f465329c18f50f5a1da87bfa242ddd230de4892dd32aed634e0a1de95cb5e29f96a153c192d0f34d4b002a3c2e7015c7384a83f1dc96f3c411272d51871dbad1d01175f20f311e4bfeb17919b7d1079a14929d106f9110282e39c82f823bd008623db7506e16bad3e082b8f7cdfdc398f05c6ce1b447e40b9e676207f3c5054769745982c402dd4d5ab625767ed0993b5cb26d9c64e903959d180752eb3511610eebebef44ec5ed48283b75222be82507ac17f29d76cf258401a62db6f39cd22008661413c6fd2a3dcc58fe34d68b5b80c79fa194a54428f214dabefb5d3cedd72990a5e219d8113d1285ef4829a99418363a7da3deced99c42147b6b9f064d59080d1c94ac63ac164f35a80c0d7dc480776df893cf74a32feeec7dfe86b63385adbfdb4947b74303f8eac37ce7e63019aa0984dab57be6372f879f0b5954a0fa41c6ffaff283a71ee9de23a4196858dd89f409f2cd1d49845671d676ecd9faa66c37dbe9ef7a2585459c2d1a94741c8a5708f9b9423abc88039dab77da3543f700e1a56608cc65ddc2ccd27628d7e59219ef67c25d100cde2a51d5576063a5afe12826bf06d2ebd677c1350e166bda53e8d1992c44ec340bb142b51aafdce86123084a9ebf4e242cc9d7c137b2857021059543aaa5741fd96234a819193a21d48675776ddfb9d7f95c8d25dd5945ba49fc17109465a09740ba53fffbe7bf717bace7edc9f299ce0676c88ca5f00ae876be093592fbe555d11dc3399f77d16039b64c677ea45a2867e1d72062fff4f407df7f132e819a97d540df1675bc4b21e049ba99ada904d919c4ba6c054fec2329cfb16e2fd436e00b1dc0db4e9463879f20a3c58943b2cf141c06241954bf1ac8feff051e88b5bf06371421f878be6d86af932216c8771f6c9ab750928926a8c8af300f7ec5351d8850a7d54441c5e4e6a979105ae431cfe7f5bbed4277ea04eec9b22f1fd01955cf72fab958cb26f20e3f5dd87a87e22a3c3740cf84e6d95bee37f1138f0d00081aa2fa570d98070c17769dc193d87a49cb4bc9ac8512bcefecfb503bc60e0913b989d1bbd93e7f66a908bb0b5f5a42f8bf7c2f861bd40cb72d93af856499282dcfac947f7042c23ae0ecd22cfc902623223a0c08101ac36237d967d10cc2cd5c3d32a0c27d9fedcc1d9885613cf692d7aa5b3027401f5053681ab75e686c72a11b2e40160b0b8d352b26ec561a83805d2f30c5ccd8cc68f3ff0d194784fde6d2ae008a04aadf8844b878ca485cd5cbc9b7f0fa9119dea8d80780247dd782aebe3ef429b2b9e73a10fa8faedff1f27c440766845beeacaaa36eeab36bdd782dc62669cc32da1c62807126a5ac0e99f59eab6b90055ddcd7b1490729171aa5347a3dc9e2c899ba2ad06cdfed671c5b72eddad775607fd57da925f6de601ea3d558641d11210ce8b85cd115221f4298e9ef8b7abedfc24508c34f7a91d7404b8e5eba02213a25f8bc7dea25de3e34a2cd54e7a77ddc3205c2f33086208cc270a00f8566d225214a4c97e8ad40c5b0b6aab6a8ca688e2bc35a27c824b929d6dd8de3820e5b2c0eff80dc0050088151022a8917e3baf61605f3f3f3345c7f51ffe9616af27a5534aa3c92aa4b7497ebef265ec47530ecf49fc39014379be8d9f77d910a8707605d55008911b229d216ec6bb882e9502ef2a60a53d0bbfdceb438e27761c831d2f0423449c412a03cbf803741e23c8dd58799272b7f603bc424c4590bc5cf9d988e1c3a6e60ec393fdf91c4a104e52a7551c062e37f9cef5c3c5168fb4e72bcc9b245ca64529f1739445063bd4e200a6398e6fda726834441ff5bfeb9527634179af93707029d531c6f2275ca85fad1b6210f54aab5eb395d3b44aae7f7e1fe8b644911ea69ce57b4554cba6b5b5f036737de3a399348e906c3c9da54407a8631cc9b29f3207320187429d64d6fb19477001bb6be6fafd56d2a792ffa35bc632b48e830d4e0c551591f78131b9b770a8a70080c746c022c715ab93b63816547ae8cd26be138a998c8df7ccf17fc4aae478fadb868a3d910824e999d86e6c30f6b3a7feb357abd020852449611a827850aaf59363356ed6a353aa662d5526c3138b51fddefa449b888a9f08e00fcc050a77736e441ee955a10c28e4ff3952e97e46c8bd15d731e7cd15ea8a56051c2de9b766ce9394f060ae4a162268a171a52d48ffb776eddcc2f42ebe4fa9a24f28b81e472ba801e3bb46dc1a3aca39478c36b604bdfb17a934255a8be2275bf7d527e50e1e237d1482e66582aa52e886c70105ff02b0b4ec5583b9fbdb955deff5a5876c56e697dc24a70540278804f90ebca6fbc99a0d43dde1a1fe7ce17a1a38895310bdb616b114223d9bf77a8727d9c2bd4bc9ff521bcd7ed37f57fe42df9f37371d70a2405e1c36fa66d5051264766bd471079b8c8bc6a71946912a57a91c915612e73de79d73c64084ba5f104227cc9b4dbfbe07ecb75461450f5275a834935c878bff2173022827017819897f420ae0c77c00604186770fd3e46c2ecf55d9a8a76dfb20960dd311a311017388395ceedaaa6bd4bff42ca74d8b408c6a4ffda6db726f6df0990541734f0c059b29b199e2ee11b6c576b940f8644a188ceee152bd33f4f4e59ff8eb711a970f87c4714c42b4634c6e87172b6cbe7e34e82d018f74da7519e830747879e771bdc1316f541bddc7106c0dea992d9dd0e8b11470cc9b4674f9c1d9b195ecacfc5f9902efcde42f6453fb2c5a760842ac30775d4d3fa1ee6334e0ab", 0x1000}}, 0x1006)

136.7834ms ago: executing program 1 (id=3796):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x15, 0x0, &(0x7f0000000280))
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000140)=0x7ffd)
ioctl$PPPIOCSPASS(r4, 0x40107447, &(0x7f0000000180)={0x0, 0x0})

0s ago: executing program 3 (id=3797):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180200002343ffff0000000000000000850000004100000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x11dc0, &(0x7f0000002d40)={@local, @link_local, @void, {@ipv4={0x800, @generic={{0x6, 0x4, 0x0, 0x0, 0xdb3, 0x0, 0x0, 0x0, 0x84, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x16}, {[@rr={0x7, 0x3, 0x56}]}}, "dd9dec79219eb5499325e16c96335bc5ff0e043319357749084ca9d0ae1378f4e88112a2f7c10fd1523b9007773fd2b2bd0ebabccd2e5c35fb3baff587585840f2530c6f4d025f118440ac22a8b34da7b5e1e873bd429686be3ef84439e05fc0fefedb8b897b09445a9e10cf24aec2ff3ca6a86d94df0c4a928ed904dcfb02e6c6c5918a839d33cb9b55dfb3cd89d80eb18dc06415d313b4ea240a65eff4b941ac018e8f81de044239960271333255291b5fbfdcf8db25e175640f36986b859aeb3370ca17e6a20aeeb5c5d27eb097fc1fab796a7ff8fcbe119bbe4be2c8a5c58890191c59bea20bfe4edf9c5453e59f610d3bd1d6eb49b02e464aee0480187c5717936add1347b08cdf5b056adb941708e8a0498900419e98b75658c6dd00f88eebf8c9aaee2e38c80eafcf6ca08ea305da9c7050948ef78a1457a2e933287fe8d2e100cb00078ed829985f8812d543cc5cdb71521f4113829551efe915e4d6773f2d285cc1e8813919356ca5ef202b0d2b8a3d7de51e4635e761ffd7cfe5d51dd1325596f0e4e1c0b1ce73240cb931227892d66f3629c9d152372d5790c1c25e2f6f850a5eb83654f423b84adbbf4169d472b2cddaa7137ff14c2944ade3a57613806810707a2e6c078beb4b87cf8cf39c9950bcb3f9bb42308bd5e68d81f7f4d9e528541703059787f5e342be8ebb9841d587f7455b409115d511c130d9641fc74391228bda52d2fa58e2ca74b26583e73e2cfb881945d8ecbc77eb35e783057f6c35ba06b7f639ec516ee54bf3645f6ec436ba859e22ed480a862285aa21f3d5cd3734e26b4351dd6dcbfeb045b6dde388a3f8920c4a6b4a952f830e0d2811f2f2714e660e961de0b3e0b8d5fd1007690a61e414e82245dbe4e47c73465ed40af1cee2eae4801ee408ad1fce81ff8db77082c5efd93fa9a1a3e3d78eff84f326df1c6fa656cc7d4dab842fe8e0d9ce47ad0a7e74dfe1a53776a346a22dc7a0e476754d385d99aa9cbd3f445ffb2ed61e01b28fc071d706ad204b1e8014481dba0cbc460b67e64d6e955184271cedef7f951021e3595ebe9c1d84b53efafb67cbed2aa1ede5d7fcff3a9d27d05766fb8894d7948609441759f4c4dfa33b6d486d4fb7e231f04d4f0f9e98f4b156129d9307fb9ebf3b278232062e7fe9ec2db7c4c991f83733368a107bf5798a1df45c919d71cce45ed907240c2f2fa6a4227e8e11cef2e7968c63e7a1adc3edec2170c17ed2cc54d0ea2b34e99b81015ffe51a501c2b73ddac5223e69d0dd451d358c0cd2ff7db256850ec1e9e349901f168d854284da68d80c68298a75c5d859008c82fe08b4cf2e68a2c0190760a03aff1be2c9425b6d5ef5c67bafb6d16fffeeb0211d90abbade4db9d6a9e9c981dde14c1d54e9138f9760bcdccbf17e7416042cfe7bbd8bba2f739f7f900ee45b965316b950e8474f3be92081fb63f43a4858b39e20e14d5a38c0975e7e033d680f2fda9e310d0e088523bdcbb728bcd0074447b4ace876da5642cd7d781cdb023a31446e0a0c59d5388674a5c8a97927e014a73d0330bd5c5187db79f1c546a8bcca008263509c23b246dea58fb36c44d373c1c92ffdd1600c27d4b10b3fc86b88ecefe8743bb59a6b8e443f06d2ae3a6908b6bc25b647deee13262225b8879dd79413ffa3d4aef91a0a04d4dc3030b5beb081c5fdf9152c3a17e6b24457fd580d84d3006af27ff44d6ec3664c4955a1d1dc5eb041682644ae564390a3d0aa602b2a18cdd3f8a1efff7b8f3afc31c283c9b74b806a98bd9f1ad8ecce410160c0a27f7ef90a2b0c1bea64e187adc04a04bff7c435659bc4c3ce5c2730e121972541062102e93d2a136e1aaaf3e25d547cad6e2b0874500fc098469494d2654808ee88588fd167f4332061a9b4cae6b22d87624e325e89a269f61ce0d26465ddfedc1f0fa2a5cf1ee7fe3e6cb375f1ff04cf8d22667debe574b8395023bde9a8302376af2e119c4c88433d1722011ade605f3a4201860742b0392ac96cc138d9ddb952f4e4742a7fd9d625465dac35347c1662b2085c357120c6ff69dedc013c5fe46555a4448b0be41e21ad73162bf9aa1cfb70f4702c7051c0a13fae918133f123d33c5c02e66ae8fceb3109b2e13a7a3e71484d59dfcba16db2d21549be1ba6cd5ad7610eefda427982384961f18bd6857ad97e868c2914d0ba934a296eda52646031c4504864061f3cba1df65cd04ef6b1050fb30b5abbbe28f8f7adb8073e452fdc0ae6b2364f48ec3c4c0c5492a5f8d427ddf451ae303a86639e5dbccfe2b2bedb911d534a77c012e2f8a24917d98ab14557caf3e66040f21767685644f0003459762d4ab25a0e33a92b54748cf46a977505074b79b9b0746b2b5b168876a2ca10bb903edc1d1992a4a94c0ee0dd7b37add092163b5fbaf16090f8143187d060b19e3822f3def14717e41558f9582467a5a5f89148450fde235e7a5bb900e4e9d14e2147bfd2a52f84a115eb170bf3d3b9b3de9781960be4e53025c7dce005e1458140bb9cf9da8fa1124ac558fb220d57c23a7f120f5171eb2208d9e6ab7186ae457973da564f1fd45b241c15596035f55034c3995a587b4471068076839420df947f10ab2fc211732d768c135d63cc5eeda1bdfc780e7ed90855fa5a364e63f529703cd0f691b0b6a41232bfd1c1f61ef6b16ed3b9055ca888c8ebcd16a0623ede9e4e37b7d6175e3d0ddba8e7d87639eb8b0ba246131951a581575f1adf4c598a9f2f087d5eb2a0a5834d8cb12b0ad76d9381a838ccfbfcc20bbb970474c48677f10aa57be1d607d5b049d397178035f7f3393cd9000336c83218850ecd64142a22f7ae7e6a7e62013d6d105eb7c862e13979698681d44121ee9e2e552315d4d3913ff7bcd90d6bed72d50107a971a37d5a1d75efeebf03cc91239b7e427fba8df6b79674c15acd2093289fe6155063af81d85840abf4635f66083b3707d34b2149dfdf95cb4deb71e1574118c242b160c770347e6b1f135a985e89fe8e6d7f40281cfb6dc05cd8b9d4f6680c0863acb34516092acdf2bea67f54ab4282ba2d898287f34d9384e335b2ddbb87aaea8cadb8f0b397e99a68a7a214fae5a1f56c95bcd901534c23cd5cff3c168813d7fa1191dd7437c96b07324a7b21b48e205b859dcd080bd62ab7cca4bd7a73959218d0eeb21c887483201eaf3afb19efe1741b57332c5441685a7bb8324d9e85faafc785312b58aabef2eef6a8048663bf13db9ae9edd4b1dcebc99890693f11b354b1f1aad19b66251b4bcaed0daed73b87dedd140fd680e7d3355362844d1d7ba2ae6be7ff91abfe6f3096794b7e142e0ac0862ab8cb76eb60b17d1138be3747f907c3f11c636a0f0e0d315d1ff05aab0ce62fbac03a2b4ddeac7ee192bba2da93b7a926271f6d594aa14de2c294ad0c77770a624d1ce24cc8d8f5e9b629604fa7897f0cbd641f76a85dc8df33b5715eb100e30e53b85110d2252c22575a7365eb08006b4d62d305e780101965094ce2aaad170df470870e687fb280b772d41ad5d470b71e256af3a0d2c02df95821d38f28cdff26fa7a3f6e920edbd3174d2d2bde854ef68dae8a0a4a63753c825930903a2ca75d4311bad0ad9ff6852f94dd04972a45bb9625b3726dfbcc959e85242f0d327b181aee0fdab7af064dd97151b131a5c4a51a66692cbbd9f1348a16470cedef1b255e172cd2b15184177ad43744de941869af884ff8e59ef0e63ac5e1b99c851e0f915359ce12d9c380bb6f9c2bc773267157afeda7abcc120a31a1b72af6662bff7f5f194dad00b4ebfdcbb4dfc39854412db1ae99b449d741f841239159ea467cf1e38b95bcb7603ebcb400cb31410b2a4e25126caade0019bf667cc998bc4582578da0f8a6268f6d114ccf9dd8379995e8be1b934bb5645d72f97e05628129a7d2bc548e08796341f43dc3c9fcbe89d8284dc6633bee0d17e99f600425f0172b6bc478f5117dadf15e36e850ecc0ca750400000000000000ffa22a6f1d6719f8d81f9937928caa0690b77406a3298aaf446e2f78343267399bb7f64c60f82bf5d07210281eaad09a3810790720c98a041332c809be7aea1480b9e5eb989085c23b4aee75143068def3e89d1c417b63321e68d340a1472d2504088c17cd75de0e700508c55a7246ca9a762cc50ca35cbcaa7dcf4ae3264c32ff2cd67566ed501fb8182b5f16c58295783f3b2b554b06aae700f198c71ad7519868c1e6fbeb0246569b04beeb8b71bcbb9af93372bee365efb1d7424689e8241b1dc346a73a84b5773487f388356b8dbec1a108846e3f8dc74865b156e8ad18b353efc4ad0b11412a381fec8f5d45678b4f8b680591be8077303e7aff71acf9052ae3b73e41e19668f9b51bfd75b778970831b6891a78ffe0d4863e62cbbf6cf8c085032864479cd3a250842984dcc2860f057f86c8e2d4c2afefb8a45b7d5b8c94e752f369a1b434c827cd26cd0276a8b40019a95ebe7c16de4c1ce8efbd5c70e0c507631818aa4fbc937d212e428aefa895069656babdbd921af974da32c49f4ca6d1e1e28319b427c8bad4d650809c673ec6073770b4097e5700a8071110fd07acbc5a59f8d7b0735a98fd40ce03718a9a93c035948859215c59f54343b08bfd95a35d73c5f09a9ebe63c509fe8443fa74e6efd0fd87defc7cb16725ce3c3d5f7664cfe253faf2cbeb307052dd2269b6266acdb31e2006b9355f673ca5c9cb907605ce071824254b139607a069531f9598f4040ddeb9cd018e9dfa1808032dfb65a4af0820da810a7b58fbb65ac8e65b017a40ec2d445a5c7b78d1f0e717b19427ef1fe6cc08c5e9da015a646085c0c076dcb0a5228468b80ad1d02b87bef0d199bc48047dd020a2277144112a9272661332278e18ebb726ee9d9d05"}}}}, 0x0)

kernel console output (not intermixed with test programs):

[ 1372.485684][T18590] netlink: 'syz.5.3347': attribute type 6 has an invalid length.
[ 1372.535556][T18590] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3347'.
[ 1372.579360][   T30] audit: type=1326 audit(2000000119.270:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18587 comm="syz.0.3348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1372.682501][   T30] audit: type=1326 audit(2000000119.270:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18587 comm="syz.0.3348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1372.971858][T17803] usb 2-1: new high-speed USB device number 89 using dummy_hcd
[ 1373.112565][T17803] usb 2-1: device descriptor read/64, error -71
[ 1374.206662][ T5825] Bluetooth: hci2: command 0x0406 tx timeout
[ 1374.368771][T18612] ubi: mtd0 is already attached to ubi31
[ 1374.920867][T17803] usb 2-1: new high-speed USB device number 90 using dummy_hcd
[ 1375.402391][T17803] usb 2-1: device descriptor read/64, error -71
[ 1375.613723][T17803] usb usb2-port1: attempt power cycle
[ 1376.747333][T18635] ubi: mtd0 is already attached to ubi31
[ 1378.348836][   T30] audit: type=1326 audit(2000000125.190:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18639 comm="syz.0.3361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1378.377943][T18640] veth2: entered allmulticast mode
[ 1378.578003][   T30] audit: type=1326 audit(2000000125.220:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18639 comm="syz.0.3361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1378.612618][   T30] audit: type=1326 audit(2000000125.220:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18639 comm="syz.0.3361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1378.862381][T17803] usb 2-1: new high-speed USB device number 92 using dummy_hcd
[ 1379.222499][   T30] audit: type=1326 audit(2000000125.220:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18639 comm="syz.0.3361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1379.394673][T17803] usb 2-1: config 171 has an invalid interface number: 109 but max is 0
[ 1379.448298][T17803] usb 2-1: config 171 has an invalid descriptor of length 0, skipping remainder of the config
[ 1379.480120][T18653] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1379.487080][T18653] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1379.491870][T17803] usb 2-1: config 171 has no interface number 0
[ 1379.541080][T17803] usb 2-1: config 171 interface 109 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1023
[ 1379.561843][T17803] usb 2-1: config 171 interface 109 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1379.642954][T17803] usb 2-1: config 171 interface 109 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 12
[ 1379.715285][T18655] netlink: 'syz.5.3365': attribute type 11 has an invalid length.
[ 1379.737848][T17803] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=fd.2e
[ 1379.751508][T17803] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1380.291804][T17803] usb 2-1: Product: syz
[ 1380.296409][T17803] usb 2-1: Manufacturer: syz
[ 1380.301103][T17803] usb 2-1: SerialNumber: syz
[ 1380.309652][T18650] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1381.218718][T18672] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1381.475473][T18672] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1381.576827][T18665] ubi: mtd0 is already attached to ubi31
[ 1381.831729][T17803] ath6kl: Failed to submit usb control message: -71
[ 1381.884407][T17803] ath6kl: unable to send the bmi data to the device: -71
[ 1381.986386][T17803] ath6kl: Unable to send get target info: -71
[ 1382.156190][T17803] ath6kl: Failed to init ath6kl core: -71
[ 1382.181620][T17803] ath6kl_usb 2-1:171.109: probe with driver ath6kl_usb failed with error -71
[ 1382.452947][T17803] usb 2-1: USB disconnect, device number 92
[ 1383.295819][T18694] netlink: 'syz.2.3376': attribute type 2 has an invalid length.
[ 1384.193293][T17803] usb 2-1: new high-speed USB device number 93 using dummy_hcd
[ 1385.717346][T18706] veth2: entered allmulticast mode
[ 1385.726040][T17803] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1385.772354][   T30] audit: type=1326 audit(2000000132.610:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18705 comm="syz.3.3378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1385.845634][T17803] usb 2-1: config 1 has an invalid descriptor of length 49, skipping remainder of the config
[ 1385.856964][T17803] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1385.869523][T17803] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1385.902403][   T30] audit: type=1326 audit(2000000132.610:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18705 comm="syz.3.3378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1385.924437][T17803] usb 2-1: string descriptor 0 read error: -71
[ 1385.930718][T17803] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1386.057590][   T30] audit: type=1326 audit(2000000132.610:1250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18705 comm="syz.3.3378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1386.090240][   T30] audit: type=1326 audit(2000000132.610:1251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18705 comm="syz.3.3378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1386.650032][   T30] audit: type=1326 audit(2000000132.610:1252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18705 comm="syz.3.3378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1386.852370][T17803] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1386.873680][T17803] usb 2-1: can't set config #1, error -71
[ 1387.402770][T17803] usb 2-1: USB disconnect, device number 93
[ 1387.469439][T18719] veth2: entered allmulticast mode
[ 1387.702910][   T30] audit: type=1326 audit(2000000134.480:1253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18716 comm="syz.3.3382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1387.810215][   T30] audit: type=1326 audit(2000000134.480:1254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18716 comm="syz.3.3382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1388.649647][T18730] macvtap1: entered allmulticast mode
[ 1388.655463][T18730] veth0_macvtap: entered allmulticast mode
[ 1388.812374][   T30] audit: type=1326 audit(2000000134.480:1255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18716 comm="syz.3.3382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1388.922601][   T30] audit: type=1326 audit(2000000134.480:1256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18716 comm="syz.3.3382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1389.109343][   T30] audit: type=1326 audit(2000000134.480:1257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18716 comm="syz.3.3382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1390.744096][ T5914] usb 2-1: new high-speed USB device number 94 using dummy_hcd
[ 1390.987083][    T9] usb 1-1: new high-speed USB device number 107 using dummy_hcd
[ 1391.188017][    T9] usb 1-1: device descriptor read/64, error -71
[ 1391.512582][    T9] usb 1-1: new high-speed USB device number 108 using dummy_hcd
[ 1391.594304][ T5914] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1391.620047][ T5914] usb 2-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config
[ 1392.052626][    T9] usb 1-1: device descriptor read/64, error -71
[ 1393.225303][    T9] usb usb1-port1: attempt power cycle
[ 1393.251854][ T5914] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1393.262738][ T5914] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1393.563677][    T9] usb 1-1: new high-speed USB device number 109 using dummy_hcd
[ 1393.699538][ T5914] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1393.708954][ T5914] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1393.745971][    C0] raw-gadget.1 gadget.0: ignoring, device is not running
[ 1393.766001][    T9] usb 1-1: device descriptor read/8, error -32
[ 1394.045591][ T5914] usb 2-1: can't set config #1, error -71
[ 1395.389318][ T5914] usb 2-1: USB disconnect, device number 94
[ 1395.631544][T18781] FAULT_INJECTION: forcing a failure.
