last executing test programs:

22m41.932108775s ago: executing program 1 (id=967):
r0 = syz_open_dev$video(&(0x7f0000000040), 0x8, 0x101840)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, 0x0)

22m41.818196613s ago: executing program 1 (id=968):
r0 = openat(0xffffffffffffffff, &(0x7f00000001c0)='.\x00', 0x440, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x111}}, 0x20)
openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd)
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='./file1\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x6000)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x21}, @in=@local, 0x4e1e, 0x3, 0x4e21, 0x0, 0x565e196a2b5cf539, 0x20, 0x20, 0x33, 0x0, r2}, {0x6, 0x1, 0x400006, 0xe0d, 0xffff, 0x8, 0xfffffffd, 0x7}, {0x7ffffffe, 0x8000000000000001, 0x1ff, 0x6}, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x4d2, 0xff}, 0xa, @in6=@private0, 0x3502, 0x1, 0x1, 0x8, 0x9d, 0x9, 0xc1}}, 0xe8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x89}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x2)
openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi2\x00', 0xa400, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f000001a440)=""/102400, 0x19000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2400c005}, 0x40)
pipe2$watch_queue(0x0, 0x80)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYRES16=r1, @ANYRES16=r4, @ANYBLOB="010000000000000000001200000008000800000000000800090000000100180001801400020076657468305f746f5f626f"], 0x4c}, 0x1, 0x0, 0x0, 0x10000000}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x7, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="6400000002060108000000000000000000000000050005000a000000050001000700000005000400000000000900020073797a310000000016000300686173683a6e65742c706f72742c6e65740000001400078008000640200000000800134000", @ANYRES32], 0x64}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000300000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x0)

22m41.684717825s ago: executing program 1 (id=971):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080)=<r1=>0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x6)
recvmsg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x10160) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x10160)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
pipe2(0x0, 0x800)
socket$kcm(0x23, 0x2, 0x0) (async)
socket$kcm(0x23, 0x2, 0x0)
socket(0x2a, 0x2, 0x0) (async)
r2 = socket(0x2a, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
sched_setaffinity(r3, 0x8, &(0x7f00000000c0)=0x8000000000000000) (async)
sched_setaffinity(r3, 0x8, &(0x7f00000000c0)=0x8000000000000000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) (async)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000000300)=""/102392, 0x18ff8)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x800, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0)
mbind(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x2, &(0x7f0000000000)=0x101, 0x29, 0x0) (async)
mbind(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x2, &(0x7f0000000000)=0x101, 0x29, 0x0)
set_mempolicy_home_node(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x89901) (async)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x8916, 0x0)
r5 = syz_open_dev$sndpcmp(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r5, 0xc2604110, &(0x7f0000000280)={0x0, [[0x7ff, 0x0, 0x0, 0x400000, 0x5, 0x40000003, 0x9, 0x2], [0x1, 0xd54e, 0xfffffffd, 0xffffff7f, 0x0, 0x0, 0x7], [0x0, 0x10, 0x200006, 0x0, 0x6, 0x0, 0x1]], '\x00', [{0x1f, 0xfffffffe, 0x1}, {0x7, 0x5}, {0xffffffff, 0x6}, {0x0, 0x1}, {0x400000}, {0xe}, {0x29, 0xffff}, {0x1, 0x80000}, {0x7, 0x3}, {0x0, 0x7ffffffd}, {0x5}, {0x804000}]})
r6 = getpid()
tgkill(0xffffffffffffffff, r6, 0x1e)
accept$alg(r2, 0x0, 0x0) (async)
accept$alg(r2, 0x0, 0x0)

22m41.312094835s ago: executing program 1 (id=974):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x1d7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f0000000640)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x3, 0x6)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)

22m41.137289965s ago: executing program 1 (id=976):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
openat$audio1(0xffffffffffffff9c, 0x0, 0x220080, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$rtc(0x0, 0x80000001, 0x408000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(0xffffffffffffffff, 0xc0045540, &(0x7f0000000000)=0x3ff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
prctl$PR_GET_NO_NEW_PRIVS(0x27)
r4 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e22, 0x1}, 0x1c)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r5, 0x0, r6, 0x0, 0xaf4, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)

22m40.679549406s ago: executing program 1 (id=979):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid() (async)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x3, &(0x7f0000007000/0x1000)=nil)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e) (async)
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000003f40)=[{{&(0x7f00000003c0)=@x25={0x9, @remote}, 0x80, &(0x7f0000000340), 0x0, &(0x7f0000000440)=""/170, 0xaa}, 0x4}, {{&(0x7f0000000500)=@pptp={0x18, 0x2, {0x0, @private}}, 0x80, &(0x7f0000001a00)=[{&(0x7f0000000580)=""/153, 0x99}, {&(0x7f0000000640)=""/26, 0x1a}, {&(0x7f0000000680)=""/183, 0xb7}, {&(0x7f0000000740)=""/104, 0x68}, {&(0x7f00000007c0)=""/4096, 0x1000}, {&(0x7f00000017c0)=""/191, 0xbf}, {&(0x7f0000001880)=""/236, 0xec}, {&(0x7f0000001980)=""/68, 0x44}], 0x8, &(0x7f0000001a80)=""/135, 0x87}, 0x6ab0}, {{&(0x7f0000001b40)=@rc, 0x80, &(0x7f00000022c0)=[{&(0x7f0000001bc0)=""/218, 0xda}, {&(0x7f0000001cc0)=""/224, 0xe0}, {&(0x7f0000001dc0)=""/178, 0xb2}, {&(0x7f0000001e80)=""/38, 0x26}, {&(0x7f0000001ec0)=""/180, 0xb4}, {&(0x7f0000001f80)=""/181, 0xb5}, {&(0x7f0000002040)=""/133, 0x85}, {&(0x7f0000002100)=""/90, 0x5a}, {&(0x7f0000002180)=""/217, 0xd9}, {&(0x7f0000002280)=""/30, 0x1e}], 0xa}, 0x7}, {{&(0x7f0000002380)=@l2tp={0x2, 0x0, @loopback}, 0x80, &(0x7f00000027c0)=[{&(0x7f0000002400)=""/243, 0xf3}, {&(0x7f0000002500)=""/43, 0x2b}, {&(0x7f0000002540)=""/162, 0xa2}, {&(0x7f0000002600)=""/85, 0x55}, {&(0x7f0000002680)=""/178, 0xb2}, {&(0x7f0000002740)=""/73, 0x49}], 0x6, &(0x7f0000002840)=""/36, 0x24}, 0x9}, {{&(0x7f0000002880)=@qipcrtr, 0x80, &(0x7f0000003c00)=[{&(0x7f0000002900)=""/4096, 0x1000}, {&(0x7f0000003900)=""/92, 0x5c}, {&(0x7f0000003980)=""/180, 0xb4}, {&(0x7f0000003a40)=""/131, 0x83}, {&(0x7f0000003b00)=""/214, 0xd6}], 0x5, &(0x7f0000003c80)=""/83, 0x53}, 0x1}, {{&(0x7f0000003d00)=@hci, 0x80, &(0x7f0000003e40)=[{&(0x7f0000003d80)=""/150, 0x96}], 0x1, &(0x7f0000003e80)=""/171, 0xab}, 0x100}], 0x6, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched_retired(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newtaction={0x18, 0x31, 0x69b6754e5abcd1c9, 0x70bd28, 0x25dfdbff, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8080}, 0x9080) (async)
sendmsg$nl_route_sched_retired(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newtaction={0x18, 0x31, 0x69b6754e5abcd1c9, 0x70bd28, 0x25dfdbff, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8080}, 0x9080)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_wait_time_recursive\x00', 0x26e1, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x800, 0x0, 0x1, 0x3}, 0x20)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000005c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021200011800e000100636f6e6e6c696d69740000000c00028008000140fffffff73c0000000c0a01010000000000000000070400000900020073797a31000000000900010073797a3000000000100003800c0000800800034000000002"], 0xe0}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='.\x00', &(0x7f0000000000)='minix\x00', 0x0, 0x0) (async)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='.\x00', &(0x7f0000000000)='minix\x00', 0x0, 0x0)
add_key$fscrypt_v1(0x0, &(0x7f0000000300)={'fscrypt:', @desc4}, 0x0, 0x0, 0xffffffffffffffff) (async)
add_key$fscrypt_v1(0x0, &(0x7f0000000300)={'fscrypt:', @desc4}, 0x0, 0x0, 0xffffffffffffffff)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x40, 0x0)
unshare(0x2c020400) (async)
unshare(0x2c020400)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r7, 0xc0045516, &(0x7f00000001c0)=0x7)
read(r7, 0x0, 0x0)
sendmsg$IPSET_CMD_LIST(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000400000700000000005d61003a9e45ef521b2ce3b134b6431e"], 0x1c}, 0x1, 0x0, 0x0, 0x20004080}, 0x48810)
recvmsg(r6, &(0x7f000000c1c0)={0x0, 0x0, 0x0}, 0x20)

22m40.334834421s ago: executing program 32 (id=979):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid() (async)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x3, &(0x7f0000007000/0x1000)=nil)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e) (async)
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000003f40)=[{{&(0x7f00000003c0)=@x25={0x9, @remote}, 0x80, &(0x7f0000000340), 0x0, &(0x7f0000000440)=""/170, 0xaa}, 0x4}, {{&(0x7f0000000500)=@pptp={0x18, 0x2, {0x0, @private}}, 0x80, &(0x7f0000001a00)=[{&(0x7f0000000580)=""/153, 0x99}, {&(0x7f0000000640)=""/26, 0x1a}, {&(0x7f0000000680)=""/183, 0xb7}, {&(0x7f0000000740)=""/104, 0x68}, {&(0x7f00000007c0)=""/4096, 0x1000}, {&(0x7f00000017c0)=""/191, 0xbf}, {&(0x7f0000001880)=""/236, 0xec}, {&(0x7f0000001980)=""/68, 0x44}], 0x8, &(0x7f0000001a80)=""/135, 0x87}, 0x6ab0}, {{&(0x7f0000001b40)=@rc, 0x80, &(0x7f00000022c0)=[{&(0x7f0000001bc0)=""/218, 0xda}, {&(0x7f0000001cc0)=""/224, 0xe0}, {&(0x7f0000001dc0)=""/178, 0xb2}, {&(0x7f0000001e80)=""/38, 0x26}, {&(0x7f0000001ec0)=""/180, 0xb4}, {&(0x7f0000001f80)=""/181, 0xb5}, {&(0x7f0000002040)=""/133, 0x85}, {&(0x7f0000002100)=""/90, 0x5a}, {&(0x7f0000002180)=""/217, 0xd9}, {&(0x7f0000002280)=""/30, 0x1e}], 0xa}, 0x7}, {{&(0x7f0000002380)=@l2tp={0x2, 0x0, @loopback}, 0x80, &(0x7f00000027c0)=[{&(0x7f0000002400)=""/243, 0xf3}, {&(0x7f0000002500)=""/43, 0x2b}, {&(0x7f0000002540)=""/162, 0xa2}, {&(0x7f0000002600)=""/85, 0x55}, {&(0x7f0000002680)=""/178, 0xb2}, {&(0x7f0000002740)=""/73, 0x49}], 0x6, &(0x7f0000002840)=""/36, 0x24}, 0x9}, {{&(0x7f0000002880)=@qipcrtr, 0x80, &(0x7f0000003c00)=[{&(0x7f0000002900)=""/4096, 0x1000}, {&(0x7f0000003900)=""/92, 0x5c}, {&(0x7f0000003980)=""/180, 0xb4}, {&(0x7f0000003a40)=""/131, 0x83}, {&(0x7f0000003b00)=""/214, 0xd6}], 0x5, &(0x7f0000003c80)=""/83, 0x53}, 0x1}, {{&(0x7f0000003d00)=@hci, 0x80, &(0x7f0000003e40)=[{&(0x7f0000003d80)=""/150, 0x96}], 0x1, &(0x7f0000003e80)=""/171, 0xab}, 0x100}], 0x6, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched_retired(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newtaction={0x18, 0x31, 0x69b6754e5abcd1c9, 0x70bd28, 0x25dfdbff, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8080}, 0x9080) (async)
sendmsg$nl_route_sched_retired(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newtaction={0x18, 0x31, 0x69b6754e5abcd1c9, 0x70bd28, 0x25dfdbff, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8080}, 0x9080)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_wait_time_recursive\x00', 0x26e1, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x800, 0x0, 0x1, 0x3}, 0x20)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000005c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021200011800e000100636f6e6e6c696d69740000000c00028008000140fffffff73c0000000c0a01010000000000000000070400000900020073797a31000000000900010073797a3000000000100003800c0000800800034000000002"], 0xe0}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='.\x00', &(0x7f0000000000)='minix\x00', 0x0, 0x0) (async)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='.\x00', &(0x7f0000000000)='minix\x00', 0x0, 0x0)
add_key$fscrypt_v1(0x0, &(0x7f0000000300)={'fscrypt:', @desc4}, 0x0, 0x0, 0xffffffffffffffff) (async)
add_key$fscrypt_v1(0x0, &(0x7f0000000300)={'fscrypt:', @desc4}, 0x0, 0x0, 0xffffffffffffffff)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x40, 0x0)
unshare(0x2c020400) (async)
unshare(0x2c020400)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r7, 0xc0045516, &(0x7f00000001c0)=0x7)
read(r7, 0x0, 0x0)
sendmsg$IPSET_CMD_LIST(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000400000700000000005d61003a9e45ef521b2ce3b134b6431e"], 0x1c}, 0x1, 0x0, 0x0, 0x20004080}, 0x48810)
recvmsg(r6, &(0x7f000000c1c0)={0x0, 0x0, 0x0}, 0x20)

20m30.217939198s ago: executing program 4 (id=1501):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bind$rose(0xffffffffffffffff, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x1, @bcast}, 0x1c)
syz_usb_connect(0x0, 0x24, &(0x7f0000000540)=ANY=[@ANYBLOB="1201000088945b406d04b6088eca0000000109021200017f00c0000904"], 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x1, 0x0, 0xf9, "", [{{0x9, 0x4, 0x0, 0x6, 0x1, 0x7, 0x1, 0x3, 0x40, "", {{{0x9, 0x5, 0x1, 0x2, 0x8, 0xfe, 0x8, 0xfc}}, [{{0x9, 0x5, 0x82, 0x2, 0x40, 0x90, 0xa, 0x2}}]}}}]}}]}}, &(0x7f0000000380)={0xa, &(0x7f00000000c0)={0xa, 0x6, 0x310, 0x6, 0x9, 0xce, 0x8, 0x2}, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="05ec040000850f0999847f7800c921c6984d569426a418caedaaa679d3e5ef3bef5589b1155624dcf3bc229a7596f9dbd5a373446173e34c1a3d66df2218fbedf8666566dfd568e1cf899b719128d9afe4aa3d43fe3a1a82dd0e033bd4b6"], 0x2, [{0xf8, &(0x7f0000000280)=@string={0xf8, 0x3, "d52ae017872cc150e56679b3cd9348f6ab3bf49d2aa6019e29c6b6dec04f0bea30d06d02a9e6317c35938a2c2269288262dcbb0d344f1fb883a3cb72c99ca9104aeaff5a14eb0bdc592168a3bd45f1df2506f496f406664cc500f93963e7b2df5426b17feb6c0b2368b0c245d65a61ee1d6aecae58d184c37da1c2270b15b51c116905738763ed24eb8a05e9d431ce13737b768b71b7f55acf328c0abf30ac8f8e994faa17fd8fe0f422a5410dae3ad4a4f24a692ff55e9b93b8ae3420955621c64e79ab0cb66a92e9d63e378af3d53379292419746a5c5b5febfedfdbe9481a89103150c8dcfafa993376d50e63799cfc2c58987a04"}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x814}}]})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x1, 0xa, 0x99, '\x00', 0xe})
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000840)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})

20m28.331312198s ago: executing program 4 (id=1511):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = dup3(r0, r0, 0x80000)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000020c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000002100)={<r4=>0xffffffffffffffff}, 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0xffffffd7, @remote, 0xa098}, {0xa, 0x4ea5, 0xd, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8}, r4, 0x7ffe}}, 0x48)
write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000680)={0x7, 0x8, 0xfa00, {r4, 0x2d}}, 0x10)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
pipe2$watch_queue(&(0x7f0000000180)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
ioctl$XFS_IOC_ATTRMULTI_BY_HANDLE(r6, 0x4048587b, &(0x7f0000000540)={{r5, &(0x7f0000000140)=']\x00', 0x700403, &(0x7f00000002c0)={@align=0x7, {0x9, 0xff, 0x3, 0xa}}, 0x40000, &(0x7f0000000300), &(0x7f0000000340)=0xffffffff}, 0x1, &(0x7f00000003c0)=[{0x2, 0x2, &(0x7f0000000380)='/dev/ptmx\x00', &(0x7f0000000440)="815c3948687710e0a85f941995b2770e80492acfb5df59d0df21c6a01cfa202f4cdc48785233435eab6320ff5e109c5f5df5c08da694812932b1007a48441f45363e715d86aa0f5f57013c1aa8629e495eb89a636a08baf71b19c2be8cab3a6749dd73ee8ba8b64d359ef23fb8415c24a0980cd32145ab02478d4bc4bbfd08e71eb32db7fca66ff110976e5f9cfb34cce923adf6a64829f278b3d826e5335d5592bf825d9bc1fa4bbafeebb12fdd7e4c2353db9d0f1b610b7b90164a63b2dc1cd8c9ae1a453d04e4d726bdd7b23281b34b", 0xd1}]})
r7 = syz_open_dev$sg(0x0, 0x6f5e, 0x44000)
ioctl$EXT4_IOC_GROUP_EXTEND(r7, 0x40086607, &(0x7f0000000100)=0x1)
ioctl$VIDIOC_DQEVENT(r6, 0x80885659, &(0x7f00000001c0)={0x0, @data})
keyctl$read(0xb, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r6, 0x0, 0x41, &(0x7f0000000000)=ANY=[@ANYBLOB="7261770000000000000000000000000000000000000300"/88], 0x58)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x4020aeb2, 0x0)
ioctl$PTP_PEROUT_REQUEST2(0xffffffffffffffff, 0x40383d0c, &(0x7f00000000c0)={{0x68b3, 0x5}, {0x68b3, 0x7}, 0xa637, 0x6})
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(0xffffffffffffffff, 0xc034564b, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
r8 = inotify_init1(0x0)
inotify_add_watch(r8, &(0x7f0000000400)='.\x00', 0xa4000021)
sendmsg$nl_route(r5, &(0x7f0000000640)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000600)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x40)

20m27.196106855s ago: executing program 4 (id=1518):
r0 = timerfd_create(0x0, 0x80000)
ioctl$TFD_IOC_SET_TICKS(r0, 0x40085400, &(0x7f00000000c0)=0x8eca)

20m27.095438799s ago: executing program 4 (id=1519):
mkdirat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x1c3)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000800), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file1\x00', &(0x7f0000002100), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRES32])
read$FUSE(r0, &(0x7f000000b1c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
r3 = fsopen(&(0x7f0000000100)='squashfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = creat(0x0, 0x80)
close(r5)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYRES8=r0, @ANYRES8], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r6, 0x0, 0x0, 0x18}, 0x20)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000001b80)=ANY=[@ANYRESHEX=r5, @ANYBLOB=',wfdno', @ANYRESHEX, @ANYBLOB=',acc', @ANYRESDEC=0x0])
setpgid(r4, 0x0)
setpgid(0x0, r4)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, 0x0)
r7 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_READY(r7, 0x9360, 0x800000000000001)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, 0x0, 0x20000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000400)={0x50, 0x0, r1, {0x7, 0x2b, 0x10, 0x1c20040, 0x0, 0x0, 0xc0000000, 0x1, 0x0, 0x0, 0x100}}, 0x50)
syz_fuse_handle_req(r0, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0xe, 0xfffffffffffffff5, 0xffffffffffffffff, {0x0, 0x20000000, 0x0, 0x8, 0x80002, 0x5, {0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffe, 0x0, 0x4, 0x0, 0x6000, 0xd, r2, 0x0, 0x800000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)

20m26.772973575s ago: executing program 4 (id=1520):
setsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x67, &(0x7f0000000000)=0x507, 0x4)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000600)=[{{&(0x7f0000000080)={0x2, 0x4e20, @local}, 0x10, 0x0}}], 0x1, 0x2000c844)
sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440606769ebdf12cfacae8e8c03f5db079da7d9ecda75e2a7d49d5cbcb370c4d789390a328ba42c9c60cf2154d1b659aa709e8980a522cfb72f23ad87fb7019706ccae98cfe7c4fd23e8297b8cabc46ede1ac3da78f1b488c6357e7edfcd417df6660af20a54ecdcb02f689ae15ee655d4b7b1ea733e88ee9f53669388dff487c1c49953f3bc142112bd4b582b29b35d43962ed245c2cd5d5df40a3e0ed6beaf3b641e84b0f0dfa121a9efe05269f9f4a0e9bcbf43c7a90a711f453668c730c3badedca687b71a9c27bab9e724cc4a4918713031596ea6fd01124f973f257ccd9665aee7df4a9d64f079d176abc00000000d7af3e2dd4396f72373fb0a787a6129ca41181f5087fb843212550b58e3707d5a0399de36c2503836cbe2133de4f574e9e05c96788b0de1bd13e390445433d96737b964fa8af2ac4b2f0f9390ca93d8d3d810044d024359e067c4553230ab748947d33f8fc115ce9a49e6571c45a05d786cbd49342c236537dbbeec666b07baab917252113a5b9a77283189b518f356debe42d80cf2d0687b9c64d0253a6a09286fded6e4f8557b8fb4f25ca4fb138af8945c74bbc98748eaaa030be5317646f195e6e085ac6ddb29542e3581961259987241f7e7061526a7afec8962e74215fea43703a4e543ee9d1a3c3f5f2a41977ece8fdadcf89ce331ce59bebae5f53513d0e10485d7ddbda60513bf339602510b3a23ea29a0d5d03a61e34d12942ea4a847c884b27b5344a456d02a55f8929cc567e7c792c01fab7a7b32780a14c361000609b817dd91507b04d875279527946fdb8fb92a512485e234d092c28f1d0a0498731ccc0eb10515d510e8945839307b46512ceca6f495fdd2c6ae5eb2ef3b2a40ebdc7edf0048e3fb5e3d97a9ea5113a6b70d20ad5c43f0df95d88c0f121a1884da21a21f0ba47420f8391a97921cc51871dbb272e43710fe71d5e342c3afd10608a8b02f00e8fbd8d570b6faace86c494ecea8913233391e7b7cec3d571bb3032181ed58e1b513e511f79ee562c8cde9b3b74c2e95dcde7fadb5a666bdc0c1684794620ce8cf0c0aee8e90b3ef6e7160d3f055cb4d1ced32e4edc15e7d102952d3237e6c02c591a95a182bf190c0124abc7f1225332ff1c5e1b94e4e9bf02c1a18bd7bfce20707f7298da322560bc1a4cf298d46f5bf8ff41da21e25aa17f65f9ee43ca890b5ef6a3ccf3efedf3ca60a9acef1352ad0c43e6cf375108cf0974ce89a99adba7e6a3f8949dc573440fafe0e3abdd0066057a2d868e8386080f18a421568d8e7a89536a4173861bd55245c8fcf7dcba18edce36d2e85b9630fbc218db9ebd16abb11ac06fdbf2bc3e6394d4c6e7ae71813d30772d487743a2856348fee09989ce03331e7848770fc91e62191c20fe5f4a73c5dae467dd612bdb63b1e50921d38271305d7412103d5a6214d6d534d1d530b9169f882b6926bbd338f0282a8bd9a44603934e5249e83f1d0947b39f82a7843d2b6f796d8abf7ff3e66cfd4519324d71cebbf6580dffc10d555e479e9acaa12c3c59e3732c181aa4223d0fcdac514e9d7c7963c2634964520286b028f60a4ae612b8e6049315139e884cbffd6836253094ad023329183496cf663366ad4d7f7f5f1bd2db9b0d33f106c041fba4494c7da404d45d8955e5459ca4a62862721ec1fa534fd95e262c5814426816e60000000000000000001aa4fb6f40ec24f42f6949cc28d2a0d4eb61cb1664627582d962523586539445b81e9759321652280ecb", 0xffe3, 0x6000000000000000, 0x0, 0x0)

20m26.599864787s ago: executing program 4 (id=1522):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='westwood', 0x8)
getsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x1a, 0x0, &(0x7f00000000c0))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0xffffffffffffffff, 0x3, &(0x7f0000000000)={0x8, 0xfffe}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r5 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r5, 0xc0184800, &(0x7f0000000100)={0x4, <r6=>r4})
ioctl$DMA_BUF_IOCTL_SYNC(r6, 0x40086201, &(0x7f0000000080)=0x1)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
fgetxattr(r7, 0x0, 0x0, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="200000001e0001030200002000200000010000000c00038008000000", @ANYRES32], 0x20}, 0x1, 0x0, 0x0, 0x81}, 0x4004000)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r9 = getpid()
sched_setscheduler(r9, 0x2, 0x0)
getpgid(0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[], 0x54}}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
msgctl$IPC_RMID(0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)

20m25.09010482s ago: executing program 33 (id=1522):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='westwood', 0x8)
getsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x1a, 0x0, &(0x7f00000000c0))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0xffffffffffffffff, 0x3, &(0x7f0000000000)={0x8, 0xfffe}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r5 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r5, 0xc0184800, &(0x7f0000000100)={0x4, <r6=>r4})
ioctl$DMA_BUF_IOCTL_SYNC(r6, 0x40086201, &(0x7f0000000080)=0x1)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
fgetxattr(r7, 0x0, 0x0, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="200000001e0001030200002000200000010000000c00038008000000", @ANYRES32], 0x20}, 0x1, 0x0, 0x0, 0x81}, 0x4004000)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r9 = getpid()
sched_setscheduler(r9, 0x2, 0x0)
getpgid(0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[], 0x54}}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
msgctl$IPC_RMID(0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)

16.064596241s ago: executing program 6 (id=5322):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000000480)=""/74, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, 0x0})
preadv(r0, &(0x7f0000000d40)=[{&(0x7f0000000700)=""/85, 0x55}, {&(0x7f0000000780)=""/217, 0xd9}, {&(0x7f0000000980)=""/231, 0xe7}, {0x0}, {&(0x7f0000000880)=""/130, 0x82}, {&(0x7f0000000b80)=""/237, 0xed}, {&(0x7f0000000c80)=""/157, 0x9d}], 0x7, 0x6, 0x2)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f0000000080)={0x75a8, <r1=>r0, 'id1\x00'})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x4b, 0xfa00, {0x3, &(0x7f0000000140)={<r2=>0xffffffffffffffff}, 0x13f, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_DESTROY_ID(r1, &(0x7f00000001c0)={0x1, 0x10, 0xfa00, {&(0x7f0000000000), r2}}, 0x18)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000100)=0x200000000) (fail_nth: 4)

