last executing test programs:

5.524030706s ago: executing program 3 (id=1827):
syz_usb_connect(0x5, 0x24, &(0x7f0000000600)=ANY=[@ANYBLOB="12010000a3d613202c1051616532010203010902128001000010000904c502002e85fe00"], 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000000)={0x0, &(0x7f0000000940)=[@rdmsr={0x32, 0x18, {0xda0}}], 0x18})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_S_MODE(r4, 0x40046109, &(0x7f0000000140)=0x11)
ioctl$CEC_S_MODE(r4, 0x40046109, &(0x7f0000000040)=0xd0)
syz_usb_connect$cdc_ecm(0x5, 0x70, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x174f7362a5f51e33, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5e, 0x1, 0x1, 0x6, 0x80, 0x2, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x2, 0x6, 0x0, 0x0, {{0xa, 0x24, 0x6, 0x0, 0x0, "b5be7da2c2"}, {0x5, 0x24, 0x0, 0xb}, {0xd, 0x24, 0xf, 0x1, 0x1, 0xfff9, 0xb, 0xa}, [@country_functional={0x8, 0x24, 0x7, 0x7f, 0xd852, [0x6d1]}, @ncm={0x6, 0x24, 0x1a, 0x200}, @network_terminal={0x7, 0x24, 0xa, 0x6, 0x5, 0xb, 0x3}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x0, 0x28, 0xa5}}], {{0x9, 0x5, 0x82, 0x2, 0x8, 0x1, 0xfe, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x3, 0xfc}}}}}]}}]}}, 0xffffffffffffffff)

5.149585102s ago: executing program 2 (id=1830):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
close(0x3)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r1, &(0x7f0000000300)={{0x6, @null, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @bcast, @default]}, 0xfffffffffffffd54)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000140)={<r4=>0x0, 0x11, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010100}]}, &(0x7f0000000180)=0x10)
bind$netrom(r2, &(0x7f00000004c0)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48)
listen(r2, 0x80)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x480000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r5, 0xc0189372, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {0x8}}, './file0\x00'})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_GUEST_MEMFD(r8, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000})
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x12, r9, 0x11283000)
r10 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_GET_ONE_REG(r11, 0x4010aeab, &(0x7f00000000c0)=@arm64_ccsidr={0x6020000000110007, 0x0})
accept$netrom(r2, 0x0, 0x0)
r12 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
write$sndseq(r12, &(0x7f0000000080)=[{0x8, 0xff, 0x0, 0xfd, @tick, {}, {0xe}, @result}], 0x1c)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r13, 0x84, 0x70, &(0x7f00000003c0)={r4, @in6={{0xa, 0x4e23, 0x5, @loopback, 0x80}}, [0x4, 0x8, 0x3, 0x5, 0x68000000, 0x0, 0x80, 0xfe26, 0xffffffffffffffff, 0x8f8d, 0x4, 0xfffffffffffffff8, 0x2, 0x3, 0x7]}, &(0x7f0000000240)=0x100)
write$cgroup_int(r13, &(0x7f0000000200), 0x806000)
ioctl$FS_IOC_RESVSP(r13, 0x40305829, &(0x7f0000000380)={0x0, 0x0, 0x4000, 0x9ffffc})
read(r1, &(0x7f0000000540)=""/4096, 0x1000)
writev(r0, &(0x7f00000005c0)=[{&(0x7f0000000080)='/', 0x1}], 0x1)

4.041532657s ago: executing program 2 (id=1840):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xa, 0x800)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r2, 0xc1105511, &(0x7f0000000040)={0xb, 0x3, 0x40, 0x10000, 'syz1\x00', 0x400})
ioctl$EXT4_IOC_GETSTATE(r1, 0x40046629, &(0x7f0000000080))
r3 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^\x84{\x00\x02\xb9~B\x9f\xacl\x1d3\xa6\xab\x81\x9d\x13\x89\x9b\x00\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\7\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~\x03\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x1)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x2c, 0x40, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x12}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)

3.937596681s ago: executing program 3 (id=1842):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'ni_at_a2150\x00', [0x0, 0x5, 0x3, 0x401, 0x1, 0xcc7, 0x0, 0x5c952399, 0x4, 0x3ff, 0x802, 0x1600, 0x8, 0x1, 0x9, 0xe1cb, 0x6, 0x4, 0x3, 0x2, 0x80000089, 0xfffffffd, 0x2f, 0xfffffff5, 0xffffeadb, 0x3, 0x3c, 0x8, 0x4, 0x8000000, 0xdffffffa]})

3.917189085s ago: executing program 2 (id=1843):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x3, 0x2, 0x401, 0x0, 0x0, {0x5}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x4000804)
r1 = socket$inet6(0xa, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', <r5=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_GET_HARDIF(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fddbdf250500000008000600", @ANYRES32=r5, @ANYBLOB="08002c0001000000080039000700000008000300", @ANYRES32=r6], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r7 = syz_io_uring_setup(0x4fe, &(0x7f0000000080)={0x0, 0x4000000, 0xb2, 0x0, 0x4, 0x0, 0x0}, 0x0, 0x0)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_buf(r1, 0x29, 0x15, &(0x7f00000004c0)="252f827f9921f9d6c10eb63b88c7a77bd35af1bc93a727a42e8bd1e660b5f9b1295079020f92dcc302151fee35753a2f18af74fb8d017c3dca547a78a2af6a3a6c37eb8bd2957cc7c661b5d7d5a715a004cb59309d1858b33b9f80c8e993717cff97971f53a69fe64724d5d0e1719144d0c5213f41059e8b60c4", 0x7a)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f00000003c0), 0x8000, &(0x7f0000000440)=ANY=[@ANYBLOB='qhota'])
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
clock_getres(0xfffffffffffffffb, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x5, &(0x7f0000004240)=0x10c3, 0x4)
recvmmsg(r1, &(0x7f0000004f00)=[{{0x0, 0x0, 0x0}, 0x7fff}], 0x1, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20000001, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @mcast1}, 0x1c)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r8, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, r9, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
getpeername(r8, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYRESDEC=r0], 0x88}, 0x1, 0x0, 0x0, 0x90}, 0x48004)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000400)={{0x1, 0x1, 0x18, <r10=>r7}, './file1\x00'})
read$FUSE(0xffffffffffffffff, &(0x7f0000000540)={0x2020, 0x0, <r11=>0x0}, 0x2020)
write$FUSE_WRITE(r10, &(0x7f0000000480)={0x18, 0xfffffffffffffff5, r11, {0x200}}, 0x18)
syz_usb_connect(0x0, 0xb6, &(0x7f0000000280)=ANY=[@ANYBLOB="12010003cf7e8f4040201f7200f2010203010902a400018104004f0904870605a97a37020a24010a0b06020102092403050703020496062404029cfe09050b004000800000072501af82a7ce1932dc70000464040507250103"], &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1555555555555709})

3.80850945s ago: executing program 3 (id=1845):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x118)
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
r2 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r2, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
r3 = socket$unix(0x1, 0x2, 0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r4, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e24}, 0x48)
bind$unix(r3, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e24}, 0x52)
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r5, r5)
setpgid(0x0, r5)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x1000, 0x10ffff, 0xfffffffd})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r6, 0xc018937b, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r7, 0xc0045516, &(0x7f0000000000)=0x639)
r8 = epoll_create1(0x80000)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_PIT2(r10, 0xc008aeba, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r7, &(0x7f0000000040)={0x2})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r13, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

2.748585122s ago: executing program 3 (id=1847):
syz_usb_connect(0x5, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010019033dd608f80600b0a85d0102030109021b00010908b006090405090184435f070905d7"], &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0})
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
socket$kcm(0x10, 0x2, 0x0)
r1 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x242900, 0x0)
poll(&(0x7f0000000100)=[{r0}, {r1, 0x200}, {r0, 0x400}], 0x3, 0x0)
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0x100, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0xc, 0x40, 0xcd6, 0x4, 0x6, 0x0, 0x3, 0x7, 0x9, 0x7a18fde9, 0x9, 0xf12, 0x4, 0x3, 0x378, 0x350bae1a, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xd4f, 0x7, 0xf2, 0x10, 0x5, 0x8, 0x10001, 0x401, 0x80000000, 0x2401, 0x3ca5, 0x1, 0x0, 0xff, 0x4, 0x4, 0x3, 0x0, 0x0, 0x40000000, 0x80000000, 0x7fff, 0x7, 0x3, 0xa, 0x0, 0x10000, 0x401, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x1, 0xb6, 0x24, 0xcb, 0x5, 0x7f, 0x5, 0x311, 0x66d1, 0xfffffffd, 0xa7d6, 0xb6eb, 0xc74, 0x77, 0x1, 0xff, 0x5cb5, 0xfffffffe, 0x401, 0xedf4, 0x4, 0x1000, 0x6, 0xfffffffe, 0x8001, 0xc1, 0x1, 0x8, 0x1, 0x32, 0x98, 0x7f, 0x0, 0x401, 0x2, 0x2, 0x4680, 0x7, 0xe665, 0x3c6e, 0x3, 0x40, 0x80, 0x4b, 0x8000, 0x2, 0xb, 0x6, 0x4fa4, 0x80000002, 0x1, 0xb, 0x0, 0xfffffffa, 0x3, 0x9, 0xfd, 0x101, 0x4, 0x40, 0xa, 0x1b, 0x1ff, 0x7ff, 0x2, 0x80000000, 0xffff, 0x9, 0x0, 0x6, 0x2, 0x1, 0x3, 0xa0, 0xf, 0x1ff, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x9, 0x1, 0xf1a, 0x664, 0x4, 0x9, 0x9, 0x2, 0x4, 0xfffffffd, 0x10, 0x0, 0x9, 0x10000, 0x1, 0x9, 0xf7a, 0xc6, 0x1, 0x4, 0x6, 0xffffffff, 0x6, 0x10001, 0x8, 0x68, 0x7, 0x1, 0x5, 0x3, 0x9a3f, 0x400000, 0x0, 0x80000067, 0xffffff7e, 0x7, 0x10000000, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0x2, 0x40, 0x1c, 0x80, 0xb5f8, 0x8bc, 0x3, 0x101, 0x5, 0x64, 0x4, 0x7fff, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x5, 0x9, 0x7fffffff, 0x73, 0x7, 0x8, 0x6, 0x400, 0x40, 0x0, 0x0, 0x0, 0x546c, 0x981, 0x5aa, 0x7fff, 0x7, 0x4, 0x8, 0x6688, 0x45e3, 0x5, 0x7, 0x1, 0x5, 0x3, 0x0, 0x1, 0x2, 0xffffffff, 0x4, 0xce, 0xf, 0x0, 0x1, 0x667, 0x3, 0x0, 0x9, 0x9, 0x37d, 0x10001, 0xc, 0x1, 0x1, 0x2, 0x6, 0x4, 0x6, 0x1, 0x9, 0x6, 0xfffffffa, 0x2, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0xd, 0x34ea, 0x10000, 0x0, 0x80000001, 0x8, 0x8000, 0x3a, 0x10, 0x8, 0x9, 0x5, 0x1, 0x6, 0x10001, 0x0, 0x4, 0x10000, 0x4, 0xffff, 0xe, 0x89, 0x2, 0x8, 0x1, 0x73, 0x3, 0x9, 0x4, 0x1, 0x9, 0x0, 0x8, 0x0, 0x2, 0x80000004, 0x29, 0x9, 0x0, 0x4, 0x4, 0x0, 0x1, 0x4, 0x5, 0x4, 0x10001, 0xf, 0x9, 0x100, 0x4, 0x59b, 0x7, 0x8, 0x9, 0x3, 0x2, 0x4, 0xbf, 0x0, 0x8, 0x40, 0xd3, 0x7, 0x1, 0x89aa, 0x8, 0x7, 0xf0ce, 0x4, 0x1, 0x0, 0x2, 0xc6, 0x1000, 0x1, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x5, 0x9, 0x5, 0xffffffff, 0xbe, 0x1, 0x7, 0x0, 0xffffffff, 0x0, 0x3d6, 0x0, 0xc, 0x6, 0x7, 0xfffffeff, 0x4, 0x2, 0x7fff, 0x101, 0x7, 0x6, 0x706, 0x2, 0x49, 0x10, 0xfffffff7, 0xfffff772, 0x8, 0x80000000, 0x6, 0x1, 0xa9c, 0x9, 0x9, 0x1, 0x2, 0x5, 0x1000, 0x5, 0x1ff, 0x9, 0x3, 0x3, 0x10001, 0xffff0000, 0xf, 0x1, 0xffffa5ba, 0xffffa9b4, 0x1, 0x4, 0x5, 0x7, 0x4b5f, 0x6, 0xa, 0xffffffff, 0x1, 0x80000000, 0xb, 0x0, 0xc8f, 0x1, 0x7, 0x8, 0x1, 0x10000, 0x57dc, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0x5, 0x5, 0x4, 0xfff, 0x9, 0x10, 0xfffffffd, 0x4, 0xc2, 0x7f, 0x4, 0x2, 0x80000000, 0xd, 0x3, 0x1, 0x0, 0x5, 0xb6, 0x101, 0x401, 0x2, 0xb, 0xc, 0x6623258, 0xf2, 0x741, 0xae6, 0x9, 0xffffa0ae, 0x9, 0x6, 0x2, 0x8, 0x9, 0x1, 0x7f, 0x9a, 0x9, 0xb, 0x800, 0x4, 0x3ff, 0x5, 0x7, 0x7, 0x8, 0xfe, 0x7f, 0x9, 0x4, 0x2, 0x20000000, 0x2, 0x8000, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0x8000001, 0x0, 0xfff, 0x101, 0x4, 0x0, 0x96c6, 0xc, 0x5, 0xfff, 0x100, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x6, 0x4b15, 0xa, 0x1, 0x9, 0x1, 0xd, 0x9, 0x7619, 0xfffffe01, 0x1, 0x6, 0x0, 0x3, 0x10001, 0x1, 0x7, 0x1, 0x5, 0x9, 0xffffc487, 0x200, 0x10001, 0x37c, 0x7, 0x6, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x0, 0xe, 0x0, 0x2, 0x4, 0x80000000, 0xb46d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x1, 0x5, 0x9, 0x1000, 0x7, 0x62f2f805, 0x9, 0x3, 0xffffffff, 0x9, 0x7f, 0x6, 0x8, 0x40, 0x5, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x25, 0x8, 0x7, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x80000001, 0x0, 0x80, 0x8, 0x6, 0x0, 0xa95a, 0xff, 0x5, 0x2, 0x2, 0x4, 0x10000, 0x80000001, 0x5, 0x8001, 0x9, 0x0, 0xb7, 0x3, 0xff, 0x9, 0xffff, 0x80, 0xfea5, 0x7fff, 0x7, 0x7, 0x7, 0x7485, 0x9, 0x8, 0x0, 0x5, 0xf, 0x5, 0xe, 0x8, 0x1000, 0x3, 0x7, 0x382d, 0x459, 0xcad, 0x9, 0x0, 0x2, 0x9, 0x6, 0x20000a4, 0xe0, 0xfffffffb, 0x5, 0xffffffff, 0x2, 0x7, 0xa05a, 0x0, 0x0, 0x0, 0x35, 0x8, 0x1, 0x1, 0x30, 0xffffff7e, 0x1, 0x2, 0x9, 0x3, 0x7, 0x8, 0x8, 0x4000, 0x1, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x43, 0x3, 0x9, 0x5, 0x80000000, 0x9, 0x0, 0x5, 0x81, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x1a, 0x9, 0x2, 0x9, 0x1, 0x9, 0x7, 0x2c1, 0x9e95, 0x2, 0xfffffedd, 0x30c8, 0x2, 0x38a0, 0x7b, 0x0, 0x8, 0x9, 0x6, 0x9, 0x9, 0x8, 0x5, 0x8, 0x1ff, 0x7fff, 0x3, 0x8000002, 0x8, 0x2b, 0x200006, 0x4, 0x7, 0x2, 0xfb4, 0xbf8, 0x7, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0x3, 0x6ae574d2, 0x6, 0xfffffe00, 0x1000, 0x5, 0x92, 0x3, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x8, 0x1, 0x6, 0x1, 0xff, 0x100, 0x4, 0x3, 0x6, 0x80000000, 0x0, 0x100a, 0x7fffffff, 0x7fff, 0x2, 0xfffffff8, 0x2, 0x9af, 0x10001, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x40, 0x0, 0x6, 0x7fffffff, 0x7, 0x7, 0x8, 0x17f, 0x6, 0x2, 0x5, 0x6, 0x1, 0xb, 0xe, 0x5, 0x1, 0xfe7, 0xfffffffc, 0x8, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xd, 0x3, 0x4, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x6, 0xffff, 0xf28c, 0x7, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0x0, 0x924, 0x6, 0x100, 0x1, 0x5, 0xffff351b, 0x8, 0xfffffffb, 0x7, 0x9, 0x2, 0x5, 0x4, 0x1, 0x4, 0xff, 0xee, 0x2, 0x4, 0x8, 0x9f, 0x7, 0x3, 0x9, 0xc9, 0x1, 0x1, 0x1, 0xfffffff7, 0x0, 0x5, 0x5, 0x6, 0x400, 0x51, 0x7, 0xefb, 0xb8, 0x8, 0x5, 0xfffffff7, 0x7, 0x7, 0x5, 0x6330, 0x0, 0x6, 0xea, 0x0, 0xfff, 0x809, 0x6, 0x0, 0x6, 0xffff, 0xfffffffa, 0x3, 0xffffffff, 0x1, 0x6, 0xfffffc00, 0x5, 0x7, 0x2ec, 0x9, 0x6, 0x3ff, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x8, 0x3, 0xe, 0x1, 0x1, 0xc, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0x5, 0x3, 0x9, 0x2, 0x80000001, 0x54, 0x400, 0x1, 0x8, 0xa, 0x9, 0xc0, 0x3, 0x72, 0x80, 0x1000, 0x7, 0x800, 0x6, 0xd19, 0x3, 0x93c, 0x6, 0x0, 0x0, 0xe, 0x5, 0x3, 0xfffffffa, 0xa01, 0xf3, 0xffffff00, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x6, 0xfffffff8, 0xffff, 0xfffffff9, 0x9, 0x5, 0x62, 0x8, 0x1, 0xfffffffb, 0x1af88, 0x2, 0x30a6, 0x7, 0x0, 0x7, 0x8, 0x10000, 0x40, 0x8, 0x7, 0x2b, 0x6, 0x10, 0x5, 0x200, 0x7fff, 0x6, 0x3, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x0, 0x101, 0x200, 0x7, 0x7ff, 0x0, 0x1, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x7f, 0x8, 0x6, 0xe, 0x3, 0x80000001, 0x0, 0x8, 0x8, 0x7, 0xdd, 0x8, 0x89, 0x0, 0x100, 0x1, 0x9, 0xe75, 0x400, 0x1, 0x0, 0x200, 0xe9ab, 0xfffffff8, 0x8000, 0x7, 0x2, 0x2, 0x43, 0x3ff, 0x0, 0x7, 0x9, 0x1, 0x6, 0x7, 0xa, 0xf, 0xf39d, 0x71, 0xfff, 0x5, 0x8]})
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x2250)
sendmsg$inet(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514000cc00800190003000200060018c00364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

2.251767432s ago: executing program 2 (id=1851):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
bind$rds(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
syz_usb_connect$uac1(0x5, 0x86, &(0x7f0000000180)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x74, 0x3, 0x1, 0x4, 0x10, 0x25, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x2, 0x88}, [@mixer_unit={0x6, 0x24, 0x4, 0x4, 0x10, "c3"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x10, 0x4, 0xd, 0x1, {0x7, 0x25, 0x1, 0x80, 0x3, 0xf}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0x8, 0x24, 0x2, 0x1, 0xfc, 0x5, 0x9}, @as_header={0x7, 0x24, 0x1, 0x6, 0x8, 0x1}]}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x7f, 0x0, 0x6, {0x7, 0x25, 0x1, 0x1, 0x1, 0x85e}}}}}}}]}}, 0x0)
r0 = socket(0x2, 0x3, 0x5)
setsockopt(r0, 0xff, 0x1, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x1000, 0x10ffff, 0xfffffffd, 0x0, 0xfffff05b})
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x4b, &(0x7f0000000080)=0x1ff, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x24, 0x4, 0x8, 0x101, 0x0, 0x0, {0x1, 0x0, 0x3}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x88}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8917}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000000}, 0x4014)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), r4)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, r5, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PID={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)

1.263469718s ago: executing program 3 (id=1857):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000900)=[{{&(0x7f0000000000)={0xa, 0x10, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c, &(0x7f0000000100)=[{&(0x7f0000000280)="18", 0x1}], 0x1}}], 0x1, 0x4000014) (async)
shutdown(r0, 0x1) (async)
setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f00000003c0)={0x0, 0x9, 0x1, 0xa04}, 0x10) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x4a301, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8d11}) (async)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r2, 0x4008af83, &(0x7f0000000040)) (async)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, r3}, './file0\x00'})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