[ 1395.631544][T18781] name failslab, interval 1, probability 0, space 0, times 0
[ 1395.690994][T18781] CPU: 1 UID: 0 PID: 18781 Comm: syz.1.3399 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1395.691021][T18781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1395.691032][T18781] Call Trace:
[ 1395.691040][T18781]  <TASK>
[ 1395.691049][T18781]  dump_stack_lvl+0x189/0x250
[ 1395.691077][T18781]  ? __pfx____ratelimit+0x10/0x10
[ 1395.691122][T18781]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1395.691145][T18781]  ? __pfx__printk+0x10/0x10
[ 1395.691168][T18781]  ? ref_tracker_alloc+0x318/0x460
[ 1395.691191][T18781]  should_fail_ex+0x414/0x560
[ 1395.691215][T18781]  should_failslab+0xa8/0x100
[ 1395.691237][T18781]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1395.691255][T18781]  ? skb_clone+0x212/0x3a0
[ 1395.691281][T18781]  skb_clone+0x212/0x3a0
[ 1395.691306][T18781]  __netlink_deliver_tap+0x404/0x850
[ 1395.691339][T18781]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1395.691359][T18781]  netlink_deliver_tap+0x19c/0x1b0
[ 1395.691378][T18781]  netlink_unicast+0x72f/0x8d0
[ 1395.691406][T18781]  netlink_sendmsg+0x805/0xb30
[ 1395.691433][T18781]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1395.691459][T18781]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1395.691496][T18781]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1395.691517][T18781]  __sock_sendmsg+0x219/0x270
[ 1395.691547][T18781]  ____sys_sendmsg+0x505/0x830
[ 1395.691572][T18781]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1395.691607][T18781]  ? import_iovec+0x74/0xa0
[ 1395.691627][T18781]  ___sys_sendmsg+0x21f/0x2a0
[ 1395.691650][T18781]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1395.691705][T18781]  ? __fget_files+0x2a/0x420
[ 1395.691726][T18781]  ? __fget_files+0x3a0/0x420
[ 1395.691758][T18781]  __x64_sys_sendmsg+0x19b/0x260
[ 1395.691782][T18781]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1395.691813][T18781]  ? __pfx_ksys_write+0x10/0x10
[ 1395.691831][T18781]  ? rcu_is_watching+0x15/0xb0
[ 1395.691858][T18781]  ? do_syscall_64+0xbe/0x3b0
[ 1395.691879][T18781]  do_syscall_64+0xfa/0x3b0
[ 1395.691893][T18781]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1395.691916][T18781]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1395.691932][T18781]  ? clear_bhb_loop+0x60/0xb0
[ 1395.691953][T18781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1395.691968][T18781] RIP: 0033:0x7f29ea18e929
[ 1395.691984][T18781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1395.691999][T18781] RSP: 002b:00007f29eb03a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1395.692018][T18781] RAX: ffffffffffffffda RBX: 00007f29ea3b5fa0 RCX: 00007f29ea18e929
[ 1395.692031][T18781] RDX: 0000000000000004 RSI: 00002000000004c0 RDI: 0000000000000003
[ 1395.692041][T18781] RBP: 00007f29eb03a090 R08: 0000000000000000 R09: 0000000000000000
[ 1395.692053][T18781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1395.692064][T18781] R13: 0000000000000000 R14: 00007f29ea3b5fa0 R15: 00007ffc3a6f11f8
[ 1395.692094][T18781]  </TASK>
[ 1395.975556][T18781] IPv6: Can't replace route, no match found
[ 1396.220855][T18791] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3403'.
[ 1396.545155][T18788] ubi: mtd0 is already attached to ubi31
[ 1397.262867][T18801] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3405'.
[ 1397.659819][T18809] FAULT_INJECTION: forcing a failure.
[ 1397.659819][T18809] name failslab, interval 1, probability 0, space 0, times 0
[ 1397.696076][T18809] CPU: 1 UID: 0 PID: 18809 Comm: syz.0.3408 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1397.696106][T18809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1397.696126][T18809] Call Trace:
[ 1397.696134][T18809]  <TASK>
[ 1397.696143][T18809]  dump_stack_lvl+0x189/0x250
[ 1397.696173][T18809]  ? __pfx____ratelimit+0x10/0x10
[ 1397.696198][T18809]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1397.696222][T18809]  ? __pfx__printk+0x10/0x10
[ 1397.696248][T18809]  ? ref_tracker_alloc+0x318/0x460
[ 1397.696275][T18809]  should_fail_ex+0x414/0x560
[ 1397.696302][T18809]  should_failslab+0xa8/0x100
[ 1397.696326][T18809]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1397.696347][T18809]  ? skb_clone+0x212/0x3a0
[ 1397.696373][T18809]  skb_clone+0x212/0x3a0
[ 1397.696400][T18809]  __netlink_deliver_tap+0x404/0x850
[ 1397.696434][T18809]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1397.696456][T18809]  netlink_deliver_tap+0x19c/0x1b0
[ 1397.696478][T18809]  netlink_unicast+0x72f/0x8d0
[ 1397.696510][T18809]  netlink_sendmsg+0x805/0xb30
[ 1397.696541][T18809]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1397.696571][T18809]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1397.696592][T18809]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1397.696614][T18809]  __sock_sendmsg+0x219/0x270
[ 1397.696643][T18809]  ____sys_sendmsg+0x505/0x830
[ 1397.696672][T18809]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1397.696704][T18809]  ? import_iovec+0x74/0xa0
[ 1397.696727][T18809]  ___sys_sendmsg+0x21f/0x2a0
[ 1397.696752][T18809]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1397.696815][T18809]  ? __fget_files+0x2a/0x420
[ 1397.696837][T18809]  ? __fget_files+0x3a0/0x420
[ 1397.696871][T18809]  __x64_sys_sendmsg+0x19b/0x260
[ 1397.696896][T18809]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1397.696929][T18809]  ? __pfx_ksys_write+0x10/0x10
[ 1397.696947][T18809]  ? rcu_is_watching+0x15/0xb0
[ 1397.696977][T18809]  ? do_syscall_64+0xbe/0x3b0
[ 1397.696998][T18809]  do_syscall_64+0xfa/0x3b0
[ 1397.697014][T18809]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1397.697037][T18809]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1397.697055][T18809]  ? clear_bhb_loop+0x60/0xb0
[ 1397.697077][T18809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1397.697094][T18809] RIP: 0033:0x7f5a4218e929
[ 1397.697110][T18809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1397.697132][T18809] RSP: 002b:00007f5a42f76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1397.697151][T18809] RAX: ffffffffffffffda RBX: 00007f5a423b5fa0 RCX: 00007f5a4218e929
[ 1397.697165][T18809] RDX: 0000000000040006 RSI: 0000200000000700 RDI: 0000000000000003
[ 1397.697177][T18809] RBP: 00007f5a42f76090 R08: 0000000000000000 R09: 0000000000000000
[ 1397.697188][T18809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1397.697200][T18809] R13: 0000000000000000 R14: 00007f5a423b5fa0 R15: 00007fffce14a5b8
[ 1397.697232][T18809]  </TASK>
[ 1398.352305][T18822] ubi: mtd0 is already attached to ubi31
[ 1399.042598][ T5915] usb 3-1: new high-speed USB device number 100 using dummy_hcd
[ 1399.192606][ T5915] usb 3-1: Using ep0 maxpacket: 16
[ 1399.231729][ T5915] usb 3-1: config 1 has an invalid interface descriptor of length 8, skipping
[ 1399.256383][ T5915] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1399.282566][ T5915] usb 3-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[ 1399.309862][ T5915] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1399.312729][T17803] usb 4-1: new high-speed USB device number 113 using dummy_hcd
[ 1399.323951][ T5915] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1399.350681][ T5915] usb 3-1: Product: syz
[ 1399.385554][ T5915] usb 3-1: Manufacturer: syz
[ 1399.415885][ T5915] usb 3-1: SerialNumber: syz
[ 1399.439628][ T5915] usb 3-1: rejected 1 configuration due to insufficient available bus power
[ 1399.464738][ T5915] usb 3-1: no configuration chosen from 1 choice
[ 1399.655188][T17803] usb 4-1: config 0 has an invalid interface number: 255 but max is 0
[ 1399.663569][T17803] usb 4-1: config 0 has no interface number 0
[ 1399.670813][T17803] usb 4-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[ 1399.696158][T17803] usb 4-1: config 0 interface 255 has no altsetting 0
[ 1399.978050][T17803] usb 4-1: New USB device found, idVendor=1199, idProduct=6852, bcdDevice=57.34
[ 1400.121989][T17803] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1400.308717][T17803] usb 4-1: Product: syz
[ 1400.395055][T17803] usb 4-1: Manufacturer: syz
[ 1400.399704][T17803] usb 4-1: SerialNumber: syz
[ 1400.410876][T17803] usb 4-1: config 0 descriptor??
[ 1400.421090][T17803] sierra 4-1:0.255: Sierra USB modem converter detected
[ 1400.700060][T18827] 9pnet_fd: Insufficient options for proto=fd
[ 1401.073451][T18846] syz.0.3421: attempt to access beyond end of device
[ 1401.073451][T18846] loop1: rw=0, sector=2, nr_sectors = 1 limit=0
[ 1401.073539][T18846] hfs: can't find a HFS filesystem on dev loop1
[ 1401.161032][   T30] kauditd_printk_skb: 1 callbacks suppressed
[ 1401.161052][   T30] audit: type=1326 audit(2000000147.910:1259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18843 comm="syz.0.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1401.161141][   T30] audit: type=1326 audit(2000000147.910:1260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18843 comm="syz.0.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1401.161191][   T30] audit: type=1326 audit(2000000147.910:1261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18843 comm="syz.0.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1401.161231][   T30] audit: type=1326 audit(2000000147.910:1262): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18843 comm="syz.0.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1401.161291][   T30] audit: type=1326 audit(2000000147.910:1263): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18843 comm="syz.0.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1401.161330][   T30] audit: type=1326 audit(2000000147.910:1264): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18843 comm="syz.0.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1401.161369][   T30] audit: type=1326 audit(2000000147.910:1265): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18843 comm="syz.0.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1401.161429][   T30] audit: type=1326 audit(2000000147.910:1266): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18843 comm="syz.0.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1401.161469][   T30] audit: type=1326 audit(2000000147.910:1267): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18843 comm="syz.0.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1401.161508][   T30] audit: type=1326 audit(2000000147.910:1268): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18843 comm="syz.0.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1401.399239][T17802] usb 3-1: USB disconnect, device number 100
[ 1402.602531][T17802] usb 1-1: new high-speed USB device number 111 using dummy_hcd
[ 1402.901343][T17802] usb 1-1: Using ep0 maxpacket: 8
[ 1402.913541][T17802] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[ 1402.913575][T17802] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1402.919495][T17802] usb 1-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 1402.919515][T17802] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1402.919526][T17802] usb 1-1: Product: syz
[ 1402.919535][T17802] usb 1-1: Manufacturer: syz
[ 1402.919543][T17802] usb 1-1: SerialNumber: syz
[ 1402.921315][T17802] usb 1-1: config 0 descriptor??
[ 1402.925787][T17802] streamzap 1-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0200
[ 1405.289436][T18866] dummy0: mtu less than device minimum
[ 1405.471883][T17803] usb 4-1: Sierra USB modem converter now attached to ttyUSB0
[ 1406.307666][T17803] usb 4-1: USB disconnect, device number 113
[ 1406.317427][T17803] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[ 1406.332670][T17803] sierra 4-1:0.255: device disconnected
[ 1406.437971][T17805] usb 1-1: USB disconnect, device number 111
[ 1406.592144][T18889] No such timeout policy "syz0"
[ 1406.859835][T17803] usb 3-1: new high-speed USB device number 101 using dummy_hcd
[ 1406.868180][T14910] usb 2-1: new high-speed USB device number 95 using dummy_hcd
[ 1407.073123][T17803] usb 3-1: Using ep0 maxpacket: 32
[ 1407.092518][T14910] usb 2-1: Using ep0 maxpacket: 32
[ 1407.107953][T17803] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1407.184731][T14910] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1407.248504][T17803] usb 3-1: config index 0 descriptor too short (expected 34347, got 43)
[ 1407.292765][T14910] usb 2-1: config index 0 descriptor too short (expected 34347, got 43)
[ 1407.301154][T14910] usb 2-1: config 31 has too many interfaces: 196, using maximum allowed: 32
[ 1407.312218][T17803] usb 3-1: config 31 has too many interfaces: 196, using maximum allowed: 32
[ 1407.454134][T17803] usb 3-1: config 31 has an invalid descriptor of length 0, skipping remainder of the config
[ 1407.468979][T14910] usb 2-1: config 31 has an invalid descriptor of length 0, skipping remainder of the config
[ 1407.479282][T17803] usb 3-1: config 31 has 1 interface, different from the descriptor's value: 196
[ 1407.488771][T14910] usb 2-1: config 31 has 1 interface, different from the descriptor's value: 196
[ 1407.497981][T17803] usb 3-1: config 31 has no interface number 0
[ 1407.505317][T14910] usb 2-1: config 31 has no interface number 0
[ 1407.511560][T14910] usb 2-1: config 31 interface 81 altsetting 3 has an endpoint descriptor with address 0x93, changing to 0x83
[ 1407.536710][T17803] usb 3-1: config 31 interface 81 altsetting 3 has an endpoint descriptor with address 0x93, changing to 0x83
[ 1407.577972][T14910] usb 2-1: config 31 interface 81 altsetting 3 bulk endpoint 0x83 has invalid maxpacket 150
[ 1407.592389][T17803] usb 3-1: config 31 interface 81 altsetting 3 bulk endpoint 0x83 has invalid maxpacket 150
[ 1407.608112][T17803] usb 3-1: config 31 interface 81 has no altsetting 0
[ 1407.615029][T14910] usb 2-1: config 31 interface 81 has no altsetting 0
[ 1407.653713][T17803] usb 3-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=24.ac
[ 1407.673048][T14910] usb 2-1: string descriptor 0 read error: -22
[ 1407.681386][T14910] usb 2-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=24.ac
[ 1407.692677][T17803] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1407.700713][T17803] usb 3-1: Product: syz
[ 1407.708289][T14910] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1407.724624][T17803] usb 3-1: Manufacturer: syz
[ 1407.729274][T17803] usb 3-1: SerialNumber: syz
[ 1407.737732][T18882] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1407.751604][T14910] input: USB Touchscreen 0dfc:0001 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:31.81/input/input63
[ 1407.778028][T18885] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1407.935752][T18910] FAULT_INJECTION: forcing a failure.
[ 1407.935752][T18910] name failslab, interval 1, probability 0, space 0, times 0
[ 1407.962623][ T5915] usb 6-1: new high-speed USB device number 107 using dummy_hcd
[ 1407.973591][T18910] CPU: 0 UID: 0 PID: 18910 Comm: syz.3.3443 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1407.973620][T18910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1407.973634][T18910] Call Trace:
[ 1407.973642][T18910]  <TASK>
[ 1407.973651][T18910]  dump_stack_lvl+0x189/0x250
[ 1407.973681][T18910]  ? __pfx____ratelimit+0x10/0x10
[ 1407.973713][T18910]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1407.973737][T18910]  ? __pfx__printk+0x10/0x10
[ 1407.973762][T18910]  ? __pfx___might_resched+0x10/0x10
[ 1407.973790][T18910]  should_fail_ex+0x414/0x560
[ 1407.973818][T18910]  should_failslab+0xa8/0x100
[ 1407.973842][T18910]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1407.973865][T18910]  ? __alloc_skb+0x112/0x2d0
[ 1407.973889][T18910]  __alloc_skb+0x112/0x2d0
[ 1407.973913][T18910]  netlink_sendmsg+0x5c6/0xb30
[ 1407.973944][T18910]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1407.973973][T18910]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1407.973994][T18910]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1407.974015][T18910]  __sock_sendmsg+0x219/0x270
[ 1407.974045][T18910]  ____sys_sendmsg+0x505/0x830
[ 1407.974072][T18910]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1407.974103][T18910]  ? import_iovec+0x74/0xa0
[ 1407.974125][T18910]  ___sys_sendmsg+0x21f/0x2a0
[ 1407.974149][T18910]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1407.974207][T18910]  ? __fget_files+0x2a/0x420
[ 1407.974229][T18910]  ? __fget_files+0x3a0/0x420
[ 1407.974261][T18910]  __x64_sys_sendmsg+0x19b/0x260
[ 1407.974286][T18910]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1407.974318][T18910]  ? __pfx_ksys_write+0x10/0x10
[ 1407.974335][T18910]  ? rcu_is_watching+0x15/0xb0
[ 1407.974365][T18910]  ? do_syscall_64+0xbe/0x3b0
[ 1407.974386][T18910]  do_syscall_64+0xfa/0x3b0
[ 1407.974401][T18910]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1407.974424][T18910]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1407.974442][T18910]  ? clear_bhb_loop+0x60/0xb0
[ 1407.974463][T18910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1407.974480][T18910] RIP: 0033:0x7f27a018e929
[ 1407.974498][T18910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1407.974514][T18910] RSP: 002b:00007f27a10a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1407.974533][T18910] RAX: ffffffffffffffda RBX: 00007f27a03b5fa0 RCX: 00007f27a018e929
[ 1407.974547][T18910] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[ 1407.974559][T18910] RBP: 00007f27a10a1090 R08: 0000000000000000 R09: 0000000000000000
[ 1407.974571][T18910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1407.974582][T18910] R13: 0000000000000000 R14: 00007f27a03b5fa0 R15: 00007ffd1d282248
[ 1407.974611][T18910]  </TASK>
[ 1408.335714][T17803] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:31.81/input/input64
[ 1408.591195][T17803] usb 3-1: USB disconnect, device number 101
[ 1408.591335][    C1] usbtouchscreen 3-1:31.81: usbtouch_irq - usb_submit_urb failed with result: -19
[ 1409.184227][T14910] usb 2-1: USB disconnect, device number 95
[ 1410.032520][T17803] usb 3-1: new high-speed USB device number 102 using dummy_hcd
[ 1410.803216][T17803] usb 3-1: config 0 has an invalid interface number: 255 but max is 0
[ 1410.803300][T17803] usb 3-1: config 0 has no interface number 0
[ 1410.803342][T17803] usb 3-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[ 1410.803368][T17803] usb 3-1: config 0 interface 255 has no altsetting 0
[ 1410.874681][T17803] usb 3-1: New USB device found, idVendor=1199, idProduct=6852, bcdDevice=57.34
[ 1410.874714][T17803] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1410.874734][T17803] usb 3-1: Product: syz
[ 1410.874749][T17803] usb 3-1: Manufacturer: syz
[ 1410.874764][T17803] usb 3-1: SerialNumber: syz
[ 1410.877563][T17803] usb 3-1: config 0 descriptor??
[ 1410.886522][T17803] sierra 3-1:0.255: Sierra USB modem converter detected
[ 1410.948377][T17802] usb 4-1: new high-speed USB device number 114 using dummy_hcd
[ 1411.171527][T18915] 9pnet_fd: Insufficient options for proto=fd
[ 1411.212629][T17802] usb 4-1: Using ep0 maxpacket: 16
[ 1411.214701][T17802] usb 4-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1411.214729][T17802] usb 4-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[ 1411.214775][T17802] usb 4-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1411.214800][T17802] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1411.217519][T17802] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1411.217548][T17802] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1411.217567][T17802] usb 4-1: Product: syz
[ 1411.217582][T17802] usb 4-1: Manufacturer: syz
[ 1411.217618][T17802] usb 4-1: SerialNumber: syz
[ 1411.242369][T17804] usb 1-1: new high-speed USB device number 112 using dummy_hcd
[ 1411.407435][T17804] usb 1-1: Using ep0 maxpacket: 8
[ 1411.414196][T17804] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[ 1411.414231][T17804] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1411.416948][T17804] usb 1-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 1411.416976][T17804] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1411.416996][T17804] usb 1-1: Product: syz
[ 1411.417033][T17804] usb 1-1: Manufacturer: syz
[ 1411.417049][T17804] usb 1-1: SerialNumber: syz
[ 1411.420795][T17804] usb 1-1: config 0 descriptor??
[ 1411.428886][T17804] streamzap 1-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0200
[ 1411.559132][T18924] netlink: 52 bytes leftover after parsing attributes in process `syz.5.3449'.
[ 1411.598838][T17802] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 114 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[ 1411.798079][T18920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1411.798470][T18920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1412.280706][T17803] usb 3-1: Sierra USB modem converter now attached to ttyUSB0
[ 1412.322780][T17803] usb 3-1: USB disconnect, device number 102
[ 1412.351975][T17803] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[ 1412.352702][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1412.352716][   T30] audit: type=1326 audit(2000000159.190:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18934 comm="syz.5.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d31d8e929 code=0x7ffc0000
[ 1412.390409][T17803] sierra 3-1:0.255: device disconnected
[ 1412.424002][T18938] syz.5.3451: attempt to access beyond end of device
[ 1412.424002][T18938] loop11: rw=0, sector=2, nr_sectors = 1 limit=0
[ 1412.428882][   T30] audit: type=1326 audit(2000000159.250:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18934 comm="syz.5.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f8d31d8e929 code=0x7ffc0000
[ 1412.459588][   T30] audit: type=1326 audit(2000000159.250:1287): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18934 comm="syz.5.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d31d8e929 code=0x7ffc0000
[ 1412.481604][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1412.495027][   T30] audit: type=1326 audit(2000000159.260:1288): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18934 comm="syz.5.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f8d31d8e929 code=0x7ffc0000
[ 1412.517938][   T30] audit: type=1326 audit(2000000159.260:1289): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18934 comm="syz.5.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d31d8e929 code=0x7ffc0000
[ 1412.537915][T18938] hfs: can't find a HFS filesystem on dev loop11
[ 1412.543211][   T30] audit: type=1326 audit(2000000159.260:1290): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18934 comm="syz.5.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f8d31d8e929 code=0x7ffc0000
[ 1412.569105][   T30] audit: type=1326 audit(2000000159.260:1291): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18934 comm="syz.5.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d31d8e929 code=0x7ffc0000
[ 1412.611718][T17803] usb 4-1: USB disconnect, device number 114
[ 1412.624360][T17803] usblp0: removed
[ 1412.668333][   T30] audit: type=1326 audit(2000000159.260:1292): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18934 comm="syz.5.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d31d8e929 code=0x7ffc0000
[ 1412.758835][   T30] audit: type=1326 audit(2000000159.260:1293): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18934 comm="syz.5.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d31d8e929 code=0x7ffc0000
[ 1412.780838][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1412.815712][   T30] audit: type=1326 audit(2000000159.260:1294): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18934 comm="syz.5.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d31d8e929 code=0x7ffc0000
[ 1413.264298][T17803] usb 1-1: USB disconnect, device number 112
[ 1413.526105][T18949] ubi: mtd0 is already attached to ubi31
[ 1414.566457][ T5825] Bluetooth: hci3: command 0x0406 tx timeout
[ 1416.686751][T18968] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3462'.
[ 1418.228387][T18981] FAULT_INJECTION: forcing a failure.
[ 1418.228387][T18981] name failslab, interval 1, probability 0, space 0, times 0
[ 1418.241507][T18981] CPU: 0 UID: 0 PID: 18981 Comm: syz.5.3465 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1418.241532][T18981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1418.241544][T18981] Call Trace:
[ 1418.241552][T18981]  <TASK>
[ 1418.241560][T18981]  dump_stack_lvl+0x189/0x250
[ 1418.241589][T18981]  ? __pfx____ratelimit+0x10/0x10
[ 1418.241615][T18981]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1418.241639][T18981]  ? __pfx__printk+0x10/0x10
[ 1418.241664][T18981]  ? __pfx___might_resched+0x10/0x10
[ 1418.241692][T18981]  should_fail_ex+0x414/0x560
[ 1418.241720][T18981]  should_failslab+0xa8/0x100
[ 1418.241744][T18981]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1418.241765][T18981]  ? getname_flags+0xb8/0x540
[ 1418.241792][T18981]  getname_flags+0xb8/0x540
[ 1418.241820][T18981]  user_path_at+0x24/0x60
[ 1418.241838][T18981]  __se_sys_mount+0x2d3/0x410
[ 1418.241867][T18981]  ? __pfx___se_sys_mount+0x10/0x10
[ 1418.241888][T18981]  ? rcu_is_watching+0x15/0xb0
[ 1418.241917][T18981]  ? do_syscall_64+0xbe/0x3b0
[ 1418.241932][T18981]  ? __x64_sys_mount+0x20/0xc0
[ 1418.241957][T18981]  do_syscall_64+0xfa/0x3b0
[ 1418.241972][T18981]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1418.241995][T18981]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1418.242013][T18981]  ? clear_bhb_loop+0x60/0xb0
[ 1418.242035][T18981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1418.242059][T18981] RIP: 0033:0x7f8d31d8e929
[ 1418.242075][T18981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1418.242090][T18981] RSP: 002b:00007f8d32b17038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1418.242107][T18981] RAX: ffffffffffffffda RBX: 00007f8d31fb5fa0 RCX: 00007f8d31d8e929
[ 1418.242120][T18981] RDX: 0000200000002100 RSI: 0000200000000100 RDI: 0000000000000000
[ 1418.242133][T18981] RBP: 00007f8d32b17090 R08: 0000200000002140 R09: 0000000000000000
[ 1418.242146][T18981] R10: 000000000280449c R11: 0000000000000246 R12: 0000000000000001
[ 1418.242158][T18981] R13: 0000000000000000 R14: 00007f8d31fb5fa0 R15: 00007fff7c839db8
[ 1418.242185][T18981]  </TASK>
[ 1418.668597][T18985] netlink: 'syz.3.3464': attribute type 10 has an invalid length.
[ 1418.682587][T18985] netlink: 55 bytes leftover after parsing attributes in process `syz.3.3464'.
[ 1418.822644][T18971] delete_channel: no stack
[ 1419.270464][T18978] delete_channel: no stack
[ 1419.721257][T18994] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3467'.
[ 1419.769049][   T30] kauditd_printk_skb: 10 callbacks suppressed
[ 1419.769101][   T30] audit: type=1326 audit(2000000166.610:1305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18992 comm="syz.2.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0deaf8e929 code=0x7ffc0000
[ 1419.857938][T18993] syz.2.3469: attempt to access beyond end of device
[ 1419.857938][T18993] loop5: rw=0, sector=2, nr_sectors = 1 limit=0
[ 1419.870990][T18993] hfs: can't find a HFS filesystem on dev loop5
[ 1420.412454][   T30] audit: type=1326 audit(2000000166.610:1306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18992 comm="syz.2.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0deaf8e929 code=0x7ffc0000
[ 1420.434622][   T30] audit: type=1326 audit(2000000166.670:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18992 comm="syz.2.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f0deaf8e929 code=0x7ffc0000
[ 1420.456735][   T30] audit: type=1326 audit(2000000166.670:1308): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18992 comm="syz.2.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0deaf8e929 code=0x7ffc0000
[ 1420.482606][   T30] audit: type=1326 audit(2000000166.670:1309): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18992 comm="syz.2.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0deaf8e929 code=0x7ffc0000
[ 1420.505175][   T30] audit: type=1326 audit(2000000166.670:1310): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18992 comm="syz.2.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f0deaf8e929 code=0x7ffc0000
[ 1420.532419][   T30] audit: type=1326 audit(2000000166.670:1311): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18992 comm="syz.2.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0deaf8e929 code=0x7ffc0000
[ 1420.557044][   T30] audit: type=1326 audit(2000000166.670:1312): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18992 comm="syz.2.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0deaf8e929 code=0x7ffc0000
[ 1420.601252][   T30] audit: type=1326 audit(2000000166.670:1313): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18992 comm="syz.2.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f0deaf8e929 code=0x7ffc0000
[ 1420.658217][T19003] netlink: 'syz.1.3470': attribute type 10 has an invalid length.