14.904105818s ago: executing program 6 (id=5327):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0x2f0}]}, 0x10)
sendmsg$NLBL_UNLABEL_C_ACCEPT(0xffffffffffffffff, 0x0, 0x804d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
setns(0xffffffffffffffff, 0x24020000)
unshare(0x44040000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x22060, 0x0)
fcntl$setlease(r3, 0x400, 0x0)
r4 = syz_usb_connect$uac1(0x3, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201500200000008662410804000010203010902600003010000840904000000010100000a240109000a00020102090401"], &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r4, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000600)="14882539ad347ef06a9d20c5cd1711162b8881b47407f09ffb0e15ca2a27e80bde8ef15de00151fe775a827e23dea2c9a6737489ff39e87f9b1a95353b110cc3b19dee8941cf37031475de98c5dabcedba93ce140e6fde7292bc2e304583616782e8ce263a794673e67dc8462772af36fe5abc85bc947a94990b4ec80e32bf7ea9354f1ff191fa0f0febb1755aae0c58c4100f256b166cc124d511b59c8aed60fefa2406370fdb7b2e7697aa972f7d13244d25d4c91543bcf0e90c8f7f3a2aaa250db88f8025f5e5485574be8e3de3250b75362db1b448fc5fac07d747b6c2878bc831447454488330ae7c3c944edc7fb6e4d255fae1dca2f11d49baf82c6f2031bb5e15d2f6bbc20cbc3c6e0a7fc37dc0cba716cf66af266456cbc10748f1f17aeadeafcc4c1ff1ca2c559a0ea770623165811aba8ff829f72b3c67153129a6b72cb63d0b65d22d68ca0f4a3a4d470f65ba18ac4530d7b8cb7e246467410635409c6327d3434b5034cb7a7f20c5b119ba7e523ac65672a050910d945809430b1d5b28c9c54edcd568a698ab3967fc474e08f6fe20bf80744d2926b8c99b7231d51bd455feec5cfcc6d9b1998b64d69e07a3edf689ce5eb0c732ae2fcf7e0ca048cd395c44f1bd8f50d3a3086fd3cb298c272537e7728d350165ae04c5ade58cbb54ed70368e354e34929891675bb32ee7d28373fb533333d0fab6eef7eb0bacde8bb55b97ac2f30bb5b277d920c424c47d6e35a7266ae219b010c5209c22fe313fba1817634e48f1816145b6f46ff0c65e26c3fb7eca7e6058b3dd977b22bc68537d3de3a5b9d5bf7d0fabdb8307db09323acb47c217585e70c0955a84e2d5b988bf4c5e1c4214155eb43f17c795731bec150d72ec4e3475e4a95a4a609d190a7abdb323b1855e9fbd30f3172fbd2ea7f91e42703adcd78effddbd3bd462aaee43c9238ce57c295e92bc2ec9286892cc5a330e2c5dd5feeb8f50af71ceccb5987d6c9276fd042442d8f79d5a17fb40afb0552f6f1bf85579b9f9cb23b2e51755edb4717c9e2829c21b3db09b3d206aa9dca795886a2505a234648351c55bbb2280cd8bb82d6ce62a968a44d1d74ff30f903607e71db681f19c7eaa6b8bdb768590065647f674bf67610bf9a90ede73b594a285235be31433c20ed5c1131cd8bd49727e093ff6fd89482c8d2285432e2ab578dcdc016fd8e78418bf3ea2851ae6cf2397faa38e38142247a13d46bcced263fa2c32c90eb869721ad4b3a6d6ad11c9d701c244db6ae73b4e4a44b176b02f629c596c134424d14383a25629ca2891736cff08dd5da3542fe48152104559069fde9d769a5108d130e902a2d99bcc9c828cb0426102e93b933742abcce0686d7d910907ee27193d53b23d1dfe58bd16624cf1744ce94edfd334ad51937769f7e55da67d64a56cfc6476ba5a52504dbc671207845e29e1634d5dfd399f2f4c25616026289e0869694579874cc291547fd3260a56f2f6bb9f3bdcf5a7983e643907f384dd60c9c4c5c251585487579a28f46ba5ee06b0d65d6d4b155b7c560b45d580a2234c63340d34b71c0be3400116e60b32479f046b8ea9fbe1e002d7498844f4cabe559597f824f7784d6044fdfe9c8c118f7101f049cac7c1c913a7ad0b489dc2709cc34bc3ab18d5b5777def13ac90800f15f8f391d0ff5f255df4d35acc4ea4b12025bc2424c53f0644e60ee1c5dc3ca9c8ae7667857000ca485cb7a8a1800f9c80a588cdd4fd71a338e5fad32b30c4ca9d3cb6c66e56c96cdb1d00b634b4bd2c5114784ebd907081b44e65bdb108da8bf99e040fb8933fd2b2e52ca7ff653e556a4d1570b3eccfcc0654b7b99203e7232cc25b4260e2d39f48034114d50285265f58606598f6f0a89cbf8451fd796022f59a9bd00372ec9574f1f176d099e400130c631ac1e09ceaa737789c136138df90328dca977998e35bd64f915cedf2400e2106080d54677dbb795ce99e9b4cc123150cf8f42e90771be3fa829111af7d728545b248a098e4e5fc54e67dc69702779a4c93f0283b6af895a8949c797c817efee087aa902e01aa68eb928e5439583f6849ee6bc60285c303c862ebe21ef5a87117f8725a23b7a0e57e718fb3524477fb8cb41c2f423329f9055d6f849ce80eb21e0a4a00ace326f3be841333cd8a8a0478a8333ef280c71d44f58c4e8f64ecf26f44e8bb36196e8f81af24afa7af684388b8a806989cac6ec2355a9b1bc54a35ffbef4ae00c1f7f529b351d686d20fae3843aa3658842ff6a769afa3f6d4c862970056bddd4ee5b2be5888d81e3239f47fa068bf1a3c09e35ce9fc3989d6e8099bd3341ec65b84a05622c76744f536b9c031d4f30c0fac2fb264dd2368bd9af7eacf4a5c7327deb61cfeee470fb62e48e2a30d6dfc153ae1423a672ff9e375ab97814b0c241eab09bc8eafcec10b95da8d8a839c8020d8f3f1309749029eedc7507ed5d41362dab10254fefd719ff7a8bad2b04423475f4df0c70f5233ff07c3bf27dce1d4b9b1090cb1fdef83b2d10253fef9a935fae7fa5e7ac2b7f4edb036289d6d72454776d5ff0ad1b8f848135359f4b4f9857e761638233f344c3844e1116da629b9c1729731ed661f65a902010c5e05be0adbef08bb6e681ef2d7f677ece5e42ac80cc295a468628a2fe072dc724f9386908024025abdcdc73d888f5f65338d387b1090c1aceeedd36cb699334c0cb617be0e5ed5c53b255c8d944da72f5938d5ab98bf3071bfde4d466e4826c7ee4226e1f819c02ced88d25712c28153a483aa48a34cb37d559ba00f8a1603762efad3ff7ff4faab097c921ecf3c9be28aeeeb0a3baa35dd8fcbd41a35b3eab0549d765b2f46c543a3769e6ae4253d5af38359290933b4346e9da654bb895457af40084cdd4f599d992b6a70f2a1b189fe8f17bad053d39cecdf0c002445fa1484637ff8084b4f48dafce0ae90b92b5bdc5ee8a13663e497b7e69188c423c1a52d8ce85cd3ca87f4a171f307746b100b566ea2a131df9d8cce9225a98cec6f101014e6bb8f2a179b20b6f1ef1cd2e2116b0ac9900f0fa5b18f5d756695cc08081d3a15c5278f52f6f789f998b6fc98f230aac6e9a60388992701bc2e8d3275fac99f8169db8f669a2153d5121ed0ef272eac1f75d7bad828b5c5a70481073231cc639de65296999d699f2576e793b1e6aa3dc12f84204b1d6260b1875588fcddc78deafab66b6c9aaaa33481a52daea9faa1109e29e563b42", 0x900}], 0x1, &(0x7f0000000080)=ANY=[@ANYRES16, @ANYRES8=r0], 0x38}, 0x0)
sched_setscheduler(r0, 0x5, &(0x7f0000000240)=0xfffff800)
r5 = getpid()
r6 = syz_pidfd_open(r5, 0x0)
setns(r6, 0x24020000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x152)
add_key$keyring(&(0x7f0000000200), 0x0, 0x0, 0x0, 0xffffffffffffffff)
add_key$fscrypt_v1(&(0x7f00000002c0), &(0x7f0000000300)={'fscrypt:', @auto=[0x63, 0x62, 0x32, 0x30, 0x65, 0x32, 0x31, 0x35, 0x37, 0x37, 0x30, 0x61, 0x61, 0x38, 0x39, 0x36]}, &(0x7f0000000440)={0x0, "8527d2100090af54bfbca283be11c0de7af30e94937920fcba13ce0af61beaa44d66a6535daf1bc35fb3af1e9197d71d26589d077c88184095fb00", 0x14}, 0x48, 0xffffffffffffffff)

11.687411599s ago: executing program 0 (id=5338):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(0xffffffffffffffff, 0x7b2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x1f, &(0x7f0000000380)=ANY=[@ANYRES32])
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000640)=@newtaction={0x1a8, 0x30, 0x48b, 0x0, 0x0, {}, [{0x194, 0x1, [@m_ct={0x13c, 0x10, 0x0, 0x0, {{0x7}, {0x20, 0x2, 0x0, 0x1, [@TCA_CT_LABELS={0x14, 0x7, "80e8ce17b458908a438d12496978af2a"}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, {0xf8, 0x6, "04b39bfac3a241b9c81c665a896e6513c9722a5e30fa8b0353d4cba07f29ce979b76c2b214b672cc2feb1a43e86450219fd0a142e01a18833275fd48ffc4daed68474b02078a30b8a0befdace6b99d6ca931520dfab4ca791852292f5437abf10d1c92c8e9e1916d70c26a4b34ae790c8899cc17e83a2b8ca9f2a7171ee65be02800ce94956930fc489489acc9ed7b1d35015e374a9d13be74faf719191c71c1472db775447fadd3a894f27c13342d098d962d01583df344521aae935eeb4887f45915890363b26f63e649fe3f1508d295129c75f61cc026a11ce856bc2bc5d42c5d955325acd39f073017e748846999d0d037fa"}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}, @m_simple={0x54, 0x1, 0x0, 0x0, {{0xb}, {0x28, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0xffffffc0, 0xf17, 0x10000000, 0x6, 0xffff15cf}}, @TCA_DEF_DATA={0xa, 0x3, 'btrfs\x00'}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x4008094}, 0x4801)
sendmsg$DEVLINK_CMD_RATE_GET(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r6 = socket$rxrpc(0x21, 0x2, 0x2)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2251197285d36a80, 0x0, 0x0)
setsockopt$RXRPC_SECURITY_KEYRING(r6, 0x110, 0x2, &(0x7f0000000040)='btrfs\x00', 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r7 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x7fff, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000180)={0x5, &(0x7f0000000100)=[{0x3, 0x5, 0x3, 0x4}, {0x4, 0x3, 0xbc, 0x3}, {0xb, 0x3, 0x8, 0x6}, {0x2, 0x6, 0x2, 0x6}, {0xfffc, 0x8, 0x0, 0x8}]})
ioctl$vim2m_VIDIOC_REQBUFS(r7, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x1})
mmap(&(0x7f0000441000/0x4000)=nil, 0x4000, 0x280000b, 0x28011, r7, 0x0)

10.917224095s ago: executing program 6 (id=5339):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0xa200, 0x0)
io_uring_setup(0x647c, &(0x7f0000000000)={0x0, 0x0, 0x4000, 0x1})
ioctl$BTRFS_IOC_TREE_SEARCH(r4, 0x7005, 0x0)
readv(r4, &(0x7f0000000000)=[{&(0x7f00000012c0)=""/191, 0x4}], 0x3)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0xfca804a0, 0x0, 0x8, 0x0, &(0x7f0000000300)=""/8, 0x3c, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100002cb990105b0412024ebd0102030109021b0001000000000904"], 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0xfad4d87013c8c761, 0x1a7)
r5 = socket$inet6(0xa, 0x1, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000340), &(0x7f0000000040)=@tcp=r0}, 0x20)

9.789640386s ago: executing program 2 (id=5344):
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
syz_io_uring_setup(0x496, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000b40)=ANY=[@ANYBLOB="3c000000100003042cbd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="000500000000000014003500776c616e3000000000000000000000000800", @ANYRES32=r6], 0x3c}, 0x1, 0x0, 0x0, 0x20000804}, 0x8000)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), r8)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r8, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d3000000000000005000c0001000000080007000100000008000600000100000800050002000000080013007cc4000008000d000400000005000b000400000008000e0081000000080006"], 0x74}, 0x1, 0x0, 0x0, 0x2400c000}, 0x0)
r10 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r11, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x6, 0x10000, 0x800000, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0xfffffffffffffffe, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0x8d], 0xeeee8000, 0x241000})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000080)=0x74000000)
ioctl$FS_IOC_GETFSLABEL(r1, 0x81009431, &(0x7f0000000100))

8.578918959s ago: executing program 2 (id=5347):
r0 = userfaultfd(0x801)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000003c0)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x428})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioctl$SNDCTL_SEQ_GETINCOUNT(r5, 0x80045105, &(0x7f00000000c0))
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r6, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_int(r6, 0x6, 0x19, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000100)={'erspan0\x00', &(0x7f0000000240)={'syztnl1\x00', 0x0, 0x80, 0x20, 0x9, 0xec, {{0x1a, 0x4, 0x1, 0x9, 0x68, 0x67, 0x0, 0x9, 0x2b, 0x0, @local, @rand_addr=0x64010101, {[@ssrr={0x89, 0x23, 0x7, [@broadcast, @empty, @empty, @broadcast, @dev={0xac, 0x14, 0x14, 0x37}, @remote, @loopback, @loopback]}, @noop, @timestamp_addr={0x44, 0x2c, 0x7f, 0x1, 0xd, [{@broadcast, 0x3}, {@private=0xa010100, 0x761}, {@rand_addr=0x64010102, 0x1}, {@local, 0xfffffff8}, {@private=0xa010100, 0x8}]}, @ra={0x94, 0x4, 0x1}]}}}}})
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000f6ffffff000000000000000000000000000000008266281f766ec842ce7971c88a16387875b2473a3c3bc230c346b4a0f013064f4524e3d04c18e414f3ed1c21a6597af13a8339"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000050e8850000007000000018110000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000018110000", @ANYRES32=r7], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r8}, 0xc)
r9 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r9)

7.718722629s ago: executing program 5 (id=5348):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x600200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r2, 0x0, 0x482, &(0x7f0000000300)=""/201, &(0x7f0000000100)=0xc9)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r5)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x40000)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
r8 = socket(0x10, 0x3, 0x0)
close(r7)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x7, 0x635e, 0x5, 0xffffffff, 0x10000}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x240400c1}, 0x40)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newqdisc={0x5c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x80000, {0x0, 0x0, 0x0, r9, {0x0, 0xe}, {0x2, 0xb}, {0xffe0, 0x484c10e0d22b6613}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xfffffffffffffdc3, 0x2, [@TCA_FQ_PIE_MEMORY_LIMIT={0x8, 0x8, 0x10006}, @TCA_FQ_PIE_ALPHA={0x8, 0x5, 0x12}, @TCA_FQ_PIE_LIMIT={0x8, 0x1, 0x6}, @TCA_FQ_PIE_DQ_RATE_ESTIMATOR={0x8, 0xc, 0x1}, @TCA_FQ_PIE_QUANTUM={0x8, 0x7, 0x6}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20004061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

7.611806806s ago: executing program 2 (id=5349):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000700)=ANY=[@ANYBLOB="7400000010000304021000000000269c46260500c3e86fde8408ccfc780000000000006780063cef165bd6262ba77da5e6211d4819a31bfae14bb226d3bc8c077c0289ad3ed063c3dc7394211f411908388af7c1698149cdad5ff40f", @ANYRES32=0x0, @ANYBLOB="0003000000000000540012800b0001006272696467650000440002800c001f000200000000000000050016000000000005002b00fa00000005002900000000000c001e00a00000000000000008001b00fbffffff05002a0000000000"], 0x74}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r4, 0x5408, &(0x7f00000000c0)={0xcf47, 0x4cc, 0x59, 0x7f, 0x1, "8003e3ffff072000"})
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x121883, 0x0)
write$P9_RSTATu(r5, &(0x7f00000004c0)=ANY=[@ANYBLOB="930200007d00000005f000000000000005000000000000000000f700040000000000000000000000000000000000000000041f00046e6f6465767b6376666f7892ffffff8102000000000031ffcebc92000000b5351f5bde05f700000000187b8200b500003b595fcb14034354b9fd9ef196a51cd5157adc8106b494e11200cfc2001000000000000000000000f313f6005500f8f669fb716dcf315ecaf385409ac65b9408678c2c3b9e1d52c36cde7ba4a400b4b0b4f174a666a8529a451b3407dbdab2884baf050000000000000047ec21cabff20fd7f019ef70f1d9db3c7c5c039c1cbe36f4fd1a4cc280e8d489da649a37002c016f6465762d6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475daf03b741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e0e190198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d723859dba3f93a8c5b42ee7cac07de09d1d68a60333a882467d2b31aacdf9188549b1125d6c4c9b18c2fb56c57d7dc626e43907b6a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664df244e4c90570a70049f399f061f75b7797ce1fe11ea919609d51a41dd3de304bd7c7ed0a456f0ae12516105c9ce887df5a6e0b6a77d596cf88ba6e5c6397c7d5021d7989528fd1739e1c2d87fff00"/530, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0x232)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x32b402, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
listen(r6, 0x1)
r7 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats\x00')
close_range(r7, 0xffffffffffffffff, 0x0)

7.576359945s ago: executing program 0 (id=5350):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r0 = socket(0x2, 0xa, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) (async)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) (async)
recvmmsg$unix(r0, &(0x7f00000043c0)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)=""/240, 0xf0}], 0x1}}, {{0x0, 0x0, &(0x7f0000002d00)=[{&(0x7f0000000900)=""/174, 0xae}], 0x1}}], 0x2, 0x0, 0x0) (async)
sendmsg$nl_route(r1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000009b80)=""/102392, 0x18ff8) (async)
ioctl$KDSETMODE(0xffffffffffffffff, 0x4b3a, 0x1) (async)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5)
r3 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r3, 0x800448d2, &(0x7f00000002c0)={0x0, 0x0}) (async)
syz_clone3(&(0x7f0000000900)={0x23800000, &(0x7f0000000040)=<r4=>0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async)
io_setup(0x8, &(0x7f0000000600)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r4, 0x0}])
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, 0x0)

7.499481358s ago: executing program 3 (id=5351):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
futex(0x0, 0x83, 0x0, 0x0, 0x0, 0xffffff01)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x15, &(0x7f0000000000)=0xd, 0x1a)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
r1 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$int_in(r2, 0x5421, &(0x7f0000000000)=0x5)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
close(0x3)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x60, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0xfffffffd}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x3f}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x60}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001300050000000000feffffff07000000", @ANYRES32=r5, @ANYBLOB="003000000000000014001a80100004800c000880"], 0x34}, 0x1, 0x0, 0x0, 0x800c000}, 0x0)

7.388540854s ago: executing program 6 (id=5352):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4048084)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
prlimit64(r1, 0xd, &(0x7f0000000180)={0xfff, 0x5}, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = io_uring_setup(0x1684, &(0x7f0000000080)={0x0, 0xcc3d, 0x400, 0x0, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x0, 0x1}, 0x20)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
socket$inet6(0xa, 0x1, 0x0)
setresuid(0xee01, 0x0, 0x0)
prlimit64(0x0, 0x6, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, &(0x7f0000000100)={0x6})
r5 = socket$l2tp(0x2, 0x2, 0x73)
shutdown(r5, 0x1)

7.386716187s ago: executing program 5 (id=5353):
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r0=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000004780)={'wg2\x00', &(0x7f00000000c0)=@ethtool_link_settings={0x26, 0x3, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x800000, 0x0, 0x3, 0x1000]}})
timer_gettime(r0, &(0x7f0000000000))
r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
unshare(0x2040300)
bind$802154_raw(r5, &(0x7f00000001c0)={0x24, @none={0x0, 0xffff}}, 0x14)

5.76134956s ago: executing program 2 (id=5354):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x1e, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x7, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="18020000000080000000000000000000850000006100000085000000a0"], &(0x7f0000000000)='syzkaller\x00', 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r3, 0x0, 0xe, 0x0, &(0x7f0000000040)="7a7fa22c2a1a89df53ef2a2d86dd", 0x0, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x6, &(0x7f0000000180)=@raw=[@exit, @initr0, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @exit], &(0x7f00000000c0)='GPL\x00'}, 0x94)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x0, 0x1})
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000640), 0x440)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r5, 0x408c5333, &(0x7f0000000680)={0x9, 0xa, 0x0, 'queue1\x00', 0x9})
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r6, 0x29, 0x37, &(0x7f00000000c0), 0x8)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'erspan0\x00'})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r8, 0x89a2, &(0x7f0000000200)='bridge0\x00')

5.739253902s ago: executing program 3 (id=5355):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec778000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000080)="440f20c0350b000000440f22c0360f09c4217d700c9d0000000028b8010000000f01c166b82e000f00d80f20d835080000000f22d82e0f019885000000b9b1060000b86f8d0000ba0000000066b8b5008ec036363ef3420f51a600000000b9e30b0000b8f233278fba000000000f30", 0x6f}], 0x1, 0x13, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000073113d0000000000c6dba1e80200000085"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x18, &(0x7f0000000000), 0x1)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cc, 0x0, 0xa1b, 0x8, 0x5, 0x3, 0x3, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r2, 0xae80, 0xc0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
llistxattr(0x0, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)

5.688183302s ago: executing program 0 (id=5356):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000a1121710950b2a17f4f7010203010902240001000000000904fb00026c5d650009050402100000fa000905820240"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
syz_usb_connect$lan78xx(0x3, 0x3f, &(0x7f00000000c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
syz_usb_control_io$uac2(r0, &(0x7f0000000600)={0x14, &(0x7f0000000500)={0x20, 0xb, 0xa0, {0xa0, 0x23, "afd376e470b0e2446044020352aea4c93b6fd3f26dbb4956d35cedaff3f484abdb23dc84eb5b918cbf1ce1b5c1767f10cf3cccbce18abb7595b295b7148ff67c0c707febcedb5c94c00ef28bf35c9ba5630bfee7b90c13069c01eb73938a276b26e950e9155b8b28aca256696458a337bdb0ccaecc8c1b47f8f8872009f86665f0af9e6f4dbbbd077aa8cf84f680b4c28068cc86e3e1387fc5714849893f"}}, &(0x7f00000005c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x2809}}}, &(0x7f0000000900)={0x44, &(0x7f0000000640)={0x0, 0x1, 0xe0, "0bcaca4f0e139ea74774e279da6f89c27915ff5947e8cb65426e332e8be5e530a681efb829ca4954e959e505c858f4d54ae279c215d2ff26afce5c608fd03c4781c29da40ae59945183d413712850348027151e6f6b3c2a1866168a157cf5eaea84b0492992ff4ca1b5bce8df0b948e724bf8f49d01165f8afdcb13fa16a93d90954854222eb591e383be0c3a9a610c44ba7ff933b6973bf03dc2da004db9228f8c2c11ad7b8366a91c1cbcb350aa0c0b7a94e1877656b16f612b4c487c4d5965a29de6dad05403aa44c258d1b36068d4100c824c525f5074a32e5daf9eab91e"}, &(0x7f0000000740)={0x0, 0xa, 0x1, 0x9}, &(0x7f0000000780)={0x0, 0x8, 0x1, 0x2}, &(0x7f00000007c0)={0x20, 0x81, 0x2, "4290"}, &(0x7f0000000800)={0x20, 0x82, 0x3, "18f11d"}, &(0x7f0000000840)={0x20, 0x83, 0x2, "917b"}, &(0x7f0000000880)={0x20, 0x84, 0x1, "de"}, &(0x7f00000008c0)={0x20, 0x85, 0x3, "bd7b16"}})
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000380)={0x34, &(0x7f00000001c0)=ANY=[@ANYBLOB="201406"], 0x0, 0x0, 0x0, 0x0, 0x0})

4.87353975s ago: executing program 6 (id=5357):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0xf0, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@empty, 0x0, 0x0, 0x4e21, 0x2, 0x2, 0x0, 0x80, 0x2b, 0x0, 0xee00}, {@in6=@private1, 0xfe, 0x6c}, @in6=@ipv4={'\x00', '\xff\xff', @remote}, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x5, 0x543}, {0x7, 0x7fffffffffffffff}, {0x0, 0x0, 0x2000000}, 0x70bd2d, 0x34fd, 0xa, 0x4, 0x0, 0x50}}, 0xf0}, 0x1, 0x0, 0x0, 0x880}, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000080)=ANY=[@ANYRES64=r3, @ANYRES32], 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61158800000000006113500000000000bfa000000000000007000000ee0016055e15010000000000160500000000000069163e0000000000bf07000000000000260507000fff07206706000020000000150600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x4}, 0x8}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
syz_open_dev$loop(&(0x7f0000000700), 0x10, 0x202a80)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x200, 0x70bd28, 0x0, {0x60, 0x0, 0x0, 0x0, {0x5, 0x10}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_WASH={0x8}, @TCA_CAKE_RAW={0x8, 0xc, 0x1}]}}]}, 0x44}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)={0x28, r7, 0x5, 0x70bd29, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MESH_SETUP={0xc, 0x70, [@NL80211_MESH_SETUP_USERSPACE_AMPE={0x4}, @NL80211_MESH_SETUP_USERSPACE_MPM={0x4}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a64000000030a0fdb00000000000000000a0000050900030073797a30000000000900010073797a310000000014000480080002403cb140bb080001400000000308000540000000001c0008800c00014000000000000001ff0c000240000000000000ae6014000000110001"], 0x8c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x80200, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)