962.40693ms ago: executing program 3 (id=1860):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000140)={0x0, 0x50424752, 0x0, @stepwise})
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_HMAC_IDENT(r3, 0x84, 0x16, 0x0, &(0x7f0000000080))
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$VIDIOC_S_JPEGCOMP(0xffffffffffffffff, 0x408c563e, &(0x7f0000000340)={0x5, 0x3, 0xf, "8e412b0af8408c082a99c6e51a1c90300b4123abe529eb909f4fa84fe0343685f2799f0556d5b6bba561823322d6156f5d4b413e1a07648ec766c167", 0x10, "23c8e20156a67f109e63363611688423807fcbb70079d9aaae549eb9aaba6666e89e9b004ed478921e5c69dc16f061fe5bd79bd8ef639d07ab7b19b6", 0x8})
r5 = dup(r4)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xa, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000100)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
write$tun(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="0000001baaaaaaaaaabbaaaaaaaa00450900140068000009329078ac141435e000000182da9da5678279033a20cb26858b5254cef18aea6bb43be776735e5166a2ec63bc2f49f63abe5018a451851e353c70ca22e70e513b59bc34f70506"], 0x26)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)="d80000001c0081044e81f782db44b9040a1d080214000000020003a118000c000300000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000fdbccf137789dd5e3df5fc6047a353000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x400d0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r10, 0xc048aec8, &(0x7f0000000080)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{}, {}, {0x0, 0x0, 0x0, '\x00', 0x3}, {0x0, 0x1}, {0x0, 0x47}, {0x0, 0x4}, {}, {}, {0x20}, {}, {}, {}, {0x4}, {0x21}, {}, {}, {0x3, 0x0, 0xcc}, {}, {}, {}, {}, {}, {0xfe}, {0x0, 0x0, 0x40}]}})
r11 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$sock_ifreq(r11, 0x89f0, &(0x7f0000000180)={'bond0\x00', @ifru_names='gretap0\x00'})
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r8, &(0x7f0000000140)={0x10, 0x30, 0x3, {0x0, 0x0, {0x2, 0x0, 0x0, @mcast1}}}, 0x38)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000000), r12)
r13 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180), 0x44080, 0x0)
write$P9_RSTATu(r13, &(0x7f00000004c0)=ANY=[@ANYBLOB="931c00007d00000005f0000000000000000000000000000000000000000000000000000000000000000000000000000000001f00206e6f6465767b6376666f7892ffffff8102000000000031ffcebc920000003800704a86cec602007dfa673effeb09b5351f5bde05f7"], 0x232)
recvfrom(r7, 0x0, 0x0, 0x0, 0x0, 0x0)

817.729067ms ago: executing program 1 (id=1861):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) (async)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) (async)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
set_mempolicy(0x2, &(0x7f0000000080)=0x4716, 0x3)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) (async)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000, 0x1, 0x900})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r2, 0x0)
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000040)={&(0x7f00001e5000/0x3000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x3000, 0x3, 0x2}) (async)
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000040)={&(0x7f00001e5000/0x3000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x3000, 0x3, 0x2})

548.958098ms ago: executing program 1 (id=1863):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={0x3c, r1, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008080}, 0x4190) (fail_nth: 7)

521.624712ms ago: executing program 1 (id=1865):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000340)="8224aca5f41b9e0ec5e7a706c919e7c0e343f0cd0a779c17e7f992396b09252009d2d12e9475a57ec39f71417044cf4151af34ac1dfd5d87cdd80bc4c24478821f64d4d971bbc1fc7bdd181a839344917165bb9cd0fa568aac55d8e38ee30fd3a9bc63e2656b6941c812e6ea0692ec276deb2b7b817906cf8c5429a42164e8bb521e216e554d509a0fd0d86729b5f4b9a01fb336bef1be8a68a628452b83", 0x9e}, {0x0}, {&(0x7f00000005c0)="f2b314c96d50", 0x6}], 0x3}}], 0x1, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(0xffffffffffffffff, &(0x7f0000002140)={0x0, 0x0, &(0x7f0000002100)={&(0x7f0000001040)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x8d0}, 0x4040800)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="14000000000000002900000034000000040000000000000014000000000000002900000034000000fdffffff0000000000010000000000002900000004000000041c000000000000fe72f4a4a3142ee1e12b9826287997a6b33d89f3d60da1641d9fe3896c3c1b6c130ef4f01be8f5836d417874540898619050b14420ab124b11de36afb16ef4fc00f3f4e4fa0e647cd1b07b068d3894180b6aa7527a4a8252f6836a0d67a7782c675a838ea989e567e4774de1f52d188e0b0888c5801409e12e5f0b6bdcf72f2ec7008a15fa88b025e0ad0738000000010c7a0180050000000000000009000000000000000400000000000000060000000000000000040000000000000b0000000000000005020a7e00010005020bf4c910fc0200000000000000000000780e000000000000000000140000000000000029000000340000000000000000000000700100000000000029000000360000005e2a000000000000ff4150d650847249ad288702ebd0d654b985e8908defb7ec6c5ff115c58e128b9e3a21c34b45ef9de99984e143ca7c3509a971b2ec429ee1edc0bb903fe94b32c28f70000100000100010800000000000000000708000000030000ff0f07100000000002070600ff7f00000000000008c6c8a110995d439fbfac9716a99c357bcb2d59a850490739734f6b321d19b3754df39cc2dc26cf263cbebbddb9a7f17b6771f74c46623f9e38bd23e6f0a2fd3a9a017f66738394aca44d1a9f0b35d9df0a964360ab0900a5e6fcac1cd41c91c97f6826ff706c41edc4e00205bbb53218ed58a1122d993b55a1b9a870a17e7869e3fc704b388202add651f628963a90fea5d8196d5e0373fd13584ae57b4f1c03d4f67005cdb5938591d5ea712014e358ea0808807873fd7290c6d4f033de64c7e86ab3030700008000000000000001082bdb86d1ce6a20c2000000000020000000000000002900000037000000730000000000000000010000000000001400000000000000290000000b0000000000000200000000180000000000000029000000390000000000000000000000380000000000000029000000390000003a04027000000000ff010000000000000000000000000001ff020000000000000000000000000001"], 0x340}}, {{&(0x7f0000000300)={0xa, 0x4e20, 0x400, @empty, 0x7}, 0x1c, &(0x7f0000000f00)=[{&(0x7f0000000500)='q', 0x1}, {&(0x7f0000000540)="a22caaffe37d4620d1a9427c00787b63b26c5b83ef8ce8f8fe823d77c642dd73361c1f115fdce55de92bede6e812191b9780a257fa4fb3bba896dc1a01fcc30adb201f2ee3a5c8676d6b812ec2342bd0723b7db488a027513df1870c31ffba527c5dfb132cb48cbc2e0ffcfbc12ef2db3c", 0x71}, {&(0x7f0000000600)="58b327f21946add0e0c31b173119ac7b4ceda64bbfbc8159462a8686f4303aeee1d7c9b54c4bd660fe192582950eb09a8bae632fb4e7313e3828773c09fec9b010373ca7be0ccc91233fffcfe03f287a50f2b4a970278097aed06e61a0f2da47b0bd02fcb45bf35e78c15cc4c5d6d163a6eaf921d8afc7d8376e847f403535371a24ce2a19c3898aca95be3176d26e449b7ad2d1c9471c13851aba1592ac", 0x9e}, {&(0x7f00000006c0)="138b9f129daf1d79da8ee1c8c74f2040f7892fe98bc2db9799488aa4bd58432fb72dee377296c6", 0x27}, {&(0x7f0000000700)="e59c889c8be9e17c21882a76c6907239d44f6a0efb65359c6a8e5ede789aa995461e91d2", 0x24}, {&(0x7f0000000e80)="0e9129a2bae0d093a9c5091f0926391174e5aff7420b47b0cf1a8bbd7bb239460a6b26eb4f86fa48acdf54294bee3567a8ff0ed4f912a1aa059d62286db3e045dc31db292f5ab26a8f1466d90f0f98ff1a0e2b1018604ef19bc70ab992f8", 0x5e}], 0x6}}], 0x2, 0x810)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0xeeee8000, 0x4, 0x3, 0xf1, 0x5, 0xfa, 0xd4, 0xd4, 0x0, 0x4, 0x7, 0x4f}, {0x5000, 0x2, 0xd, 0x9, 0x8, 0x3, 0x6, 0xb, 0x5, 0xf, 0x3, 0xc0}, {0xffff1000, 0xeeef0000, 0xb, 0x1, 0x2, 0x7, 0x4, 0x1, 0x81, 0x0, 0x6, 0x5}, {0x8000000, 0x2000, 0x8, 0xf8, 0x3, 0x46, 0x2, 0xd, 0x6, 0x3, 0x8, 0x1}, {0x100000, 0x4000, 0x9, 0x9, 0x3, 0x9, 0xd, 0x6, 0x5, 0x9, 0xc, 0x4b}, {0x6000, 0x0, 0x4, 0x6, 0x3, 0x7d, 0x1, 0xff, 0x4, 0x90, 0x1, 0xfc}, {0x8000000, 0x4000, 0x0, 0x9d, 0x3, 0x0, 0x0, 0xb, 0x5, 0x7, 0x9, 0xf8}, {0xf7f63004, 0x8000000, 0xf, 0x5, 0x28, 0x3, 0xa, 0x9, 0x54, 0x1, 0x2, 0x7}, {0xdddd1000, 0x5}, {0x4, 0x9}, 0x40030000, 0x0, 0x80a0000, 0x300, 0x1, 0x2000, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]})
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000740)={"373ab6e870bf64ef25ad87deef94c3b7350df627ea76a6efbd6c33a19e5dde0b3718dac0c2b8e833beb9e0347000fc7332c43a3128856f23df4628fb1e54b1745094c19bc88c190192f58dda884b3296f7cd6373842bff61047e0697c9af6e9f62b88fd21621b527902efdae6efd3516c7e5a36f4aaa12cd1b3ac0686db46783f45fe6aa2515ab6996b4807b0d9575a9061a775ef515a40b97c34035e8e412b9200000001000000062a07ab97f50ff5deb8a5978611317016887694245b363252230bbe17ed0f591f935d8e4ae7563eeff2fdfad8a775f0a4b15f63f5c4851df9aef747ace240cec55ce1659c08d38714245835e15291c4973ade3b2006d8870a1d739eb8e7a284e23f660b2061e31a70627be4acb16ecbe8a4edde1c5397c761a2fe0690f5d580ebf35b8640441ddf47d1f67a5e2d892f14a4f88412ce3cc8ec4d0580729c8638502410837253d6ac316ee9c6a24eb5d83463ff9bdf81f31c12b04adec97fe1377d2f29067e5f6f48cc123f2c4c02afe60d224c7d974a63c1aa9b110d2187f18de3753b57c630eab26238e8201501a007da99f1d07f76c4da113859ab55792049a15c5d83051f41ae951912eb81154f2398a729b6d6c51d6850bddcd4b35b24996e4ec707d1a744dff58ea5030fcd6b46a468ac029f86be30c7c3d5708e3871fed2e63b9c3ad265350e87e9fc44696eadeecc1ff67e30b64be27f480180d26218d031380149bcc31bd712063e9c09ed5329a530800000025d79eb9d4491d82d2b7a3d7d0cf9286396fcb8c2ccf1655b3ba420c36c3fb88d788308e947cc15e0957a98a843911c954c2a2feccd60d0000da8330cd1de951bcd767cf211a241c882b8d5e608fc0e796afead2a7b05018b4ae6c034c4c4997868343a5d064838dd0aca0d21b429665a0a1b4fd17cd34e711cee01d2348dc5871cca7ab4e4924f6f4bc29e7dbfae6788549e600000000271cd7ddfabd45803a6d1145734a82b2b9a6a87c8e118629840a027fd3f8e5a6a5dccee1a480d6cd0402a64db2263b1a9de61848b1eb31b51189f4caa2fdf0c3a38275386522137fe573ec27693a337c324952480c9ae476a694010aa22095c6d8bfceb5e024cbc21d6c1d1b17fae63dc627a948c4eca7dfa3f8a5e628531472e00ed28f2d2b7fcf03b5ba1975fcc010482a08c7800b3c87587a9fea37402ffafcc9cabc16a123164765d10dafe323ce33f197af8a3cf57332dbbee3f263a16cb565b61690b5804341630437ad2277be4ff82d1aa32c15b0cf99c88c7bca0ecf47a3be490bf6079f19acdf9a71f636fff612167c849b5c149cb32d8dd98d2aa8bb0606a1214fc1f0da04476cd8c3c056ec88eefca4d331ecbd5416c356466202cb97ddfc320b7594d5ab2e9102d549ffa72300"})
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
fcntl$addseals(r1, 0x409, 0x5)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
sendmsg$IPVS_CMD_GET_CONFIG(r3, &(0x7f00000011c0)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001180)={&(0x7f0000001040)={0x11c, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x6c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast2}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x60}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x11}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3}, @IPVS_SVC_ATTR_SCHED_NAME={0xa, 0x6, 'lblcr\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x12, 0x18}}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev={0xfe, 0x80, '\x00', 0x17}}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wlc\x00'}]}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'netdevsim0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @loopback}]}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x9}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}]}, @IPVS_CMD_ATTR_DAEMON={0x34, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast1}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @loopback}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xe}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xfffffff9}]}, 0x11c}, 0x1, 0x0, 0x0, 0x8010}, 0x20000000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

486.151275ms ago: executing program 0 (id=1866):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_HYPERV_TLBFLUSH(r1, 0x4068aea3, &(0x7f0000000300)) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f00000000c0)=0xb0000)
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r3, 0x7a6, &(0x7f0000000240)={0x3, 0x1, 0x80000001, 0x80000001, 0x9, 0x1000}) (async)
ioctl$VIDIOC_ENUMAUDOUT(0xffffffffffffffff, 0xc0345642, &(0x7f0000000280)={0x3, "dc7685e10faa820d92941ccfc53e8974bedbd13e3155a88c053a0f614aa10aa7", 0x3}) (async)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000000)={@hyper}) (async)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f0000000080)={{@local, 0x2}, @local, 0x0, 0x0, 0x5e, 0x200000000000, 0x100000000000006})
r4 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
ioctl$COMEDI_DEVINFO(r4, 0x80b06401, &(0x7f0000000180)) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000040)=@x86={0x2, 0xa, 0x0, 0x0, 0x7f, 0x2, 0x61, 0x1, 0x79, 0x0, 0x5, 0xf7, 0x0, 0x6, 0x3, 0x0, 0xf9, 0xa, 0x80, '\x00', 0x6, 0x7}) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x4, 0x9, 0x6, 0xdb, 0xcb, 0x6, 0x8, 0x0, 0x7, 0xb, 0x9, 0x1, 0x0, 0x97, 0x2, 0x9}}) (async)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r6, 0x4010ae42, 0x0)
syz_kvm_setup_cpu$x86(r6, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000380)="0fc71d0f01ca3e0fed7387abb832010f00d82e0f001a260fc79dd6000f009c525066660fe46d0bbaa100ed", 0x2b}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

372.979131ms ago: executing program 0 (id=1867):
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$cgroup_devices(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='b *:* m'], 0x47)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r3 = openat$cgroup_devices(r2, &(0x7f0000000100)='devices.allow\x00', 0x2, 0x0)
splice(r0, 0x0, r3, 0x0, 0x47, 0x77000000)

353.575508ms ago: executing program 2 (id=1868):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'wp256-generic\x00'}, 0x58)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmmsg$sock(r1, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000340)="8224aca5f41b9e0ec5e7a706c919e7c0e343f0cd0a779c17e7f992396b09252009d2d12e9475a57ec39f71417044cf4151af34ac1dfd5d87cdd80bc4c24478821f64d4d971bbc1fc7bdd181a839344917165bb9cd0fa568aac55d8e38ee30fd3a9bc63e2656b6941c812e6ea0692ec276deb2b7b817906cf8c5429a42164e8bb521e216e554d509a0fd0d8", 0x8b}, {0x0}, {&(0x7f00000005c0)="f2b314c96d50", 0x6}], 0x3}}], 0x1, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @dstopts_2292={{0x100, 0x29, 0x4, {0x4, 0x1c, '\x00', [@generic={0xfe, 0x72, "f4a4a3142ee1e12b9826287997a6b33d89f3d60da1641d9fe3896c3c1b6c130ef4f01be8f5836d417874540898619050b14420ab124b11de36afb16ef4fc1cf3f4e4fa0e647cd1b07b068d3894180b6aa7527a4a8252f6836a0d67a7782c675a838ea989e567e4774de1f52d188e0b0888c5"}, @generic={0x80, 0x14, "09e12e5f0b6bdcf72f2ec7008a15fa88b025e0ad"}, @calipso={0x7, 0x40, {0x1, 0xe, 0x7a, 0x8001, [0x5, 0x9, 0x4, 0x6, 0x4, 0x400, 0xb]}}, @ra={0x5, 0x2, 0xa7e}, @pad1, @hao={0xc9, 0x10, @private2}]}}}, @hoplimit={{0x14}}, @hopopts={{0x170, 0x29, 0x36, {0x5e, 0x2b, '\x00', [@generic={0xff, 0x3f, "50d650847249ad288702ebd0d654b985e8908defb7ec6c5ff115c58e128b9e3a21c34b45ef9de99984e143ca7c3509a971b2ec429ee1edc0bb903fe94b32c2"}, @pad1, @pad1, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x8, {0x3, 0x0, 0x0, 0xfff}}, @calipso={0x7, 0x10, {0x0, 0x2, 0x7, 0x6, [0x7fff]}}, @generic={0x8, 0xc5, "c8a110995d439fbfac9716a99c357bcb2d59a850490739734f6b321d19b3754df39cc2dc26cf263cbebbddb9a7f17b6771f74c46623f9e38bd23e6f0a2fd3a9a017f66738394aca44d1a9f0b35d9df0a964360ab0900a5e6fcac1cd41c91c97f6826ff706c41edc4e00205bbb53218ed58a1122d993b55a1b9a870a17e7869e3fc704b388202add651f628963a90fea5d8196d5e0373fd13584ae57b4f1c03d4f67005cdb5938591d5ea712014e358ea0808807873fd7290c6d4f033de64c7e86ab309f93f"}, @calipso={0x7, 0x18, {0x3, 0x4, 0x3, 0x7, [0x0, 0x8000]}}, @generic={0x1, 0x8, "2bdb86d1ce6a20c2"}]}}}, @rthdrdstopts={{0x20, 0x29, 0x37, {0x73, 0x0, '\x00', [@pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x2}}, @rthdr={{0x18}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x3a, 0x4, 0x2, 0x70, 0x0, [@mcast1, @mcast2]}}}], 0x340}}], 0x1, 0x810)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x600000000000000)

342.490782ms ago: executing program 0 (id=1869):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r4, 0xc048aeca, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x100000b, 0x100010, r1, 0xffffd000)
ioctl$PPPIOCGL2TPSTATS(r1, 0x80487436, &(0x7f0000000080)="b6a7f8da000ec40260c1")
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r5, 0x4048aec9, &(0x7f0000000040)={0x601b, 0x8, 0x2000000, 0x2000000, 0x40002})

228.947366ms ago: executing program 1 (id=1870):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0)
read(r1, 0x0, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r2 = syz_clone(0x20820000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x28}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$sock_int(r6, 0x1, 0x5, &(0x7f0000002640)=0x3, 0x4)
ioctl$FBIOGETCMAP(r4, 0x4604, &(0x7f00000001c0)={0x0, 0x1, &(0x7f00000000c0)=[0x0], &(0x7f0000000100), 0x0, 0x0})
setns(r3, 0x24020000)
ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'macvlan0\x00'})

226.20106ms ago: executing program 0 (id=1871):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0x8000}, {0x6}]}, 0x10)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000100)="9d", 0xb99d}], 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000008c0)={0x20, 0x21, 0x1, 0x0, 0x0, "", [@typed={0xa, 0x0, 0x0, 0x0, @str='\x00\x00\x00\x01\x01b'}, @nested={0x4, 0x15}]}, 0x20}], 0x1}, 0x0)