[ 1420.669656][   T30] audit: type=1326 audit(2000000166.670:1314): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=18992 comm="syz.2.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0deaf8e929 code=0x7ffc0000
[ 1421.637225][T19015] Cannot find del_set index 3 as target
[ 1422.352510][T19024] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1422.364639][T19024] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1422.783111][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[ 1422.789490][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1422.891023][T19029] FAULT_INJECTION: forcing a failure.
[ 1422.891023][T19029] name failslab, interval 1, probability 0, space 0, times 0
[ 1422.922372][T19029] CPU: 1 UID: 0 PID: 19029 Comm: syz.1.3480 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1422.922402][T19029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1422.922414][T19029] Call Trace:
[ 1422.922422][T19029]  <TASK>
[ 1422.922431][T19029]  dump_stack_lvl+0x189/0x250
[ 1422.922460][T19029]  ? __pfx____ratelimit+0x10/0x10
[ 1422.922485][T19029]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1422.922510][T19029]  ? __pfx__printk+0x10/0x10
[ 1422.922536][T19029]  ? ref_tracker_alloc+0x318/0x460
[ 1422.922563][T19029]  should_fail_ex+0x414/0x560
[ 1422.922590][T19029]  should_failslab+0xa8/0x100
[ 1422.922615][T19029]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1422.922635][T19029]  ? skb_clone+0x212/0x3a0
[ 1422.922664][T19029]  skb_clone+0x212/0x3a0
[ 1422.922691][T19029]  __netlink_deliver_tap+0x404/0x850
[ 1422.922724][T19029]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1422.922753][T19029]  netlink_deliver_tap+0x19c/0x1b0
[ 1422.922773][T19029]  netlink_unicast+0x72f/0x8d0
[ 1422.922803][T19029]  netlink_sendmsg+0x805/0xb30
[ 1422.922834][T19029]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1422.922864][T19029]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1422.922884][T19029]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1422.922906][T19029]  __sock_sendmsg+0x219/0x270
[ 1422.922945][T19029]  ____sys_sendmsg+0x505/0x830
[ 1422.922973][T19029]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1422.923005][T19029]  ? import_iovec+0x74/0xa0
[ 1422.923031][T19029]  ___sys_sendmsg+0x21f/0x2a0
[ 1422.923055][T19029]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1422.923116][T19029]  ? __fget_files+0x2a/0x420
[ 1422.923138][T19029]  ? __fget_files+0x3a0/0x420
[ 1422.923171][T19029]  __x64_sys_sendmsg+0x19b/0x260
[ 1422.923195][T19029]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1422.923227][T19029]  ? __pfx_ksys_write+0x10/0x10
[ 1422.923245][T19029]  ? rcu_is_watching+0x15/0xb0
[ 1422.923274][T19029]  ? do_syscall_64+0xbe/0x3b0
[ 1422.923295][T19029]  do_syscall_64+0xfa/0x3b0
[ 1422.923310][T19029]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1422.923334][T19029]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1422.923352][T19029]  ? clear_bhb_loop+0x60/0xb0
[ 1422.923374][T19029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1422.923391][T19029] RIP: 0033:0x7f29ea18e929
[ 1422.923408][T19029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1422.923424][T19029] RSP: 002b:00007f29eb03a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1422.923444][T19029] RAX: ffffffffffffffda RBX: 00007f29ea3b5fa0 RCX: 00007f29ea18e929
[ 1422.923458][T19029] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003
[ 1422.923469][T19029] RBP: 00007f29eb03a090 R08: 0000000000000000 R09: 0000000000000000
[ 1422.923480][T19029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1422.923491][T19029] R13: 0000000000000000 R14: 00007f29ea3b5fa0 R15: 00007ffc3a6f11f8
[ 1422.923522][T19029]  </TASK>
[ 1423.342031][T19029] tipc: Started in network mode
[ 1423.349563][T19029] tipc: Node identity 68a, cluster identity 4711
[ 1423.361685][T19029] tipc: Node number set to 1674
[ 1425.379114][T19073] netlink: 'syz.0.3492': attribute type 2 has an invalid length.
[ 1425.534895][T19075] FAULT_INJECTION: forcing a failure.
[ 1425.534895][T19075] name failslab, interval 1, probability 0, space 0, times 0
[ 1425.565663][T19075] CPU: 1 UID: 0 PID: 19075 Comm: syz.1.3493 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1425.565693][T19075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1425.565705][T19075] Call Trace:
[ 1425.565714][T19075]  <TASK>
[ 1425.565723][T19075]  dump_stack_lvl+0x189/0x250
[ 1425.565753][T19075]  ? __pfx____ratelimit+0x10/0x10
[ 1425.565778][T19075]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1425.565800][T19075]  ? __pfx__printk+0x10/0x10
[ 1425.565824][T19075]  ? __pfx___might_resched+0x10/0x10
[ 1425.565847][T19075]  ? fs_reclaim_acquire+0x7d/0x100
[ 1425.565876][T19075]  should_fail_ex+0x414/0x560
[ 1425.565905][T19075]  should_failslab+0xa8/0x100
[ 1425.565930][T19075]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1425.565951][T19075]  ? snd_pcm_oss_change_params_locked+0xb09/0x3e40
[ 1425.565982][T19075]  snd_pcm_oss_change_params_locked+0xb09/0x3e40
[ 1425.566014][T19075]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1425.566048][T19075]  ? trace_contention_end+0x39/0x120
[ 1425.566066][T19075]  ? __mutex_lock+0x330/0xe80
[ 1425.566091][T19075]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 1425.566116][T19075]  ? snd_pcm_oss_write+0x28f/0x11a0
[ 1425.566151][T19075]  ? __lock_acquire+0xab9/0xd20
[ 1425.566180][T19075]  snd_pcm_oss_write+0x2fb/0x11a0
[ 1425.566202][T19075]  ? get_pid_task+0x20/0x1f0
[ 1425.566236][T19075]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[ 1425.566261][T19075]  ? bpf_lsm_file_permission+0x9/0x20
[ 1425.566282][T19075]  ? security_file_permission+0x75/0x290
[ 1425.566304][T19075]  ? rw_verify_area+0x258/0x650
[ 1425.566321][T19075]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[ 1425.566345][T19075]  vfs_write+0x27e/0xa90
[ 1425.566371][T19075]  ? __pfx_vfs_write+0x10/0x10
[ 1425.566391][T19075]  ? __fget_files+0x2a/0x420
[ 1425.566415][T19075]  ? __fget_files+0x2a/0x420
[ 1425.566435][T19075]  ? __fget_files+0x3a0/0x420
[ 1425.566455][T19075]  ? __fget_files+0x2a/0x420
[ 1425.566485][T19075]  ksys_write+0x145/0x250
[ 1425.566507][T19075]  ? __pfx_ksys_write+0x10/0x10
[ 1425.566524][T19075]  ? rcu_is_watching+0x15/0xb0
[ 1425.566553][T19075]  ? do_syscall_64+0xbe/0x3b0
[ 1425.566584][T19075]  do_syscall_64+0xfa/0x3b0
[ 1425.566599][T19075]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1425.566623][T19075]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1425.566641][T19075]  ? clear_bhb_loop+0x60/0xb0
[ 1425.566663][T19075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1425.566680][T19075] RIP: 0033:0x7f29ea18e929
[ 1425.566697][T19075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1425.566712][T19075] RSP: 002b:00007f29eb03a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1425.566731][T19075] RAX: ffffffffffffffda RBX: 00007f29ea3b5fa0 RCX: 00007f29ea18e929
[ 1425.566745][T19075] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[ 1425.566757][T19075] RBP: 00007f29eb03a090 R08: 0000000000000000 R09: 0000000000000000
[ 1425.566768][T19075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1425.566780][T19075] R13: 0000000000000000 R14: 00007f29ea3b5fa0 R15: 00007ffc3a6f11f8
[ 1425.566810][T19075]  </TASK>
[ 1425.875020][T17802] usb 1-1: new high-speed USB device number 113 using dummy_hcd
[ 1426.106886][T17802] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1426.122274][T17802] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1426.131264][T17802] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1426.144264][T17802] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1426.180746][T17802] usb 1-1: config 0 descriptor??
[ 1426.483924][T19084] hfs: can't find a HFS filesystem on dev loop7
[ 1426.502495][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1426.502520][   T30] audit: type=1326 audit(2000000173.290:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19079 comm="syz.3.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1426.915239][   T30] audit: type=1326 audit(2000000173.290:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19079 comm="syz.3.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1426.995974][   T30] audit: type=1326 audit(2000000173.290:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19079 comm="syz.3.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1427.143153][   T30] audit: type=1326 audit(2000000173.290:1334): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=19079 comm="syz.3.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1427.178026][   T30] audit: type=1326 audit(2000000173.290:1335): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=19079 comm="syz.3.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1427.211145][T19094] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1427.221181][T19094] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1427.236475][T19096] netlink: 256 bytes leftover after parsing attributes in process `syz.1.3499'.
[ 1427.249395][   T30] audit: type=1326 audit(2000000173.290:1336): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=19079 comm="syz.3.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1427.286104][   T30] audit: type=1326 audit(2000000173.290:1337): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=19079 comm="syz.3.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1427.323831][   T30] audit: type=1326 audit(2000000173.290:1338): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=19079 comm="syz.3.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1427.364471][   T30] audit: type=1326 audit(2000000173.300:1339): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=19079 comm="syz.3.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1427.472708][   T30] audit: type=1326 audit(2000000173.300:1340): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=19079 comm="syz.3.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a018e929 code=0x7ffc0000
[ 1428.394727][T19108] FAULT_INJECTION: forcing a failure.
[ 1428.394727][T19108] name failslab, interval 1, probability 0, space 0, times 0
[ 1428.425763][T19108] CPU: 0 UID: 0 PID: 19108 Comm: syz.2.3502 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1428.425789][T19108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1428.425800][T19108] Call Trace:
[ 1428.425808][T19108]  <TASK>
[ 1428.425816][T19108]  dump_stack_lvl+0x189/0x250
[ 1428.425845][T19108]  ? __pfx____ratelimit+0x10/0x10
[ 1428.425871][T19108]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1428.425894][T19108]  ? __pfx__printk+0x10/0x10
[ 1428.425919][T19108]  ? ref_tracker_alloc+0x318/0x460
[ 1428.425945][T19108]  should_fail_ex+0x414/0x560
[ 1428.425971][T19108]  should_failslab+0xa8/0x100
[ 1428.425995][T19108]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1428.426015][T19108]  ? skb_clone+0x212/0x3a0
[ 1428.426043][T19108]  skb_clone+0x212/0x3a0
[ 1428.426069][T19108]  __netlink_deliver_tap+0x404/0x850
[ 1428.426111][T19108]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1428.426133][T19108]  netlink_deliver_tap+0x19c/0x1b0
[ 1428.426154][T19108]  netlink_unicast+0x72f/0x8d0
[ 1428.426184][T19108]  netlink_sendmsg+0x805/0xb30
[ 1428.426214][T19108]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1428.426243][T19108]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1428.426264][T19108]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1428.426284][T19108]  __sock_sendmsg+0x219/0x270
[ 1428.426313][T19108]  ____sys_sendmsg+0x505/0x830
[ 1428.426339][T19108]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1428.426367][T19108]  ? import_iovec+0x74/0xa0
[ 1428.426388][T19108]  ___sys_sendmsg+0x21f/0x2a0
[ 1428.426412][T19108]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1428.426467][T19108]  ? __fget_files+0x2a/0x420
[ 1428.426488][T19108]  ? __fget_files+0x3a0/0x420
[ 1428.426518][T19108]  __x64_sys_sendmsg+0x19b/0x260
[ 1428.426542][T19108]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1428.426573][T19108]  ? __pfx_ksys_write+0x10/0x10
[ 1428.426591][T19108]  ? rcu_is_watching+0x15/0xb0
[ 1428.426621][T19108]  ? do_syscall_64+0xbe/0x3b0
[ 1428.426641][T19108]  do_syscall_64+0xfa/0x3b0
[ 1428.426656][T19108]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1428.426679][T19108]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1428.426697][T19108]  ? clear_bhb_loop+0x60/0xb0
[ 1428.426718][T19108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1428.426735][T19108] RIP: 0033:0x7f0deaf8e929
[ 1428.426751][T19108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1428.426766][T19108] RSP: 002b:00007f0debd72038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1428.426786][T19108] RAX: ffffffffffffffda RBX: 00007f0deb1b5fa0 RCX: 00007f0deaf8e929
[ 1428.426800][T19108] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000003
[ 1428.426811][T19108] RBP: 00007f0debd72090 R08: 0000000000000000 R09: 0000000000000000
[ 1428.426822][T19108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1428.426833][T19108] R13: 0000000000000000 R14: 00007f0deb1b5fa0 R15: 00007ffffbe3e6b8
[ 1428.426861][T19108]  </TASK>
[ 1429.350948][T17802] usb 4-1: new full-speed USB device number 115 using dummy_hcd
[ 1430.113727][T17805] usb 1-1: USB disconnect, device number 113
[ 1430.156074][T17802] usb 4-1: New USB device found, idVendor=2040, idProduct=9301, bcdDevice=e4.fb
[ 1430.177041][T17802] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1430.346425][T17802] usb 4-1: config 0 descriptor??
[ 1430.472675][T19134] syz.5.3509: attempt to access beyond end of device
[ 1430.472675][T19134] loop11: rw=0, sector=2, nr_sectors = 1 limit=0
[ 1430.486279][T19134] hfs: can't find a HFS filesystem on dev loop11
[ 1430.947688][T17802] dvb-usb: found a 'Hauppauge WinTV-NOVA-T usb2' in warm state.
[ 1430.955656][T17802] dvb-usb: bulk message failed: -22 (3/0)
[ 1430.964325][T17802] dvb-usb: will use the device's hardware PID filter (table count: 32).
[ 1430.973676][T17802] dvbdev: DVB: registering new adapter (Hauppauge WinTV-NOVA-T usb2)
[ 1430.975231][T19113] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1430.981899][T17802] usb 4-1: media controller created
[ 1431.007122][T19113] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1431.032539][T17802] dvb-usb: bulk message failed: -22 (5/0)
[ 1431.044047][T17802] dvb-usb: MAC address reading failed.
[ 1431.242138][T17802] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1431.255918][T17802] dvb-usb: bulk message failed: -22 (6/0)
[ 1431.261928][T17802] dvb-usb: bulk message failed: -22 (6/0)
[ 1431.312863][T17802] dvb-usb: no frontend was attached by 'Hauppauge WinTV-NOVA-T usb2'
[ 1431.354977][T17802] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input65
[ 1431.423179][T17802] dvb-usb: schedule remote query interval to 100 msecs.
[ 1431.800725][T17802] dvb-usb: Hauppauge WinTV-NOVA-T usb2 successfully initialized and connected.
[ 1432.019784][T17805] dvb-usb: bulk message failed: -22 (2/0)
[ 1432.775674][T17805] dvb-usb: error while querying for an remote control event.
[ 1432.972702][T17805] dvb-usb: bulk message failed: -22 (2/0)
[ 1432.988799][T17805] dvb-usb: error while querying for an remote control event.
[ 1433.152392][T17803] dvb-usb: bulk message failed: -22 (2/0)
[ 1433.158680][T17803] dvb-usb: error while querying for an remote control event.
[ 1433.439583][T17805] dvb-usb: bulk message failed: -22 (2/0)
[ 1433.446027][T17805] dvb-usb: error while querying for an remote control event.
[ 1434.201035][T17802] dvb-usb: bulk message failed: -22 (2/0)
[ 1434.209218][T17802] dvb-usb: error while querying for an remote control event.
[ 1434.343922][T17804] dvb-usb: bulk message failed: -22 (2/0)
[ 1435.270692][T19150] delete_channel: no stack
[ 1435.332392][T17804] dvb-usb: error while querying for an remote control event.
[ 1435.472311][T17804] dvb-usb: bulk message failed: -22 (2/0)
[ 1435.492386][T17804] dvb-usb: error while querying for an remote control event.
[ 1435.773185][T17804] dvb-usb: bulk message failed: -22 (2/0)
[ 1436.321083][T17804] dvb-usb: error while querying for an remote control event.
[ 1436.676520][T17804] dvb-usb: bulk message failed: -22 (2/0)
[ 1436.676558][T17804] dvb-usb: error while querying for an remote control event.
[ 1436.801201][T17804] dvb-usb: bulk message failed: -22 (2/0)
[ 1436.812599][T17804] dvb-usb: error while querying for an remote control event.
[ 1436.898623][T17804] usb 4-1: USB disconnect, device number 115
[ 1436.916672][T17804] dvb-usb: Hauppauge WinTV-NOVA-T usb2 successfully deinitialized and disconnected.
[ 1437.112384][T16442] usb 1-1: new high-speed USB device number 114 using dummy_hcd
[ 1437.171567][T19188] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3524'.
[ 1437.392552][T16442] usb 1-1: Using ep0 maxpacket: 8
[ 1437.433181][T16442] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[ 1437.446088][T16442] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1438.197936][T16442] usb 1-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 1438.207132][T16442] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1438.215705][T16442] usb 1-1: Product: syz
[ 1438.231559][T16442] usb 1-1: Manufacturer: syz
[ 1438.243164][T16442] usb 1-1: SerialNumber: syz
[ 1438.255100][T16442] usb 1-1: config 0 descriptor??
[ 1438.274397][T16442] streamzap 1-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0200
[ 1438.692372][T19205] ubi: mtd0 is already attached to ubi31
[ 1439.430770][T19213] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1439.920831][T19201] ubi: mtd0 is already attached to ubi31
[ 1440.308263][T17410] usb 1-1: USB disconnect, device number 114
[ 1440.952478][T17410] usb 1-1: new high-speed USB device number 115 using dummy_hcd
[ 1441.924738][T17410] usb 1-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[ 1441.967171][T19222] FAULT_INJECTION: forcing a failure.
[ 1441.967171][T19222] name failslab, interval 1, probability 0, space 0, times 0
[ 1442.031423][T17410] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0xE has invalid maxpacket 29979, setting to 1024
[ 1442.111303][T19222] CPU: 1 UID: 0 PID: 19222 Comm: syz.5.3532 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1442.111333][T19222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1442.111344][T19222] Call Trace:
[ 1442.111352][T19222]  <TASK>
[ 1442.111361][T19222]  dump_stack_lvl+0x189/0x250
[ 1442.111392][T19222]  ? __pfx____ratelimit+0x10/0x10
[ 1442.111418][T19222]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1442.111442][T19222]  ? __pfx__printk+0x10/0x10
[ 1442.111467][T19222]  ? __pfx___might_resched+0x10/0x10
[ 1442.111496][T19222]  should_fail_ex+0x414/0x560
[ 1442.111524][T19222]  should_failslab+0xa8/0x100
[ 1442.111548][T19222]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1442.111570][T19222]  ? __alloc_skb+0x112/0x2d0
[ 1442.111585][T19222]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1442.111612][T19222]  __alloc_skb+0x112/0x2d0
[ 1442.111632][T19222]  netlink_dump+0x22b/0xe20
[ 1442.111654][T19222]  ? __netlink_lookup+0xbd/0x810
[ 1442.111679][T19222]  ? __pfx_netlink_dump+0x10/0x10
[ 1442.111710][T19222]  ? netlink_lookup+0x30/0x200
[ 1442.111725][T19222]  ? netlink_lookup+0x30/0x200
[ 1442.111737][T19222]  ? netlink_lookup+0x30/0x200
[ 1442.111756][T19222]  __netlink_dump_start+0x5cb/0x7e0
[ 1442.111779][T19222]  vsock_diag_handler_dump+0x181/0x220
[ 1442.111798][T19222]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1442.111822][T19222]  ? __pfx_vsock_diag_handler_dump+0x10/0x10
[ 1442.111840][T19222]  ? __pfx_vsock_diag_dump+0x10/0x10
[ 1442.111859][T19222]  ? __pfx_vsock_diag_handler_dump+0x10/0x10
[ 1442.111886][T19222]  sock_diag_rcv_msg+0x4c9/0x600
[ 1442.111910][T19222]  netlink_rcv_skb+0x208/0x470
[ 1442.111932][T19222]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[ 1442.111952][T19222]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1442.111985][T19222]  ? __pfx_sock_diag_rcv+0x10/0x10
[ 1442.112000][T19222]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1442.112029][T19222]  netlink_unicast+0x75b/0x8d0
[ 1442.112061][T19222]  netlink_sendmsg+0x805/0xb30
[ 1442.112092][T19222]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1442.112114][T19222]  ? rcu_is_watching+0x15/0xb0
[ 1442.112142][T19222]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1442.112163][T19222]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1442.112184][T19222]  __sock_sendmsg+0x219/0x270
[ 1442.112213][T19222]  ____sys_sendmsg+0x505/0x830
[ 1442.112236][T19222]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1442.112277][T19222]  ? import_iovec+0x74/0xa0
[ 1442.112300][T19222]  ___sys_sendmsg+0x21f/0x2a0
[ 1442.112324][T19222]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1442.112343][T19222]  ? preempt_schedule_common+0x83/0xd0
[ 1442.112405][T19222]  ? __fget_files+0x2a/0x420
[ 1442.112427][T19222]  ? __fget_files+0x3a0/0x420
[ 1442.112461][T19222]  __x64_sys_sendmsg+0x19b/0x260
[ 1442.112486][T19222]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1442.112517][T19222]  ? __pfx_ksys_write+0x10/0x10
[ 1442.112535][T19222]  ? rcu_is_watching+0x15/0xb0
[ 1442.112564][T19222]  ? do_syscall_64+0xbe/0x3b0
[ 1442.112584][T19222]  do_syscall_64+0xfa/0x3b0
[ 1442.112602][T19222]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1442.112619][T19222]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1442.112636][T19222]  ? clear_bhb_loop+0x60/0xb0
[ 1442.112658][T19222]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1442.112675][T19222] RIP: 0033:0x7f8d31d8e929
[ 1442.112693][T19222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1442.112708][T19222] RSP: 002b:00007f8d32b17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1442.112728][T19222] RAX: ffffffffffffffda RBX: 00007f8d31fb5fa0 RCX: 00007f8d31d8e929
[ 1442.112741][T19222] RDX: 00000000000048c0 RSI: 00002000000000c0 RDI: 0000000000000006
[ 1442.112753][T19222] RBP: 00007f8d32b17090 R08: 0000000000000000 R09: 0000000000000000
[ 1442.112765][T19222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1442.112776][T19222] R13: 0000000000000000 R14: 00007f8d31fb5fa0 R15: 00007fff7c839db8
[ 1442.112805][T19222]  </TASK>
[ 1442.803541][T17410] usb 1-1: config 4 interface 0 altsetting 0 bulk endpoint 0xE has invalid maxpacket 1024
[ 1442.814164][T17410] usb 1-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[ 1442.827827][T17410] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1442.837015][T17410] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1442.856391][T19229] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1443.132881][   T30] kauditd_printk_skb: 42 callbacks suppressed
[ 1443.132900][   T30] audit: type=1400 audit(2000000189.970:1383): lsm=SMACK fn=smack_file_ioctl action=denied subject="w" object="_" requested=w pid=19228 comm="syz.0.3535" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=77687
[ 1443.198924][T17410] ath6kl: Failed to submit usb control message: -71
[ 1443.212593][T17410] ath6kl: unable to send the bmi data to the device: -71
[ 1443.222541][T17410] ath6kl: Unable to send get target info: -71
[ 1443.232349][T17410] ath6kl: Failed to init ath6kl core: -71
[ 1443.238836][T17410] ath6kl_usb 1-1:4.0: probe with driver ath6kl_usb failed with error -71
[ 1443.313934][T19251] ubi: mtd0 is already attached to ubi31
[ 1443.985477][ T5914] usb 4-1: new low-speed USB device number 116 using dummy_hcd
[ 1444.031309][T17410] usb 1-1: USB disconnect, device number 115
[ 1444.349892][ T5914] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[ 1444.359754][ T5914] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1444.393267][ T5914] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1444.488992][ T5914] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1444.500567][ T5914] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1444.692745][ T5914] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[ 1444.722294][ T5914] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1444.774141][ T5914] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1444.791967][ T5914] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1444.804552][ T5914] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1445.016004][ T5914] usb 4-1: unable to read config index 2 descriptor/start: -71
[ 1445.612468][ T5914] usb 4-1: can't read configurations, error -71
[ 1447.104209][T19280] netlink: 'syz.1.3551': attribute type 1 has an invalid length.