4.776463085s ago: executing program 5 (id=5358):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
ioctl$INCFS_IOC_PERMIT_FILL(r5, 0x40046721, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYRES64=r7], 0x24}}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], 0x0}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, &(0x7f0000000000)={0x0, 0x0, "ec9fe44d4dbe56a65274d7c727e7e53c1bb714e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028642b17832b10b386a6f73791011c26a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ed7eff0d26ff199ee1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e006204df635e731a5bfcf142f4529517454618de595cd179445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd400cfdfe756bcb7d08e36655c"})
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x800400, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r8=>0x0}, 0x0)
chown(&(0x7f00000003c0)='./file0\x00', r8, 0xee01)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x240008c4}, 0x4054)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=ANY=[@ANYBLOB="6c00000010001fff109e00008000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000003f0000440012800b00010067656e6576650000340002800500030003000000060005004e20000005000400ab000000050009000100000005000a0001000000050009000100000008000a00", @ANYRES32=r3], 0x6c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

4.776186392s ago: executing program 3 (id=5359):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
syz_usb_connect(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000a72b7a104c05e102c8e201020301090224000100000000090471020216fa1f0009051402100000fa0009058202"], 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
munmap(&(0x7f00007fe000/0x800000)=nil, 0x800000)
mmap$KVM_VCPU(&(0x7f0000cd1000/0x4000)=nil, r3, 0x2000007, 0x120172, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000100)={0x1, 0x2, 0x2000, 0x2000, &(0x7f00009c4000/0x2000)=nil})
r6 = syz_kvm_setup_syzos_vm$x86(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$x86(r6, &(0x7f00000003c0)={0x0, 0x0})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
connect$inet6(r1, &(0x7f0000000600)={0x2, 0x4e23, 0x0, @private0, 0x4}, 0x1c)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00'})

4.029940065s ago: executing program 2 (id=5360):
r0 = userfaultfd(0x801)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000003c0)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x428})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioctl$SNDCTL_SEQ_GETINCOUNT(r5, 0x80045105, &(0x7f00000000c0))
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r6, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_int(r6, 0x6, 0x19, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000100)={'erspan0\x00', &(0x7f0000000240)={'syztnl1\x00', 0x0, 0x80, 0x20, 0x9, 0xec, {{0x1a, 0x4, 0x1, 0x9, 0x68, 0x67, 0x0, 0x9, 0x2b, 0x0, @local, @rand_addr=0x64010101, {[@ssrr={0x89, 0x23, 0x7, [@broadcast, @empty, @empty, @broadcast, @dev={0xac, 0x14, 0x14, 0x37}, @remote, @loopback, @loopback]}, @noop, @timestamp_addr={0x44, 0x2c, 0x7f, 0x1, 0xd, [{@broadcast, 0x3}, {@private=0xa010100, 0x761}, {@rand_addr=0x64010102, 0x1}, {@local, 0xfffffff8}, {@private=0xa010100, 0x8}]}, @ra={0x94, 0x4, 0x1}]}}}}})
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000f6ffffff000000000000000000000000000000008266281f766ec842ce7971c88a16387875b2473a3c3bc230c346b4a0f013064f4524e3d04c18e414f3ed1c21a6597af13a8339"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000050e8850000007000000018110000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000018110000", @ANYRES32=r7], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r8}, 0xc)
r9 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r9)

3.492845256s ago: executing program 5 (id=5361):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(0xffffffffffffffff, 0x7b2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x1f, &(0x7f0000000380)=ANY=[@ANYRES32])
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000640)=@newtaction={0x1a8, 0x30, 0x48b, 0x0, 0x0, {}, [{0x194, 0x1, [@m_ct={0x13c, 0x10, 0x0, 0x0, {{0x7}, {0x20, 0x2, 0x0, 0x1, [@TCA_CT_LABELS={0x14, 0x7, "80e8ce17b458908a438d12496978af2a"}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, {0xf8, 0x6, "04b39bfac3a241b9c81c665a896e6513c9722a5e30fa8b0353d4cba07f29ce979b76c2b214b672cc2feb1a43e86450219fd0a142e01a18833275fd48ffc4daed68474b02078a30b8a0befdace6b99d6ca931520dfab4ca791852292f5437abf10d1c92c8e9e1916d70c26a4b34ae790c8899cc17e83a2b8ca9f2a7171ee65be02800ce94956930fc489489acc9ed7b1d35015e374a9d13be74faf719191c71c1472db775447fadd3a894f27c13342d098d962d01583df344521aae935eeb4887f45915890363b26f63e649fe3f1508d295129c75f61cc026a11ce856bc2bc5d42c5d955325acd39f073017e748846999d0d037fa"}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}, @m_simple={0x54, 0x1, 0x0, 0x0, {{0xb}, {0x28, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0xffffffc0, 0xf17, 0x10000000, 0x6, 0xffff15cf}}, @TCA_DEF_DATA={0xa, 0x3, 'btrfs\x00'}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x4008094}, 0x4801)
sendmsg$DEVLINK_CMD_RATE_GET(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r6 = socket$rxrpc(0x21, 0x2, 0x2)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2251197285d36a80, 0x0, 0x0)
setsockopt$RXRPC_SECURITY_KEYRING(r6, 0x110, 0x2, &(0x7f0000000040)='btrfs\x00', 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r7 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x7fff, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000180)={0x5, &(0x7f0000000100)=[{0x3, 0x5, 0x3, 0x4}, {0x4, 0x3, 0xbc, 0x3}, {0xb, 0x3, 0x8, 0x6}, {0x2, 0x6, 0x2, 0x6}, {0xfffc, 0x8, 0x0, 0x8}]})
ioctl$vim2m_VIDIOC_REQBUFS(r7, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x1})
mmap(&(0x7f0000441000/0x4000)=nil, 0x4000, 0x280000b, 0x28011, r7, 0x0)

2.851456016s ago: executing program 2 (id=5362):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000000200000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x10, 0x38, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x60ff, 0x0, 0x0, 0x7300, 0x0, 0x0}, 0x4c)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x101e01, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0xef)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000001c0)=0x40)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x7e)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r0, 0x2000000, 0xfe7f, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000035ffaa20cd0caf104a380102030109021b0001000010000904590201801e2a00090582"], 0x0)
syz_usb_control_io$printer(r2, 0x0, 0x0)
syz_usb_control_io$printer(r2, 0x0, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x3c, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}]}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}]}, 0x3c}}, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB="d0000000", @ANYRES16, @ANYBLOB="010000000000000000000100000008000100000000000400048008000c8004000b800800020001000000a00008801c000780080077144ebb00000800060000000000080005000000000024"], 0xd0}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000001c0)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x18}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x810}, 0x20004090)
syz_usb_control_io$cdc_ncm(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000080)="e6943434bfde22c365ce6b552815ffcb9c35c9b08475023c2e86201f591b850167a10630c861b27a04b4b28c5f2fa684261a30c4a944872aebe00f45d728e68301e5024acedc60b9bbc91d51f7777788ccbf48e99b982c9a6f5e2d7478585fe45dff6108276638736cb1f383fcca8641f9a85b19cf5257a03520a4fc08d3a1ed53ebe278e49dba5a5381e4b2d3b63292bddcac95122d759410e329", 0x9b}, {&(0x7f0000000140)="96b7523303aae74dfde4ee535f534945a1b9232632887027b71a4f79c8c445f2b66bf3f08da8bd799a3d2cb35a65572363210c51add17927c1223cce684092407853ecdfa520c2a2525ad58cd19a9741aad5a7f43ceb6e0c856890fb0cd996c28a2f8d48f8d206ddfda567e23bf8", 0x6e}, {&(0x7f00000001c0)="35c8a49a46ef79b56ea7621e8fa89ff36e21d3d32dd2d5b1bd946abe6f51f09ccfd185078c8af1818be24381f9", 0x2d}], 0x3}}], 0x1, 0x14048885)
syz_usb_control_io$uac1(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, 0x0, &(0x7f0000000640)={0x2c, &(0x7f0000000380)=ANY=[@ANYRES32=r0, @ANYRES8=r2, @ANYBLOB="5396908191539e7517297af51c3baa0e5824c1b021a91e60cec5d44e173861d3411e04e977066fecf83a6ec4d6844b91facde296233c5c3bfc7a6fe75640515c84f89c783cb244de9b5b22451c9a40ade4435886798981aa5f6c4b1e24dc76a19775528386fe13e05d4f4804a8e4af421a9f2ff9a0a39f1628d8dcf6a3cbea957bdecb5058473d2470caf80855059dcaec70a28ca191d776a17f84d0e02051cf59f28a44ba1281af9874cc57bfec5a9c05db9e67687e8b38b82c91188c6b60", @ANYBLOB, @ANYRESDEC, @ANYRES16=r0], 0x0, 0x0, 0x0, 0x0})

2.529590296s ago: executing program 3 (id=5363):
syz_emit_ethernet(0xbe, &(0x7f0000000400)={@broadcast, @random="17043a73dbde", @void, {@ipv4={0x800, @icmp={{0x14, 0x4, 0x0, 0x8, 0xb0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@ssrr={0x89, 0x17, 0x9a, [@broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @dev={0xac, 0x14, 0x14, 0x38}, @rand_addr=0x64010100]}, @noop, @end, @lsrr={0x83, 0x23, 0xa1, [@empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @local, @private=0xa010101, @rand_addr=0x64010102, @empty, @loopback]}]}}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @rand_addr, {[@lsrr={0x83, 0x3}, @rr={0x7, 0x3}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@private=0xa010102, 0x10000}, {@private}, {@local}, {@remote}, {@private}, {@remote}, {@private}]}]}}}}}}}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000300), r0)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000340)={0x14, r4, 0xffffffffffffffff, 0x70bd2a, 0x25dfdbf8, {0x3, 0x0, 0x14}}, 0x14}, 0x1, 0x0, 0x0, 0x4005c}, 0x400c084)
write$tun(0xffffffffffffffff, &(0x7f0000000600)=ANY=[], 0x1ff)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x115, 0x0, &(0x7f0000000240)="e300c0678bb63701fd85b69fb68a0000ec67838717bd86ddece156d0f9421c617dd2206d3e037652465d82a75b8a4e359485bd744edf53e823bd97b020c801a21fb202f0781aee480c8dab2a6b4d6c5d2ea5fcaf3bebdbf55e91c120981d6fdb8163aace89abc7e0039c28db3f2d760eebaab933fbc2c228c7224b2d1babb4cbb952481281af1b9a423b2901000000000000008ae1baee1f1cc5a1452961ff6ee1f8d336f5f3c7e26a809d58b0804fec3bfc6786a3b6f80f82179289d9b24f81e2831e982a5b9101a7f353e1919ec60fefc50f7cbed61b612c13915aa5edf90ea42dc07c4ba7b82dbb771eb456f3bbb4e80c418857c886b02f78c77cc6a8af631f621671467173f3e35960b49d4d8f91144d57ca47", 0x0, 0x403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2}, 0x64)
r5 = syz_open_dev$sg(&(0x7f00000000c0), 0x6f5e, 0x2)
ioctl$FIBMAP(r5, 0x1, &(0x7f0000000040)=0x85)
syz_io_uring_setup(0x1e1e, &(0x7f0000000380)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000), &(0x7f0000000280)) (fail_nth: 4)

2.05675802s ago: executing program 0 (id=5364):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]})
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000100)={0x20004, <r2=>r1, 0x2})
r3 = syz_open_dev$dri(&(0x7f0000000280), 0x1ff, 0x140)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000140)="dec0c2", 0x3}], 0x1, 0x7, 0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x80)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r2})
close_range(r3, 0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xe)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000340)={'\x00', 0x4, 0x8, 0x8, 0x7, 0x8, <r5=>0xffffffffffffffff})
ioctl$TIOCSPGRP(r2, 0x5410, &(0x7f00000003c0)=r5)
write$tcp_mem(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
writev(r6, &(0x7f00000004c0)=[{&(0x7f00000002c0)='7', 0x1}], 0x1)
r7 = syz_usb_connect$uac1(0x2, 0x72, &(0x7f0000000280)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x40, 0x2466, 0x8010, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x60, 0x3, 0x1, 0x3, 0xa0, 0x2, "", {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x2, 0xa}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x10, 0x2, 0x6, 0x0, {0x7, 0x25, 0x1, 0xc, 0x3, 0x40}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x3, 0x7, 0x10, {0x7, 0x25, 0x1, 0xc, 0x8, 0x401}}}}}}}}]}}, 0x0)
syz_usb_control_io(r7, &(0x7f0000001f80)={0x2c, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0003040000009b12c3c797d5896608d4ae768de3dfe568fe5114375a3dea57b9f7fde65dbb6ed653498cd91cef735424322409e7fa2e48453fd4342622c0ec4225c85dcfd3282817aae9e09edbdfe4ad79ee5bd2c10067a02ccffccf858f96dbb581fa230d37a0d77a4fcdf76744634fdec30b058cce"], 0x0, 0x0, 0x0}, 0x0)

1.632755181s ago: executing program 0 (id=5365):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'pimreg\x00', 0x5005})
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xf21d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee3, 0x8031, 0xffffffffffffffff, 0x28f42000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x2, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x0)

1.496016207s ago: executing program 3 (id=5366):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]})
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000100)={0x20004, <r2=>r1, 0x2})
r3 = syz_open_dev$dri(&(0x7f0000000280), 0x1ff, 0x140)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000140)="dec0c2", 0x3}], 0x1, 0x7, 0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x80)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r2})
close_range(r3, 0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xe)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000340)={'\x00', 0x4, 0x8, 0x8, 0x7, 0x8, <r5=>0xffffffffffffffff})
ioctl$TIOCSPGRP(r2, 0x5410, &(0x7f00000003c0)=r5)
write$tcp_mem(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
writev(r6, &(0x7f00000004c0)=[{&(0x7f00000002c0)='7', 0x1}], 0x1)
r7 = syz_usb_connect$uac1(0x2, 0x72, &(0x7f0000000280)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x40, 0x2466, 0x8010, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x60, 0x3, 0x1, 0x3, 0xa0, 0x2, "", {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x2, 0xa}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x10, 0x2, 0x6, 0x0, {0x7, 0x25, 0x1, 0xc, 0x3, 0x40}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x3, 0x7, 0x10, {0x7, 0x25, 0x1, 0xc, 0x8, 0x401}}}}}}}}]}}, 0x0)
syz_usb_control_io(r7, &(0x7f0000001f80)={0x2c, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0003040000009b12c3c797d5896608d4ae768de3dfe568fe5114375a3dea57b9f7fde65dbb6ed653498cd91cef735424322409e7fa2e48453fd4342622c0ec4225c85dcfd3282817aae9e09edbdfe4ad79ee5bd2c10067a02ccffccf858f96dbb581fa230d37a0d77a4fcdf76744634fdec30b058cce"], 0x0, 0x0, 0x0}, 0x0)

1.495553029s ago: executing program 6 (id=5367):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000a00)={'syz1\x00', {0x9, 0x7, 0x5, 0x5}, 0x3f, [0x9, 0x2, 0x18, 0x2, 0x2, 0x400, 0x80000000, 0x0, 0x8, 0x0, 0x6, 0x1, 0xfffffffb, 0x39, 0x747d5e13, 0x7fe, 0xfffffb9a, 0xfffffffe, 0x0, 0xfffffffb, 0x2004, 0x3, 0x0, 0xf250, 0x80, 0x4800, 0x300000, 0x7, 0xe, 0x4623f, 0x0, 0x10001, 0xa037, 0x8000, 0x0, 0x3, 0xc, 0x3, 0xba55, 0x8da8, 0x2, 0x200, 0x2, 0x5, 0xe, 0x4, 0x2, 0x6f, 0x8, 0x9, 0x1, 0x199d, 0x6, 0x1, 0x9, 0xffffffff, 0x4, 0x6, 0x1000, 0x5, 0x20003d, 0x8, 0xa, 0x5], [0x7, 0x1e, 0x3, 0x8000, 0xfffffffd, 0x3, 0x0, 0x25, 0x7, 0xfffffffc, 0x8, 0x7fff, 0x72c, 0x1c32, 0x3, 0x5, 0x10000, 0x400, 0x7ffd, 0x3, 0x3, 0x297, 0x5, 0x0, 0x981, 0x4, 0x0, 0x3ff, 0x0, 0xfffffffe, 0x8, 0x1000001, 0x10, 0xfffffff9, 0xfffffffd, 0x7, 0x1, 0xffffffff, 0x6, 0x2000008, 0x800, 0xffff, 0x200006, 0x96, 0xfffffff9, 0x2, 0x0, 0x2, 0x401, 0xc, 0x3, 0x379, 0x9, 0xe, 0x1, 0x7, 0x6, 0x2, 0x1, 0x1, 0x8, 0x7, 0x200, 0x3], [0x401, 0x8000c584, 0xffff, 0xcd3, 0x7, 0x1f, 0x404, 0x4, 0x4008, 0xc, 0x7, 0x9, 0x1e88, 0x5, 0x80000001, 0x8, 0x3f92, 0x1000, 0x0, 0x10, 0x1, 0xfffffff9, 0x0, 0x1000, 0x80040101, 0x5, 0x4, 0x5, 0x200003, 0x1, 0x5, 0x80, 0x9, 0x8001, 0x10000, 0x0, 0x3, 0x400004, 0x3, 0x6d7e, 0x3, 0x8, 0x3, 0xbf23, 0x6, 0x9, 0x95a, 0x0, 0x3ff, 0xe, 0x6, 0x100fffd, 0x2005, 0x6, 0x4, 0xea, 0x9, 0x20000005, 0x3, 0x80, 0x0, 0x7d, 0x401, 0x5], [0x108e, 0xffff, 0x3, 0x0, 0x88, 0x2, 0x4000000, 0x4, 0x50, 0x2, 0x763, 0xb, 0x402, 0x1, 0x5, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x5, 0x3, 0x4, 0xe47, 0x4, 0x0, 0x4, 0x200, 0x2851, 0x3b, 0x20000001, 0x5, 0x5, 0xa80a, 0x5, 0x4, 0x20008, 0x8a5, 0x86, 0x44, 0x409, 0x6, 0x4, 0x4, 0xe, 0x4, 0xffffffff, 0x7fff, 0xffff8a33, 0xfffffff8, 0x401, 0x3, 0x200, 0x7, 0x4edf, 0xfffffffd, 0xa, 0xe, 0x101, 0xf, 0xf, 0x136, 0x6]}, 0x45c)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
mremap(&(0x7f0000ff1000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000ffb000/0x4000)=nil)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x328000, 0x1000, 0x0, 0x2ac6b43c2ee8fd8d}, 0x20)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000001ac0)={0x0, 0x0, 0x0}, 0x4000000)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000100)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005020524", @ANYRES8=r3, @ANYBLOB="05"], 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r4 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
close(r4)
r5 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000080)={0xffffffff, {{0xa, 0x4, 0x0, @mcast1={0xff, 0x7}, 0x8a4}}, {{0xa, 0x4e20, 0xfe, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x97)
r6 = memfd_create(&(0x7f0000000080)='%\x00', 0x3)
fsetxattr$system_posix_acl(r6, 0x0, &(0x7f0000000500)=ANY=[], 0x24, 0x3)
flistxattr(r6, 0x0, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="0500000000000000711142000000000085100000020000"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x94)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000f80), 0xffffffffffffffff)

397.317147ms ago: executing program 0 (id=5368):
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r0=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000004780)={'wg2\x00', &(0x7f00000000c0)=@ethtool_link_settings={0x26, 0x3, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x800000, 0x0, 0x3, 0x1000]}})
timer_gettime(r0, &(0x7f0000000000))
r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
unshare(0x2040300)
bind$802154_raw(r5, &(0x7f00000001c0)={0x24, @none={0x0, 0xffff}}, 0x14)

125.30463ms ago: executing program 5 (id=5369):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x2c, r1, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24008000}, 0x894) (fail_nth: 4)

106.392386ms ago: executing program 3 (id=5370):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x1e, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x7, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="18020000000080000000000000000000850000006100000085000000a0"], &(0x7f0000000000)='syzkaller\x00', 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r3, 0x0, 0xe, 0x0, &(0x7f0000000040)="7a7fa22c2a1a89df53ef2a2d86dd", 0x0, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x6, &(0x7f0000000180)=@raw=[@exit, @initr0, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @exit], &(0x7f00000000c0)='GPL\x00'}, 0x94)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x0, 0x1})
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000640), 0x440)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r5, 0x408c5333, &(0x7f0000000680)={0x9, 0xa, 0x0, 'queue1\x00', 0x9})
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r6, 0x29, 0x37, &(0x7f00000000c0), 0x8)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'erspan0\x00'})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r8, 0x89a2, &(0x7f0000000200)='bridge0\x00')

0s ago: executing program 5 (id=5371):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
ioctl$INCFS_IOC_PERMIT_FILL(r5, 0x40046721, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYRES64=r7], 0x24}}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], 0x0}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, &(0x7f0000000000)={0x0, 0x0, "ec9fe44d4dbe56a65274d7c727e7e53c1bb714e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028642b17832b10b386a6f73791011c26a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ed7eff0d26ff199ee1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e006204df635e731a5bfcf142f4529517454618de595cd179445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd400cfdfe756bcb7d08e36655c"})
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x800400, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r8=>0x0}, 0x0)
chown(&(0x7f00000003c0)='./file0\x00', r8, 0xee01)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x240008c4}, 0x4054)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=ANY=[@ANYBLOB="6c00000010001fff109e00008000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000003f0000440012800b00010067656e6576650000340002800500030003000000060005004e20000005000400ab000000050009000100000005000a0001000000050009000100000008000a00", @ANYRES32=r3], 0x6c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

kernel console output (not intermixed with test programs):

