last executing test programs:

7m1.278453342s ago: executing program 3 (id=136):
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b7000000ff020100bfa30000000000000703000000feffff720aa9fff8ffffff71a4a9ff0000000072030200000000131d400500000000004704000001ed00006b030000000000001d440000000000007a0a00fe00ffffffc303000010010000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7109000000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a1074649c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c0dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6acdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e50002a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de5c028d6112a0c2d21b2dc98814106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c53218294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb118888876b617398d00a7526103ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fed000000007baa5b6a686b50f0937f778af083e08b7ab6cd9c65ba55f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddc42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293d364b9effa9a9406ac2683e231d4774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479517dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a79e59e1712c8c546768e5722da19fcdb4c2890cda1f96b952511e3a49d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767987d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca485683252b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c32040098e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a0032f37ff559be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1be62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee07751532d5e7d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070f66b2b388f0f744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e2fa3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef907000000f01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e015cb56119df72c7533a48d028a3a981463f25c068d4410dad0c74e2a9478fa3be18a1a27bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb581012fd7a8139166fd5e59c84f4ab07001b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe293308b2a146f12a4c205235924cee765d94b1cc06641247c773ab8d1abbeb03ea68"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff11, 0x0, 0xffffffffffffffff, 0xfffffffffffffea5}, 0x48)
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f00000002c0)={0x8, @sliced={0x8001, [0x6, 0x6, 0x6, 0x400, 0x8, 0x1ff, 0x3, 0x0, 0x79a, 0x6, 0x150a, 0x7fff, 0x7, 0x8, 0x6, 0x2, 0xfffb, 0x7, 0xfffd, 0x7, 0x80, 0x8000, 0x2, 0x4294, 0x4, 0x5, 0xeb95, 0x1, 0xa, 0x4, 0x5, 0x7, 0x0, 0x7f, 0xa62c, 0x7, 0xffff, 0x8, 0x40, 0x9, 0x6, 0x6, 0xf, 0x8, 0x193, 0x9, 0x7, 0xfcc4], 0x6}})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0)
write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0xff70)
ioctl$TCXONC(r1, 0x540a, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100))
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x802, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ff2000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fed000/0x13000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xd37c, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000140), 0x10)
r4 = syz_open_dev$sndmidi(&(0x7f00000001c0), 0x7ca1, 0x10000)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r4, 0x810c5701, &(0x7f00000003c0))
openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x301000)

7m1.07756358s ago: executing program 3 (id=139):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x37, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x4, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x1, 0x8, 0xd, 0x0, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10000, 0x0, 0x91, 0x4, 0x4, 0x16, 0x10, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x9, 0x4], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x809, 0x4, 0x10a7, 0x1000, 0x0, 0x200b398, 0x400080, 0x1, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x1, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x4e, 0x9, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xffe, 0x10000a, 0x2, 0x400, 0x3e55, 0x5, 0xd3, 0x8, 0x97f7, 0x3, 0xd, 0x9e9, 0x601, 0x101, 0xdd80, 0x60a0, 0xfffffffc, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0xf47, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x7, 0x1e, 0x9, 0x8000081, 0x3, 0x9d82, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x100009, 0xc, 0xffffffff, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x1ff, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x1, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x6, 0x463f, 0x4, 0xdab, 0x6, 0x8, 0x14000, 0x1, 0x9]}, 0x45c) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x21000, 0x0)
ioctl$TIOCMIWAIT(r2, 0x545c, 0x300fff2) (async)
ioctl$TIOCMSET(r2, 0x5418, &(0x7f0000002200)=0xf1ed) (async)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x517e80, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
r6 = socket(0x400000000010, 0x3, 0x0) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24040084)
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)=@newqdisc={0x34, 0x28, 0x4ee4e6a52ff56541, 0x70bd2c, 0xfffffdfc, {0x0, 0x0, 0x0, r10, {0xfff2}, {0xffff, 0xffff}, {0x2, 0xa}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x2004805d}, 0x0) (async)
r11 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000800)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001a40)=@newtfilter={0x770, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r12, {0x4, 0xa}, {0x0, 0xd}, {0xffe0, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x744, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x8}]}}, @TCA_BPF_ACT={0x72c, 0x1, [@m_ct={0xcc, 0x1f, 0x0, 0x0, {{0x7}, {0x90, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @local}, @TCA_CT_NAT_PORT_MIN={0x47, 0xd, 0x4e20}, @TCA_CT_MARK, @TCA_CT_LABELS={0x14, 0x7, "d26d8314d8a3f13aac0fe472a5b68aec"}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @mcast2}, @TCA_CT_ZONE={0x6, 0x4, 0x6}, @TCA_CT_MARK={0x8, 0x5, 0x7}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @private0={0xfc, 0x0, '\x00', 0x1}}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @empty}, @TCA_CT_MARK_MASK={0x8, 0x6, 0x3}]}, {0x15, 0x6, "afcbe854fe575a3a8af36de31234801e0b"}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}, @m_mirred={0x118, 0x9, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x3, 0x3, 0x0, 0xc, 0xfffffc0e}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1ff, 0x6, 0x7, 0x1, 0x1}, 0x2, r12}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x3, 0x751, 0x20000000, 0x80, 0x4}, 0x2, r12}}]}, {0x8a, 0x6, "31570c5c087a8a2a8d30410c5b6afb7f2a372f13037a952b32528a632a2bde21b12e5ec9a670a6ec8f21b6281cbe592f3dda0855baacc96358a1a33fb6e005244849f613a8b275c205a21abc675be3a8e49406386c0eef229e419e41008cc5f72171232ced40af878450ecae89b58965e5863c22b942079bd6223297651154bb0fd5199de432"}, {0xc, 0x7, {0xaf265667642a4f82, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_nat={0x198, 0xb, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0xffff, 0x4, 0x4, 0x6, 0xa}, @broadcast, @remote, 0xffffff00}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x8, 0x1000, 0x5, 0x6121, 0x6}, @broadcast, @local, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x3, 0x1000, 0xffffffffffffffff, 0x2, 0x8}, @dev={0xac, 0x14, 0x14, 0x38}, @multicast2, 0xffffff00}}]}, {0xf8, 0x6, "b61e9f0da34dea5c82817f73d7dc1ec20481b813205d8e628e4512c807cb2d82390ad63cfdeed6568ebb8cde1b1a5dc9173915da92966c8408205790b4689d6a131e0d497fcc2669aaedb171b3a92102dfccc1087552093dce75161e0b1816f12fdaaa27072ca1373223de20f51687ff0e2806db419c7bf4d202f6bcbb6e7475d1acdddb22ad33abe97a2c6bcb579e3ff7919114e6c51e0b66464fc7ba4d70c1941064224b1d0e103d59dc0f058de8d2e688cbfff20a764bcb4f71d2a194f5d812099fc0939ebdbed7e531ea35490a266c54b548df680eb651660bd74bb1597bdc0e7d3f7e0a3d766d6221ff0989cbe5a678807f"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_mirred={0x1a8, 0xf, 0x0, 0x0, {{0xb}, {0x84, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x5, 0x2, 0x4, 0x400, 0x7}, 0x4, r12}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x925e, 0x10000, 0x5, 0x6, 0x10001}, 0x2, r12}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x2, 0x4, 0x2, 0x5, 0x4}, 0x0, r12}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0x9, 0x4, 0x3, 0x3}, 0x3, r12}}]}, {0xf9, 0x6, "025c886eb7ea51380715cb6ef7ce424a9255324e9b30b6f0ed7ccbf4d37aa4a4d953495dcb090b45ca5e0af90e3b7d93e693a4d4c46e1758ee5f1ba0f02606268db852ce89e8932222eccd9220e8211e058e0de44e04cdabaf324ba0fc77c986e6c5a28712378277588cd0b1cf9ce835c46cabd035ad512666034ef8e4291716dfa5b2018ac20444707bd1eb03e800c8494da354f1b0384aa672fb045c7211050c4dddfb05ae80f90b8425e2860ce78988752b209d4f65e810afe87809574e634492f2f77f8ec53a9e21f27ad619a4c94f7122160febb2b41d8bd266bbba96a34b72c9e1bb1bef47f50f283d73c1191b13dccd5ea3"}, {0xc}, {0xc, 0x8, {0x2}}}}, @m_nat={0x204, 0x1f, 0x0, 0x0, {{0x8}, {0x11c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x7f, 0x4, 0xfffffffffffffff7, 0xe34}, @loopback, @multicast2, 0xff000000}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x7, 0x4, 0xffffffffffffffff, 0x4, 0x1}, @multicast1, @rand_addr=0x64010102}}, @TCA_NAT_PARMS={0x28, 0x1, {{0xffffff0d, 0x6, 0x6, 0x1, 0x2}, @broadcast, @rand_addr=0x64010102, 0xff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x2, 0x9, 0x5, 0x6, 0x8}, @multicast2, @dev={0xac, 0x14, 0x14, 0xd}, 0xff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x8, 0xc, 0x3, 0x3, 0x7}, @broadcast, @remote, 0xffffff00, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x80, 0x2, 0x5, 0x5, 0x101}, @broadcast, @multicast2, 0xffff00, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x8aa1, 0x4, 0x1, 0x7}, @private=0xa010101, @rand_addr=0x64010101, 0xffffffff, 0x1}}]}, {0xc2, 0x6, "b367c5f5154c7b6a4dca114d8f822e1c345bef8891e87553b6caeae37b3a5d492e76740a936de19d28daebbc0f6ac29c092d9d34110706cb4b37ce791b8db7545198ba370577cee4d92d04e82c3d46c52803292b51fbd9f370b05a091edc81b243bc80d70b14711c6d7a8ad7fddbd087f149c794d32f7b8106667af0667f6a34c0da750b9041bb1678e0204b15b3a6fac940df2775c03ed87d63a07af7c5a4ca157c280fa3cc149b95f802ed0fc7c0f83ba876a40f54842aa00945597e31"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x770}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804) (async)
close(0x4) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000040000000000000000900009500000000007200"], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94) (async)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0xfffffffffffffffe, 0x40000000000180, 0x2, 0x6, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x4, 0x5, 0x4, 0x8], 0x25000, 0x304})
ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000280)={0x1, 0x0, [{0xb, 0x5, 0x1, 0x400, 0x1, 0x2, 0x3}]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r13 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
dup(r13) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r13, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})

7m0.946019914s ago: executing program 3 (id=140):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_ABSBIT(r0, 0x40045567, 0x0)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f00000002c0)={0x3f})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
write$uinput_user_dev(r0, &(0x7f0000001740)={'syz1\x00', {0x8000}, 0x0, [0x9, 0x0, 0x0, 0x0, 0x0, 0xa5b0e763, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, 0xc0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x1, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x2e2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x487, 0xd6, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x1, 0x1000, 0x13], [0x0, 0x266, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x8001, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x7, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x27, 0x0, 0x0, 0x1c0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x400, 0x40, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0xe8c, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x0, 0x0, 0xfffffffb, 0x806, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xff, 0x0, 0x0, 0x0, 0x28000000, 0x0, 0x0, 0x0, 0x0, 0x1fffffe], [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9000000, 0x0, 0x0, 0x0, 0x0, 0x4000004, 0x0, 0x9, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xff, 0x0, 0x4, 0x0, 0xfffffffe, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6]}, 0x45c)

7m0.841850618s ago: executing program 3 (id=141):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) (async)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2) (async)
ptrace(0x10, r2)
ptrace$PTRACE_SETSIGMASK(0x420b, r2, 0x8, &(0x7f0000000100)={[0x5]})
ptrace$getregs(0x8, r2, 0x7, &(0x7f0000000340)=""/216) (async)
ptrace$getregs(0x8, r2, 0x7, &(0x7f0000000340)=""/216)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) (async)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000001080)='./file0/../file0/../file0/../file0/file0\x00', &(0x7f0000000080)='./file0/../file0/../file0/../file0\x00')
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)=ANY=[@ANYBLOB="1400000010000100f7000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc08000340000000144c0000000c0a410100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100d10300000c000440000000000000000114000000110001"], 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
fsopen(&(0x7f0000000000)='gfs2\x00', 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$NFT_MSG_GETSETELEM(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x40, 0xd, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "ffd7"}]}]}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000) (async)
sendmsg$NFT_MSG_GETSETELEM(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x40, 0xd, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "ffd7"}]}]}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000)

7m0.746752325s ago: executing program 3 (id=142):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec778000)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f002, 0x4})
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r2, 0x40045542, &(0x7f0000000b00))
syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x40002)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r4 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r4, 0x8)
close_range(r1, 0xffffffffffffffff, 0x0)

7m0.394068269s ago: executing program 3 (id=144):
futex(&(0x7f000000cffc)=0x1, 0x0, 0x8, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x5, 0x3, 0x0, &(0x7f00000011c0)=0x8, 0x4000000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x101001, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x1bf, 0x0, &(0x7f0000000940)="b461802305624431ed33730100010446b20aed0200000000000000d5fe00c6fc6ef8eef9757a601bee936390009c5bbd000000003632b69f0eb2062818f298ed60aba81127a8222e48304d5a8fdfab21bc5f6322cbfac4973cf2bef7c0b4452e43e69aa108690000093f656d8f630632395fd3377dc1ee6daeeae21d79df2cb07600dbf28eda3f94df97f6296b9bc0a0aa770b5588c5b3ca96e7e20df71b37ba8bb62cd98e8a769e328b576d95a704d70ed5c912892bf262449c11e04358fe042dd0a0b442c1b77214b2d03d3af9b1221037c7c73ef3198a305c307d04359d36d82eb73831e60655d8d9cf32944ba083d99b79ebe813c1d6a89a059dd96895d3d3b4e2670f119011ebcdd2d7acdb8f6f2ad2da687847680c3d1d8b78dc3cb1bd4c31f235bb382b04f8fd18697903baa36c0a05a3f7ac22760485efa4044351a5ad0a4b720b923025a5d0d566a6e5a65e24f9211ed34007ccf27d7efbf59d0182e5298cede8ab4dce1b29cc194557b4c426000073fbe6d35728c6ff025e4dd5fa4c575e0ed372ece9e1d48e893e0ded8159eb46efd9ceaedb4afe46dd984363399fbd610979b0bc7e7f73348f6837c6a53b05504ce70f83bab48fc199fd6265", 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9cf}, 0x50)
r2 = syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x2)
ioctl$FIBMAP(r2, 0x1, &(0x7f0000000040)=0x85)
ioctl$PTP_PEROUT_REQUEST(r1, 0x40043d0d, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r3, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0xb0, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x74}, {0x6, 0x16, 0x4}, {0x5}, {0x6, 0x11, 0xc}, {0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x1ff}, {0x6, 0x16, 0x4}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x42}, {0x8, 0xb, 0x2}}]}, 0xb0}}, 0x4c010)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="60000000020601080000000000000000000000001400078008001240000000000500150000000000050005000a000000050001000700000005000400000000000900020073797a310000000011000300686173683a69702c706f7274000000007381d576c689804cf3d39db1f36d2072b9dc356fe19e715ca1934f3bbb5df13403eb"], 0x60}}, 0x0)

6m59.759284195s ago: executing program 32 (id=144):
futex(&(0x7f000000cffc)=0x1, 0x0, 0x8, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x5, 0x3, 0x0, &(0x7f00000011c0)=0x8, 0x4000000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x101001, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x1bf, 0x0, &(0x7f0000000940)="b461802305624431ed33730100010446b20aed0200000000000000d5fe00c6fc6ef8eef9757a601bee936390009c5bbd000000003632b69f0eb2062818f298ed60aba81127a8222e48304d5a8fdfab21bc5f6322cbfac4973cf2bef7c0b4452e43e69aa108690000093f656d8f630632395fd3377dc1ee6daeeae21d79df2cb07600dbf28eda3f94df97f6296b9bc0a0aa770b5588c5b3ca96e7e20df71b37ba8bb62cd98e8a769e328b576d95a704d70ed5c912892bf262449c11e04358fe042dd0a0b442c1b77214b2d03d3af9b1221037c7c73ef3198a305c307d04359d36d82eb73831e60655d8d9cf32944ba083d99b79ebe813c1d6a89a059dd96895d3d3b4e2670f119011ebcdd2d7acdb8f6f2ad2da687847680c3d1d8b78dc3cb1bd4c31f235bb382b04f8fd18697903baa36c0a05a3f7ac22760485efa4044351a5ad0a4b720b923025a5d0d566a6e5a65e24f9211ed34007ccf27d7efbf59d0182e5298cede8ab4dce1b29cc194557b4c426000073fbe6d35728c6ff025e4dd5fa4c575e0ed372ece9e1d48e893e0ded8159eb46efd9ceaedb4afe46dd984363399fbd610979b0bc7e7f73348f6837c6a53b05504ce70f83bab48fc199fd6265", 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9cf}, 0x50)
r2 = syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x2)
ioctl$FIBMAP(r2, 0x1, &(0x7f0000000040)=0x85)
ioctl$PTP_PEROUT_REQUEST(r1, 0x40043d0d, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r3, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0xb0, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x74}, {0x6, 0x16, 0x4}, {0x5}, {0x6, 0x11, 0xc}, {0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x1ff}, {0x6, 0x16, 0x4}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x42}, {0x8, 0xb, 0x2}}]}, 0xb0}}, 0x4c010)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="60000000020601080000000000000000000000001400078008001240000000000500150000000000050005000a000000050001000700000005000400000000000900020073797a310000000011000300686173683a69702c706f7274000000007381d576c689804cf3d39db1f36d2072b9dc356fe19e715ca1934f3bbb5df13403eb"], 0x60}}, 0x0)

4.772445491s ago: executing program 4 (id=2825):
syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
syz_open_dev$video4linux(&(0x7f0000000000), 0x101, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socket(0x1d, 0x5, 0x26)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, &(0x7f0000000200)=0x20022a, 0x4)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0)
syz_open_dev$evdev(0x0, 0x1, 0x80000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000040)=0x12, 0x4)