[ 1447.388312][T19288] syz.0.3550: attempt to access beyond end of device
[ 1447.388312][T19288] loop1: rw=0, sector=2, nr_sectors = 1 limit=0
[ 1447.401627][T19288] hfs: can't find a HFS filesystem on dev loop1
[ 1449.300918][T19280] bond1: entered promiscuous mode
[ 1451.593813][T19280] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1451.770491][T19294] ubi: mtd0 is already attached to ubi31
[ 1452.773521][T19302] ubi: mtd0 is already attached to ubi31
[ 1452.883291][ T5914] usb 3-1: new high-speed USB device number 103 using dummy_hcd
[ 1453.326282][ T5914] usb 3-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[ 1453.503544][ T5914] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0xE has invalid maxpacket 29979, setting to 1024
[ 1453.594003][ T5914] usb 3-1: config 4 interface 0 altsetting 0 bulk endpoint 0xE has invalid maxpacket 1024
[ 1453.659083][ T5914] usb 3-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[ 1453.747993][ T5914] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1453.808661][ T5914] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1453.843660][T19299] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1454.080451][   T30] audit: type=1400 audit(2000000200.920:1384): lsm=SMACK fn=smack_file_ioctl action=denied subject="w" object="_" requested=w pid=19297 comm="syz.2.3554" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=77845
[ 1454.132464][ T5914] ath6kl: Failed to submit usb control message: -71
[ 1454.152433][ T5914] ath6kl: unable to send the bmi data to the device: -71
[ 1454.161916][ T5914] ath6kl: Unable to send get target info: -71
[ 1454.206127][ T5914] ath6kl: Failed to init ath6kl core: -71
[ 1454.228219][ T5914] ath6kl_usb 3-1:4.0: probe with driver ath6kl_usb failed with error -71
[ 1454.273197][ T5914] usb 3-1: USB disconnect, device number 103
[ 1454.488724][T19321] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3562'.
[ 1454.852763][ T5914] usb 1-1: new high-speed USB device number 116 using dummy_hcd
[ 1455.279649][ T5914] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1455.297615][ T5914] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1455.329046][ T5914] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1455.410434][T19335] Cannot find del_set index 3 as target
[ 1455.615439][T17804] usb 6-1: new high-speed USB device number 108 using dummy_hcd
[ 1455.799285][T17804] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1455.850726][T17804] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1455.917658][T17804] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1455.994404][T17804] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1456.069071][T17804] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1456.177872][T17804] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1456.249672][T17804] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1456.284493][T17804] usb 6-1: Product: syz
[ 1456.308981][T17804] usb 6-1: Manufacturer: syz
[ 1456.424035][ T5914] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1456.424807][T17804] cdc_wdm 6-1:1.0: skipping garbage
[ 1456.437926][T19322] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1456.457112][ T5914] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1456.481254][T17804] cdc_wdm 6-1:1.0: skipping garbage
[ 1456.520600][T17804] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[ 1456.537124][T17804] cdc_wdm 6-1:1.0: Unknown control protocol
[ 1456.786562][T17804] usb 1-1: USB disconnect, device number 116
[ 1456.978720][T19343] ubi: mtd0 is already attached to ubi31
[ 1457.987934][T19346] gtp0: entered promiscuous mode
[ 1458.293280][T19346] gtp0: entered allmulticast mode
[ 1458.748264][T17805] usb 6-1: USB disconnect, device number 108
[ 1459.177601][T19364] netlink: 'syz.2.3576': attribute type 2 has an invalid length.
[ 1459.368533][T19367] ubi: mtd0 is already attached to ubi31
[ 1459.938513][T19380] ubi: mtd0 is already attached to ubi31
[ 1460.299213][T17804] usb 2-1: new high-speed USB device number 96 using dummy_hcd
[ 1461.026583][T19376] ubi: mtd0 is already attached to ubi31
[ 1461.060009][T17804] usb 2-1: Using ep0 maxpacket: 32
[ 1461.654858][T17804] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1461.687210][T17804] usb 2-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[ 1461.726042][T17804] usb 2-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[ 1461.742538][T17804] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1461.754530][T17804] usb 2-1: Product: syz
[ 1461.760808][T17804] usb 2-1: Manufacturer: syz
[ 1461.804981][T17804] usb 2-1: SerialNumber: syz
[ 1462.813087][T17804] usb 2-1: Not enough endpoints found in device, aborting!
[ 1463.566590][T17802] usb 3-1: new high-speed USB device number 104 using dummy_hcd
[ 1463.786542][T17802] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1463.833267][T17802] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1463.875648][T17802] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1463.906247][T17802] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1463.953502][T17802] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1464.010891][T19411] netlink: 'syz.5.3589': attribute type 2 has an invalid length.
[ 1464.011123][T17802] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1464.188076][T17802] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1464.624562][T17802] usb 3-1: Product: syz
[ 1464.629102][T17802] usb 3-1: Manufacturer: syz
[ 1464.678115][T17802] cdc_wdm 3-1:1.0: skipping garbage
[ 1464.683727][T17802] cdc_wdm 3-1:1.0: skipping garbage
[ 1464.804258][T17802] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1465.201236][T17802] cdc_wdm 3-1:1.0: Unknown control protocol
[ 1465.204091][T12264] usb 2-1: USB disconnect, device number 96
[ 1465.528156][T19419] ubi: mtd0 is already attached to ubi31
[ 1465.952306][T19428] ubi: mtd0 is already attached to ubi31
[ 1466.753005][T17802] usb 3-1: USB disconnect, device number 104
[ 1471.667868][T19464] ubi: mtd0 is already attached to ubi31
[ 1471.999819][T19468] ubi: mtd0 is already attached to ubi31
[ 1472.192578][T12264] usb 2-1: new full-speed USB device number 97 using dummy_hcd
[ 1473.072781][T12264] usb 2-1: device descriptor read/64, error -71
[ 1473.332887][T12264] usb 2-1: new full-speed USB device number 98 using dummy_hcd
[ 1473.374398][ T9393] usb 6-1: new high-speed USB device number 109 using dummy_hcd
[ 1473.472597][T17802] usb 1-1: new high-speed USB device number 117 using dummy_hcd
[ 1473.696147][ T9393] usb 6-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[ 1473.712694][ T9393] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0xE has invalid maxpacket 29979, setting to 1024
[ 1473.729607][ T9393] usb 6-1: config 4 interface 0 altsetting 0 bulk endpoint 0xE has invalid maxpacket 1024
[ 1473.742249][ T9393] usb 6-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[ 1473.771434][ T9393] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1473.857868][ T9393] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1473.872801][T17802] usb 1-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[ 1474.122124][T19475] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1474.237182][T17802] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0xE has invalid maxpacket 29979, setting to 1024
[ 1474.269098][T17802] usb 1-1: config 4 interface 0 altsetting 0 bulk endpoint 0xE has invalid maxpacket 1024
[ 1474.406330][T17802] usb 1-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[ 1474.437305][T19490] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3614'.
[ 1474.585707][T12264] usb usb2-port1: attempt power cycle
[ 1474.644857][   T30] audit: type=1400 audit(2000000221.480:1385): lsm=SMACK fn=smack_file_ioctl action=denied subject="w" object="_" requested=w pid=19474 comm="syz.5.3609" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=78047
[ 1474.826588][T17802] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1474.833001][ T9393] ath6kl: Failed to submit usb control message: -71
[ 1474.837551][T17802] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1474.857051][ T9393] ath6kl: unable to send the bmi data to the device: -71
[ 1474.859723][T19479] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[ 1474.871700][ T9393] ath6kl: Unable to send get target info: -71
[ 1474.890182][ T9393] ath6kl: Failed to init ath6kl core: -71
[ 1475.007376][ T9393] ath6kl_usb 6-1:4.0: probe with driver ath6kl_usb failed with error -71
[ 1475.020936][ T9393] usb 6-1: USB disconnect, device number 109
[ 1475.064420][T12264] usb 2-1: new high-speed USB device number 99 using dummy_hcd
[ 1475.134988][T12264] usb 2-1: Using ep0 maxpacket: 32
[ 1475.709298][T12264] usb 2-1: New USB device found, idVendor=13d8, idProduct=0020, bcdDevice=f7.31
[ 1475.723379][T12264] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1475.763043][   T30] audit: type=1400 audit(2000000222.590:1386): lsm=SMACK fn=smack_file_ioctl action=denied subject="w" object="_" requested=w pid=19478 comm="syz.0.3611" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=78056
[ 1475.764330][T17802] ath6kl: Failed to submit usb control message: -71
[ 1475.795305][T17802] ath6kl: unable to send the bmi data to the device: -71
[ 1475.802877][T17802] ath6kl: Unable to send get target info: -71
[ 1475.810134][T17802] ath6kl: Failed to init ath6kl core: -71
[ 1475.837233][T17802] ath6kl_usb 1-1:4.0: probe with driver ath6kl_usb failed with error -71
[ 1475.901181][T12264] usb 2-1: config 0 descriptor??
[ 1475.918674][T17802] usb 1-1: USB disconnect, device number 117
[ 1475.920409][T12264] usb 2-1: selecting invalid altsetting 3
[ 1475.930645][T12264] comedi comedi0: could not set alternate setting 3 in high speed
[ 1475.938860][T12264] usbduxsigma 2-1:0.0: driver 'usbduxsigma' failed to auto-configure device.
[ 1475.968075][T12264] usbduxsigma 2-1:0.0: probe with driver usbduxsigma failed with error -22
[ 1476.976758][T17804] usb 2-1: USB disconnect, device number 99
[ 1477.143922][T19512] ubi: mtd0 is already attached to ubi31
[ 1477.252543][T17802] usb 1-1: new high-speed USB device number 118 using dummy_hcd
[ 1477.669629][T17802] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1477.716057][T17802] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1477.736143][T17802] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1477.756318][T17802] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1477.903557][T17802] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1477.927469][T17802] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1477.982620][T17802] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1477.990663][T17802] usb 1-1: Product: syz
[ 1478.833755][T17802] usb 1-1: Manufacturer: syz
[ 1478.844243][T17802] cdc_wdm 1-1:1.0: skipping garbage
[ 1478.849552][T17802] cdc_wdm 1-1:1.0: skipping garbage
[ 1478.856769][T17802] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[ 1478.862863][T17802] cdc_wdm 1-1:1.0: Unknown control protocol
[ 1479.033797][T19505] delete_channel: no stack
[ 1480.170800][T19537] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3626'.
[ 1480.614041][T16442] usb 1-1: USB disconnect, device number 118
[ 1480.882305][ T9393] usb 2-1: new high-speed USB device number 100 using dummy_hcd
[ 1481.332997][T17805] usb 6-1: new high-speed USB device number 110 using dummy_hcd
[ 1481.493920][ T9393] usb 2-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[ 1481.543847][ T9393] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0xE has invalid maxpacket 29979, setting to 1024
[ 1481.601350][ T9393] usb 2-1: config 4 interface 0 altsetting 0 bulk endpoint 0xE has invalid maxpacket 1024
[ 1481.683249][ T9393] usb 2-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[ 1481.794405][ T9393] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1481.859943][ T9393] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1481.960063][T17805] usb 6-1: config 0 has an invalid interface number: 153 but max is 0
[ 1481.973798][T17805] usb 6-1: config 0 has no interface number 0
[ 1481.980191][T17805] usb 6-1: too many endpoints for config 0 interface 153 altsetting 255: 255, using maximum allowed: 30
[ 1482.003971][T17805] usb 6-1: config 0 interface 153 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 1482.033172][T19544] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1482.034270][T17805] usb 6-1: config 0 interface 153 has no altsetting 0
[ 1482.056929][T17805] usb 6-1: New USB device found, idVendor=1199, idProduct=6852, bcdDevice=57.34
[ 1482.076700][T17805] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1482.087230][T19557] ubi: mtd0 is already attached to ubi31
[ 1482.088505][T17805] usb 6-1: Product: syz
[ 1482.097352][T17805] usb 6-1: Manufacturer: syz
[ 1482.102093][T17805] usb 6-1: SerialNumber: syz
[ 1482.115274][T17805] usb 6-1: config 0 descriptor??
[ 1482.136878][T17805] hub 6-1:0.153: bad descriptor, ignoring hub
[ 1482.183497][T17805] hub 6-1:0.153: probe with driver hub failed with error -5
[ 1482.192632][T17805] sierra 6-1:0.153: Sierra USB modem converter detected
[ 1482.648951][T19560] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1482.660124][T19560] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1482.848202][T19560] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1482.859400][T19560] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1482.878069][   T30] audit: type=1400 audit(2000000229.720:1387): lsm=SMACK fn=smack_file_ioctl action=denied subject="w" object="_" requested=w pid=19543 comm="syz.1.3629" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=78146
[ 1482.925236][T19560] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1482.932101][T19560] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1482.952376][ T9393] ath6kl: Failed to submit usb control message: -71
[ 1482.999624][T19566] netlink: 'syz.2.3634': attribute type 1 has an invalid length.
[ 1483.037432][ T9393] ath6kl: unable to send the bmi data to the device: -71
[ 1483.037460][ T9393] ath6kl: Unable to send get target info: -71
[ 1483.091586][T19569] Cannot find del_set index 3 as target
[ 1483.187727][T19560] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1483.227352][T19560] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1483.264449][T19560] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1483.264520][T19560] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1483.319553][ T9393] ath6kl: Failed to init ath6kl core: -71
[ 1483.320101][ T9393] ath6kl_usb 2-1:4.0: probe with driver ath6kl_usb failed with error -71
[ 1484.059148][ T9393] usb 2-1: USB disconnect, device number 100
[ 1484.071903][T19560] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1484.289103][T16255] Bluetooth: hci5: command 0x0406 tx timeout
[ 1484.289762][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.289817][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1484.883350][T16255] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1484.987271][T16255] Bluetooth: hci1: command 0x0406 tx timeout
[ 1485.134850][T16255] Bluetooth: hci2: command 0x0406 tx timeout
[ 1485.282501][T16255] Bluetooth: hci3: command 0x0406 tx timeout
[ 1485.981168][T17805] usb 6-1: USB disconnect, device number 110
[ 1486.009016][T17805] sierra 6-1:0.153: device disconnected
[ 1486.061201][T19596] fuse: Bad value for 'user_id'
[ 1486.067332][T19596] fuse: Bad value for 'user_id'
[ 1486.337494][T16255] Bluetooth: hci5: command 0x0406 tx timeout
[ 1487.015639][T16255] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1487.042495][T16255] Bluetooth: hci1: command 0x0406 tx timeout
[ 1487.202692][T16255] Bluetooth: hci2: command 0x0406 tx timeout
[ 1487.336930][T19613] ubi: mtd0 is already attached to ubi31
[ 1487.372614][T16255] Bluetooth: hci3: command 0x0406 tx timeout
[ 1487.415767][T17805] usb 2-1: new high-speed USB device number 101 using dummy_hcd
[ 1487.834241][T17803] usb 4-1: new high-speed USB device number 118 using dummy_hcd
[ 1487.879233][T19618] Cannot find del_set index 3 as target
[ 1488.323656][T17805] usb 2-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[ 1488.412869][T17805] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0xE has invalid maxpacket 29979, setting to 1024
[ 1488.503488][T17805] usb 2-1: config 4 interface 0 altsetting 0 bulk endpoint 0xE has invalid maxpacket 1024
[ 1488.544136][T17803] usb 4-1: Using ep0 maxpacket: 32
[ 1488.609780][T17805] usb 2-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[ 1488.643569][T17803] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1488.735247][T17805] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1488.764441][T17803] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1488.784771][T17805] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1488.793553][T17803] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1488.811796][T17803] usb 4-1: Product: syz
[ 1488.817609][T17803] usb 4-1: Manufacturer: syz
[ 1488.828870][T17803] usb 4-1: SerialNumber: syz
[ 1488.837561][T19608] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1488.852534][T17803] usb 4-1: config 0 descriptor??
[ 1488.903248][T19610] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1489.260592][T16255] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1490.003338][T17805] ath6kl: Failed to submit usb control message: -110
[ 1490.010133][T17805] ath6kl: unable to send the bmi data to the device: -110
[ 1490.012974][   T30] audit: type=1400 audit(2000000236.410:1388): lsm=SMACK fn=smack_file_ioctl action=denied subject="w" object="_" requested=w pid=19607 comm="syz.1.3647" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=79693
[ 1490.061848][T17805] ath6kl: Unable to send get target info: -110
[ 1490.093426][T17805] ath6kl: Failed to init ath6kl core: -110
[ 1490.099819][T17805] ath6kl_usb 2-1:4.0: probe with driver ath6kl_usb failed with error -110
[ 1490.158608][T17805] usb 2-1: USB disconnect, device number 101
[ 1491.660116][T16255] Bluetooth: hci0: unexpected cc 0x0c2d length: 5 > 4
[ 1491.669527][T16255] Bluetooth: hci0: unexpected event for opcode 0x0c2d
[ 1492.073994][T19647] FAULT_INJECTION: forcing a failure.
[ 1492.073994][T19647] name failslab, interval 1, probability 0, space 0, times 0
[ 1492.087373][T19647] CPU: 0 UID: 0 PID: 19647 Comm: syz.1.3657 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1492.087400][T19647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1492.087412][T19647] Call Trace:
[ 1492.087420][T19647]  <TASK>
[ 1492.087428][T19647]  dump_stack_lvl+0x189/0x250
[ 1492.087459][T19647]  ? __pfx____ratelimit+0x10/0x10
[ 1492.087483][T19647]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1492.087505][T19647]  ? __pfx__printk+0x10/0x10
[ 1492.087527][T19647]  ? __pfx___might_resched+0x10/0x10
[ 1492.087550][T19647]  ? fs_reclaim_acquire+0x7d/0x100
[ 1492.087579][T19647]  should_fail_ex+0x414/0x560
[ 1492.087607][T19647]  should_failslab+0xa8/0x100
[ 1492.087631][T19647]  __kmalloc_noprof+0xcb/0x4f0
[ 1492.087650][T19647]  ? kfree+0x4d/0x440
[ 1492.087666][T19647]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1492.087697][T19647]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1492.087724][T19647]  ? tomoyo_domain+0xda/0x130
[ 1492.087754][T19647]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1492.087775][T19647]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1492.087799][T19647]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1492.087839][T19647]  ? __lock_acquire+0xab9/0xd20
[ 1492.087885][T19647]  ? __fget_files+0x2a/0x420
[ 1492.087909][T19647]  ? __fget_files+0x2a/0x420
[ 1492.087930][T19647]  ? __fget_files+0x3a0/0x420
[ 1492.087950][T19647]  ? __fget_files+0x2a/0x420
[ 1492.087977][T19647]  security_file_ioctl+0xcb/0x2d0
[ 1492.088002][T19647]  __se_sys_ioctl+0x47/0x170
[ 1492.088024][T19647]  do_syscall_64+0xfa/0x3b0
[ 1492.088041][T19647]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1492.088064][T19647]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1492.088082][T19647]  ? clear_bhb_loop+0x60/0xb0
[ 1492.088104][T19647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1492.088122][T19647] RIP: 0033:0x7f29ea18e929
[ 1492.088148][T19647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1492.088164][T19647] RSP: 002b:00007f29eb019038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1492.088184][T19647] RAX: ffffffffffffffda RBX: 00007f29ea3b6080 RCX: 00007f29ea18e929
[ 1492.088198][T19647] RDX: 00002000000000c0 RSI: 00000000c0045002 RDI: 0000000000000003
[ 1492.088210][T19647] RBP: 00007f29eb019090 R08: 0000000000000000 R09: 0000000000000000
[ 1492.088222][T19647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1492.088233][T19647] R13: 0000000000000001 R14: 00007f29ea3b6080 R15: 00007ffc3a6f11f8
[ 1492.088263][T19647]  </TASK>
[ 1492.332250][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1492.355399][T19647] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1492.822640][T16442] usb 4-1: USB disconnect, device number 118
[ 1493.793313][T19663] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1495.432342][T17802] usb 4-1: new full-speed USB device number 119 using dummy_hcd
[ 1496.820232][T17802] usb 4-1: device descriptor read/all, error -71
[ 1500.747821][T19727] ubi: mtd0 is already attached to ubi31
[ 1501.516445][T17802] IPVS: starting estimator thread 0...
[ 1502.442949][T19739] IPVS: using max 51 ests per chain, 122400 per kthread
[ 1503.761924][T19751] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3687'.
[ 1503.771539][T19751] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3687'.
[ 1503.781844][T19751] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3687'.
[ 1503.903733][T19754] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3687'.
[ 1504.098378][T19758] FAULT_INJECTION: forcing a failure.
[ 1504.098378][T19758] name failslab, interval 1, probability 0, space 0, times 0
[ 1504.111489][T19758] CPU: 0 UID: 0 PID: 19758 Comm: syz.1.3688 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1504.111517][T19758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1504.111528][T19758] Call Trace:
[ 1504.111536][T19758]  <TASK>
[ 1504.111542][T19758]  dump_stack_lvl+0x189/0x250
[ 1504.111562][T19758]  ? __pfx____ratelimit+0x10/0x10
[ 1504.111577][T19758]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1504.111592][T19758]  ? __pfx__printk+0x10/0x10
[ 1504.111603][T19758]  ? __pfx___might_resched+0x10/0x10
[ 1504.111618][T19758]  ? fs_reclaim_acquire+0x7d/0x100
[ 1504.111635][T19758]  should_fail_ex+0x414/0x560
[ 1504.111650][T19758]  should_failslab+0xa8/0x100
[ 1504.111665][T19758]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1504.111677][T19758]  ? __lock_acquire+0xab9/0xd20
[ 1504.111689][T19758]  ? __alloc_skb+0x112/0x2d0
[ 1504.111704][T19758]  __alloc_skb+0x112/0x2d0
[ 1504.111717][T19758]  alloc_skb_with_frags+0xca/0x890
[ 1504.111732][T19758]  ? is_bpf_text_address+0x26/0x2b0
[ 1504.111750][T19758]  sock_alloc_send_pskb+0x857/0x990
[ 1504.111773][T19758]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[ 1504.111787][T19758]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1504.111803][T19758]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1504.111816][T19758]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1504.111830][T19758]  ? __kmalloc_cache_noprof+0x230/0x3d0
[ 1504.111844][T19758]  __ip_append_data+0x2cd3/0x40f0
[ 1504.111870][T19758]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 1504.111892][T19758]  ? ipv4_mtu+0x23/0x5c0
[ 1504.111907][T19758]  ? __pfx___ip_append_data+0x10/0x10
[ 1504.111920][T19758]  ? ipv4_mtu+0x4b2/0x5c0
[ 1504.111934][T19758]  ? ip_setup_cork+0x577/0x9a0
[ 1504.111949][T19758]  ip_make_skb+0x1de/0x3f0
[ 1504.111966][T19758]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 1504.111981][T19758]  ? __pfx_ip_make_skb+0x10/0x10
[ 1504.112005][T19758]  udp_sendmsg+0x191e/0x2300
[ 1504.112025][T19758]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 1504.112039][T19758]  ? __pfx_udp_sendmsg+0x10/0x10
[ 1504.112052][T19758]  ? irqentry_exit+0x74/0x90
[ 1504.112080][T19758]  ? css_rstat_updated+0x1a5/0xca0
[ 1504.112100][T19758]  udpv6_sendmsg+0xc5e/0x2710
[ 1504.112122][T19758]  ? __pfx_udpv6_sendmsg+0x10/0x10
[ 1504.112136][T19758]  ? __pfx___up_read+0x10/0x10
[ 1504.112146][T19758]  ? smack_socket_sendmsg+0x1a7/0x520
[ 1504.112170][T19758]  ? irqentry_exit+0x74/0x90
[ 1504.112209][T19758]  ? inet6_sendmsg+0xe4/0x120
[ 1504.112227][T19758]  __sock_sendmsg+0xe5/0x270
[ 1504.112254][T19758]  ____sys_sendmsg+0x52d/0x830
[ 1504.112280][T19758]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1504.112300][T19758]  ? import_iovec+0x74/0xa0
[ 1504.112312][T19758]  ___sys_sendmsg+0x21f/0x2a0
[ 1504.112325][T19758]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1504.112356][T19758]  ? __fget_files+0x2a/0x420
[ 1504.112369][T19758]  ? __fget_files+0x3a0/0x420
[ 1504.112387][T19758]  __sys_sendmmsg+0x227/0x430
[ 1504.112402][T19758]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1504.112428][T19758]  ? ksys_write+0x22a/0x250
[ 1504.112441][T19758]  ? __pfx_ksys_write+0x10/0x10
[ 1504.112455][T19758]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1504.112469][T19758]  do_syscall_64+0xfa/0x3b0
[ 1504.112479][T19758]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1504.112489][T19758]  ? asm_sysvec_call_function_single+0x1a/0x20
[ 1504.112499][T19758]  ? clear_bhb_loop+0x60/0xb0
[ 1504.112511][T19758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1504.112521][T19758] RIP: 0033:0x7f29ea18e929
[ 1504.112532][T19758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1504.112541][T19758] RSP: 002b:00007f29eb019038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1504.112552][T19758] RAX: ffffffffffffffda RBX: 00007f29ea3b6080 RCX: 00007f29ea18e929
[ 1504.112560][T19758] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000007
[ 1504.112567][T19758] RBP: 00007f29eb019090 R08: 0000000000000000 R09: 0000000000000000
[ 1504.112573][T19758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1504.112579][T19758] R13: 0000000000000000 R14: 00007f29ea3b6080 R15: 00007ffc3a6f11f8
[ 1504.112594][T19758]  </TASK>
[ 1504.836973][T19754] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3687'.
[ 1504.866729][T19754] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3687'.
[ 1504.883472][T19751] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3687'.
[ 1504.892596][T19751] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3687'.
[ 1504.901708][T19751] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3687'.
[ 1504.999957][T19754] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3687'.
[ 1505.202389][ T5914] usb 6-1: new high-speed USB device number 111 using dummy_hcd
[ 1505.490942][ T5914] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1505.509804][ T5914] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1505.522107][ T5914] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1505.533610][ T5914] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1505.552099][ T5914] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1505.561632][ T5914] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1505.568031][   T30] audit: type=1326 audit(2000000252.410:1389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19773 comm="syz.0.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1505.569929][ T5914] usb 6-1: Manufacturer: syz
[ 1506.239619][   T30] audit: type=1326 audit(2000000252.410:1390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19773 comm="syz.0.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1506.261960][   T30] audit: type=1326 audit(2000000252.440:1391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19773 comm="syz.0.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1506.318558][   T30] audit: type=1326 audit(2000000252.440:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19773 comm="syz.0.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1506.319388][ T5914] usb 6-1: config 0 descriptor??