1235, idProduct=0010, bcdDevice= 0.40
[ 1565.358649][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1565.367709][   T10] usb 4-1: Product: syz
[ 1565.551901][   T10] usb 4-1: Manufacturer: syz
[ 1565.557826][   T10] usb 4-1: SerialNumber: syz
[ 1565.581988][   T10] usb 4-1: selecting invalid altsetting 1
[ 1565.588441][   T10] usb 4-1: unit 6 not found!
[ 1565.830742][   T10] usb 4-1: 2:0: failed to get current value for ch 0 (-71)
[ 1565.888348][   T30] audit: type=1400 audit(1773445135.979:1449): avc:  denied  { read } for  pid=24919 comm="syz.6.4984" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1565.992352][   T10] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1566.032049][   T10] usb 4-1: USB disconnect, device number 91
[ 1566.082356][T24531] udevd[24531]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1566.193048][ T5961] usb 3-1: new high-speed USB device number 109 using dummy_hcd
[ 1566.364071][ T5961] usb 3-1: Using ep0 maxpacket: 32
[ 1566.371803][ T5961] usb 3-1: config 0 has an invalid interface number: 188 but max is 0
[ 1566.389801][ T5961] usb 3-1: config 0 has no interface number 0
[ 1566.396955][ T5961] usb 3-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[ 1566.498507][ T5961] usb 3-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[ 1566.525123][ T5961] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1566.583523][ T5961] usb 3-1: Product: syz
[ 1566.588030][ T5961] usb 3-1: Manufacturer: syz
[ 1567.364171][ T5961] usb 3-1: SerialNumber: syz
[ 1567.374191][ T5961] usb 3-1: config 0 descriptor??
[ 1567.381655][T24924] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1567.454208][T24949] netlink: 104 bytes leftover after parsing attributes in process `syz.5.4991'.
[ 1567.684710][T24924] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1567.912977][T24958] netlink: 104 bytes leftover after parsing attributes in process `syz.5.4995'.
[ 1567.967304][ T5961] asix 3-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[ 1567.978089][T12638] usb 4-1: new high-speed USB device number 92 using dummy_hcd
[ 1567.978769][ T5961] asix 3-1:0.188: probe with driver asix failed with error -61
[ 1568.072846][   T30] audit: type=1400 audit(1773445138.019:1450): avc:  denied  { ioctl } for  pid=24966 comm="syz.0.4998" path="socket:[110793]" dev="sockfs" ino=110793 ioctlcmd=0xf507 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1568.192024][T12638] usb 4-1: Using ep0 maxpacket: 32
[ 1568.200188][T12638] usb 4-1: config 0 has an invalid interface number: 89 but max is 0
[ 1568.223929][T12638] usb 4-1: config 0 has no interface number 0
[ 1568.234787][T12638] usb 4-1: config 0 interface 89 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1568.244634][T12638] usb 4-1: config 0 interface 89 has no altsetting 0
[ 1568.265478][T12638] usb 4-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4a
[ 1568.274911][T12638] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1568.283155][T12638] usb 4-1: Product: syz
[ 1568.287321][T12638] usb 4-1: Manufacturer: syz
[ 1568.292435][T12638] usb 4-1: SerialNumber: syz
[ 1568.300497][T12638] usb 4-1: config 0 descriptor??
[ 1568.311527][T12638] em28xx 4-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[ 1568.330845][T12638] em28xx 4-1:0.89: Video interface 89 found:
[ 1568.386976][T24977] trusted_key: encrypted_key: insufficient parameters specified
[ 1568.425110][T24977] fuse: Bad value for 'fd'
[ 1568.956584][T24953] netlink: 'syz.3.4993': attribute type 5 has an invalid length.
[ 1568.967184][T12638] em28xx 4-1:0.89: unknown em28xx chip ID (0)
[ 1569.064114][T24980] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1569.071730][T24980] syzkaller0: entered promiscuous mode
[ 1569.077311][T24980] syzkaller0: entered allmulticast mode
[ 1569.094861][T24980] netlink: 44 bytes leftover after parsing attributes in process `syz.0.5002'.
[ 1569.106258][T24980] tipc: Resetting bearer <eth:syzkaller0>
[ 1569.115513][T24979] tipc: Resetting bearer <eth:syzkaller0>
[ 1569.131338][T24979] tipc: Disabling bearer <eth:syzkaller0>
[ 1569.261712][T24984] netlink: 17279 bytes leftover after parsing attributes in process `syz.5.5005'.
[ 1569.413902][T24991] trusted_key: encrypted_key: insufficient parameters specified
[ 1569.424815][T24991] trusted_key: encrypted_key: insufficient parameters specified
[ 1569.893204][T12638] em28xx 4-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[ 1569.903906][T12638] em28xx 4-1:0.89: board has no eeprom
[ 1570.436658][T12638] em28xx 4-1:0.89: Identified as Terratec Grabby (card=67)
[ 1570.447349][T12638] em28xx 4-1:0.89: analog set to bulk mode.
[ 1570.453284][ T5860] em28xx 4-1:0.89: Registering V4L2 extension
[ 1570.510365][ T5961] usb 3-1: USB disconnect, device number 109
[ 1570.511004][T12638] usb 4-1: USB disconnect, device number 92
[ 1570.555741][T12638] em28xx 4-1:0.89: Disconnecting em28xx
[ 1570.562933][ T5860] em28xx 4-1:0.89: Config register raw data: 0xffffffed
[ 1570.570503][ T5860] em28xx 4-1:0.89: AC97 chip type couldn't be determined
[ 1570.792040][   T30] audit: type=1400 audit(1773445140.386:1451): avc:  denied  { read } for  pid=24983 comm="syz.5.5005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[ 1570.822906][ T5860] em28xx 4-1:0.89: No AC97 audio processor
[ 1570.833975][ T5860] usb 4-1: Decoder not found
[ 1570.856524][ T5860] em28xx 4-1:0.89: failed to create media graph
[ 1570.875213][ T5860] em28xx 4-1:0.89: V4L2 device video103 deregistered
[ 1570.896779][ T5860] em28xx 4-1:0.89: Registering snapshot button...
[ 1570.905488][ T5860] input: em28xx snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.89/input/input96
[ 1570.919524][ T5860] em28xx 4-1:0.89: Remote control support is not available for this card.
[ 1570.950772][T21063] hid_parser_main: 470 callbacks suppressed
[ 1570.950791][T21063] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0
[ 1570.971852][T21063] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0
[ 1570.983864][T21063] hid-generic 0000:0000:0000.0038: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[ 1571.017629][T12638] em28xx 4-1:0.89: Closing input extension
[ 1571.024648][T12638] em28xx 4-1:0.89: Deregistering snapshot button
[ 1571.068307][T25014] netlink: 'syz.5.5012': attribute type 1 has an invalid length.
[ 1571.084313][T12638] em28xx 4-1:0.89: Freeing device
[ 1571.097104][T25014] 8021q: adding VLAN 0 to HW filter on device bond9
[ 1571.141592][T25011] fido_id[25011]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1571.189976][ T5961] usb 3-1: new high-speed USB device number 110 using dummy_hcd
[ 1571.599199][T25027] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=25027 comm=syz.5.5015
[ 1571.616278][ T5961] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1571.630633][ T5961] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1571.642276][ T5961] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1571.653444][ T5961] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1571.667280][ T5961] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1571.676330][ T5961] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1571.691724][ T5961] usb 3-1: config 0 descriptor??
[ 1571.697202][T25005] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1571.762077][T21063] usb 4-1: new high-speed USB device number 93 using dummy_hcd
[ 1571.904109][T12638] usb 1-1: new high-speed USB device number 119 using dummy_hcd
[ 1571.925484][T21063] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1571.934835][T21063] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1571.942829][T21063] usb 4-1: Product: syz
[ 1571.947447][T21063] usb 4-1: Manufacturer: syz
[ 1571.952249][T21063] usb 4-1: SerialNumber: syz
[ 1571.964258][T21063] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1571.979959][   T10] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1572.082756][T12638] usb 1-1: Using ep0 maxpacket: 32
[ 1572.089623][T12638] usb 1-1: config 0 has an invalid interface number: 188 but max is 0
[ 1572.097842][T12638] usb 1-1: config 0 has no interface number 0
[ 1572.104132][T12638] usb 1-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[ 1572.116044][T12638] usb 1-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[ 1572.125083][T12638] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1572.133572][T12638] usb 1-1: Product: syz
[ 1572.139670][T12638] usb 1-1: Manufacturer: syz
[ 1572.144711][T12638] usb 1-1: SerialNumber: syz
[ 1572.152649][ T5961] plantronics 0003:047F:FFFF.0039: reserved main item tag 0xd
[ 1572.165345][T12638] usb 1-1: config 0 descriptor??
[ 1572.172903][T25028] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[ 1572.181268][ T5961] plantronics 0003:047F:FFFF.0039: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1572.417638][T25028] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[ 1572.658701][T12638] asix 1-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[ 1572.722233][T12638] asix 1-1:0.188: probe with driver asix failed with error -61
[ 1572.892416][T21063] usb 3-1: USB disconnect, device number 110
[ 1573.498835][   T10] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[ 1573.514509][   T10] ath9k_htc: Failed to initialize the device
[ 1573.558331][   T10] usb 4-1: ath9k_htc: USB layer deinitialized
[ 1574.543384][T25055] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[ 1574.551330][T25056] SELinux: failed to load policy
[ 1574.917874][   T24] usb 4-1: USB disconnect, device number 93
[ 1575.030853][   T30] audit: type=1326 audit(1773445144.455:1452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25061 comm="syz.2.5021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f764fd9c799 code=0x7ffc0000
[ 1575.058270][   T30] audit: type=1326 audit(1773445144.455:1453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25061 comm="syz.2.5021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f764fd9c799 code=0x7ffc0000
[ 1576.010157][   T30] audit: type=1326 audit(1773445144.455:1454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25061 comm="syz.2.5021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7f764fd9c799 code=0x7ffc0000
[ 1576.059823][   T30] audit: type=1326 audit(1773445144.455:1455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25061 comm="syz.2.5021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f764fd9c799 code=0x7ffc0000
[ 1576.090703][ T5860] usb 1-1: USB disconnect, device number 119
[ 1576.098634][T25071] FAULT_INJECTION: forcing a failure.
[ 1576.098634][T25071] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1576.113385][T25071] CPU: 0 UID: 0 PID: 25071 Comm: syz.6.5022 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1576.113415][T25071] Tainted: [L]=SOFTLOCKUP
[ 1576.113422][T25071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1576.113433][T25071] Call Trace:
[ 1576.113439][T25071]  <TASK>
[ 1576.113446][T25071]  dump_stack_lvl+0x100/0x190
[ 1576.113479][T25071]  should_fail_ex.cold+0x5/0xa
[ 1576.113502][T25071]  _copy_from_user+0x2e/0xd0
[ 1576.113531][T25071]  __sys_bpf+0x243/0x4b90
[ 1576.113555][T25071]  ? __pfx___sys_bpf+0x10/0x10
[ 1576.113571][T25071]  ? proc_fail_nth_write+0x9f/0x220
[ 1576.113602][T25071]  ? find_held_lock+0x2b/0x80
[ 1576.113631][T25071]  ? find_held_lock+0x2b/0x80
[ 1576.113652][T25071]  ? ksys_write+0x190/0x250
[ 1576.113684][T25071]  ? __mutex_unlock_slowpath+0x15c/0x790
[ 1576.113709][T25071]  ? __fget_files+0x215/0x3d0
[ 1576.113740][T25071]  ? fput+0x79/0x100
[ 1576.113759][T25071]  ? ksys_write+0x1ac/0x250
[ 1576.113784][T25071]  ? __pfx_ksys_write+0x10/0x10
[ 1576.113814][T25071]  __x64_sys_bpf+0x7b/0xc0
[ 1576.113832][T25071]  ? lockdep_hardirqs_on+0x78/0x100
[ 1576.113855][T25071]  do_syscall_64+0x106/0xf80
[ 1576.113876][T25071]  ? clear_bhb_loop+0x40/0x90
[ 1576.113898][T25071]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1576.113917][T25071] RIP: 0033:0x7fe30d99c799
[ 1576.113933][T25071] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1576.113951][T25071] RSP: 002b:00007fe30e83f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1576.113969][T25071] RAX: ffffffffffffffda RBX: 00007fe30dc15fa0 RCX: 00007fe30d99c799
[ 1576.113981][T25071] RDX: 0000000000000050 RSI: 0000200000000340 RDI: 000000000000000a
[ 1576.113995][T25071] RBP: 00007fe30e83f090 R08: 0000000000000000 R09: 0000000000000000
[ 1576.114006][T25071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1576.114016][T25071] R13: 00007fe30dc16038 R14: 00007fe30dc15fa0 R15: 00007ffeaf2e6288
[ 1576.114040][T25071]  </TASK>
[ 1576.134034][   T30] audit: type=1326 audit(1773445144.455:1456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25061 comm="syz.2.5021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f764fd9c799 code=0x7ffc0000
[ 1576.350834][   T30] audit: type=1326 audit(1773445144.455:1457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25061 comm="syz.2.5021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f764fd9c799 code=0x7ffc0000
[ 1576.664809][T25081] syzkaller0: entered promiscuous mode
[ 1576.689883][   T30] audit: type=1326 audit(1773445144.455:1458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25061 comm="syz.2.5021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f764fd5cfce code=0x7ffc0000
[ 1576.714274][T25081] syzkaller0: entered allmulticast mode
[ 1576.724911][   T30] audit: type=1326 audit(1773445144.455:1459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25061 comm="syz.2.5021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f764fd9c799 code=0x7ffc0000
[ 1576.783815][   T30] audit: type=1326 audit(1773445144.455:1460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25061 comm="syz.2.5021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f764fd9c799 code=0x7ffc0000
[ 1576.813050][   T30] audit: type=1326 audit(1773445144.455:1461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25061 comm="syz.2.5021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f764fd9c799 code=0x7ffc0000
[ 1576.893087][T21063] usb 3-1: new high-speed USB device number 111 using dummy_hcd
[ 1577.176919][T21063] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1577.188705][T21063] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1577.200139][T21063] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1577.211436][T21063] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1577.224419][   T10] usb 1-1: new high-speed USB device number 120 using dummy_hcd
[ 1577.232197][T21063] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1577.241560][T21063] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1577.256954][T21063] usb 3-1: config 0 descriptor??
[ 1577.265744][T25083] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1577.406983][   T10] usb 1-1: Using ep0 maxpacket: 32
[ 1577.417543][   T10] usb 1-1: config 0 has an invalid interface number: 89 but max is 0
[ 1577.426048][   T10] usb 1-1: config 0 has no interface number 0
[ 1577.435175][   T10] usb 1-1: config 0 interface 89 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1577.445226][   T10] usb 1-1: config 0 interface 89 has no altsetting 0
[ 1577.454764][   T10] usb 1-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4a
[ 1577.464174][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1577.472346][   T10] usb 1-1: Product: syz
[ 1577.476651][   T10] usb 1-1: Manufacturer: syz
[ 1577.481355][   T10] usb 1-1: SerialNumber: syz
[ 1577.492214][   T10] usb 1-1: config 0 descriptor??
[ 1577.503233][   T10] em28xx 1-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[ 1577.515090][   T10] em28xx 1-1:0.89: Video interface 89 found:
[ 1577.740486][T21063] plantronics 0003:047F:FFFF.003A: reserved main item tag 0xd
[ 1577.780731][T21063] plantronics 0003:047F:FFFF.003A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1578.350533][T25080] netlink: 'syz.0.5027': attribute type 5 has an invalid length.
[ 1578.388142][   T10] em28xx 1-1:0.89: unknown em28xx chip ID (0)
[ 1578.838705][   T10] em28xx 1-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[ 1578.846834][   T10] em28xx 1-1:0.89: board has no eeprom
[ 1578.934579][   T10] em28xx 1-1:0.89: Identified as Terratec Grabby (card=67)
[ 1578.941913][   T10] em28xx 1-1:0.89: analog set to bulk mode.
[ 1578.948666][T21063] em28xx 1-1:0.89: Registering V4L2 extension
[ 1578.965509][   T10] usb 1-1: USB disconnect, device number 120
[ 1579.003312][T21063] em28xx 1-1:0.89: reading from i2c device at 0x4a failed (error=-19)
[ 1579.015494][   T10] em28xx 1-1:0.89: Disconnecting em28xx
[ 1579.024312][T21063] em28xx 1-1:0.89: Config register raw data: 0xffffffed
[ 1579.031467][T21063] em28xx 1-1:0.89: AC97 chip type couldn't be determined
[ 1579.038520][T21063] em28xx 1-1:0.89: No AC97 audio processor
[ 1579.054211][T21063] usb 1-1: Decoder not found
[ 1579.058926][T21063] em28xx 1-1:0.89: failed to create media graph
[ 1579.065253][T21063] em28xx 1-1:0.89: V4L2 device video103 deregistered
[ 1579.073551][T21063] em28xx 1-1:0.89: Registering snapshot button...
[ 1579.081371][T21063] input: em28xx snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.89/input/input99
[ 1579.093483][T21063] em28xx 1-1:0.89: Remote control support is not available for this card.
[ 1579.108299][   T10] em28xx 1-1:0.89: Closing input extension
[ 1579.114111][   T10] em28xx 1-1:0.89: Deregistering snapshot button
[ 1579.143148][   T10] em28xx 1-1:0.89: Freeing device
[ 1579.323888][T21063] usb 3-1: reset high-speed USB device number 111 using dummy_hcd
[ 1579.783800][T25116] netlink: 84 bytes leftover after parsing attributes in process `syz.0.5035'.
[ 1582.066517][T21063] usb 3-1: device descriptor read/64, error -71
[ 1582.355713][T21063] usb 3-1: reset high-speed USB device number 111 using dummy_hcd
[ 1582.711580][T21063] usb 3-1: device reset changed ep0 maxpacket size!
[ 1582.735655][ T5961] usb 3-1: USB disconnect, device number 111
[ 1582.903076][ T5961] usb 3-1: new high-speed USB device number 112 using dummy_hcd
[ 1582.962905][T25151] 9p: Bad value for 'rfdno'
[ 1583.092686][ T5961] usb 3-1: Using ep0 maxpacket: 32
[ 1583.145223][ T5961] usb 3-1: config 0 has an invalid interface number: 188 but max is 0
[ 1583.154646][ T5961] usb 3-1: config 0 has no interface number 0
[ 1583.183264][ T5961] usb 3-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[ 1583.201402][ T5961] usb 3-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[ 1583.211903][ T5961] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1583.219934][ T5961] usb 3-1: Product: syz
[ 1583.273827][ T5961] usb 3-1: Manufacturer: syz
[ 1583.289755][ T5961] usb 3-1: SerialNumber: syz
[ 1583.322827][ T5961] usb 3-1: config 0 descriptor??
[ 1583.841653][T25125] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1584.005754][T25171] netlink: 'syz.5.5051': attribute type 1 has an invalid length.
[ 1584.036643][T25171] 8021q: adding VLAN 0 to HW filter on device bond10
[ 1584.112558][T25125] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1584.420856][ T5961] asix 3-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[ 1584.437168][ T5961] asix 3-1:0.188: probe with driver asix failed with error -61
[ 1584.456871][   T30] kauditd_printk_skb: 35 callbacks suppressed
[ 1584.456887][   T30] audit: type=1400 audit(1773445153.352:1497): avc:  granted  { setsecparam } for  pid=25175 comm="syz.6.5053" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 1584.610630][   T30] audit: type=1400 audit(1773445153.352:1498): avc:  granted  { setsecparam } for  pid=25175 comm="syz.6.5053" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 1584.779989][   T30] audit: type=1400 audit(1773445153.352:1499): avc:  granted  { setsecparam } for  pid=25175 comm="syz.6.5053" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 1584.909848][T25189] FAULT_INJECTION: forcing a failure.
[ 1584.909848][T25189] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1585.138310][T25189] CPU: 0 UID: 0 PID: 25189 Comm: syz.0.5057 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1585.138331][T25189] Tainted: [L]=SOFTLOCKUP
[ 1585.138334][T25189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1585.138341][T25189] Call Trace:
[ 1585.138345][T25189]  <TASK>
[ 1585.138350][T25189]  dump_stack_lvl+0x100/0x190
[ 1585.138371][T25189]  should_fail_ex.cold+0x5/0xa
[ 1585.138386][T25189]  _copy_to_user+0x32/0xd0
[ 1585.138405][T25189]  bpf_test_finish.isra.0+0x452/0x660
[ 1585.138421][T25189]  ? find_held_lock+0x2b/0x80
[ 1585.138435][T25189]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[ 1585.138451][T25189]  ? find_held_lock+0x2b/0x80
[ 1585.138464][T25189]  ? bpf_prog_test_run_flow_dissector+0x4b0/0x980
[ 1585.138479][T25189]  ? bpf_prog_test_run_flow_dissector+0x4b0/0x980
[ 1585.138496][T25189]  bpf_prog_test_run_flow_dissector+0x5da/0x980
[ 1585.138515][T25189]  ? __pfx_bpf_prog_test_run_flow_dissector+0x10/0x10
[ 1585.138532][T25189]  ? find_held_lock+0x2b/0x80
[ 1585.138545][T25189]  ? __fget_files+0x215/0x3d0
[ 1585.138559][T25189]  ? __fget_files+0x21f/0x3d0
[ 1585.138573][T25189]  ? fput+0x79/0x100
[ 1585.138591][T25189]  ? __bpf_prog_get+0x97/0x2a0
[ 1585.138606][T25189]  ? __pfx_bpf_prog_test_run_flow_dissector+0x10/0x10
[ 1585.138621][T25189]  __sys_bpf+0x1725/0x4b90
[ 1585.138635][T25189]  ? __pfx___sys_bpf+0x10/0x10
[ 1585.138645][T25189]  ? proc_fail_nth_write+0x9f/0x220
[ 1585.138660][T25189]  ? find_held_lock+0x2b/0x80
[ 1585.138676][T25189]  ? find_held_lock+0x2b/0x80
[ 1585.138689][T25189]  ? ksys_write+0x190/0x250
[ 1585.138708][T25189]  ? __mutex_unlock_slowpath+0x15c/0x790
[ 1585.138724][T25189]  ? __fget_files+0x215/0x3d0
[ 1585.138741][T25189]  ? fput+0x79/0x100
[ 1585.138753][T25189]  ? ksys_write+0x1ac/0x250
[ 1585.138769][T25189]  ? __pfx_ksys_write+0x10/0x10
[ 1585.138787][T25189]  __x64_sys_bpf+0x7b/0xc0
[ 1585.138799][T25189]  ? lockdep_hardirqs_on+0x78/0x100
[ 1585.138812][T25189]  do_syscall_64+0x106/0xf80
[ 1585.138828][T25189]  ? clear_bhb_loop+0x40/0x90
[ 1585.138842][T25189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1585.138853][T25189] RIP: 0033:0x7f6bcad9c799
[ 1585.138863][T25189] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1585.138874][T25189] RSP: 002b:00007f6bcbc5c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1585.138885][T25189] RAX: ffffffffffffffda RBX: 00007f6bcb015fa0 RCX: 00007f6bcad9c799
[ 1585.138892][T25189] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a
[ 1585.138898][T25189] RBP: 00007f6bcbc5c090 R08: 0000000000000000 R09: 0000000000000000
[ 1585.138905][T25189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1585.138911][T25189] R13: 00007f6bcb016038 R14: 00007f6bcb015fa0 R15: 00007ffccd42ec78
[ 1585.138925][T25189]  </TASK>
[ 1585.700043][T25196] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5122 sclass=netlink_route_socket pid=25196 comm=syz.0.5058
[ 1585.714818][T25196] FAULT_INJECTION: forcing a failure.
[ 1585.714818][T25196] name failslab, interval 1, probability 0, space 0, times 0
[ 1585.730920][T25196] CPU: 0 UID: 0 PID: 25196 Comm: syz.0.5058 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1585.730949][T25196] Tainted: [L]=SOFTLOCKUP
[ 1585.730956][T25196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1585.730967][T25196] Call Trace:
[ 1585.730974][T25196]  <TASK>
[ 1585.730980][T25196]  dump_stack_lvl+0x100/0x190
[ 1585.731016][T25196]  should_fail_ex.cold+0x5/0xa
[ 1585.731040][T25196]  ? io_cache_alloc_new+0x45/0xe0
[ 1585.731065][T25196]  should_failslab+0xc2/0x120
[ 1585.731084][T25196]  __kmalloc_noprof+0xe0/0x850
[ 1585.731115][T25196]  io_cache_alloc_new+0x45/0xe0
[ 1585.731141][T25196]  io_arm_apoll+0x8c9/0xa80
[ 1585.731165][T25196]  ? __pfx_io_arm_apoll+0x10/0x10
[ 1585.731192][T25196]  ? __io_issue_sqe+0x14a/0x7a0
[ 1585.731224][T25196]  io_arm_poll_handler+0x21f/0x2b0
[ 1585.731247][T25196]  io_queue_async+0x159/0x290
[ 1585.731267][T25196]  io_submit_sqes+0x17fe/0x2370
[ 1585.731293][T25196]  ? __fget_files+0x21f/0x3d0
[ 1585.731318][T25196]  __do_sys_io_uring_enter+0x9c0/0x1a20
[ 1585.731345][T25196]  ? __fget_files+0x21f/0x3d0
[ 1585.731364][T25196]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[ 1585.731388][T25196]  ? fput+0x79/0x100
[ 1585.731410][T25196]  ? ksys_write+0x1ac/0x250
[ 1585.731437][T25196]  ? __pfx_ksys_write+0x10/0x10
[ 1585.731472][T25196]  do_syscall_64+0x106/0xf80
[ 1585.731503][T25196]  ? clear_bhb_loop+0x40/0x90
[ 1585.731526][T25196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1585.731545][T25196] RIP: 0033:0x7f6bcad9c799
[ 1585.731561][T25196] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1585.731578][T25196] RSP: 002b:00007f6bcbc5c028 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1585.731596][T25196] RAX: ffffffffffffffda RBX: 00007f6bcb015fa0 RCX: 00007f6bcad9c799
[ 1585.731608][T25196] RDX: 0000000000000000 RSI: 0000000000000f23 RDI: 0000000000000008
[ 1585.731618][T25196] RBP: 00007f6bcbc5c090 R08: 0000000000000000 R09: 0000000000000000
[ 1585.731628][T25196] R10: 000000000000000c R11: 0000000000000246 R12: 0000000000000001
[ 1585.731639][T25196] R13: 00007f6bcb016038 R14: 00007f6bcb015fa0 R15: 00007ffccd42ec78
[ 1585.731665][T25196]  </TASK>
[ 1586.299804][   T24] usb 4-1: new full-speed USB device number 94 using dummy_hcd
[ 1587.705327][T25208] kAFS: unable to lookup cell '(,c¾Ì'
[ 1587.759836][ T5961] usb 3-1: USB disconnect, device number 112
[ 1587.783432][   T24] usb 4-1: config 0 has an invalid interface number: 113 but max is 0
[ 1587.791708][   T24] usb 4-1: config 0 has no interface number 0
[ 1587.798078][   T24] usb 4-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 1587.849671][   T24] usb 4-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid maxpacket 65535, setting to 64
[ 1587.920522][   T24] usb 4-1: config 0 interface 113 has no altsetting 0
[ 1588.004954][   T24] usb 4-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 1588.028079][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1588.038809][   T24] usb 4-1: Product: syz