134.489389ms ago: executing program 1 (id=1872):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84) (async)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000000)={<r1=>0x0, 0x89, "4a6db036aec8b04ee755c21b27a9e14090820c4dbb6a17acb7759a525f8362d2cee49ce90a7724d12309b35a308252acbbfaab3852d9b0d1c9aad30b4133b2f28d7c6d57085e97c7659865c4fa64b1cbc4837a36c49b99d24ec91473290cc7c1015b2e5b50c6b35d002a74236e58282619647b48ff0c30d2038eef3903dbdd50ba1380ab1eab6b410a"}, &(0x7f00000000c0)=0x91)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)={<r2=>r1, 0x41, 0x7, [0x0, 0x0, 0x6, 0x9, 0x2, 0xcc0, 0x1e8]}, &(0x7f0000000140)=0x16) (async)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000000180)={r1, @in={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x84) (async)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r3=>r0, {0x3}}, './file0\x00'}) (async)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000280)={<r4=>r1, 0x5}, &(0x7f00000002c0)=0x8)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r3, 0x84, 0x79, &(0x7f0000000300)={r4, 0x10, 0x6}, 0x8) (async)
read$char_usb(r3, &(0x7f0000000340)=""/159, 0x9f) (async)
epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r3)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000400)='reno', 0x4) (async)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000440)={<r5=>r2, @in6={{0xa, 0x4e22, 0x1, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8}}}, &(0x7f0000000500)=0x84)
ioctl$SNDRV_TIMER_IOCTL_STOP(r3, 0x54a1) (async)
listen(r3, 0x4) (async)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f0000000540)=[@in6={0xa, 0x4e23, 0x40, @mcast1, 0x9}], 0x1c) (async)
sendmmsg$inet_sctp(r3, &(0x7f0000001180)=[{&(0x7f0000000580)=@in6={0xa, 0x4e22, 0xffffffc0, @mcast1, 0x9}, 0x1c, &(0x7f0000000b40)=[{&(0x7f00000005c0)="46222629d93b084079631ac3a3852f1ac9a388af4299b4ed23c5b1caed0d7089000b999c3c3992b88e493a40033b117a7b4fbb53fe932f50ee16eab271fb91828871032f3bae15877468a5d1783473d9ad", 0x51}, {&(0x7f0000000640)="6a6f25f4e97fb737ab629a3678eb08666e7e170a90fa6a348009c9883a4aeeb55af7d9158a1e0d2763c72c80452c2a211f201b38c448c9a8387816df2e79bd7638e57cc048551ddde0d39ce1044f6802fcb79e637f8571ff240f18c50a839ad17756837b88", 0x65}, {&(0x7f00000006c0)="1870c631bd489fe4a7797475f35767fa2a58548032c333371122ceabfb9c19fbd97290eeef856027edd3cfdb3df665f335dd6bf45842a727a430fa14ab93c0ee3309459cf66b3cdc0e66660bb2bd628915bec99219abba8bedd49fba0c3de695f96820c8ec176d9c236ca57bae2521df263ed323e601360dc0ab91badea7aeb5890247424d7f", 0x86}, {&(0x7f0000000780)="026f0da1a8296b5e90a6fdc492bece73a034d7a6fc57b9fd24aa782345549c51203d8d74a604bc16420c4d53274590db63826d10e8579fb4e04c26eba331b2049c8a366e55ebcd93b8c2a3ba31576a9a6716a6e41d240ff2b3ac690e1883e7ebe04b08ae9d300cf08054489d0b91cfa8c9443b8fc8ef4868c471b5f665a82884450169d9d0c05805ab1b3bc7c1", 0x8d}, {&(0x7f0000000840)="5b1953c4e4c15231a4ecf7fbff8a9f44027490dabf6886a1cceb5a5336131c98641a0b19f55b6eed41eb535fe4fc864f9dff951f431a46c8d307c466d371fdc855d07405fcb20d15e6a2a4708da1b5b0b78fab51fcc99dba", 0x58}, {&(0x7f00000008c0)="b379b1e0e89cd6cdfc0571f3d4f5c5f2c15a4b358683aa688022a266217528ead3568203dee5c19ff3bd66e0d55ae1ec20eabc98097ce1ad3ac0c0fb3e2d3e731cabf59636060e61522571f1c986cb0c58ecc482c96d1b10b74a285bdbc55ac876a7f7304534ed784d59085cc8243b4a15bd609319b0ee8a0e89ef9c43668c5ab0c47ded5710d5358866d5db6f8bb6cd33a572ff4ec0d3d535fafd6f52324dabffe51a03205e5b8c88e7f72420322c6068f2e336807394dd9b8d8df9cb48841a70b976c284c1c2bce6f79d485a3eaeefaabc380fd436c89a918af5807e0606f5d7fab674dcd218882733ca32b78e05", 0xef}, {&(0x7f00000009c0)="b719773dca", 0x5}, {&(0x7f0000000a00)="f7dc666967d468a4c5b2d77f638b476af8a2104abf9b7413a19fb3b87813c461f8a7d03fea1d356981f066809856fc4110d66f67121f560f32916945f0745d55477c9e9eecfb98da76a96ca836eeeb2155ba635ff52a8a89481802db82bc86730597309daab10d8efa852d5a", 0x6c}, {&(0x7f0000000a80)="66ffb25e2307a74854528532b4418e2177c466ec6f22ffddd48cd4344d8795876643edc1eddeaf9f0461cf0e959e49dc8c23eb1e7bd80af478364d63d02ee3bd8d9ab1509f58384f31971f9faa95c9e173b48bdce2d6e791c05d7d9d961a78fbbf9c7fac77b19233f4a161a3d0ca715917048dc9af864bfb3b8ce0d91871576281d35d44efbbfd5b7f233bb9de3cf259e88ccfded2cacc8723660f7591908fa88dbf2981526163d4f24309b54b103d4ab0f1996ffba512d1", 0xb8}], 0x9, &(0x7f0000000c00)=[@init={0x18, 0x84, 0x0, {0xffff, 0x0, 0x2000, 0x8}}, @sndinfo={0x20, 0x84, 0x2, {0x5, 0x200, 0x9, 0xfa, r2}}, @init={0x18, 0x84, 0x0, {0x6, 0x5, 0x3, 0x1}}, @dstaddrv6={0x20, 0x84, 0x8, @private2={0xfc, 0x2, '\x00', 0x1}}, @init={0x18, 0x84, 0x0, {0x7, 0x5, 0x1, 0x3ff}}, @authinfo={0x18, 0x84, 0x6, {0x7}}, @sndinfo={0x20, 0x84, 0x2, {0xd, 0x200, 0x0, 0x0, r2}}, @sndrcv={0x30, 0x84, 0x1, {0x9, 0x2, 0x202, 0xff, 0x4, 0x2, 0x100, 0x3}}, @dstaddrv6={0x20, 0x84, 0x8, @private1={0xfc, 0x1, '\x00', 0x1}}, @authinfo={0x18, 0x84, 0x6, {0x200}}], 0x128, 0x20000080}, {&(0x7f0000000d40)=@in={0x2, 0x4e21, @remote}, 0x10, &(0x7f0000001100)=[{&(0x7f0000000d80)="824399146ac4d9500cac020b3333bf6a5ae682096f2b1c35868a71056dd21c4ab5c8cb7708f635e7f94bd71eeb50cf0a97046fcc68561cfea04eecefb16a43b9a6cca3a5ee3eeb64494068ae3d397fa9e18538b1fd846368eccac6c916ab014eec67a6c4869bf2e257cf5b4aaac3bc45db1ee92dec", 0x75}, {&(0x7f0000000e00)="a037187713c5d68d482a01a02fbfeb2d313c883aa564eb305bc1765b68b28a9304f638adc9f41d6043d83d8604e5e4ab02c5e00f2aeb84a3ad9d7358d97d6474e5ad8a1b9b95c0f13e2859e379994c2d9846997e52b02431cc9392941b4559e750bcecd2180abf31c688c3b521a98f45d71dcec4e87166b881f18e10c2e2defa1a11eff189713227ba9eaacf90aa34ec1040c5e8caeaec7a9422ee2fde4c378ddbe98ed8f2c5f31de8f77c9d826aebb9b533022398a1c7bdac5998", 0xbb}, {&(0x7f0000000ec0)="0e3975c2fa5e69e68c5beb711ce123cad7ef5ce53da8ed0dea66f460abdf98472777342713337bc45de5b85716c940a51222926e1c282deb9e4558a2b3b602d14be47cc7cb005d7c4bec7edfecaebef58db1a189f3acc115f7c65ed6901758c9d6", 0x61}, {&(0x7f0000000f40)="b3b5b4972df92b41fb2f51dac1eef066377c0a532ead87a4d4910eee9ba3bc8ed42fb8ce27efd462761dd79b76cb4d73a31a88a7ee847246011c8d95f4184ec0cda75a507a7c623687e6c868cdb181108a491402a42bc6169ebe7777f1f1c6f11c2fbf43060150570e850131305ce78bfa7822802a2d26761d8bb6be911d6287eb2db8a9314d57e7af12120136070b8b02bbc397b7479316849ec58454489a9a6cd485ef52a9b61fd29fe7c09001ad8e4177175b54c7368c1d0a897629c715eb77d963cf826daa8e7416a371983423363346663b2fb7cb3b6086f4", 0xdb}, {&(0x7f0000001040)="ad03748afa4936540d231abbac37b9442f53e5b6502d86e3f1eeab5504daf42dff8e79a51605ce9d93017b7e55442d1fb46f89f0ee33410f7e63f2f8b4b543aeb8b6304e280ca21b152e685b2c01d1f27317d87ff27414030dbe8f628bb856160266eab6df5e3437af74e730dc78c32654d7fb730c4581d63dd892f09853fbd1a7babd543d3163e703049da3a45b23f4b6a701471b43e7b49f", 0x99}], 0x5, 0x0, 0x0, 0x48000}], 0x2, 0x4000000) (async)
ioctl$BTRFS_IOC_BALANCE(r3, 0x5000940c, 0x0) (async)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2) (async)
getsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000001200), &(0x7f0000001240)=0x4) (async)
ioctl$LOOP_CHANGE_FD(r3, 0x4c06, r0) (async)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000001300)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f00000014c0)={&(0x7f0000001280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001480)={&(0x7f0000001340)={0x11c, r6, 0x10, 0x70bd27, 0x25dfdbfe, {{}, {@void, @val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x80000001}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x5}, @NL80211_ATTR_VENDOR_DATA={0xb6, 0xc5, "016cc3fe3ee014c57dbc6247c7a305b54c18fa66952c329dc6d7d51cd4de5e39c652fabdc8e46b2c77e54dba3e1736fb3e6192e2fa6c4e58186af8a0f612acccd724930d408c40fab2ecca01088daf0b393fac173907e4ca5a41eb38de36c8a76cdfeb8cd895ac923ffedf828bd7b9154332bb1616e187837930f389ad8c2f3dfb67e4af589de72d191b3bea31a3608f58583d3468d04533251d6a974d40721c6bae8f946e16421c3846901e82981d994dee"}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x10001}, @NL80211_ATTR_VENDOR_SUBCMD={0x8}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x9}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xc663}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x800}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x63f1}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x2}]}, 0x11c}, 0x1, 0x0, 0x0, 0x44005}, 0x10) (async)
r8 = socket$netlink(0x10, 0x3, 0x15) (async)
recvfrom(r0, &(0x7f0000001500)=""/64, 0x40, 0x0, &(0x7f0000001540)=@in={0x2, 0x4e20, @remote}, 0x80)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f00000015c0)=@sack_info={r5, 0x6, 0xfffffffe}, &(0x7f0000001600)=0xc)
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f00000016c0)={<r9=>0x0, 0x2, 0x7b4, 0x1})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r3, 0x50009418, &(0x7f0000001ac0)={{r8}, 0x0, 0xc, @inherit={0x58, &(0x7f0000001640)={0x0, 0x2, 0x4, 0x7fff, {0xa, 0x8000, 0x7, 0xf1b, 0xffffffffffffd2a5}, [0x800, 0x6]}}, @devid=r9}) (async)
sendmsg$BATADV_CMD_SET_VLAN(r8, &(0x7f0000002bc0)={&(0x7f0000002ac0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000002b80)={&(0x7f0000002b00)={0x44, 0x0, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xffffffff}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x100}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000010}, 0x24008800) (async)
setsockopt$IP_VS_SO_SET_TIMEOUT(r3, 0x0, 0x48a, &(0x7f0000002c00)={0x9, 0x6, 0x5}, 0xc)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000002c40)={r4, 0xffff}, 0x8)

106.095081ms ago: executing program 0 (id=1873):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
ioctl$VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000000)={0xb, 0x5, 0x2, 0x880})
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000200)={0x203, 0xa, 0x2})
ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000500)=@userptr={0x6, 0xa, 0x4, 0x1, 0x0, {0x0, 0x2710}, {0x1, 0xc, 0xd2, 0x6, 0x77, 0x6, "0080ca6f"}, 0xff, 0x2, {&(0x7f00000002c0)}, 0x6})

1.011694ms ago: executing program 2 (id=1874):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id='])
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
r3 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x100)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r3, 0xab00, r4)
ioctl$NBD_DO_IT(r3, 0xab03)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x20, r5, 0x201, 0x70bd2c, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4002080}, 0x4000)

502.769µs ago: executing program 1 (id=1875):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001100), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)={0x38, r3, 0x101, 0x70bd2a, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}]]}, 0x38}, 0x1, 0x0, 0x0, 0x35e5895c1a66f683}, 0x0) (async, rerun: 32)
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r1, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000380)={&(0x7f0000000940)={0x94, r3, 0x800, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @void}}, [@chandef_params, @NL80211_ATTR_OPER_CLASS={0x0, 0xd6, 0x7}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0xfffffd59, 0x27, 0x3}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x2732}, @NL80211_ATTR_CHANNEL_WIDTH, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x139}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x12}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1}], @NL80211_ATTR_MAC={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1b}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x2a9}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x14b4}]]}, 0x94}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async, rerun: 32)
sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000033c0)={0x0, 0x0, &(0x7f0000003380)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r0, @ANYBLOB="010027bd70000900000000000000"], 0x14}, 0x1, 0x0, 0x0, 0xc0c1}, 0x24000804) (async, rerun: 64)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x20) (rerun: 64)
syz_open_dev$video4linux(&(0x7f0000000080), 0x5, 0x0) (async)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x807, 0x83, 0x6, 0xfffa}, 0x2000001d, [0x8000, 0xc95a, 0x12, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x49, 0x39cc191b, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x4, 0x8, 0x2, 0x4, 0x3c5b, 0x90, 0x24, 0x9, 0x1, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x2, 0x4c74, 0x80000000, 0x242, 0x0, 0x6, 0x1000, 0x6e, 0x7, 0x7, 0x1, 0x7, 0x0, 0x3f, 0x8f, 0x6, 0x6, 0x0, 0x5, 0x0, 0x8, 0x0, 0x5, 0x0, 0x2, 0x6, 0xb, 0x4, 0x7, 0x40], [0x10000007, 0xffff, 0x8000012d, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xcd, 0x409, 0x9, 0x2bf, 0x6c9, 0x8, 0xfffffffc, 0x3, 0x0, 0x7, 0xeb, 0x5573, 0xe, 0x312, 0x78, 0xea4, 0x0, 0xda7a, 0x4, 0x8000, 0x2009, 0x400, 0x401, 0x6, 0x7, 0x4, 0x5, 0x5, 0x5f2e, 0x4, 0x0, 0x2, 0xfffffffe, 0x9, 0x4, 0x9, 0x8, 0x0, 0xef61, 0x7, 0x8000, 0x0, 0xfe000000, 0xffff, 0x2, 0x7f, 0x8, 0x3, 0x3, 0x9, 0x1, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x2], [0x7, 0x3, 0x0, 0x4, 0xfffffffe, 0x9, 0x8d2, 0x4, 0x5, 0x7fff, 0x2, 0x5, 0xb, 0x20004, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0xff, 0x3, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0xfffffffd, 0xd, 0x4, 0x6d01, 0xc9d1, 0x9, 0x800000, 0x1fd, 0x80, 0x3, 0x400, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0x5, 0x5, 0x5, 0xac8, 0x7, 0x2, 0x3, 0x7ff, 0xfffffff9, 0x0, 0x800001, 0xffff, 0x3, 0x6, 0x1e, 0x120000, 0x3, 0x3, 0xa2ed, 0x404, 0x25], [0x9, 0xbb31, 0x296, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x53f53814, 0x2, 0x7, 0x22, 0x3, 0x101, 0x10000, 0x6, 0x207fff, 0xffff, 0x2, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x6, 0xff7fffff, 0x95d, 0x5, 0x8, 0xc7, 0xee1, 0xfffff000, 0xffff, 0x3, 0x7e, 0x20100, 0x9603, 0x7, 0x2, 0x4, 0x6, 0x1, 0x6, 0x5, 0x8, 0x1000, 0xa1f, 0xc, 0x7, 0x1, 0x6c1b, 0x8000, 0x4, 0x5, 0xb1e, 0x1, 0x200, 0xffff3441, 0x3]}, 0x45c) (async)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) (async)
ioctl$KVM_SET_IRQCHIP(r5, 0x8208ae63, &(0x7f0000000000)={0x2, 0x0, @ioapic={0x1, 0xd15, 0x7, 0x3, 0x0, [{0x3, 0x0, 0x2, '\x00', 0x3}, {0x3, 0x9, 0x4, '\x00', 0x3}, {0x9, 0x59, 0x7, '\x00', 0xb}, {0x4, 0x5, 0xff, '\x00', 0xa7}, {0x6, 0x0, 0x95, '\x00', 0x9}, {0x40, 0x5, 0x40, '\x00', 0x5}, {0x93, 0x5, 0xf0, '\x00', 0x80}, {0x9, 0x38, 0x8, '\x00', 0x8}, {0x6, 0x9, 0x7, '\x00', 0x81}, {0x91, 0x40, 0x1a, '\x00', 0x2}, {0x8, 0x7e, 0x7f, '\x00', 0x9}, {0xd, 0x2, 0x6, '\x00', 0xfb}, {0x5, 0x3, 0x9, '\x00', 0x3}, {0x0, 0xa6, 0xa6, '\x00', 0x2}, {0x5, 0xe3, 0x2, '\x00', 0x3}, {0x2, 0x9, 0x9, '\x00', 0x1}, {0x4, 0x8, 0x2c, '\x00', 0x9}, {0x5, 0x1, 0x3, '\x00', 0x4}, {0x17, 0x4, 0x2, '\x00', 0x5}, {0x5, 0x9, 0x2, '\x00', 0x6}, {0x1, 0x81, 0x1, '\x00', 0x4}, {0x1, 0x5, 0x4, '\x00', 0x5}, {0x4, 0x9, 0x7}, {0x56, 0x2, 0xa, '\x00', 0x3}]}})

0s ago: executing program 0 (id=1876):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000040)={0x0, @pix_mp={0x0, 0x0, 0x50323234, 0x0, 0x0, [{}, {}, {}, {0x1}, {0x4}]}})
syz_genetlink_get_family_id$nl80211(0x0, r0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000140)={'vcan0\x00', <r3=>0x0})
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000000)=0x2, 0x4)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
close(r4)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000000)='nv', 0x2)
connect$unix(r4, &(0x7f0000000940)=@file={0x0, './file0\x00'}, 0x6e)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000000, 0x12, r5, 0x0)
ioctl$KVM_X86_SETUP_MCE(r6, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0xa13ca8e5839881a5, 0x4})
write$tun(r4, &(0x7f00000004c0)=ANY=[@ANYBLOB="0000809b461f00c80068000000069078e0000001ac1414bb01442c7861ac1414bb00000005ac141437000008fd0000000000000800ac1414aa00000077e000000200001ae44414f9000000000500000009000f0003000000098622000000030104c5780509b58d207c7ae23a020f5a088796f14d32e3d7e0c25c3a070bfc6401010264010101018313a0ac1414bbe00000017f000001ac1e000100000000000000000000000000000000000000004e2300004e21000000030000000300000003000000040000000000000000d136897d4905cecb0ecec10e8da67b973d4c920209dd9f08c58326ec9537a9d5dfff0f5b5823917cdacfb5e081c2e825fdefcc3a1e087366fd8458e689de1f1a5a6b435f37607edfb32181fba177420cb9128132de2eb3f8280cae3167450517b818431ac96d0bd90b5620b76e05033f0f55dc7fd671d55fef37e39cbba992527ca1c5d5123a59e7f0212f66d2ebd75e4e4a103a2b4fc120caf1c068f579eddc763d96"], 0xcc)
sendmsg$can_raw(r2, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r3}, 0x10, &(0x7f0000000480)={&(0x7f0000000040)=@can={{0x3, 0x0, 0x1}, 0x0, 0x2, 0x0, 0x0, "11e97f5d0c1f526b"}, 0x10}, 0x1, 0x0, 0x0, 0x2}, 0x20044850)
r7 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r7, 0x8914, &(0x7f0000000000)={'wlan1\x00'})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="05000000000000000000060000000800030062602fb092ececb0f44cb61e4289fa142f61f1307012337a0612dd17a090f45a368c0d9a86a0cb11c906ebb99e183a6ae01899e75b1fd62bca2dc0dfa71280de296f19ddca5a6a11a10ae4e886215e41ede524d360af3683cb6fbb27319b86694ec4321b2da20466e70323339b5d4f4c6f21eed5d887fa37a97e555f48a0f1f56115c5a72c097fbd87f62994bd10dfe1e9fbab525c", @ANYRES32=r11, @ANYBLOB="0800050007000000"], 0x24}}, 0x10)
r12 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_ADD(r12, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x10000000})
r13 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r13, 0x0, 0x60, &(0x7f0000000bc0)={'filter\x00', 0x7, 0x4, 0x3b8, 0x20, 0x1e8, 0x1e8, 0x2d0, 0x2d0, 0x2d0, 0x4, 0x0, {[{{@uncond, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x44, 0x2, {0xffffffffffffe8d8}}}}, {{@arp={@remote, @multicast1, 0xff000000, 0xffffff00, 0x3, 0x3, {@mac=@broadcast, {[0x1fe, 0xff, 0xff, 0x0, 0xff, 0xff]}}, {@empty, {[0x0, 0xff, 0xff, 0xff, 0x0, 0xff]}}, 0x6, 0x2, 0xd9e7, 0x1, 0x2, 0x1000, 'vxcan1\x00', 'macvlan0\x00', {}, {0xff}, 0x0, 0x8}, 0xc0, 0xe8}, @unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x0, 0x1}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@AUDIT={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x408)
socket$nl_generic(0x10, 0x3, 0x10)

kernel console output (not intermixed with test programs):