4.63450373s ago: executing program 4 (id=2826):
syz_usb_connect(0x2, 0x2d, &(0x7f0000000540)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b00010000000009040800010300", @ANYBLOB="9fcf"], 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x40c4}, 0x20008000)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000100)=""/95)

4.358500529s ago: executing program 2 (id=2829):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000640)="5500000014006b02c84e21100af32c6e0a0675f8d34460400000014000005c1e6182949a36c23d3b48dfd8cdbf9367b498fa51f60a64c9f4d493803792684b71bdd70000b6c0504bb9183132be471b93c91b5d7870", 0x55}, {&(0x7f0000000080)="a07cd94cc044f0b654a431a7ec2c601af3d818b3db502390ab8764cbb0d3c14004cfe768e1617fab122ca333f5040f72c72486e0dee045543b3280211d7a6b23ee5fa97ef7307a890929d7c8660d8fe51111f3382e739ce65aec1e1e60429f662ffa69b1bb7c9fbd7e2f33a1c8fd6eb17f86bd0b8aa39d4b9de2f32cad91cadad2daaaa6967bc07ebdb628b0e4cb595256c6756f686a13b53485937b647adc00"/175, 0xaf}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)

4.258127233s ago: executing program 2 (id=2830):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
syz_open_dev$vim2m(&(0x7f0000000080), 0x4, 0x2)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000207d1e5a2d00000000000109022400010000000009040000010300000009210000000122"], 0x0)
r0 = dup(0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFCONF(r2, 0x8940, &(0x7f0000000100)=@buf={0x0, &(0x7f0000000440)})
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad", 0x1)
sendmsg$IPVS_CMD_GET_SERVICE(r0, 0x0, 0x805)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000d71000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000179000/0x2000)=nil)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)

4.11519764s ago: executing program 1 (id=2831):
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0500000008002000050000007f00000001000000", @ANYRES32=0x1, @ANYBLOB="3b0000000000000058000000006f9f6ee3000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000400)='6', &(0x7f0000000340), 0xca, r2}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000080)={0x0, &(0x7f0000000140)=""/167, &(0x7f0000000040), &(0x7f0000000280), 0x1, r2}, 0x38)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x40}}, 0x80)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r3, 0x3ba0, &(0x7f0000000100)={0x48, 0x1, r4, 0x0, 0x4, 0x10001})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r3, 0x3ba0, &(0x7f0000000000)={0x48, 0x1, r4, 0x0, 0x1000, 0x2000})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x50, 0x10, 0x401, 0x0, 0x25dfdbfd, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x308, {{0x0, 0x0, 0x0, 0x0, 0x40000, 0x100a8}}}}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x3}]}, 0x50}}, 0x40080)
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f00000007c0)={0x28, 0x6, r4, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1004000})
pselect6(0x40, &(0x7f0000000100)={0x0, 0x200000000, 0x0, 0x0, 0x2, 0x0, 0x571b}, 0x0, &(0x7f0000000140)={0x1f, 0x1000000, 0x23, 0x1, 0x8000000002, 0x0, 0x6a9}, 0x0, 0x0)

3.210130572s ago: executing program 4 (id=2840):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x6b8, 0x2d0, 0x500, 0x0, 0x3e8, 0x2d0, 0x5e8, 0x5e8, 0x5e8, 0x5e8, 0x5e8, 0x6, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @mcast1, [0xff], [], 'veth1\x00', 'syz_tun\x00'}, 0x11e, 0xa8, 0x1d0, 0x1f000000, {0x0, 0x7}}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'unconfined\x00'}}}, {{@uncond, 0x0, 0xd8, 0x100, 0x7400, {}, [@common=@ah={{0x30}, {[0x4d2, 0x4d2], 0xfffffff0, 0x0, 0x562a76cf5643b94e}}]}, @HL={0x28, 'HL\x00', 0x0, {0x3, 0x8}}}, {{@ipv6={@empty, @private0, [0x0, 0xffffff00, 0x0, 0xffff00], [], 'sit0\x00', 'sit0\x00'}, 0x0, 0xf0, 0x118, 0x0, {}, [@common=@dst={{0x48}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00', 0x0, {0x68}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv4=@private, @ipv4=@multicast1}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x718)
r2 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r2, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

3.107105568s ago: executing program 1 (id=2842):
symlink(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f00000001c0)='./file0\x00')
lstat(&(0x7f0000005640)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
pipe(&(0x7f00000045c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000007c0)=[{&(0x7f0000001a00)="ce", 0x1}], 0x1, 0x1)
r3 = syz_open_dev$video(&(0x7f0000000100), 0x0, 0x0)
ioctl$VIDIOC_S_SELECTION(r3, 0xc0405668, &(0x7f0000000000)={0x0, 0x0, 0x1})
r4 = socket$key(0xf, 0x3, 0x2)
splice(r1, 0x0, r4, 0x0, 0x65, 0xc)
sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @mcast2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001140)=[{{0x0, 0x0, &(0x7f0000003040)=[{&(0x7f0000001040)="1ccb", 0x2}], 0x1}}], 0x1, 0x4040005)

2.971794136s ago: executing program 1 (id=2843):
getrandom(&(0x7f0000000380)=""/300, 0xcebaa945, 0x0)
r0 = syz_create_resource$binfmt(&(0x7f0000000100)='./file1\x00')
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21}, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
close(r1)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, &(0x7f0000004780)={[], 0xf000}, 0x1000)

2.504863939s ago: executing program 0 (id=2844):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000000)=0x200000000)
write$vhost_msg_v2(r0, &(0x7f0000000640)={0x2, 0x0, {&(0x7f0000001900)=""/4096, 0x1000, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg(r0, &(0x7f0000000100)={0x1, {&(0x7f00000007c0)=""/194, 0xc2, 0x0, 0x3, 0x2}}, 0x48)
write$vhost_msg(r0, &(0x7f0000000540)={0x1, {&(0x7f0000000040)=""/62, 0x3e, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000002b00)={0x2, 0x0, {&(0x7f0000000600)=""/13, 0xd, 0x0, 0x3, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f00000004c0)={0x2, 0x0, {&(0x7f0000000400)=""/192, 0xc0, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000280)=""/184, 0x2562bac182d8b35a, 0x0, 0x2, 0x3}}, 0x48)

2.404800154s ago: executing program 0 (id=2845):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x185042, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000240), 0x47dfffa, 0x1e0b82)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001ac0)={r0, 0x2000, {0x0, 0x0, 0x0, 0x3, 0x14a1fa, 0x0, 0x0, 0x1c, 0x4, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1cac3f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0x2, 0x3fd]}})
r2 = dup(r1)
unshare(0x22020400)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ppoll(&(0x7f00000000c0)=[{r3, 0x844a}], 0x1, 0x0, 0x0, 0x0)
write$UHID_INPUT(r2, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38)
write$nci(r2, &(0x7f0000000080)=ANY=[], 0x100000)

2.075349504s ago: executing program 4 (id=2847):
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000c80)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@ipv4_newaddr={0x28, 0x14, 0x509, 0x70bd28, 0x25dfdbfd, {0x2, 0x1f, 0x0, 0xcb, r2}, [@IFA_BROADCAST={0x8, 0x4, @empty}, @IFA_FLAGS={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4040014}, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

1.897899413s ago: executing program 5 (id=2848):
syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
syz_open_dev$video4linux(&(0x7f0000000000), 0x101, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socket(0x1d, 0x5, 0x26)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, &(0x7f0000000200)=0x20022a, 0x4)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0)
syz_open_dev$evdev(0x0, 0x1, 0x80000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000040)=0x12, 0x4)