[ 1506.360427][   T30] audit: type=1326 audit(2000000252.440:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19773 comm="syz.0.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1506.396361][   T30] audit: type=1326 audit(2000000252.440:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19773 comm="syz.0.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1506.454498][   T30] audit: type=1326 audit(2000000252.440:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19773 comm="syz.0.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1506.479170][T19778] fuse: Bad value for 'fd'
[ 1506.645623][   T30] audit: type=1326 audit(2000000252.440:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19773 comm="syz.0.3692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4218e929 code=0x7ffc0000
[ 1508.940712][T19786] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1510.751953][ T5914] usbhid 6-1:0.0: can't add hid device: -71
[ 1510.768907][ T5914] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1510.807171][ T5914] usb 6-1: USB disconnect, device number 111
[ 1511.127011][T19799] overlayfs: failed to get inode (-116)
[ 1511.143276][T19799] overlayfs: failed to get inode (-116)
[ 1511.164399][T19799] overlayfs: failed to get inode (-116)
[ 1511.180600][T19799] overlayfs: failed to get inode (-116)
[ 1511.442930][T17802] usb 2-1: new high-speed USB device number 102 using dummy_hcd
[ 1511.614354][T17802] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1511.623709][T17802] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1511.654537][T17802] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1511.663904][T17802] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1511.675456][T17802] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1511.719823][T17802] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1511.731985][T17802] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1511.748109][T17802] usb 2-1: Product: syz
[ 1511.753462][T17802] usb 2-1: Manufacturer: syz
[ 1511.773980][T17802] cdc_wdm 2-1:1.0: skipping garbage
[ 1511.779202][T17802] cdc_wdm 2-1:1.0: skipping garbage
[ 1511.797891][T17802] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[ 1511.807739][T17802] cdc_wdm 2-1:1.0: Unknown control protocol
[ 1512.082463][T17802] usb 4-1: new high-speed USB device number 121 using dummy_hcd
[ 1512.253942][T17802] usb 4-1: Using ep0 maxpacket: 8
[ 1512.346401][T17802] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[ 1512.498359][T17802] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1512.645273][T17802] usb 4-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 1512.655618][T17802] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1512.664285][T17802] usb 4-1: Product: syz
[ 1512.669115][T17802] usb 4-1: Manufacturer: syz
[ 1512.678669][T17802] usb 4-1: SerialNumber: syz
[ 1512.686800][T17802] usb 4-1: config 0 descriptor??
[ 1512.699594][T17802] streamzap 4-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0200
[ 1514.011521][T19837] __nla_validate_parse: 8 callbacks suppressed
[ 1514.011535][T19837] netlink: 136 bytes leftover after parsing attributes in process `syz.2.3708'.
[ 1514.035021][T19837] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[ 1514.434792][T19850] Cannot find del_set index 3 as target
[ 1514.796743][T17802] usb 4-1: USB disconnect, device number 121
[ 1515.342746][T17805] usb 2-1: USB disconnect, device number 102
[ 1516.074095][T19856] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[ 1516.623956][T19873] netlink: 'syz.0.3719': attribute type 1 has an invalid length.
[ 1517.543494][T19885] FAULT_INJECTION: forcing a failure.
[ 1517.543494][T19885] name failslab, interval 1, probability 0, space 0, times 0
[ 1517.543540][T19885] CPU: 0 UID: 0 PID: 19885 Comm: syz.3.3724 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1517.543564][T19885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1517.543576][T19885] Call Trace:
[ 1517.543584][T19885]  <TASK>
[ 1517.543592][T19885]  dump_stack_lvl+0x189/0x250
[ 1517.543614][T19885]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1517.543630][T19885]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1517.543644][T19885]  ? __pfx__printk+0x10/0x10
[ 1517.543656][T19885]  ? fs_reclaim_acquire+0x7d/0x100
[ 1517.543674][T19885]  should_fail_ex+0x414/0x560
[ 1517.543694][T19885]  should_failslab+0xa8/0x100
[ 1517.543715][T19885]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1517.543736][T19885]  ? vma_node_allow+0x5a/0x240
[ 1517.543762][T19885]  vma_node_allow+0x5a/0x240
[ 1517.543781][T19885]  ? drm_gem_handle_create_tail+0x238/0x510
[ 1517.543802][T19885]  drm_gem_handle_create_tail+0x28f/0x510
[ 1517.543816][T19885]  drm_mode_getfb2_ioctl+0x9ed/0x17e0
[ 1517.543831][T19885]  ? drm_dev_exit+0x3a/0x60
[ 1517.543849][T19885]  drm_ioctl_kernel+0x2cc/0x390
[ 1517.543862][T19885]  ? __pfx_drm_mode_getfb2_ioctl+0x10/0x10
[ 1517.543871][T19885]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[ 1517.543889][T19885]  drm_ioctl+0x67f/0xb10
[ 1517.543900][T19885]  ? smk_tskacc+0x2fc/0x370
[ 1517.543912][T19885]  ? __pfx_drm_mode_getfb2_ioctl+0x10/0x10
[ 1517.543924][T19885]  ? __pfx_drm_ioctl+0x10/0x10
[ 1517.543943][T19885]  ? __fget_files+0x2a/0x420
[ 1517.543958][T19885]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1517.543972][T19885]  ? __pfx_drm_ioctl+0x10/0x10
[ 1517.543984][T19885]  __se_sys_ioctl+0xfc/0x170
[ 1517.543996][T19885]  do_syscall_64+0xfa/0x3b0
[ 1517.544005][T19885]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1517.544015][T19885]  ? asm_sysvec_call_function_single+0x1a/0x20
[ 1517.544025][T19885]  ? clear_bhb_loop+0x60/0xb0
[ 1517.544037][T19885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1517.544046][T19885] RIP: 0033:0x7f27a018e929
[ 1517.544056][T19885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1517.544065][T19885] RSP: 002b:00007f27a1080038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1517.544077][T19885] RAX: ffffffffffffffda RBX: 00007f27a03b6080 RCX: 00007f27a018e929
[ 1517.544084][T19885] RDX: 0000200000000400 RSI: 00000000c06864ce RDI: 0000000000000006
[ 1517.544091][T19885] RBP: 00007f27a1080090 R08: 0000000000000000 R09: 0000000000000000
[ 1517.544097][T19885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1517.544103][T19885] R13: 0000000000000000 R14: 00007f27a03b6080 R15: 00007ffd1d282248
[ 1517.544118][T19885]  </TASK>
[ 1518.783994][    T9] usb 1-1: new full-speed USB device number 119 using dummy_hcd
[ 1518.967386][    T9] usb 1-1: New USB device found, idVendor=2040, idProduct=9301, bcdDevice=e4.fb
[ 1518.967406][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1518.968945][    T9] usb 1-1: config 0 descriptor??
[ 1518.970819][    T9] dvb-usb: found a 'Hauppauge WinTV-NOVA-T usb2' in warm state.
[ 1518.970859][    T9] dvb-usb: bulk message failed: -22 (3/0)
[ 1518.972532][    T9] dvb-usb: will use the device's hardware PID filter (table count: 32).
[ 1518.974455][    T9] dvbdev: DVB: registering new adapter (Hauppauge WinTV-NOVA-T usb2)
[ 1518.974487][    T9] usb 1-1: media controller created
[ 1518.974527][    T9] dvb-usb: bulk message failed: -22 (5/0)
[ 1518.974565][    T9] dvb-usb: MAC address reading failed.
[ 1518.976262][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1518.995638][    T9] dvb-usb: bulk message failed: -22 (6/0)
[ 1518.995836][    T9] dvb-usb: bulk message failed: -22 (6/0)
[ 1518.995934][    T9] dvb-usb: no frontend was attached by 'Hauppauge WinTV-NOVA-T usb2'
[ 1519.004387][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input66
[ 1519.005910][    T9] dvb-usb: schedule remote query interval to 100 msecs.
[ 1519.005930][    T9] dvb-usb: Hauppauge WinTV-NOVA-T usb2 successfully initialized and connected.
[ 1519.123281][    T9] dvb-usb: bulk message failed: -22 (2/0)
[ 1519.123319][    T9] dvb-usb: error while querying for an remote control event.
[ 1519.232925][    T9] dvb-usb: bulk message failed: -22 (2/0)
[ 1519.232960][    T9] dvb-usb: error while querying for an remote control event.
[ 1519.237654][T19890] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1519.237994][T19890] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1519.342482][    T9] dvb-usb: bulk message failed: -22 (2/0)
[ 1519.342508][    T9] dvb-usb: error while querying for an remote control event.
[ 1519.969292][    T9] dvb-usb: bulk message failed: -22 (2/0)
[ 1519.969328][    T9] dvb-usb: error while querying for an remote control event.
[ 1520.078812][    T9] dvb-usb: bulk message failed: -22 (2/0)
[ 1520.078847][    T9] dvb-usb: error while querying for an remote control event.
[ 1520.182590][    T9] dvb-usb: bulk message failed: -22 (2/0)
[ 1520.182620][    T9] dvb-usb: error while querying for an remote control event.
[ 1520.292772][    T9] dvb-usb: bulk message failed: -22 (2/0)
[ 1520.292816][    T9] dvb-usb: error while querying for an remote control event.
[ 1520.405824][    T9] dvb-usb: bulk message failed: -22 (2/0)
[ 1520.405859][    T9] dvb-usb: error while querying for an remote control event.
[ 1521.184523][T19914] No control pipe specified
[ 1521.349845][    T9] dvb-usb: bulk message failed: -22 (2/0)
[ 1521.349881][    T9] dvb-usb: error while querying for an remote control event.
[ 1521.459453][T17802] dvb-usb: bulk message failed: -22 (2/0)
[ 1521.459491][T17802] dvb-usb: error while querying for an remote control event.
[ 1521.562899][T17802] dvb-usb: bulk message failed: -22 (2/0)
[ 1521.969110][T17802] dvb-usb: error while querying for an remote control event.
[ 1522.082023][T17802] dvb-usb: bulk message failed: -22 (2/0)
[ 1522.082794][T17802] dvb-usb: error while querying for an remote control event.
[ 1522.192370][T17805] dvb-usb: bulk message failed: -22 (2/0)
[ 1522.192408][T17805] dvb-usb: error while querying for an remote control event.
[ 1522.302586][T17805] dvb-usb: bulk message failed: -22 (2/0)
[ 1522.308556][T17805] dvb-usb: error while querying for an remote control event.
[ 1522.432897][T17805] dvb-usb: bulk message failed: -22 (2/0)
[ 1522.443242][T17805] dvb-usb: error while querying for an remote control event.
[ 1522.639256][T17802] dvb-usb: bulk message failed: -22 (2/0)
[ 1523.289341][T17802] dvb-usb: error while querying for an remote control event.
[ 1523.434577][T17805] dvb-usb: bulk message failed: -22 (2/0)
[ 1523.440381][T17805] dvb-usb: error while querying for an remote control event.
[ 1523.591733][T17805] dvb-usb: bulk message failed: -22 (2/0)
[ 1523.867142][T17805] dvb-usb: error while querying for an remote control event.
[ 1524.000940][T17805] dvb-usb: bulk message failed: -22 (2/0)
[ 1524.007437][T17805] dvb-usb: error while querying for an remote control event.
[ 1524.058489][T16442] usb 1-1: USB disconnect, device number 119
[ 1524.129343][T19939] netlink: 'syz.2.3736': attribute type 1 has an invalid length.
[ 1524.140198][T17805] dvb-usb: bulk message failed: -22 (2/0)
[ 1524.150880][T17805] dvb-usb: error while querying for an remote control event.
[ 1524.393552][T17805] dvb-usb: bulk message failed: -22 (2/0)
[ 1525.021088][T17805] dvb-usb: error while querying for an remote control event.
[ 1525.849175][T16442] dvb-usb: Hauppauge WinTV-NOVA-T usb2 successfully deinitialized and disconnected.
[ 1526.009496][T19946] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[ 1527.832449][T17805] usb 1-1: new high-speed USB device number 120 using dummy_hcd
[ 1528.030210][T17805] usb 1-1: config 0 has an invalid interface number: 153 but max is 0
[ 1528.065064][T17805] usb 1-1: config 0 has no interface number 0
[ 1528.108152][T17805] usb 1-1: too many endpoints for config 0 interface 153 altsetting 255: 255, using maximum allowed: 30
[ 1528.158848][T17805] usb 1-1: config 0 interface 153 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 1528.225595][T17805] usb 1-1: config 0 interface 153 has no altsetting 0
[ 1528.257348][ T5914] usb 2-1: new high-speed USB device number 103 using dummy_hcd
[ 1528.268687][T17805] usb 1-1: New USB device found, idVendor=1199, idProduct=6852, bcdDevice=57.34
[ 1528.281335][T17805] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1528.290791][T17805] usb 1-1: Product: syz
[ 1528.297356][T17805] usb 1-1: Manufacturer: syz
[ 1528.304821][T17805] usb 1-1: SerialNumber: syz
[ 1528.317405][T17805] usb 1-1: config 0 descriptor??
[ 1528.326066][T17805] hub 1-1:0.153: bad descriptor, ignoring hub
[ 1528.335711][T17805] hub 1-1:0.153: probe with driver hub failed with error -5
[ 1528.345283][T17805] sierra 1-1:0.153: Sierra USB modem converter detected
[ 1528.392316][T12264] usb 3-1: new high-speed USB device number 105 using dummy_hcd
[ 1528.418722][ T5914] usb 2-1: Using ep0 maxpacket: 8
[ 1528.431683][ T5914] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1528.490885][ T5914] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1528.500069][ T5914] usb 2-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[ 1528.509372][ T5914] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1528.517496][ T5914] usb 2-1: Product: syz
[ 1528.521692][ T5914] usb 2-1: Manufacturer: syz
[ 1528.532754][ T5914] usb 2-1: SerialNumber: syz
[ 1528.541097][ T5914] usb 2-1: config 0 descriptor??
[ 1528.557098][ T5914] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 found
[ 1528.586492][T12264] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1528.601493][T12264] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1528.614298][T12264] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 9
[ 1528.833766][T17805] usb 1-1: USB disconnect, device number 120
[ 1528.839608][T12264] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 1528.850503][T12264] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[ 1528.863732][T12264] usb 3-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[ 1528.870102][T17805] sierra 1-1:0.153: device disconnected
[ 1528.876812][ T5914] snd_usb_toneport 2-1:0.0: cannot get proper max packet size
[ 1528.886850][T12264] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1528.895182][ T5914] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 now disconnected
[ 1528.903073][T12264] usb 3-1: Product: syz
[ 1528.907251][T12264] usb 3-1: Manufacturer: syz
[ 1528.911856][T12264] usb 3-1: SerialNumber: syz
[ 1528.982938][ T5914] snd_usb_toneport 2-1:0.0: probe with driver snd_usb_toneport failed with error -22
[ 1529.152316][T12264] usb 3-1: config 0 descriptor??
[ 1529.245161][T19967] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[ 1529.258218][T19960] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1529.323093][T12264] pn533_usb 3-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[ 1529.492019][T19960] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3742'.
[ 1529.518864][T19960] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3742'.
[ 1529.533563][T19967] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3744'.
[ 1529.549942][T19960] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3742'.
[ 1529.562965][T19967] netlink: 43 bytes leftover after parsing attributes in process `syz.2.3744'.
[ 1529.586682][T19967] netlink: 'syz.2.3744': attribute type 5 has an invalid length.
[ 1529.605526][T19981] tmpfs: Bad value for 'mpol'
[ 1529.611506][T19960] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3742'.
[ 1529.621147][T19960] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3742'.
[ 1529.631365][T19960] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3742'.
[ 1529.641255][T19967] netlink: 43 bytes leftover after parsing attributes in process `syz.2.3744'.
[ 1529.963541][T19977] ubi: mtd0 is already attached to ubi31
[ 1530.041039][T19960] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3742'.
[ 1530.083440][T12264] usb 2-1: USB disconnect, device number 103
[ 1530.246225][T17805] usb 6-1: new high-speed USB device number 112 using dummy_hcd
[ 1530.477953][T20000] netlink: 'syz.3.3753': attribute type 29 has an invalid length.
[ 1530.493670][T20000] netlink: 'syz.3.3753': attribute type 29 has an invalid length.
[ 1530.514886][T17805] usb 6-1: too many configurations: 9, using maximum allowed: 8
[ 1530.532709][T17805] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1530.548701][T17805] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1531.318363][T17805] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1531.424164][T17805] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1531.436416][T17805] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1531.467067][T17805] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1531.542424][T20002] block nbd3: NBD_DISCONNECT
[ 1531.551783][T20002] block nbd3: Send disconnect failed -22
[ 1531.559074][T17805] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1531.622279][T17805] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1532.882357][T17805] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1533.001077][T17805] usb 6-1: unable to read config index 3 descriptor/start: -71
[ 1533.022962][T17802] usb 3-1: USB disconnect, device number 105
[ 1533.352359][T17805] usb 6-1: can't read configurations, error -71
[ 1534.503104][T19998] block nbd3: Disconnected due to user request.
[ 1534.509508][T19998] block nbd3: shutting down sockets
[ 1535.765264][T20033] random: crng reseeded on system resumption
[ 1535.929146][ T5914] usb 2-1: new high-speed USB device number 104 using dummy_hcd
[ 1536.403918][ T5914] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1536.403949][ T5914] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1536.403969][ T5914] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1536.404022][ T5914] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1536.404047][ T5914] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1536.425873][ T5914] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1536.425906][ T5914] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1536.425927][ T5914] usb 2-1: Product: syz
[ 1536.425942][ T5914] usb 2-1: Manufacturer: syz
[ 1536.437416][ T5914] cdc_wdm 2-1:1.0: skipping garbage
[ 1536.437438][ T5914] cdc_wdm 2-1:1.0: skipping garbage
[ 1536.448099][ T5914] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[ 1536.448123][ T5914] cdc_wdm 2-1:1.0: Unknown control protocol
[ 1536.756047][T20041] FAULT_INJECTION: forcing a failure.
[ 1536.756047][T20041] name failslab, interval 1, probability 0, space 0, times 0
[ 1536.756079][T20041] CPU: 1 UID: 0 PID: 20041 Comm: syz.2.3765 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1536.756102][T20041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1536.756113][T20041] Call Trace:
[ 1536.756121][T20041]  <TASK>
[ 1536.756129][T20041]  dump_stack_lvl+0x189/0x250
[ 1536.756158][T20041]  ? __pfx____ratelimit+0x10/0x10
[ 1536.756183][T20041]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1536.756207][T20041]  ? __pfx__printk+0x10/0x10
[ 1536.756233][T20041]  ? ref_tracker_alloc+0x318/0x460
[ 1536.756259][T20041]  should_fail_ex+0x414/0x560
[ 1536.756286][T20041]  should_failslab+0xa8/0x100
[ 1536.756310][T20041]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1536.756330][T20041]  ? skb_clone+0x212/0x3a0
[ 1536.756357][T20041]  skb_clone+0x212/0x3a0
[ 1536.756384][T20041]  __netlink_deliver_tap+0x404/0x850
[ 1536.756418][T20041]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1536.756440][T20041]  netlink_deliver_tap+0x19c/0x1b0
[ 1536.756462][T20041]  netlink_unicast+0x72f/0x8d0
[ 1536.756493][T20041]  netlink_sendmsg+0x805/0xb30
[ 1536.756524][T20041]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1536.756554][T20041]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1536.756575][T20041]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1536.756596][T20041]  __sock_sendmsg+0x219/0x270
[ 1536.756625][T20041]  ____sys_sendmsg+0x505/0x830
[ 1536.756653][T20041]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1536.756685][T20041]  ? import_iovec+0x74/0xa0
[ 1536.756707][T20041]  ___sys_sendmsg+0x21f/0x2a0
[ 1536.756732][T20041]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1536.756793][T20041]  ? __fget_files+0x2a/0x420
[ 1536.756815][T20041]  ? __fget_files+0x3a0/0x420
[ 1536.756848][T20041]  __x64_sys_sendmsg+0x19b/0x260
[ 1536.756873][T20041]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1536.756905][T20041]  ? __pfx_ksys_write+0x10/0x10
[ 1536.756923][T20041]  ? rcu_is_watching+0x15/0xb0
[ 1536.756952][T20041]  ? do_syscall_64+0xbe/0x3b0
[ 1536.756974][T20041]  do_syscall_64+0xfa/0x3b0
[ 1536.756995][T20041]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1536.757018][T20041]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1536.757036][T20041]  ? clear_bhb_loop+0x60/0xb0
[ 1536.757058][T20041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1536.757075][T20041] RIP: 0033:0x7f0deaf8e929
[ 1536.757092][T20041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1536.757107][T20041] RSP: 002b:00007f0debd72038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1536.757127][T20041] RAX: ffffffffffffffda RBX: 00007f0deb1b5fa0 RCX: 00007f0deaf8e929
[ 1536.757141][T20041] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[ 1536.757153][T20041] RBP: 00007f0debd72090 R08: 0000000000000000 R09: 0000000000000000
[ 1536.757165][T20041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1536.757176][T20041] R13: 0000000000000000 R14: 00007f0deb1b5fa0 R15: 00007ffffbe3e6b8
[ 1536.757207][T20041]  </TASK>
[ 1537.086623][T20044] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1537.996096][T17802] usb 2-1: USB disconnect, device number 104
[ 1538.029499][T20054] ubi: mtd0 is already attached to ubi31
[ 1538.283749][T20055] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[ 1539.313281][T20046] tty tty3: ldisc open failed (-12), clearing slot 2
[ 1539.321972][T20049] ptm ptm0: ldisc open failed (-12), clearing slot 0
[ 1542.720418][T20095] ubi: mtd0 is already attached to ubi31
[ 1545.673029][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[ 1545.679405][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.835095][T20133] ubi: mtd0 is already attached to ubi31
[ 1546.974672][ T5914] usb 2-1: new full-speed USB device number 105 using dummy_hcd
[ 1547.284917][ T5914] usb 2-1: New USB device found, idVendor=2040, idProduct=9301, bcdDevice=e4.fb
[ 1547.362416][T16442] usb 1-1: new full-speed USB device number 121 using dummy_hcd
[ 1547.446964][ T5914] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1547.596318][ T5914] usb 2-1: config 0 descriptor??
[ 1547.615563][ T5914] dvb-usb: found a 'Hauppauge WinTV-NOVA-T usb2' in warm state.
[ 1547.633013][ T5914] dvb-usb: bulk message failed: -22 (3/0)
[ 1547.650406][ T5914] dvb-usb: will use the device's hardware PID filter (table count: 32).
[ 1547.664416][ T5914] dvbdev: DVB: registering new adapter (Hauppauge WinTV-NOVA-T usb2)
[ 1547.673236][T16442] usb 1-1: New USB device found, idVendor=2040, idProduct=9301, bcdDevice=e4.fb
[ 1547.682611][ T5914] usb 2-1: media controller created
[ 1547.687950][T16442] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1547.696265][ T5914] dvb-usb: bulk message failed: -22 (5/0)
[ 1547.702597][ T5914] dvb-usb: MAC address reading failed.
[ 1547.710920][T16442] usb 1-1: config 0 descriptor??
[ 1547.719999][ T5914] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1547.730583][T16442] dvb-usb: found a 'Hauppauge WinTV-NOVA-T usb2' in warm state.
[ 1547.742600][T16442] dvb-usb: bulk message failed: -22 (3/0)
[ 1547.813015][T16442] dvb-usb: will use the device's hardware PID filter (table count: 32).
[ 1547.832464][ T5914] dvb-usb: bulk message failed: -22 (6/0)
[ 1547.853398][T20131] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1547.882844][ T5914] dvb-usb: bulk message failed: -22 (6/0)
[ 1547.888867][ T5914] dvb-usb: no frontend was attached by 'Hauppauge WinTV-NOVA-T usb2'
[ 1547.897941][T16442] dvbdev: DVB: registering new adapter (Hauppauge WinTV-NOVA-T usb2)
[ 1547.912911][T20131] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1547.927365][T20136] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1547.952691][T16442] usb 1-1: media controller created
[ 1547.958023][T16442] dvb-usb: bulk message failed: -22 (5/0)
[ 1547.970862][T20136] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1548.541105][ T5914] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input67
[ 1548.552521][T16442] dvb-usb: MAC address reading failed.
[ 1548.701881][T16442] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1548.712908][ T5914] dvb-usb: schedule remote query interval to 100 msecs.
[ 1548.731319][ T5914] dvb-usb: Hauppauge WinTV-NOVA-T usb2 successfully initialized and connected.
[ 1548.776336][T16442] dvb-usb: bulk message failed: -22 (6/0)
[ 1548.841806][T20145] No control pipe specified
[ 1548.872394][T17410] dvb-usb: bulk message failed: -22 (2/0)
[ 1548.935172][T17410] dvb-usb: error while querying for an remote control event.
[ 1549.285882][T16442] dvb-usb: bulk message failed: -22 (6/0)
[ 1549.293684][T16442] dvb-usb: no frontend was attached by 'Hauppauge WinTV-NOVA-T usb2'
[ 1549.485557][T17410] dvb-usb: bulk message failed: -22 (2/0)
[ 1549.491913][T17410] dvb-usb: error while querying for an remote control event.
[ 1549.502259][T20147] ubi: mtd0 is already attached to ubi31
[ 1549.510568][T16442] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input68
[ 1549.525173][T16442] dvb-usb: schedule remote query interval to 100 msecs.