  254.627324][   T24] usb 3-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b
[  254.637318][ T5876] usb 4-1: new full-speed USB device number 44 using dummy_hcd
[  254.645269][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.653520][ T5877] usb 1-1: Using ep0 maxpacket: 16
[  254.659677][   T24] usb 3-1: Product: syz
[  254.664366][   T24] usb 3-1: Manufacturer: syz
[  254.670146][   T24] usb 3-1: SerialNumber: syz
[  254.677386][ T5877] usb 1-1: unable to get BOS descriptor or descriptor too short
[  254.688538][   T24] usb 3-1: config 0 descriptor??
[  254.693891][ T5877] usb 1-1: config 13 has an invalid interface number: 50 but max is 0
[  254.705247][   T24] gspca_main: stk014-2.14.0 probing 05e1:0893
[  254.711594][ T5877] usb 1-1: config 13 has an invalid descriptor of length 0, skipping remainder of the config
[  254.722397][   T24] usb 3-1: selecting invalid altsetting 1
[  254.728859][ T5877] usb 1-1: config 13 has no interface number 0
[  254.735253][ T5877] usb 1-1: config 13 interface 50 altsetting 167 bulk endpoint 0x88 has invalid maxpacket 16
[  254.749240][ T5877] usb 1-1: config 13 interface 50 altsetting 167 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  254.763148][ T5877] usb 1-1: config 13 interface 50 has no altsetting 0
[  254.772842][ T5877] usb 1-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32
[  254.782358][ T5877] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.790741][ T5877] usb 1-1: Product: syz
[  254.795377][ T5877] usb 1-1: Manufacturer: syz
[  254.800696][ T5877] usb 1-1: SerialNumber: syz
[  254.808237][ T5876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  254.820289][ T5876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  254.832210][ T5876] usb 4-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00
[  254.842124][ T5876] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.851218][ T8964] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  254.855780][ T5876] usb 4-1: config 0 descriptor??
[  255.114126][ T8969] Bluetooth: MGMT ver 1.23
[  255.116272][ T5877] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  255.127045][    T9] usb 3-1: USB disconnect, device number 56
[  255.148015][ T5877] usb 1-1: MIDIStreaming interface descriptor not found
[  255.225475][ T5877] usb 1-1: USB disconnect, device number 52
[  255.285727][ T5825] udevd[5825]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:13.50/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  255.545817][ T5876] usbhid 4-1:0.0: can't add hid device: -71
[  255.552067][ T5876] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  255.567253][ T5876] usb 4-1: USB disconnect, device number 44
[  255.824780][ T8985] overlayfs: failed to clone upperpath
[  255.899080][ T8987] tipc: Started in network mode
[  255.904112][ T8987] tipc: Node identity ac141441, cluster identity 4711
[  255.913600][ T8987] tipc: Enabled bearer <udp:syz2>, priority 10
[  256.012501][ T8994] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  256.346159][  T793] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  256.507631][  T793] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  256.546086][  T793] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.556925][  T793] usb 4-1: Product: syz
[  256.561285][  T793] usb 4-1: Manufacturer: syz
[  256.576140][  T793] usb 4-1: SerialNumber: syz
[  256.827070][ T8996] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  256.852754][ T8996] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  257.046278][ T5877] tipc: Node number set to 2886997057
[  257.094083][  T793] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  257.126045][  T793] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  257.221141][   T54] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  257.227903][ T5830] Bluetooth: hci0: command 0x0406 tx timeout
[  257.416561][ T9019] overlayfs: failed to clone upperpath
[  257.557451][ T5877] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  257.722065][ T5877] usb 3-1: New USB device found, idVendor=0af7, idProduct=0101, bcdDevice=2d.62
[  257.731853][ T5877] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.753003][ T5877] usb 3-1: config 0 descriptor??
[  257.772119][ T5877] usb 3-1: selecting invalid altsetting 1
[  257.792411][ T5877] flexcop_usb: set interface failed.
[  257.798143][  T793] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000000. ret = -EPROTO
[  257.811955][ T5877] b2c2_flexcop_usb 3-1:0.0: probe with driver b2c2_flexcop_usb failed with error -22
[  257.822193][  T793] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  257.846285][  T793] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  257.857822][  T793] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71
[  257.878950][  T793] usb 4-1: USB disconnect, device number 45
[  257.989347][ T5877] usb 3-1: USB disconnect, device number 57
[  258.063170][ T9023] x_tables: ip_tables: TCPMSS target: only valid for protocol 6
[  258.704355][ T9044] overlayfs: failed to clone upperpath
[  258.790542][ T9046] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.1103'.
[  258.887687][ T5877] usb 3-1: new full-speed USB device number 58 using dummy_hcd
[  259.048165][ T5877] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  259.066043][ T5877] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  259.079899][ T5877] usb 3-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00
[  259.090148][ T5877] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.107552][ T5877] usb 3-1: config 0 descriptor??
[  259.126134][ T5908] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  259.310395][ T5908] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  259.330670][ T5908] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.330703][ T5908] usb 1-1: Product: syz
[  259.330721][ T5908] usb 1-1: Manufacturer: syz
[  259.330738][ T5908] usb 1-1: SerialNumber: syz
[  259.391547][ T9042] fuse: Unknown parameter '‰'
[  259.414713][ T5877] usbhid 3-1:0.0: can't add hid device: -71
[  259.429771][ T5877] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  259.453230][ T5877] usb 3-1: USB disconnect, device number 58
[  259.562420][ T9050] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  259.571587][ T9050] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  259.676202][    T9] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  259.782618][ T5908] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  259.794581][ T5908] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  259.826017][    T9] usb 4-1: Using ep0 maxpacket: 32
[  259.833994][    T9] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  259.842547][    T9] usb 4-1: config 0 has no interface number 0
[  259.848849][    T9] usb 4-1: config 0 interface 184 has no altsetting 0
[  259.860511][    T9] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  259.869880][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.878123][    T9] usb 4-1: Product: syz
[  259.882553][    T9] usb 4-1: Manufacturer: syz
[  259.887470][    T9] usb 4-1: SerialNumber: syz
[  259.895579][    T9] usb 4-1: config 0 descriptor??
[  259.906200][    T9] smsc75xx v1.0.0
[  260.212958][ T9059] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1108'.
[  260.219390][ T9064] overlayfs: failed to resolve './file0': -2
[  260.385180][ T9059] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  260.406174][ T9059] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  260.421576][ T9059] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  260.439992][ T9059] bond0 (unregistering): Released all slaves
[  261.022485][ T5908] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  261.141464][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  261.148173][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  261.246907][ T9050] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  261.256512][ T9050] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  261.563215][    T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  261.589035][    T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  261.599610][    T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  261.612781][    T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  261.627976][    T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  261.639047][    T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  261.659838][    T9] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  261.694512][    T9] usb 4-1: USB disconnect, device number 46
[  261.871423][ T5908] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001028. ret = -EPROTO
[  261.896090][ T5908] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  261.909245][ T5908] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  261.920514][ T5908] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  261.934085][ T5908] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71
[  261.937384][ T5877] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  261.953054][ T5908] usb 1-1: USB disconnect, device number 53
[  262.113869][ T5877] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  262.123245][ T5877] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.131479][ T5877] usb 3-1: Product: syz
[  262.135868][ T5877] usb 3-1: Manufacturer: syz
[  262.140826][ T5877] usb 3-1: SerialNumber: syz
[  262.368899][ T9091] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.382729][ T9091] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  262.473373][ T9114] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1129'.
[  262.599801][ T5877] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  262.629561][ T5877] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  262.926052][ T5908] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  262.969313][ T9131] FAULT_INJECTION: forcing a failure.
[  262.969313][ T9131] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  262.985814][ T9131] CPU: 1 UID: 0 PID: 9131 Comm: syz.3.1136 Not tainted syzkaller #0 PREEMPT(full) 
[  262.985853][ T9131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  262.985868][ T9131] Call Trace:
[  262.985876][ T9131]  <TASK>
[  262.985885][ T9131]  dump_stack_lvl+0x189/0x250
[  262.985923][ T9131]  ? __pfx____ratelimit+0x10/0x10
[  262.985950][ T9131]  ? __pfx_dump_stack_lvl+0x10/0x10
[  262.985977][ T9131]  ? __pfx__printk+0x10/0x10
[  262.986000][ T9131]  ? __might_fault+0xb0/0x130
[  262.986035][ T9131]  should_fail_ex+0x414/0x560
[  262.986070][ T9131]  _copy_from_user+0x2d/0xb0
[  262.986096][ T9131]  ___sys_sendmsg+0x158/0x2a0
[  262.986129][ T9131]  ? __pfx____sys_sendmsg+0x10/0x10
[  262.986207][ T9131]  ? kasan_check_range+0x9f/0x2c0
[  262.986255][ T9131]  __x64_sys_sendmsg+0x19b/0x260
[  262.986286][ T9131]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  262.986325][ T9131]  ? __pfx_ksys_write+0x10/0x10
[  262.986362][ T9131]  ? do_syscall_64+0xbe/0xfa0
[  262.986394][ T9131]  do_syscall_64+0xfa/0xfa0
[  262.986424][ T9131]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.986445][ T9131]  ? clear_bhb_loop+0x60/0xb0
[  262.986470][ T9131]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.986492][ T9131] RIP: 0033:0x7fc6e2d8f6c9
[  262.986512][ T9131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.986531][ T9131] RSP: 002b:00007fc6e3c76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  262.986554][ T9131] RAX: ffffffffffffffda RBX: 00007fc6e2fe5fa0 RCX: 00007fc6e2d8f6c9
[  262.986570][ T9131] RDX: 0000000000048000 RSI: 0000200000000440 RDI: 0000000000000004
[  262.986585][ T9131] RBP: 00007fc6e3c76090 R08: 0000000000000000 R09: 0000000000000000
[  262.986598][ T9131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.986611][ T9131] R13: 00007fc6e2fe6038 R14: 00007fc6e2fe5fa0 R15: 00007ffff63bd608
[  262.986647][ T9131]  </TASK>
[  263.187336][ T5908] usb 1-1: Using ep0 maxpacket: 8
[  263.197446][ T5908] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  263.236477][ T5908] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  263.260396][ T5908] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  263.280354][ T5908] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  263.294942][ T5908] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  263.313031][ T5908] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.327102][ T9142] netlink: 'syz.3.1139': attribute type 19 has an invalid length.
[  263.384448][ T9091] overlayfs: failed to resolve './file0': -2
[  263.389904][ T9147] overlayfs: failed to clone upperpath
[  263.429962][ T5877] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000000. ret = -EPROTO
[  263.442168][ T5877] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  263.452357][ T5877] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  263.471033][ T5877] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  263.487643][ T5877] usb 3-1: USB disconnect, device number 59
[  263.549677][ T5908] usb 1-1: GET_CAPABILITIES returned 0
[  263.555255][ T5908] usbtmc 1-1:16.0: can't read capabilities
[  263.753453][ T5908] usb 1-1: USB disconnect, device number 54
[  264.378074][ T9171] overlayfs: failed to resolve './file0': -2
[  264.735833][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  265.586035][  T793] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  265.756794][  T793] usb 4-1: Using ep0 maxpacket: 8
[  265.758809][  T793] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  265.758845][  T793] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  265.758906][  T793] usb 4-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00
[  265.758932][  T793] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.764855][  T793] usb 4-1: config 0 descriptor??
[  265.954130][ T9216] F2FS-fs (nbd0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  265.963798][ T9216] F2FS-fs (nbd0): Can't find valid F2FS filesystem in 1th superblock
[  265.972636][ T9216] F2FS-fs (nbd0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  265.981086][ T9216] F2FS-fs (nbd0): Can't find valid F2FS filesystem in 2th superblock
[  265.996716][ T9216] overlay: ./file0 is not a directory
[  266.085892][ T9220] overlayfs: failed to clone upperpath
[  266.132657][ T9222] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1169'.
[  266.187217][ T5908] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  266.189972][  T793] cherry 0003:046A:0027.000B: unknown main item tag 0x2
[  266.202522][  T793] cherry 0003:046A:0027.000B: unknown main item tag 0x0
[  266.209843][  T793] cherry 0003:046A:0027.000B: unknown main item tag 0x0
[  266.217098][  T793] cherry 0003:046A:0027.000B: unknown main item tag 0x0
[  266.224186][  T793] cherry 0003:046A:0027.000B: unknown main item tag 0x0
[  266.231349][  T793] cherry 0003:046A:0027.000B: unknown main item tag 0x0
[  266.240570][  T793] cherry 0003:046A:0027.000B: unknown main item tag 0x0
[  266.247973][  T793] cherry 0003:046A:0027.000B: unknown main item tag 0x0
[  266.255112][  T793] cherry 0003:046A:0027.000B: unknown main item tag 0x0
[  266.262935][  T793] cherry 0003:046A:0027.000B: unknown main item tag 0x0
[  266.280622][  T793] cherry 0003:046A:0027.000B: hidraw0: USB HID v0.00 Device [HID 046a:0027] on usb-dummy_hcd.3-1/input0
[  266.282960][ T9225] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1170'.
[  266.351000][ T5908] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  266.374453][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.393457][ T5908] usb 3-1: Product: syz
[  266.398392][ T5908] usb 3-1: Manufacturer: syz
[  266.418302][ T5908] usb 3-1: SerialNumber: syz
[  266.521292][  T977] usb 4-1: USB disconnect, device number 47
[  266.660779][ T9218] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  266.674449][ T9218] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  266.836116][  T977] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  266.887538][ T5908] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  266.899696][ T5908] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  266.996082][  T977] usb 1-1: Using ep0 maxpacket: 16
[  267.003289][  T977] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  267.014542][  T977] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  267.024608][  T977] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  267.033910][  T977] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.046433][  T977] usb 1-1: config 0 descriptor??
[  267.301797][  T977] usbhid 1-1:0.0: can't add hid device: -71
[  267.316763][  T977] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  267.340060][  T977] usb 1-1: USB disconnect, device number 55
[  267.457942][ T9257] netlink: 212356 bytes leftover after parsing attributes in process `syz.3.1179'.
[  267.488214][ T9259] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1178'.
[  267.531788][ T9218] overlayfs: failed to resolve './file1': -2
[  267.649324][ T5908] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000000. ret = -EPROTO
[  267.687184][ T5908] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  267.707926][ T5908] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  267.725218][ T5908] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  267.789202][ T5908] usb 3-1: USB disconnect, device number 60
[  267.888162][ T9275] loop8: detected capacity change from 0 to 524287999
[  267.949745][ T5833] buffer_io_error: 346 callbacks suppressed
[  267.949777][ T5833] Buffer I/O error on dev loop8, logical block 65535998, async page read
[  268.026394][    T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!!
[  268.544041][ T9289] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  268.666055][  T793] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[  268.816067][  T793] usb 3-1: Using ep0 maxpacket: 16
[  268.818139][ T9295] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1192'.
[  268.823557][  T793] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  268.844191][  T793] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[  268.853838][  T793] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.867434][  T793] usb 3-1: config 0 descriptor??
[  269.240433][ T9308] overlayfs: failed to resolve './file1': -2
[  269.261385][   T30] audit: type=1326 audit(1762503384.079:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6e2d8f6c9 code=0x7fc00000
[  269.286219][   T30] audit: type=1326 audit(1762503384.079:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc6e2d8f6c9 code=0x7fc00000
[  269.310598][  T793] lua 0003:1E7D:2C2E.000C: unbalanced collection at end of report description
[  269.310598][   T30] audit: type=1326 audit(1762503384.079:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6e2d8f6c9 code=0x7fc00000
[  269.310650][   T30] audit: type=1326 audit(1762503384.079:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6e2d8f6c9 code=0x7fc00000
[  269.321017][  T793] lua 0003:1E7D:2C2E.000C: parse failed
[  269.342480][   T30] audit: type=1326 audit(1762503384.079:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6e2d8f6c9 code=0x7fc00000
[  269.342546][   T30] audit: type=1326 audit(1762503384.079:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6e2d8f6c9 code=0x7fc00000
[  269.342611][   T30] audit: type=1326 audit(1762503384.079:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6e2d8f6c9 code=0x7fc00000
[  269.342660][   T30] audit: type=1326 audit(1762503384.079:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6e2d8f6c9 code=0x7fc00000
[  269.342707][   T30] audit: type=1326 audit(1762503384.079:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6e2d8f6c9 code=0x7fc00000
[  269.342755][   T30] audit: type=1326 audit(1762503384.079:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6e2d8f6c9 code=0x7fc00000
[  269.506862][  T793] lua 0003:1E7D:2C2E.000C: probe with driver lua failed with error -22
[  269.518170][ T5908] usb 1-1: new full-speed USB device number 56 using dummy_hcd
[  269.639539][  T793] usb 3-1: USB disconnect, device number 61
[  269.666095][ T5908] usb 1-1: device descriptor read/64, error -71
[  269.906061][ T5908] usb 1-1: new full-speed USB device number 57 using dummy_hcd
[  269.934425][ T5830] Bluetooth: hci1: SCO packet for unknown connection handle 201
[  270.037237][ T5908] usb 1-1: device descriptor read/64, error -71
[  270.172217][ T5908] usb usb1-port1: attempt power cycle
[  270.390169][ T9321] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1201'.
[  270.407858][ T9321] tmpfs: Bad value for 'mpol'
[  270.472818][ T9325] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1203'.
[  270.490296][ T9325] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1203'.
[  270.526868][ T5908] usb 1-1: new full-speed USB device number 58 using dummy_hcd
[  270.557006][ T5908] usb 1-1: device descriptor read/8, error -71
[  270.636129][ T5824] usb 4-1: new full-speed USB device number 48 using dummy_hcd
[  270.727149][ T9337] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1206'.
[  270.789862][ T5824] usb 4-1: config 0 has no interfaces?
[  270.801998][ T5824] usb 4-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a
[  270.812040][ T5908] usb 1-1: new full-speed USB device number 59 using dummy_hcd
[  270.829749][ T5824] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.845581][ T5824] usb 4-1: Product: syz
[  270.854807][ T5908] usb 1-1: device descriptor read/8, error -71
[  270.868296][ T5824] usb 4-1: Manufacturer: syz
[  270.872966][ T5824] usb 4-1: SerialNumber: syz
[  270.890421][ T5824] usb 4-1: config 0 descriptor??
[  270.986613][ T5908] usb usb1-port1: unable to enumerate USB device
[  271.105376][ T9323] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  271.116634][ T9323] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  271.129958][ T5877] usb 4-1: USB disconnect, device number 48
[  271.276180][ T5908] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[  271.436741][ T5908] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  271.445880][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.466008][ T5908] usb 3-1: Product: syz
[  271.470462][ T5908] usb 3-1: Manufacturer: syz
[  271.475161][ T5908] usb 3-1: SerialNumber: syz
[  271.576017][ T5877] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  271.708410][ T9346] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  271.719635][ T9346] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  271.728117][ T5877] usb 4-1: Using ep0 maxpacket: 16
[  271.735108][ T5877] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  271.755277][ T5877] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  271.765060][ T5877] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.773333][ T5877] usb 4-1: SerialNumber: syz
[  271.787424][ T5877] usb 4-1: config 0 descriptor??
[  271.796965][ T5877] em28xx 4-1:0.0: New device   @ 480 Mbps (2040:0264, interface 0, class 0)
[  271.806551][ T5877] em28xx 4-1:0.0: DVB interface 0 found: bulk
[  271.932051][ T5908] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  271.946373][ T5908] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  272.168914][ T5877] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  272.242128][ T5877] em28xx 4-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  272.251542][ T5877] em28xx 4-1:0.0: board has no eeprom
[  272.316934][ T5877] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  272.325223][ T5877] em28xx 4-1:0.0: dvb set to bulk mode.
[  272.334543][ T5876] em28xx 4-1:0.0: Binding DVB extension
[  272.356578][ T5877] usb 4-1: USB disconnect, device number 49
[  272.364006][ T5877] em28xx 4-1:0.0: Disconnecting em28xx
[  272.433603][ T5876] em28xx 4-1:0.0: Registering input extension
[  272.443862][ T5877] em28xx 4-1:0.0: Closing input extension
[  272.482135][ T5877] em28xx 4-1:0.0: Freeing device
[  272.571518][ T9346] overlayfs: failed to resolve './file1': -2
[  272.628623][ T5908] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000000. ret = -EPROTO
[  272.642550][ T5908] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  272.654010][ T5908] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  272.691383][ T5908] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  272.714565][ T5908] usb 3-1: USB disconnect, device number 62