1.800718186s ago: executing program 4 (id=2849):
close(0xffffffffffffffff) (async)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000002240)="03684a7b99a4fde940f3ec0d105ea2c8267323117153aa4a4f099c3835a607cd5cbd77b83cc33d13bbb6c6bcae59db739af84a4b5d34bffc145f3cc27ed3d4f9d9b3103699a1e1cc4ddfb6c1afd07ddfc18e358cd62649479724ce867fefc0a15041bee9f6084842fb982d5c2cf1488d668b741c64f0a6fd2643e729ac5a56462a6b64d5a0a751fda4fadf63ba0dc2fd14ecbf546918db77095545b41ab170e5d6e8ec8bf9ce9b8d53b832e90c701fe52af7999f8fd509577ead1be27891ada8564167f2c7d2eea1c1c9c65d8e151c58ddee43ec34e74d330ec50cbbb2bb21892c7ca995066e3cbea8a69d94dc6bcef5f3c0ef630e774d092ea58627f3e09c66a9c7d1abcf4f8f8af87f4269df288aca9bbf758275ce9695256e764d185a91a7570fca3aab16c75ecaff6b8dda371c3226d6ec6e55c5c4d8cfc5c33892bacc956a3613bcfa849da1b5e070a7911d7488b3e628d9339718e8b821f1bb5d5c45f0316bb563d0a442801412dfd5a4d61ca657e04d6686f7d5863d57954400aeee8e79be8f3cc4cbb3d4b91269df039c3d3543e500b90a2bdc6eb60cc7afab7b5187d88fbd76e6212ea29e872b73f925287bdc808b4a4f8ec7f8aa08bc90b29e217c3eef69d8deae4141f4f9bd110b7bde9320e7b45f422e9a6111bcaf99c9911e46e219d3bab477926bd5d2e78d4cd0eca133c232b1e863fd7799dbf609f3670b323e5518e8f4bd36e9b3da2c68a28eaec9cac688b4dd0b73adc24a8c7acc264399b7facbc2f43e8e40b6cae9f8e956d1dbfe259f12bae75ad362c354050ffdd6e954f2d7615fafce888bd6f672a81c9fd4318caba765069c0a425e898bf7611b77f0fe61c27d318159dba42f011900246c64557d27b77aef928ab04a147baca37863cf998a2ac30b903c0314449ddb218887c309ec7184c8c733f5d4e7b2d79516e9531c9a5becf8294d6ccd777f285b13160e1c949d3069c6c66c0daa62bac679bc9b69825398d1c290d765e882fa2c8708b20ccec885ab6785dc22696b61c109ff84bc5407932c3e5bf12069a68b8e3333a26d3dd390ef9bc01b86013fbcb5c28a1f4d2b8084f1502fccc4027a124c3629d8f4a8befd14b597cebda5f94f36050a31b95087cbac347788a71a90e87f2187fae600aa42719c05c2859cb30ae0fd58a7bba681f7a6027a00583071def2c9a94456e5d9acb9fd2d11fdea524582489c02377bf7f590948985c769b3822cb6366681d79113c6a6c752f2475caba77b7b2e8f293d7fd9b991f63e254c98dec94f4f3def4fee9cdb56ff3ba7fe6a718cbe9a7f04710e257ea8a49d6605266048fc122d4f3173d4b04b3e282bd3c5198d7fcb72ec38e0b07dd8a541b2807e601e5a0a01f07a281e0e1a261c65977088a54597efd0997c59647aeebb2605a89705eeff3ec780e302e24b23a0cbe4f81367c3f118545f01328d22eb8e802667389143166a9db9477c9b58eb5c76a19b8f8b2692b0d356003f08ae54dfc820d8e357ecbf91fb7e212cbef1262171abaf2f613a5bb59b783cad476fec50d16ca0ac13c08a59a3097e6e3fde700a4b987d10311fc22d4aa210956cd859799f78010e4c0f25b715876aa253df15009490f71be3b0022875161f537c70b14bdb9e2d87a5a11b414a1198533c7de6fc4d22228133bc26b19d9f1e7627b14c72e3c39d3fa2186a42e50a0d1867dc312f94c7209d51475ed4aa80b2ccb0557a40422bf7317de2fdf3296727723a2d23babd5e23f7c3edf4942bb485b95a122e6aba41b8f80f684f84605462448d5a4fd66dfe9bbf80590b9999b4780d4f4f189a20f4400b2975df85b584c8c8f9fa3095f13aede1f52dac98be358b0a0d72bed4df71cd23973e326179580268c4e5d1be4b2ae2e1e2dba913998faa6088af128fc8fd3ae26203a898882b67d86d63f6ee8f8e216337330db6d928facf9d0ca273845ee5b33a0a136aeb48b7c52d3b95fe73efaf06197ec8753ee0349f19db8730917d0f18a2de9602d3b887bc583ff64dfee67e2bdf4d5cc1c341b89acd3dd5176d2c15ec2a77120b8a49591ca438ae36c52845e5dca550e539da9ba2a2eda49be316f3d6d4b7c83666bd4759940347c29dedd273adac722630a940e104316b4806553ded47132be4e31a50600f5a4dd56825b245b7aae853f56f79e0ec31f7b5db945ee3bb92865acb0d8828598e77446ee50ecd8bf5e7ccbd963445a09e3be215709b0b3bff2e9d12e6549924338f236b4ff973682e2e03fbf6b167e3b3a0f8c3f3c1e8d0e21a71937c918cabab50dd74c011a1a5531cfcf88a5df5fa58f17715f7c7b3a64d9dab6f20a596288969191420ed71daccbae7c1ec88bf74811b5e1f4bd306f3d810c4f3600df2903ffdf8db40ac7153fd93327a1065cf2c4590c8ba9f9391eb6aa600cb42aff8793e4721afeb3d470beda45dad9adfc6f4fdb24eafc63792f5015c656ca37cee82b7ee382bda31d786d6e03d4c8611c4ca464e2360ca747815c9eebd38c8fc7d5eea2db96b29d771a96dc5c884029077125bcc31980564555d21ecce5d0388e1bc1e618c7dfb31b02b1a6730db7eda387dd4ceb96f65178bb088e81133e5086f73c458f84139685ef930945a51979faeab539e4964244709dcb8b38f575d3a3ec1328a0df65fb34241db7cb3250b8ae0dbc44670d2b5cc3a1785d8d281c05256ef2beee3b202d8bce053e55ce1fb2bb208e65d488ae24484b00c2e343fc3544ca546406688022db6e29ceca9539ec095a2a2cfc5f516230f75fc961c5de1e8d33222331f57db02cac5f9208029c6114d041bb1cc7f959f77511f5790a564600c018afc253e5ecd5010bd769b45a04296ca09e87fb63bf3d3b51dd8b3f6d4426a03c0944d09dff654c5718ab1fef063caba34029be6811502e8bb785011dd1e34b0c192915adeeb40faad0725a8f9a62acf61b944a271d20567f350cdee22d76e3cc5966ba742d9c43823af19ba74c60da0df0c5f4e7e26af7224147774a1f8ae09f929066e1769ffb3c40ba9fed13d2670b9e865a155426ed5c83648c0ad34e46f5308b455e0835730fe529668b606f3f52b0d04534d0e14bc0ff0f742359550e6980ac9978455adb3de0f292af12a3700453e035a49eafe98fc0d7f26e42a6c41f380448607b7c96291f98fa6bbd7e32c249a49171f8fa81762a490a1ce5c39d66d35c6ed6c0679440c06197c2e24d48e1de81c711164c02820816afb5393d3d6c801c3c062ac46d1494f52c45ca36faf94894eec9d71e1be6c7256f4aee8dc080156b28623c821ef8d1826ebf0a41332620f42589270e142561374c825e828e2bd9ae41fd34959db48319d54ffe7a1b58ae8f7361cbaee8e26e0e7e1b7f125f8cd99788825efd01c38ec987904190a0ad52bc20cd36cc7209f9269ac87b2fa44d2456661d3056d893cf912c69ae6b2b83d0c781a6d6c33df1910867b71257ab74e244e3ebbac07445069418fe2e440a384e16feedf8e3165676e67866430eb6a8a5334620d8c2cda15b0328bb0c50630886353f95241cf4f3b647a4ff812c70e1b074c4befdc70fbfdbf868bcc81652034b5bfa831f1b686724046dcd17ac91ace83711e9ec7465d14c9d508bce93676a58ef7dae37221436865ad34ac2fd691e3b3e12aee6736dbdeec9b1c05fcedf8b9ced547259a1a40471ebe8b4bfda69d2f884da025e2809fb9f159150bbcb331ca3c502012a7fe76b4fc2771976aeb624ad7f2d72c707f5f19d8ded84581ac5afa697ff99d27d88c9588fe769839c9cc9d6786a0f814667527c53b6253b1825bfe17e7d734d96d61da0ae7349d0922774fa9b4baf332a4568e32cafa417ec659c4ad72cd656a1e2c59c8dee38890ed3acd8b4f8657de41f670106c38c38ba1a553f0f589a57c61f5105d70e0c0953459383cb9337ca972cda1d2cd3056eb07f21c1f5b995a04997fecf501bb201c67fd2afe4d44fedea595969b6b3706087b0f59d2ddbb099d60436a94f0ba33282b29f6e914fe92add4b33cf70b680b905cfa2b2ccb00b9967f99806e8d69783fd35a2d7fbb424e9fde2647609aecb0208bc3864bf95f05e50ba12123edaca8de927b338dfcb3cc597947c606c08315061a7fec98c48f480e2febd26fcc8dc12289aeb0adefa2c2be1766a5bc74ef1aab6c2cdbdfbf1810d956bc889c8e614b7b933ff6e336bb208db5b592775fe71c3ebfad5f47e0d074e1c0cb36761481ec677794f23c3698bd35875719f242e3fc939bc3668f9723f31effe189dabdf4ebbed073eab952c88f13059eee22230bc7724d7266b15726a0b0898cdd274e3e56d0a356166b5d16456249e9e92e84e39f61c0ecdf99ec2cd230440c03fd21cf68f27306628d35ea47367775f39d20a07f3959b38d49e3674061fc1018b647047ad39f77027878badd29927c5806f95aebde5f070fed28ed34052550678d3c6b677a3b5a46f76a98264c42206bf62caa95df5437092b68e025ee9ce2ad733b6db3ec97fd33cdc3b2f77ee90dd86d8bd289ae1a437c86f4153ddcff5e846347bfecc1499bb42980e4fa91790faee1b1991dfead5d7c460348631f0469b2b9e8f65207a00985511e0c41f441d9a3154f5a0298c172fd7135d4bf95c11cdf1769db1cc55f392aec309037599327a7c53c10a56d1ace8ad19186a2fc75dfa9d657c114eae99c1c1a6b4a58440718bea82290bd1c2a67048938c381648ea2b2c7110d748c9c8d782f20430b1427b51d7036e55b0997c6f75717db67a82c88d3647ee036b49392f0467d6010b32f9de3e5e79ef082c5bb975d11d2bf76a97f7159c11a7753db8a065d3126ccda9abbebd2c54374e389942c24b27435868fadb45bb060d3c1084b211e2afa8dfaa2d8dab8dc47fe10e6c32afece7c4976176a7c66d704125c0948c238c843b41b0246be1f50f8e07884cfe7ae8885ca06339a339c8d5978b079e0eb78facfa1dc67ca70733dfefc6c868ca149e0661b70e0134870a3107c8c46711fed14f892d6fc66d95306838688f13b19e904416a8d161cc33527878b38ad10b1c08db21457b2075608be7300d39748e4fcebe02b190f3e8ed32a0ef734b11ca43a21f5f809bba795f5aa0ea01050021d0f5213620af5b08fda6421a42b7c82804a20a6ef6d471babf76f46538327f943476d1d109a3f0dc531233d6f93d8dc27f4745735085f92adf63d617b373fba24f289035710e69eb80da12d36e8eaec22620ffaabadfb824bd5fc309a2c74959505856b5b890bba8f22bc571a9d87e93ba3b9aba6dcf26f7076c0c2e271641835ea25fd49d96c69d4fb8bb8731bd2cbc75146aed10d269f9060462339cde8830b535920be3dbf143eace0f1ea9469b95a64fbd7e5057eb880d4422cbf97cfc3f7140251d4923580ca2113f345cf24a66499ceffd2e39dc4fd74cf448638962957b409f0d218c165c13ffe107aa1dd1d9a02092cd46cf2b353dd2d2ca7b8a7ae8eda0ee18bba269bbffed0c7d400497aee4da0896cf6329d76ccea098fbef9075412d1c2a3644cf0f202b884303d204314ae92c56217b2feb5e7c1e15a99fbdd655fb8f6bbc3ab1259bf03b2ee17c5b7e9443695177ec5040eeff3fc36ceafe143393d76a3d735cfe6c9b632e52dbe64dc1265961e8a27ee9f76c0add9e0581e474d7678214f5b64c932903715befc6b766611f1d7e495573b9a3e009cfcb0ffef7ac57c3561badbfa41c119e541180aa2364de61a601699cd1bf3de01d15794b728e1444efd6ffa1e57d95489c8df91fbc057b66dd6d9f3a01b19f36bc99f0b54ed1f9905067dd1608bce47f5ff1981a25184aacd39e331d8ff3dfa7c012d7e667a69249cb4803b23f7eeaab8ed29c69ba3d2a1b88821ffefc5825650c53b6364f38e0a178312f5d29d5375423cceabc8e1c4e51a566ba3f9b176b858c8860440ff8ebdde725640d2dff6b9160bb69f188755b0ff766b410704cda4c33e1ae2c73b5799a00d2f55de73109728b350302b64df2ce3eaf2e0c6561009b60c2701ac493076305e97ed20c3b42f40b2bc7f13bba4ab8181e2085b07930c6f5579205dff696902be824e65ddc774e886e8d261fe74712a31e406b0f7725b4559d7ad0f27a1a870261aa5bb8a720e7c89ba933770d48821416de070df1abcc6eee1147c20bda090d940aeee2bd48c0f3d94675d9b9cf1a62ba50e31a7af0714dd8325d5fb7142e88c4d22ddb8f0278ee6ba88e361524e291b6d000f6523ad4188b021da9ef4a634ed09eb2002b9c726746c9ffc32f261edb448106aa1e2daaed865255fd1d296fedbbb2de3f7c1f15935e52006492b632ad125aa1e000c9d71bdb945792668e16b26122a3fd7cba1a40db8083068c5c48fd2aaa621c87d9f5621bba442fc26839030dbe4e37fda4046d6503bb03e0f928de25d4cd4e2a40ec93c9021dfcbb25f6e2c943cc85eba8123340d6364949581e8c8c2913d59dafe4297672c0b9e7418485f00cbcf672a588904beb3c074bebf339815b91c7c374ceed5a701e1ade8f5d87ca536120116307ac259577a8e12958425317c482d2c7089bf3d83e1a051f3c094492de7255b22e18ca2ff261b3ed197f2f8e67b71b1c5a6a04b99158b58e9baad75201aabe13254617d0de0a9073af62491c67fc18d1ccbf7686a85a99b39e9d7d9c85a0777e47c9fd0e10c932c20f13ef287b44b9b706ec818aa0c48a10caac58a9b8355e84bc820698c2501f0c12e1b67df701cfcbe72dc47a2c87d43753ebfdb24cc838507e241d9fcd3d4955a373209ccda903a3ffced05e4232f2cca9bba197fdba8a9357cb1d6da6d9b4095027dc03e17d59ebc2d358e171da0044df102b193c79390ebcb58023b40c621df71e064b0056bfcf1eaee1eca85357cd1ac78feaa54bbbd85596977ba85003ea60d8685f4e3b756e4f81453077396590fa214f672929e81569442023667b798c24e06ee20dbf64cfccb51b2bca4e2a5b0df137bb37ab3e2854dc7e1b879866a72a5809b563596cc9fd3e53abdbccfd5dbc60662252ddc5c290d72230d79b7504b40fdb45ded2f02e926652c1e04ea4c1c488025ad1098adeebe98e385ab1caec4b9eb4d3bbd5ef3ddf1fd0d72784604a989558fd37f6d4fee20609090b3331e254fec98414a2c54589ee01c9429b7cb574b9167efede1d966a227bf2a8e422f38680d77d3c555cf1117e7d7e804ad730c36a78b7846473d6481bd0839bd3e6982ed47246c370a90b76e5b88de202346fb20b8b6b5ecb6a90b8478d17b175a1821df75b48ecc34866fe5c8960bf64d5ff92831bb9357474bec65e0dd1699b0f0340ee5ac5e9e9d3df66edca20201371fc21ad80aacd49c6b0abcfee9c876c15edcfccde823b55b61cb7b254487ef8c8781a22043f4adaf25df34580a6b3904fd014b50c59fa90eff75fa5fd32aaec9aa10df8a2b9b824952e475c964533942bbe30f4167a11fc15d548e0a31f911030569722f0c67e79e90483f6f0bee1c7f80face1a1b0f940c891be688cb16394f6c07fd29b5f248c211d1f76ec1292755d8bd963e191b3a8851472fbbd2cb732f4fd9fef3a8fb29aea097328173fdeaf56fa2279e86fb954306b040c960d0b601b3a741c96cf1f0bd1172f848585cb3b57d7d2e2a84914526f5a6f9895cf5aa4425b4dbf9f59037756a0321bba204a737e36277e86fd268f6047921f4f8fab69dfee137c07874f12f89084e7117e2c9221690a27f880f17d08d56f9dbc96ffef3920b55fb773dde72e1ba35f3e0c9872e339508281426ab04941df4885f7e0293149f1642c2573e2b6594b8fd953ae2468cf917cdaa0692cf461e3628860935def39af78af5e1540147ab1c70c3ab7f7c76abea0d8541feb43e632d7a2cc7bef15a4700304048ecf135968d0a9644ce899aad05b186a2224bab3836248cc6137472203ebceb29b3e87610df12417ee722f309c54b2e65591d8b929440f3ec43ee9ff8f7b7710668e4312610d1591303d5270394da0ab61e4515af5215dc81137f0dc90f951972731f8d98ceb8b4ea38da7d8dc153ccbae5068781eaf9a4a7b11b4319090261b61aa65a8536292eb5392020eb285b2db07f81e7f764d65037050f1e3748593474c6c1dc11cfcb56e1c916157280098a437265e1c682cbfed717e7275bc6c3bb6c6ef7f0f9fdd19ef82ff2c82284c3a061f57b21d3705aff97710108a7d1217a7ea3feda021d20f1fdca94bbef67e0aeaa3db6ccc2d060f7b33707fe19cb2d0232f1239373bb38e666cbbbf3a697c6d0e957ec6730f56034440e789a7a37304d09eb742f21019a77c608cf578162a55d0aea113c051b110b5281ed8b6638d2b31604e965cb019f2f106bc4e96d1313c70612f1ff18afdce7926270dd242c49cc53792f160d1e143e04d7eb3ca40828b153fac466bc53a084281987b47b806a4ef668859eb9035ef68e9c20bd6bb790fdf6f921569b4e97fae5b7edc761b4944c1d6d90f4df40bc3203ed838d4c61cdeb7a9bbb68d59b2cc00125eecaf06b759ac1b9dd68028225d0a60efa499e4436962362727011eef6cc55962dd4ffe2fd3892907e837045883cc9ba8892ab265a31924f3055d4dee68feff05d9f10ebdf1e8c1c1e7001b5b02a7fe26b9c0641e054ae37854187fb1bb6e9fae05b09e85a1e0e14bc801f2d8b9a178a9a72b147e137e0d83192664a88a3aca4fb6a4f0c5787b20c31bc5975dfbc8bcff8987573bd14b1ca434d93452e67ed01c60be99e535bb3f848888d224520b61cfc1de2d6b2ebef9f24674c31aada52784a0b7b60f351653c71d546cf951e6b4a0d917ac6afd0a713f41833f9f74a3a7d3c19b523299666da2b48676ca7aafebadef