[ 1549.532331][T16442] dvb-usb: Hauppauge WinTV-NOVA-T usb2 successfully initialized and connected.
[ 1549.608575][    T9] usb 6-1: new full-speed USB device number 114 using dummy_hcd
[ 1549.632414][T17410] dvb-usb: bulk message failed: -22 (2/0)
[ 1549.655204][T17410] dvb-usb: error while querying for an remote control event.
[ 1549.663989][T16442] dvb-usb: bulk message failed: -22 (2/0)
[ 1549.686162][T16442] dvb-usb: error while querying for an remote control event.
[ 1549.774903][    T9] usb 6-1: New USB device found, idVendor=2040, idProduct=9301, bcdDevice=e4.fb
[ 1549.800263][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1549.873787][    T9] usb 6-1: config 0 descriptor??
[ 1549.892900][    T9] dvb-usb: found a 'Hauppauge WinTV-NOVA-T usb2' in warm state.
[ 1549.916673][    T9] dvb-usb: bulk message failed: -22 (3/0)
[ 1549.935501][T16442] dvb-usb: bulk message failed: -22 (2/0)
[ 1549.950387][    T9] dvb-usb: will use the device's hardware PID filter (table count: 32).
[ 1549.957906][T16442] dvb-usb: error while querying for an remote control event.
[ 1549.966339][T17410] dvb-usb: bulk message failed: -22 (2/0)
[ 1549.972123][T17410] dvb-usb: error while querying for an remote control event.
[ 1549.983411][    T9] dvbdev: DVB: registering new adapter (Hauppauge WinTV-NOVA-T usb2)
[ 1550.250336][ T5914] dvb-usb: bulk message failed: -22 (2/0)
[ 1550.258009][ T5914] dvb-usb: error while querying for an remote control event.
[ 1550.267243][T16442] dvb-usb: bulk message failed: -22 (2/0)
[ 1550.526094][T16442] dvb-usb: error while querying for an remote control event.
[ 1550.644759][T17802] usb 2-1: USB disconnect, device number 105
[ 1550.688429][T20148] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1550.703592][    T9] usb 6-1: media controller created
[ 1550.708922][    T9] dvb-usb: bulk message failed: -22 (5/0)
[ 1550.726979][    T9] dvb-usb: MAC address reading failed.
[ 1550.732783][T20148] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1550.759291][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1550.782328][T16442] dvb-usb: bulk message failed: -22 (2/0)
[ 1550.791331][T16442] dvb-usb: error while querying for an remote control event.
[ 1550.799742][    T9] dvb-usb: bulk message failed: -22 (6/0)
[ 1550.810557][T17802] dvb-usb: Hauppauge WinTV-NOVA-T usb2 successfully deinitialized and disconnected.
[ 1550.842803][    T9] dvb-usb: bulk message failed: -22 (6/0)
[ 1550.848703][    T9] dvb-usb: no frontend was attached by 'Hauppauge WinTV-NOVA-T usb2'
[ 1550.932343][T16442] dvb-usb: bulk message failed: -22 (2/0)
[ 1551.013846][T16442] dvb-usb: error while querying for an remote control event.
[ 1551.233327][T16442] dvb-usb: bulk message failed: -22 (2/0)
[ 1551.317985][T16442] dvb-usb: error while querying for an remote control event.
[ 1551.454454][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input69
[ 1551.495447][T20163] No control pipe specified
[ 1551.563479][    T9] dvb-usb: schedule remote query interval to 100 msecs.
[ 1551.570669][    T9] dvb-usb: Hauppauge WinTV-NOVA-T usb2 successfully initialized and connected.
[ 1551.580464][T17803] usb 3-1: new high-speed USB device number 106 using dummy_hcd
[ 1551.592609][T16442] dvb-usb: bulk message failed: -22 (2/0)
[ 1551.602373][T16442] dvb-usb: error while querying for an remote control event.
[ 1551.683253][T17805] dvb-usb: bulk message failed: -22 (2/0)
[ 1551.689069][T17805] dvb-usb: error while querying for an remote control event.
[ 1551.732546][T17410] dvb-usb: bulk message failed: -22 (2/0)
[ 1551.744723][T17410] dvb-usb: error while querying for an remote control event.
[ 1551.883064][T17410] dvb-usb: bulk message failed: -22 (2/0)
[ 1551.903493][T17410] dvb-usb: error while querying for an remote control event.
[ 1551.935638][T17802] dvb-usb: bulk message failed: -22 (2/0)
[ 1551.942076][T17802] dvb-usb: error while querying for an remote control event.
[ 1551.962515][T17803] usb 3-1: Using ep0 maxpacket: 16
[ 1551.970190][T17803] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1551.981534][T17803] usb 3-1: New USB device found, idVendor=05ac, idProduct=0254, bcdDevice= 0.00
[ 1551.993790][T17803] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1552.153323][T17410] dvb-usb: bulk message failed: -22 (2/0)
[ 1552.187471][T17410] dvb-usb: error while querying for an remote control event.
[ 1552.417787][T17410] dvb-usb: bulk message failed: -22 (2/0)
[ 1552.499278][T17410] dvb-usb: error while querying for an remote control event.
[ 1552.503774][T17802] dvb-usb: bulk message failed: -22 (2/0)
[ 1552.521828][T17803] usb 3-1: config 0 descriptor??
[ 1552.527029][T17802] dvb-usb: error while querying for an remote control event.
[ 1552.547011][T20168] BUG: Bad page state in process syz.3.3797  pfn:39760
[ 1552.554178][T20168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888039760000 pfn:0x39760
[ 1552.564312][T20168] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1552.571453][T20168] raw: 00fff00000000000 dead000000000040 ffff888022698000 0000000000000000
[ 1552.575681][T17410] usb 6-1: USB disconnect, device number 114
[ 1552.580176][T20168] raw: ffff888039760000 0000000000000001 00000000ffffffff 0000000000000000
[ 1552.594839][T20168] page dumped because: page_pool leak
[ 1552.600221][T20168] page_owner tracks the page as allocated
[ 1552.605998][T20168] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 20168, tgid 20167 (syz.3.3797), ts 1552546847629, free_ts 1550756893419
[ 1552.623437][T20168]  post_alloc_hook+0x240/0x2a0
[ 1552.628243][T20168]  get_page_from_freelist+0x21d5/0x22b0
[ 1552.633872][T20168]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1552.639713][T20168]  alloc_pages_bulk_noprof+0x560/0x710
[ 1552.645272][T20168]  __page_pool_alloc_pages_slow+0x127/0x740
[ 1552.651203][T20168]  skb_pp_cow_data+0xb47/0x13e0
[ 1552.653074][T16442] dvb-usb: bulk message failed: -22 (2/0)
[ 1552.656094][T20168]  do_xdp_generic+0x699/0x11a0
[ 1552.662118][T16442] dvb-usb: error while querying for an remote control event.
[ 1552.666603][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1552.666633][T20168]  tun_chr_write_iter+0x113/0x200
[ 1552.666656][T20168]  vfs_write+0x54b/0xa90
[ 1552.666675][T20168]  ksys_write+0x145/0x250
[ 1552.666694][T20168]  do_syscall_64+0xfa/0x3b0
[ 1552.666712][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1552.666731][T20168] page last free pid 17802 tgid 17802 stack trace:
[ 1552.709331][T20168]  __free_frozen_pages+0xc65/0xe60
[ 1552.714504][T20168]  vfree+0x25a/0x400
[ 1552.718421][T20168]  dvb_dmxdev_release+0x4f3/0x640
[ 1552.723505][T20168]  dvb_usb_adapter_dvb_exit+0x9a/0x1b0
[ 1552.728988][T20168]  dvb_usb_adapter_exit+0x8b/0x240
[ 1552.734151][T20168]  dvb_usb_device_exit+0x1b6/0x350
[ 1552.739287][T20168]  usb_unbind_interface+0x26b/0x8f0
[ 1552.744544][T20168]  device_release_driver_internal+0x4d9/0x7c0
[ 1552.750632][T20168]  bus_remove_device+0x34d/0x410
[ 1552.755624][T20168]  device_del+0x511/0x8e0
[ 1552.759971][T20168]  usb_disable_device+0x3e9/0x8a0
[ 1552.765047][T20168]  usb_disconnect+0x330/0x910
[ 1552.769746][T20168]  hub_event+0x1cdb/0x4a00
[ 1552.774234][T20168]  process_scheduled_works+0xade/0x17b0
[ 1552.779801][T20168]  worker_thread+0x8a0/0xda0
[ 1552.784442][T20168]  kthread+0x70e/0x8a0
[ 1552.788540][T20168] Modules linked in:
[ 1552.792498][T20168] CPU: 0 UID: 0 PID: 20168 Comm: syz.3.3797 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1552.792523][T20168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1552.792534][T20168] Call Trace:
[ 1552.792543][T20168]  <TASK>
[ 1552.792552][T20168]  dump_stack_lvl+0x189/0x250
[ 1552.792584][T20168]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1552.792610][T20168]  ? __pfx_print_modules+0x10/0x10
[ 1552.792643][T20168]  bad_page+0x180/0x1c0
[ 1552.792664][T20168]  __free_frozen_pages+0xe06/0xe60
[ 1552.792696][T20168]  bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 1552.792739][T20168]  bpf_xdp_adjust_tail+0x1d6/0x220
[ 1552.792767][T20168]  bpf_prog_f476d5219b92964a+0x1e/0x24
[ 1552.792785][T20168]  bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 1552.792843][T20168]  do_xdp_generic+0x9f7/0x11a0
[ 1552.792880][T20168]  ? __pfx_do_xdp_generic+0x10/0x10
[ 1552.792916][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1552.792955][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1552.792983][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1552.793022][T20168]  ? psi_task_change+0xe5/0x250
[ 1552.793056][T20168]  ? __pfx_tun_get_user+0x10/0x10
[ 1552.793080][T20168]  ? preempt_schedule_common+0x83/0xd0
[ 1552.793106][T20168]  ? preempt_schedule+0xae/0xc0
[ 1552.793130][T20168]  ? __pfx_preempt_schedule+0x10/0x10
[ 1552.793156][T20168]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1552.793181][T20168]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1552.793218][T20168]  ? ref_tracker_alloc+0x318/0x460
[ 1552.793240][T20168]  ? __lock_acquire+0xab9/0xd20
[ 1552.793266][T20168]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1552.793296][T20168]  ? tun_get+0x1c/0x2f0
[ 1552.793328][T20168]  ? tun_get+0x1c/0x2f0
[ 1552.793352][T20168]  ? tun_get+0x1c/0x2f0
[ 1552.793383][T20168]  tun_chr_write_iter+0x113/0x200
[ 1552.793411][T20168]  vfs_write+0x54b/0xa90
[ 1552.793438][T20168]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1552.793465][T20168]  ? __pfx_vfs_write+0x10/0x10
[ 1552.793498][T20168]  ? __fget_files+0x2a/0x420
[ 1552.793531][T20168]  ksys_write+0x145/0x250
[ 1552.793555][T20168]  ? __pfx_ksys_write+0x10/0x10
[ 1552.793574][T20168]  ? rcu_is_watching+0x15/0xb0
[ 1552.793605][T20168]  ? do_syscall_64+0xbe/0x3b0
[ 1552.793627][T20168]  do_syscall_64+0xfa/0x3b0
[ 1552.793646][T20168]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1552.793663][T20168]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1552.793682][T20168]  ? clear_bhb_loop+0x60/0xb0
[ 1552.793706][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1552.793723][T20168] RIP: 0033:0x7f27a018d3df
[ 1552.793740][T20168] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1552.793757][T20168] RSP: 002b:00007f27a10a1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1552.793797][T20168] RAX: ffffffffffffffda RBX: 00007f27a03b5fa0 RCX: 00007f27a018d3df
[ 1552.793812][T20168] RDX: 0000000000011dc0 RSI: 0000200000002d40 RDI: 00000000000000c8
[ 1552.793826][T20168] RBP: 00007f27a0210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1552.793839][T20168] R10: 0000000000011dc0 R11: 0000000000000293 R12: 0000000000000000
[ 1552.793851][T20168] R13: 0000000000000000 R14: 00007f27a03b5fa0 R15: 00007ffd1d282248
[ 1552.793884][T20168]  </TASK>
[ 1552.793891][T20168] Disabling lock debugging due to kernel taint
[ 1552.812348][T16442] dvb-usb: bulk message failed: -22 (2/0)
[ 1552.816059][T20168] BUG: Bad page state in process syz.3.3797  pfn:73f51
[ 1552.816075][T20168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x73f51
[ 1552.824869][T16442] dvb-usb: error while querying for an remote control event.
[ 1552.826945][T20168] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1552.826974][T20168] raw: 00fff00000000000 dead000000000040 ffff888022698000 0000000000000000
[ 1552.943683][T16442] dvb-usb: bulk message failed: -22 (2/0)
[ 1552.945912][T20168] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 1552.945926][T20168] page dumped because: page_pool leak
[ 1552.954782][T16442] dvb-usb: error while querying for an remote control event.
[ 1552.958349][T20168] page_owner tracks the page as allocated
[ 1552.958358][T20168] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 20168, tgid 20167 (syz.3.3797), ts 1552546829694, free_ts 1550756911444
[ 1553.082480][T16442] dvb-usb: bulk message failed: -22 (2/0)
[ 1553.084204][T20168]  post_alloc_hook+0x240/0x2a0
[ 1553.094639][T16442] dvb-usb: error while querying for an remote control event.
[ 1553.100117][T20168]  get_page_from_freelist+0x21d5/0x22b0
[ 1553.212741][T16442] dvb-usb: bulk message failed: -22 (2/0)
[ 1553.215439][T20168]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1553.224660][T16442] dvb-usb: error while querying for an remote control event.
[ 1553.228327][T20168]  alloc_pages_bulk_noprof+0x560/0x710
[ 1553.252732][T20168]  __page_pool_alloc_pages_slow+0x127/0x740
[ 1553.252763][T20168]  skb_pp_cow_data+0xb47/0x13e0
[ 1553.252784][T20168]  do_xdp_generic+0x699/0x11a0
[ 1553.268276][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1553.272996][T20168]  tun_chr_write_iter+0x113/0x200
[ 1553.278030][T20168]  vfs_write+0x54b/0xa90
[ 1553.282301][T20168]  ksys_write+0x145/0x250
[ 1553.286365][T16442] usb 1-1: USB disconnect, device number 121
[ 1553.286815][T20168]  do_syscall_64+0xfa/0x3b0
[ 1553.297324][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1553.303264][T20168] page last free pid 17802 tgid 17802 stack trace:
[ 1553.309772][T20168]  __free_frozen_pages+0xc65/0xe60
[ 1553.314925][T20168]  vfree+0x25a/0x400
[ 1553.318836][T20168]  dvb_dmxdev_release+0x4f3/0x640
[ 1553.323900][T20168]  dvb_usb_adapter_dvb_exit+0x9a/0x1b0
[ 1553.329379][T20168]  dvb_usb_adapter_exit+0x8b/0x240
[ 1553.334526][T20168]  dvb_usb_device_exit+0x1b6/0x350
[ 1553.339651][T20168]  usb_unbind_interface+0x26b/0x8f0
[ 1553.344883][T20168]  device_release_driver_internal+0x4d9/0x7c0
[ 1553.350964][T20168]  bus_remove_device+0x34d/0x410
[ 1553.355942][T20168]  device_del+0x511/0x8e0
[ 1553.360259][T20168]  usb_disable_device+0x3e9/0x8a0
[ 1553.365295][T20168]  usb_disconnect+0x330/0x910
[ 1553.369972][T20168]  hub_event+0x1cdb/0x4a00
[ 1553.374437][T20168]  process_scheduled_works+0xade/0x17b0
[ 1553.380000][T20168]  worker_thread+0x8a0/0xda0
[ 1553.384630][T20168]  kthread+0x70e/0x8a0
[ 1553.388710][T20168] Modules linked in:
[ 1553.392651][T20168] CPU: 0 UID: 0 PID: 20168 Comm: syz.3.3797 Tainted: G    B               6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1553.392678][T20168] Tainted: [B]=BAD_PAGE
[ 1553.392684][T20168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1553.392695][T20168] Call Trace:
[ 1553.392702][T20168]  <TASK>
[ 1553.392710][T20168]  dump_stack_lvl+0x189/0x250
[ 1553.392739][T20168]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1553.392764][T20168]  ? __pfx_print_modules+0x10/0x10
[ 1553.392790][T20168]  bad_page+0x180/0x1c0
[ 1553.392810][T20168]  __free_frozen_pages+0xe06/0xe60
[ 1553.392837][T20168]  bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 1553.392870][T20168]  bpf_xdp_adjust_tail+0x1d6/0x220
[ 1553.392892][T20168]  bpf_prog_f476d5219b92964a+0x1e/0x24
[ 1553.392908][T20168]  bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 1553.392960][T20168]  do_xdp_generic+0x9f7/0x11a0
[ 1553.392989][T20168]  ? __pfx_do_xdp_generic+0x10/0x10
[ 1553.393018][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1553.393050][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1553.393075][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1553.393105][T20168]  ? psi_task_change+0xe5/0x250
[ 1553.393133][T20168]  ? __pfx_tun_get_user+0x10/0x10
[ 1553.393162][T20168]  ? preempt_schedule_common+0x83/0xd0
[ 1553.393186][T20168]  ? preempt_schedule+0xae/0xc0
[ 1553.393207][T20168]  ? __pfx_preempt_schedule+0x10/0x10
[ 1553.393230][T20168]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1553.393255][T20168]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1553.393280][T20168]  ? ref_tracker_alloc+0x318/0x460
[ 1553.393304][T20168]  ? __lock_acquire+0xab9/0xd20
[ 1553.393327][T20168]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1553.393351][T20168]  ? tun_get+0x1c/0x2f0
[ 1553.393378][T20168]  ? tun_get+0x1c/0x2f0
[ 1553.393400][T20168]  ? tun_get+0x1c/0x2f0
[ 1553.393426][T20168]  tun_chr_write_iter+0x113/0x200
[ 1553.393451][T20168]  vfs_write+0x54b/0xa90
[ 1553.393474][T20168]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1553.393498][T20168]  ? __pfx_vfs_write+0x10/0x10
[ 1553.393522][T20168]  ? __fget_files+0x2a/0x420
[ 1553.393548][T20168]  ksys_write+0x145/0x250
[ 1553.393569][T20168]  ? __pfx_ksys_write+0x10/0x10
[ 1553.393585][T20168]  ? rcu_is_watching+0x15/0xb0
[ 1553.393610][T20168]  ? do_syscall_64+0xbe/0x3b0
[ 1553.393626][T20168]  do_syscall_64+0xfa/0x3b0
[ 1553.393643][T20168]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1553.393659][T20168]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1553.393675][T20168]  ? clear_bhb_loop+0x60/0xb0
[ 1553.393695][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1553.393712][T20168] RIP: 0033:0x7f27a018d3df
[ 1553.393728][T20168] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1553.393761][T20168] RSP: 002b:00007f27a10a1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1553.393781][T20168] RAX: ffffffffffffffda RBX: 00007f27a03b5fa0 RCX: 00007f27a018d3df
[ 1553.393796][T20168] RDX: 0000000000011dc0 RSI: 0000200000002d40 RDI: 00000000000000c8
[ 1553.393809][T20168] RBP: 00007f27a0210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1553.393821][T20168] R10: 0000000000011dc0 R11: 0000000000000293 R12: 0000000000000000
[ 1553.393833][T20168] R13: 0000000000000000 R14: 00007f27a03b5fa0 R15: 00007ffd1d282248
[ 1553.393853][T20168]  </TASK>
[ 1553.393864][T20168] BUG: Bad page state in process syz.3.3797  pfn:31491
[ 1553.715307][T20168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x31491
[ 1553.725377][T20168] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1553.732511][T20168] raw: 00fff00000000000 dead000000000040 ffff888022698000 0000000000000000
[ 1553.741102][T20168] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 1553.749710][T20168] page dumped because: page_pool leak
[ 1553.755100][T20168] page_owner tracks the page as allocated
[ 1553.760800][T20168] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 20168, tgid 20167 (syz.3.3797), ts 1552546811603, free_ts 1550756930642
[ 1553.778177][T20168]  post_alloc_hook+0x240/0x2a0
[ 1553.782994][T20168]  get_page_from_freelist+0x21d5/0x22b0
[ 1553.788551][T20168]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1553.794386][T20168]  alloc_pages_bulk_noprof+0x560/0x710
[ 1553.799892][T20168]  __page_pool_alloc_pages_slow+0x127/0x740
[ 1553.805815][T20168]  skb_pp_cow_data+0xb47/0x13e0
[ 1553.810654][T20168]  do_xdp_generic+0x699/0x11a0
[ 1553.815445][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1553.820111][T20168]  tun_chr_write_iter+0x113/0x200
[ 1553.825169][T20168]  vfs_write+0x54b/0xa90
[ 1553.829404][T20168]  ksys_write+0x145/0x250
[ 1553.833754][T20168]  do_syscall_64+0xfa/0x3b0
[ 1553.838241][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1553.844175][T20168] page last free pid 17802 tgid 17802 stack trace:
[ 1553.850675][T20168]  __free_frozen_pages+0xc65/0xe60
[ 1553.855818][T20168]  vfree+0x25a/0x400
[ 1553.859704][T20168]  dvb_dmxdev_release+0x4f3/0x640
[ 1553.864734][T20168]  dvb_usb_adapter_dvb_exit+0x9a/0x1b0
[ 1553.870183][T20168]  dvb_usb_adapter_exit+0x8b/0x240
[ 1553.875302][T20168]  dvb_usb_device_exit+0x1b6/0x350
[ 1553.880411][T20168]  usb_unbind_interface+0x26b/0x8f0
[ 1553.885647][T20168]  device_release_driver_internal+0x4d9/0x7c0
[ 1553.891713][T20168]  bus_remove_device+0x34d/0x410
[ 1553.896669][T20168]  device_del+0x511/0x8e0
[ 1553.900986][T20168]  usb_disable_device+0x3e9/0x8a0
[ 1553.906019][T20168]  usb_disconnect+0x330/0x910
[ 1553.910683][T20168]  hub_event+0x1cdb/0x4a00
[ 1553.915108][T20168]  process_scheduled_works+0xade/0x17b0
[ 1553.920638][T20168]  worker_thread+0x8a0/0xda0
[ 1553.925259][T20168]  kthread+0x70e/0x8a0
[ 1553.929334][T20168] Modules linked in:
[ 1553.933249][T20168] CPU: 0 UID: 0 PID: 20168 Comm: syz.3.3797 Tainted: G    B               6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1553.933266][T20168] Tainted: [B]=BAD_PAGE
[ 1553.933270][T20168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1553.933277][T20168] Call Trace:
[ 1553.933282][T20168]  <TASK>
[ 1553.933288][T20168]  dump_stack_lvl+0x189/0x250
[ 1553.933308][T20168]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1553.933322][T20168]  ? __pfx_print_modules+0x10/0x10
[ 1553.933336][T20168]  bad_page+0x180/0x1c0
[ 1553.933347][T20168]  __free_frozen_pages+0xe06/0xe60
[ 1553.933362][T20168]  bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 1553.933381][T20168]  bpf_xdp_adjust_tail+0x1d6/0x220
[ 1553.933395][T20168]  bpf_prog_f476d5219b92964a+0x1e/0x24
[ 1553.933404][T20168]  bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 1553.933425][T20168]  do_xdp_generic+0x9f7/0x11a0
[ 1553.933442][T20168]  ? __pfx_do_xdp_generic+0x10/0x10
[ 1553.933458][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1553.933476][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1553.933490][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1553.933507][T20168]  ? psi_task_change+0xe5/0x250
[ 1553.933524][T20168]  ? __pfx_tun_get_user+0x10/0x10
[ 1553.933537][T20168]  ? preempt_schedule_common+0x83/0xd0
[ 1553.933552][T20168]  ? preempt_schedule+0xae/0xc0
[ 1553.933565][T20168]  ? __pfx_preempt_schedule+0x10/0x10
[ 1553.933578][T20168]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1553.933592][T20168]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1553.933606][T20168]  ? ref_tracker_alloc+0x318/0x460
[ 1553.933620][T20168]  ? __lock_acquire+0xab9/0xd20
[ 1553.933633][T20168]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1553.933647][T20168]  ? tun_get+0x1c/0x2f0
[ 1553.933662][T20168]  ? tun_get+0x1c/0x2f0
[ 1553.933676][T20168]  ? tun_get+0x1c/0x2f0
[ 1553.933690][T20168]  tun_chr_write_iter+0x113/0x200
[ 1553.933723][T20168]  vfs_write+0x54b/0xa90
[ 1553.933736][T20168]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1553.933751][T20168]  ? __pfx_vfs_write+0x10/0x10
[ 1553.933763][T20168]  ? __fget_files+0x2a/0x420
[ 1553.933779][T20168]  ksys_write+0x145/0x250
[ 1553.933791][T20168]  ? __pfx_ksys_write+0x10/0x10
[ 1553.933801][T20168]  ? rcu_is_watching+0x15/0xb0
[ 1553.933816][T20168]  ? do_syscall_64+0xbe/0x3b0
[ 1553.933826][T20168]  do_syscall_64+0xfa/0x3b0
[ 1553.933835][T20168]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1553.933845][T20168]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1553.933860][T20168]  ? clear_bhb_loop+0x60/0xb0
[ 1553.933871][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1553.933882][T20168] RIP: 0033:0x7f27a018d3df
[ 1553.933892][T20168] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1553.933902][T20168] RSP: 002b:00007f27a10a1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1553.933913][T20168] RAX: ffffffffffffffda RBX: 00007f27a03b5fa0 RCX: 00007f27a018d3df