[  272.739395][ T9376] support for the xor transformation has been removed.
[  272.797674][ T9376] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1220'.
[  272.826508][  T977] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  272.976518][  T977] usb 1-1: device descriptor read/64, error -71
[  273.226103][  T977] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  273.376485][  T977] usb 1-1: device descriptor read/64, error -71
[  273.426066][    T9] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  273.479547][ T9402] FAULT_INJECTION: forcing a failure.
[  273.479547][ T9402] name failslab, interval 1, probability 0, space 0, times 0
[  273.493604][  T977] usb usb1-port1: attempt power cycle
[  273.496787][ T9402] CPU: 1 UID: 0 PID: 9402 Comm: syz.2.1229 Not tainted syzkaller #0 PREEMPT(full) 
[  273.496824][ T9402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  273.496840][ T9402] Call Trace:
[  273.496850][ T9402]  <TASK>
[  273.496860][ T9402]  dump_stack_lvl+0x189/0x250
[  273.496898][ T9402]  ? __pfx____ratelimit+0x10/0x10
[  273.496932][ T9402]  ? __pfx_dump_stack_lvl+0x10/0x10
[  273.496963][ T9402]  ? __pfx__printk+0x10/0x10
[  273.496997][ T9402]  ? __pfx___might_resched+0x10/0x10
[  273.497024][ T9402]  ? fs_reclaim_acquire+0x7d/0x100
[  273.497065][ T9402]  should_fail_ex+0x414/0x560
[  273.497108][ T9402]  should_failslab+0xa8/0x100
[  273.497146][ T9402]  kmem_cache_alloc_noprof+0x88/0x700
[  273.497179][ T9402]  ? alloc_pid+0x9f/0xc70
[  273.497204][ T9402]  ? copy_thread+0x4c6/0x9a0
[  273.497232][ T9402]  alloc_pid+0x9f/0xc70
[  273.497259][ T9402]  ? copy_thread+0x74e/0x9a0
[  273.497303][ T9402]  copy_process+0x18e7/0x3930
[  273.497348][ T9402]  ? copy_process+0x915/0x3930
[  273.497386][ T9402]  ? __pfx_copy_process+0x10/0x10
[  273.497431][ T9402]  vhost_task_create+0x1ce/0x320
[  273.497461][ T9402]  ? arch_stack_walk+0xfc/0x150
[  273.497488][ T9402]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  273.497521][ T9402]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  273.497551][ T9402]  ? __pfx_vhost_task_create+0x10/0x10
[  273.497595][ T9402]  ? __pfx_vhost_task_fn+0x10/0x10
[  273.497652][ T9402]  kvm_mmu_post_init_vm+0x14c/0x300
[  273.497692][ T9402]  kvm_arch_vcpu_ioctl_run+0xdc/0x1cb0
[  273.497739][ T9402]  ? __mutex_trylock_common+0x153/0x260
[  273.497774][ T9402]  ? __pfx___mutex_trylock_common+0x10/0x10
[  273.497805][ T9402]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  273.497845][ T9402]  ? rcu_is_watching+0x15/0xb0
[  273.497876][ T9402]  ? trace_contention_end+0x39/0x120
[  273.497905][ T9402]  ? look_up_lock_class+0x74/0x170
[  273.497944][ T9402]  ? register_lock_class+0x51/0x320
[  273.497977][ T9402]  ? __lock_acquire+0xab9/0xd20
[  273.498039][ T9402]  kvm_vcpu_ioctl+0x99a/0xed0
[  273.498080][ T9402]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  273.498139][ T9402]  ? __fget_files+0x2a/0x420
[  273.498173][ T9402]  ? __fget_files+0x3a0/0x420
[  273.498198][ T9402]  ? __fget_files+0x2a/0x420
[  273.498253][ T9402]  ? bpf_lsm_file_ioctl+0x9/0x20
[  273.498296][ T9402]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  273.498329][ T9402]  __se_sys_ioctl+0xfc/0x170
[  273.498368][ T9402]  do_syscall_64+0xfa/0xfa0
[  273.498404][ T9402]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.498429][ T9402]  ? clear_bhb_loop+0x60/0xb0
[  273.498459][ T9402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.498483][ T9402] RIP: 0033:0x7fb1af78f6c9
[  273.498506][ T9402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.498528][ T9402] RSP: 002b:00007fb1b05b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  273.498554][ T9402] RAX: ffffffffffffffda RBX: 00007fb1af9e5fa0 RCX: 00007fb1af78f6c9
[  273.498572][ T9402] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  273.498587][ T9402] RBP: 00007fb1b05b5090 R08: 0000000000000000 R09: 0000000000000000
[  273.498601][ T9402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  273.498617][ T9402] R13: 00007fb1af9e6038 R14: 00007fb1af9e5fa0 R15: 00007ffc49c0ded8
[  273.498659][ T9402]  </TASK>
[  273.555436][ T9404] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.1230'.
[  273.646104][    T9] usb 4-1: Using ep0 maxpacket: 8
[  273.858680][    T9] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  273.870379][    T9] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  273.881961][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  273.892543][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  273.902832][    T9] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  273.916233][    T9] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  273.925318][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.116362][  T977] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  274.137448][  T977] usb 1-1: device descriptor read/8, error -71
[  274.157788][    T9] usb 4-1: usb_control_msg returned -32
[  274.163511][    T9] usbtmc 4-1:16.0: can't read capabilities
[  274.336596][    T9] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[  274.376187][  T977] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  274.396816][  T977] usb 1-1: device descriptor read/8, error -71
[  274.489800][    T9] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  274.500371][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.509299][    T9] usb 3-1: Product: syz
[  274.513693][  T977] usb usb1-port1: unable to enumerate USB device
[  274.520209][    T9] usb 3-1: Manufacturer: syz
[  274.525662][    T9] usb 3-1: SerialNumber: syz
[  274.743276][ T9416] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  274.757314][ T9416] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  274.813246][ T9426] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1239'.
[  274.945856][ T9431] usbtmc 4-1:16.0: usb_control_msg returned -32
[  274.970116][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  274.984350][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  275.411606][   T30] kauditd_printk_skb: 1470 callbacks suppressed
[  275.411628][   T30] audit: type=1800 audit(1762503390.229:1559): pid=9416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1235" name="bus" dev="overlay" ino=1450 res=0 errno=0
[  275.445408][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[  275.459224][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  275.469299][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  275.480866][    T9] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  275.494798][    T9] usb 3-1: USB disconnect, device number 63
[  275.727958][ T9441] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1244'.
[  275.740694][ T9441] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1244'.
[  275.752046][ T9441] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1244'.
[  276.125734][ T9452] FAULT_INJECTION: forcing a failure.
[  276.125734][ T9452] name failslab, interval 1, probability 0, space 0, times 0
[  276.138671][ T9452] CPU: 0 UID: 0 PID: 9452 Comm: syz.2.1249 Not tainted syzkaller #0 PREEMPT(full) 
[  276.138699][ T9452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  276.138713][ T9452] Call Trace:
[  276.138721][ T9452]  <TASK>
[  276.138729][ T9452]  dump_stack_lvl+0x189/0x250
[  276.138758][ T9452]  ? __pfx____ratelimit+0x10/0x10
[  276.138779][ T9452]  ? __pfx_dump_stack_lvl+0x10/0x10
[  276.138799][ T9452]  ? __pfx__printk+0x10/0x10
[  276.138819][ T9452]  ? __pfx___might_resched+0x10/0x10
[  276.138837][ T9452]  ? fs_reclaim_acquire+0x7d/0x100
[  276.138863][ T9452]  should_fail_ex+0x414/0x560
[  276.138889][ T9452]  should_failslab+0xa8/0x100
[  276.138913][ T9452]  __kmalloc_cache_noprof+0x84/0x700
[  276.138934][ T9452]  ? trace_contention_end+0x39/0x120
[  276.138953][ T9452]  ? vhost_task_create+0xf8/0x320
[  276.138978][ T9452]  vhost_task_create+0xf8/0x320
[  276.138998][ T9452]  ? arch_stack_walk+0xfc/0x150
[  276.139015][ T9452]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  276.139036][ T9452]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  276.139056][ T9452]  ? __pfx_vhost_task_create+0x10/0x10
[  276.139120][ T9452]  ? __pfx_vhost_task_fn+0x10/0x10
[  276.139157][ T9452]  kvm_mmu_post_init_vm+0x14c/0x300
[  276.139181][ T9452]  kvm_arch_vcpu_ioctl_run+0xdc/0x1cb0
[  276.139210][ T9452]  ? __mutex_trylock_common+0x153/0x260
[  276.139232][ T9452]  ? __pfx___mutex_trylock_common+0x10/0x10
[  276.139251][ T9452]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  276.139276][ T9452]  ? rcu_is_watching+0x15/0xb0
[  276.139295][ T9452]  ? trace_contention_end+0x39/0x120
[  276.139314][ T9452]  ? look_up_lock_class+0x74/0x170
[  276.139338][ T9452]  ? register_lock_class+0x51/0x320
[  276.139358][ T9452]  ? __lock_acquire+0xab9/0xd20
[  276.139399][ T9452]  kvm_vcpu_ioctl+0x99a/0xed0
[  276.139423][ T9452]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  276.139464][ T9452]  ? __fget_files+0x2a/0x420
[  276.139485][ T9452]  ? __fget_files+0x3a0/0x420
[  276.139501][ T9452]  ? __fget_files+0x2a/0x420
[  276.139520][ T9452]  ? bpf_lsm_file_ioctl+0x9/0x20
[  276.139551][ T9452]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  276.139572][ T9452]  __se_sys_ioctl+0xfc/0x170
[  276.139596][ T9452]  do_syscall_64+0xfa/0xfa0
[  276.139619][ T9452]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.139634][ T9452]  ? clear_bhb_loop+0x60/0xb0
[  276.139652][ T9452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.139667][ T9452] RIP: 0033:0x7fb1af78f6c9
[  276.139681][ T9452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.139695][ T9452] RSP: 002b:00007fb1b05b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  276.139711][ T9452] RAX: ffffffffffffffda RBX: 00007fb1af9e5fa0 RCX: 00007fb1af78f6c9
[  276.139722][ T9452] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  276.139731][ T9452] RBP: 00007fb1b05b5090 R08: 0000000000000000 R09: 0000000000000000
[  276.139740][ T9452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.139749][ T9452] R13: 00007fb1af9e6038 R14: 00007fb1af9e5fa0 R15: 00007ffc49c0ded8
[  276.139774][ T9452]  </TASK>
[  276.503858][ T5876] usb 4-1: USB disconnect, device number 50
[  276.512142][ T9457] overlayfs: failed to resolve '/º»X]¼¢¯ü×-bca6ÇŠÝlª}6 ;t�’ÜGeYÞ¸ eE„—X-3åÎøщá“1”=Þs.Ô»ô¡… ç'¹×9'­
[  276.512142][ T9457] 7Ðc&ÌÅìýbùÙD Ów×a‘�!|�…’æû_ÙZîI1¤Ü.H‘Z}k$µª§Õ#«+-krÎòkÑÁH.û?j#M@iì	¾ŽÎ]¦¨�thŒƒ˜°]¥Ü¼�2^ŠÕÄP§µËÍêêê�ñ(åL2#i0çU¹zbü
ý§[ÀC-„&š(8¯Â‡öÖsº‘µå™´úX‘j „„?ˆ³‰í)ïºø`¦»’RÄü²&˜*œ'-”³››¯ª§§‹¦Ä®�m5‹ýº-ïØ1bK £Ü°ØÌþ`x÷õ|íQ…Å-Âœ¥Òciêü‚«ËGv†øã4ÙˆIK�þŽ^WÒ˜2<¿
à¾ìGgí¿}T‰›kšÐµy²VQ½
[  276.512142][ T9457] ‚’Â?yªï|': -36
[  276.684135][ T9463] FAULT_INJECTION: forcing a failure.
[  276.684135][ T9463] name failslab, interval 1, probability 0, space 0, times 0
[  276.716433][ T9463] CPU: 1 UID: 0 PID: 9463 Comm: syz.3.1252 Not tainted syzkaller #0 PREEMPT(full) 
[  276.716466][ T9463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  276.716481][ T9463] Call Trace:
[  276.716490][ T9463]  <TASK>
[  276.716499][ T9463]  dump_stack_lvl+0x189/0x250
[  276.716533][ T9463]  ? __pfx____ratelimit+0x10/0x10
[  276.716562][ T9463]  ? __pfx_dump_stack_lvl+0x10/0x10
[  276.716589][ T9463]  ? __pfx__printk+0x10/0x10
[  276.716611][ T9463]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  276.716645][ T9463]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  276.716672][ T9463]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  276.716704][ T9463]  should_fail_ex+0x414/0x560
[  276.716741][ T9463]  should_failslab+0xa8/0x100
[  276.716775][ T9463]  __kmalloc_cache_noprof+0x84/0x700
[  276.716805][ T9463]  ? addr_event+0xc3/0x480
[  276.716844][ T9463]  addr_event+0xc3/0x480
[  276.716881][ T9463]  inetaddr_event+0xe3/0x140
[  276.716913][ T9463]  ? __pfx_inetaddr_event+0x10/0x10
[  276.716946][ T9463]  ? blocking_notifier_call_chain+0x54/0x90
[  276.716986][ T9463]  notifier_call_chain+0x1b6/0x3e0
[  276.717021][ T9463]  blocking_notifier_call_chain+0x6a/0x90
[  276.717052][ T9463]  __inet_del_ifa+0x87d/0x1040
[  276.717095][ T9463]  devinet_ioctl+0xb27/0x1b50
[  276.717132][ T9463]  ? __pfx_devinet_ioctl+0x10/0x10
[  276.717160][ T9463]  ? get_user_ifreq+0x12c/0x180
[  276.717195][ T9463]  inet_ioctl+0x3c0/0x4c0
[  276.717228][ T9463]  ? __pfx_inet_ioctl+0x10/0x10
[  276.717260][ T9463]  ? lockdep_hardirqs_on+0x9c/0x150
[  276.717310][ T9463]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  276.717335][ T9463]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  276.717368][ T9463]  ? packet_ioctl+0x270/0x350
[  276.717399][ T9463]  sock_do_ioctl+0xdc/0x300
[  276.717423][ T9463]  ? __pfx_sock_do_ioctl+0x10/0x10
[  276.717463][ T9463]  sock_ioctl+0x576/0x790
[  276.717500][ T9463]  ? __pfx_sock_ioctl+0x10/0x10
[  276.717537][ T9463]  ? __fget_files+0x3a0/0x420
[  276.717560][ T9463]  ? __fget_files+0x2a/0x420
[  276.717589][ T9463]  ? bpf_lsm_file_ioctl+0x9/0x20
[  276.717621][ T9463]  ? __pfx_sock_ioctl+0x10/0x10
[  276.717654][ T9463]  __se_sys_ioctl+0xfc/0x170
[  276.717687][ T9463]  do_syscall_64+0xfa/0xfa0
[  276.717719][ T9463]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.717741][ T9463]  ? clear_bhb_loop+0x60/0xb0
[  276.717767][ T9463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.717788][ T9463] RIP: 0033:0x7fc6e2d8f6c9
[  276.717808][ T9463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.717827][ T9463] RSP: 002b:00007fc6e3c76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  276.717851][ T9463] RAX: ffffffffffffffda RBX: 00007fc6e2fe5fa0 RCX: 00007fc6e2d8f6c9
[  276.717867][ T9463] RDX: 0000200000000540 RSI: 0000000000008916 RDI: 0000000000000003
[  276.717881][ T9463] RBP: 00007fc6e3c76090 R08: 0000000000000000 R09: 0000000000000000
[  276.717894][ T9463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.717907][ T9463] R13: 00007fc6e2fe6038 R14: 00007fc6e2fe5fa0 R15: 00007ffff63bd608
[  276.717965][ T9463]  </TASK>
[  276.735832][ T9465] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1255'.
[  276.886097][ T5877] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[  277.223929][ T5877] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  277.233602][ T5877] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.243219][ T5877] usb 1-1: Product: syz
[  277.247626][ T5877] usb 1-1: Manufacturer: syz
[  277.252273][ T5877] usb 1-1: SerialNumber: syz
[  277.396211][ T5876] usb 3-1: new high-speed USB device number 64 using dummy_hcd
[  277.552403][ T5876] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  277.561985][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.570482][ T5876] usb 3-1: Product: syz
[  277.575457][ T5876] usb 3-1: Manufacturer: syz
[  277.580488][ T5876] usb 3-1: SerialNumber: syz
[  277.676205][ T5877] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  277.689527][ T5877] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  277.815123][ T9472] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.828794][ T9472] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  277.958012][    T9] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  278.045519][ T5876] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  278.061850][ T5876] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  278.130160][    T9] usb 4-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33
[  278.139923][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.156785][    T9] usb 4-1: config 0 descriptor??
[  278.174085][    T9] gspca_main: sunplus-2.14.0 probing 055f:c420
[  278.293037][   T30] audit: type=1800 audit(1762503393.109:1560): pid=9472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1258" name="bus" dev="overlay" ino=1484 res=0 errno=0
[  278.317275][ T9510] netlink: 'syz.1.1273': attribute type 1 has an invalid length.
[  278.325235][ T9510] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1273'.
[  278.338271][ T5876] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000010. ret = -EPROTO
[  278.350637][ T5876] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  278.362777][ T5876] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  278.375458][ T5876] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  278.406000][ T5876] usb 3-1: USB disconnect, device number 64
[  279.048607][    T9] gspca_sunplus: reg_w_riv err -71
[  279.053988][    T9] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  279.073423][    T9] usb 4-1: USB disconnect, device number 51
[  279.271133][ T9528] overlayfs: failed to resolve './file0': -2
[  279.722620][ T5877] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000084. ret = -EPIPE
[  279.745601][ T5877] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to init LTM with error -EPIPE
[  279.756577][ T5877] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  279.766756][ T5877] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  279.782890][ T5877] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -32
[  279.806053][ T5877] usb 1-1: USB disconnect, device number 64
[  280.062423][ T9539] IPVS: set_ctl: invalid protocol: 5898 255.255.255.255:20001
[  280.082148][ T9540] IPVS: set_ctl: invalid protocol: 5898 255.255.255.255:20001
[  280.408178][ T5877] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[  280.578007][ T5877] usb 3-1: config index 0 descriptor too short (expected 45, got 36)
[  280.586597][ T5877] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  280.598362][ T5877] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  280.615990][ T5877] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  280.645417][ T5877] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  280.660728][ T5877] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  280.671095][ T5877] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.689179][ T5877] usb 3-1: config 0 descriptor??
[  280.694932][ T9544] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  280.714349][ T9560] netlink: 19 bytes leftover after parsing attributes in process `syz.0.1293'.
[  280.735805][ T9562] netlink: 212356 bytes leftover after parsing attributes in process `syz.1.1294'.
[  281.119160][ T5877] plantronics 0003:047F:FFFF.000D: reserved main item tag 0xd
[  281.128837][   T24] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[  281.162153][ T9573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  281.165240][ T5877] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  281.173439][ T9573] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  281.367427][ T9544] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1287'.
[  281.958692][  T977] usb 3-1: USB disconnect, device number 65
[  282.396143][  T977] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[  282.543442][ T9608] tipc: Started in network mode
[  282.548875][ T9608] tipc: Node identity ac141441, cluster identity 4711
[  282.557763][ T9608] tipc: Enabled bearer <udp:syz2>, priority 10
[  282.567864][  T977] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  282.577130][  T977] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.585436][  T977] usb 3-1: Product: syz
[  282.590514][  T977] usb 3-1: Manufacturer: syz
[  282.595173][  T977] usb 3-1: SerialNumber: syz
[  282.650174][ T9610] overlayfs: failed to resolve './file0': -2
[  282.731342][ T9614] qnx4: no qnx4 filesystem (no root dir).
[  282.815437][ T9600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  282.825050][ T9600] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  282.907068][   T24] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  283.031142][ T9627] pimreg: entered allmulticast mode
[  283.037125][  T977] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  283.041559][ T9627] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1317'.
[  283.049835][  T977] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  283.088484][   T24] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  283.097127][   T24] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  283.106667][   T24] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  283.117347][   T24] usb 4-1: config 220 has no interface number 2
[  283.123826][   T24] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  283.137786][   T24] usb 4-1: config 220 interface 0 has no altsetting 0
[  283.144773][   T24] usb 4-1: config 220 interface 76 has no altsetting 0
[  283.152277][   T24] usb 4-1: config 220 interface 1 has no altsetting 0
[  283.171660][   T24] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  283.182269][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.193222][   T24] usb 4-1: Product: syz
[  283.198063][   T24] usb 4-1: Manufacturer: syz
[  283.202719][   T24] usb 4-1: SerialNumber: syz
[  283.296760][   T30] audit: type=1800 audit(1762503398.109:1561): pid=9600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1307" name="bus" dev="overlay" ino=1514 res=0 errno=0
[  283.359127][  T977] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000010. ret = -EPROTO
[  283.377587][  T977] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  283.388056][  T977] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  283.403304][  T977] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  283.461726][   T24] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  283.464271][  T977] usb 3-1: USB disconnect, device number 66
[  283.482497][   T24] uvcvideo 4-1:220.0: No valid video chain found.
[  283.499980][   T24] usb 4-1: selecting invalid altsetting 0
[  283.522939][   T24] usb 4-1: selecting invalid altsetting 0
[  283.523042][ T9639] 9p: Bad value for 'rfdno'
[  283.529727][   T24] usbtest 4-1:220.1: probe with driver usbtest failed with error -22
[  283.543941][ T9639] 9p: Bad value for 'rfdno'
[  283.561842][   T24] usb 4-1: USB disconnect, device number 52
[  283.676114][  T977] tipc: Node number set to 2886997057
[  284.059927][ T9663] syz.3.1327 (9663): attempted to duplicate a private mapping with mremap.  This is not supported.
[  284.284994][ T9670] dns_resolver: Unsupported content type (254)
[  284.772901][ T9682] overlayfs: failed to clone upperpath
[  285.036059][   T24] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  285.196156][   T24] usb 4-1: Using ep0 maxpacket: 16
[  285.208103][   T24] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 11
[  285.218127][   T24] usb 4-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  285.222364][ T9696] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1341'.
[  285.235145][   T24] usb 4-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  285.259173][   T24] usb 4-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  285.276071][   T24] usb 4-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  285.296019][   T24] usb 4-1: config 1 interface 0 has no altsetting 0
[  285.302866][   T24] usb 4-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  285.323174][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.350677][   T24] ums-sddr09 4-1:1.0: USB Mass Storage device detected
[  285.633443][ T9679] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  285.702612][ T9679] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  285.821261][ T9714] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1347'.
[  285.832361][   T24] ums-sddr09 4-1:1.0: probe with driver ums-sddr09 failed with error -22
[  285.873511][   T24] usb 4-1: USB disconnect, device number 53
[  286.522635][ T9723] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  286.548487][ T9723] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.1350'.
[  286.588140][   T24] usb 4-1: new full-speed USB device number 54 using dummy_hcd
[  286.629167][ T9730] overlayfs: failed to clone upperpath
[  286.768706][   T24] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[  286.776893][   T24] usb 4-1: config 0 has no interface number 0
[  286.783080][   T24] usb 4-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0x29, changing to 0x9
[  286.795104][   T24] usb 4-1: config 0 interface 49 altsetting 0 endpoint 0x9 has invalid maxpacket 99, setting to 64
[  286.808112][   T24] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[  286.817419][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.825461][   T24] usb 4-1: Product: syz