[ 1588.046108][   T24] usb 4-1: Manufacturer: syz
[ 1588.055778][   T24] usb 4-1: SerialNumber: syz
[ 1588.142006][   T24] usb 4-1: config 0 descriptor??
[ 1588.153915][T25199] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1588.264544][    C1] usb 4-1: NFC: Urb failure (status -71)
[ 1588.272866][    C1] usb 4-1: NFC: Urb failure (status -71)
[ 1588.279607][T12638] usb 1-1: new high-speed USB device number 121 using dummy_hcd
[ 1588.287404][   T24] usb 4-1: NFC: Unable to get FW version
[ 1588.303827][   T24] pn533_usb 4-1:0.113: probe with driver pn533_usb failed with error -71
[ 1588.417301][T25229] netlink: 'syz.2.5066': attribute type 1 has an invalid length.
[ 1588.438968][T25229] 8021q: adding VLAN 0 to HW filter on device bond7
[ 1588.448680][T12638] usb 1-1: Invalid ep0 maxpacket: 9
[ 1588.599776][T12638] usb 1-1: new high-speed USB device number 122 using dummy_hcd
[ 1588.765666][T25199] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5060'.
[ 1588.780763][T12638] usb 1-1: Invalid ep0 maxpacket: 9
[ 1588.789744][T12638] usb usb1-port1: attempt power cycle
[ 1589.168431][T12638] usb 1-1: new high-speed USB device number 123 using dummy_hcd
[ 1589.201785][T12638] usb 1-1: Invalid ep0 maxpacket: 9
[ 1589.346080][T12638] usb 1-1: new high-speed USB device number 124 using dummy_hcd
[ 1589.369164][T12638] usb 1-1: Invalid ep0 maxpacket: 9
[ 1589.376563][T12638] usb usb1-port1: unable to enumerate USB device
[ 1589.648724][T12638] usb 4-1: USB disconnect, device number 94
[ 1589.805481][T25243] blktrace: Concurrent blktraces are not allowed on nullb0
[ 1590.691885][T21063] hid-generic 0000:0000:0000.003B: unknown main item tag 0x0
[ 1590.729857][T21063] hid-generic 0000:0000:0000.003B: unknown main item tag 0x0
[ 1590.749976][T25248] ptrace attach of "./syz-executor exec"[20890] was attempted by ""[25248]
[ 1590.794677][T21063] hid-generic 0000:0000:0000.003B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[ 1591.472484][T25251] fido_id[25251]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1591.750528][   T30] audit: type=1326 audit(1773445160.172:1500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25260 comm="syz.3.5075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1591.774645][   T30] audit: type=1326 audit(1773445160.172:1501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25260 comm="syz.3.5075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1591.799123][   T30] audit: type=1326 audit(1773445160.200:1502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25260 comm="syz.3.5075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1591.823215][   T30] audit: type=1326 audit(1773445160.200:1503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25260 comm="syz.3.5075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1591.849405][   T30] audit: type=1326 audit(1773445160.200:1504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25260 comm="syz.3.5075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1591.873009][   T30] audit: type=1326 audit(1773445160.228:1505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25260 comm="syz.3.5075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1591.899122][   T30] audit: type=1326 audit(1773445160.228:1506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25260 comm="syz.3.5075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1591.923271][   T30] audit: type=1326 audit(1773445160.228:1507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25260 comm="syz.3.5075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1591.947955][   T30] audit: type=1326 audit(1773445160.247:1508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25260 comm="syz.3.5075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1591.980378][T25262] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=25262 comm=syz.3.5075
[ 1591.994314][   T30] audit: type=1326 audit(1773445160.247:1509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25260 comm="syz.3.5075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1592.030820][ T5961] usb 1-1: new high-speed USB device number 125 using dummy_hcd
[ 1592.162915][T25263] netlink: 14 bytes leftover after parsing attributes in process `syz.3.5075'.
[ 1592.198321][T25263] dummy0 (unregistering): left promiscuous mode
[ 1592.232253][ T5961] usb 1-1: Using ep0 maxpacket: 32
[ 1592.243226][ T5961] usb 1-1: config 0 has an invalid interface number: 188 but max is 0
[ 1592.885703][ T5961] usb 1-1: config 0 has no interface number 0
[ 1592.913779][ T5961] usb 1-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[ 1592.956077][ T5961] usb 1-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[ 1592.967691][ T5961] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1593.024290][ T5961] usb 1-1: Product: syz
[ 1593.028558][ T5961] usb 1-1: Manufacturer: syz
[ 1593.033150][ T5961] usb 1-1: SerialNumber: syz
[ 1593.041633][ T5961] usb 1-1: config 0 descriptor??
[ 1593.047234][T25259] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1593.131336][T25274] netlink: 'syz.5.5079': attribute type 1 has an invalid length.
[ 1593.148632][T25274] 8021q: adding VLAN 0 to HW filter on device bond11
[ 1593.285797][T25259] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1593.345146][   T10] usb 3-1: new full-speed USB device number 113 using dummy_hcd
[ 1593.509133][ T5961] asix 1-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[ 1593.525356][ T5961] asix 1-1:0.188: probe with driver asix failed with error -61
[ 1593.549877][   T10] usb 3-1: config 0 has an invalid interface number: 113 but max is 0
[ 1593.558096][   T10] usb 3-1: config 0 has no interface number 0
[ 1593.564157][   T10] usb 3-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 1593.575773][   T10] usb 3-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid maxpacket 65535, setting to 64
[ 1593.587092][   T10] usb 3-1: config 0 interface 113 has no altsetting 0
[ 1593.597865][   T10] usb 3-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 1593.606943][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1593.615005][   T10] usb 3-1: Product: syz
[ 1593.619154][   T10] usb 3-1: Manufacturer: syz
[ 1593.623794][   T10] usb 3-1: SerialNumber: syz
[ 1593.630335][   T10] usb 3-1: config 0 descriptor??
[ 1593.640023][T25272] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1593.648638][    C0] usb 3-1: NFC: Urb failure (status -71)
[ 1593.654700][    C0] usb 3-1: NFC: Urb failure (status -71)
[ 1593.662213][   T10] usb 3-1: NFC: Unable to get FW version
[ 1593.674867][   T10] pn533_usb 3-1:0.113: probe with driver pn533_usb failed with error -71
[ 1593.760595][T12638] usb 4-1: new high-speed USB device number 95 using dummy_hcd
[ 1593.931639][T12638] usb 4-1: Using ep0 maxpacket: 16
[ 1593.944398][T12638] usb 4-1: config 0 has an invalid interface number: 251 but max is 0
[ 1593.952602][T12638] usb 4-1: config 0 has no interface number 0
[ 1593.959992][T12638] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[ 1593.962207][T25287] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5078'.
[ 1593.970370][T12638] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[ 1594.018094][T12638] usb 4-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1594.027166][T12638] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1594.038926][T12638] usb 4-1: Product: syz
[ 1594.043102][T12638] usb 4-1: Manufacturer: syz
[ 1594.047689][T12638] usb 4-1: SerialNumber: syz
[ 1594.055596][T12638] usb 4-1: config 0 descriptor??
[ 1594.061609][T25282] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1594.068928][T25282] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1594.069384][ T5961] usb 3-1: USB disconnect, device number 113
[ 1594.309008][T25282] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1594.322395][T25282] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1594.553750][T25282] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1594.568081][T25282] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1595.114469][T25302] xt_hashlimit: size too large, truncated to 1048576
[ 1595.339712][ T5961] usb 1-1: USB disconnect, device number 125
[ 1595.388913][T12638] asix 4-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1595.399729][T12638] asix 4-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[ 1595.413392][T12638] asix 4-1:0.251: probe with driver asix failed with error -71
[ 1595.454638][T12638] usb 4-1: USB disconnect, device number 95
[ 1595.551821][T25309] netlink: 'syz.0.5090': attribute type 1 has an invalid length.
[ 1595.570721][T25309] 8021q: adding VLAN 0 to HW filter on device bond14
[ 1595.619528][T25309] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5090'.
[ 1595.965104][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1596.014579][T25313] vlan2: entered allmulticast mode
[ 1596.022105][T25313] bridge0: port 4(vlan2) entered blocking state
[ 1596.063229][T25313] bridge0: port 4(vlan2) entered disabled state
[ 1596.219131][T25313] vlan2: entered promiscuous mode
[ 1597.007081][T25328] kAFS: unable to lookup cell '(,c¾Ì'
[ 1597.579663][T25313] netlink: 'syz.5.5091': attribute type 10 has an invalid length.
[ 1597.679871][   T24] usb 3-1: new high-speed USB device number 114 using dummy_hcd
[ 1597.830480][T25336] Unsupported ieee802154 address type: 0
[ 1598.214022][T25339] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5097'.
[ 1598.237421][T25337] netlink: 4436 bytes leftover after parsing attributes in process `syz.3.5096'.
[ 1598.249275][   T24] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1598.264017][   T24] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1598.277688][   T24] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1598.287413][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1598.295513][   T24] usb 3-1: SerialNumber: syz
[ 1598.546767][   T24] usb 3-1: 0:2 : does not exist
[ 1598.554529][   T24] usb 3-1: unit 5: unexpected type 0x0a
[ 1598.773762][T12638] usb 1-1: new high-speed USB device number 126 using dummy_hcd
[ 1598.854773][   T24] usb 3-1: USB disconnect, device number 114
[ 1598.888553][T24531] udevd[24531]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1599.032273][T12638] usb 1-1: Using ep0 maxpacket: 32
[ 1599.038896][T12638] usb 1-1: config 0 has an invalid interface number: 188 but max is 0
[ 1599.048531][T12638] usb 1-1: config 0 has no interface number 0
[ 1599.054979][T12638] usb 1-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[ 1599.067640][T12638] usb 1-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[ 1599.076939][T12638] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1599.086544][T12638] usb 1-1: Product: syz
[ 1599.090730][T12638] usb 1-1: Manufacturer: syz
[ 1599.095591][T12638] usb 1-1: SerialNumber: syz
[ 1599.106294][T12638] usb 1-1: config 0 descriptor??
[ 1599.113912][T25348] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1599.330287][   T24] hid-generic 0000:0000:0000.003C: unknown main item tag 0x0
[ 1599.340813][   T24] hid-generic 0000:0000:0000.003C: unknown main item tag 0x0
[ 1599.341090][T25348] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1599.353528][   T24] hid-generic 0000:0000:0000.003C: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[ 1599.588750][T12638] asix 1-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[ 1599.601158][T12638] asix 1-1:0.188: probe with driver asix failed with error -61
[ 1599.775579][T25375] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5108'.
[ 1599.784574][T25375] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5108'.
[ 1600.138980][T25381] netlink: 132 bytes leftover after parsing attributes in process `syz.5.5111'.
[ 1600.432915][   T30] kauditd_printk_skb: 15 callbacks suppressed
[ 1600.432931][   T30] audit: type=1400 audit(1773445168.302:1525): avc:  denied  { wake_alarm } for  pid=25394 comm="syz.5.5116" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1600.665805][   T10] usb 3-1: new high-speed USB device number 115 using dummy_hcd
[ 1600.826101][   T10] usb 3-1: Using ep0 maxpacket: 32
[ 1600.833130][   T10] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[ 1600.841413][   T10] usb 3-1: config 0 has no interface number 0
[ 1600.847565][   T10] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1600.858608][   T10] usb 3-1: config 0 interface 85 has no altsetting 0
[ 1600.866800][   T10] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1600.876094][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1600.884382][   T10] usb 3-1: Product: syz
[ 1600.888516][   T10] usb 3-1: Manufacturer: syz
[ 1600.893220][   T10] usb 3-1: SerialNumber: syz
[ 1600.899404][   T10] usb 3-1: config 0 descriptor??
[ 1601.221260][   T10] appletouch 3-1:0.85: Failed to read mode from device.
[ 1601.228476][   T10] appletouch 3-1:0.85: probe with driver appletouch failed with error -5
[ 1601.733136][   T10] usb 3-1: USB disconnect, device number 115
[ 1601.802252][   T24] usb 1-1: USB disconnect, device number 126
[ 1601.855718][T25419] FAULT_INJECTION: forcing a failure.
[ 1601.855718][T25419] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1601.869101][T25419] CPU: 0 UID: 0 PID: 25419 Comm: syz.0.5123 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1601.869132][T25419] Tainted: [L]=SOFTLOCKUP
[ 1601.869139][T25419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1601.869150][T25419] Call Trace:
[ 1601.869156][T25419]  <TASK>
[ 1601.869164][T25419]  dump_stack_lvl+0x100/0x190
[ 1601.869200][T25419]  should_fail_ex.cold+0x5/0xa
[ 1601.869224][T25419]  _copy_from_iter+0x1f4/0x1690
[ 1601.869246][T25419]  ? __asan_memset+0x23/0x50
[ 1601.869271][T25419]  ? __pfx__copy_from_iter+0x10/0x10
[ 1601.869289][T25419]  ? __pfx___alloc_skb+0x10/0x10
[ 1601.869321][T25419]  netlink_sendmsg+0x808/0xda0
[ 1601.869352][T25419]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1601.869375][T25419]  ? __might_fault+0xc0/0x140
[ 1601.869409][T25419]  ____sys_sendmsg+0x9e1/0xb70
[ 1601.869434][T25419]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1601.869461][T25419]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1601.869499][T25419]  ___sys_sendmsg+0x190/0x1e0
[ 1601.869527][T25419]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1601.869585][T25419]  __sys_sendmsg+0x170/0x220
[ 1601.869608][T25419]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1601.869646][T25419]  do_syscall_64+0x106/0xf80
[ 1601.869669][T25419]  ? clear_bhb_loop+0x40/0x90
[ 1601.869692][T25419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1601.869710][T25419] RIP: 0033:0x7f6bcad9c799
[ 1601.869727][T25419] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1601.869745][T25419] RSP: 002b:00007f6bcbc5c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1601.869762][T25419] RAX: ffffffffffffffda RBX: 00007f6bcb015fa0 RCX: 00007f6bcad9c799
[ 1601.869781][T25419] RDX: 0000000004000080 RSI: 0000200000000300 RDI: 0000000000000005
[ 1601.869793][T25419] RBP: 00007f6bcbc5c090 R08: 0000000000000000 R09: 0000000000000000
[ 1601.869804][T25419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1601.869814][T25419] R13: 00007f6bcb016038 R14: 00007f6bcb015fa0 R15: 00007ffccd42ec78
[ 1601.869840][T25419]  </TASK>
[ 1602.631618][T25427] random: crng reseeded on system resumption
[ 1605.112599][ T5860] usb 3-1: new high-speed USB device number 116 using dummy_hcd
[ 1605.284101][ T5860] usb 3-1: Using ep0 maxpacket: 32
[ 1605.291299][ T5860] usb 3-1: config 0 has an invalid interface number: 89 but max is 0
[ 1605.309431][ T5860] usb 3-1: config 0 has no interface number 0
[ 1605.316705][ T5860] usb 3-1: config 0 interface 89 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1605.337255][ T5860] usb 3-1: config 0 interface 89 has no altsetting 0
[ 1605.364993][ T5860] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4a
[ 1605.396408][ T5860] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1605.413464][ T5860] usb 3-1: Product: syz
[ 1605.427589][ T5860] usb 3-1: Manufacturer: syz
[ 1605.432569][T25451] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.5131'.
[ 1605.444288][T21063] usb 4-1: new high-speed USB device number 96 using dummy_hcd
[ 1605.444601][ T5860] usb 3-1: SerialNumber: syz
[ 1605.484165][ T5860] usb 3-1: config 0 descriptor??
[ 1605.498839][ T5860] em28xx 3-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[ 1605.536802][ T5860] em28xx 3-1:0.89: Video interface 89 found:
[ 1605.616351][T21063] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1605.633625][T21063] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1605.657375][T21063] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1605.667778][T21063] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1605.683765][T21063] usb 4-1: SerialNumber: syz
[ 1605.966267][T21063] usb 4-1: 0:2 : does not exist
[ 1606.004169][T21063] usb 4-1: unit 5: unexpected type 0x0a
[ 1606.093052][T21063] usb 4-1: USB disconnect, device number 96
[ 1606.180314][T24531] udevd[24531]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1606.248818][T25432] netlink: 'syz.2.5127': attribute type 5 has an invalid length.
[ 1606.307449][ T5860] em28xx 3-1:0.89: unknown em28xx chip ID (0)
[ 1606.833579][   T24] usb 1-1: new high-speed USB device number 127 using dummy_hcd
[ 1606.933993][T21644] usb 4-1: new full-speed USB device number 97 using dummy_hcd
[ 1606.990330][ T5860] em28xx 3-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[ 1607.026323][   T24] usb 1-1: Using ep0 maxpacket: 8
[ 1607.063537][ T5860] em28xx 3-1:0.89: board has no eeprom
[ 1607.115169][T21644] usb 4-1: config 0 has an invalid interface number: 113 but max is 0
[ 1607.124897][T21644] usb 4-1: config 0 has no interface number 0
[ 1607.131420][T21644] usb 4-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 1607.160993][ T5860] em28xx 3-1:0.89: Identified as Terratec Grabby (card=67)
[ 1607.175154][T21644] usb 4-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid maxpacket 65535, setting to 64
[ 1607.205556][ T5860] em28xx 3-1:0.89: analog set to bulk mode.
[ 1607.235987][T21644] usb 4-1: config 0 interface 113 has no altsetting 0
[ 1607.251221][T12638] em28xx 3-1:0.89: Registering V4L2 extension
[ 1607.260028][ T5860] usb 3-1: USB disconnect, device number 116
[ 1607.273022][T21644] usb 4-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 1607.286548][ T5860] em28xx 3-1:0.89: Disconnecting em28xx
[ 1607.320338][T21644] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1607.328749][T12638] em28xx 3-1:0.89: Config register raw data: 0xffffffed
[ 1607.346781][T12638] em28xx 3-1:0.89: AC97 chip type couldn't be determined
[ 1607.354076][T21644] usb 4-1: Product: syz
[ 1607.358665][T21644] usb 4-1: Manufacturer: syz
[ 1607.363322][T12638] em28xx 3-1:0.89: No AC97 audio processor
[ 1607.380063][T21644] usb 4-1: SerialNumber: syz
[ 1607.389831][T12638] usb 3-1: Decoder not found
[ 1607.404961][T21644] usb 4-1: config 0 descriptor??
[ 1607.418857][T12638] em28xx 3-1:0.89: failed to create media graph
[ 1607.432765][T25466] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1607.442136][T12638] em28xx 3-1:0.89: V4L2 device video103 deregistered
[ 1607.464973][T12638] em28xx 3-1:0.89: Registering snapshot button...
[ 1607.480002][    C1] usb 4-1: NFC: Urb failure (status -71)
[ 1607.494829][    C1] usb 4-1: NFC: Urb failure (status -71)
[ 1607.502876][T21644] usb 4-1: NFC: Unable to get FW version
[ 1607.510693][T12638] input: em28xx snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.89/input/input103
[ 1607.534010][T21644] pn533_usb 4-1:0.113: probe with driver pn533_usb failed with error -71
[ 1607.659802][T12638] em28xx 3-1:0.89: Remote control support is not available for this card.
[ 1607.832846][ T5860] em28xx 3-1:0.89: Closing input extension
[ 1607.901736][ T5860] em28xx 3-1:0.89: Deregistering snapshot button
[ 1608.032837][ T5860] em28xx 3-1:0.89: Freeing device
[ 1608.097625][T21644] usb 4-1: USB disconnect, device number 97
[ 1608.161408][   T30] audit: type=1400 audit(1773445175.524:1526): avc:  denied  { write } for  pid=25478 comm="syz.2.5141" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 1608.601457][T25484] binder: 25478:25484 ioctl c0046209 0 returned -22
[ 1608.790468][T25488] netlink: 84 bytes leftover after parsing attributes in process `syz.5.5142'.
[ 1609.816648][   T24] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1609.837261][   T24] usb 1-1: unable to read config index 0 descriptor/start: -71
[ 1609.862665][   T24] usb 1-1: can't read configurations, error -71
[ 1610.425545][   T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 1610.994702][   T24] usb 1-1: Using ep0 maxpacket: 32
[ 1611.014256][   T24] usb 1-1: config 0 has an invalid interface number: 89 but max is 0
[ 1611.023269][   T24] usb 1-1: config 0 has no interface number 0
[ 1611.029657][T21644] usb 4-1: new high-speed USB device number 98 using dummy_hcd
[ 1611.048629][   T24] usb 1-1: config 0 interface 89 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1611.059962][   T24] usb 1-1: config 0 interface 89 has no altsetting 0
[ 1611.169076][   T24] usb 1-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4a
[ 1611.185711][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1611.463568][T21644] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1611.479314][   T24] usb 1-1: Product: syz
[ 1611.489850][   T24] usb 1-1: Manufacturer: syz
[ 1611.494507][T21644] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1611.505460][T25515] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=122 sclass=netlink_tcpdiag_socket pid=25515 comm=syz.5.5148
[ 1611.579461][   T24] usb 1-1: SerialNumber: syz
[ 1611.671273][T21644] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1611.687696][   T24] usb 1-1: config 0 descriptor??
[ 1611.704879][T21644] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1611.738173][   T24] em28xx 1-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[ 1611.758735][   T24] em28xx 1-1:0.89: Video interface 89 found:
[ 1611.771826][T21644] usb 4-1: SerialNumber: syz
[ 1612.025906][T25524] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5151'.
[ 1612.182543][T21644] usb 4-1: 0:2 : does not exist
[ 1612.246250][T21644] usb 4-1: unit 5: unexpected type 0x0a
[ 1612.646300][   T24] em28xx 1-1:0.89: unknown em28xx chip ID (0)
[ 1613.186954][T21644] usb 4-1: USB disconnect, device number 98
[ 1613.350508][   T24] em28xx 1-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[ 1613.455346][   T24] em28xx 1-1:0.89: board has no eeprom
[ 1613.604203][   T24] em28xx 1-1:0.89: Identified as Terratec Grabby (card=67)
[ 1613.749000][   T24] em28xx 1-1:0.89: analog set to bulk mode.
[ 1614.052100][T25527] em28xx 1-1:0.89: Registering V4L2 extension
[ 1614.057771][T24531] udevd[24531]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1614.108414][   T24] usb 1-1: USB disconnect, device number 2
[ 1614.202685][T25527] em28xx 1-1:0.89: reading from i2c device at 0x4a failed (error=-19)
[ 1614.215156][   T24] em28xx 1-1:0.89: Disconnecting em28xx
[ 1614.238035][T25527] em28xx 1-1:0.89: Config register raw data: 0xffffffed
[ 1614.264384][T25527] em28xx 1-1:0.89: AC97 chip type couldn't be determined
[ 1614.279943][T25527] em28xx 1-1:0.89: No AC97 audio processor
[ 1614.307345][T25527] usb 1-1: Decoder not found
[ 1614.312052][T25527] em28xx 1-1:0.89: failed to create media graph
[ 1614.338017][T25527] em28xx 1-1:0.89: V4L2 device video103 deregistered
[ 1614.361895][T25527] em28xx 1-1:0.89: Registering snapshot button...
[ 1614.385032][T25527] input: em28xx snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.89/input/input105
[ 1614.410304][T25527] em28xx 1-1:0.89: Remote control support is not available for this card.
[ 1614.424887][   T10] usb 3-1: new full-speed USB device number 117 using dummy_hcd
[ 1614.432740][   T24] em28xx 1-1:0.89: Closing input extension
[ 1614.453426][   T24] em28xx 1-1:0.89: Deregistering snapshot button
[ 1614.514170][   T24] em28xx 1-1:0.89: Freeing device
[ 1614.674748][   T10] usb 3-1: config 0 has an invalid interface number: 113 but max is 0
[ 1614.700722][   T10] usb 3-1: config 0 has no interface number 0
[ 1614.728739][   T10] usb 3-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 1614.777525][   T10] usb 3-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid maxpacket 65535, setting to 64
[ 1614.786231][T25527] usb 4-1: new high-speed USB device number 99 using dummy_hcd
[ 1614.830394][   T10] usb 3-1: config 0 interface 113 has no altsetting 0
[ 1614.856190][T25557] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5162'.
[ 1614.896156][   T10] usb 3-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 1614.939593][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1615.013582][   T10] usb 3-1: Product: syz
[ 1615.065646][   T10] usb 3-1: Manufacturer: syz
[ 1615.110715][   T10] usb 3-1: SerialNumber: syz
[ 1615.182307][   T10] usb 3-1: config 0 descriptor??
[ 1615.200978][T25537] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1615.210897][    C0] usb 3-1: NFC: Urb failure (status -71)
[ 1615.226579][    C0] usb 3-1: NFC: Urb failure (status -71)
[ 1615.234358][   T10] usb 3-1: NFC: Unable to get FW version
[ 1615.257482][   T10] pn533_usb 3-1:0.113: probe with driver pn533_usb failed with error -71
[ 1615.310195][   T24] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 1615.331612][T25527] usb 4-1: Using ep0 maxpacket: 8
[ 1615.472591][   T24] usb 1-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1615.592701][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1615.604059][   T24] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1615.613562][   T24] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1615.622441][   T24] usb 1-1: Manufacturer: syz
[ 1615.629739][   T24] usb 1-1: config 0 descriptor??
[ 1615.716041][   T24] rc_core: IR keymap rc-hauppauge not found