05b3bbf4b6b62834046f51d3d4582fb4c9de27a3f5e992853368e4f17f9dba27c8c4438307fc7405f53fb27cc81c1521452a1a5edb0cabdf7a73b1cab0675b619fd5a0fadb7147776e74695c042d9d8bfda045bcef7542b42249f34c7590605d0201a762390f2fee5f3cdb488426609c663c9fc4dc2a5277f3f589a14e6dcc202dfcd89bb148a368ff1792d230c19934143d2c260dbdfb334af863b856e415febd22fba01c568d8f48dba6d92f493cd1164a376f006d55db609cc2c9532a9f56da3b06e3db2a05f797eed57892e2fb677541324bcd763cf4669e7a871e322d0cc6e21befe3c767976f058dbe7a059d673c94c7ac5d49178bf19d32907b6fe66a92cc8ea30a858da43f74354390d6e97021da50812c59a78915e5b33221531bfa054c594ce3a2300e5a7d712773181901dfcf6922e980566fa62b1f2b669a27fbecce29e9be6d22058463e350163f33d18ce92a72d1b470857b6a37998aec5672521a8f0d66ab2bd01de516036ec47d1f63b95b437dc6d5a0168189d5a963cb0a80a9a5f20b03515396e3525f0ab13b0c1e5dd051b4c930da6d57ab6f7dd94ab3e689e0355af0b34871296152a76cce170d7b14d471ee4d9daa93de4ed755f30d45344f724288c17e4b22583158f1305ff55fecf7d526e207fa609886e14c9a168bf364b049409f63590f18a5515de8c1fd8c5a9710b6e33d2ecd01466b799f14be787612b8f17df0c05483a16097c0a504880249e28f1e067663c640a550a8c7ad9d090f7b2e902c5c20936869a5f3d3a014817f90babf847b43cf67ec23f120ae4abc63a418d1d99f359fc2c33a5bb34e1f5780576111a88c5ede834bc41e498548ddd128f9e884f4cd3e1bf1aaa1204079ce74e709306f38f2d6859128fc35d3a74c534ff1dccadfc8fe41f1be9510349af8710eb6d2dbc758be12b65622dad1cf48abc2fc409f5ed6a3af8d0b6548643c46dfba9db4e5827475e6e317c9c018a4dd5de391cc9cca85ec527537e26949e5091baca4f0b563d4c3969f15115e5ccdeb9e40788fe12f9d32d9488a70ae53b819726e4483ea6bbcb76f99775ca5e4f93c76edae462c08d596209f985aa55ef5e786701edcee8d831dd6dc0fee9ad01b6bdd63e886a5e55bdc593390c81e18dfd8c685b81306bad6b7a19a86b2bab5cbf4754708422e99f8f2497d798b3db565e709bcbba4c376c1c60b22b994fe8fdcb25215d505511cc1927f6a35344023d5da0a3ac0830e6aa80f5f7f0d94a67c99c6b22717078aecba2a599daa2acc054cda25e3965172e5fef464ec19aa71de5e84b6de30cc673fbab8c441ea37bfb3fc321a504371bc0996702e9be38db762e339ad7ad66dc2caa887e4ab60272d7963f85b14c941d31e545b85c640427302efe7142f0e0897a8c623ce57da213fbc2d1f90677142fd48cafca0b2934e572833ed6473218d0513dd1f6ecc578e5a1109ddae552b3be0cfe7246d7682a59fe9ae783a0f318d1800d5c466c80c5fd3facd0340f455f081068dd2cda5cda744018d902217152b6c05d37c090f8348b0471053152c2a4570fbab3f6dc30c8e49a63b88a00b3aac75180a633692e35ea976821694e133eb8bb4d31237d002fce1dd2ce55528dafcef2f0e00690562d144bb0e19576ce6ab72deac22067d8edac916b1b07e4eb57ff0b885b1b79f37dcf88135eedc17ffd948b61e4df4985033bcf891dd5b1448c8668947a271d93d03ce31216810a6bb45a6c5a12e290d97a60ad4b5c7384cf19421ac1ca64d346b50771e0b50e5caf1d9dfe056e8da247aa502ff04c8e29ca810a1d3ec7a89bc17dba2936f03a80228171f7999b3f2768617970efe57b14011c80666ac4999a568ebef74e2ca14df0ff6f0fcd47c538be96aaca1e65b53b98447101e49672b48167c0afc1afffe669b0f9718bd3305805c292db9738740b362564e4691cbdf061db1ed3f9db1f8bed82939f835d14f46818e3eb4e25f7a8d77d9d0d7913c45d8a81115c1a5e37b1d3bd1b7b5e6afaaefc81d9700bf83506fbf15457bc0f59f7008cc803efdcb6d39e388f6b28e80d47134265cc5438804b12d50e61a489da829dca05792d2ac182ba747331e88a7118f7dd38067f7d38f37be362260effacbc33863bb47aeebbadeae648a1090718266eedd2ed5a2c23f168759198aa92b2ac45c2a68ff212f29260e641a38541b066d39df4e95cd1c8e7e6ffae1b8017e6f629db3910b07496c8a81e4e66ac2321fd9e7ebfecf5bf6e922d7a79fb710a2d42dad1916c9b186c2c50c818fdb1afa19be867d943ee98f732fe3a01364281c0f6d0eb64a278721dc7bff5316256b0f4251abbd9b8ba7c7c12a3bf02a1fbc9ca94b965588fbc82343d07df8e06eaa5ed2137fec129351d80a9048a7d78b31ffaf2e388864a763c4af7aa53000e0bb2eb8ac0e4272cbb79dc6a7d65890f125c523c7cfddacdedbe87938aca915c92c807dab26be7d748827d4e3188676312ef1ac8460b29e8e715f4075e33104ce82e6785aadf17a7cf82d2a705e9f2d0fd25810ba33d76e54b48eda3effc01f37c89db38af81922fadc8c3361fe74ed51eac5e4437108106ffdedb339b406c082d62a8bf718989846d23f966e1ea39103010f767b3a6f0a0a2041b1dafcb787e69ffad75ed2a0081b92a4136ad5ae557c55a4b6219a390103428181ab36f329ad182a92957495c00", 0x2000, &(0x7f0000006dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000004480)={0x90, 0x0, 0x4, {0xffffffffffffffff, 0x2, 0x9, 0x1ffffffffffff, 0x8, 0xc, {0x1, 0x9, 0x1, 0x4, 0x5, 0x6f, 0x8, 0x123, 0x7, 0xa000, 0x3, 0x0, 0x0, 0x6}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000019c0)="2c76fed09a53736a97f19a67f8f07115f5aa8de30b25d0172ed9a66a4dd133b55935c7bc90fe4940a9761cb8215989b9bccf3e55edb943feafe6cf642f08d440b2b47d97c7f62b23cbdd25045a8722845e5379c1761bebc25e2344fca1211436da4e4e722449db77fbd81fdb6b67041fb08aae2eea957df29a54f75f95bbe5fb5bd1affac497d55797d6707ff138780c6a194a03612b6f07c94ebf012896b40b3d3b8380dcfd8240a85c959de9c48577912f3ff4e9a20ecf199e1690b5d8001ba9e449963e86a56d4becf4c28d625e942a46e41b1cd49867e1a3e50afd151a601599ae322782b1126210ab8765618d46b8f9d7b3026aa533f49ec8d0bffd79cbe5b22e1cd5567688bf5e585fdc221b188be828acc454a803e56a9f2cb7d2f5fb0e9eaa0745199d673780d62fd464e4bfa6e484e5263a77ba1562b27cc6e9c9f3fbed5ccfb27eda8182ab4bc3f713f4212c1ac3126cbfa0a4585db01dc2036c373c1ce686d3ee79d0dbdb57008a65b8814bcff3aaade007c9b91a71c1dfb014440eefe0413748a892d788321b4f4a7fbea5dbbde5a1a134bd4c8cbedba51ee3ef7ef5e288fa9b0bc20dbbdf4bb23d275de6f80eb6c87246757ed6bc997539edc818d60b7773825757800bdbe9af82abbba8de29e8f2aa8fd44c7f8a7bdbded97f0667bc1257dbbef2dc45aa9f5e638ac146c446f7e86b9c519d01b2a6aa11de5ed29cc73b63878bba95645b9ba2f97ef72edf13e99ed52cd1111faabb306339ff0a4a0e86968c1e9be619280d5bead05d1929b6ad8cdf0bd9153670bcda41cfdbb68447107cbf6c75cfb3502a72f088d369d923f7069e98ff2e76841f3d8b5020982beb5d66e02a3796f3c4a90d331962e2ca00f1aca406a7a98245a5d2bd1a11b7138c83a8f720b13fd6d3921a686ad0134c45cdfb7b465779a6ec6123238b3272237284dbccc4009b71911863c8a34242f8b759a4e65d6ae552b7816dc67401ac356b32ffa3ea424e9eb1270179589e52c604f50cf175f1ac786b70a4957e068d57d8ed7fc80226abbdfe7bb454eb4398506a1e3ec6e288419b46d336136fc8fdca4523f56aab45ae339f9c6b30886f8d1290b1de7157a459abf51174a21428db77765170444277bd06e2371e8ef86346ef652a5a2ff4003ecc242622754ae5f7c85bdd303df16ee9c0bed51d688887d58e37497a21f3601498830f28ecbb6d8697f5f94d7d27585e86d5604158a3dc09c0d7b0b20ee30fa236207b7c022f28008cd2460a490b3e2880b21a09b67dc0f53bf8b2be20b13613f252997ce45b65be6f1cf84cd5fdc903c469e3741845b74c3636df437b711d5d4c8e531ccf00e05e287e8b481eb739463d5342e62547bfd19fdf1912076da35dbf6090d815bd678e32073c3eb4834d79de94babb245324e24a3d798fb4864eb26999a49a97436a387bd965b94989f04321e7f9115d7055c10b800d953bdf2a1b6acd14d559f9a1469989043435c9d7b03494a494205ebc06055f68fbff198ff74781bd16f80dfecb0201bc051921d045e96c838aad3791aa3dbf4349cc8f8f6f9c6668e6fcc65b249cca9bd106db88c56f342508a7e3e94d998094ce7a4e3977084206c47a58ae2618466e3dd0a9c929cb437c664d604851b63a5e2516222074983c8c5cd89234453d4c74722b9581e9631dc58904b8c43ee2672397e4d52b3f87e3a76ec439dde338939cc06eb3081121f59c873532e2aa5f192a2f4ec661bb8ce225ff0037ffd35d23881033b8ad7930527af942e6d0b4d40002b8850cfcf3663fb7de4656c64855cf184654b421c04481fc6d3dd98562f0d47e4b16b46e43fba254bf855f1d8a2c3e80b17f7d2ec9cc92ce8e2ef74b674a8f95f5a92676501ba539391227eb14def2df31fd25c44df5c33611013ba64f35203f83e8a1626b8cbca296f975345bf060b4adf5113ec30f39d2996f6c536db44da80c28aa3433ba80a9c81dcfbf61c3eaf1d811f20c3f59406194bcde9e9e8c42a19e31d0e8964df166f2b0335710ac946b9c17840ce1326e59f5e56067c27c87c696658ba91a6d7246b145723e5c33dbb5a0be3c33b215e8240012a1429ebbe846aaa37d553e319d719fb65d326f7da624743b8ceee16da6ecdc7dc12c3acc0fe2a8c169cba0ccc9ce5f54a8a540d0cd4cd8b54f0fc15d4ab4d023fea3fc7e351394b871116d4f979dcc6d1d38ade17b1d9d034ffaac963d8979074530bc6a4551871f23daed295c6ae44c96857e6f87cd4a79f6a054e4d6615d8d37093551588293b74cd82ee69a5dcd546c7421299bd9890cd9e5845285cd00074e373fdcfef6f08d202ca890240f2b9211b2edf7b981ded6005a69c75e15c926d9d5c4c02be6f0f1a1e954c1165659a2bba9a0a04948bac00116d102d07b132942dd95d0f0de372ca7f3a9489b5456bb4084038c1758cc71ed51194f937bed952fbfd7ddc8aa2feff7b33cf41cad9f58c1c75ae5292517546da62182ad03bf00ffaee9aadccb3a975b01861efa03c46eb1066a8641810d3e43532ebe9153d31719e687a7f36430ade18f97a405b8790901e1db901af58147c0833363eb1fd2fe50c898c70caa6c63640b868fbc3d89b006188de0f256843fcd9d0a40a455adca1c4a597f723f535676ea06949cb4a8b353805e046a9fd647d90c1cafe3089ba7d9ce64f6a8e6f03d7b1ce026a745535f24d9637e5caf766dbbe9f93b5eb23e22de78fc7c8cae2b054c51760f019827f011eeb4b79f5de316b6eedf17f7285894480bdfc0dfcc315b236da28ea46775895d9dcef6859dd4496a6a03e21a35c4c20fad395135248177a6200b9af85b98bd549082c2cea0bc22fb370c7c56b06a7ef65f549d86c857e83c03f412e89fb4f2570f5b7d1579e3bea43d33f478efe825d57383f14dd7e799e85dc0a10443994556751a635c94226de193a57fc905cb1a4c9f9dc4d6c598fe9dffb4d0d58bd53030bf463eeb80e6f95245792d7b98bb4bdd41e49dc39b17ee0b6d69d40e03aa56705d1b26cc4af5a266374750486cd8a75650fe9417fe574859475bb44daf76b9e087b0e01445ea3f3827b21eaf204c988fe143a9cfe4cf9947a91356a643fed4a85de7844ad72822a5a1354c705e255ff947400d3933142feee4d57975c57cc4096a357a9a69d90a40a7c0275ca46ec4c09d7accec752bf57613fb27f145c7d574fca4f2d313fb81d110e869afc18172931951aea8be925d0b4ff823d2af53252897009de6408858fe0e06c48efbc9f6cfede04b5c4ca58ab24d85cf49ceab28aad9009b491a49d4ea02ac531df2d8c8042d52e20e8c831a201d88c12c685d8de2a785c6e9ed1a05a5be8162d4948bd4de1a69220a251841fad963733040076d5247c8251fd1da5a413a2bfb27e21bc33cf7040f8bfdf8d631fddc4c09c175da8932e11989994618cb8caa47d320aec681784ebc8b80a84e4bbeb66f5c39d153b01dc236ff53239c3752eab7ac540d1b1f02dd5ac39d2d9e0cac36d201181278df584caaac0f7bee3c0b93b882116c56936e61dd618aa7542621cd676caf04939d241bd67c62e2e7df6f4e5ada2f68a64e717931a1fe1948d2481fe901d7b2936147d0f10b8bd5484ceb67f04b2b449c310758df6a179cabc6a09cab2c048526949ee365e8319610f5b5309f040e90bad6e32a35c0cb92f0f5f69ca5aeb5af2d5987ef2083caae7e512d99de7296e754ec36440c8e41d6560999d169028986e3e439987e9cede4bc7f2ecddb631965dde0d53916fd066bc2b802dc303fc1277139575b61a3ae6ad96ad67ca552d5dcc27a26f6b7df2197e4187f5d7fd3a950df85c8b63a3d7179fb94c4eb32081784ae9595ba85d217422f0aa126f9bb57aa7d793b29a9a5b93f93d554fd7e3ed9bf68c9deec64a90458d43598c0e168f8ca4cde444e76224bcadf7cd9407d88b9479374e1ceebbb4bfc2a91f2c6f49dd804100336f5c308c921beea08948f482737abdaa1540a2420bbc42c2165dcb5c7f04d066682f3494321dd5287c8f8509ac845c40f6ad0da14260c23f0dd21e4cce405b77ad6fd49bb4c6300de5f4c6630284246ab3598df1528bace4a506c8dc5bc0fececd42b4d179ad4650f5e6065cb8056d0c484f4cb4177960904fd17aa0e4110b6e170833046db55c56555f92217892c9f8b3a69ee27c88bf7f297a90eb062be69ffece0a5f9273da399e231145e7d2ff9efeac05f55b373d4f8371c730f84d7f65dbada57ac728469369c4edbd71ae6757e4ab4a79d907191b1a10640b4b3489baaf775fdf01c2361dfe0940216be4cc42c00d9f6cb9a159d33489cb6590df7b13718ce3edfe7347c7baa7248abf42312e090b96036672d6b20da95a85aa01604274b011aa00ef7cfc0dae7ee221e84bc6843e47df09848fe20ee34a7542e6569e0e6e632bdfb057c714bb7514c72327730ac78fc62031fab1fc8612318c3898a179c4124b45d74a5353a9b97d261ee1644cc3e42e9c2607402bb8a64eaf114f4b3296d2561526d4c39a401263bc917f3e116304ec236d04c610a04afd245e3b48facbd339ca61ab890d0093ff5054ff4ae0b7b217b5031d67503e4bb9a416168916e86ad441132a2a1d39a35d9ed65ac2f74b8e0c26f2b864566db0f0348533ed0dfee621177fa470d56f3dc1c772d6e9162d69795d434a3bf5fb33d53f544147b673d4a6fc62eda896551b43b07a28c6bbdeae5810ef1d5a37465c9f2286d5f3b8a3573a0ca3d82689f196f67c369f5f18bf5057275449090a142dfb86efcc80ade662f48cf14223f9d77eeefe7a34738cba1322fe78cf84266e88f565d76696df3b4421d20ed2840af10885bc49d2adf21c162df7889960a12f063882068549937168264c614e73cfa0b252c30b6235f8304814c6d755d295b88ce0a408092cadf5fec9a2637afabae7134d7158c8eea278bd25b57746508fc5ecffc04f13cc8d95892bb50b54135d569af3bf11226ed8639c825da1b369fb97ea977e9a3471db2a5febc183490db3e89f3992fe8df783ace152b9d6eecdfb765a33edbe02d5b7108d0bfd278ce85f07411ba82ee34ff3cc793fee39a2611a5d8613912fe00474614965805772772f14f3ce4d99eeba9f031d303115bee246fdfce23b05e13ed6788e52195d6247024a3589e053329c8e4d531c95e6d476bdb54d0fce699da5f060a801a636407a2b5af93847a6f56f92754ebaa4b8c0e03d6576b2871c9c576e03b6271d7484970f20012810cdcd1987db5071aacc534d671a25f53929a960946b6c17d51eae7a9e0add5403db8b13e42dcc2f0bad256770dd289f7619fa32b2b4b4030d0fdaaa0a3943130ea1b3509071c42551cc5b7fcc03953a150e5c54f5aac9a1a922655daa1dfb9728fdc855d4e0068358d64969ae0ed5c397de4778b356d6bbc4655ffbce8f65aa88ecf8f39d7938420f0a8edd269ac0f531ceb7fa286ea0ba530853cfaacdbb24e9ebf2d74ff27d606838cbc8e4e01528538176fcb9853434bfd586945174bfc45511ef076c4fe1dba563995842361f74de319af90062f44f8f838f6adbc8f8fd89f73049749eb8b8e0b39077b077fa1bcf2d9abe12f9af4b5e7cef4ad1c45be2e9267ba506ce5aed7b567d9ebb2d1b9817ed5e7afffadfdd62fce04d24d609147f7dad261ab78e6a9094a2c4d91700333b6a626a5f385fae3dee2130588952d4e958b7fc5ed8e2bb9b96607bd90071d51993fb46d1f8a8009690402b208e566845774454954dcf80890f04fb1636feafaf221a764bd3b9b8f6d3c0f440b14c571c50bce9f1708c9c231ab5dfb1bb7f35e9aca986991694fd4d632dec23b19e7006542d805db4f0fe5c16725f57855529bf2e6dddf1afee3ee3a1467fb17429a826d1790a999ae7fe0b9e93720aabb8ad7267e7a627e94bef03225be86f8351c793c1719eb589a2d28921f4a9c861dc9a2d69fbb4babe044910533abf9cb44637b5bdd829c12039d0511d6f2638deb686f8da65421d9510743aed9d7fd8f0a70