[  286.829780][ T5876] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[  286.837577][   T24] usb 4-1: Manufacturer: syz
[  286.842210][   T24] usb 4-1: SerialNumber: syz
[  286.851542][   T24] usb 4-1: config 0 descriptor??
[  286.857602][ T9719] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  287.006048][ T5876] usb 3-1: Using ep0 maxpacket: 32
[  287.013447][ T5876] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  287.021975][ T5876] usb 3-1: config 0 has no interface number 0
[  287.028341][ T5876] usb 3-1: config 0 interface 184 has no altsetting 0
[  287.037933][ T5876] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  287.047183][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.055251][ T5876] usb 3-1: Product: syz
[  287.060012][ T5876] usb 3-1: Manufacturer: syz
[  287.064795][ T5876] usb 3-1: SerialNumber: syz
[  287.074867][ T5876] usb 3-1: config 0 descriptor??
[  287.083915][   T24] qcserial 4-1:0.49: Qualcomm USB modem converter detected
[  287.093678][ T5876] smsc75xx v1.0.0
[  287.102163][   T24] usb 4-1: Qualcomm USB modem converter now attached to ttyUSB0
[  287.117878][   T24] usb 4-1: USB disconnect, device number 54
[  287.136741][   T24] qcserial ttyUSB0: Qualcomm USB modem converter now disconnected from ttyUSB0
[  287.149451][   T24] qcserial 4-1:0.49: device disconnected
[  288.096067][   T24] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  288.268217][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  288.285176][   T24] usb 4-1: New USB device found, idVendor=044f, idProduct=b654, bcdDevice= 0.00
[  288.297870][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.308297][ T9773] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1372'.
[  288.321712][   T24] usb 4-1: config 0 descriptor??
[  288.543618][ T9762] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  288.552731][ T9762] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  288.747807][ T5876] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  288.761148][ T5876] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  288.773780][ T5876] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  288.787102][ T5876] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  288.798970][   T24] usbhid 4-1:0.0: can't add hid device: -71
[  288.807727][ T5876] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  288.820822][   T24] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  288.831777][ T5876] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  288.846648][   T24] usb 4-1: USB disconnect, device number 55
[  288.870297][ T5876] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71
[  288.896559][ T5876] usb 3-1: USB disconnect, device number 67
[  289.042365][ T9784] overlayfs: failed to clone upperpath
[  289.616075][  T977] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  289.777152][  T977] usb 4-1: Using ep0 maxpacket: 8
[  289.790005][  T977] usb 4-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  289.800630][  T977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.810280][  T977] usb 4-1: Product: syz
[  289.814605][  T977] usb 4-1: Manufacturer: syz
[  289.819795][  T977] usb 4-1: SerialNumber: syz
[  289.831708][  T977] usb 4-1: config 0 descriptor??
[  290.053897][ T5876] usb 4-1: USB disconnect, device number 56
[  290.386064][    T9] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[  290.546065][    T9] usb 3-1: Using ep0 maxpacket: 8
[  290.552671][    T9] usb 3-1: config 0 has an invalid interface number: 186 but max is 0
[  290.561000][    T9] usb 3-1: config 0 has no interface number 0
[  290.567224][    T9] usb 3-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  290.580236][    T9] usb 3-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  290.593623][    T9] usb 3-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 108, changing to 10
[  290.606973][    T9] usb 3-1: config 0 interface 186 altsetting 0 endpoint 0x8A has invalid maxpacket 8949, setting to 1024
[  290.618474][    T9] usb 3-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  290.634196][    T9] usb 3-1: New USB device found, idVendor=07c0, idProduct=1500, bcdDevice=b8.c5
[  290.643450][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.651696][    T9] usb 3-1: Product: syz
[  290.656141][    T9] usb 3-1: Manufacturer: syz
[  290.660858][    T9] usb 3-1: SerialNumber: syz
[  290.671665][    T9] usb 3-1: config 0 descriptor??
[  290.880997][    T9] iowarrior 3-1:0.186: IOWarrior product=0x1500, serial=42424242 interface=186 now attached to iowarrior0
[  290.892646][  T977] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  291.045726][ T9820] overlayfs: failed to clone upperpath
[  291.056595][  T977] usb 4-1: Using ep0 maxpacket: 32
[  291.065173][  T977] usb 4-1: unable to get BOS descriptor or descriptor too short
[  291.074519][  T977] usb 4-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  291.088197][  T977] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[  291.098330][    C1] iowarrior 3-1:0.186: iowarrior_callback - usb_submit_urb failed with result -1
[  291.098422][  T977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.118199][    T9] usb 3-1: USB disconnect, device number 68
[  291.126450][  T977] usb 4-1: Product: syz
[  291.130683][  T977] usb 4-1: Manufacturer: syz
[  291.135496][  T977] usb 4-1: SerialNumber: syz
[  291.190715][ T9822] netlink: 678 bytes leftover after parsing attributes in process `syz.1.1392'.
[  291.200563][ T9823] netlink: 678 bytes leftover after parsing attributes in process `syz.1.1392'.
[  291.359807][  T977] usb 4-1: Limiting number of CPorts to U8_MAX
[  291.368834][  T977] usb 4-1: Not enough endpoints found in device, aborting!
[  291.620663][  T793] usb 4-1: USB disconnect, device number 57
[  292.346852][ T9835] pim6reg: entered allmulticast mode
[  292.354373][ T9835] pim6reg: left allmulticast mode
[  293.400367][ T9861] FAULT_INJECTION: forcing a failure.
[  293.400367][ T9861] name failslab, interval 1, probability 0, space 0, times 0
[  293.428078][ T9861] CPU: 0 UID: 0 PID: 9861 Comm: syz.3.1403 Not tainted syzkaller #0 PREEMPT(full) 
[  293.428111][ T9861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  293.428126][ T9861] Call Trace:
[  293.428135][ T9861]  <TASK>
[  293.428145][ T9861]  dump_stack_lvl+0x189/0x250
[  293.428179][ T9861]  ? __pfx____ratelimit+0x10/0x10
[  293.428208][ T9861]  ? __pfx_dump_stack_lvl+0x10/0x10
[  293.428235][ T9861]  ? __pfx__printk+0x10/0x10
[  293.428264][ T9861]  ? __pfx___might_resched+0x10/0x10
[  293.428289][ T9861]  ? fs_reclaim_acquire+0x7d/0x100
[  293.428326][ T9861]  should_fail_ex+0x414/0x560
[  293.428364][ T9861]  should_failslab+0xa8/0x100
[  293.428398][ T9861]  kmem_cache_alloc_noprof+0x88/0x700
[  293.428424][ T9861]  ? __kvm_mmu_topup_memory_cache+0x463/0x610
[  293.428449][ T9861]  ? __kvm_mmu_topup_memory_cache+0x1b4/0x610
[  293.428478][ T9861]  __kvm_mmu_topup_memory_cache+0x1b4/0x610
[  293.428517][ T9861]  mmu_topup_memory_caches+0x21/0x170
[  293.428547][ T9861]  kvm_mmu_load+0x9d/0x2300
[  293.428578][ T9861]  ? __lock_acquire+0xab9/0xd20
[  293.428613][ T9861]  ? kvm_vcpu_pre_fault_memory+0x15b/0x460
[  293.428648][ T9861]  kvm_arch_vcpu_pre_fault_memory+0x640/0x740
[  293.428684][ T9861]  kvm_vcpu_pre_fault_memory+0x229/0x460
[  293.428718][ T9861]  ? kvm_vcpu_pre_fault_memory+0x15b/0x460
[  293.428753][ T9861]  kvm_vcpu_ioctl+0x82f/0xed0
[  293.428796][ T9861]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  293.428851][ T9861]  ? __fget_files+0x2a/0x420
[  293.428884][ T9861]  ? __fget_files+0x2a/0x420
[  293.428912][ T9861]  ? bpf_lsm_file_ioctl+0x9/0x20
[  293.428944][ T9861]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  293.428973][ T9861]  __se_sys_ioctl+0xfc/0x170
[  293.429008][ T9861]  do_syscall_64+0xfa/0xfa0
[  293.429040][ T9861]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.429062][ T9861]  ? clear_bhb_loop+0x60/0xb0
[  293.429093][ T9861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.429115][ T9861] RIP: 0033:0x7fc6e2d8f6c9
[  293.429135][ T9861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.429154][ T9861] RSP: 002b:00007fc6e3c34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  293.429177][ T9861] RAX: ffffffffffffffda RBX: 00007fc6e2fe6180 RCX: 00007fc6e2d8f6c9
[  293.429193][ T9861] RDX: 00002000000000c0 RSI: 00000000c040aed5 RDI: 0000000000000007
[  293.429208][ T9861] RBP: 00007fc6e3c34090 R08: 0000000000000000 R09: 0000000000000000
[  293.429222][ T9861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  293.429235][ T9861] R13: 00007fc6e2fe6218 R14: 00007fc6e2fe6180 R15: 00007ffff63bd608
[  293.429272][ T9861]  </TASK>
[  294.007167][ T9871] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1407'.
[  294.062894][ T9871] ksmbd: Unknown IPC event: 3, ignore.
[  294.378865][ T9880] syzkaller1: entered promiscuous mode
[  294.406308][ T9880] syzkaller1: entered allmulticast mode
[  294.693181][ T9894] comedi comedi0: mpc624: I/O port conflict (0x4f27,16)
[  294.702342][  T793] usb 3-1: new full-speed USB device number 69 using dummy_hcd
[  294.861548][  T793] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  294.871244][  T793] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.879838][  T793] usb 3-1: Product: syz
[  294.884052][  T793] usb 3-1: Manufacturer: syz
[  294.889290][  T793] usb 3-1: SerialNumber: syz
[  294.907239][  T793] usb 3-1: config 0 descriptor??
[  295.115881][  T793] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  295.217121][ T5877] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  295.317223][ T9915] overlayfs: failed to clone upperpath
[  295.382792][ T5877] usb 4-1: config 0 has an invalid interface number: 11 but max is 0
[  295.392211][ T5877] usb 4-1: config 0 has no interface number 0
[  295.403000][ T5877] usb 4-1: New USB device found, idVendor=0f3d, idProduct=68aa, bcdDevice=b4.ca
[  295.412833][ T5877] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.421283][ T5877] usb 4-1: Product: syz
[  295.425872][ T5877] usb 4-1: Manufacturer: syz
[  295.431493][ T5877] usb 4-1: SerialNumber: syz
[  295.454272][ T5877] usb 4-1: config 0 descriptor??
[  295.463660][ T5877] usb 4-1: Expected 3 endpoints, found: 0
[  295.852453][ T5908] usb 4-1: USB disconnect, device number 58
[  295.858709][ T9922] overlayfs: failed to clone upperpath
[  296.146076][ T9925] bond0: entered allmulticast mode
[  296.151291][ T9925] bond_slave_0: entered allmulticast mode
[  296.160148][ T9925] bond_slave_1: entered allmulticast mode
[  296.166643][ T9925] macvlan0: entered allmulticast mode
[  296.172092][ T9925] veth1_vlan: entered allmulticast mode
[  296.247010][ T9927] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1430'.
[  296.556056][ T5877] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  296.711870][ T5877] usb 4-1: config 0 interface 0 altsetting 252 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  296.723956][ T5877] usb 4-1: config 0 interface 0 altsetting 252 endpoint 0x81 has invalid wMaxPacketSize 0
[  296.734680][ T5877] usb 4-1: config 0 interface 0 altsetting 252 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  296.748376][ T5877] usb 4-1: config 0 interface 0 has no altsetting 0
[  296.755238][ T5877] usb 4-1: New USB device found, idVendor=18d1, idProduct=5028, bcdDevice= 0.00
[  296.766514][ T5877] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.768238][ T9936] netlink: 'syz.0.1434': attribute type 5 has an invalid length.
[  296.782088][ T5877] usb 4-1: config 0 descriptor??
[  296.790890][ T9936] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  296.800476][ T9936] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  297.043648][ T9944] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1437'.
[  297.058413][ T9944] ksmbd: Unknown IPC event: 3, ignore.
[  297.211345][ T9948] netlink: 'syz.1.1438': attribute type 21 has an invalid length.
[  297.222445][ T5877] usbhid 4-1:0.0: can't add hid device: -71
[  297.230115][ T5877] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  297.242462][ T5877] usb 4-1: USB disconnect, device number 59
[  297.366321][ T9953] netlink: 'syz.1.1439': attribute type 12 has an invalid length.
[  297.374228][ T9953] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1439'.
[  297.470232][  T793] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  297.491550][  T793] usb 3-1: USB disconnect, device number 69
[  297.557046][ T9957] FAULT_INJECTION: forcing a failure.
[  297.557046][ T9957] name failslab, interval 1, probability 0, space 0, times 0
[  297.570839][ T9957] CPU: 1 UID: 0 PID: 9957 Comm: syz.2.1441 Not tainted syzkaller #0 PREEMPT(full) 
[  297.570870][ T9957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  297.570883][ T9957] Call Trace:
[  297.570892][ T9957]  <TASK>
[  297.570901][ T9957]  dump_stack_lvl+0x189/0x250
[  297.570934][ T9957]  ? __pfx____ratelimit+0x10/0x10
[  297.570963][ T9957]  ? __pfx_dump_stack_lvl+0x10/0x10
[  297.570991][ T9957]  ? __pfx__printk+0x10/0x10
[  297.571023][ T9957]  ? __pfx___might_resched+0x10/0x10
[  297.571054][ T9957]  should_fail_ex+0x414/0x560
[  297.571092][ T9957]  should_failslab+0xa8/0x100
[  297.571127][ T9957]  kmem_cache_alloc_node_noprof+0x8c/0x710
[  297.571156][ T9957]  ? __alloc_skb+0x112/0x2d0
[  297.571188][ T9957]  __alloc_skb+0x112/0x2d0
[  297.571220][ T9957]  netlink_ack+0x146/0xa50
[  297.571245][ T9957]  ? __pfx_genl_rcv_msg+0x10/0x10
[  297.571265][ T9957]  ? __pfx_devlink_nl_pre_doit_port+0x10/0x10
[  297.571298][ T9957]  ? __pfx_devlink_nl_post_doit+0x10/0x10
[  297.571346][ T9957]  netlink_rcv_skb+0x28c/0x470
[  297.571372][ T9957]  ? __lock_acquire+0xab9/0xd20
[  297.571394][ T9957]  ? __pfx_genl_rcv_msg+0x10/0x10
[  297.571418][ T9957]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  297.571475][ T9957]  ? down_read+0x1ad/0x2e0
[  297.571511][ T9957]  genl_rcv+0x28/0x40
[  297.571530][ T9957]  netlink_unicast+0x82f/0x9e0
[  297.571566][ T9957]  ? __pfx_netlink_unicast+0x10/0x10
[  297.571594][ T9957]  ? netlink_sendmsg+0x642/0xb30
[  297.571620][ T9957]  ? skb_put+0x11b/0x210
[  297.571651][ T9957]  netlink_sendmsg+0x805/0xb30
[  297.571692][ T9957]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.571725][ T9957]  ? aa_sock_msg_perm+0xf1/0x1d0
[  297.571754][ T9957]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  297.571782][ T9957]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.571813][ T9957]  __sock_sendmsg+0x21c/0x270
[  297.571838][ T9957]  ____sys_sendmsg+0x505/0x830
[  297.571874][ T9957]  ? __pfx_____sys_sendmsg+0x10/0x10
[  297.571913][ T9957]  ? import_iovec+0x74/0xa0
[  297.571941][ T9957]  ___sys_sendmsg+0x21f/0x2a0
[  297.571974][ T9957]  ? __pfx____sys_sendmsg+0x10/0x10
[  297.572043][ T9957]  ? __fget_files+0x2a/0x420
[  297.572066][ T9957]  ? __fget_files+0x3a0/0x420
[  297.572099][ T9957]  __x64_sys_sendmsg+0x19b/0x260
[  297.572131][ T9957]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  297.572171][ T9957]  ? __pfx_ksys_write+0x10/0x10
[  297.572197][ T9957]  ? do_syscall_64+0xbe/0xfa0
[  297.572232][ T9957]  do_syscall_64+0xfa/0xfa0
[  297.572264][ T9957]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.572285][ T9957]  ? clear_bhb_loop+0x60/0xb0
[  297.572312][ T9957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.572333][ T9957] RIP: 0033:0x7fb1af78f6c9
[  297.572352][ T9957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.572371][ T9957] RSP: 002b:00007fb1b05b5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  297.572393][ T9957] RAX: ffffffffffffffda RBX: 00007fb1af9e5fa0 RCX: 00007fb1af78f6c9
[  297.572409][ T9957] RDX: 0000000000004190 RSI: 00002000000000c0 RDI: 0000000000000004
[  297.572423][ T9957] RBP: 00007fb1b05b5090 R08: 0000000000000000 R09: 0000000000000000
[  297.572443][ T9957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.572456][ T9957] R13: 00007fb1af9e6038 R14: 00007fb1af9e5fa0 R15: 00007ffc49c0ded8
[  297.572493][ T9957]  </TASK>
[  298.133508][ T9969] netlink: 'syz.1.1447': attribute type 58 has an invalid length.
[  298.480840][ T9993] netlink: 'syz.1.1454': attribute type 21 has an invalid length.
[  298.566020][ T5839] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[  298.623220][ T9999] netlink: 'syz.1.1457': attribute type 10 has an invalid length.
[  298.732421][ T5839] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  298.741954][ T5839] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  298.752023][ T5839] usb 3-1: Product: syz
[  298.756681][ T5839] usb 3-1: Manufacturer: syz
[  298.761338][ T5839] usb 3-1: SerialNumber: syz
[  298.986288][ T9984] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  299.007085][ T9984] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  299.022175][   T30] audit: type=1800 audit(1762503541.836:1562): pid=9984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1451" name="bus" dev="overlay" ino=1625 res=0 errno=0
[  299.051266][ T5839] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[  299.065018][ T5839] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71
[  299.075726][ T5839] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  299.088340][ T5839] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  299.108899][ T5839] usb 3-1: USB disconnect, device number 70
[  299.191186][T10011] overlayfs: missing 'lowerdir'
[  299.787122][T10032] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1469'.
[  299.797290][T10032] ksmbd: Unknown IPC event: 3, ignore.
[  300.086059][ T5839] usb 3-1: new full-speed USB device number 71 using dummy_hcd
[  300.180027][T10047] netlink: 'syz.3.1475': attribute type 58 has an invalid length.
[  300.248300][ T5839] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  300.260203][ T5839] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  300.271210][ T5839] usb 3-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00
[  300.280755][ T5839] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.292105][ T5839] usb 3-1: config 0 descriptor??
[  300.597946][T10053] overlayfs: missing 'lowerdir'
[  300.913049][ T5839] usbhid 3-1:0.0: can't add hid device: -71
[  300.923744][ T5839] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  300.946238][ T5839] usb 3-1: USB disconnect, device number 71
[  301.419055][T10082] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1491'.
[  301.865146][T10102] overlayfs: missing 'lowerdir'
[  302.016053][ T5908] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[  302.167804][ T5908] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  302.181249][ T5908] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  302.192282][ T5908] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  302.202317][ T5908] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  302.217716][ T5908] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  302.226912][ T5908] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  302.235007][ T5908] usb 3-1: Manufacturer: syz
[  302.242328][ T5908] usb 3-1: config 0 descriptor??
[  302.576236][ T5830] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  302.586124][ T5830] Bluetooth: hci0: command 0x0406 tx timeout
[  302.655459][T10108] netlink: 'syz.0.1500': attribute type 10 has an invalid length.
[  302.681239][T10108] team0: Port device geneve1 added
[  302.887895][T10117] nft_compat: unsupported protocol 1
[  302.914736][T10121] netlink: 'syz.3.1505': attribute type 3 has an invalid length.
[  302.939698][T10121] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1505'.
[  303.041267][ T5908] usbhid 3-1:0.0: can't add hid device: -71
[  303.048843][ T5908] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  303.070239][ T5908] usb 3-1: USB disconnect, device number 72
[  303.666687][ T5839] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  303.831743][ T5839] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  303.841382][ T5839] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  303.851810][ T5839] usb 4-1: Product: syz
[  303.862690][ T5839] usb 4-1: Manufacturer: syz
[  303.868553][ T5839] usb 4-1: SerialNumber: syz
[  304.281697][ T5839] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  304.293869][ T5839] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  304.305206][ T5877] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[  304.476069][ T5877] usb 3-1: Using ep0 maxpacket: 32
[  304.483230][ T5877] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  304.491737][ T5877] usb 3-1: config 0 has no interface number 0
[  304.498919][ T5877] usb 3-1: config 0 interface 184 has no altsetting 0
[  304.508077][ T5877] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  304.518756][ T5877] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.526929][ T5877] usb 3-1: Product: syz
[  304.531232][ T5877] usb 3-1: Manufacturer: syz
[  304.535866][ T5877] usb 3-1: SerialNumber: syz
[  304.543921][ T5877] usb 3-1: config 0 descriptor??
[  304.552746][ T5877] smsc75xx v1.0.0
[  305.523957][ T5839] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  305.602978][T10172] overlayfs: failed to clone upperpath
[  306.128624][T10193] overlayfs: failed to clone upperpath
[  306.209668][ T5877] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  306.228268][ T5877] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  306.246236][ T5877] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  306.267103][ T5877] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  306.277388][ T5877] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  306.287909][ T5877] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  306.298414][ T5877] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71
[  306.311930][ T5877] usb 3-1: USB disconnect, device number 73
[  306.344360][ T5839] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001028. ret = -EPROTO
[  306.357780][ T5839] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  306.371067][ T5839] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  306.383937][ T5839] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  306.394402][ T5839] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71
[  306.408106][ T5839] usb 4-1: USB disconnect, device number 60
[  306.649160][T10198] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048)
[  306.924939][T10215] FAULT_INJECTION: forcing a failure.
[  306.924939][T10215] name failslab, interval 1, probability 0, space 0, times 0
[  306.941728][T10215] CPU: 1 UID: 0 PID: 10215 Comm: syz.3.1542 Not tainted syzkaller #0 PREEMPT(full) 
[  306.941759][T10215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  306.941788][T10215] Call Trace:
[  306.941796][T10215]  <TASK>
[  306.941806][T10215]  dump_stack_lvl+0x189/0x250
[  306.941839][T10215]  ? __pfx____ratelimit+0x10/0x10
[  306.941868][T10215]  ? __pfx_dump_stack_lvl+0x10/0x10
[  306.941895][T10215]  ? __pfx__printk+0x10/0x10
[  306.941927][T10215]  ? __pfx___might_resched+0x10/0x10
[  306.941950][T10215]  ? fs_reclaim_acquire+0x7d/0x100
[  306.941986][T10215]  should_fail_ex+0x414/0x560
[  306.942025][T10215]  should_failslab+0xa8/0x100
[  306.942060][T10215]  __kvmalloc_node_noprof+0x175/0x910
[  306.942093][T10215]  ? file_tty_write+0x2e7/0xa20
[  306.942130][T10215]  file_tty_write+0x2e7/0xa20
[  306.942170][T10215]  vfs_write+0x5c9/0xb30
[  306.942197][T10215]  ? __pfx_tty_write+0x10/0x10
[  306.942227][T10215]  ? __pfx_vfs_write+0x10/0x10
[  306.942273][T10215]  ? __fget_files+0x2a/0x420
[  306.942309][T10215]  ksys_write+0x145/0x250
[  306.942333][T10215]  ? __pfx_ksys_write+0x10/0x10
[  306.942357][T10215]  ? do_syscall_64+0xbe/0xfa0
[  306.942391][T10215]  do_syscall_64+0xfa/0xfa0
[  306.942422][T10215]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.942443][T10215]  ? clear_bhb_loop+0x60/0xb0
[  306.942470][T10215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.942491][T10215] RIP: 0033:0x7fc6e2d8f6c9
[  306.942510][T10215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.942529][T10215] RSP: 002b:00007fc6e3c76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  306.942552][T10215] RAX: ffffffffffffffda RBX: 00007fc6e2fe5fa0 RCX: 00007fc6e2d8f6c9