[ 1553.933921][T20168] RDX: 0000000000011dc0 RSI: 0000200000002d40 RDI: 00000000000000c8
[ 1553.933929][T20168] RBP: 00007f27a0210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1553.933935][T20168] R10: 0000000000011dc0 R11: 0000000000000293 R12: 0000000000000000
[ 1553.933942][T20168] R13: 0000000000000000 R14: 00007f27a03b5fa0 R15: 00007ffd1d282248
[ 1553.933952][T20168]  </TASK>
[ 1553.933960][T20168] BUG: Bad page state in process syz.3.3797  pfn:64c6e
[ 1554.255174][T20168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888064c6e000 pfn:0x64c6e
[ 1554.265523][T20168] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1554.272669][T20168] raw: 00fff00000000000 dead000000000040 ffff888022698000 0000000000000000
[ 1554.281259][T20168] raw: ffff888064c6e000 0000000000000001 00000000ffffffff 0000000000000000
[ 1554.289860][T20168] page dumped because: page_pool leak
[ 1554.295238][T20168] page_owner tracks the page as allocated
[ 1554.300937][T20168] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 20168, tgid 20167 (syz.3.3797), ts 1552546793683, free_ts 1550756948674
[ 1554.318313][T20168]  post_alloc_hook+0x240/0x2a0
[ 1554.323122][T20168]  get_page_from_freelist+0x21d5/0x22b0
[ 1554.328683][T20168]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1554.334497][T20168]  alloc_pages_bulk_noprof+0x560/0x710
[ 1554.339947][T20168]  __page_pool_alloc_pages_slow+0x127/0x740
[ 1554.345885][T20168]  skb_pp_cow_data+0xb47/0x13e0
[ 1554.350723][T20168]  do_xdp_generic+0x699/0x11a0
[ 1554.355498][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1554.360166][T20168]  tun_chr_write_iter+0x113/0x200
[ 1554.365210][T20168]  vfs_write+0x54b/0xa90
[ 1554.369445][T20168]  ksys_write+0x145/0x250
[ 1554.373786][T20168]  do_syscall_64+0xfa/0x3b0
[ 1554.378272][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1554.384189][T20168] page last free pid 17802 tgid 17802 stack trace:
[ 1554.390686][T20168]  __free_frozen_pages+0xc65/0xe60
[ 1554.395830][T20168]  vfree+0x25a/0x400
[ 1554.399852][T20168]  dvb_dmxdev_release+0x4f3/0x640
[ 1554.404892][T20168]  dvb_usb_adapter_dvb_exit+0x9a/0x1b0
[ 1554.410352][T20168]  dvb_usb_adapter_exit+0x8b/0x240
[ 1554.415487][T20168]  dvb_usb_device_exit+0x1b6/0x350
[ 1554.420605][T20168]  usb_unbind_interface+0x26b/0x8f0
[ 1554.425832][T20168]  device_release_driver_internal+0x4d9/0x7c0
[ 1554.431901][T20168]  bus_remove_device+0x34d/0x410
[ 1554.436851][T20168]  device_del+0x511/0x8e0
[ 1554.441174][T20168]  usb_disable_device+0x3e9/0x8a0
[ 1554.446219][T20168]  usb_disconnect+0x330/0x910
[ 1554.450889][T20168]  hub_event+0x1cdb/0x4a00
[ 1554.455316][T20168]  process_scheduled_works+0xade/0x17b0
[ 1554.460863][T20168]  worker_thread+0x8a0/0xda0
[ 1554.465460][T20168]  kthread+0x70e/0x8a0
[ 1554.469516][T20168] Modules linked in:
[ 1554.473418][T20168] CPU: 0 UID: 0 PID: 20168 Comm: syz.3.3797 Tainted: G    B               6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1554.473436][T20168] Tainted: [B]=BAD_PAGE
[ 1554.473440][T20168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1554.473447][T20168] Call Trace:
[ 1554.473452][T20168]  <TASK>
[ 1554.473462][T20168]  dump_stack_lvl+0x189/0x250
[ 1554.473481][T20168]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1554.473495][T20168]  ? __pfx_print_modules+0x10/0x10
[ 1554.473509][T20168]  bad_page+0x180/0x1c0
[ 1554.473520][T20168]  __free_frozen_pages+0xe06/0xe60
[ 1554.473535][T20168]  bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 1554.473555][T20168]  bpf_xdp_adjust_tail+0x1d6/0x220
[ 1554.473568][T20168]  bpf_prog_f476d5219b92964a+0x1e/0x24
[ 1554.473577][T20168]  bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 1554.473599][T20168]  do_xdp_generic+0x9f7/0x11a0
[ 1554.473615][T20168]  ? __pfx_do_xdp_generic+0x10/0x10
[ 1554.473631][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1554.473650][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1554.473683][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1554.473700][T20168]  ? psi_task_change+0xe5/0x250
[ 1554.473717][T20168]  ? __pfx_tun_get_user+0x10/0x10
[ 1554.473730][T20168]  ? preempt_schedule_common+0x83/0xd0
[ 1554.473745][T20168]  ? preempt_schedule+0xae/0xc0
[ 1554.473758][T20168]  ? __pfx_preempt_schedule+0x10/0x10
[ 1554.473772][T20168]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1554.473786][T20168]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1554.473800][T20168]  ? ref_tracker_alloc+0x318/0x460
[ 1554.473814][T20168]  ? __lock_acquire+0xab9/0xd20
[ 1554.473827][T20168]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1554.473841][T20168]  ? tun_get+0x1c/0x2f0
[ 1554.473861][T20168]  ? tun_get+0x1c/0x2f0
[ 1554.473874][T20168]  ? tun_get+0x1c/0x2f0
[ 1554.473888][T20168]  tun_chr_write_iter+0x113/0x200
[ 1554.473903][T20168]  vfs_write+0x54b/0xa90
[ 1554.473916][T20168]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1554.473930][T20168]  ? __pfx_vfs_write+0x10/0x10
[ 1554.473943][T20168]  ? __fget_files+0x2a/0x420
[ 1554.473959][T20168]  ksys_write+0x145/0x250
[ 1554.473975][T20168]  ? __pfx_ksys_write+0x10/0x10
[ 1554.473991][T20168]  ? rcu_is_watching+0x15/0xb0
[ 1554.474017][T20168]  ? do_syscall_64+0xbe/0x3b0
[ 1554.474039][T20168]  do_syscall_64+0xfa/0x3b0
[ 1554.474055][T20168]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1554.474065][T20168]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1554.474075][T20168]  ? clear_bhb_loop+0x60/0xb0
[ 1554.474087][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1554.474097][T20168] RIP: 0033:0x7f27a018d3df
[ 1554.474109][T20168] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1554.474118][T20168] RSP: 002b:00007f27a10a1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1554.474130][T20168] RAX: ffffffffffffffda RBX: 00007f27a03b5fa0 RCX: 00007f27a018d3df
[ 1554.474138][T20168] RDX: 0000000000011dc0 RSI: 0000200000002d40 RDI: 00000000000000c8
[ 1554.474145][T20168] RBP: 00007f27a0210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1554.474152][T20168] R10: 0000000000011dc0 R11: 0000000000000293 R12: 0000000000000000
[ 1554.474163][T20168] R13: 0000000000000000 R14: 00007f27a03b5fa0 R15: 00007ffd1d282248
[ 1554.474174][T20168]  </TASK>
[ 1554.474182][T20168] BUG: Bad page state in process syz.3.3797  pfn:6551a
[ 1554.795927][T20168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x6551a
[ 1554.806026][T20168] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1554.813169][T20168] raw: 00fff00000000000 dead000000000040 ffff888022698000 0000000000000000
[ 1554.821746][T20168] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 1554.830339][T20168] page dumped because: page_pool leak
[ 1554.835714][T20168] page_owner tracks the page as allocated
[ 1554.841424][T20168] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 20168, tgid 20167 (syz.3.3797), ts 1552546776234, free_ts 1550756967172
[ 1554.858814][T20168]  post_alloc_hook+0x240/0x2a0
[ 1554.863603][T20168]  get_page_from_freelist+0x21d5/0x22b0
[ 1554.869175][T20168]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1554.875036][T20168]  alloc_pages_bulk_noprof+0x560/0x710
[ 1554.880509][T20168]  __page_pool_alloc_pages_slow+0x127/0x740
[ 1554.886445][T20168]  skb_pp_cow_data+0xb47/0x13e0
[ 1554.891283][T20168]  do_xdp_generic+0x699/0x11a0
[ 1554.896058][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1554.900730][T20168]  tun_chr_write_iter+0x113/0x200
[ 1554.905775][T20168]  vfs_write+0x54b/0xa90
[ 1554.910006][T20168]  ksys_write+0x145/0x250
[ 1554.914342][T20168]  do_syscall_64+0xfa/0x3b0
[ 1554.918836][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1554.924738][T20168] page last free pid 17802 tgid 17802 stack trace:
[ 1554.931227][T20168]  __free_frozen_pages+0xc65/0xe60
[ 1554.936348][T20168]  vfree+0x25a/0x400
[ 1554.940231][T20168]  dvb_dmxdev_release+0x4f3/0x640
[ 1554.945259][T20168]  dvb_usb_adapter_dvb_exit+0x9a/0x1b0
[ 1554.950708][T20168]  dvb_usb_adapter_exit+0x8b/0x240
[ 1554.955824][T20168]  dvb_usb_device_exit+0x1b6/0x350
[ 1554.960949][T20168]  usb_unbind_interface+0x26b/0x8f0
[ 1554.966169][T20168]  device_release_driver_internal+0x4d9/0x7c0
[ 1554.972264][T20168]  bus_remove_device+0x34d/0x410
[ 1554.977204][T20168]  device_del+0x511/0x8e0
[ 1554.981522][T20168]  usb_disable_device+0x3e9/0x8a0
[ 1554.986574][T20168]  usb_disconnect+0x330/0x910
[ 1554.991242][T20168]  hub_event+0x1cdb/0x4a00
[ 1554.995688][T20168]  process_scheduled_works+0xade/0x17b0
[ 1555.001260][T20168]  worker_thread+0x8a0/0xda0
[ 1555.005871][T20168]  kthread+0x70e/0x8a0
[ 1555.009939][T20168] Modules linked in:
[ 1555.013839][T20168] CPU: 0 UID: 0 PID: 20168 Comm: syz.3.3797 Tainted: G    B               6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1555.013857][T20168] Tainted: [B]=BAD_PAGE
[ 1555.013861][T20168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1555.013871][T20168] Call Trace:
[ 1555.013881][T20168]  <TASK>
[ 1555.013890][T20168]  dump_stack_lvl+0x189/0x250
[ 1555.013919][T20168]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1555.013943][T20168]  ? __pfx_print_modules+0x10/0x10
[ 1555.013968][T20168]  bad_page+0x180/0x1c0
[ 1555.013980][T20168]  __free_frozen_pages+0xe06/0xe60
[ 1555.013995][T20168]  bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 1555.014014][T20168]  bpf_xdp_adjust_tail+0x1d6/0x220
[ 1555.014026][T20168]  bpf_prog_f476d5219b92964a+0x1e/0x24
[ 1555.014037][T20168]  bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 1555.014059][T20168]  do_xdp_generic+0x9f7/0x11a0
[ 1555.014076][T20168]  ? __pfx_do_xdp_generic+0x10/0x10
[ 1555.014092][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1555.014110][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1555.014125][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1555.014142][T20168]  ? psi_task_change+0xe5/0x250
[ 1555.014158][T20168]  ? __pfx_tun_get_user+0x10/0x10
[ 1555.014171][T20168]  ? preempt_schedule_common+0x83/0xd0
[ 1555.014186][T20168]  ? preempt_schedule+0xae/0xc0
[ 1555.014199][T20168]  ? __pfx_preempt_schedule+0x10/0x10
[ 1555.014213][T20168]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1555.014226][T20168]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1555.014240][T20168]  ? ref_tracker_alloc+0x318/0x460
[ 1555.014254][T20168]  ? __lock_acquire+0xab9/0xd20
[ 1555.014267][T20168]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1555.014282][T20168]  ? tun_get+0x1c/0x2f0
[ 1555.014296][T20168]  ? tun_get+0x1c/0x2f0
[ 1555.014310][T20168]  ? tun_get+0x1c/0x2f0
[ 1555.014324][T20168]  tun_chr_write_iter+0x113/0x200
[ 1555.014338][T20168]  vfs_write+0x54b/0xa90
[ 1555.014351][T20168]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1555.014365][T20168]  ? __pfx_vfs_write+0x10/0x10
[ 1555.014378][T20168]  ? __fget_files+0x2a/0x420
[ 1555.014394][T20168]  ksys_write+0x145/0x250
[ 1555.014406][T20168]  ? __pfx_ksys_write+0x10/0x10
[ 1555.014416][T20168]  ? rcu_is_watching+0x15/0xb0
[ 1555.014431][T20168]  ? do_syscall_64+0xbe/0x3b0
[ 1555.014441][T20168]  do_syscall_64+0xfa/0x3b0
[ 1555.014451][T20168]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1555.014461][T20168]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1555.014471][T20168]  ? clear_bhb_loop+0x60/0xb0
[ 1555.014482][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1555.014492][T20168] RIP: 0033:0x7f27a018d3df
[ 1555.014502][T20168] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1555.014512][T20168] RSP: 002b:00007f27a10a1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1555.014523][T20168] RAX: ffffffffffffffda RBX: 00007f27a03b5fa0 RCX: 00007f27a018d3df
[ 1555.014531][T20168] RDX: 0000000000011dc0 RSI: 0000200000002d40 RDI: 00000000000000c8
[ 1555.014538][T20168] RBP: 00007f27a0210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1555.014545][T20168] R10: 0000000000011dc0 R11: 0000000000000293 R12: 0000000000000000
[ 1555.014552][T20168] R13: 0000000000000000 R14: 00007f27a03b5fa0 R15: 00007ffd1d282248
[ 1555.014562][T20168]  </TASK>
[ 1555.014570][T20168] BUG: Bad page state in process syz.3.3797  pfn:76dd8
[ 1555.336148][T20168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888076dd8300 pfn:0x76dd8
[ 1555.346228][T20168] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1555.353350][T20168] raw: 00fff00000000000 dead000000000040 ffff888022698000 0000000000000000
[ 1555.361943][T20168] raw: ffff888076dd8300 0000000000000001 00000000ffffffff 0000000000000000
[ 1555.370541][T20168] page dumped because: page_pool leak
[ 1555.375929][T20168] page_owner tracks the page as allocated
[ 1555.381633][T20168] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 20168, tgid 20167 (syz.3.3797), ts 1552546758412, free_ts 1551657466905
[ 1555.399034][T20168]  post_alloc_hook+0x240/0x2a0
[ 1555.403838][T20168]  get_page_from_freelist+0x21d5/0x22b0
[ 1555.409436][T20168]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1555.415256][T20168]  alloc_pages_bulk_noprof+0x560/0x710
[ 1555.420710][T20168]  __page_pool_alloc_pages_slow+0x127/0x740
[ 1555.426708][T20168]  skb_pp_cow_data+0xb47/0x13e0
[ 1555.431548][T20168]  do_xdp_generic+0x699/0x11a0
[ 1555.436320][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1555.440987][T20168]  tun_chr_write_iter+0x113/0x200
[ 1555.446021][T20168]  vfs_write+0x54b/0xa90
[ 1555.450250][T20168]  ksys_write+0x145/0x250
[ 1555.454588][T20168]  do_syscall_64+0xfa/0x3b0
[ 1555.459076][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1555.464978][T20168] page last free pid 20161 tgid 20158 stack trace:
[ 1555.471460][T20168]  __free_frozen_pages+0xc65/0xe60
[ 1555.476585][T20168]  tlb_finish_mmu+0x112/0x1d0
[ 1555.481354][T20168]  exit_mmap+0x44c/0xb50
[ 1555.485618][T20168]  __mmput+0x118/0x420
[ 1555.489680][T20168]  exit_mm+0x1da/0x2c0
[ 1555.493769][T20168]  do_exit+0x640/0x22e0
[ 1555.497914][T20168]  do_group_exit+0x21c/0x2d0
[ 1555.502520][T20168]  get_signal+0x125e/0x1310
[ 1555.507030][T20168]  arch_do_signal_or_restart+0x9a/0x750
[ 1555.512581][T20168]  exit_to_user_mode_loop+0x75/0x110
[ 1555.517854][T20168]  do_syscall_64+0x2bd/0x3b0
[ 1555.522460][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1555.528357][T20168] Modules linked in:
[ 1555.532277][T20168] CPU: 0 UID: 0 PID: 20168 Comm: syz.3.3797 Tainted: G    B               6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1555.532303][T20168] Tainted: [B]=BAD_PAGE
[ 1555.532308][T20168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1555.532314][T20168] Call Trace:
[ 1555.532320][T20168]  <TASK>
[ 1555.532326][T20168]  dump_stack_lvl+0x189/0x250
[ 1555.532346][T20168]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1555.532361][T20168]  ? __pfx_print_modules+0x10/0x10
[ 1555.532374][T20168]  bad_page+0x180/0x1c0
[ 1555.532386][T20168]  __free_frozen_pages+0xe06/0xe60
[ 1555.532401][T20168]  bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 1555.532421][T20168]  bpf_xdp_adjust_tail+0x1d6/0x220
[ 1555.532434][T20168]  bpf_prog_f476d5219b92964a+0x1e/0x24
[ 1555.532444][T20168]  bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 1555.532465][T20168]  do_xdp_generic+0x9f7/0x11a0
[ 1555.532482][T20168]  ? __pfx_do_xdp_generic+0x10/0x10
[ 1555.532498][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1555.532520][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1555.532544][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1555.532574][T20168]  ? psi_task_change+0xe5/0x250
[ 1555.532594][T20168]  ? __pfx_tun_get_user+0x10/0x10
[ 1555.532608][T20168]  ? preempt_schedule_common+0x83/0xd0
[ 1555.532623][T20168]  ? preempt_schedule+0xae/0xc0
[ 1555.532636][T20168]  ? __pfx_preempt_schedule+0x10/0x10
[ 1555.532650][T20168]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1555.532664][T20168]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1555.532678][T20168]  ? ref_tracker_alloc+0x318/0x460
[ 1555.532691][T20168]  ? __lock_acquire+0xab9/0xd20
[ 1555.532704][T20168]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1555.532717][T20168]  ? tun_get+0x1c/0x2f0
[ 1555.532746][T20168]  ? tun_get+0x1c/0x2f0
[ 1555.532759][T20168]  ? tun_get+0x1c/0x2f0
[ 1555.532774][T20168]  tun_chr_write_iter+0x113/0x200
[ 1555.532789][T20168]  vfs_write+0x54b/0xa90
[ 1555.532801][T20168]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1555.532815][T20168]  ? __pfx_vfs_write+0x10/0x10
[ 1555.532828][T20168]  ? __fget_files+0x2a/0x420
[ 1555.532844][T20168]  ksys_write+0x145/0x250
[ 1555.532855][T20168]  ? __pfx_ksys_write+0x10/0x10
[ 1555.532865][T20168]  ? rcu_is_watching+0x15/0xb0
[ 1555.532881][T20168]  ? do_syscall_64+0xbe/0x3b0
[ 1555.532891][T20168]  do_syscall_64+0xfa/0x3b0
[ 1555.532901][T20168]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1555.532911][T20168]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1555.532921][T20168]  ? clear_bhb_loop+0x60/0xb0
[ 1555.532932][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1555.532942][T20168] RIP: 0033:0x7f27a018d3df
[ 1555.532952][T20168] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1555.532962][T20168] RSP: 002b:00007f27a10a1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1555.532973][T20168] RAX: ffffffffffffffda RBX: 00007f27a03b5fa0 RCX: 00007f27a018d3df
[ 1555.532983][T20168] RDX: 0000000000011dc0 RSI: 0000200000002d40 RDI: 00000000000000c8
[ 1555.532990][T20168] RBP: 00007f27a0210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1555.532997][T20168] R10: 0000000000011dc0 R11: 0000000000000293 R12: 0000000000000000
[ 1555.533004][T20168] R13: 0000000000000000 R14: 00007f27a03b5fa0 R15: 00007ffd1d282248
[ 1555.533015][T20168]  </TASK>
[ 1555.533024][T20168] BUG: Bad page state in process syz.3.3797  pfn:53401
[ 1555.854367][T20168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x53401
[ 1555.864445][T20168] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1555.871549][T20168] raw: 00fff00000000000 dead000000000040 ffff888022698000 0000000000000000
[ 1555.880145][T20168] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 1555.888762][T20168] page dumped because: page_pool leak
[ 1555.894155][T20168] page_owner tracks the page as allocated
[ 1555.899853][T20168] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 20168, tgid 20167 (syz.3.3797), ts 1552546740281, free_ts 1551657485378
[ 1555.917235][T20168]  post_alloc_hook+0x240/0x2a0
[ 1555.922013][T20168]  get_page_from_freelist+0x21d5/0x22b0
[ 1555.927581][T20168]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1555.933425][T20168]  alloc_pages_bulk_noprof+0x560/0x710
[ 1555.938895][T20168]  __page_pool_alloc_pages_slow+0x127/0x740
[ 1555.944811][T20168]  skb_pp_cow_data+0xb47/0x13e0
[ 1555.949669][T20168]  do_xdp_generic+0x699/0x11a0
[ 1555.954461][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1555.959225][T20168]  tun_chr_write_iter+0x113/0x200
[ 1555.964280][T20168]  vfs_write+0x54b/0xa90
[ 1555.968517][T20168]  ksys_write+0x145/0x250
[ 1555.972858][T20168]  do_syscall_64+0xfa/0x3b0
[ 1555.977353][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1555.983268][T20168] page last free pid 20161 tgid 20158 stack trace:
[ 1555.989769][T20168]  __free_frozen_pages+0xc65/0xe60
[ 1555.994908][T20168]  tlb_finish_mmu+0x112/0x1d0
[ 1555.999593][T20168]  exit_mmap+0x44c/0xb50
[ 1556.003860][T20168]  __mmput+0x118/0x420
[ 1556.007937][T20168]  exit_mm+0x1da/0x2c0
[ 1556.011991][T20168]  do_exit+0x640/0x22e0
[ 1556.016163][T20168]  do_group_exit+0x21c/0x2d0
[ 1556.020742][T20168]  get_signal+0x125e/0x1310
[ 1556.025264][T20168]  arch_do_signal_or_restart+0x9a/0x750
[ 1556.030801][T20168]  exit_to_user_mode_loop+0x75/0x110
[ 1556.036099][T20168]  do_syscall_64+0x2bd/0x3b0
[ 1556.040676][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1556.046582][T20168] Modules linked in:
[ 1556.050468][T20168] CPU: 0 UID: 0 PID: 20168 Comm: syz.3.3797 Tainted: G    B               6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1556.050486][T20168] Tainted: [B]=BAD_PAGE
[ 1556.050490][T20168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1556.050497][T20168] Call Trace:
[ 1556.050503][T20168]  <TASK>
[ 1556.050509][T20168]  dump_stack_lvl+0x189/0x250
[ 1556.050529][T20168]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1556.050543][T20168]  ? __pfx_print_modules+0x10/0x10
[ 1556.050557][T20168]  bad_page+0x180/0x1c0
[ 1556.050569][T20168]  __free_frozen_pages+0xe06/0xe60
[ 1556.050584][T20168]  bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 1556.050603][T20168]  bpf_xdp_adjust_tail+0x1d6/0x220
[ 1556.050615][T20168]  bpf_prog_f476d5219b92964a+0x1e/0x24
[ 1556.050625][T20168]  bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 1556.050646][T20168]  do_xdp_generic+0x9f7/0x11a0
[ 1556.050663][T20168]  ? __pfx_do_xdp_generic+0x10/0x10
[ 1556.050679][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1556.050698][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1556.050712][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1556.050730][T20168]  ? psi_task_change+0xe5/0x250
[ 1556.050747][T20168]  ? __pfx_tun_get_user+0x10/0x10
[ 1556.050761][T20168]  ? preempt_schedule_common+0x83/0xd0
[ 1556.050785][T20168]  ? preempt_schedule+0xae/0xc0
[ 1556.050806][T20168]  ? __pfx_preempt_schedule+0x10/0x10
[ 1556.050830][T20168]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1556.050848][T20168]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1556.050862][T20168]  ? ref_tracker_alloc+0x318/0x460
[ 1556.050876][T20168]  ? __lock_acquire+0xab9/0xd20
[ 1556.050889][T20168]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1556.050903][T20168]  ? tun_get+0x1c/0x2f0
[ 1556.050917][T20168]  ? tun_get+0x1c/0x2f0
[ 1556.050930][T20168]  ? tun_get+0x1c/0x2f0
[ 1556.050945][T20168]  tun_chr_write_iter+0x113/0x200
[ 1556.050960][T20168]  vfs_write+0x54b/0xa90
[ 1556.050972][T20168]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1556.050986][T20168]  ? __pfx_vfs_write+0x10/0x10
[ 1556.050999][T20168]  ? __fget_files+0x2a/0x420
[ 1556.051020][T20168]  ksys_write+0x145/0x250
[ 1556.051032][T20168]  ? __pfx_ksys_write+0x10/0x10
[ 1556.051042][T20168]  ? rcu_is_watching+0x15/0xb0
[ 1556.051059][T20168]  ? do_syscall_64+0xbe/0x3b0
[ 1556.051068][T20168]  do_syscall_64+0xfa/0x3b0
[ 1556.051078][T20168]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1556.051088][T20168]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1556.051098][T20168]  ? clear_bhb_loop+0x60/0xb0
[ 1556.051109][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1556.051119][T20168] RIP: 0033:0x7f27a018d3df
[ 1556.051129][T20168] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1556.051138][T20168] RSP: 002b:00007f27a10a1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1556.051150][T20168] RAX: ffffffffffffffda RBX: 00007f27a03b5fa0 RCX: 00007f27a018d3df