beb5a89ecb8430775b447739e0261e5c78e0d139d86b2b924a0e10ece2fc25f47ea30da04df9df2f466fece5e95cf3be9f175a025f014f00030203d6f9bda3892a2e6ad8322226a52dcf9edb73556739f91eed7e8b0016594af277992f5f39b027b2a360e940802b5561c3b41c16950b26116937faeb58389abfdb4c01904ce8dd79d0d3a085d4bf6b998e2e9efc8fba37e62b9233b1766aa20c1642c7d531c7e17877442ce082347052d1ae47e8737b1866e5a3c616046ac535b8a62017046418a7b6b751f502b5af9920f7283207883964bcb99fd563405eaecf19f677386b68620314bb7282e6c81dc2c2f9fa1ec99c93caa91bef554e9b5e7a1c0aaf8931ba8e7d1c181ff70c5e7c435dfb5f865853d76539a4fac9286f943a24f670b6f6fbebe56983c4f6b99e83168cf4619ee2e6574eeed0e8ee9517146399022f1b225006d1ab6e45b026b56adbee88cb762508ff151ad7df20fdd4fcd37028d4e6af30d3f04e2903e6c062941fc52ba0636c66cdd849546f3b63093875c93cb243e4a1b2902f24881711f200c799dc08ae9e811d2e3df32a05dd29709b403683631312ab2b75e70faa7ffa925cc8a637bf2bba031fdc01677c11a1ad6216ba5caee540233485bacee0c79b7193b4c2d80a63ffe2401f49bb45d68be177e332411a07ee7c3cc295efe54901c5d4c5924cc9d35e4e40e32eba557021dc85bdda3b95a037b4237343c96f360884959bc6c63961573908df9aacdee73f843bca56307cff956bf150913f28f2bb8eded7ab133959cc9ba73115640888bfd22f105838c51a3dc4daeb00d386f3a6ed07c726ee988baff65af284c04df3d48f42d97d933b35dab09de19f08567c414b35b49746305f90020dc9ba549531ce738001c25194e10f736e2642339e81d2f51e5e263071e3fbfbb4f03173881a13f5d6c1568092d8ccecf560601acf32acc74b0f959ebd5c31ff29b675fd68f472722c8c27e0e7e6de5e64091d8192d27365617f2c5068d4f6aa5b2f7113077a8677bd94450ec0e8ddcfb6e0a41d7ab070191015dfc2fc51ed1a0e6f740c59875618089b9ac414ab4bd5926cc4b0efc6c3f28bcda64eb7ad071d57e98a4733356bc12bb6b2cb2b51090df05ad59c618d805f7b63fd5db9b56351249126f47f86a08aa8d54ee37fa1bbcfb062a3974ad1a58194280a760261ad076df5db5622215121091277b01f52192c1373127cccac7018ed3d3803ec8f0c40e942db6831c6107c702c244d3d2c4b766b908db00e34b4e500746361337b385e623e0e30c8b595368f208d4252c1e9cda72336e19a3e84efe45f8dcda59ad7e206cc3f8117a42e803874e37c4eed2f224e53ba5cbdcb899138582c8b4c4db4b7a7b87858e59c0ae82e9e317034098687da80b78824fa7b4e109a9df3ac42050b0ca90ba9faa3210c59469943d50efd198ff67f1e8b541ab2e0aed25af0cfae6ab294d440c29073250845295433f8d13ca312b86b0ecfa7fe76ed8ebc2e2a34492d3a151a73ed6ef842aea51765a732a014ba800c3e804c744f3a2118b7ddeffcb3de1cf9086bad2a3f6e64a0173a15d17bb0be4a8c2aa6e7bcd0d8b011778b220bad1ff0630b30ace3436eb50381fafe907a81045bec55ef541b3f5ea609c8f2a781f49639cd06e4f558ad287b703f124a621195246fa39dfdb60e25cd01b844c02be384d56ecec7c861f3c802804a74c3a5d496fd59f06434cfbb14dbdeef3deb08a7508d8b3f0a93faa9c06c5cc122ddeaec16d9b792284755cea25330053b770bf340a238f0510f671a30cb792efa6b6dc3dadca76b6c1befe5579f070e27d004f3e813fdc6463e088eb941ce2d1274cf16671235f6d5a4359691292aa22d6b1425c0e595466493bbfc4ea50bf9ea2ad15790cbe4067e0d2270a26953c1401088c6d99394985410eafe36c303b28269778f0bbfcb5e38f7e5bc1b4e1f586dbb05f8f27ff8ecd19d6e9b04021a857c7ce14a817de46bab10e0a1276a66d21f8fb76f008afc77fdc4a2ffbe0062d978544a183f67de4f9b0c00cfaf8a2978ad0825b934b67690acaf74662d78e62ecbb7d3a7af304686bc040165df580fc034b69f0e055c0ed66090591df84027545bcd79b9b6844271407ef75bdc3ba4bb2361ec1bb5cc6fed2149d49721643dfeac5eaeec8d7f2728d4b19c34c0caa35b34c7abeedb7f0b27a4e1ff6c3344cf2a5d7a8a61b0b39d8fff9f6b93db07f586d5cbec27fb031d1d2573d5a6cb9bafb17cad239d4abb60e356ff31afa891aa170694357b5234ecf060c5a76546b1676c51368fa7512ead467903e244ee05726d65163db8529c32f0667e213af013205bfb80737007c126f762be2b2bca2e3664b2b692fbbe6eecdcae5ab6f806ce9c07e7d90fc3ad81d671c738e5bbb69bef5e8c57714321ab14088f0971a0e7eaa0faf35ec770465f5d5e4c7c872578a503083a79d6c30bbb60f26a0072b66860520d51af38a369f2b2fd2a7cd0b8c3010819fbdcc210f2848b2666982c1fd74d7bb7058672813f246f0cebd857fa64221d81bfd84132c2fc4deef035a465374015171eda9c42ec346f705c739c134812340c156621daee3cf3a722f9482c0038c91863bfb70301b29645647a4178fafca0ea2988a0633f83abb2f3bd1a617b22bfa58374581057f9a0590b50abfe054dc08e3c552a77bb4ef5f48582919c85bd3284e2342ca4ca879207949c14b3631ab64dc610a634569c088b8b1eba7ad0d628218e830e23c6a2756aead0ca58625990dd176f9fe957411a2a81b1361b7eb94e72c804e77c02ec094d0075c68def06420eb5f956baef3f4b2efbba188c27932a7f851bc35841ef260c024ba19a21cf33729d081e392d666aafc2cd7c8eb826da816e46f50277d1d326336668dcaa00c528c02a40a738b6b41cbb5f3e85724b51e8389280f16208830af3f19a83be470049cebde8a29ffb0bd000b69194546f6690da8f20d85f31ad332519552467a4f4ed7950da6ccf70a0b88f391262dd37fa4d48d7752ee367ab7f6490f2da2b1e7df46d2f63338f6321443a0abcde43d5771e08c6b7db2b58ddf494f0166da47b430750ce5c27a8e8a4b87b6a42df4e13cb33fae9adf1efb7805f8bbccd630b7aed2fb5c3fe6057b292d5309236110ac9c6e114a617f1170588942d64f62521f127b38805bc391935dc70cb22afb7a10f613e8e296a5d7b1636aded27e6e2ba5ef7dc36171681c72ecbd467b844a869bed61a4bacccccba03d731e7a788322aa88567d8df8916ad8cda6230a5064fc64afab987879a8606951401984385b72a76548b610f568bacc3faed0a66a802e4115551f90760529451f9354cd16e54955d88626d9d9f135cea5813cc52392d71e35cf974ecd21a903f7d8b90e6347785fab8ba268a09372b30559bb409f62a1a41369cce09715068fed37db8d61e04f078e28d842aa1a5171eff00eedc1c16a66e93a7c707d25eda3f2d0932bde33cdceffef5bb9b4ded749a6a741ca51d4886cb2071a40ed3565af70b9e25db903c5ecb5802373f1ed2400cfa0d16bf017be3537609e8b4aa87c0ac3d710cdfd513d1585c284e355dc0fa84a2c2cca8a2b6b8e37f8660443adc233d98b6a53111a602f99ced8aeb95230ed52e58e21ec306ec791a4d6bbf5c8c03b6dadad7f632f6550858b0b2dd418ac551c410bcb1cfac4b55f6d9a72568987bd3d0fd38ac00c9d21783f25a17408eb8ff01bb02c860267b70def7a8639f17e430108b7a342ee32d370c1c24b4930bd0455b38ebcf6ca7c2d7e3f14ca67b6c3fae3b498d4f8cb4711b8b055ab6ab104b73cfd334496a72735708bc1ca40200d7c552251a430184bb9a5b0df8a174a2ce7af7bc434520c074d73d47cc30ca30541f1ace040f7f496704bf8da0074163b97c3c46a9e2bad411d6e960c9ee1a4a2b1e008efe2d2da5f6275bc6d845dc536f6564b8dc4fbf23269d8b5712fc264d787be32d7e990cad31a61335495fa5928fb612c948dc431c70c8dbb194a1ddad2896695cbdd844e4f8142da25328f875c2e026a5fc87add305b747e7d91d3bbda1fcffb138a2938a0b43322cf1bda62fc646a837b67c546988a831cf9e27e4fb928f30e8638afb8ace00d7b6d6327a4ca4be9240308184f42e28f193a4bf3b99a1e546f47c7086971d17624500a23127303a9c45af365270c5c66c840cbb09406245a91ba5a29e00d0fcb97559bcb75fea2fd91e77537073681893cff9cbbc04e14b0587a377bca6ba2d9163d1d568f561a9bbced7fa399a8b9da08d971157aa628cfaf41cc7e6ab4cf3646d8b6a9432682a1fef6a1b43d3138acf22cdaba3b6929d6f9776bf8b9c13249247f360e99ae8e2ef00d39ce292795117b7431db5008a9b5438a4d919a1e7c8cb13f0b3741db923a4801cbe5428386e1e1657fdafb922ff513385d29a7f2b62df951c36dd364144becb5ada584c6e8ac992712c9aca6c5ffd4d69c82356632495bbba344af2d0c1e813072791e804e84d437633be7d027e996a376377dafd87d8a371e54a00eb65f502a64c1dd2ed13f1096a693aacfb0038d5f1b000248848b8c79b4d49c13f6301abe405c81970aef362d9f8d39b8ffabb5353a5379eaa7434b8848dd68d4a3d84f057101e7f7d9e1edd094c42a7a49cf3491e64aeaab516a2fb444322a31e31602e3e873a5a0255b081128d6b6bf8bb4f39326b9fff6d6f98c7c4414d7230895ab2dc96800073506b5e78bd903dba02b1f30f53e6499638dfb8be85816f7cc6e1fe1b5fad2a78d02994010afd9f3bbab1a3ae49644b4f9334f75b33501f1e86b82e8244f5c11db7baf191428456b125723d65668889f381c013f117bf29807f28452aace5941f3fd52a5c97e173893a1da6ec4c0b89fc318aa06b6fa9805d292396f2e5367d91446eb1c0ada2ebfdea172da539d728151f40e3c7119801f3a338ef52461a88ccb91757ee8048db51704c6436df8f96194765ca945345775a223bebd4d79a65c79b07d877bf27777291320161dda83c96dfe31f803b7472e240e2a37f71d57470229aafb64e8385e9c74d06d0dc870a57bccb0a3dc9ec559bd1d9c78da3de0717013f929380462fbe3611fe29983c3b2d04b33d34e0b3f2e775d189ee49ed71e637c676ca162fe3fc77bafec6010afa1edc3eb4ff963d66c95aaa1cbef11d78d61fb602a2ffeae3bc8d1e2eed0ee009e6afffad527bdd6c39a02545da47f901db0b380430a71749c4d5b8cd1e434ecc5dea52c5ddd1b59b962ebb3965407444f71a48e29e1b28cb80af5ca8688d6462df71da8be89ee3e430bcb67108fd8645b3deb2b20f61db0560f0f1a1b7769d7eac6275d28b3972199c3a83548bc8c7947e678bdbfe53d048f5f38c724e4cb297ec9f3f79bec2c012dc6894d84d7eb0955087e94d88bbe86f731b16d4537f965ebd29ea36fc000fc3e8ea73310b98f5f7b94b1ea40311657b5056252d6cc542897c4cbac31f690d916d4226680e4818b9d94ce2bd897788578fdabfefee9df3a38789330bb9edba4e", 0x2000, &(0x7f0000006b40)={&(0x7f00000039c0)={0x50, 0x0, 0x1, {0x7, 0x2d, 0x200000, 0x14024008, 0x3, 0x4, 0xff, 0x3, 0x0, 0x0, 0x80, 0x80}}, &(0x7f0000003a40)={0x18, 0xfffffffffffffffe, 0x9, {0xffffffff}}, &(0x7f0000003a80)={0x18, 0x0, 0x100000001, {0x6}}, &(0x7f0000003ac0)={0x18, 0x0, 0x5, {0x6}}, &(0x7f0000003b00)={0x18, 0x0, 0xffffffff, {0x7fffffff}}, &(0x7f0000003dc0)={0x28, 0x0, 0xd1f, {{0x7, 0x7, 0x2}}}, &(0x7f0000003e00)={0x60, 0x0, 0x7fffffffffffffff, {{0xfffffffffffffff8, 0x2, 0x5, 0x9, 0x4, 0x8, 0x9, 0x10001}}}, &(0x7f0000003e80)={0x18, 0x0, 0xee8, {0x4}}, &(0x7f00000005c0)=ANY=[@ANYBLOB="110000000000000040cf00000000000000238430c7d6c91deceaca5e8b388232bfdeaecf124c46c6aaaca7c27a390a63d5f2ab9849683870f754a4ea738c7de63ab3ecc728e09d56f6eb4ed0762248bfd3bb4b236d7a0f8649d83a6e2c712befd3498808fca967ac6e78a2de93bda6780b78e50b"], &(0x7f0000003f00)={0x20, 0x0, 0x7fffffff, {0x0, 0x4}}, &(0x7f0000003fc0)={0x78, 0x0, 0x80000001, {0x7fff, 0x5, 0x0, {0x6, 0x6, 0x3, 0x7fff, 0x7, 0xb, 0x8, 0xffffffff, 0x1, 0x1d000, 0xad, 0x0, 0x0, 0x8, 0x25}}}, &(0x7f0000004100)={0x90, 0xffffffffffffffda, 0x5f5, {0x0, 0x0, 0xe, 0x0, 0x200, 0x4, {0x3, 0x9, 0x2, 0x78, 0x0, 0x8, 0x0, 0x2, 0x7fffffff, 0xa000, 0x401, 0x0, 0x0, 0x401, 0x6}}}, &(0x7f00000041c0)=ANY=[@ANYBLOB="88000000daffffff020000000000000005000000000000000b0000000000000001000000b7fa000027fd8900000000000600000000000000020000000000000000000000050000000200000000000000020000000000000001000000f6000000000000000000000004000000000000000500000000000000010000000300"/136], &(0x7f0000006480)={0x320, 0x0, 0xe9b6, [{{0x3, 0x0, 0x3, 0x8000000000000000, 0x2, 0x6, {0x6, 0xf3d, 0x6, 0xcf, 0x5, 0xb, 0x4, 0xffffff74, 0x0, 0x6000, 0x67ee, 0x0, 0x0, 0xff, 0x2}}, {0x0, 0xc, 0x0, 0x1ff}}, {{0x4, 0x0, 0x3, 0x4000000000000000, 0xe46, 0x7, {0x2, 0x3, 0x101, 0x9d, 0x1, 0xd07d, 0x3, 0x4, 0xfffffbe0, 0x6000, 0xada2, 0x0, 0x0, 0x5be98da7, 0x9bdd}}, {0x1, 0x0, 0x5, 0x7, 'syz1\x00'}}, {{0x6, 0x1, 0xc, 0x0, 0x6, 0x80, {0x6, 0x100000001, 0xf, 0x5, 0xf38, 0xfff, 0x21d10b9, 0x8, 0x80, 0x8000, 0x7, 0x0, 0x0, 0x3, 0x5}}, {0x4, 0x5, 0x0, 0x2}}, {{0x3, 0x0, 0xc, 0x6000000, 0x8, 0xffffffff, {0x5, 0x0, 0x9, 0x7, 0x8000, 0x8, 0x8, 0x80, 0x0, 0x4000, 0x80, 0x0, 0x0, 0x7, 0x93}}, {0x3, 0xfffffffffffffff9, 0x2, 0x3c5, '&-'}}, {{0x1, 0x1, 0x5, 0xd4, 0x100, 0xf, {0x0, 0x100000001, 0xfffffffffffff935, 0xffffffff, 0x3, 0x6, 0x10000, 0x8, 0x5, 0xa000, 0xfffffff2, 0x0, 0x0, 0x9, 0x4}}, {0x2, 0x800, 0x5, 0x4, 'TIPC\x00'}}]}, &(0x7f0000006840)={0xa0, 0x0, 0x5, {{0x3, 0x2, 0x5, 0x7, 0xfffffff9, 0x0, {0x2, 0x3, 0x8, 0x1, 0x9, 0x8, 0x6, 0xfff, 0x6, 0x2000, 0x3, 0x0, 0xffffffffffffffff, 0xc, 0xffffffff}}, {0x0, 0x15}}}, &(0x7f0000006900)={0x20, 0x0, 0x4, {0xb, 0x4, 0x6, 0x5}}, &(0x7f0000006a00)={0x130, 0x0, 0x4, {0x2, 0xc38, 0x0, '\x00', {0x2, 0x101, 0x2, 0x10001, 0x0, 0x0, 0x4000, '\x00', 0x10000, 0x7, 0x40, 0x5, {0x3, 0xfffffff5}, {0x7f, 0x3}, {0x3, 0x8}, {0x9, 0x8}, 0xe0000, 0x2, 0x6, 0xfffffff7}}}})
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0) (async)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) (async)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000020000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0) (async)
r4 = socket(0x10, 0x803, 0x2)
openat$kvm(0xffffff9c, &(0x7f00000001c0), 0xc842ab71ea77f6a0, 0x0) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x1, 0x16, 0xb4, 0x7f}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r5}, 0x38) (async)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_GET_ONE_REG(r7, 0x4010aeab, &(0x7f0000000100)=@riscv64_timer={0x8030000004000001, 0x0}) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4) (async)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r8, @ANYBLOB="01"], 0x3c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) (async)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000340), r1)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r1, &(0x7f00000004c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0x28, r9, 0x300, 0x70bd28, 0x25dfdbfe, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x8050}, 0x40)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000000500)=@newchain={0x24, 0x64, 0x300, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x7, 0xe}, {0xfff2, 0x9}, {0x0, 0x1ffe4}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x993f2506eef3a35a) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[@ANYRESHEX, @ANYRES32=0x0, @ANYBLOB="000000000000000008001b000000000004001a80180002"], 0x44}}, 0x0) (async)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r10, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r11 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="300000001c000104000000000000000002000000", @ANYRES32=r3, @ANYBLOB="000014000a000100aaaaaaaeaaaa000008000f00010000003e11859a3351e595fc"], 0x30}, 0x1, 0x0, 0x0, 0x20000}, 0x0)