[  306.942568][T10215] RDX: 0000000000001006 RSI: 0000200000001040 RDI: 0000000000000004
[  306.942582][T10215] RBP: 00007fc6e3c76090 R08: 0000000000000000 R09: 0000000000000000
[  306.942603][T10215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  306.942616][T10215] R13: 00007fc6e2fe6038 R14: 00007fc6e2fe5fa0 R15: 00007ffff63bd608
[  306.942653][T10215]  </TASK>
[  307.385995][   T30] audit: type=1800 audit(1762503550.196:1563): pid=10225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1545" name="bus" dev="overlay" ino=1692 res=0 errno=0
[  307.470631][T10229] overlayfs: missing 'lowerdir'
[  308.496527][ T5908] usb 3-1: new full-speed USB device number 74 using dummy_hcd
[  308.662928][ T5908] usb 3-1: config 0 has an invalid interface number: 200 but max is 0
[  308.672853][ T5908] usb 3-1: config 0 has no interface number 0
[  308.682658][ T5908] usb 3-1: config 0 interface 200 altsetting 2 endpoint 0x4 has invalid wMaxPacketSize 0
[  308.693032][ T5908] usb 3-1: config 0 interface 200 has no altsetting 0
[  308.702240][ T5908] usb 3-1: New USB device found, idVendor=0b57, idProduct=852a, bcdDevice=6d.39
[  308.711531][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.719749][ T5908] usb 3-1: Product: syz
[  308.723963][ T5908] usb 3-1: Manufacturer: syz
[  308.728797][ T5908] usb 3-1: SerialNumber: syz
[  308.741130][ T5908] usb 3-1: config 0 descriptor??
[  308.950775][T10261] syzkaller1: entered promiscuous mode
[  308.956525][T10261] syzkaller1: entered allmulticast mode
[  308.963883][T10261] vivid-000: disconnect
[  309.036091][  T977] usb 4-1: new full-speed USB device number 61 using dummy_hcd
[  309.047947][T10280] vivid-000: reconnect
[  309.063883][ T5908] input: Hanwang Art Master III 1308 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.200/input/input29
[  309.116335][T10282] overlayfs: missing 'workdir'
[  309.130110][ T5908] usb 3-1: USB disconnect, device number 74
[  309.161428][T10241] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  309.200642][  T977] usb 4-1: config 0 has an invalid interface number: 82 but max is 0
[  309.217748][  T977] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  309.242070][  T977] usb 4-1: config 0 has no interface number 0
[  309.255254][  T977] usb 4-1: config 0 interface 82 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 10
[  309.286071][T10288] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1569'.
[  309.288618][  T977] usb 4-1: New USB device found, idVendor=22b8, idProduct=6425, bcdDevice=11.9e
[  309.316394][  T977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  309.329457][  T977] usb 4-1: Product: syz
[  309.339369][  T977] usb 4-1: Manufacturer: syz
[  309.351910][  T977] usb 4-1: SerialNumber: syz
[  309.371673][  T977] usb 4-1: config 0 descriptor??
[  309.388109][  T977] cdc_ether 4-1:0.82: skipping garbage
[  309.394251][  T977] usb 4-1: bad CDC descriptors
[  309.400783][  T977] usb 4-1: unsupported MDLM descriptors
[  309.407577][  T977] cdc_acm 4-1:0.82: skipping garbage
[  309.534246][   T30] audit: type=1326 audit(1762503552.346:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10295 comm="syz.1.1573" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcae4d8f6c9 code=0x0
[  309.587832][T10298] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1574'.
[  309.595034][ T5839] usb 4-1: USB disconnect, device number 61
[  309.982193][T10312] overlayfs: failed to resolve './file1': -2
[  310.108978][T10316] sctp: [Deprecated]: syz.0.1582 (pid 10316) Use of int in maxseg socket option.
[  310.108978][T10316] Use struct sctp_assoc_value instead
[  310.125758][ T5830] Bluetooth: hci3: Malformed LE Event: 0x0d
[  310.176636][ T5877] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[  310.326142][ T5877] usb 3-1: Using ep0 maxpacket: 32
[  310.333638][ T5877] usb 3-1: config 0 has an invalid interface number: 127 but max is 0
[  310.342102][ T5877] usb 3-1: config 0 has no interface number 0
[  310.348357][ T5877] usb 3-1: config 0 interface 127 has no altsetting 0
[  310.358664][ T5877] usb 3-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=2b.23
[  310.368053][ T5877] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.376270][ T5877] usb 3-1: Product: syz
[  310.380481][ T5877] usb 3-1: Manufacturer: syz
[  310.385102][ T5877] usb 3-1: SerialNumber: syz
[  310.396774][ T5877] usb 3-1: config 0 descriptor??
[  310.419850][ T5877] usbhid 3-1:0.127: couldn't find an input interrupt endpoint
[  310.461879][T10320] overlayfs: missing 'workdir'
[  310.611696][ T5877] usb 3-1: USB disconnect, device number 75
[  311.202096][T10347] syzkaller1: left promiscuous mode
[  311.208845][T10347] syzkaller1: left allmulticast mode
[  311.306039][  T977] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  311.466138][  T977] usb 4-1: Using ep0 maxpacket: 8
[  311.474293][  T977] usb 4-1: unable to get BOS descriptor or descriptor too short
[  311.485430][  T977] usb 4-1: config 4 interface 0 has no altsetting 0
[  311.495788][  T977] usb 4-1: string descriptor 0 read error: -22
[  311.502317][  T977] usb 4-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  311.511600][  T977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.536578][  T977] usb 4-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  311.567336][  T977] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  311.593303][  T977] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  311.602265][  T977] usb 4-1: media controller created
[  311.627409][  T977] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  311.730606][T10343] netlink: 'syz.3.1593': attribute type 27 has an invalid length.
[  311.837629][T10343] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.846695][T10343] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.122750][T10377] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1604'.
[  312.204482][T10343] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  312.226578][T10343] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  312.552190][   T61] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  312.606973][  T977] zl10353_read_register: readreg error (reg=127, ret==0)
[  312.623875][   T61] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  312.642827][   T61] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  312.682483][   T61] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  312.787168][T10401] overlayfs: failed to resolve './file0': -2
[  312.795736][  T977] usb 4-1: USB disconnect, device number 62
[  312.922609][T10407] overlayfs: failed to clone upperpath
[  313.280707][T10416] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1620'.
[  313.516102][T10358] usb 3-1: new full-speed USB device number 76 using dummy_hcd
[  313.667784][T10358] usb 3-1: config 0 interface 0 has no altsetting 0
[  313.674601][T10358] usb 3-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  313.683798][T10358] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.694824][T10358] usb 3-1: config 0 descriptor??
[  313.923749][T10358] usb 3-1: string descriptor 0 read error: -71
[  313.939418][T10358] usb 3-1: USB disconnect, device number 76
[  314.164490][ T1056] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  314.579867][T10457] overlayfs: missing 'lowerdir'
[  314.797382][T10427] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  314.965353][T10464] syzkaller0: entered promiscuous mode
[  314.971106][T10464] syzkaller0: entered allmulticast mode
[  315.207584][T10473] overlayfs: failed to resolve './file0': -2
[  315.398686][T10484] netlink: 'syz.0.1641': attribute type 12 has an invalid length.
[  315.489902][T10487] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1639'.
[  315.550897][T10494] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  315.660336][T10500] overlayfs: missing 'lowerdir'
[  315.955304][T10512] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1648'.
[  315.994479][T10512] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1648'.
[  316.233827][T10524] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1655'.
[  316.243161][T10524] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1655'.
[  316.256110][T10524] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1655'.
[  316.271414][T10524] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1655'.
[  316.619974][T10545] overlayfs: missing 'lowerdir'
[  316.906271][  T977] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[  317.036199][  T977] usb 4-1: device descriptor read/64, error -71
[  317.276028][  T977] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[  317.426799][  T977] usb 4-1: device descriptor read/64, error -71
[  317.450953][T10573] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  317.479915][T10575] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1677'.
[  317.550179][  T977] usb usb4-port1: attempt power cycle
[  317.696147][T10396] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[  317.749110][T10583] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  317.758139][T10583] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  317.864782][T10396] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  317.873942][T10396] usb 3-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3
[  317.882449][T10396] usb 3-1: Product: syz
[  317.886798][T10396] usb 3-1: Manufacturer: syz
[  317.891426][T10396] usb 3-1: SerialNumber: syz
[  317.899444][T10396] usb 3-1: config 0 descriptor??
[  317.906058][  T977] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[  317.907212][T10396] ch341 3-1:0.0: ch341-uart converter detected
[  317.926781][  T977] usb 4-1: device descriptor read/8, error -71
[  318.166058][  T977] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[  318.194217][  T977] usb 4-1: device descriptor read/8, error -71
[  318.314610][  T977] usb usb4-port1: unable to enumerate USB device
[  318.918495][T10396] ch341-uart ttyUSB0: failed to read break control: -71
[  318.927633][T10396] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  318.944516][T10396] usb 3-1: USB disconnect, device number 77
[  318.965666][T10396] ch341 3-1:0.0: device disconnected
[  319.417470][   T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  319.427500][   T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  319.438044][   T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  319.447167][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  319.455114][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  319.904441][T10634] netlink: 'syz.0.1701': attribute type 6 has an invalid length.
[  320.066423][T10358] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[  320.143407][T10619] chnl_net:caif_netlink_parms(): no params data found
[  320.226113][T10358] usb 4-1: Using ep0 maxpacket: 32
[  320.251843][T10358] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  320.282227][T10358] usb 4-1: config 0 has no interface number 0
[  320.307164][T10358] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  320.335433][T10358] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.356083][T10358] usb 4-1: Product: syz
[  320.360415][T10358] usb 4-1: Manufacturer: syz
[  320.365065][T10358] usb 4-1: SerialNumber: syz
[  320.375517][T10358] usb 4-1: config 0 descriptor??
[  320.391190][T10358] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  320.509117][T10619] bridge0: port 1(bridge_slave_0) entered blocking state
[  320.536424][T10619] bridge0: port 1(bridge_slave_0) entered disabled state
[  320.543862][T10619] bridge_slave_0: entered allmulticast mode
[  320.598847][T10619] bridge_slave_0: entered promiscuous mode
[  320.605623][T10358] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  320.637959][T10619] bridge0: port 2(bridge_slave_1) entered blocking state
[  320.645289][T10619] bridge0: port 2(bridge_slave_1) entered disabled state
[  320.664331][T10358] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  320.690701][    C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[  320.716531][T10619] bridge_slave_1: entered allmulticast mode
[  320.723744][T10358] usb 4-1: USB disconnect, device number 67
[  320.738565][T10619] bridge_slave_1: entered promiscuous mode
[  320.755609][T10358] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  320.861272][T10358] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  320.896864][T10358] quatech2 4-1:0.51: device disconnected
[  321.076739][T10619] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  321.100185][T10619] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  321.229681][T10619] team0: Port device team_slave_0 added
[  321.256843][T10358] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[  321.335550][ T1157] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.357268][T10619] team0: Port device team_slave_1 added
[  321.407280][T10358] usb 4-1: Using ep0 maxpacket: 32
[  321.420644][T10358] usb 4-1: config 1 interface 0 altsetting 11 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  321.466216][T10358] usb 4-1: config 1 interface 0 has no altsetting 0
[  321.481551][T10358] usb 4-1: New USB device found, idVendor=05ac, idProduct=0231, bcdDevice= 0.40
[  321.491360][T10358] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.506252][T10358] usb 4-1: Product: syz
[  321.510583][T10358] usb 4-1: Manufacturer: syz
[  321.515260][T10358] usb 4-1: SerialNumber: syz
[  321.527100][ T1157] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.538426][   T54] Bluetooth: hci4: command tx timeout
[  321.583531][T10619] batman_adv: batadv0: Adding interface: batadv_slave_0
[  321.591638][T10619] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  321.619284][T10619] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  321.632769][T10619] batman_adv: batadv0: Adding interface: batadv_slave_1
[  321.646594][T10619] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  321.651532][T10670] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  321.673007][T10619] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  321.694927][T10670] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  321.743235][ T1157] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.878730][ T1157] netdevsim netdevsim1 ªªªªªª (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.938763][T10619] hsr_slave_0: entered promiscuous mode
[  321.967675][T10619] hsr_slave_1: entered promiscuous mode
[  321.976573][T10619] debugfs: 'hsr0' already exists in 'hsr'
[  321.982491][T10619] Cannot create hsr debugfs directory
[  322.096603][T10358] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input30
[  322.122895][ T5178] bcm5974 4-1:1.0: could not read from device
[  322.142754][ T5178] bcm5974 4-1:1.0: could not read from device
[  322.155421][ T5178] bcm5974 4-1:1.0: could not read from device
[  322.167722][T10358] usb 4-1: USB disconnect, device number 68
[  322.183289][ T5178] bcm5974 4-1:1.0: could not read from device
[  322.399267][T10680] netlink: 212356 bytes leftover after parsing attributes in process `syz.0.1714'.
[  322.521204][ T1157] bridge_slave_1: left allmulticast mode
[  322.529472][ T1157] bridge_slave_1: left promiscuous mode
[  322.537230][ T1157] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.586599][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  322.593007][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  322.649556][ T1157] bridge_slave_0: left promiscuous mode
[  322.655614][ T1157] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.399718][ T1157] tipc: Disabling bearer <udp:syz2>
[  323.411083][ T1157] tipc: Left network mode
[  323.616725][   T54] Bluetooth: hci4: command tx timeout
[  323.777400][   T61] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x9e
[  323.812437][ T1157] hsr_slave_0: left promiscuous mode
[  323.837634][ T1157] hsr_slave_1: left promiscuous mode
[  323.844221][ T1157] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  323.852008][ T1157] batman_adv: batadv0: Removing interface: batadv_slave_0
[  323.862952][ T1157] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  323.870586][ T1157] batman_adv: batadv0: Removing interface: batadv_slave_1
[  323.919382][ T1157] veth1_macvtap: left promiscuous mode
[  323.925954][ T1157] veth0_macvtap: left promiscuous mode
[  323.932543][ T1157] veth1_vlan: left promiscuous mode
[  323.938831][ T1157] veth0_vlan: left promiscuous mode
[  324.085539][ T1157] pimreg (unregistering): left allmulticast mode
[  324.146131][ T5908] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[  324.312692][ T5908] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  324.323232][ T5908] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  324.334334][ T5908] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  324.350175][ T5908] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de
[  324.359830][ T5908] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.374441][ T5908] usb 4-1: config 0 descriptor??
[  324.660152][ T1157] team0 (unregistering): Port device team_slave_1 removed
[  324.720128][ T1157] team0 (unregistering): Port device team_slave_0 removed
[  324.786072][  T977] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[  324.940298][  T977] usb 3-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98
[  324.949954][  T977] usb 3-1: New USB device strings: Mfr=0, Product=229, SerialNumber=0
[  324.959630][  T977] usb 3-1: Product: syz
[  324.968130][  T977] usb 3-1: config 0 descriptor??
[  324.984225][  T977] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  324.994857][  T977] ftdi_sio ttyUSB0: unknown device type: 0xc698
[  325.215499][  T977] usb 3-1: USB disconnect, device number 78
[  325.232107][  T977] ftdi_sio 3-1:0.0: device disconnected
[  325.456957][ T5908] ath6kl: Failed to submit usb control message: -110
[  325.463817][ T5908] ath6kl: unable to send the bmi data to the device: -110
[  325.504370][ T5908] ath6kl: Unable to send get target info: -110
[  325.558022][ T5908] ath6kl: Failed to init ath6kl core: -110
[  325.571527][ T5908] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -110
[  325.605859][T10619] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  325.609873][ T5908] usb 4-1: USB disconnect, device number 69
[  325.640057][T10619] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  325.672525][T10619] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  325.696122][   T54] Bluetooth: hci4: command tx timeout
[  325.718787][T10619] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  326.029674][T10619] 8021q: adding VLAN 0 to HW filter on device bond0
[  326.134661][T10619] 8021q: adding VLAN 0 to HW filter on device team0
[  326.165598][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  326.172948][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  326.231832][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  326.239237][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  326.717511][T10619] 8021q: adding VLAN 0 to HW filter on device batadv0
[  326.783180][T10619] veth0_vlan: entered promiscuous mode
[  326.802304][T10619] veth1_vlan: entered promiscuous mode
[  326.850753][T10619] veth0_macvtap: entered promiscuous mode
[  326.860816][T10792] overlayfs: missing 'lowerdir'
[  326.863502][T10619] veth1_macvtap: entered promiscuous mode
[  326.872363][ T5908] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[  326.905468][T10619] batman_adv: batadv0: Interface activated: batadv_slave_0
[  326.924006][T10619] batman_adv: batadv0: Interface activated: batadv_slave_1
[  326.944400][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  326.963749][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  326.985315][   T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  326.997555][   T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  327.056982][ T5908] usb 3-1: Using ep0 maxpacket: 32
[  327.072259][ T5908] usb 3-1: config 11 has an invalid interface number: 65 but max is 0
[  327.096077][ T5908] usb 3-1: config 11 has no interface number 0
[  327.102341][ T5908] usb 3-1: config 11 interface 65 has no altsetting 0
[  327.115583][ T1056] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  327.136935][ T1056] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  327.165734][ T5908] usb 3-1: New USB device found, idVendor=0458, idProduct=704a, bcdDevice=a8.06
[  327.177086][ T5908] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  327.199221][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  327.211233][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  327.522552][ T5908] usb 3-1: string descriptor 0 read error: -71
[  327.544874][ T5908] gspca_main: gspca_sn9c20x-2.14.0 probing 0458:704a
[  327.570553][ T5908] gspca_sn9c20x: Write register 1000 failed -71
[  327.594217][ T5908] gspca_sn9c20x: Device initialization failed
[  327.601936][ T5908] gspca_sn9c20x 3-1:11.65: probe with driver gspca_sn9c20x failed with error -71
[  327.623493][ T5908] usb 3-1: USB disconnect, device number 79
[  327.776368][   T54] Bluetooth: hci4: command tx timeout
[  327.796687][T10396] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[  327.975277][T10396] usb 4-1: Using ep0 maxpacket: 32
[  327.982861][T10396] usb 4-1: config 0 has an invalid interface number: 217 but max is 0
[  327.992648][T10396] usb 4-1: config 0 has no interface number 0
[  327.995366][T10816] overlayfs: missing 'lowerdir'
[  328.004829][T10396] usb 4-1: config 0 interface 217 has no altsetting 0
[  328.017407][T10396] usb 4-1: New USB device found, idVendor=2040, idProduct=651f, bcdDevice=26.93
[  328.029201][T10396] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  328.037388][T10396] usb 4-1: Product: syz
[  328.041684][T10396] usb 4-1: Manufacturer: syz
[  328.047222][T10396] usb 4-1: SerialNumber: syz
[  328.056753][T10396] usb 4-1: config 0 descriptor??
[  328.275220][T10396] em28xx 4-1:0.217: New device syz syz @ 480 Mbps (2040:651f, interface 217, class 217)
[  328.285548][T10396] em28xx 4-1:0.217: Video interface 217 found: bulk
[  328.322218][T10826] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1752'.
[  328.331960][T10826] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1752'.
[  328.342482][T10826] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1752'.
[  328.354158][T10826] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1752'.
[  328.364256][T10826] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1752'.
[  328.374064][T10396] em28xx 4-1:0.217: unknown em28xx chip ID (0)
[  328.375701][T10826] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1752'.
[  328.453633][T10396] em28xx 4-1:0.217: reading from i2c device at 0xa0 failed (error=-5)
[  328.462288][T10396] em28xx 4-1:0.217: board has no eeprom
[  328.536078][T10396] em28xx 4-1:0.217: Identified as Hauppauge WinTV HVR 850 (card=60)
[  328.544306][T10396] em28xx 4-1:0.217: analog set to bulk mode.
[  328.551719][T10395] em28xx 4-1:0.217: Registering V4L2 extension
[  328.562813][T10396] usb 4-1: USB disconnect, device number 70
[  328.578213][T10396] em28xx 4-1:0.217: Disconnecting em28xx
[  328.643264][T10395] em28xx 4-1:0.217: Config register raw data: 0xffffffed
[  328.650809][T10395] em28xx 4-1:0.217: AC97 chip type couldn't be determined
[  328.666348][T10395] em28xx 4-1:0.217: No AC97 audio processor
[  328.672433][T10395] em28xx 4-1:0.217: em28xx_v4l2_init: Error while setting audio - error [-19]!
[  328.682062][T10395] em28xx 4-1:0.217: Binding DVB extension
[  328.688522][T10395] em28xx 4-1:0.217: no endpoint for DVB mode and transfer type 0
[  328.698119][T10395] em28xx 4-1:0.217: failed to pre-allocate USB transfer buffers for DVB.
[  328.706843][T10395] em28xx 4-1:0.217: Registering input extension
[  328.715077][T10396] em28xx 4-1:0.217: Closing input extension
[  328.750769][T10396] em28xx 4-1:0.217: Freeing device
[  328.945235][T10837] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1754'.