[ 1556.051158][T20168] RDX: 0000000000011dc0 RSI: 0000200000002d40 RDI: 00000000000000c8
[ 1556.051165][T20168] RBP: 00007f27a0210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1556.051172][T20168] R10: 0000000000011dc0 R11: 0000000000000293 R12: 0000000000000000
[ 1556.051179][T20168] R13: 0000000000000000 R14: 00007f27a03b5fa0 R15: 00007ffd1d282248
[ 1556.051189][T20168]  </TASK>
[ 1556.051198][T20168] BUG: Bad page state in process syz.3.3797  pfn:28e17
[ 1556.372826][T20168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x28e17
[ 1556.382931][T20168] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1556.390051][T20168] raw: 00fff00000000000 dead000000000040 ffff888022698000 0000000000000000
[ 1556.398643][T20168] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 1556.407240][T20168] page dumped because: page_pool leak
[ 1556.412626][T20168] page_owner tracks the page as allocated
[ 1556.418322][T20168] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 20168, tgid 20167 (syz.3.3797), ts 1552546722545, free_ts 1551723132183
[ 1556.435871][T20168]  post_alloc_hook+0x240/0x2a0
[ 1556.440630][T20168]  get_page_from_freelist+0x21d5/0x22b0
[ 1556.446194][T20168]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1556.452079][T20168]  alloc_pages_bulk_noprof+0x560/0x710
[ 1556.457638][T20168]  __page_pool_alloc_pages_slow+0x127/0x740
[ 1556.463560][T20168]  skb_pp_cow_data+0xb47/0x13e0
[ 1556.468417][T20168]  do_xdp_generic+0x699/0x11a0
[ 1556.473203][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1556.477892][T20168]  tun_chr_write_iter+0x113/0x200
[ 1556.482944][T20168]  vfs_write+0x54b/0xa90
[ 1556.487189][T20168]  ksys_write+0x145/0x250
[ 1556.491505][T20168]  do_syscall_64+0xfa/0x3b0
[ 1556.496015][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1556.501894][T20168] page last free pid 15 tgid 15 stack trace:
[ 1556.507872][T20168]  __free_frozen_pages+0xc65/0xe60
[ 1556.512988][T20168]  __tlb_remove_table+0x2d2/0x3b0
[ 1556.518011][T20168]  tlb_remove_table_rcu+0x85/0x100
[ 1556.523146][T20168]  rcu_core+0xca8/0x1710
[ 1556.527450][T20168]  handle_softirqs+0x286/0x870
[ 1556.532236][T20168]  run_ksoftirqd+0x9b/0x100
[ 1556.536735][T20168]  smpboot_thread_fn+0x53f/0xa60
[ 1556.541667][T20168]  kthread+0x70e/0x8a0
[ 1556.545740][T20168]  ret_from_fork+0x3fc/0x770
[ 1556.550324][T20168]  ret_from_fork_asm+0x1a/0x30
[ 1556.555095][T20168] Modules linked in:
[ 1556.558982][T20168] CPU: 0 UID: 0 PID: 20168 Comm: syz.3.3797 Tainted: G    B               6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1556.558998][T20168] Tainted: [B]=BAD_PAGE
[ 1556.559002][T20168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1556.559009][T20168] Call Trace:
[ 1556.559015][T20168]  <TASK>
[ 1556.559022][T20168]  dump_stack_lvl+0x189/0x250
[ 1556.559040][T20168]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1556.559054][T20168]  ? __pfx_print_modules+0x10/0x10
[ 1556.559067][T20168]  bad_page+0x180/0x1c0
[ 1556.559079][T20168]  __free_frozen_pages+0xe06/0xe60
[ 1556.559094][T20168]  bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 1556.559113][T20168]  bpf_xdp_adjust_tail+0x1d6/0x220
[ 1556.559125][T20168]  bpf_prog_f476d5219b92964a+0x1e/0x24
[ 1556.559134][T20168]  bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 1556.559156][T20168]  do_xdp_generic+0x9f7/0x11a0
[ 1556.559172][T20168]  ? __pfx_do_xdp_generic+0x10/0x10
[ 1556.559188][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1556.559206][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1556.559220][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1556.559237][T20168]  ? psi_task_change+0xe5/0x250
[ 1556.559254][T20168]  ? __pfx_tun_get_user+0x10/0x10
[ 1556.559267][T20168]  ? preempt_schedule_common+0x83/0xd0
[ 1556.559284][T20168]  ? preempt_schedule+0xae/0xc0
[ 1556.559306][T20168]  ? __pfx_preempt_schedule+0x10/0x10
[ 1556.559329][T20168]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1556.559352][T20168]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1556.559367][T20168]  ? ref_tracker_alloc+0x318/0x460
[ 1556.559381][T20168]  ? __lock_acquire+0xab9/0xd20
[ 1556.559394][T20168]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1556.559408][T20168]  ? tun_get+0x1c/0x2f0
[ 1556.559423][T20168]  ? tun_get+0x1c/0x2f0
[ 1556.559436][T20168]  ? tun_get+0x1c/0x2f0
[ 1556.559451][T20168]  tun_chr_write_iter+0x113/0x200
[ 1556.559466][T20168]  vfs_write+0x54b/0xa90
[ 1556.559480][T20168]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1556.559494][T20168]  ? __pfx_vfs_write+0x10/0x10
[ 1556.559506][T20168]  ? __fget_files+0x2a/0x420
[ 1556.559521][T20168]  ksys_write+0x145/0x250
[ 1556.559533][T20168]  ? __pfx_ksys_write+0x10/0x10
[ 1556.559543][T20168]  ? rcu_is_watching+0x15/0xb0
[ 1556.559559][T20168]  ? do_syscall_64+0xbe/0x3b0
[ 1556.559569][T20168]  do_syscall_64+0xfa/0x3b0
[ 1556.559578][T20168]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1556.559588][T20168]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1556.559598][T20168]  ? clear_bhb_loop+0x60/0xb0
[ 1556.559609][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1556.559619][T20168] RIP: 0033:0x7f27a018d3df
[ 1556.559629][T20168] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1556.559639][T20168] RSP: 002b:00007f27a10a1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1556.559650][T20168] RAX: ffffffffffffffda RBX: 00007f27a03b5fa0 RCX: 00007f27a018d3df
[ 1556.559658][T20168] RDX: 0000000000011dc0 RSI: 0000200000002d40 RDI: 00000000000000c8
[ 1556.559665][T20168] RBP: 00007f27a0210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1556.559672][T20168] R10: 0000000000011dc0 R11: 0000000000000293 R12: 0000000000000000
[ 1556.559678][T20168] R13: 0000000000000000 R14: 00007f27a03b5fa0 R15: 00007ffd1d282248
[ 1556.559689][T20168]  </TASK>
[ 1556.559697][T20168] BUG: Bad page state in process syz.3.3797  pfn:788d9
[ 1556.881013][T20168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x788d9
[ 1556.891089][T20168] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1556.898330][T20168] raw: 00fff00000000000 dead000000000040 ffff888022698000 0000000000000000
[ 1556.906927][T20168] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 1556.915519][T20168] page dumped because: page_pool leak
[ 1556.920887][T20168] page_owner tracks the page as allocated
[ 1556.926606][T20168] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 20168, tgid 20167 (syz.3.3797), ts 1552546704327, free_ts 1551723161704
[ 1556.944004][T20168]  post_alloc_hook+0x240/0x2a0
[ 1556.948764][T20168]  get_page_from_freelist+0x21d5/0x22b0
[ 1556.954326][T20168]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1556.960125][T20168]  alloc_pages_bulk_noprof+0x560/0x710
[ 1556.965624][T20168]  __page_pool_alloc_pages_slow+0x127/0x740
[ 1556.971544][T20168]  skb_pp_cow_data+0xb47/0x13e0
[ 1556.976403][T20168]  do_xdp_generic+0x699/0x11a0
[ 1556.981164][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1556.985863][T20168]  tun_chr_write_iter+0x113/0x200
[ 1556.990909][T20168]  vfs_write+0x54b/0xa90
[ 1556.995174][T20168]  ksys_write+0x145/0x250
[ 1556.999493][T20168]  do_syscall_64+0xfa/0x3b0
[ 1557.004020][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1557.009917][T20168] page last free pid 15 tgid 15 stack trace:
[ 1557.015904][T20168]  __free_frozen_pages+0xc65/0xe60
[ 1557.021008][T20168]  __tlb_remove_table+0x2d2/0x3b0
[ 1557.026068][T20168]  tlb_remove_table_rcu+0x85/0x100
[ 1557.031189][T20168]  rcu_core+0xca8/0x1710
[ 1557.035447][T20168]  handle_softirqs+0x286/0x870
[ 1557.040289][T20168]  run_ksoftirqd+0x9b/0x100
[ 1557.044800][T20168]  smpboot_thread_fn+0x53f/0xa60
[ 1557.049730][T20168]  kthread+0x70e/0x8a0
[ 1557.053803][T20168]  ret_from_fork+0x3fc/0x770
[ 1557.058381][T20168]  ret_from_fork_asm+0x1a/0x30
[ 1557.063169][T20168] Modules linked in:
[ 1557.067068][T20168] CPU: 0 UID: 0 PID: 20168 Comm: syz.3.3797 Tainted: G    B               6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1557.067085][T20168] Tainted: [B]=BAD_PAGE
[ 1557.067089][T20168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1557.067096][T20168] Call Trace:
[ 1557.067101][T20168]  <TASK>
[ 1557.067108][T20168]  dump_stack_lvl+0x189/0x250
[ 1557.067127][T20168]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1557.067142][T20168]  ? __pfx_print_modules+0x10/0x10
[ 1557.067156][T20168]  bad_page+0x180/0x1c0
[ 1557.067168][T20168]  __free_frozen_pages+0xe06/0xe60
[ 1557.067193][T20168]  bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 1557.067225][T20168]  bpf_xdp_adjust_tail+0x1d6/0x220
[ 1557.067246][T20168]  bpf_prog_f476d5219b92964a+0x1e/0x24
[ 1557.067256][T20168]  bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 1557.067277][T20168]  do_xdp_generic+0x9f7/0x11a0
[ 1557.067294][T20168]  ? __pfx_do_xdp_generic+0x10/0x10
[ 1557.067310][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1557.067328][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1557.067343][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1557.067360][T20168]  ? psi_task_change+0xe5/0x250
[ 1557.067377][T20168]  ? __pfx_tun_get_user+0x10/0x10
[ 1557.067390][T20168]  ? preempt_schedule_common+0x83/0xd0
[ 1557.067406][T20168]  ? preempt_schedule+0xae/0xc0
[ 1557.067420][T20168]  ? __pfx_preempt_schedule+0x10/0x10
[ 1557.067436][T20168]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1557.067451][T20168]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1557.067466][T20168]  ? ref_tracker_alloc+0x318/0x460
[ 1557.067479][T20168]  ? __lock_acquire+0xab9/0xd20
[ 1557.067492][T20168]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1557.067507][T20168]  ? tun_get+0x1c/0x2f0
[ 1557.067522][T20168]  ? tun_get+0x1c/0x2f0
[ 1557.067535][T20168]  ? tun_get+0x1c/0x2f0
[ 1557.067549][T20168]  tun_chr_write_iter+0x113/0x200
[ 1557.067563][T20168]  vfs_write+0x54b/0xa90
[ 1557.067576][T20168]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1557.067591][T20168]  ? __pfx_vfs_write+0x10/0x10
[ 1557.067603][T20168]  ? __fget_files+0x2a/0x420
[ 1557.067618][T20168]  ksys_write+0x145/0x250
[ 1557.067630][T20168]  ? __pfx_ksys_write+0x10/0x10
[ 1557.067640][T20168]  ? rcu_is_watching+0x15/0xb0
[ 1557.067656][T20168]  ? do_syscall_64+0xbe/0x3b0
[ 1557.067666][T20168]  do_syscall_64+0xfa/0x3b0
[ 1557.067676][T20168]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1557.067686][T20168]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1557.067696][T20168]  ? clear_bhb_loop+0x60/0xb0
[ 1557.067706][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1557.067721][T20168] RIP: 0033:0x7f27a018d3df
[ 1557.067732][T20168] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1557.067741][T20168] RSP: 002b:00007f27a10a1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1557.067753][T20168] RAX: ffffffffffffffda RBX: 00007f27a03b5fa0 RCX: 00007f27a018d3df
[ 1557.067761][T20168] RDX: 0000000000011dc0 RSI: 0000200000002d40 RDI: 00000000000000c8
[ 1557.067768][T20168] RBP: 00007f27a0210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1557.067775][T20168] R10: 0000000000011dc0 R11: 0000000000000293 R12: 0000000000000000
[ 1557.067781][T20168] R13: 0000000000000000 R14: 00007f27a03b5fa0 R15: 00007ffd1d282248
[ 1557.067792][T20168]  </TASK>
[ 1557.067799][T20168] BUG: Bad page state in process syz.3.3797  pfn:3ac12
[ 1557.389184][T20168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x3ac12
[ 1557.399263][T20168] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1557.406397][T20168] raw: 00fff00000000000 dead000000000040 ffff888022698000 0000000000000000
[ 1557.415002][T20168] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 1557.423608][T20168] page dumped because: page_pool leak
[ 1557.428973][T20168] page_owner tracks the page as allocated
[ 1557.434689][T20168] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 20168, tgid 20167 (syz.3.3797), ts 1552546686646, free_ts 1551723188723
[ 1557.452067][T20168]  post_alloc_hook+0x240/0x2a0
[ 1557.456844][T20168]  get_page_from_freelist+0x21d5/0x22b0
[ 1557.462412][T20168]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1557.468233][T20168]  alloc_pages_bulk_noprof+0x560/0x710
[ 1557.473730][T20168]  __page_pool_alloc_pages_slow+0x127/0x740
[ 1557.479613][T20168]  skb_pp_cow_data+0xb47/0x13e0
[ 1557.484474][T20168]  do_xdp_generic+0x699/0x11a0
[ 1557.489232][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1557.493923][T20168]  tun_chr_write_iter+0x113/0x200
[ 1557.499028][T20168]  vfs_write+0x54b/0xa90
[ 1557.503295][T20168]  ksys_write+0x145/0x250
[ 1557.507805][T20168]  do_syscall_64+0xfa/0x3b0
[ 1557.512313][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1557.518193][T20168] page last free pid 15 tgid 15 stack trace:
[ 1557.524174][T20168]  __free_frozen_pages+0xc65/0xe60
[ 1557.529283][T20168]  __tlb_remove_table+0x2d2/0x3b0
[ 1557.534329][T20168]  tlb_remove_table_rcu+0x85/0x100
[ 1557.539434][T20168]  rcu_core+0xca8/0x1710
[ 1557.543713][T20168]  handle_softirqs+0x286/0x870
[ 1557.548487][T20168]  run_ksoftirqd+0x9b/0x100
[ 1557.553016][T20168]  smpboot_thread_fn+0x53f/0xa60
[ 1557.557947][T20168]  kthread+0x70e/0x8a0
[ 1557.562004][T20168]  ret_from_fork+0x3fc/0x770
[ 1557.566628][T20168]  ret_from_fork_asm+0x1a/0x30
[ 1557.571386][T20168] Modules linked in:
[ 1557.575294][T20168] CPU: 0 UID: 0 PID: 20168 Comm: syz.3.3797 Tainted: G    B               6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1557.575312][T20168] Tainted: [B]=BAD_PAGE
[ 1557.575316][T20168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1557.575323][T20168] Call Trace:
[ 1557.575328][T20168]  <TASK>
[ 1557.575334][T20168]  dump_stack_lvl+0x189/0x250
[ 1557.575353][T20168]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1557.575367][T20168]  ? __pfx_print_modules+0x10/0x10
[ 1557.575381][T20168]  bad_page+0x180/0x1c0
[ 1557.575392][T20168]  __free_frozen_pages+0xe06/0xe60
[ 1557.575407][T20168]  bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 1557.575426][T20168]  bpf_xdp_adjust_tail+0x1d6/0x220
[ 1557.575439][T20168]  bpf_prog_f476d5219b92964a+0x1e/0x24
[ 1557.575449][T20168]  bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 1557.575470][T20168]  do_xdp_generic+0x9f7/0x11a0
[ 1557.575486][T20168]  ? __pfx_do_xdp_generic+0x10/0x10
[ 1557.575503][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1557.575521][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1557.575541][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1557.575570][T20168]  ? psi_task_change+0xe5/0x250
[ 1557.575598][T20168]  ? __pfx_tun_get_user+0x10/0x10
[ 1557.575626][T20168]  ? preempt_schedule_common+0x83/0xd0
[ 1557.575641][T20168]  ? preempt_schedule+0xae/0xc0
[ 1557.575654][T20168]  ? __pfx_preempt_schedule+0x10/0x10
[ 1557.575667][T20168]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1557.575681][T20168]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1557.575696][T20168]  ? ref_tracker_alloc+0x318/0x460
[ 1557.575709][T20168]  ? __lock_acquire+0xab9/0xd20
[ 1557.575723][T20168]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1557.575737][T20168]  ? tun_get+0x1c/0x2f0
[ 1557.575751][T20168]  ? tun_get+0x1c/0x2f0
[ 1557.575764][T20168]  ? tun_get+0x1c/0x2f0
[ 1557.575779][T20168]  tun_chr_write_iter+0x113/0x200
[ 1557.575794][T20168]  vfs_write+0x54b/0xa90
[ 1557.575806][T20168]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1557.575820][T20168]  ? __pfx_vfs_write+0x10/0x10
[ 1557.575833][T20168]  ? __fget_files+0x2a/0x420
[ 1557.575848][T20168]  ksys_write+0x145/0x250
[ 1557.575859][T20168]  ? __pfx_ksys_write+0x10/0x10
[ 1557.575869][T20168]  ? rcu_is_watching+0x15/0xb0
[ 1557.575887][T20168]  ? do_syscall_64+0xbe/0x3b0
[ 1557.575897][T20168]  do_syscall_64+0xfa/0x3b0
[ 1557.575906][T20168]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1557.575917][T20168]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1557.575927][T20168]  ? clear_bhb_loop+0x60/0xb0
[ 1557.575938][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1557.575948][T20168] RIP: 0033:0x7f27a018d3df
[ 1557.575958][T20168] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1557.575967][T20168] RSP: 002b:00007f27a10a1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1557.575979][T20168] RAX: ffffffffffffffda RBX: 00007f27a03b5fa0 RCX: 00007f27a018d3df
[ 1557.575986][T20168] RDX: 0000000000011dc0 RSI: 0000200000002d40 RDI: 00000000000000c8
[ 1557.575993][T20168] RBP: 00007f27a0210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1557.576000][T20168] R10: 0000000000011dc0 R11: 0000000000000293 R12: 0000000000000000
[ 1557.576007][T20168] R13: 0000000000000000 R14: 00007f27a03b5fa0 R15: 00007ffd1d282248
[ 1557.576018][T20168]  </TASK>
[ 1557.576026][T20168] BUG: Bad page state in process syz.3.3797  pfn:7bde6
[ 1557.897225][T20168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x7bde6
[ 1557.907300][T20168] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1557.914432][T20168] raw: 00fff00000000000 dead000000000040 ffff888022698000 0000000000000000
[ 1557.923039][T20168] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 1557.931622][T20168] page dumped because: page_pool leak
[ 1557.937030][T20168] page_owner tracks the page as allocated
[ 1557.942776][T20168] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 20168, tgid 20167 (syz.3.3797), ts 1552546668964, free_ts 1551723215397
[ 1557.960178][T20168]  post_alloc_hook+0x240/0x2a0
[ 1557.964954][T20168]  get_page_from_freelist+0x21d5/0x22b0
[ 1557.970488][T20168]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1557.976314][T20168]  alloc_pages_bulk_noprof+0x560/0x710
[ 1557.981763][T20168]  __page_pool_alloc_pages_slow+0x127/0x740
[ 1557.987715][T20168]  skb_pp_cow_data+0xb47/0x13e0
[ 1557.992593][T20168]  do_xdp_generic+0x699/0x11a0
[ 1557.997371][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1558.002042][T20168]  tun_chr_write_iter+0x113/0x200
[ 1558.007081][T20168]  vfs_write+0x54b/0xa90
[ 1558.011322][T20168]  ksys_write+0x145/0x250
[ 1558.015672][T20168]  do_syscall_64+0xfa/0x3b0
[ 1558.020178][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1558.026074][T20168] page last free pid 15 tgid 15 stack trace:
[ 1558.032031][T20168]  __free_frozen_pages+0xc65/0xe60
[ 1558.037149][T20168]  __tlb_remove_table+0x2d2/0x3b0
[ 1558.042195][T20168]  tlb_remove_table_rcu+0x85/0x100
[ 1558.047311][T20168]  rcu_core+0xca8/0x1710
[ 1558.051538][T20168]  handle_softirqs+0x286/0x870
[ 1558.056310][T20168]  run_ksoftirqd+0x9b/0x100
[ 1558.060795][T20168]  smpboot_thread_fn+0x53f/0xa60
[ 1558.065737][T20168]  kthread+0x70e/0x8a0
[ 1558.069788][T20168]  ret_from_fork+0x3fc/0x770
[ 1558.074390][T20168]  ret_from_fork_asm+0x1a/0x30
[ 1558.079141][T20168] Modules linked in:
[ 1558.083057][T20168] CPU: 0 UID: 0 PID: 20168 Comm: syz.3.3797 Tainted: G    B               6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) 
[ 1558.083087][T20168] Tainted: [B]=BAD_PAGE
[ 1558.083094][T20168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1558.083107][T20168] Call Trace:
[ 1558.083116][T20168]  <TASK>
[ 1558.083125][T20168]  dump_stack_lvl+0x189/0x250
[ 1558.083154][T20168]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1558.083179][T20168]  ? __pfx_print_modules+0x10/0x10
[ 1558.083204][T20168]  bad_page+0x180/0x1c0
[ 1558.083224][T20168]  __free_frozen_pages+0xe06/0xe60
[ 1558.083251][T20168]  bpf_xdp_frags_shrink_tail+0x3a5/0x750
[ 1558.083283][T20168]  bpf_xdp_adjust_tail+0x1d6/0x220
[ 1558.083307][T20168]  bpf_prog_f476d5219b92964a+0x1e/0x24
[ 1558.083323][T20168]  bpf_prog_run_generic_xdp+0x64b/0x14c0
[ 1558.083362][T20168]  do_xdp_generic+0x9f7/0x11a0
[ 1558.083391][T20168]  ? __pfx_do_xdp_generic+0x10/0x10
[ 1558.083421][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1558.083452][T20168]  ? tun_get_user+0x22c6/0x3ce0
[ 1558.083476][T20168]  tun_get_user+0x23fb/0x3ce0
[ 1558.083506][T20168]  ? psi_task_change+0xe5/0x250
[ 1558.083534][T20168]  ? __pfx_tun_get_user+0x10/0x10
[ 1558.083558][T20168]  ? preempt_schedule_common+0x83/0xd0
[ 1558.083584][T20168]  ? preempt_schedule+0xae/0xc0
[ 1558.083607][T20168]  ? __pfx_preempt_schedule+0x10/0x10
[ 1558.083630][T20168]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1558.083654][T20168]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1558.083685][T20168]  ? ref_tracker_alloc+0x318/0x460
[ 1558.083707][T20168]  ? __lock_acquire+0xab9/0xd20
[ 1558.083731][T20168]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1558.083756][T20168]  ? tun_get+0x1c/0x2f0
[ 1558.083782][T20168]  ? tun_get+0x1c/0x2f0
[ 1558.083806][T20168]  ? tun_get+0x1c/0x2f0
[ 1558.083831][T20168]  tun_chr_write_iter+0x113/0x200
[ 1558.083857][T20168]  vfs_write+0x54b/0xa90
[ 1558.083880][T20168]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1558.083904][T20168]  ? __pfx_vfs_write+0x10/0x10
[ 1558.083925][T20168]  ? __fget_files+0x2a/0x420
[ 1558.083950][T20168]  ksys_write+0x145/0x250
[ 1558.083971][T20168]  ? __pfx_ksys_write+0x10/0x10
[ 1558.083989][T20168]  ? rcu_is_watching+0x15/0xb0
[ 1558.084015][T20168]  ? do_syscall_64+0xbe/0x3b0
[ 1558.084032][T20168]  do_syscall_64+0xfa/0x3b0
[ 1558.084047][T20168]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1558.084059][T20168]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1558.084069][T20168]  ? clear_bhb_loop+0x60/0xb0
[ 1558.084080][T20168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1558.084090][T20168] RIP: 0033:0x7f27a018d3df
[ 1558.084100][T20168] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1558.084109][T20168] RSP: 002b:00007f27a10a1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1558.084121][T20168] RAX: ffffffffffffffda RBX: 00007f27a03b5fa0 RCX: 00007f27a018d3df
[ 1558.084129][T20168] RDX: 0000000000011dc0 RSI: 0000200000002d40 RDI: 00000000000000c8
[ 1558.084136][T20168] RBP: 00007f27a0210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1558.084143][T20168] R10: 0000000000011dc0 R11: 0000000000000293 R12: 0000000000000000
[ 1558.084150][T20168] R13: 0000000000000000 R14: 00007f27a03b5fa0 R15: 00007ffd1d282248
[ 1558.084160][T20168]  </TASK>
[ 1558.497084][T17803] usbhid 3-1:0.0: can't add hid device: -71
[ 1558.501600][T17410] dvb-usb: Hauppauge WinTV-NOVA-T usb2 successfully deinitialized and disconnected.
[ 1558.503612][T17803] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1558.523437][T17803] usb 3-1: USB disconnect, device number 106
[ 1558.565578][T16442] dvb-usb: Hauppauge WinTV-NOVA-T usb2 successfully deinitialized and disconnected.