1.704410548s ago: executing program 0 (id=2850):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
fremovexattr(0xffffffffffffffff, 0x0)
io_setup(0x7, &(0x7f0000001240)=<r1=>0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/power/hibernate_compression_threads', 0x81, 0x114)
io_submit(r1, 0x1, &(0x7f0000000400)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000bc0)='\x00', 0x1, 0x1000000000003}])
pidfd_getfd(r2, r0, 0x0)

1.642269095s ago: executing program 5 (id=2851):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@newlink={0x4c, 0x10, 0xffffffffffffffff, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x0, 0x33822}, [@IFLA_MASTER={0x8, 0xa, r1}, @IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_FAIL_OVER_MAC={0x5, 0xd, 0x2}, @IFLA_BOND_MODE={0x5, 0x1, 0x1}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x20040040) (fail_nth: 4)

1.194211853s ago: executing program 4 (id=2852):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000080)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffff7f}]})
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440)={0x28, 0x0, 0x2710, @host}, 0x10)
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)=ANY=[], 0x0)
listen(r1, 0x9)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

1.182359346s ago: executing program 5 (id=2853):
unshare(0x20000400)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_getnetconf={0x14, 0x52, 0x311}, 0x14}}, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='coredump_filter\x00')
preadv(r1, &(0x7f0000000540)=[{&(0x7f0000000480)=""/185, 0xb9}], 0x1, 0x1, 0xfffffffc)
r2 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
syz_open_dev$dmmidi(&(0x7f0000000000), 0x40, 0x240000)
unshare(0x40000)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000240)={0x0, &(0x7f0000000040)=[@code={0xa, 0x5d, {"6536f340ac67f26eb9a0090000b818eb0000ba000000000f30400f01c566baf80cb834106086ef66bafc0cedb9800000c00f3235008000000f30364d0fc75ddff20f10f90f78cd46c05f0000"}}], 0x5d})
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
write$usbip_server(r3, &(0x7f0000000940)=@ret_submit={{0x3, 0x1, 0x0, 0x0, 0x10000}, 0x9, 0x87, 0x2, 0x9e, 0x2e6, 0x0, "cb517827372df28b58b07361a5428fbecaeaad29a7248fc817e1a26908669347d049d561b6262c2786204ed7f63d9b0d7a646c19cbb634e6c63cba62fea5e39246ba9842a1925e32aca530cf1a240f227de212fe1230728087a13a39b45c1a39df72fb7dfee564f06602f21b77ab72267d2a62466ae97acda12332687509f2d59f9f13ed888624", [{0x3ff, 0x401, 0x7, 0x8}, {0x1, 0x4, 0xbe9, 0xfff}, {0x3ff, 0x86d, 0x8, 0xffff0000}, {0x800, 0x7f20, 0x5, 0xe0f}, {0xa6, 0x0, 0x8001, 0x3}, {0xffffff7f, 0xf753, 0x6, 0x1}, {0x5, 0x7, 0x7f, 0x80}, {0x6, 0x7, 0x3, 0x5}, {0x136b, 0xe5, 0xfffffff8, 0x2}, {0x8000, 0x2, 0x80000001, 0x24db}, {0x0, 0x4, 0x4, 0x40000000}, {0x3, 0x7f, 0x5, 0x80000000}, {0x6, 0x9, 0x5, 0x800}, {0x8, 0x800, 0xce0f, 0x9}, {0x6, 0x8, 0x6, 0x4}, {0x3, 0x4, 0x800, 0x3}, {0x3303, 0x5e2, 0x8000, 0x1}, {0xf, 0xffffffff, 0x99ec, 0x9}, {0x5, 0x7f, 0x1000, 0x4}, {0x1, 0x3, 0x800, 0x5}, {0x4, 0xa033, 0x6, 0xffffffc0}, {0xaa7, 0x7fffffff, 0x9, 0xb28}, {0x4, 0x1, 0x9, 0x6}, {0x7, 0x28e, 0x2, 0x141}, {0x7ff, 0xfffffffd, 0x7, 0x2}, {0x3, 0x5, 0xfffffffc, 0x5}, {0x6, 0x6, 0x1000, 0xbe4}, {0x93, 0x93, 0x8, 0x1}, {0x9, 0xda, 0xc5, 0x38a0cf11}, {0x5, 0x7, 0x1}, {0x976, 0xde31, 0x80000001, 0x21f}, {0x6, 0x3, 0x8, 0xfffffffb}, {0xc, 0x0, 0x5, 0x7fffffff}, {0x5, 0x2, 0x101, 0x4}, {0x4, 0x9, 0x57, 0x5}, {0x5, 0x7fff, 0x3, 0xace}, {0x488, 0x2, 0x7, 0x9}, {0x2, 0x3, 0x4, 0xa9c7}, {0x3, 0x5, 0x8, 0xfffffff8}, {0x5, 0x800, 0xf, 0xfff}, {0xe9b, 0x7f, 0x1}, {0x8, 0xe1, 0x1, 0xfffffff9}, {0x2cc, 0x9, 0x0, 0xf}, {0x1, 0x4, 0x4, 0x401}, {0x5, 0xe3f1, 0x8001, 0x9}, {0x8, 0x3da4115d, 0x1, 0x8}, {0x8, 0x8, 0x4, 0x9bb1}, {0xb, 0x7, 0xd, 0x7}, {0x4, 0x4, 0x8, 0x2}, {0x3, 0x3, 0x9, 0x3}, {0x745, 0x400, 0x5, 0x1}, {0x9, 0x0, 0xfff, 0x6}, {0x1, 0x2, 0x3, 0x48}, {0xfffffffb, 0x5, 0xc72, 0x401}, {0xbf, 0x6, 0x2743, 0x8}, {0x5, 0x98e, 0x7f20, 0xfffffffb}, {0x1, 0xffffff42, 0x75c, 0x5}, {0xa11, 0x4, 0xfffffff2, 0x13}, {0xfffffffe, 0x9, 0x3, 0xa983}, {0x6, 0x9, 0xffffffff, 0x8ca}, {0x3, 0xffffffff, 0x0, 0x2}, {0x4, 0xffffffff, 0x4d86, 0xffffffff}, {0x8001, 0x3, 0xfffffffd, 0x33}, {0x1, 0x9, 0x7243, 0x1f40}, {0x3, 0x800, 0x1000, 0x8}, {0x6, 0x2, 0x3, 0x8}, {0x5, 0x6, 0x7, 0x2}, {0x0, 0x5, 0xd311, 0x2}, {0x8, 0x1, 0x9}, {0xffff0000, 0x69d, 0xffff31f1, 0x9}, {0xfeb3, 0x8, 0x28d, 0x4}, {0x5, 0x2, 0x4, 0x5f}, {0x2, 0x48dd, 0x2, 0x1ff}, {0x9, 0x9e, 0xd, 0x7f}, {0xf, 0x6, 0xd902}, {0x8d2, 0x7fff, 0x0, 0x7}, {0x2, 0x2, 0x6}, {0xa56, 0xfffffffc, 0x5, 0x6}, {0xe, 0x8, 0x0, 0x401}, {0x6, 0x7fff, 0xfb39, 0xcf}, {0xf, 0xae, 0xfff, 0x6}, {0x8, 0x5, 0xff, 0x6}, {0x4, 0x7, 0x3, 0x3}, {0x3ff, 0x4, 0x7fffffff, 0xb942}, {0x5, 0x80000000, 0x0, 0x100}, {0x3, 0x6, 0x9, 0x81}, {0x100, 0x4, 0x256a, 0x5}, {0x3, 0x6, 0x8, 0x200}, {0x5, 0x5, 0x0, 0x5}, {0x3, 0x5, 0xffffff7f, 0x5}, {0x1, 0x9, 0x5, 0x200}, {0x4000000, 0x8, 0x0, 0x1}, {0x8000, 0x7, 0x400, 0x400}, {0x1, 0x100, 0x70, 0xd006}, {0x85, 0x4, 0x6, 0x4}, {0x0, 0x5, 0x7, 0x1ff}, {0x7, 0x200, 0x8000, 0xc7}, {0xa, 0x6, 0x6, 0x8}, {0x5, 0xfffffffd, 0xfffffff8, 0x1000}, {0x0, 0x7f, 0xff, 0x8}, {0x8, 0x8, 0x400, 0x2}, {0x64b6, 0x8001, 0x10001, 0xc}, {0x3, 0x1, 0xfffffff9, 0x83}, {0x0, 0x1, 0x7aa, 0x101}, {0xf, 0x7, 0x4, 0x4d}, {0xffffffff, 0x1, 0x3, 0x200}, {0x5, 0x5, 0x7, 0x2000000}, {0x7, 0x1, 0x100, 0x200}, {0xfffff756, 0x80000000, 0xffff, 0xd}, {0xbda3, 0x7fffffff, 0x2000000, 0x1}, {0x2, 0xfffffff7, 0x6, 0x1}, {0xfffffffd, 0x1, 0x7f, 0x8}, {0x5, 0x38b, 0x8, 0x6}, {0x8, 0x0, 0x7f, 0x1}, {0x782, 0x6883, 0x7, 0xc47}, {0x7, 0x82, 0x2, 0x7}, {0x7, 0xe1d1, 0x7, 0x7}, {0xc32, 0x9, 0x8001, 0xffffff7f}, {0x9, 0x5, 0x8000, 0x5a74}, {0x0, 0x29, 0x5, 0x7}, {0x3, 0x1, 0xffffff81}, {0x3, 0x94e, 0x80}, {0x9, 0x9, 0xa709, 0xffffffff}, {0x2, 0x4, 0x0, 0x1ff}, {0x3, 0x7f, 0x7fff, 0x12}, {0x0, 0x2, 0x1e3, 0xfffffffd}, {0x5, 0xfffffff7, 0x6, 0x2}, {0x32e74e3f, 0x3, 0x90000, 0x4}, {0x6aa, 0xc, 0x7, 0xae69}, {0x3, 0xd, 0x2, 0x3}, {0x80000000, 0x4, 0x1, 0x6}, {0x80, 0x1000, 0x101, 0x401}, {0x1, 0x2, 0x3ff, 0x2}, {0x1125, 0x7fff, 0x3, 0x8001}, {0x1, 0x2b5fbb63, 0x10}, {0x7, 0x8, 0x6, 0x3}, {0x4, 0x89147a00, 0x4, 0x5}, {0x3, 0x1, 0x800, 0x1}, {0x4, 0x6, 0x5, 0x81}, {0x7fff, 0xc5, 0x8, 0xb7c}, {0xa5, 0x3, 0x7, 0x6}, {0xffffffff, 0x1000, 0x1, 0x5}, {0x57b0, 0x18, 0x7, 0x658}, {0x0, 0x6, 0x7, 0xd2b}, {0x9, 0x81, 0xe, 0x800}, {0x0, 0xd3, 0x7, 0xe}, {0x7, 0x4, 0x301, 0x20000000}, {0x9, 0xb54, 0xf, 0xa3}, {0x6000, 0x8, 0x9, 0x3}, {0xffffffff, 0xb28, 0x52, 0x4f66}, {0xffffff1f, 0x76, 0x78e, 0x7e45}, {0x2, 0x10001, 0x8, 0x1}, {0x7ff, 0x8, 0x100, 0xff}, {0x9c, 0xa92, 0x0, 0x1}, {0x5, 0x81, 0x5, 0x7}, {0x5, 0x40, 0xda18, 0x2}, {0x1000, 0x9, 0x7fff80, 0x9}, {0x8, 0x5, 0x3fce, 0x1000}]}, 0xa97)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f00000000c0)={0x1, 0x0, [{0x40000000, 0x1, 0x1, 0x3, 0x6, 0x6, 0x3ff}]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$MON_IOCX_GETX(r2, 0x4018920a, 0x0)

1.05524646s ago: executing program 0 (id=2854):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000002c80)={0xa, 0x14e24, 0x4}, 0x1c)
connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c)
recvmmsg(r0, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000240)=""/101, 0x65}, {0x0}], 0x2}, 0x2}], 0x1, 0x1, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20e8086)
sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0)

784.050689ms ago: executing program 5 (id=2855):
r0 = syz_clone(0x4200000, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r2, 0x0, 0x2000)
timer_settime(r1, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
wait4(r0, 0x0, 0x40000000, 0x0)

783.636186ms ago: executing program 2 (id=2856):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x24, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e2b, 0x7, @rand_addr=' \x01\x00', 0x2}, 0x1c)
r1 = socket(0xa, 0x3, 0x3a)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$NILFS_IOCTL_SET_SUINFO(r0, 0x40186e8d, &(0x7f0000000180)={&(0x7f00000000c0)=[{0x20963059, 0x2, 0x0, {0x1, 0x53}}, {0x0, 0x0, 0x0, {0xffffffffffffffff, 0x3, 0x1}}, {0x800, 0x0, 0x0, {0x6, 0x6}}, {0x7ff, 0x2, 0x0, {0x10001, 0x5, 0x1}}, {0x6, 0x0, 0x0, {0xe1a, 0x4, 0x2}}], 0x5, 0x20, 0xfffb, 0x8})
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000080)={0x0, 0x0, 0x4b, 0x0, 0x2}, 0xc)
setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f0000000000)=0x800, 0x4)

726.950664ms ago: executing program 1 (id=2857):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r1 = syz_io_uring_complete(0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000180)="e97b2a657bc01d67ecbb636b13ef24310b6cecd087c412c34408eb53376e86b82e31451093e19848642ea9c77a3b9c81dedae4048ae17a4d730a00f03b4351b03349814fbfb4de46ac15dcdfbe03a24c18418778f8dc3a61a240a6", 0x5b)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r2, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00'})
r3 = dup2(0xffffffffffffffff, r0)
mmap$qrtrtun(&(0x7f00000fa000/0x3000)=nil, 0x3000, 0x0, 0x8010, r3, 0x12c)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@code={0x1, 0x87, {"0f22e5c744240060420000c744240233d8cecbc7442406000000000f011c24660f38816810c4027958b20000000064449966baf80cb83284af80ef66bafc0c66ed66baf80cb8cc07ff8aef66bafc0cb8d4000000ef48b8f8000000000000000f23c00f21f835030009000f23f8450f2244c4417c50cc"}}], 0x87})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x36900, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000100)={0x0, 0xaaa, &(0x7f0000000240), 0x0})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x9, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0xa], 0x10000, 0x202})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
socket$inet(0x2, 0x3, 0x7f)
socket$igmp(0x2, 0x3, 0x2)
socket$igmp(0x2, 0x3, 0x2)

562.169342ms ago: executing program 2 (id=2858):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x40000, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=@newtfilter={0x38, 0x2c, 0xd27, 0x170bd2c, 0x2, {0x0, 0x0, 0x0, r5, {0x0, 0x10}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x80}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4894}, 0x42)
close(r3)
socket(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r6, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r6, &(0x7f0000000200)={&(0x7f0000000540)=@xdp={0x2c, 0x0, r5, 0x42}, 0x80, &(0x7f0000000440)=[{&(0x7f00000001c0)="27030200dc0f14000e0006004024c1020000ff8407c2fb7fe0406e52534b4f6b3d327db412f40000000003000000", 0xfdd0}], 0x1}, 0x4005)

439.324991ms ago: executing program 2 (id=2859):
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000c80)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@ipv4_newaddr={0x28, 0x14, 0x509, 0x70bd28, 0x25dfdbfd, {0x2, 0x1f, 0x0, 0xcb, r2}, [@IFA_BROADCAST={0x8, 0x4, @empty}, @IFA_LOCAL={0x8, 0x2, @multicast2}]}, 0x28}, 0x1, 0x0, 0x0, 0x4040014}, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

438.385892ms ago: executing program 1 (id=2860):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
write$binfmt_aout(r1, &(0x7f0000000200)=ANY=[], 0xc8)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f0000000080)={0xf0f03f, 0x6e})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x124, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_RULE_EXPRESSIONS={0xfc, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x17}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0xb}]}}}, {0x14, 0x1, 0x0, 0x1, @connlimit={{0xe}, @void}}, {0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}, {0xc, 0x1, 0x0, 0x1, @ct={{0x7}, @void}}, {0x40, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_CT_DIRECTION={0x5, 0x3, 0x1}, @NFTA_CT_DIRECTION={0x5, 0x3, 0x1}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_CT_DIRECTION={0x5}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x7}, @NFTA_CT_SREG={0x8}]}}}, {0x2c, 0x1, 0x0, 0x1, @lookup={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_DREG={0x8, 0x3, 0x1, 0x0, 0x16}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0x1}]}}}, {0xc, 0x1, 0x0, 0x1, @ct={{0x7}, @void}}, {0x10, 0x1, 0x0, 0x1, @hash={{0x9}, @void}}, {0xc, 0x1, 0x0, 0x1, @rt={{0x7}, @void}}]}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x1}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x14c}, 0x1, 0x0, 0x0, 0x40}, 0x24000840)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x34, 0x71, 0x10, 0x33}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0x3, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd56, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x70, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x34, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}, @NFTA_LIMIT_TYPE={0x8, 0x4, 0x1, 0x0, 0x1}]}}}]}, @NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}, {0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x100}}, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000140)=[<r6=>0x0], &(0x7f0000000180)=[<r7=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r5, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r6, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0x1000, 0x101c, 0x10, 0x4, 0x401, 0x100, 0xa, 0x0, 0x52, 0x43, 0x7e9, 0x401, 0x9aa5, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}})
r8 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0x1, 0x0, 0x337740ff}, {0x6, 0x1, 0x12, 0xffffffff}]}, 0x8)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f0000000080)={0x0, 0xfff5, &(0x7f0000000040)={&(0x7f0000000280)={{0x14, 0x10, 0x20}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x54, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1886c301}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_HOOK_DEV={0x14, 0x3, 'macvtap0\x00'}]}]}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xc4}, 0x1, 0x0, 0x0, 0x20004040}, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r11 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r11, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @broadcast})
write$tun(r9, &(0x7f0000000240)=ANY=[@ANYBLOB="034886dd0900300003003000000060ce902d9f0c88"], 0xfdef)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[r6, r7], 0x2, 0x0, 0x0, <r12=>0xffffffffffffffff})
r13 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r13, 0x29, 0x4, &(0x7f0000000040)=0xb, 0x4)
connect$inet6(r13, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
ioctl$DRM_IOCTL_MODE_SETCRTC(r12, 0xc06864a2, &(0x7f0000000340)={0x0, 0x0, r6, 0x0, 0x0, 0x0, 0xffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe, 0x0, 0x0, 0x0, "b1eddb851ba62b00d8730000000000000000000800"}})
close_range(r0, 0xffffffffffffffff, 0x0)

409.261194ms ago: executing program 2 (id=2861):
syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socket(0x1d, 0x5, 0x26)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, &(0x7f0000000200)=0x20022a, 0x4)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0)
syz_open_dev$evdev(0x0, 0x1, 0x80000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r2, 0x10e, 0x2, &(0x7f0000000040)=0x12, 0x4)

402.882485ms ago: executing program 5 (id=2862):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{0xd000, 0x0, 0xe, 0x0, 0x81, 0x4, 0xa, 0x4e, 0x0, 0x7, 0x6, 0x1}, {0x5000, 0xffff1000, 0x3, 0x3, 0x2, 0x8, 0xd, 0x3, 0x0, 0x81, 0x8, 0x4}, {0x5000, 0x54000, 0x0, 0x7, 0x4, 0x1, 0x7, 0x6, 0x0, 0x6, 0x2}, {0xffff1000, 0x10000, 0xe, 0x2, 0x1, 0x3, 0x10, 0x0, 0x1, 0x6, 0x4, 0x9}, {0x7000, 0x30000, 0x9, 0x0, 0x80, 0xee, 0x0, 0x8, 0x7c, 0x0, 0xe, 0x9}, {0x3000, 0x4, 0x8, 0x1, 0x6, 0x4, 0x1, 0x1, 0x0, 0x86, 0xb, 0x2}, {0xeeee8000, 0xeeee0000, 0xc, 0x7, 0x7, 0x3, 0x1d, 0x47, 0x30, 0x2, 0x9, 0xe1}, {0xf000, 0x2, 0x0, 0xf8, 0xfd, 0xa, 0x2, 0x4, 0x3, 0x8, 0x5, 0xce}, {0x4, 0x7}, {0x6000, 0x5}, 0x80000035, 0x0, 0x0, 0x40, 0x7, 0x1000, 0xeeef0000, [0x5, 0x8001, 0x8]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

236.629238ms ago: executing program 1 (id=2863):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x1ab)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1040, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x40)
write(r4, &(0x7f0000004200)='t', 0x1)
sendfile(r4, r3, 0x0, 0x7fffffff)
ftruncate(r2, 0x2007ffb)
sendfile(r2, r2, 0x0, 0x1000000201005)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6364, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r8, {0x0, 0xd}, {0x1, 0xb}, {0xffff, 0x3}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x4, 0x10, 0x6, 0x8, 0xfbee}, 0x3, 0x0, 0x3, 0x7, 0xe, 0x4, 0xd, 0x18, 0x5, 0x2, {0x6, 0x8, 0xfffffffc, 0x0, 0xffffffff, 0x5}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x240048e4}, 0x4890)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r9 = socket$packet(0x11, 0x3, 0x300)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
set_mempolicy(0x4005, &(0x7f0000000000)=0x1, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xb, "00000000000204000000000b00"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r10, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x1058, [{0x11}, {0x0, 0x100000000000000}]}, 0x68)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', <r11=>0x0})
sendto$packet(r9, &(0x7f0000000280)="05", 0x1, 0x440bc, &(0x7f0000000140)={0x11, 0x86dd, r11, 0x1, 0x3, 0x6, @remote}, 0x14)

206.677962ms ago: executing program 5 (id=2864):
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0xa, 0x300)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000380)={"ee1018bb", 0x1000, 0xdc, 0x8, 0x560, 0x6, "6c79bf30c933b2c74933691baf5e76", "85b70a33", "f2f9256c", "695885fd", ["dc3a2175daddc4be5bb5ed88", "429cb4a13a706b8199073fbc", "bf3725cc6361bdeb383add75", "2034a551090098e109291940"]})
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
socket$inet6(0xa, 0x3, 0x3c)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a3200000000140000001100"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

90.209286ms ago: executing program 0 (id=2865):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0x0, 0x0, 0x5}, 0x2c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x1, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000001000000b7080000000000007b8af8ff00000000b508000000000000638af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018240000", @ANYRES32=r0, @ANYBLOB="0000000302000000b703000008000000850000006a00000095"], &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)