[  329.096709][T10835] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  329.102945][T10835] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  329.109305][T10835] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  329.115515][T10835] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  329.121914][T10835] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  329.131181][T10835] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  329.145797][T10843] netdevsim netdevsim2: Direct firmware load for . failed with error -2
[  329.166517][T10843] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  329.334879][T10851] comedi comedi2: comedi_config --init_data is deprecated
[  329.419020][T10855] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1762'.
[  329.766098][T10395] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  329.919384][T10395] usb 2-1: Using ep0 maxpacket: 16
[  329.933808][T10395] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  329.950652][T10395] usb 2-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  329.961610][T10395] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.977419][T10395] usb 2-1: config 0 descriptor??
[  330.407918][T10395] kye 0003:0458:5011.000E: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  330.438040][T10395] kye 0003:0458:5011.000E: item fetching failed at offset 2/5
[  330.519189][T10395] kye 0003:0458:5011.000E: parse failed
[  330.524918][T10395] kye 0003:0458:5011.000E: probe with driver kye failed with error -22
[  330.611182][T10859] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1764'.
[  330.626485][ T5908] usb 2-1: USB disconnect, device number 33
[  331.056555][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout
[  331.136685][ T5830] Bluetooth: hci4: command 0x0c1a tx timeout
[  331.144601][ T5828] Bluetooth: hci3: command 0x0406 tx timeout
[  331.146416][ T5834] Bluetooth: hci0: command 0x0406 tx timeout
[  331.223135][T10925] syzkaller1: entered promiscuous mode
[  331.234677][T10927] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1782'.
[  331.247135][T10925] syzkaller1: entered allmulticast mode
[  332.035111][T10953] overlayfs: missing 'workdir'
[  332.492988][T10968] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  332.601672][T10968] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  332.643552][T10974] sp0: Synchronizing with TNC
[  332.711608][T10974] netlink: 'syz.3.1791': attribute type 9 has an invalid length.
[  332.965415][T10966] [U] è
[  333.136309][T10392] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  333.217432][ T5834] Bluetooth: hci4: command 0x0c1a tx timeout
[  333.326171][T10392] usb 2-1: device descriptor read/64, error -71
[  333.365359][T11001] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1798'.
[  333.381212][T11001] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1798'.
[  333.506025][T10395] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[  333.597287][T10392] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  333.626040][T10396] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[  333.647070][T10395] usb 4-1: device descriptor read/64, error -71
[  333.746441][T10392] usb 2-1: device descriptor read/64, error -71
[  333.766020][T10396] usb 3-1: device descriptor read/64, error -71
[  333.866977][T10392] usb usb2-port1: attempt power cycle
[  333.885995][T10395] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[  334.006103][T10396] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[  334.026457][T10395] usb 4-1: device descriptor read/64, error -71
[  334.159865][T10396] usb 3-1: device descriptor read/64, error -71
[  334.176248][T10395] usb usb4-port1: attempt power cycle
[  334.236018][T10392] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  334.276886][T10392] usb 2-1: device descriptor read/8, error -71
[  334.296268][T10396] usb usb3-port1: attempt power cycle
[  334.526045][T10392] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  334.534830][T10395] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[  334.558267][T10395] usb 4-1: device descriptor read/8, error -71
[  334.564786][T10392] usb 2-1: device descriptor read/8, error -71
[  334.666354][T10396] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[  334.679968][T10392] usb usb2-port1: unable to enumerate USB device
[  334.706674][T10396] usb 3-1: device descriptor read/8, error -71
[  334.808258][T10395] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[  334.858306][T10395] usb 4-1: device descriptor read/8, error -71
[  334.967145][T10396] usb 3-1: new high-speed USB device number 83 using dummy_hcd
[  334.975175][T10395] usb usb4-port1: unable to enumerate USB device
[  334.996874][T10396] usb 3-1: device descriptor read/8, error -71
[  335.116569][T10396] usb usb3-port1: unable to enumerate USB device
[  335.296267][   T54] Bluetooth: hci4: command 0x0c1a tx timeout
[  336.178298][T11093] overlayfs: missing 'workdir'
[  336.246135][T10396] usb 2-1: new full-speed USB device number 38 using dummy_hcd
[  336.370971][T11103] binder: 11102:11103 ioctl c0306201 200000000080 returned -14
[  336.438867][T10396] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  336.449228][T10396] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.459149][T10396] usb 2-1: Product: syz
[  336.463606][T10396] usb 2-1: Manufacturer: syz
[  336.471211][T10396] usb 2-1: SerialNumber: syz
[  336.480457][T10396] usb 2-1: config 0 descriptor??
[  336.538474][T11109] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  336.545307][T11109] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  336.556006][T11109] vhci_hcd vhci_hcd.0: Device attached
[  336.563294][T11110] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(3)
[  336.569877][T11110] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  336.582481][T11110] vhci_hcd vhci_hcd.0: Device attached
[  336.602900][T11110] netlink: 'syz.2.1822': attribute type 1 has an invalid length.
[  336.611884][T11110] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1822'.
[  336.672845][   T30] audit: type=1804 audit(1762503579.486:1565): pid=11118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1823" name="/newroot/394/file1" dev="fuse" ino=1 res=1 errno=0
[  336.698770][   T30] audit: type=1800 audit(1762503579.486:1566): pid=11118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1823" name="/" dev="fuse" ino=1 res=0 errno=0
[  336.721302][   T30] audit: type=1800 audit(1762503579.486:1567): pid=11117 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1823" name="/" dev="fuse" ino=1 res=0 errno=0
[  336.744254][T10396] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  336.800864][T11109] netlink: 'syz.2.1822': attribute type 1 has an invalid length.
[  336.806798][ T5908] usb 37-1: new low-speed USB device number 2 using vhci_hcd
[  336.809736][T11109] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1822'.
[  336.828350][T11111] vhci_hcd: connection reset by peer
[  336.828696][T11113] vhci_hcd: connection closed
[  336.836975][   T13] vhci_hcd vhci_hcd.2: stop threads
[  336.858659][   T13] vhci_hcd vhci_hcd.2: release socket
[  336.874518][   T13] vhci_hcd vhci_hcd.2: disconnect device
[  336.893378][   T13] vhci_hcd vhci_hcd.2: stop threads
[  336.898985][   T13] vhci_hcd vhci_hcd.2: release socket
[  336.925518][   T13] vhci_hcd vhci_hcd.2: disconnect device
[  337.008667][T11125] overlayfs: missing 'lowerdir'
[  337.353804][T10396] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  337.376114][   T54] Bluetooth: hci4: command 0x0c1a tx timeout
[  337.386266][  T977] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[  337.397186][T10396] usb 2-1: USB disconnect, device number 38
[  337.556154][  T977] usb 4-1: Using ep0 maxpacket: 32
[  337.586186][  T977] usb 4-1: config index 0 descriptor too short (expected 32786, got 18)
[  337.594609][  T977] usb 4-1: config 0 has an invalid interface number: 197 but max is 0
[  337.624812][  T977] usb 4-1: config 0 has no interface number 0
[  337.664293][  T977] usb 4-1: config 0 interface 197 has no altsetting 0
[  337.677642][  T977] usb 4-1: New USB device found, idVendor=102c, idProduct=6151, bcdDevice=32.65
[  337.687712][  T977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.700871][  T977] usb 4-1: Product: syz
[  337.705113][  T977] usb 4-1: Manufacturer: syz
[  337.710724][  T977] usb 4-1: SerialNumber: syz
[  337.720591][  T977] usb 4-1: config 0 descriptor??
[  337.730144][  T977] gspca_main: etoms-2.14.0 probing 102c:6151
[  338.037456][T11129] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  338.058580][T11129] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  338.195103][  T977] usb 4-1: USB disconnect, device number 75
[  338.326203][T10361] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  338.478840][T10361] usb 2-1: Using ep0 maxpacket: 32
[  338.491341][T10361] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  338.500088][T10361] usb 2-1: config 0 has no interface number 0
[  338.507594][T10361] usb 2-1: config 0 interface 184 has no altsetting 0
[  338.517002][T10361] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  338.536774][T10361] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.544921][T10361] usb 2-1: Product: syz
[  338.563799][T10361] usb 2-1: Manufacturer: syz
[  338.576789][T10361] usb 2-1: SerialNumber: syz
[  338.588413][T10361] usb 2-1: config 0 descriptor??
[  338.615629][T10361] smsc75xx v1.0.0
[  338.678889][T11167] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  338.839487][T11175] tmpfs: Unknown parameter 'qhota'
[  339.186174][T10395] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[  339.339316][T10395] usb 3-1: unable to get BOS descriptor or descriptor too short
[  339.358265][T10395] usb 3-1: config 129 has an invalid interface number: 135 but max is 0
[  339.366862][T10395] usb 3-1: config 129 has an invalid interface number: 5 but max is 0
[  339.375072][T10395] usb 3-1: config 129 has 2 interfaces, different from the descriptor's value: 1
[  339.406141][T10395] usb 3-1: config 129 has no interface number 0
[  339.412513][T10395] usb 3-1: config 129 has no interface number 1
[  339.421237][T10395] usb 3-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  339.434726][T10395] usb 3-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30
[  339.446173][T10395] usb 3-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37
[  339.459669][T10395] usb 3-1: config 129 interface 135 has no altsetting 0
[  339.463577][T11184] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1846'.
[  339.467025][T10395] usb 3-1: config 129 interface 5 has no altsetting 0
[  339.483026][   T54] Bluetooth: hci4: command 0x0c1a tx timeout
[  339.502650][T10395] usb 3-1: string descriptor 0 read error: -22
[  339.509196][T10395] usb 3-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00
[  339.519254][T10395] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.523429][T11186] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1846'.
[  339.563298][T10395] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  339.574702][T10395] usb 3-1: MIDIStreaming interface descriptor not found
[  340.127035][  T977] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[  340.269567][T10361] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  340.307954][  T977] usb 4-1: Using ep0 maxpacket: 8
[  340.313802][T10361] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  340.330688][  T977] usb 4-1: unable to get BOS descriptor or descriptor too short
[  340.331493][T10396] usb 3-1: USB disconnect, device number 84
[  340.348114][T10361] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  340.363734][  T977] usb 4-1: config 9 has an invalid interface number: 5 but max is 0
[  340.372673][T10361] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  340.391009][  T977] usb 4-1: config 9 has no interface number 0
[  340.404802][  T977] usb 4-1: config 9 interface 5 altsetting 9 has an endpoint descriptor with address 0xD7, changing to 0x87
[  340.419504][T11197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1850'.
[  340.426182][T10361] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  340.439669][  T977] usb 4-1: config 9 interface 5 altsetting 9 endpoint 0x87 has invalid wMaxPacketSize 0
[  340.450411][T10361] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  340.461842][T11197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1850'.
[  340.486648][  T977] usb 4-1: config 9 interface 5 has no altsetting 0
[  340.495472][T10361] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[  340.510821][T11197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1850'.
[  340.527581][  T977] usb 4-1: New USB device found, idVendor=06f8, idProduct=b000, bcdDevice=5d.a8
[  340.541586][  T977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.550543][T10361] usb 2-1: USB disconnect, device number 39
[  340.559265][  T977] usb 4-1: Product: syz
[  340.564169][  T977] usb 4-1: Manufacturer: syz
[  340.571924][  T977] usb 4-1: SerialNumber: syz
[  340.808260][T11190] netlink: 'syz.3.1847': attribute type 25 has an invalid length.
[  340.822521][T10396] usb 3-1: new high-speed USB device number 85 using dummy_hcd
[  340.828690][  T977] usb 4-1: USB disconnect, device number 76
[  340.976419][T10396] usb 3-1: Using ep0 maxpacket: 8
[  340.997098][T10396] usb 3-1: config 1 has an invalid interface number: 4 but max is 2
[  341.005316][T10396] usb 3-1: config 1 has no interface number 1
[  341.011770][T10396] usb 3-1: too many endpoints for config 1 interface 4 altsetting 16: 195, using maximum allowed: 30
[  341.025821][T10396] usb 3-1: config 1 interface 4 altsetting 16 has 0 endpoint descriptors, different from the interface descriptor's value: 195
[  341.039759][T10396] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 7
[  341.044165][T11206] trusted_key: syz.1.1853 sent an empty control message without MSG_MORE.
[  341.051060][T10396] usb 3-1: config 1 interface 4 has no altsetting 0
[  341.071932][T10396] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  341.082646][T10396] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.102376][T10396] usb 3-1: Product: syz
[  341.112514][T10396] usb 3-1: Manufacturer: syz
[  341.117567][T10396] usb 3-1: SerialNumber: syz
[  341.158965][   T30] audit: type=1800 audit(1762503583.976:1568): pid=11209 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1854" name="file1" dev="tmpfs" ino=2512 res=0 errno=0
[  341.453184][T11221] FAULT_INJECTION: forcing a failure.
[  341.453184][T11221] name failslab, interval 1, probability 0, space 0, times 0
[  341.471193][T11221] CPU: 0 UID: 0 PID: 11221 Comm: syz.1.1856 Not tainted syzkaller #0 PREEMPT(full) 
[  341.471225][T11221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  341.471239][T11221] Call Trace:
[  341.471247][T11221]  <TASK>
[  341.471257][T11221]  dump_stack_lvl+0x189/0x250
[  341.471291][T11221]  ? __pfx____ratelimit+0x10/0x10
[  341.471425][T11221]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.471465][T11221]  ? __pfx__printk+0x10/0x10
[  341.471501][T11221]  ? __pfx_bonding_attach+0x10/0x10
[  341.471527][T11221]  ? __pfx___might_resched+0x10/0x10
[  341.471558][T11221]  should_fail_ex+0x414/0x560
[  341.471597][T11221]  should_failslab+0xa8/0x100
[  341.471633][T11221]  __kmalloc_noprof+0xdf/0x800
[  341.471662][T11221]  ? comedi_alloc_devpriv+0x1f/0x60
[  341.471701][T11221]  comedi_alloc_devpriv+0x1f/0x60
[  341.471733][T11221]  bonding_attach+0xb1/0xe70
[  341.471776][T11221]  ? comedi_device_attach+0xc6/0x720
[  341.471812][T11221]  ? __pfx_bonding_attach+0x10/0x10
[  341.471838][T11221]  ? __pfx___mutex_lock+0x10/0x10
[  341.471894][T11221]  comedi_device_attach+0x51f/0x720
[  341.471939][T11221]  comedi_unlocked_ioctl+0x645/0x1020
[  341.471966][T11221]  ? kasan_quarantine_put+0xdd/0x220
[  341.472007][T11221]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  341.472102][T11221]  ? __fget_files+0x2a/0x420
[  341.472137][T11221]  ? __fget_files+0x3a0/0x420
[  341.472162][T11221]  ? __fget_files+0x2a/0x420
[  341.472192][T11221]  ? bpf_lsm_file_ioctl+0x9/0x20
[  341.472225][T11221]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  341.472256][T11221]  __se_sys_ioctl+0xfc/0x170
[  341.472292][T11221]  do_syscall_64+0xfa/0xfa0
[  341.472359][T11221]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.472381][T11221]  ? clear_bhb_loop+0x60/0xb0
[  341.472406][T11221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.472427][T11221] RIP: 0033:0x7ff379d8f6c9
[  341.472448][T11221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.472466][T11221] RSP: 002b:00007ff37acbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  341.472490][T11221] RAX: ffffffffffffffda RBX: 00007ff379fe5fa0 RCX: 00007ff379d8f6c9
[  341.472506][T11221] RDX: 0000200000000140 RSI: 0000000040946400 RDI: 0000000000000003
[  341.472520][T11221] RBP: 00007ff37acbb090 R08: 0000000000000000 R09: 0000000000000000
[  341.472533][T11221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  341.472547][T11221] R13: 00007ff379fe6038 R14: 00007ff379fe5fa0 R15: 00007ffd2eba0a48
[  341.472585][T11221]  </TASK>
[  341.491143][T11223] netlink: 'syz.0.1858': attribute type 10 has an invalid length.
[  341.761301][T10396] usb 3-1: 2:1 : unsupported sample bitwidth 9 in 5 bytes
[  341.795001][T10396] hub 3-1:1.4: Invalid hub with more than one config or interface
[  341.829358][T10396] hub 3-1:1.4: probe with driver hub failed with error -22
[  341.878074][T11232] netlink: 'syz.3.1860': attribute type 12 has an invalid length.
[  341.896735][T11232] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1860'.
[  341.915181][T10396] usb 3-1: USB disconnect, device number 85
[  341.926098][ T5908] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  341.982019][T11232] bond0: (slave gretap0): Opening slave failed
[  342.477440][T11259] netlink: 'syz.0.1871': attribute type 21 has an invalid length.
[  342.707713][T11270] fuse: Bad value for 'user_id'
[  342.729753][T11270] fuse: Bad value for 'user_id'
[  342.737365][T11270] ------------[ cut here ]------------
[  342.742945][T11270] WARNING: ./include/linux/ns_common.h:288 at nsproxy_ns_active_get+0x88f/0xcb0, CPU#1: syz.2.1874/11270
[  342.754727][T11270] Modules linked in:
[  342.758764][T11270] CPU: 1 UID: 0 PID: 11270 Comm: syz.2.1874 Not tainted syzkaller #0 PREEMPT(full) 
[  342.768561][T11270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  342.778752][T11270] RIP: 0010:nsproxy_ns_active_get+0x88f/0xcb0
[  342.785559][T11270] Code: 00 e8 f5 fa 76 ff eb 0c e8 ee fa 76 ff eb 05 e8 e7 fa 76 ff 5b 41 5c 41 5d 41 5e 41 5f 5d e9 c8 c8 1d 09 cc e8 d2 fa 76 ff 90 <0f> 0b 90 e9 ee f7 ff ff e8 c4 fa 76 ff 90 0f 0b 90 e9 12 f8 ff ff
[  342.805577][T11270] RSP: 0018:ffffc9000bb67d40 EFLAGS: 00010283
[  342.812323][T11270] RAX: ffffffff824ad55e RBX: ffff8880571fd410 RCX: 0000000000080000
[  342.820503][T11270] RDX: ffffc9000bb9b000 RSI: 0000000000000996 RDI: 0000000000000997
[  342.828745][T11270] RBP: ffffc9000bb67e01 R08: ffff888062ba14bb R09: 1ffff1100c574297
[  342.836886][T11270] R10: dffffc0000000000 R11: ffffed100c574298 R12: dffffc0000000000
[  342.844924][T11270] R13: 0000000000000000 R14: ffff888062ba14b8 R15: ffff888062ba1400
[  342.853020][T11270] FS:  00007fb1b05b56c0(0000) GS:ffff888125b79000(0000) knlGS:0000000000000000
[  342.862150][T11270] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  342.869075][T11270] CR2: 000000110c38fe6a CR3: 0000000027c30000 CR4: 00000000003526f0
[  342.877172][T11270] Call Trace:
[  342.880493][T11270]  <TASK>
[  342.883662][T11270]  switch_task_namespaces+0x3e/0x110
[  342.889047][T11270]  __se_sys_setns+0x784/0x17d0
[  342.893856][T11270]  ? __pfx_do_sys_openat2+0x10/0x10
[  342.899179][T11270]  ? __pfx___se_sys_setns+0x10/0x10
[  342.904450][T11270]  ? do_syscall_64+0xbe/0xfa0
[  342.909373][T11270]  do_syscall_64+0xfa/0xfa0
[  342.913937][T11270]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.920195][T11270]  ? clear_bhb_loop+0x60/0xb0
[  342.924926][T11270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.930906][T11270] RIP: 0033:0x7fb1af790ef7
[  342.935361][T11270] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 34 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.955251][T11270] RSP: 002b:00007fb1b05b4fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000134
[  342.963758][T11270] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb1af790ef7
[  342.972110][T11270] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000000c9
[  342.980719][T11270] RBP: 00007fb1af811f91 R08: 0000000000000000 R09: 0000000000000000
[  342.988835][T11270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  342.996910][T11270] R13: 00007fb1af9e6038 R14: 00007fb1af9e5fa0 R15: 00007ffc49c0ded8
[  343.004940][T11270]  </TASK>
[  343.008049][T11270] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  343.015454][T11270] CPU: 1 UID: 0 PID: 11270 Comm: syz.2.1874 Not tainted syzkaller #0 PREEMPT(full) 
[  343.024857][T11270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  343.034960][T11270] Call Trace:
[  343.038259][T11270]  <TASK>
[  343.041200][T11270]  dump_stack_lvl+0x99/0x250
[  343.045822][T11270]  ? __asan_memcpy+0x40/0x70
[  343.050428][T11270]  ? __pfx_dump_stack_lvl+0x10/0x10
[  343.055654][T11270]  ? __pfx__printk+0x10/0x10
[  343.060318][T11270]  vpanic+0x237/0x6d0
[  343.064344][T11270]  ? __pfx_vpanic+0x10/0x10
[  343.068918][T11270]  ? is_bpf_text_address+0x292/0x2b0
[  343.074364][T11270]  ? is_bpf_text_address+0x26/0x2b0
[  343.079606][T11270]  panic+0xb9/0xc0
[  343.083369][T11270]  ? __pfx_panic+0x10/0x10
[  343.087854][T11270]  __warn+0x334/0x4c0
[  343.091908][T11270]  ? nsproxy_ns_active_get+0x88f/0xcb0
[  343.097417][T11270]  ? nsproxy_ns_active_get+0x88f/0xcb0
[  343.102996][T11270]  report_bug+0x2be/0x4f0
[  343.107360][T11270]  ? nsproxy_ns_active_get+0x88f/0xcb0
[  343.112873][T11270]  ? nsproxy_ns_active_get+0x88f/0xcb0
[  343.118357][T11270]  ? nsproxy_ns_active_get+0x891/0xcb0
[  343.123842][T11270]  handle_bug+0x84/0x160
[  343.128126][T11270]  exc_invalid_op+0x1a/0x50
[  343.132645][T11270]  asm_exc_invalid_op+0x1a/0x20
[  343.137517][T11270] RIP: 0010:nsproxy_ns_active_get+0x88f/0xcb0
[  343.143615][T11270] Code: 00 e8 f5 fa 76 ff eb 0c e8 ee fa 76 ff eb 05 e8 e7 fa 76 ff 5b 41 5c 41 5d 41 5e 41 5f 5d e9 c8 c8 1d 09 cc e8 d2 fa 76 ff 90 <0f> 0b 90 e9 ee f7 ff ff e8 c4 fa 76 ff 90 0f 0b 90 e9 12 f8 ff ff
[  343.163258][T11270] RSP: 0018:ffffc9000bb67d40 EFLAGS: 00010283
[  343.169440][T11270] RAX: ffffffff824ad55e RBX: ffff8880571fd410 RCX: 0000000000080000
[  343.177538][T11270] RDX: ffffc9000bb9b000 RSI: 0000000000000996 RDI: 0000000000000997
[  343.185548][T11270] RBP: ffffc9000bb67e01 R08: ffff888062ba14bb R09: 1ffff1100c574297
[  343.193548][T11270] R10: dffffc0000000000 R11: ffffed100c574298 R12: dffffc0000000000
[  343.201726][T11270] R13: 0000000000000000 R14: ffff888062ba14b8 R15: ffff888062ba1400
[  343.209849][T11270]  ? nsproxy_ns_active_get+0x88e/0xcb0
[  343.215376][T11270]  switch_task_namespaces+0x3e/0x110
[  343.220681][T11270]  __se_sys_setns+0x784/0x17d0
[  343.225495][T11270]  ? __pfx_do_sys_openat2+0x10/0x10
[  343.230739][T11270]  ? __pfx___se_sys_setns+0x10/0x10
[  343.235968][T11270]  ? do_syscall_64+0xbe/0xfa0
[  343.240671][T11270]  do_syscall_64+0xfa/0xfa0
[  343.245223][T11270]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.251310][T11270]  ? clear_bhb_loop+0x60/0xb0
[  343.256010][T11270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.262028][T11270] RIP: 0033:0x7fb1af790ef7
[  343.266469][T11270] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 34 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.286189][T11270] RSP: 002b:00007fb1b05b4fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000134
[  343.294635][T11270] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb1af790ef7
[  343.302627][T11270] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000000c9
[  343.310615][T11270] RBP: 00007fb1af811f91 R08: 0000000000000000 R09: 0000000000000000
[  343.318628][T11270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  343.326615][T11270] R13: 00007fb1af9e6038 R14: 00007fb1af9e5fa0 R15: 00007ffc49c0ded8
[  343.334643][T11270]  </TASK>
[  343.337980][T11270] Kernel Offset: disabled
[  343.342312][T11270] Rebooting in 86400 seconds..