[ 1615.716427][   T10] usb 3-1: USB disconnect, device number 117
[ 1615.722084][   T24] Registered IR keymap rc-empty
[ 1615.745262][   T24] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[ 1615.765342][   T24] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input106
[ 1615.947791][T25562] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1615.961836][T25562] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1616.540487][T25568] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=25568 comm=syz.2.5165
[ 1617.116517][   T24] usb 3-1: new high-speed USB device number 118 using dummy_hcd
[ 1617.287864][   T24] usb 3-1: Using ep0 maxpacket: 32
[ 1617.294570][   T24] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1617.303009][   T24] usb 3-1: config 0 has no interface number 0
[ 1617.313447][   T24] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=93.d8
[ 1617.323475][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1617.331519][   T24] usb 3-1: Product: syz
[ 1617.335783][   T24] usb 3-1: Manufacturer: syz
[ 1617.340368][   T24] usb 3-1: SerialNumber: syz
[ 1617.347005][   T24] usb 3-1: config 0 descriptor??
[ 1617.354286][   T24] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[ 1617.363637][   T24] usb 3-1: selecting invalid altsetting 1
[ 1617.369378][   T24] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[ 1617.378755][   T24] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1617.389520][   T24] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[ 1617.397916][   T24] usb 3-1: media controller created
[ 1617.409848][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1617.454668][T25527] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1617.465779][T25527] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 1617.475440][T25527] usb 4-1: can't read configurations, error -71
[ 1617.913279][T21063] usb 1-1: USB disconnect, device number 3
[ 1617.946096][   T24] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[ 1618.001477][   T24] zl10353_read_register: readreg error (reg=127, ret==-32)
[ 1618.835327][T25596] netlink: 84 bytes leftover after parsing attributes in process `syz.3.5175'.
[ 1619.419619][T25578] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[ 1619.778114][T21063] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[ 1620.103751][T21063] usb 1-1: config 0 has an invalid interface number: 113 but max is 0
[ 1620.120188][T21063] usb 1-1: config 0 has no interface number 0
[ 1620.127459][T21063] usb 1-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 1620.137228][   T24] usb 3-1: USB disconnect, device number 118
[ 1620.486814][T21063] usb 1-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid maxpacket 65535, setting to 64
[ 1620.503997][T21063] usb 1-1: config 0 interface 113 has no altsetting 0
[ 1620.513112][T21063] usb 1-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 1620.522969][T21063] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1620.536077][T21063] usb 1-1: Product: syz
[ 1620.542018][T21063] usb 1-1: Manufacturer: syz
[ 1620.546961][T21063] usb 1-1: SerialNumber: syz
[ 1620.620191][T21063] usb 1-1: config 0 descriptor??
[ 1620.643463][T25588] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1620.666665][    C0] usb 1-1: NFC: Urb failure (status -71)
[ 1620.687754][    C0] usb 1-1: NFC: Urb failure (status -71)
[ 1620.697176][T21063] usb 1-1: NFC: Unable to get FW version
[ 1620.708211][T21063] pn533_usb 1-1:0.113: probe with driver pn533_usb failed with error -71
[ 1620.979211][T25608] FAULT_INJECTION: forcing a failure.
[ 1620.979211][T25608] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1621.021755][T25608] CPU: 1 UID: 0 PID: 25608 Comm: syz.2.5179 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1621.021775][T25608] Tainted: [L]=SOFTLOCKUP
[ 1621.021779][T25608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1621.021787][T25608] Call Trace:
[ 1621.021790][T25608]  <TASK>
[ 1621.021796][T25608]  dump_stack_lvl+0x100/0x190
[ 1621.021818][T25608]  should_fail_ex.cold+0x5/0xa
[ 1621.021832][T25608]  _copy_from_iter+0x1f4/0x1690
[ 1621.021845][T25608]  ? __asan_memset+0x23/0x50
[ 1621.021860][T25608]  ? __pfx__copy_from_iter+0x10/0x10
[ 1621.021871][T25608]  ? __pfx___alloc_skb+0x10/0x10
[ 1621.021889][T25608]  netlink_sendmsg+0x808/0xda0
[ 1621.021907][T25608]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1621.021924][T25608]  ? ____sys_sendmsg+0x86e/0xb70
[ 1621.021942][T25608]  ____sys_sendmsg+0x9e1/0xb70
[ 1621.021957][T25608]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1621.021973][T25608]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1621.021995][T25608]  ___sys_sendmsg+0x190/0x1e0
[ 1621.022013][T25608]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1621.022045][T25608]  __sys_sendmsg+0x170/0x220
[ 1621.022059][T25608]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1621.022072][T25608]  ? irqentry_exit+0x180/0x670
[ 1621.022093][T25608]  do_syscall_64+0x106/0xf80
[ 1621.022106][T25608]  ? clear_bhb_loop+0x40/0x90
[ 1621.022120][T25608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1621.022132][T25608] RIP: 0033:0x7f764fd9c799
[ 1621.022148][T25608] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1621.022159][T25608] RSP: 002b:00007f7650c54028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1621.022170][T25608] RAX: ffffffffffffffda RBX: 00007f7650016090 RCX: 00007f764fd9c799
[ 1621.022176][T25608] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[ 1621.022183][T25608] RBP: 00007f7650c54090 R08: 0000000000000000 R09: 0000000000000000
[ 1621.022189][T25608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1621.022196][T25608] R13: 00007f7650016128 R14: 00007f7650016090 R15: 00007ffe8748c2c8
[ 1621.022209][T25608]  </TASK>
[ 1621.241178][T21063] usb 1-1: USB disconnect, device number 4
[ 1621.614001][   T30] audit: type=1326 audit(1773445188.107:1527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25615 comm="syz.6.5182" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe30d99c799 code=0x0
[ 1623.369000][T25643] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5189'.
[ 1623.384322][T25643] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5189'.
[ 1624.340891][T25649] tipc: Started in network mode
[ 1624.345855][T25649] tipc: Node identity 368f6bd1e27b, cluster identity 4711
[ 1624.353564][T25649] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1624.362256][T25649] syzkaller0: entered promiscuous mode
[ 1624.367997][T25649] syzkaller0: entered allmulticast mode
[ 1624.387114][T25649] tipc: Resetting bearer <eth:syzkaller0>
[ 1624.397446][T25648] tipc: Resetting bearer <eth:syzkaller0>
[ 1624.410423][T25648] tipc: Disabling bearer <eth:syzkaller0>
[ 1624.920867][   T24] usb 4-1: new high-speed USB device number 101 using dummy_hcd
[ 1625.028459][T25665] netlink: 'syz.2.5194': attribute type 4 has an invalid length.
[ 1625.720795][   T24] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1625.753829][   T24] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1625.785471][   T24] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1625.794706][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1625.803010][   T24] usb 4-1: SerialNumber: syz
[ 1626.300922][   T24] usb 4-1: 0:2 : does not exist
[ 1626.319735][   T24] usb 4-1: unit 5: unexpected type 0x0a
[ 1626.377281][   T24] usb 4-1: USB disconnect, device number 101
[ 1626.456086][T24531] udevd[24531]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1626.876034][    T9] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[ 1627.116625][    T9] usb 1-1: Using ep0 maxpacket: 8
[ 1627.489204][    T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1627.649471][    T9] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[ 1629.217073][T25695] FAULT_INJECTION: forcing a failure.
[ 1629.217073][T25695] name failslab, interval 1, probability 0, space 0, times 0
[ 1629.229996][T25695] CPU: 1 UID: 0 PID: 25695 Comm: syz.3.5204 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1629.230025][T25695] Tainted: [L]=SOFTLOCKUP
[ 1629.230031][T25695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1629.230041][T25695] Call Trace:
[ 1629.230048][T25695]  <TASK>
[ 1629.230055][T25695]  dump_stack_lvl+0x100/0x190
[ 1629.230090][T25695]  should_fail_ex.cold+0x5/0xa
[ 1629.230115][T25695]  should_failslab+0xc2/0x120
[ 1629.230134][T25695]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1629.230159][T25695]  ? mas_alloc_nodes+0x280/0x390
[ 1629.230184][T25695]  mas_alloc_nodes+0x280/0x390
[ 1629.230207][T25695]  mas_preallocate+0x39c/0xf10
[ 1629.230230][T25695]  ? __memcg_slab_post_alloc_hook+0x4a0/0x990
[ 1629.230254][T25695]  ? __pfx_mas_preallocate+0x10/0x10
[ 1629.230286][T25695]  ? anon_vma_name+0x5a/0x250
[ 1629.230312][T25695]  __split_vma+0x33d/0xd90
[ 1629.230340][T25695]  ? __pfx___split_vma+0x10/0x10
[ 1629.230370][T25695]  ? __pfx_mas_prev+0x10/0x10
[ 1629.230390][T25695]  ? ima_match_policy+0x8b8/0x2340
[ 1629.230415][T25695]  vms_gather_munmap_vmas+0x39f/0x1500
[ 1629.230450][T25695]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[ 1629.230479][T25695]  ? mas_walk+0x6ef/0x9b0
[ 1629.230509][T25695]  __mmap_region+0x492/0x29e0
[ 1629.230538][T25695]  ? __pfx___mmap_region+0x10/0x10
[ 1629.230561][T25695]  ? process_measurement+0x1f4/0x2350
[ 1629.230591][T25695]  ? find_held_lock+0x2b/0x80
[ 1629.230614][T25695]  ? avc_has_perm_noaudit+0x11e/0x3b0
[ 1629.230652][T25695]  ? __lock_acquire+0x4a5/0x2630
[ 1629.230691][T25695]  ? __lock_acquire+0x4a5/0x2630
[ 1629.230733][T25695]  ? find_held_lock+0x2b/0x80
[ 1629.230756][T25695]  ? avc_has_perm_noaudit+0x11e/0x3b0
[ 1629.230805][T25695]  ? mm_get_unmapped_area_vmflags+0xd7/0x130
[ 1629.230836][T25695]  mmap_region+0x180/0x3e0
[ 1629.230866][T25695]  do_mmap+0xc63/0x12f0
[ 1629.230890][T25695]  ? __pfx_do_mmap+0x10/0x10
[ 1629.230909][T25695]  ? __pfx_down_write_killable+0x10/0x10
[ 1629.230941][T25695]  vm_mmap_pgoff+0x29e/0x470
[ 1629.230966][T25695]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1629.230984][T25695]  ? __fget_files+0x215/0x3d0
[ 1629.231007][T25695]  ? __fget_files+0x21f/0x3d0
[ 1629.231032][T25695]  ksys_mmap_pgoff+0x3c8/0x650
[ 1629.231053][T25695]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[ 1629.231069][T25695]  ? fput+0x79/0x100
[ 1629.231090][T25695]  ? ksys_write+0x1ac/0x250
[ 1629.231117][T25695]  ? __pfx_ksys_write+0x10/0x10
[ 1629.231147][T25695]  __x64_sys_mmap+0x125/0x190
[ 1629.231170][T25695]  do_syscall_64+0x106/0xf80
[ 1629.231192][T25695]  ? clear_bhb_loop+0x40/0x90
[ 1629.231215][T25695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1629.231234][T25695] RIP: 0033:0x7fa51d99c799
[ 1629.231249][T25695] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1629.231266][T25695] RSP: 002b:00007fa51e7c3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1629.231284][T25695] RAX: ffffffffffffffda RBX: 00007fa51dc16090 RCX: 00007fa51d99c799
[ 1629.231297][T25695] RDX: 000000000000001a RSI: 00000000000010f4 RDI: 0000200000ffd000
[ 1629.231307][T25695] RBP: 00007fa51e7c3090 R08: 0000000000000004 R09: 0000000000000000
[ 1629.231318][T25695] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000001
[ 1629.231328][T25695] R13: 00007fa51dc16128 R14: 00007fa51dc16090 R15: 00007fffe17244d8
[ 1629.231354][T25695]  </TASK>
[ 1629.266443][    T9] usb 1-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d
[ 1629.675435][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1629.685987][    T9] usb 1-1: Product: syz
[ 1630.682560][    T9] usb 1-1: Manufacturer: syz
[ 1630.713355][   T30] audit: type=1326 audit(1773445196.620:1528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25684 comm="syz.2.5203" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f764fd9c799 code=0x0
[ 1630.715789][    T9] usb 1-1: SerialNumber: syz
[ 1630.953128][    T9] usb 1-1: can't set config #1, error -71
[ 1630.986287][    T9] usb 1-1: USB disconnect, device number 5
[ 1631.030505][T25737] FAULT_INJECTION: forcing a failure.
[ 1631.030505][T25737] name failslab, interval 1, probability 0, space 0, times 0
[ 1631.045087][T25737] CPU: 0 UID: 0 PID: 25737 Comm: syz.2.5215 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1631.045121][T25737] Tainted: [L]=SOFTLOCKUP
[ 1631.045128][T25737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1631.045138][T25737] Call Trace:
[ 1631.045145][T25737]  <TASK>
[ 1631.045152][T25737]  dump_stack_lvl+0x100/0x190
[ 1631.045187][T25737]  should_fail_ex.cold+0x5/0xa
[ 1631.045212][T25737]  ? ovl_lookup_layers+0x13ff/0x2ac0
[ 1631.045237][T25737]  should_failslab+0xc2/0x120
[ 1631.045257][T25737]  __kmalloc_noprof+0xe0/0x850
[ 1631.045289][T25737]  ovl_lookup_layers+0x13ff/0x2ac0
[ 1631.045328][T25737]  ? __pfx_ovl_lookup_layers+0x10/0x10
[ 1631.045365][T25737]  ? find_held_lock+0x2b/0x80
[ 1631.045395][T25737]  ? d_alloc_parallel+0xb4e/0x14e0
[ 1631.045426][T25737]  ovl_lookup+0x4a8/0x6b0
[ 1631.045452][T25737]  ? d_alloc_parallel+0x864/0x14e0
[ 1631.045480][T25737]  ? __pfx_ovl_lookup+0x10/0x10
[ 1631.045521][T25737]  ? lockdep_init_map_type+0x5c/0x250
[ 1631.045544][T25737]  __lookup_slow+0x251/0x460
[ 1631.045569][T25737]  ? __pfx___lookup_slow+0x10/0x10
[ 1631.045615][T25737]  lookup_slow+0x50/0x70
[ 1631.045639][T25737]  link_path_walk+0x1377/0x1cc0
[ 1631.045676][T25737]  __filename_parentat+0x213/0x740
[ 1631.045708][T25737]  ? __pfx___filename_parentat+0x10/0x10
[ 1631.045763][T25737]  filename_unlinkat+0xf7/0x730
[ 1631.045783][T25737]  ? __might_fault+0xc5/0x140
[ 1631.045808][T25737]  ? __pfx_filename_unlinkat+0x10/0x10
[ 1631.045839][T25737]  ? do_getname+0x191/0x390
[ 1631.045864][T25737]  __x64_sys_unlinkat+0xc0/0x130
[ 1631.045888][T25737]  do_syscall_64+0x106/0xf80
[ 1631.045909][T25737]  ? clear_bhb_loop+0x40/0x90
[ 1631.045932][T25737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1631.045951][T25737] RIP: 0033:0x7f764fd9c799
[ 1631.045968][T25737] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1631.045985][T25737] RSP: 002b:00007f7650c75028 EFLAGS: 00000246 ORIG_RAX: 0000000000000107
[ 1631.046004][T25737] RAX: ffffffffffffffda RBX: 00007f7650015fa0 RCX: 00007f764fd9c799
[ 1631.046016][T25737] RDX: 0000000000000000 RSI: 0000200000000180 RDI: ffffffffffffff9c
[ 1631.046028][T25737] RBP: 00007f7650c75090 R08: 0000000000000000 R09: 0000000000000000
[ 1631.046038][T25737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1631.046049][T25737] R13: 00007f7650016038 R14: 00007f7650015fa0 R15: 00007ffe8748c2c8
[ 1631.046075][T25737]  </TASK>
[ 1631.326894][T25735] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1631.440576][   T10] usb 4-1: new high-speed USB device number 102 using dummy_hcd
[ 1631.589709][   T10] usb 4-1: device descriptor read/64, error -71
[ 1631.968011][T25752] SELinux: failed to load policy
[ 1632.028930][   T10] usb 4-1: new high-speed USB device number 103 using dummy_hcd
[ 1632.049813][T25754] xt_CT: No such helper "snmp_trap"
[ 1632.177609][   T10] usb 4-1: device descriptor read/64, error -71
[ 1632.295415][   T10] usb usb4-port1: attempt power cycle
[ 1632.680255][    T9] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[ 1632.735155][T25770] netlink: 180 bytes leftover after parsing attributes in process `syz.5.5221'.
[ 1632.749855][T25770] overlayfs: failed to clone upperpath
[ 1632.787019][   T10] usb 4-1: new high-speed USB device number 104 using dummy_hcd
[ 1633.021769][   T10] usb 4-1: device descriptor read/8, error -71
[ 1633.103805][    T9] usb 1-1: config 0 has an invalid interface number: 113 but max is 0
[ 1633.112248][    T9] usb 1-1: config 0 has no interface number 0
[ 1633.123596][    T9] usb 1-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 1633.136544][    T9] usb 1-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid maxpacket 65535, setting to 64
[ 1633.155443][    T9] usb 1-1: config 0 interface 113 has no altsetting 0
[ 1633.434141][    T9] usb 1-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 1633.443287][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1633.475042][    T9] usb 1-1: Product: syz
[ 1633.479261][    T9] usb 1-1: Manufacturer: syz
[ 1633.484138][   T10] usb 4-1: new high-speed USB device number 105 using dummy_hcd
[ 1633.506847][    T9] usb 1-1: SerialNumber: syz
[ 1633.531724][   T10] usb 4-1: device descriptor read/8, error -71
[ 1633.634672][T25777] FAULT_INJECTION: forcing a failure.
[ 1633.634672][T25777] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1633.648515][T25777] CPU: 0 UID: 0 PID: 25777 Comm: syz.6.5223 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1633.648540][T25777] Tainted: [L]=SOFTLOCKUP
[ 1633.648545][T25777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1633.648554][T25777] Call Trace:
[ 1633.648559][T25777]  <TASK>
[ 1633.648566][T25777]  dump_stack_lvl+0x100/0x190
[ 1633.648596][T25777]  should_fail_ex.cold+0x5/0xa
[ 1633.648619][T25777]  should_fail_alloc_page+0xeb/0x140
[ 1633.648640][T25777]  prepare_alloc_pages+0x1f0/0x5f0
[ 1633.648664][T25777]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1633.648692][T25777]  ? find_held_lock+0x2b/0x80
[ 1633.648715][T25777]  ? __schedule+0x2fd3/0x6120
[ 1633.648740][T25777]  ? rcu_is_watching+0x12/0xc0
[ 1633.648761][T25777]  ? trace_sched_exit_tp+0x13a/0x180
[ 1633.648789][T25777]  ? __schedule+0x1000/0x6120
[ 1633.648810][T25777]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1633.648846][T25777]  ? __pfx___schedule+0x10/0x10
[ 1633.648872][T25777]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1633.648900][T25777]  ? policy_nodemask+0xed/0x4f0
[ 1633.648921][T25777]  alloc_pages_mpol+0x1fb/0x550
[ 1633.648940][T25777]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1633.648960][T25777]  ? get_vma_policy+0xcb/0x3b0
[ 1633.648983][T25777]  folio_alloc_mpol_noprof+0x36/0x340
[ 1633.649005][T25777]  vma_alloc_folio_noprof+0xed/0x1d0
[ 1633.649023][T25777]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1633.649040][T25777]  ? rcu_read_unlock+0x2d/0xb0
[ 1633.649063][T25777]  ? rcu_read_unlock+0x2d/0xb0
[ 1633.649086][T25777]  ? __lock_acquire+0x4a5/0x2630
[ 1633.649117][T25777]  do_wp_page+0xf28/0x4f00
[ 1633.649143][T25777]  ? __pfx_do_wp_page+0x10/0x10
[ 1633.649164][T25777]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1633.649191][T25777]  __handle_mm_fault+0x1ac8/0x2b60
[ 1633.649214][T25777]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1633.649233][T25777]  ? pte_offset_map_lock+0x174/0x320
[ 1633.649254][T25777]  ? vm_normal_page+0x1b6/0x330
[ 1633.649267][T25777]  ? find_held_lock+0x2b/0x80
[ 1633.649290][T25777]  ? follow_page_pte+0x5b3/0x1400
[ 1633.649309][T25777]  handle_mm_fault+0x36d/0xa20
[ 1633.649330][T25777]  __get_user_pages+0xf9c/0x34d0
[ 1633.649351][T25777]  ? down_read_killable+0x30e/0x4c0
[ 1633.649376][T25777]  ? __pfx___get_user_pages+0x10/0x10
[ 1633.649393][T25777]  ? __pfx___schedule+0x10/0x10
[ 1633.649410][T25777]  __gup_longterm_locked+0x87d/0x16f0
[ 1633.649431][T25777]  ? __pfx___gup_longterm_locked+0x10/0x10
[ 1633.649451][T25777]  ? sanity_check_pinned_pages+0x5f6/0x1250
[ 1633.649469][T25777]  gup_fast_fallback+0x18c6/0x2460
[ 1633.649498][T25777]  ? __pfx_gup_fast_fallback+0x10/0x10
[ 1633.649522][T25777]  pin_user_pages_fast+0xa7/0xf0
[ 1633.649537][T25777]  ? __pfx_pin_user_pages_fast+0x10/0x10
[ 1633.649552][T25777]  ? __pfx___schedule+0x10/0x10
[ 1633.649571][T25777]  iov_iter_extract_pages+0xa0d/0x1ef0
[ 1633.649597][T25777]  ? irqentry_exit+0x180/0x670
[ 1633.649618][T25777]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[ 1633.649642][T25777]  ? extract_iter_to_sg+0xb2/0x21d0
[ 1633.649661][T25777]  ? __sanitizer_cov_trace_switch+0x16/0x90
[ 1633.649684][T25777]  extract_iter_to_sg+0x638/0x21d0
[ 1633.649710][T25777]  ? __pfx_extract_iter_to_sg+0x10/0x10
[ 1633.649728][T25777]  ? irqentry_exit+0x180/0x670
[ 1633.649757][T25777]  af_alg_get_rsgl+0x2b3/0x7f0
[ 1633.649784][T25777]  skcipher_recvmsg+0x375/0x1020
[ 1633.649812][T25777]  ? __pfx_skcipher_recvmsg+0x10/0x10
[ 1633.649833][T25777]  ? security_socket_recvmsg+0xed/0x260
[ 1633.649850][T25777]  ? __pfx_skcipher_recvmsg+0x10/0x10
[ 1633.649871][T25777]  sock_recvmsg+0x1a4/0x1f0
[ 1633.649892][T25777]  ____sys_recvmsg+0x218/0x640
[ 1633.649916][T25777]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1633.649949][T25777]  ___sys_recvmsg+0x16a/0x1a0
[ 1633.649971][T25777]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1633.650010][T25777]  __sys_recvmsg+0x16d/0x220
[ 1633.650028][T25777]  ? __pfx___sys_recvmsg+0x10/0x10
[ 1633.650057][T25777]  do_syscall_64+0x106/0xf80
[ 1633.650073][T25777]  ? clear_bhb_loop+0x40/0x90
[ 1633.650093][T25777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1633.650108][T25777] RIP: 0033:0x7fe30d99c799
[ 1633.650120][T25777] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1633.650133][T25777] RSP: 002b:00007fe30e7fd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 1633.650147][T25777] RAX: ffffffffffffffda RBX: 00007fe30dc16180 RCX: 00007fe30d99c799
[ 1633.650156][T25777] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000005
[ 1633.650164][T25777] RBP: 00007fe30e7fd090 R08: 0000000000000000 R09: 0000000000000000
[ 1633.650172][T25777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1633.650180][T25777] R13: 00007fe30dc16218 R14: 00007fe30dc16180 R15: 00007ffeaf2e6288
[ 1633.650199][T25777]  </TASK>
[ 1634.210356][    T9] usb 1-1: config 0 descriptor??
[ 1634.215459][   T10] usb usb4-port1: unable to enumerate USB device
[ 1634.225756][T25762] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1634.241866][    C0] usb 1-1: NFC: Urb failure (status -71)
[ 1634.247863][    C0] usb 1-1: NFC: Urb failure (status -71)
[ 1634.256412][    T9] usb 1-1: NFC: Unable to get FW version
[ 1634.262486][    T9] pn533_usb 1-1:0.113: probe with driver pn533_usb failed with error -71
[ 1634.572472][T25790] random: crng reseeded on system resumption
[ 1634.903403][   T24] usb 4-1: new full-speed USB device number 106 using dummy_hcd
[ 1634.905868][    T9] usb 3-1: new high-speed USB device number 119 using dummy_hcd
[ 1635.051210][T25796] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5230'.
[ 1635.096445][    T9] usb 3-1: Using ep0 maxpacket: 16
[ 1635.103100][    T9] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[ 1635.116757][   T29] usb 1-1: USB disconnect, device number 6
[ 1635.126701][    T9] usb 3-1: config 0 has no interface number 0
[ 1635.133943][    T9] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1635.161609][   T24] usb 4-1: config 0 has an invalid interface number: 113 but max is 0
[ 1635.169811][   T24] usb 4-1: config 0 has no interface number 0
[ 1635.171314][    T9] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1635.195894][   T24] usb 4-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 1635.209076][   T24] usb 4-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid maxpacket 65535, setting to 64
[ 1635.223614][    T9] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1635.234371][   T24] usb 4-1: config 0 interface 113 has no altsetting 0
[ 1635.241566][    T9] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1635.243453][   T24] usb 4-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 1635.259173][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1635.267549][    T9] usb 3-1: Product: syz
[ 1635.267862][   T24] usb 4-1: Product: syz
[ 1635.271719][    T9] usb 3-1: SerialNumber: syz
[ 1635.276095][    T9] usb 3-1: config 0 descriptor??
[ 1635.287166][   T24] usb 4-1: Manufacturer: syz
[ 1635.291762][    T9] cm109 3-1:0.8: invalid payload size 0, expected 4
[ 1635.293425][    T9] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input109
[ 1635.298916][   T24] usb 4-1: SerialNumber: syz
[ 1635.319869][   T24] usb 4-1: config 0 descriptor??
[ 1635.326609][T25781] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1635.341519][    C1] usb 4-1: NFC: Urb failure (status -71)
[ 1635.347918][    C1] usb 4-1: NFC: Urb failure (status -71)
[ 1635.354185][   T24] usb 4-1: NFC: Unable to get FW version
[ 1635.368114][   T24] pn533_usb 4-1:0.113: probe with driver pn533_usb failed with error -71
[ 1635.515012][    C0] cm109_urb_ctl_callback: 41 callbacks suppressed
[ 1635.515037][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1635.515358][   T24] usb 3-1: USB disconnect, device number 119
[ 1635.521667][    C0] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[ 1635.553427][   T24] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[ 1635.747822][T25527] usb 4-1: USB disconnect, device number 106
[ 1638.918446][T25825] fuse: Unknown parameter 'smackfsroot'
[ 1640.237276][   T24] usb 4-1: new full-speed USB device number 107 using dummy_hcd
[ 1640.619978][   T24] usb 4-1: config 0 has an invalid interface number: 113 but max is 0
[ 1640.662488][   T24] usb 4-1: config 0 has no interface number 0
[ 1640.676377][   T24] usb 4-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 1640.688317][   T24] usb 4-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid maxpacket 65535, setting to 64
[ 1640.699781][   T24] usb 4-1: config 0 interface 113 has no altsetting 0
[ 1640.709253][   T24] usb 4-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 1640.835853][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1640.843893][   T24] usb 4-1: Product: syz
[ 1641.391278][   T24] usb 4-1: Manufacturer: syz
[ 1641.396575][   T24] usb 4-1: SerialNumber: syz
[ 1641.403272][   T24] usb 4-1: config 0 descriptor??
[ 1641.519639][T25840] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1641.536750][    C1] usb 4-1: NFC: Urb failure (status -71)
[ 1641.543821][    C1] usb 4-1: NFC: Urb failure (status -71)
[ 1641.550596][   T24] usb 4-1: NFC: Unable to get FW version
[ 1641.564617][   T24] pn533_usb 4-1:0.113: probe with driver pn533_usb failed with error -71