0s ago: executing program 0 (id=2866):
r0 = syz_open_dev$admmidi(&(0x7f0000000300), 0xde, 0x1a9882)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, &(0x7f0000000480)={0x1, 0xa987, 0x4})
readv(r0, &(0x7f00000005c0)=[{&(0x7f0000000140)=""/224, 0xe0}], 0x1)
r1 = syz_usb_connect(0x3, 0x36, &(0x7f0000000600)=ANY=[@ANYRESOCT=r0, @ANYRESOCT=r0, @ANYBLOB="64e97841ce74a24cd0cc1dca8616b13493e9a11b039b60a84e946af26ad58757d2d2e1dd7d49d5a525e82d5876056610fb27eb39d02896dfe7137603716527ee84914b50a0040bb2bf818310353ba5ec3c96d1f5dd77f19cd064f2890783134ee185c02a995ecb5437a1b942fa1603f452843a2f5f908921246735b64957804d9bfc9de1b46b3efb9d8eeacb480d69db83276d00813be962a86fea35b953770acdd1419ce8576685d7a1", @ANYRES8=r0], 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_control_io$printer(r1, &(0x7f0000000440)={0x14, &(0x7f0000000240)={0x20, 0x7, 0xae, {0xae, 0x24, "bba5f8b3c65573b8468cda65884f513388bb411e7ccaf7cfa0272de2d70cae7cee683ecc9b76410e87105d82fd4c2510f4195c6f193c7f420b2730909a295828d09341e814bad6e2521affc3558e07fbe0de2cfc7fd7c5126d27c8241350f970108b8b0e1b2a88685a2201a7f42236a2b437502ba1afcc041ad5c475f65fcef829ad3eed47f7860c67b57cfcd3d29ebb8167e504c78cb384e823cc8a80061a5fe522e563bed208af9b7e4ff5"}}, &(0x7f0000000340)={0x0, 0x3, 0xeb, @string={0xeb, 0x3, "a8337060a97ed61d83eee8dd7f3d19cdb8b1138655ab1f22fc33fdf9c316315888b9448149d36834d998f7d0e07e18e99f10eba6bcc7556d91fe13733c6cfc126c2017ae81e6f3835a6a68b1344e6d5f21f5f53bf391b2736c56ce27ff4412734f368d63fab9f1073b9e93c93d1e78434654b40ffee64b2a0cee1897888de6ca48b08cc7553dfe4401cf133a6474e38a197599755bfb71e40f81ac02b41be15ffdacf15221c1f7a1e95add8c51401b52572d3982c02493ff85e455739bb4ebe6c4d5556778861524aadf332a9886520074f55615edba7ce81ad0ce165408ed227eb570339d393ceb9a"}}}, &(0x7f00000009c0)={0x34, &(0x7f0000000700)={0x40, 0xe, 0xc1, "d08e6bd78edfbadb0a40998e78ce5bac82d0d44bcc35dc5a0032a89a8ff641f424729c9136e3a7039078613acd33e2b0dc0a828d7e3ba1612d5a227a7c1be5fbb61d51de5490ceddf4a95ac51700bcb512424ede46bd8c5541c12091eaf11416b99952ef5613e7eedd5c516096aa23f32bf6b6df8fe7970cdf0421199d3c79745cc10b676dbd878339dff67137b26d2162e1211fe7bddde6de89cc38fed329e01b1fff3ad8567ea95ca2a2855869d3aa3fc40a913a687d8ed78757b17246c5da08"}, &(0x7f0000000800)={0x0, 0xa, 0x1, 0x7d}, &(0x7f0000000840)={0x0, 0x8, 0x1, 0xfa}, &(0x7f0000000880)={0x20, 0x0, 0xba, {0xb8, "bc612117a354259070cca9870e26812ddd7f50a97a6c5de30f93952fc6a419aa6af76f7cd9816366ca2b0a7f8c57eb5d4dd7c86165395eef6df82a79cff8578feaded92aeb96cba8aaa357c407a5d27b3fee6b7e0e3782d33b3fc3460ff937128796b1a02d3db74e82c5b9ef1892867f6050da5de3953f274109ce6ae3d9eadb5e5aab2ec2178fbe84e9086b51919244577d3eef27e9f591f2946fea343c883bcdd65101bb950d65e6eb5643162729b3d953fec96567be65"}}, &(0x7f0000000940)={0x20, 0x1, 0x1, 0x5}, &(0x7f0000000980)={0x20, 0x0, 0x1, 0x1}})
r2 = memfd_create(&(0x7f00000005c0)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10`\xee\xa9\x8b\x06%\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xa96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xd9Jx\xaa\x8f~\xb94a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xd6m\xf7@]iNP\xf1\x1d\xab\x13\xce\x152s\xb8\x85\x98\x84\xbf\x8c\x80{\x16\t\xd6\x17P3\xe9\xebGKL\xd3\x88\xd2\rLG\x8e\xd6\xa72\xf4\x92\xeb&\xa5\xcc\x14FZN\x98%[p\x989\xf6\xf5\xb6\xedk\xe6\xb0\xa1\x8f\x90\xdb\xd6h)\x0f6\x88\x03P\x8ak\xf9\xc9\x82`\xa7Ku\x99\xab\xd4\xb2\xaa1\x99O\x8b\x99-\xe3', 0x1)
r3 = dup(r2)
write$binfmt_elf64(r3, &(0x7f00000006c0)={{0x7f, 0x45, 0x4c, 0x46, 0x6, 0xff, 0x78, 0xa3, 0x23e, 0x3, 0x3e, 0xcd, 0x4000000000001d4, 0x40, 0x2ea, 0x10000, 0x5, 0x38, 0x0, 0xe223, 0x6b1, 0x501}}, 0x40)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
prctl$PR_SET_FP_MODE(0x2d, 0x1)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000140)={0x0, 0x4, 0x0, 0x0, 0xff, "810000cc2b000000000000fa25ffff00ffffff"})
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000200)=0xb27)
r5 = syz_open_pts(r4, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000540)=ANY=[@ANYBLOB="ffffffffffff1704b45adbde08004500005c00000000000190bfac1e0001ac1414aa05009078e00000e04000000000000000004d0000ac1414aaac1414aa8303008612000000020d06c642f4600006fa5b9511441400030a01013200000000ac1414aa00000100000000"], 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000100)=0x19)
ioctl$TIOCL_UNBLANKSCREEN(r5, 0x541c, &(0x7f00000004c0))
syz_usb_control_io$lan78xx(r1, 0x0, 0x0)
r6 = io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0x2150, 0xc000, 0x3, 0x234})
io_uring_enter(r6, 0x5c4, 0xd539, 0x16, 0x0, 0x0)
io_uring_enter(r6, 0x60b2, 0xbd80, 0x40, &(0x7f0000000000)={[0x1]}, 0x8)
syz_usb_control_io$sierra_net(r1, 0x0, 0x0)

kernel console output (not intermixed with test programs):