[ 1642.166032][T21063] usb 4-1: USB disconnect, device number 107
[ 1642.599598][   T24] usb 3-1: new full-speed USB device number 120 using dummy_hcd
[ 1642.786526][   T24] usb 3-1: config 0 has an invalid interface number: 113 but max is 0
[ 1642.796956][   T24] usb 3-1: config 0 has no interface number 0
[ 1642.803604][   T24] usb 3-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 1642.823476][   T24] usb 3-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid maxpacket 65535, setting to 64
[ 1643.304087][T25870] FAULT_INJECTION: forcing a failure.
[ 1643.304087][T25870] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1643.317457][T25870] CPU: 0 UID: 0 PID: 25870 Comm: syz.3.5255 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1643.317485][T25870] Tainted: [L]=SOFTLOCKUP
[ 1643.317491][T25870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1643.317499][T25870] Call Trace:
[ 1643.317504][T25870]  <TASK>
[ 1643.317508][T25870]  dump_stack_lvl+0x100/0x190
[ 1643.317529][T25870]  should_fail_ex.cold+0x5/0xa
[ 1643.317541][T25870]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1643.317555][T25870]  should_fail_alloc_page+0xeb/0x140
[ 1643.317567][T25870]  prepare_alloc_pages+0x1f0/0x5f0
[ 1643.317581][T25870]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1643.317605][T25870]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1643.317620][T25870]  ? __pfx___schedule+0x10/0x10
[ 1643.317634][T25870]  ? preempt_schedule_irq+0x7b/0x90
[ 1643.317648][T25870]  ? irqentry_exit+0x180/0x670
[ 1643.317675][T25870]  alloc_pages_bulk_noprof+0x782/0x1490
[ 1643.317696][T25870]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[ 1643.317716][T25870]  ? alloc_pages_noprof+0x233/0x390
[ 1643.317729][T25870]  __kasan_populate_vmalloc+0xf0/0x210
[ 1643.317748][T25870]  alloc_vmap_area+0x95d/0x2bd0
[ 1643.317764][T25870]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 1643.317778][T25870]  __get_vm_area_node+0x1ca/0x330
[ 1643.317792][T25870]  __vmalloc_node_range_noprof+0x213/0x1530
[ 1643.317806][T25870]  ? bpf_prog_alloc_no_stats+0x59/0x630
[ 1643.317821][T25870]  ? __lock_acquire+0x4a5/0x2630
[ 1643.317838][T25870]  ? __schedule+0x1000/0x6120
[ 1643.317850][T25870]  ? bpf_prog_alloc_no_stats+0x59/0x630
[ 1643.317874][T25870]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1643.317890][T25870]  ? find_held_lock+0x2b/0x80
[ 1643.317903][T25870]  ? avc_has_perm_noaudit+0x11e/0x3b0
[ 1643.317914][T25870]  ? avc_has_perm_noaudit+0x11e/0x3b0
[ 1643.317927][T25870]  ? avc_has_perm_noaudit+0x145/0x3b0
[ 1643.317938][T25870]  ? bpf_prog_alloc_no_stats+0x59/0x630
[ 1643.317952][T25870]  __vmalloc_node_noprof+0xad/0xf0
[ 1643.317964][T25870]  ? bpf_prog_alloc_no_stats+0x59/0x630
[ 1643.317981][T25870]  __vmalloc_noprof+0xa3/0x120
[ 1643.317993][T25870]  ? __pfx___vmalloc_noprof+0x10/0x10
[ 1643.318009][T25870]  ? rcu_is_watching+0x12/0xc0
[ 1643.318030][T25870]  ? cap_capable+0x107/0x460
[ 1643.318047][T25870]  ? cred_has_capability.isra.0+0x186/0x300
[ 1643.318071][T25870]  bpf_prog_alloc_no_stats+0x59/0x630
[ 1643.318086][T25870]  ? security_capable+0x80/0x260
[ 1643.318099][T25870]  bpf_prog_alloc+0x3b/0x200
[ 1643.318112][T25870]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1643.318128][T25870]  bpf_prog_load+0x494/0x2c20
[ 1643.318141][T25870]  ? avc_has_perm_noaudit+0x11e/0x3b0
[ 1643.318152][T25870]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1643.318164][T25870]  ? avc_has_perm_noaudit+0x145/0x3b0
[ 1643.318176][T25870]  ? avc_has_perm+0x135/0x1e0
[ 1643.318192][T25870]  ? selinux_bpf+0xfb/0x150
[ 1643.318205][T25870]  __sys_bpf+0x223a/0x4b90
[ 1643.318216][T25870]  ? __schedule+0x2fd3/0x6120
[ 1643.318229][T25870]  ? __pfx___sys_bpf+0x10/0x10
[ 1643.318239][T25870]  ? trace_sched_exit_tp+0x13a/0x180
[ 1643.318256][T25870]  ? __schedule+0x1000/0x6120
[ 1643.318267][T25870]  ? __pfx_sched_clock_cpu+0x10/0x10
[ 1643.318290][T25870]  ? __pfx___schedule+0x10/0x10
[ 1643.318314][T25870]  __x64_sys_bpf+0x7b/0xc0
[ 1643.318327][T25870]  do_syscall_64+0x106/0xf80
[ 1643.318340][T25870]  ? clear_bhb_loop+0x40/0x90
[ 1643.318353][T25870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1643.318364][T25870] RIP: 0033:0x7fa51d99c799
[ 1643.318374][T25870] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1643.318385][T25870] RSP: 002b:00007fa51e7c3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1643.318396][T25870] RAX: ffffffffffffffda RBX: 00007fa51dc16090 RCX: 00007fa51d99c799
[ 1643.318402][T25870] RDX: 0000000000000094 RSI: 0000200000000040 RDI: 0000000000000005
[ 1643.318409][T25870] RBP: 00007fa51e7c3090 R08: 0000000000000000 R09: 0000000000000000
[ 1643.318415][T25870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1643.318423][T25870] R13: 00007fa51dc16128 R14: 00007fa51dc16090 R15: 00007fffe17244d8
[ 1643.318440][T25870]  </TASK>
[ 1643.318681][T25870] syz.3.5255: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[ 1643.732691][T25870] CPU: 0 UID: 0 PID: 25870 Comm: syz.3.5255 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1643.732720][T25870] Tainted: [L]=SOFTLOCKUP
[ 1643.732726][T25870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1643.732735][T25870] Call Trace:
[ 1643.732741][T25870]  <TASK>
[ 1643.732748][T25870]  dump_stack_lvl+0x100/0x190
[ 1643.732771][T25870]  warn_alloc.cold+0x95/0x1c1
[ 1643.732790][T25870]  ? __pfx_warn_alloc+0x10/0x10
[ 1643.732805][T25870]  ? lockdep_hardirqs_on+0x78/0x100
[ 1643.732820][T25870]  ? __get_vm_area_node+0x2c5/0x330
[ 1643.732835][T25870]  ? __get_vm_area_node+0x208/0x330
[ 1643.732849][T25870]  __vmalloc_node_range_noprof+0xbf4/0x1530
[ 1643.732863][T25870]  ? __lock_acquire+0x4a5/0x2630
[ 1643.732881][T25870]  ? __schedule+0x1000/0x6120
[ 1643.732893][T25870]  ? bpf_prog_alloc_no_stats+0x59/0x630
[ 1643.732912][T25870]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1643.732924][T25870]  ? find_held_lock+0x2b/0x80
[ 1643.732937][T25870]  ? avc_has_perm_noaudit+0x11e/0x3b0
[ 1643.732948][T25870]  ? avc_has_perm_noaudit+0x11e/0x3b0
[ 1643.732961][T25870]  ? avc_has_perm_noaudit+0x145/0x3b0
[ 1643.732972][T25870]  ? bpf_prog_alloc_no_stats+0x59/0x630
[ 1643.732986][T25870]  __vmalloc_node_noprof+0xad/0xf0
[ 1643.732999][T25870]  ? bpf_prog_alloc_no_stats+0x59/0x630
[ 1643.733015][T25870]  __vmalloc_noprof+0xa3/0x120
[ 1643.733027][T25870]  ? __pfx___vmalloc_noprof+0x10/0x10
[ 1643.733040][T25870]  ? rcu_is_watching+0x12/0xc0
[ 1643.733053][T25870]  ? cap_capable+0x107/0x460
[ 1643.733064][T25870]  ? cred_has_capability.isra.0+0x186/0x300
[ 1643.733080][T25870]  bpf_prog_alloc_no_stats+0x59/0x630
[ 1643.733094][T25870]  ? security_capable+0x80/0x260
[ 1643.733107][T25870]  bpf_prog_alloc+0x3b/0x200
[ 1643.733120][T25870]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1643.733136][T25870]  bpf_prog_load+0x494/0x2c20
[ 1643.733150][T25870]  ? avc_has_perm_noaudit+0x11e/0x3b0
[ 1643.733160][T25870]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1643.733172][T25870]  ? avc_has_perm_noaudit+0x145/0x3b0
[ 1643.733184][T25870]  ? avc_has_perm+0x135/0x1e0
[ 1643.733200][T25870]  ? selinux_bpf+0xfb/0x150
[ 1643.733214][T25870]  __sys_bpf+0x223a/0x4b90
[ 1643.733224][T25870]  ? __schedule+0x2fd3/0x6120
[ 1643.733237][T25870]  ? __pfx___sys_bpf+0x10/0x10
[ 1643.733247][T25870]  ? trace_sched_exit_tp+0x13a/0x180
[ 1643.733264][T25870]  ? __schedule+0x1000/0x6120
[ 1643.733275][T25870]  ? __pfx_sched_clock_cpu+0x10/0x10
[ 1643.733299][T25870]  ? __pfx___schedule+0x10/0x10
[ 1643.733323][T25870]  __x64_sys_bpf+0x7b/0xc0
[ 1643.733335][T25870]  do_syscall_64+0x106/0xf80
[ 1643.733348][T25870]  ? clear_bhb_loop+0x40/0x90
[ 1643.733361][T25870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1643.733372][T25870] RIP: 0033:0x7fa51d99c799
[ 1643.733383][T25870] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1643.733393][T25870] RSP: 002b:00007fa51e7c3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1643.733404][T25870] RAX: ffffffffffffffda RBX: 00007fa51dc16090 RCX: 00007fa51d99c799
[ 1643.733411][T25870] RDX: 0000000000000094 RSI: 0000200000000040 RDI: 0000000000000005
[ 1643.733417][T25870] RBP: 00007fa51e7c3090 R08: 0000000000000000 R09: 0000000000000000
[ 1643.733424][T25870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1643.733430][T25870] R13: 00007fa51dc16128 R14: 00007fa51dc16090 R15: 00007fffe17244d8
[ 1643.733448][T25870]  </TASK>
[ 1643.733467][T25870] Mem-Info:
[ 1644.066482][T25870] active_anon:68034 inactive_anon:8 isolated_anon:0
[ 1644.066482][T25870]  active_file:20562 inactive_file:9974 isolated_file:0
[ 1644.066482][T25870]  unevictable:768 dirty:303 writeback:0
[ 1644.066482][T25870]  slab_reclaimable:12825 slab_unreclaimable:105650
[ 1644.066482][T25870]  mapped:34813 shmem:58001 pagetables:2340
[ 1644.066482][T25870]  sec_pagetables:0 bounce:0
[ 1644.066482][T25870]  kernel_misc_reclaimable:0
[ 1644.066482][T25870]  free:1242106 free_pcp:24984 free_cma:0
[ 1644.112041][T25870] Node 0 active_anon:272136kB inactive_anon:32kB active_file:82240kB inactive_file:39684kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:139244kB dirty:1212kB writeback:0kB shmem:230468kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14528kB pagetables:9232kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1644.144214][T25870] Node 1 active_anon:0kB inactive_anon:0kB active_file:8kB inactive_file:212kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1644.174114][T25870] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1644.204073][T25870] lowmem_reserve[]: 0 2477 2478 2478 2478
[ 1644.209984][T25870] Node 0 DMA32 free:1014952kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:272136kB inactive_anon:32kB active_file:82240kB inactive_file:39684kB unevictable:1536kB writepending:1212kB zspages:0kB present:3129332kB managed:2537172kB mlocked:0kB bounce:0kB free_pcp:99920kB local_pcp:18920kB free_cma:0kB
[ 1644.243655][T25870] lowmem_reserve[]: 0 0 1 1 1
[ 1644.248564][T25870] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1048kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:0kB free_cma:0kB
[ 1644.278361][T25870] lowmem_reserve[]: 0 0 0 0 0
[ 1644.283233][T25870] Node 1 Normal free:3938108kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:8kB inactive_file:212kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1644.315253][T25870] lowmem_reserve[]: 0 0 0 0 0
[ 1644.320267][T25870] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1644.333285][T25870] Node 0 DMA32: 7204*4kB (UME) 5771*8kB (UME) 3586*16kB (UME) 529*32kB (UME) 550*64kB (UME) 480*128kB (UME) 394*256kB (UME) 277*512kB (UM) 112*1024kB (UME) 33*2048kB (UME) 84*4096kB (UM) = 1014952kB
[ 1644.353469][T25870] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[ 1644.365629][T25870] Node 1 Normal: 9*4kB (U) 9*8kB (UM) 11*16kB (U) 9*32kB (UM) 4*64kB (U) 6*128kB (UM) 3*256kB (UM) 3*512kB (UM) 2*1024kB (UM) 2*2048kB (UM) 959*4096kB (M) = 3938108kB
[ 1644.382922][T25870] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1644.393531][T25870] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[ 1644.402917][T25870] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1644.412546][T25870] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 1644.421921][T25870] 88533 total pagecache pages
[ 1644.426635][T25870] 0 pages in swap cache
[ 1644.430859][T25870] Free swap  = 124996kB
[ 1644.435116][T25870] Total swap = 124996kB
[ 1644.439348][T25870] 2097051 pages RAM
[ 1644.443201][T25870] 0 pages HighMem/MovableOnly
[ 1644.447914][T25870] 430881 pages reserved
[ 1644.452148][T25870] 0 pages cma reserved
[ 1644.755969][   T24] usb 3-1: config 0 interface 113 has no altsetting 0
[ 1644.779290][   T24] usb 3-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 1644.816663][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1644.982135][   T24] usb 3-1: Product: syz
[ 1644.989559][   T24] usb 3-1: Manufacturer: syz
[ 1644.994618][   T24] usb 3-1: SerialNumber: syz
[ 1645.014555][   T24] usb 3-1: config 0 descriptor??
[ 1645.022985][T25863] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1645.031812][    C1] usb 3-1: NFC: Urb failure (status -71)
[ 1645.037876][    C1] usb 3-1: NFC: Urb failure (status -71)
[ 1645.099670][T25883] Unsupported ieee802154 address type: 0
[ 1645.458165][   T24] usb 3-1: NFC: Unable to get FW version
[ 1646.352041][   T24] pn533_usb 3-1:0.113: probe with driver pn533_usb failed with error -71
[ 1646.904566][   T24] usb 3-1: USB disconnect, device number 120
[ 1647.954999][   T24] usb 3-1: new full-speed USB device number 121 using dummy_hcd
[ 1648.165938][   T24] usb 3-1: config 0 has an invalid interface number: 113 but max is 0
[ 1648.204284][   T24] usb 3-1: config 0 has no interface number 0
[ 1648.234561][   T24] usb 3-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 1648.286267][   T24] usb 3-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid maxpacket 65535, setting to 64
[ 1648.308463][   T24] usb 3-1: config 0 interface 113 has no altsetting 0
[ 1648.318125][   T24] usb 3-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 1648.417896][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1648.551607][   T24] usb 3-1: Product: syz
[ 1648.555944][   T24] usb 3-1: Manufacturer: syz
[ 1648.560623][   T24] usb 3-1: SerialNumber: syz
[ 1648.590693][   T24] usb 3-1: config 0 descriptor??
[ 1648.670893][T25919] netlink: 84 bytes leftover after parsing attributes in process `syz.5.5269'.
[ 1650.063708][T25900] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1650.162686][T25922] Device name cannot be null; rc = [-22]
[ 1650.200596][T25922] __vm_enough_memory: pid: 25922, comm: syz.3.5271, bytes: 4503599627366400 not enough memory for the allocation
[ 1650.426370][T25917] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1650.447609][    C1] usb 3-1: NFC: Urb failure (status -71)
[ 1650.453743][    C1] usb 3-1: NFC: Urb failure (status -71)
[ 1650.461659][   T24] usb 3-1: NFC: Unable to get FW version
[ 1650.475397][   T24] pn533_usb 3-1:0.113: probe with driver pn533_usb failed with error -71
[ 1650.496910][   T24] usb 3-1: USB disconnect, device number 121
[ 1651.131874][T25911] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1651.147885][T25911] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1651.525123][   T24] usb 3-1: new high-speed USB device number 122 using dummy_hcd
[ 1651.695473][T12972] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1651.720134][   T24] usb 3-1: Using ep0 maxpacket: 16
[ 1651.734493][   T24] usb 3-1: config 0 has an invalid interface number: 251 but max is 0
[ 1651.743476][   T24] usb 3-1: config 0 has no interface number 0
[ 1651.762489][T12972] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1651.786311][   T24] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[ 1651.816756][T12964] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1651.824719][   T24] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[ 1652.035653][   T24] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1652.044823][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1652.052949][   T24] usb 3-1: Product: syz
[ 1652.057149][   T24] usb 3-1: Manufacturer: syz
[ 1652.061963][   T24] usb 3-1: SerialNumber: syz
[ 1652.251116][T25953] tipc: Started in network mode
[ 1652.256091][T25953] tipc: Node identity , cluster identity 4711
[ 1652.262188][T25953] tipc: Failed to obtain node identity
[ 1652.267852][T25953] tipc: Enabling of bearer <eth:ip6gre0> rejected, failed to enable media
[ 1653.470767][   T24] usb 3-1: config 0 descriptor??
[ 1653.476353][T25938] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1653.484078][T25938] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1653.710191][T25938] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1653.714004][T25969] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1653.717706][T25938] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1653.732194][T25969] netlink: 44 bytes leftover after parsing attributes in process `syz.5.5286'.
[ 1653.759764][   T10] usb 4-1: new high-speed USB device number 108 using dummy_hcd
[ 1653.895766][T21063] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[ 1653.955724][T25938] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1653.964951][T25938] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1654.063363][   T10] usb 4-1: Using ep0 maxpacket: 16
[ 1654.069913][   T10] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1654.078593][   T10] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1654.088804][   T10] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1654.099301][   T10] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1654.415487][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1654.421308][   T24] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1654.423697][   T10] usb 4-1: Product: syz
[ 1654.438354][   T10] usb 4-1: Manufacturer: syz
[ 1654.439351][   T24] asix 3-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[ 1654.442958][   T10] usb 4-1: SerialNumber: syz
[ 1654.454232][   T24] asix 3-1:0.251: probe with driver asix failed with error -71
[ 1654.458041][T21063] usb 1-1: Using ep0 maxpacket: 8
[ 1654.472376][T21063] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1654.474734][   T24] usb 3-1: USB disconnect, device number 122
[ 1654.481277][T21063] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1654.505735][T21063] usb 1-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[ 1654.515126][T21063] usb 1-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[ 1654.523258][T21063] usb 1-1: Product: syz
[ 1654.527637][T21063] usb 1-1: Manufacturer: syz
[ 1654.532456][T21063] usb 1-1: SerialNumber: syz
[ 1654.540588][T21063] usb 1-1: config 0 descriptor??
[ 1654.937906][   T30] audit: type=1326 audit(1773445219.288:1529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25957 comm="syz.3.5282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1654.972110][   T30] audit: type=1326 audit(1773445219.288:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25957 comm="syz.3.5282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1655.019741][   T10] usb 4-1: 0:2 : does not exist
[ 1655.128837][   T30] audit: type=1326 audit(1773445219.288:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25957 comm="syz.3.5282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1655.265045][   T30] audit: type=1326 audit(1773445219.288:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25957 comm="syz.3.5282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1655.324677][   T30] audit: type=1326 audit(1773445219.288:1533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25957 comm="syz.3.5282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa51d99c42b code=0x7ffc0000
[ 1655.368537][   T30] audit: type=1326 audit(1773445219.288:1534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25957 comm="syz.3.5282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa51d99c42b code=0x7ffc0000
[ 1655.394649][   T30] audit: type=1326 audit(1773445219.316:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25957 comm="syz.3.5282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa51d95cfce code=0x7ffc0000
[ 1655.418715][   T30] audit: type=1326 audit(1773445219.512:1536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25957 comm="syz.3.5282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1655.442318][   T30] audit: type=1326 audit(1773445219.512:1537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25957 comm="syz.3.5282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51d99c799 code=0x7ffc0000
[ 1655.466037][   T30] audit: type=1326 audit(1773445219.521:1538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25957 comm="syz.3.5282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa51d99c42b code=0x7ffc0000
[ 1655.566042][   T24] usb 3-1: new full-speed USB device number 123 using dummy_hcd
[ 1655.749078][   T24] usb 3-1: config 0 has an invalid interface number: 113 but max is 0
[ 1655.757382][   T24] usb 3-1: config 0 has no interface number 0
[ 1655.763671][   T24] usb 3-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 1655.775341][   T24] usb 3-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid maxpacket 65535, setting to 64
[ 1655.786679][   T24] usb 3-1: config 0 interface 113 has no altsetting 0
[ 1655.830539][   T24] usb 3-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 1655.852965][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1655.862789][   T24] usb 3-1: Product: syz
[ 1655.869328][   T24] usb 3-1: Manufacturer: syz
[ 1655.873947][   T24] usb 3-1: SerialNumber: syz
[ 1655.895134][   T24] usb 3-1: config 0 descriptor??
[ 1655.909598][T25989] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1655.918311][    C1] usb 3-1: NFC: Urb failure (status -71)
[ 1655.924635][    C1] usb 3-1: NFC: Urb failure (status -71)
[ 1655.933652][   T24] usb 3-1: NFC: Unable to get FW version
[ 1655.939473][   T24] pn533_usb 3-1:0.113: probe with driver pn533_usb failed with error -71
[ 1656.003215][   T10] usb 4-1: 1:0: failed to get current value for ch 0 (-22)
[ 1656.032479][   T10] usb 4-1: USB disconnect, device number 108
[ 1656.051426][T24532] udevd[24532]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1656.139778][   T24] usb 3-1: USB disconnect, device number 123
[ 1656.374604][T21063] usb 1-1: USB disconnect, device number 7
[ 1657.040845][T21063] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[ 1657.513627][   T10] usb 4-1: new high-speed USB device number 109 using dummy_hcd
[ 1657.971494][T21063] usb 1-1: Using ep0 maxpacket: 8
[ 1657.994694][   T10] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1658.012800][T21063] usb 1-1: config 8 has an invalid interface number: 243 but max is 0
[ 1658.025464][T21063] usb 1-1: config 8 has no interface number 0
[ 1658.040845][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1658.058286][T21063] usb 1-1: config 8 interface 243 has no altsetting 0
[ 1658.075894][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1658.090162][   T10] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1658.190422][T21063] usb 1-1: New USB device found, idVendor=2c7c, idProduct=0306, bcdDevice=ae.5f
[ 1658.216781][T21063] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1658.260646][T21063] usb 1-1: Product: syz
[ 1658.296889][   T10] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1658.315412][T21063] usb 1-1: Manufacturer: syz
[ 1658.332598][T21063] usb 1-1: SerialNumber: syz
[ 1658.343716][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1658.556672][   T10] usb 4-1: config 0 descriptor??
[ 1658.944391][T26011] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1659.300854][T25527] usb 3-1: new high-speed USB device number 124 using dummy_hcd
[ 1659.477434][T21063] qmi_wwan 1-1:8.243: probe with driver qmi_wwan failed with error -22
[ 1659.500402][T21063] usb 1-1: USB disconnect, device number 8
[ 1659.698792][   T10] plantronics 0003:047F:FFFF.003D: reserved main item tag 0xd
[ 1659.721547][T26014] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5302'.
[ 1659.742035][   T10] plantronics 0003:047F:FFFF.003D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1659.776534][T25527] usb 3-1: Using ep0 maxpacket: 32
[ 1660.025366][T25527] usb 3-1: config 0 has an invalid interface number: 89 but max is 0
[ 1660.033486][T25527] usb 3-1: config 0 has no interface number 0
[ 1660.040818][T25527] usb 3-1: config 0 interface 89 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1660.050669][T25527] usb 3-1: config 0 interface 89 has no altsetting 0
[ 1660.122440][T25527] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4a
[ 1660.146049][T25527] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1660.157828][T26051] xt_CT: No such helper "snmp_trap"
[ 1660.164786][T25527] usb 3-1: Product: syz
[ 1660.169060][T25527] usb 3-1: Manufacturer: syz
[ 1660.175758][T25527] usb 3-1: SerialNumber: syz
[ 1660.183408][T25527] usb 3-1: config 0 descriptor??
[ 1660.192163][T25527] em28xx 3-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[ 1660.201756][T25527] em28xx 3-1:0.89: Video interface 89 found:
[ 1660.883432][   T30] kauditd_printk_skb: 12 callbacks suppressed
[ 1660.883448][   T30] audit: type=1400 audit(1773445224.854:1551): avc:  denied  { create } for  pid=26060 comm="syz.5.5313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1660.910770][T25527] em28xx 3-1:0.89: unknown em28xx chip ID (0)
[ 1660.920424][   T30] audit: type=1400 audit(1773445224.854:1552): avc:  denied  { connect } for  pid=26060 comm="syz.5.5313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1660.987384][   T30] audit: type=1400 audit(1773445224.854:1553): avc:  denied  { name_bind } for  pid=26060 comm="syz.5.5313" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=udp_socket permissive=1
[ 1661.019785][   T30] audit: type=1400 audit(1773445224.854:1554): avc:  denied  { ioctl } for  pid=26060 comm="syz.5.5313" path="socket:[114308]" dev="sockfs" ino=114308 ioctlcmd=0x7459 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1661.063054][   T30] audit: type=1400 audit(1773445224.854:1555): avc:  denied  { setopt } for  pid=26060 comm="syz.5.5313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1661.487937][T21063] usb 4-1: reset high-speed USB device number 109 using dummy_hcd
[ 1661.576683][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1661.711517][T25527] em28xx 3-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[ 1661.756459][T25527] em28xx 3-1:0.89: board has no eeprom
[ 1661.872245][T25527] em28xx 3-1:0.89: Identified as Terratec Grabby (card=67)
[ 1661.884187][T25527] em28xx 3-1:0.89: analog set to bulk mode.
[ 1661.911989][   T24] em28xx 3-1:0.89: Registering V4L2 extension
[ 1661.943401][T25527] usb 3-1: USB disconnect, device number 124
[ 1661.961048][T25527] em28xx 3-1:0.89: Disconnecting em28xx
[ 1662.001149][   T24] em28xx 3-1:0.89: Config register raw data: 0xffffffed
[ 1662.029048][   T24] em28xx 3-1:0.89: AC97 chip type couldn't be determined
[ 1662.410681][T21063] usb 4-1: device descriptor read/64, error -71
[ 1662.706811][T21063] usb 4-1: reset high-speed USB device number 109 using dummy_hcd
[ 1662.710202][   T24] em28xx 3-1:0.89: No AC97 audio processor
[ 1662.793444][T26092] FAULT_INJECTION: forcing a failure.
[ 1662.793444][T26092] name failslab, interval 1, probability 0, space 0, times 0
[ 1662.804234][   T24] usb 3-1: Decoder not found
[ 1662.881042][T26093] netlink: 'syz.2.5321': attribute type 1 has an invalid length.
[ 1662.968172][T26095] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5321'.
[ 1662.989729][   T24] em28xx 3-1:0.89: failed to create media graph
[ 1663.020926][   T24] em28xx 3-1:0.89: V4L2 device video103 deregistered
[ 1663.055782][   T24] em28xx 3-1:0.89: Registering snapshot button...
[ 1663.070666][T26092] CPU: 0 UID: 0 PID: 26092 Comm: syz.6.5322 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1663.070697][T26092] Tainted: [L]=SOFTLOCKUP
[ 1663.070703][T26092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1663.070714][T26092] Call Trace:
[ 1663.070720][T26092]  <TASK>
[ 1663.070727][T26092]  dump_stack_lvl+0x100/0x190
[ 1663.070763][T26092]  should_fail_ex.cold+0x5/0xa
[ 1663.070787][T26092]  should_failslab+0xc2/0x120
[ 1663.070805][T26092]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1663.070828][T26092]  ? vhost_iotlb_alloc+0x47/0x1d0
[ 1663.070854][T26092]  ? find_held_lock+0x2b/0x80
[ 1663.070881][T26092]  vhost_iotlb_alloc+0x47/0x1d0
[ 1663.070907][T26092]  vhost_init_device_iotlb+0x2a/0x290
[ 1663.070934][T26092]  vhost_vsock_dev_ioctl+0x8e4/0xb60
[ 1663.070958][T26092]  ? __fget_files+0x215/0x3d0
[ 1663.070975][T26092]  ? hook_file_ioctl_common+0x146/0x410
[ 1663.071005][T26092]  ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10
[ 1663.071035][T26092]  ? selinux_file_ioctl+0xb4/0x290
[ 1663.071061][T26092]  ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10
[ 1663.071088][T26092]  __x64_sys_ioctl+0x18e/0x210
[ 1663.071117][T26092]  do_syscall_64+0x106/0xf80
[ 1663.071138][T26092]  ? clear_bhb_loop+0x40/0x90
[ 1663.071161][T26092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1663.071179][T26092] RIP: 0033:0x7fe30d99c799
[ 1663.071194][T26092] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1663.071211][T26092] RSP: 002b:00007fe30e81e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1663.071229][T26092] RAX: ffffffffffffffda RBX: 00007fe30dc16090 RCX: 00007fe30d99c799
[ 1663.071241][T26092] RDX: 0000200000000100 RSI: 000000004008af00 RDI: 0000000000000003
[ 1663.071252][T26092] RBP: 00007fe30e81e090 R08: 0000000000000000 R09: 0000000000000000
[ 1663.071262][T26092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1663.071272][T26092] R13: 00007fe30dc16128 R14: 00007fe30dc16090 R15: 00007ffeaf2e6288
[ 1663.071298][T26092]  </TASK>
[ 1663.081768][   T24] input: em28xx snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.89/input/input112
[ 1663.248933][T21063] usb 4-1: device firmware changed
[ 1663.270583][T26093] 8021q: adding VLAN 0 to HW filter on device bond8
[ 1663.879680][ T5823] Bluetooth: hci2: command 0x0406 tx timeout
[ 1664.159793][   T24] em28xx 3-1:0.89: Remote control support is not available for this card.
[ 1664.292715][T25527] em28xx 3-1:0.89: Closing input extension
[ 1664.329284][T25527] em28xx 3-1:0.89: Deregistering snapshot button
[ 1664.944039][T25527] em28xx 3-1:0.89: Freeing device
[ 1665.174525][   T10] usb 4-1: USB disconnect, device number 109
[ 1665.484545][T26125] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5331'.
[ 1665.947110][T26133] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5334'.
[ 1665.970339][T26133] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5334'.
[ 1667.847580][T21644] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[ 1668.086674][T21644] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1668.104068][T21644] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1668.126057][T21644] usb 1-1: Product: syz
[ 1668.130334][T21644] usb 1-1: Manufacturer: syz
[ 1668.148723][T21644] usb 1-1: SerialNumber: syz
[ 1668.547180][T21644] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1668.563893][   T24] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1668.630080][   T30] audit: type=1400 audit(1773445232.104:1556): avc:  denied  { append } for  pid=26159 comm="syz.3.5341" name="nbd3" dev="devtmpfs" ino=682 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1668.980806][   T10] usb 4-1: new full-speed USB device number 111 using dummy_hcd
[ 1669.022873][T26167] netlink: 'syz.2.5344': attribute type 1 has an invalid length.
[ 1669.083581][T26167] 8021q: adding VLAN 0 to HW filter on device bond9
[ 1669.166438][   T10] usb 4-1: config 0 has an invalid interface number: 113 but max is 0
[ 1669.216026][   T10] usb 4-1: config 0 has no interface number 0
[ 1669.366811][   T10] usb 4-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 1669.403043][   T10] usb 4-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid maxpacket 65535, setting to 64
[ 1670.059659][   T10] usb 4-1: config 0 interface 113 has no altsetting 0
[ 1670.080374][   T24] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[ 1670.087348][   T10] usb 4-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 1670.088176][   T24] ath9k_htc: Failed to initialize the device
[ 1670.099822][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1670.133483][   T24] usb 1-1: ath9k_htc: USB layer deinitialized
[ 1670.134230][   T10] usb 4-1: Product: syz
[ 1670.159114][   T10] usb 4-1: Manufacturer: syz
[ 1670.169366][   T10] usb 4-1: SerialNumber: syz
[ 1670.177073][   T10] usb 4-1: config 0 descriptor??
[ 1670.186775][T26162] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1670.196510][    C0] usb 4-1: NFC: Urb failure (status -71)
[ 1670.202930][    C0] usb 4-1: NFC: Urb failure (status -71)
[ 1670.211105][   T10] usb 4-1: NFC: Unable to get FW version
[ 1670.224484][   T10] pn533_usb 4-1:0.113: probe with driver pn533_usb failed with error -71
[ 1670.694362][   T10] usb 4-1: USB disconnect, device number 111
[ 1671.029247][T26183] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1671.144996][   T10] usb 1-1: USB disconnect, device number 9
[ 1671.364711][T26197] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5351'.
[ 1671.435777][T26199] netlink: 84 bytes leftover after parsing attributes in process `syz.2.5349'.
[ 1674.125079][   T10] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[ 1674.239718][T21063] usb 4-1: new full-speed USB device number 112 using dummy_hcd
[ 1674.295090][   T10] usb 1-1: Using ep0 maxpacket: 16
[ 1674.307396][   T10] usb 1-1: config 0 has an invalid interface number: 251 but max is 0
[ 1674.318591][   T10] usb 1-1: config 0 has no interface number 0
[ 1674.335458][   T10] usb 1-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[ 1674.349450][   T10] usb 1-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[ 1674.364036][   T10] usb 1-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1674.386245][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1674.405031][T21063] usb 4-1: config 0 has an invalid interface number: 113 but max is 0
[ 1674.419292][   T10] usb 1-1: Product: syz
[ 1674.424047][T21063] usb 4-1: config 0 has no interface number 0
[ 1674.430206][   T10] usb 1-1: Manufacturer: syz
[ 1674.435017][   T10] usb 1-1: SerialNumber: syz
[ 1674.439675][T21063] usb 4-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[ 1674.459682][   T10] usb 1-1: config 0 descriptor??
[ 1674.471281][T21063] usb 4-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid maxpacket 65535, setting to 64
[ 1674.471537][T26211] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1674.482924][T21063] usb 4-1: config 0 interface 113 has no altsetting 0
[ 1674.497804][T26211] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1674.515893][T21063] usb 4-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 1674.526541][T21063] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1674.534815][T21063] usb 4-1: Product: syz
[ 1674.539379][T21063] usb 4-1: Manufacturer: syz
[ 1674.546223][T21063] usb 4-1: SerialNumber: syz
[ 1674.561451][T21063] usb 4-1: config 0 descriptor??
[ 1674.567112][T26218] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1674.584384][    C0] usb 4-1: NFC: Urb failure (status -71)
[ 1674.590415][    C0] usb 4-1: NFC: Urb failure (status -71)
[ 1674.598581][T21063] usb 4-1: NFC: Unable to get FW version
[ 1674.604642][T21063] pn533_usb 4-1:0.113: probe with driver pn533_usb failed with error -71
[ 1674.738506][T26211] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1674.746382][T26211] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1675.040365][T26211] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1675.118434][T26211] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1675.419265][T21063] usb 4-1: USB disconnect, device number 112
[ 1675.865806][   T10] asix 1-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1675.877080][   T10] asix 1-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[ 1675.888273][   T10] asix 1-1:0.251: probe with driver asix failed with error -71
[ 1675.918270][   T10] usb 1-1: USB disconnect, device number 10
[ 1676.206656][T25527] usb 3-1: new high-speed USB device number 125 using dummy_hcd
[ 1676.388174][T25527] usb 3-1: Using ep0 maxpacket: 32
[ 1676.400518][T25527] usb 3-1: config 0 has an invalid interface number: 89 but max is 0
[ 1676.409421][T25527] usb 3-1: config 0 has no interface number 0
[ 1676.421669][T26237] program syz.3.5363 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1676.433974][T26237] FAULT_INJECTION: forcing a failure.
[ 1676.433974][T26237] name failslab, interval 1, probability 0, space 0, times 0
[ 1676.446677][T26237] CPU: 1 UID: 0 PID: 26237 Comm: syz.3.5363 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1676.446706][T26237] Tainted: [L]=SOFTLOCKUP
[ 1676.446712][T26237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1676.446723][T26237] Call Trace:
[ 1676.446730][T26237]  <TASK>
[ 1676.446736][T26237]  dump_stack_lvl+0x100/0x190
[ 1676.446769][T26237]  should_fail_ex.cold+0x5/0xa
[ 1676.446794][T26237]  should_failslab+0xc2/0x120
[ 1676.446812][T26237]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1676.446834][T26237]  ? percpu_ref_init+0xec/0x3f0
[ 1676.446861][T26237]  ? __pfx_io_ring_ctx_ref_free+0x10/0x10
[ 1676.446887][T26237]  percpu_ref_init+0xec/0x3f0
[ 1676.446912][T26237]  io_uring_setup.cold+0x23b/0x1df9
[ 1676.446944][T26237]  ? __pfx_io_uring_setup+0x10/0x10
[ 1676.446962][T26237]  ? find_held_lock+0x2b/0x80
[ 1676.446984][T26237]  ? avc_has_perm_noaudit+0x11e/0x3b0
[ 1676.447002][T26237]  ? avc_has_perm_noaudit+0x11e/0x3b0
[ 1676.447037][T26237]  ? exit_to_user_mode_loop+0xdd/0x4a0
[ 1676.447065][T26237]  ? rcu_is_watching+0x12/0xc0
[ 1676.447090][T26237]  __x64_sys_io_uring_setup+0xc2/0x170
[ 1676.447111][T26237]  do_syscall_64+0x106/0xf80
[ 1676.447133][T26237]  ? clear_bhb_loop+0x40/0x90
[ 1676.447169][T26237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1676.447187][T26237] RIP: 0033:0x7fa51d99c799
[ 1676.447203][T26237] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1676.447220][T26237] RSP: 002b:00007fa51e7a1fb8 EFLAGS: 00000206 ORIG_RAX: 00000000000001a9
[ 1676.447237][T26237] RAX: ffffffffffffffda RBX: 00007fa51dc16180 RCX: 00007fa51d99c799
[ 1676.447249][T26237] RDX: 0000200000000280 RSI: 0000200000000380 RDI: 0000000000001e1e
[ 1676.447260][T26237] RBP: 0000200000000380 R08: 0000000000000000 R09: 0000200000000280
[ 1676.447271][T26237] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1676.447281][T26237] R13: 0000200000002000 R14: 0000000000001e1e R15: 0000200000000280
[ 1676.447311][T26237]  </TASK>
[ 1676.656400][T25527] usb 3-1: config 0 interface 89 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1676.666439][T25527] usb 3-1: config 0 interface 89 has no altsetting 0
[ 1676.674901][T25527] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4a
[ 1676.684114][T25527] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1676.692170][T25527] usb 3-1: Product: syz
[ 1676.696441][T25527] usb 3-1: Manufacturer: syz
[ 1676.701109][T25527] usb 3-1: SerialNumber: syz
[ 1676.708288][T25527] usb 3-1: config 0 descriptor??
[ 1676.716118][T25527] em28xx 3-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[ 1676.726079][T25527] em28xx 3-1:0.89: Video interface 89 found:
[ 1677.974146][T25527] em28xx 3-1:0.89: unknown em28xx chip ID (0)
[ 1678.908016][T26263] Unsupported ieee802154 address type: 0
[ 1679.146910][T25527] em28xx 3-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[ 1679.162879][T25527] em28xx 3-1:0.89: board has no eeprom
[ 1679.231624][T25527] em28xx 3-1:0.89: Identified as Terratec Grabby (card=67)
[ 1679.240048][T25527] em28xx 3-1:0.89: analog set to bulk mode.
[ 1679.247456][   T24] em28xx 3-1:0.89: Registering V4L2 extension
[ 1679.257180][T25527] usb 3-1: USB disconnect, device number 125
[ 1679.331916][   T24] em28xx 3-1:0.89: reading from i2c device at 0x4a failed (error=-19)
[ 1679.341615][T25527] em28xx 3-1:0.89: Disconnecting em28xx
[ 1679.366405][T26268] bridge0: port 3(erspan0) entered blocking state
[ 1679.373764][T26268] bridge0: port 3(erspan0) entered disabled state
[ 1679.383313][T26268] erspan0: entered allmulticast mode
[ 1679.390284][   T24] em28xx 3-1:0.89: Config register raw data: 0xffffffed
[ 1679.403797][   T24] em28xx 3-1:0.89: AC97 chip type couldn't be determined
[ 1679.419402][T26268] erspan0: entered promiscuous mode
[ 1679.424921][   T24] em28xx 3-1:0.89: No AC97 audio processor
[ 1679.432022][   T24] usb 3-1: Decoder not found
[ 1679.445782][   T24] em28xx 3-1:0.89: failed to create media graph
[ 1679.481978][   T24] em28xx 3-1:0.89: V4L2 device video103 deregistered
[ 1679.493271][T26269] ==================================================================
[ 1679.501336][T26269] BUG: KASAN: slab-use-after-free in v4l2_fh_init+0x27d/0x2c0
[ 1679.508786][T26269] Read of size 8 at addr ffff888021b14748 by task v4l_id/26269
[ 1679.516294][T26269] 
[ 1679.518597][T26269] CPU: 0 UID: 0 PID: 26269 Comm: v4l_id Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1679.518612][T26269] Tainted: [L]=SOFTLOCKUP
[ 1679.518617][T26269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1679.518623][T26269] Call Trace:
[ 1679.518629][T26269]  <TASK>
[ 1679.518634][T26269]  dump_stack_lvl+0x100/0x190
[ 1679.518652][T26269]  print_report+0x156/0x4c9
[ 1679.518667][T26269]  ? __virt_addr_valid+0x81/0x620
[ 1679.518683][T26269]  ? __phys_addr+0xe8/0x180
[ 1679.518698][T26269]  ? v4l2_fh_init+0x27d/0x2c0
[ 1679.518710][T26269]  kasan_report+0xdf/0x1e0
[ 1679.518721][T26269]  ? v4l2_fh_init+0x27d/0x2c0
[ 1679.518735][T26269]  v4l2_fh_init+0x27d/0x2c0
[ 1679.518749][T26269]  v4l2_fh_open+0x64/0xa0
[ 1679.518762][T26269]  em28xx_v4l2_open+0x11e/0x570
[ 1679.518776][T26269]  v4l2_open+0x1d2/0x490
[ 1679.518790][T26269]  ? __pfx_v4l2_open+0x10/0x10
[ 1679.518804][T26269]  chrdev_open+0x234/0x6a0
[ 1679.518815][T26269]  ? __pfx_chrdev_open+0x10/0x10
[ 1679.518826][T26269]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1679.518840][T26269]  do_dentry_open+0x6d8/0x1660
[ 1679.518857][T26269]  ? __pfx_chrdev_open+0x10/0x10
[ 1679.518869][T26269]  vfs_open+0x82/0x3f0
[ 1679.518882][T26269]  path_openat+0x208c/0x31a0
[ 1679.518895][T26269]  ? __pfx_path_openat+0x10/0x10
[ 1679.518908][T26269]  do_file_open+0x20e/0x430
[ 1679.518920][T26269]  ? __pfx_do_file_open+0x10/0x10
[ 1679.518935][T26269]  ? alloc_fd+0x476/0x790
[ 1679.518947][T26269]  ? do_getname+0x191/0x390
[ 1679.518960][T26269]  do_sys_openat2+0x10d/0x1e0
[ 1679.518973][T26269]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1679.518989][T26269]  __x64_sys_openat+0x12d/0x210
[ 1679.519002][T26269]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1679.519016][T26269]  ? do_user_addr_fault+0x8d6/0x12f0
[ 1679.519028][T26269]  do_syscall_64+0x106/0xf80
[ 1679.519042][T26269]  ? clear_bhb_loop+0x40/0x90
[ 1679.519054][T26269]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1679.519065][T26269] RIP: 0033:0x7f9ef8ea7407
[ 1679.519075][T26269] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 1679.519086][T26269] RSP: 002b:00007ffc2c2e0c70 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 1679.519096][T26269] RAX: ffffffffffffffda RBX: 00007f9ef9587880 RCX: 00007f9ef8ea7407
[ 1679.519103][T26269] RDX: 0000000000000000 RSI: 00007ffc2c2e2f1b RDI: ffffffffffffff9c
[ 1679.519110][T26269] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[ 1679.519116][T26269] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1679.519122][T26269] R13: 00007ffc2c2e0ec0 R14: 00007f9ef968c000 R15: 000055a992ec84d8
[ 1679.519132][T26269]  </TASK>
[ 1679.519136][T26269] 
[ 1679.779299][T26269] Allocated by task 24:
[ 1679.783430][T26269]  kasan_save_stack+0x30/0x50
[ 1679.788098][T26269]  kasan_save_track+0x14/0x30
[ 1679.792756][T26269]  __kasan_kmalloc+0xaa/0xb0
[ 1679.797349][T26269]  em28xx_v4l2_init.cold+0x94/0x3503
[ 1679.802622][T26269]  em28xx_init_extension+0x13a/0x200
[ 1679.807905][T26269]  request_module_async+0x61/0x80
[ 1679.812935][T26269]  process_one_work+0x9d7/0x1920
[ 1679.817860][T26269]  worker_thread+0x5da/0xe40
[ 1679.822433][T26269]  kthread+0x370/0x450
[ 1679.826481][T26269]  ret_from_fork+0x754/0xd80
[ 1679.831047][T26269]  ret_from_fork_asm+0x1a/0x30
[ 1679.835789][T26269] 
[ 1679.838090][T26269] Freed by task 24:
[ 1679.841869][T26269]  kasan_save_stack+0x30/0x50
[ 1679.846530][T26269]  kasan_save_track+0x14/0x30
[ 1679.851188][T26269]  kasan_save_free_info+0x3b/0x70
[ 1679.856193][T26269]  __kasan_slab_free+0x5f/0x80
[ 1679.860938][T26269]  kfree+0x1f6/0x6b0
[ 1679.864810][T26269]  kref_put.isra.0+0x56/0x90
[ 1679.869376][T26269]  em28xx_v4l2_init.cold+0x280/0x3503
[ 1679.874733][T26269]  em28xx_init_extension+0x13a/0x200
[ 1679.879998][T26269]  request_module_async+0x61/0x80
[ 1679.885003][T26269]  process_one_work+0x9d7/0x1920
[ 1679.889919][T26269]  worker_thread+0x5da/0xe40
[ 1679.894483][T26269]  kthread+0x370/0x450
[ 1679.898529][T26269]  ret_from_fork+0x754/0xd80
[ 1679.903095][T26269]  ret_from_fork_asm+0x1a/0x30
[ 1679.907836][T26269] 
[ 1679.910141][T26269] The buggy address belongs to the object at ffff888021b14000
[ 1679.910141][T26269]  which belongs to the cache kmalloc-8k of size 8192
[ 1679.924254][T26269] The buggy address is located 1864 bytes inside of
[ 1679.924254][T26269]  freed 8192-byte region [ffff888021b14000, ffff888021b16000)
[ 1679.938207][T26269] 
[ 1679.940507][T26269] The buggy address belongs to the physical page:
[ 1679.946891][T26269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x21b10
[ 1679.955624][T26269] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1679.964095][T26269] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1679.971615][T26269] page_type: f5(slab)
[ 1679.975576][T26269] raw: 00fff00000000040 ffff88813fe40280 dead000000000100 dead000000000122
[ 1679.984137][T26269] raw: 0000000000000000 0000000800020002 00000000f5000000 0000000000000000
[ 1679.992698][T26269] head: 00fff00000000040 ffff88813fe40280 dead000000000100 dead000000000122
[ 1680.001342][T26269] head: 0000000000000000 0000000800020002 00000000f5000000 0000000000000000
[ 1680.009988][T26269] head: 00fff00000000003 ffffea000086c401 00000000ffffffff 00000000ffffffff
[ 1680.018633][T26269] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 1680.027278][T26269] page dumped because: kasan: bad access detected
[ 1680.033661][T26269] page_owner tracks the page as allocated
[ 1680.039346][T26269] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 17822, tgid 17812 (syz.0.3236), ts 1011986000161, free_ts 1011219425474
[ 1680.061026][T26269]  post_alloc_hook+0x153/0x170
[ 1680.065772][T26269]  get_page_from_freelist+0x111d/0x3140
[ 1680.071295][T26269]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[ 1680.077166][T26269]  new_slab+0xa6/0x6b0
[ 1680.081212][T26269]  refill_objects+0x26b/0x400
[ 1680.085865][T26269]  __pcs_replace_empty_main+0x1ab/0x660
[ 1680.091390][T26269]  __kmalloc_cache_noprof+0x493/0x6f0
[ 1680.096739][T26269]  audit_log_d_path+0xed/0x210
[ 1680.101479][T26269]  audit_log_d_path_exe+0x46/0x80
[ 1680.106482][T26269]  audit_log_task+0x2fe/0x3a0
[ 1680.111138][T26269]  audit_seccomp+0x7a/0x1f0
[ 1680.115614][T26269]  __seccomp_filter+0x896/0x1140
[ 1680.120525][T26269]  __secure_computing+0x221/0x2e0
[ 1680.125523][T26269]  do_syscall_64+0x568/0xf80
[ 1680.130093][T26269]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1680.135963][T26269] page last free pid 16688 tgid 16688 stack trace:
[ 1680.142433][T26269]  __free_frozen_pages+0x7e1/0x10d0
[ 1680.147607][T26269]  qlist_free_all+0x47/0xe0
[ 1680.152089][T26269]  kasan_quarantine_reduce+0x1a0/0x1f0
[ 1680.157526][T26269]  __kasan_slab_alloc+0x69/0x90
[ 1680.162362][T26269]  kmem_cache_alloc_lru_noprof+0x246/0x6e0
[ 1680.168171][T26269]  shmem_alloc_inode+0x25/0x50
[ 1680.172911][T26269]  alloc_inode+0x68/0x250
[ 1680.177224][T26269]  new_inode+0x22/0x1c0
[ 1680.181359][T26269]  shmem_get_inode+0x212/0x1040
[ 1680.186189][T26269]  shmem_mknod+0x20c/0x470
[ 1680.190587][T26269]  shmem_mkdir+0x31/0x80
[ 1680.194807][T26269]  vfs_mkdir+0x361/0x850
[ 1680.199037][T26269]  filename_mkdirat+0x48b/0x5e0
[ 1680.203863][T26269]  __x64_sys_mkdirat+0x89/0xc0
[ 1680.208606][T26269]  do_syscall_64+0x106/0xf80
[ 1680.213181][T26269]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1680.219052][T26269] 
[ 1680.221354][T26269] Memory state around the buggy address:
[ 1680.226958][T26269]  ffff888021b14600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1680.234995][T26269]  ffff888021b14680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1680.243037][T26269] >ffff888021b14700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1680.251070][T26269]                                               ^
[ 1680.257455][T26269]  ffff888021b14780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1680.265505][T26269]  ffff888021b14800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1680.273541][T26269] ==================================================================
[ 1680.340511][   T24] em28xx 3-1:0.89: Registering snapshot button...
[ 1680.347867][   T24] input: em28xx snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.89/input/input114
[ 1680.370335][   T24] em28xx 3-1:0.89: Remote control support is not available for this card.
[ 1680.433990][T25527] em28xx 3-1:0.89: Closing input extension
[ 1680.451086][T25527] em28xx 3-1:0.89: Deregistering snapshot button
[ 1680.493265][T26269] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1680.500490][T26269] CPU: 0 UID: 0 PID: 26269 Comm: v4l_id Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1680.511074][T26269] Tainted: [L]=SOFTLOCKUP
[ 1680.515384][T26269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1680.525423][T26269] Call Trace:
[ 1680.528697][T26269]  <TASK>
[ 1680.531608][T26269]  dump_stack_lvl+0x100/0x190
[ 1680.536276][T26269]  vpanic+0x552/0x970
[ 1680.540234][T26269]  ? __pfx_vpanic+0x10/0x10
[ 1680.544719][T26269]  ? v4l2_fh_init+0x27d/0x2c0
[ 1680.549377][T26269]  panic+0xd1/0xe0
[ 1680.553075][T26269]  ? __pfx_panic+0x10/0x10
[ 1680.557467][T26269]  ? v4l2_fh_init+0x27d/0x2c0
[ 1680.562127][T26269]  ? preempt_schedule_common+0x42/0xc0
[ 1680.567568][T26269]  ? check_panic_on_warn+0x1f/0x90
[ 1680.572677][T26269]  check_panic_on_warn.cold+0x19/0x34
[ 1680.578041][T26269]  end_report.part.0+0x3a/0x90
[ 1680.582796][T26269]  kasan_report.cold+0xe/0x18
[ 1680.587456][T26269]  ? v4l2_fh_init+0x27d/0x2c0
[ 1680.592115][T26269]  v4l2_fh_init+0x27d/0x2c0
[ 1680.596599][T26269]  v4l2_fh_open+0x64/0xa0
[ 1680.600919][T26269]  em28xx_v4l2_open+0x11e/0x570
[ 1680.605750][T26269]  v4l2_open+0x1d2/0x490
[ 1680.609972][T26269]  ? __pfx_v4l2_open+0x10/0x10
[ 1680.614718][T26269]  chrdev_open+0x234/0x6a0
[ 1680.619114][T26269]  ? __pfx_chrdev_open+0x10/0x10
[ 1680.624029][T26269]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1680.630337][T26269]  do_dentry_open+0x6d8/0x1660
[ 1680.635084][T26269]  ? __pfx_chrdev_open+0x10/0x10
[ 1680.639998][T26269]  vfs_open+0x82/0x3f0
[ 1680.644045][T26269]  path_openat+0x208c/0x31a0
[ 1680.648617][T26269]  ? __pfx_path_openat+0x10/0x10
[ 1680.653557][T26269]  do_file_open+0x20e/0x430
[ 1680.658041][T26269]  ? __pfx_do_file_open+0x10/0x10
[ 1680.663045][T26269]  ? alloc_fd+0x476/0x790
[ 1680.667357][T26269]  ? do_getname+0x191/0x390
[ 1680.671845][T26269]  do_sys_openat2+0x10d/0x1e0
[ 1680.676501][T26269]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1680.681682][T26269]  __x64_sys_openat+0x12d/0x210
[ 1680.686599][T26269]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1680.691953][T26269]  ? do_user_addr_fault+0x8d6/0x12f0
[ 1680.697218][T26269]  do_syscall_64+0x106/0xf80
[ 1680.701788][T26269]  ? clear_bhb_loop+0x40/0x90
[ 1680.706442][T26269]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1680.712310][T26269] RIP: 0033:0x7f9ef8ea7407
[ 1680.716792][T26269] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 1680.736379][T26269] RSP: 002b:00007ffc2c2e0c70 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 1680.744769][T26269] RAX: ffffffffffffffda RBX: 00007f9ef9587880 RCX: 00007f9ef8ea7407
[ 1680.752725][T26269] RDX: 0000000000000000 RSI: 00007ffc2c2e2f1b RDI: ffffffffffffff9c
[ 1680.760675][T26269] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[ 1680.768630][T26269] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1680.776585][T26269] R13: 00007ffc2c2e0ec0 R14: 00007f9ef968c000 R15: 000055a992ec84d8
[ 1680.784538][T26269]  </TASK>
[ 1680.787808][T26269] Kernel Offset: disabled
[ 1680.792118][T26269] Rebooting in 86400 seconds..