: device descriptor read/64, error -71
[  349.168950][   T10] usb 2-1: new low-speed USB device number 103 using dummy_hcd
[  349.232536][T12139] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  349.240299][T12139] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  349.339147][   T10] usb 2-1: device descriptor read/64, error -71
[  349.341313][T12139] vhci_hcd vhci_hcd.0: Device attached
[  349.471905][   T10] usb usb2-port1: attempt power cycle
[  349.571760][T12136] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1741'.
[  349.598491][ T5703] usb 33-1: new low-speed USB device number 2 using vhci_hcd
[  349.828865][   T10] usb 2-1: new low-speed USB device number 104 using dummy_hcd
[  349.869558][   T10] usb 2-1: device descriptor read/8, error -71
[  349.979004][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  350.119021][   T10] usb 2-1: new low-speed USB device number 105 using dummy_hcd
[  350.159399][   T10] usb 2-1: device descriptor read/8, error -71
[  350.279162][   T10] usb usb2-port1: unable to enumerate USB device
[  351.687377][T12181] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1754'.
[  351.740661][   T29] kauditd_printk_skb: 62 callbacks suppressed
[  351.740681][   T29] audit: type=1326 audit(1781726912.317:8509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz.0.1755" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  351.853672][   T29] audit: type=1326 audit(1781726912.317:8510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz.0.1755" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  351.932322][   T29] audit: type=1326 audit(1781726912.357:8511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz.0.1755" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  352.033448][   T29] audit: type=1326 audit(1781726912.357:8512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz.0.1755" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  352.063201][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  352.070233][   T29] audit: type=1326 audit(1781726912.357:8513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz.0.1755" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  352.097384][   T29] audit: type=1326 audit(1781726912.357:8514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz.0.1755" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  352.124930][   T29] audit: type=1326 audit(1781726912.357:8515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz.0.1755" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  352.170226][   T29] audit: type=1326 audit(1781726912.357:8516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12182 comm="syz.0.1755" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  352.416947][T12185] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1756'.
[  352.736847][T12185] raw_sendmsg: syz.0.1756 forgot to set AF_INET. Fix it!
[  353.376626][T12209] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1765'.
[  353.871756][T12221] mac80211_hwsim hwsim2 syzkaller0: left promiscuous mode
[  353.903987][T12221] mac80211_hwsim hwsim2 syzkaller0: left allmulticast mode
[  354.139594][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  354.208766][ T5696] usb 5-1: new high-speed USB device number 120 using dummy_hcd
[  354.396251][ T5696] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  354.439418][ T5696] usb 5-1: config 0 has no interfaces?
[  354.466997][ T5696] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  354.512624][ T5696] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  354.551633][ T5696] usb 5-1: config 0 descriptor??
[  354.786878][ T5696] usb 5-1: USB disconnect, device number 120
[  355.198615][ T5682] usb 1-1: new high-speed USB device number 105 using dummy_hcd
[  355.370962][ T5682] usb 1-1: Using ep0 maxpacket: 32
[  355.391591][ T5682] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[  355.423310][ T5682] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  355.457698][ T5682] usb 1-1: config 0 has no interfaces?
[  355.484813][ T5682] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  355.518000][ T5682] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  355.542600][ T5682] usb 1-1: Product: syz
[  355.565518][ T5682] usb 1-1: Manufacturer: syz
[  355.582257][ T5682] usb 1-1: SerialNumber: syz
[  355.600513][ T5682] usb 1-1: config 0 descriptor??
[  356.219097][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  356.232584][ T5696] usb 2-1: new high-speed USB device number 106 using dummy_hcd
[  356.421570][ T5696] usb 2-1: unable to get BOS descriptor or descriptor too short
[  356.452803][ T5696] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  356.479183][ T5696] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[  356.519938][ T5696] usb 2-1: New USB device found, idVendor=21b4, idProduct=0081, bcdDevice= 0.40
[  356.555394][ T5696] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  356.580702][ T5696] usb 2-1: Product: syz
[  356.602831][ T5696] usb 2-1: Manufacturer: syz
[  356.632732][ T5696] usb 2-1: SerialNumber: syz
[  356.673079][   T10] usb 1-1: USB disconnect, device number 105
[  356.699225][   T29] audit: type=1326 audit(1781726917.277:8517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12266 comm="syz.4.1786" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d7139ce59 code=0x7ffc0000
[  356.767410][   T29] audit: type=1326 audit(1781726917.287:8518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12266 comm="syz.4.1786" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d7139ce59 code=0x7ffc0000
[  356.828095][   T29] audit: type=1326 audit(1781726917.287:8519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12266 comm="syz.4.1786" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d7139caeb code=0x7ffc0000
[  356.902223][   T29] audit: type=1326 audit(1781726917.287:8520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12266 comm="syz.4.1786" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d7139caeb code=0x7ffc0000
[  356.974175][   T29] audit: type=1326 audit(1781726917.287:8521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12266 comm="syz.4.1786" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d7139caeb code=0x7ffc0000
[  357.067714][   T29] audit: type=1326 audit(1781726917.287:8522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12266 comm="syz.4.1786" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d7139caeb code=0x7ffc0000
[  357.097539][   T29] audit: type=1326 audit(1781726917.287:8523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12266 comm="syz.4.1786" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d7139caeb code=0x7ffc0000
[  357.144970][ T5696] usb 2-1: USB disconnect, device number 106
[  357.165584][   T29] audit: type=1326 audit(1781726917.287:8524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12266 comm="syz.4.1786" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d7139caeb code=0x7ffc0000
[  357.228280][   T29] audit: type=1326 audit(1781726917.287:8525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12266 comm="syz.4.1786" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d7139caeb code=0x7ffc0000
[  357.256316][   T29] audit: type=1326 audit(1781726917.287:8526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12266 comm="syz.4.1786" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d7139caeb code=0x7ffc0000
[  357.281742][   T29] audit: type=1326 audit(1781726917.287:8527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12266 comm="syz.4.1786" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d7139caeb code=0x7ffc0000
[  357.317475][T12276] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[  357.442263][T12281] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  357.448856][T12281] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  357.458995][T12281] vhci_hcd vhci_hcd.0: Device attached
[  357.481328][T12274] [U] 
[  357.723404][T12286] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1792'.
[  357.761563][T12286] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1792'.
[  357.807369][T12287] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1792'.
[  357.940049][T12282] vhci_hcd: connection closed
[  357.940283][   T13] vhci_hcd vhci_hcd.0: stop threads
[  357.962470][   T13] vhci_hcd vhci_hcd.0: release socket
[  357.968153][   T13] vhci_hcd vhci_hcd.0: disconnect device
[  358.000769][T12295] netlink: 'syz.2.1795': attribute type 10 has an invalid length.
[  358.046302][T12295] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  358.300005][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  360.142421][T12350] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  360.380113][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  361.640795][T12377] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1824'.
[  362.252411][T12392] cifs: Unknown parameter ''
[  362.459357][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  362.509747][T12400] ipip0: entered promiscuous mode
[  362.545534][T12400] ipip0: entered allmulticast mode
[  362.660158][T12400] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1831'.
[  362.691761][T12400] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1831'.
[  362.705939][T12400] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1831'.
[  363.218067][T12410] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  363.340923][T12410] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1834'.
[  364.142268][T12427] bridge0: port 3(syz_tun) entered blocking state
[  364.157153][T12427] bridge0: port 3(syz_tun) entered disabled state
[  364.189403][T12427] syz_tun: entered allmulticast mode
[  364.204158][T12427] syz_tun: entered promiscuous mode
[  364.220292][T12427] bridge0: port 3(syz_tun) entered blocking state
[  364.226847][T12427] bridge0: port 3(syz_tun) entered forwarding state
[  364.266787][T12436] loop2: detected capacity change from 0 to 7
[  364.304553][T12436] Dev loop2: unable to read RDB block 7
[  364.323594][T12436]  loop2: unable to read partition table
[  364.331323][T12436] loop2: partition table beyond EOD, truncated
[  364.350023][T12436] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  364.539295][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  364.778507][ T5675] usb 2-1: new full-speed USB device number 107 using dummy_hcd
[  364.980643][ T5675] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[  365.027592][ T5675] usb 2-1: config 0 has no interface number 0
[  365.059850][   T10] usb 1-1: new high-speed USB device number 106 using dummy_hcd
[  365.092696][ T5675] usb 2-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F
[  365.134134][ T5675] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  365.166885][ T5675] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  365.196653][ T5675] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  365.213484][ T5675] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  365.226890][ T5675] usb 2-1: Product: syz
[  365.230031][   T10] usb 1-1: Using ep0 maxpacket: 16
[  365.241248][ T5675] usb 2-1: SerialNumber: syz
[  365.250774][ T5675] usb 2-1: config 0 descriptor??
[  365.264489][ T5675] cm109 2-1:0.8: invalid payload size 0, expected 4
[  365.274747][ T5675] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input65
[  365.294155][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  365.315798][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  365.341613][   T10] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  365.423470][   T10] usb 1-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  365.466178][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  365.473492][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  365.475881][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  365.480673][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  365.480868][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  365.481054][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  365.481246][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  365.481499][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  365.525465][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  365.532632][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  365.540020][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  365.614244][ T5675] usb 2-1: USB disconnect, device number 107
[  365.614280][    C1] cm109 2-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  365.661227][ T5675] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  365.667805][   T10] usb 1-1: Product: syz
[  365.687191][   T10] usb 1-1: Manufacturer: syz
[  365.696980][   T10] usb 1-1: SerialNumber: syz
[  365.723561][   T10] usb 1-1: config 0 descriptor??
[  365.772043][   T10] mcba_usb 1-1:0.0: Can't find endpoints
[  366.216733][T12476] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  366.249735][T12476] bridge0: port 2(bridge_slave_1) entered disabled state
[  366.256986][T12476] bridge0: port 1(bridge_slave_0) entered disabled state
[  366.619185][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  366.846825][T12492] loop4: detected capacity change from 0 to 2640
[  366.891619][T12492] buffer_io_error: 32 callbacks suppressed
[  366.891639][T12492] Buffer I/O error on dev loop4, logical block 0, lost async page write
[  366.962346][T12492] Buffer I/O error on dev loop4, logical block 1, lost async page write
[  367.027846][T12492] Buffer I/O error on dev loop4, logical block 2, lost async page write
[  367.041088][T12492] Buffer I/O error on dev loop4, logical block 3, lost async page write
[  367.050669][T12492] Buffer I/O error on dev loop4, logical block 4, lost async page write
[  367.059827][T12492] Buffer I/O error on dev loop4, logical block 5, lost async page write
[  367.071811][T12492] Buffer I/O error on dev loop4, logical block 6, lost async page write
[  367.083733][T12492] Buffer I/O error on dev loop4, logical block 7, lost async page write
[  367.160497][T12492] Buffer I/O error on dev loop4, logical block 8, lost async page write
[  367.189790][T12492] Buffer I/O error on dev loop4, logical block 9, lost async page write
[  367.922791][ T5675] usb 1-1: USB disconnect, device number 106
[  367.962978][T12521] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1873'.
[  368.701542][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  370.782146][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  372.858717][   T24] usb 1-1: new high-speed USB device number 107 using dummy_hcd
[  372.859192][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  373.059462][   T24] usb 1-1: Using ep0 maxpacket: 16
[  373.076073][   T24] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30
[  373.108107][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  373.143817][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  373.173737][   T24] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  373.216950][   T24] usb 1-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  373.228081][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.243781][   T24] usb 1-1: config 0 descriptor??
[  373.414574][T12648] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1922'.
[  373.553702][T12650] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  373.591971][T12650] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  373.713536][   T24] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5013.000F/input/input66
[  373.835146][   T24] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5013.000F/input/input67
[  373.932512][   T24] kye 0003:0458:5013.000F: input,hiddev0,hidraw0: USB HID vff.fa Device [HID 0458:5013] on usb-dummy_hcd.0-1/input0
[  374.006826][   T24] usb 1-1: USB disconnect, device number 107
[  374.050014][T12660] fido_id[12660]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory
[  374.939066][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  374.993437][T12683] loop4: detected capacity change from 0 to 2640
[  375.031947][T12683] buffer_io_error: 477 callbacks suppressed
[  375.031979][T12683] Buffer I/O error on dev loop4, logical block 0, lost async page write
[  375.050310][ T5827] Buffer I/O error on dev loop4, logical block 256, async page read
[  375.089882][T12683] Buffer I/O error on dev loop4, logical block 1, lost async page write
[  375.118339][T12683] Buffer I/O error on dev loop4, logical block 2, lost async page write
[  375.148455][T12683] Buffer I/O error on dev loop4, logical block 3, lost async page write
[  375.173426][T12683] Buffer I/O error on dev loop4, logical block 4, lost async page write
[  375.202705][T12683] Buffer I/O error on dev loop4, logical block 5, lost async page write
[  375.219651][T12683] Buffer I/O error on dev loop4, logical block 6, lost async page write
[  375.241567][T12683] Buffer I/O error on dev loop4, logical block 7, lost async page write
[  375.270133][T12683] Buffer I/O error on dev loop4, logical block 8, lost async page write
[  375.714262][T12689] netlink: 'syz.4.1935': attribute type 1 has an invalid length.
[  375.863445][T12690] bond5 (unregistering): Released all slaves
[  375.956057][T12695] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1935'.
[  376.030952][T12695] 8021q: adding VLAN 0 to HW filter on device bond5
[  376.150956][T12692] bond5: (slave gretap1): making interface the new active one
[  376.207481][T12692] bond5: (slave gretap1): Enslaving as an active interface with an up link
[  376.675256][T12705] loop2: detected capacity change from 0 to 7
[  376.707323][T12705] Dev loop2: unable to read RDB block 7
[  376.730725][T12705]  loop2: unable to read partition table
[  376.754015][T12705] loop2: partition table beyond EOD, truncated
[  376.783862][T12705] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  377.019394][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  377.123897][T12713] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  377.149627][T12713] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  378.145489][T12748] loop4: detected capacity change from 0 to 2640
[  378.630112][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  378.636544][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  378.655153][T12760] trusted_key: encrypted_key: key user:syz not found
[  378.675493][T12760] syzkaller1: entered promiscuous mode
[  378.723068][T12760] syzkaller1: entered allmulticast mode
[  379.098909][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  380.765062][T12782] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1968'.
[  383.572361][T12856] cifs: Unknown parameter ''
[  384.123588][T12871] netlink: 'syz.5.2000': attribute type 1 has an invalid length.
[  384.344331][T12875] 8021q: adding VLAN 0 to HW filter on device bond3
[  384.353148][T12878] qrtr: Invalid version 0
[  384.377316][T12875] bond2: (slave bond3): making interface the new active one
[  384.415702][T12875] bond2: (slave bond3): Enslaving as an active interface with an up link
[  384.509429][T12871] bond2: (slave gretap1): Enslaving as a backup interface with an up link
[  385.288566][T12893] fuse: root generation should be zero
[  387.541257][T12955] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  387.842707][T12962] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  387.844749][T12962] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  388.030086][T12963] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  388.233572][T12974] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3642988519 (466302530432 ns) > initial count (459226025088 ns). Using initial count to start timer.
[  388.529287][T12979] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2040'.
[  388.561641][  T808] hid_parser_main: 45 callbacks suppressed
[  388.561683][  T808] hid-generic 0002:0004:0009.0010: unknown main item tag 0x0
[  388.594769][   T29] kauditd_printk_skb: 25 callbacks suppressed
[  388.594787][   T29] audit: type=1400 audit(1781726949.167:8553): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=12970 comm="syz.2.2038"
[  388.640233][  T808] hid-generic 0002:0004:0009.0010: unknown main item tag 0x0
[  388.659127][  T808] hid-generic 0002:0004:0009.0010: unknown main item tag 0x0
[  388.672772][  T808] hid-generic 0002:0004:0009.0010: unknown main item tag 0x0
[  388.821234][  T808] hid-generic 0002:0004:0009.0010: unknown main item tag 0x0
[  388.897601][  T808] hid-generic 0002:0004:0009.0010: unknown main item tag 0x0
[  388.942819][  T808] hid-generic 0002:0004:0009.0010: unknown main item tag 0x0
[  389.038285][  T808] hid-generic 0002:0004:0009.0010: unknown main item tag 0x0
[  389.111665][  T808] hid-generic 0002:0004:0009.0010: unknown main item tag 0x0
[  389.183861][  T808] hid-generic 0002:0004:0009.0010: unknown main item tag 0x0
[  389.255387][  T808] hid-generic 0002:0004:0009.0010: hidraw0: <UNKNOWN> HID v0.04 Device [syz0] on syz0
[  389.595699][T12979] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  389.625814][T12979] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  389.727482][T12979] netdevsim netdevsim1 netdevsim0: left allmulticast mode
[  389.762581][T12979] macsec1: left promiscuous mode
[  389.767946][T12979] macsec1: left allmulticast mode
[  389.774791][T12979] xfrm1: left allmulticast mode
[  389.805565][T12979] bond2: left promiscuous mode
[  389.814671][T12979] ipip0: left promiscuous mode
[  389.834098][T12979] ipip0: left allmulticast mode
[  390.230907][T13001] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  390.239928][T12999] netlink: 'syz.1.2045': attribute type 4 has an invalid length.
[  390.310797][T13001] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  390.397185][T13007] dvmrp0: entered allmulticast mode
[  390.522871][T13011] netlink: 'syz.0.2050': attribute type 2 has an invalid length.
[  390.546434][T13011] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2050'.
[  392.163869][   T29] audit: type=1326 audit(1781726952.737:8554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13030 comm="syz.5.2060" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc37a59ce59 code=0x0
[  393.656086][T13068] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2073'.
[  393.986994][T13074] netlink: 'syz.5.2076': attribute type 1 has an invalid length.
[  394.100161][T13076] bond4 (unregistering): Released all slaves
[  394.288972][  T808] usb 1-1: new high-speed USB device number 108 using dummy_hcd
[  394.422077][T13084] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  394.471541][  T808] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  394.474769][  T808] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  394.474800][  T808] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  394.474824][  T808] usb 1-1: Product: syz
[  394.474839][  T808] usb 1-1: Manufacturer: syz
[  394.474855][  T808] usb 1-1: SerialNumber: syz
[  394.687660][  T808] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 108 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  394.705066][  T808] usb 1-1: USB disconnect, device number 108
[  394.707871][  T808] usblp0: removed
[  394.791005][T13092] program syz.2.2080 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  395.303324][T13102] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2085'.
[  395.688371][  T808] usb 1-1: new high-speed USB device number 109 using dummy_hcd
[  395.862198][  T808] usb 1-1: Using ep0 maxpacket: 32
[  395.886893][  T808] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  395.908947][  T808] usb 1-1: config 0 has no interfaces?
[  395.924725][  T808] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  395.947747][T13107] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2088'.
[  395.963532][  T808] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  396.000840][T13108] netlink: 'syz.1.2087': attribute type 1 has an invalid length.
[  396.039242][  T808] usb 1-1: config 0 descriptor??
[  396.177733][T13111] 8021q: adding VLAN 0 to HW filter on device bond5
[  396.214644][T13111] bond4: (slave bond5): making interface the new active one
[  396.228115][T13119] program syz.4.2091 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  396.240568][T13111] bond4: (slave bond5): Enslaving as an active interface with an up link
[  396.273633][T13104] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  396.314425][T13104] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  396.327776][T13108] bond4: (slave gretap1): Enslaving as a backup interface with an up link
[  396.365303][ T5723] usb 1-1: USB disconnect, device number 109
[  396.466447][T13128] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2096'.
[  397.072705][T13144] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2099'.
[  397.144241][T13146] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  397.164140][T13146] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  397.190138][   T29] audit: type=1400 audit(1781726957.767:8555): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=13138 comm="syz.0.2100"
[  397.224359][ T5723] hid_parser_main: 7 callbacks suppressed
[  397.224382][ T5723] hid-generic 0002:0004:0009.0011: unknown main item tag 0x0
[  397.243631][ T5723] hid-generic 0002:0004:0009.0011: unknown main item tag 0x0
[  397.253587][ T5723] hid-generic 0002:0004:0009.0011: unknown main item tag 0x0
[  397.270595][ T5723] hid-generic 0002:0004:0009.0011: unknown main item tag 0x0
[  397.296173][ T5723] hid-generic 0002:0004:0009.0011: unknown main item tag 0x0
[  397.326509][ T5723] hid-generic 0002:0004:0009.0011: unknown main item tag 0x0
[  397.357386][ T5723] hid-generic 0002:0004:0009.0011: unknown main item tag 0x0
[  397.388856][ T5723] hid-generic 0002:0004:0009.0011: unknown main item tag 0x0
[  397.417905][ T5723] hid-generic 0002:0004:0009.0011: unknown main item tag 0x0
[  397.439681][ T5723] hid-generic 0002:0004:0009.0011: unknown main item tag 0x0
[  397.475570][ T5723] hid-generic 0002:0004:0009.0011: hidraw0: <UNKNOWN> HID v0.04 Device [syz0] on syz0
[  397.534531][T13152] program syz.1.2103 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  397.793367][T13159] netlink: 'syz.1.2106': attribute type 1 has an invalid length.
[  397.961478][T13159] 8021q: adding VLAN 0 to HW filter on device bond7
[  398.009009][T13159] bond6: (slave bond7): making interface the new active one
[  398.039386][T13159] bond6: (slave bond7): Enslaving as an active interface with an up link
[  398.245338][T13167] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2108'.
[  398.699377][ T5675] usb 2-1: new full-speed USB device number 108 using dummy_hcd
[  398.845954][T13173] input: syz1 as /devices/virtual/input/input68
[  398.889919][ T5675] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  398.915689][ T5675] usb 2-1: config 0 has no interfaces?
[  398.951280][ T5675] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  398.999415][ T5675] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.022478][ T5675] usb 2-1: config 0 descriptor??
[  399.262575][ T5675] usb 2-1: USB disconnect, device number 108
[  400.038954][T13198] 8021q: adding VLAN 0 to HW filter on device bond8
[  400.061204][T13198] bond0: (slave bond8): Enslaving as an active interface with an up link
[  400.088314][ T5675] usb 5-1: new full-speed USB device number 121 using dummy_hcd
[  400.260144][ T5675] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[  400.268442][ T5675] usb 5-1: config 0 has no interface number 0
[  400.274635][ T5675] usb 5-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F
[  400.290102][ T5675] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  400.301835][ T5675] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  400.314128][ T5675] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  400.323702][ T5675] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  400.336274][ T5675] usb 5-1: Product: syz
[  400.341015][ T5675] usb 5-1: SerialNumber: syz
[  400.348138][ T5675] usb 5-1: config 0 descriptor??
[  400.357372][ T5675] cm109 5-1:0.8: invalid payload size 0, expected 4
[  400.371826][ T5675] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input69
[  400.580314][    C1] cm109_urb_ctl_callback: 380 callbacks suppressed
[  400.580340][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  400.581087][ T5723] usb 5-1: USB disconnect, device number 121
[  400.586898][    C1] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  400.631882][ T5723] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  401.056878][T13230] 8021q: adding VLAN 0 to HW filter on device bond5
[  401.070608][T13230] bond0: (slave bond5): Enslaving as an active interface with an up link
[  401.625055][T13248] bridge0: port 3(syz_tun) entered disabled state
[  401.644745][T13248] bridge0: port 2(bridge_slave_1) entered disabled state
[  401.652360][T13248] bridge0: port 1(bridge_slave_0) entered disabled state
[  401.863318][T13248] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  401.975733][T13248] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  402.140400][T13248] batman_adv: batadv0: Interface deactivated: gretap1
[  402.187058][ T1126] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  402.242267][ T1126] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  402.285134][ T1126] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  402.301972][ T1126] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  402.898423][   T10] usb 1-1: new high-speed USB device number 110 using dummy_hcd
[  403.059167][   T10] usb 1-1: Using ep0 maxpacket: 32
[  403.066745][   T10] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  403.085743][   T10] usb 1-1: config 0 has no interface number 0
[  403.107269][   T10] usb 1-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=93.d8
[  403.127728][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  403.139240][   T10] usb 1-1: Product: syz
[  403.144419][   T10] usb 1-1: Manufacturer: syz
[  403.150330][   T10] usb 1-1: SerialNumber: syz
[  403.164239][   T10] usb 1-1: config 0 descriptor??
[  403.187898][   T10] usb 1-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  403.199125][   T10] usb 1-1: selecting invalid altsetting 1
[  403.206239][   T10] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  403.223373][   T10] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  403.252745][   T10] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  403.282981][   T10] usb 1-1: media controller created
[  403.319836][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  404.459162][   T10] usb 1-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  404.493003][   T10] zl10353_read_register: readreg error (reg=127, ret==-110)
[  404.510880][T13275] usb 1-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[  404.624218][   T10] usb 1-1: USB disconnect, device number 110
[  404.700333][T13308] qrtr: Invalid version 0
[  404.773307][T13308] syzkaller1: entered promiscuous mode
[  404.792609][T13308] syzkaller1: entered allmulticast mode
[  405.116429][T13323] netlink: 6 bytes leftover after parsing attributes in process `syz.5.2166'.
[  405.217240][T13328] qrtr: Invalid version 0
[  405.267182][T13331] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  405.276422][T13328] syzkaller1: entered promiscuous mode
[  405.285657][T13328] syzkaller1: entered allmulticast mode
[  405.293384][T13331] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  405.877459][T13342] program syz.5.2172 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  406.487948][T13350] qrtr: Invalid version 0
[  406.537410][T13350] syzkaller1: entered promiscuous mode
[  406.554225][T13350] syzkaller1: entered allmulticast mode
[  407.070570][T13358] netlink: 6 bytes leftover after parsing attributes in process `syz.0.2179'.
[  407.359831][ T5675] usb 2-1: new high-speed USB device number 109 using dummy_hcd
[  407.514263][T13368] program syz.5.2183 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  407.518957][ T5675] usb 2-1: Using ep0 maxpacket: 32
[  407.531300][ T5675] usb 2-1: unable to get BOS descriptor or descriptor too short
[  407.546738][ T5675] usb 2-1: config 14 has an invalid interface number: 57 but max is 1
[  407.560555][ T5675] usb 2-1: config 14 has an invalid interface number: 228 but max is 1
[  407.569510][ T5675] usb 2-1: config 14 has no interface number 0
[  407.576391][ T5675] usb 2-1: config 14 has no interface number 1
[  407.593371][ T5675] usb 2-1: config 14 interface 228 altsetting 5 has a duplicate endpoint with address 0x8, skipping
[  407.608372][ T5675] usb 2-1: config 14 interface 228 altsetting 5 has an endpoint descriptor with address 0xD1, changing to 0x81
[  407.620737][ T5675] usb 2-1: config 14 interface 228 altsetting 5 endpoint 0x81 has an invalid bInterval 109, changing to 10
[  407.632532][ T5675] usb 2-1: config 14 interface 228 altsetting 5 endpoint 0x81 has invalid maxpacket 57993, setting to 1024
[  407.645501][ T5675] usb 2-1: config 14 interface 228 altsetting 5 endpoint 0x9 has an invalid bInterval 122, changing to 10
[  407.657278][ T5675] usb 2-1: config 14 interface 228 altsetting 5 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  407.672154][ T5675] usb 2-1: config 14 interface 57 has no altsetting 0
[  407.682066][ T5675] usb 2-1: config 14 interface 228 has no altsetting 0
[  407.691549][ T5675] usb 2-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=78.13
[  407.702112][ T5675] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  407.710737][ T5675] usb 2-1: Product: syz
[  407.715123][ T5675] usb 2-1: Manufacturer: syz
[  407.720266][ T5675] usb 2-1: SerialNumber: syz
[  407.728332][  T808] usb 1-1: new full-speed USB device number 111 using dummy_hcd
[  407.890256][  T808] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  407.901703][  T808] usb 1-1: config 0 has no interfaces?
[  407.907270][  T808] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  407.917102][  T808] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.927734][  T808] usb 1-1: config 0 descriptor??
[  408.137630][ T5710] usb 1-1: USB disconnect, device number 111
[  408.151207][ T5675] legousbtower 2-1:14.57: interrupt endpoints not found
[  408.551496][ T5675] legousbtower 2-1:14.228: LEGO USB Tower firmware version is 125.42 build 65441
[  408.577953][ T5675] legousbtower 2-1:14.228: LEGO USB Tower #-160 now attached to major 180 minor 0
[  408.609169][T13380] qrtr: Invalid version 0
[  408.635433][T13382] netlink: 'syz.4.2188': attribute type 1 has an invalid length.
[  408.689145][T13380] syzkaller1: entered promiscuous mode
[  408.697431][T13380] syzkaller1: entered allmulticast mode
[  408.739280][T13382] 8021q: adding VLAN 0 to HW filter on device bond7
[  408.751705][T13388] netlink: 6 bytes leftover after parsing attributes in process `syz.0.2190'.
[  408.769432][T13382] bond6: (slave bond7): making interface the new active one
[  408.790157][T13382] bond6: (slave bond7): Enslaving as an active interface with an up link
[  408.820965][T13382] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2188'.
[  408.835208][T13382] 8021q: adding VLAN 0 to HW filter on device bond6
[  408.962220][T13399] program syz.4.2194 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  409.713125][T13415] xt_HMARK: proto mask must be zero with L3 mode
[  409.732685][T13415] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2200'.
[  409.906993][T13419] fuse: Bad value for 'fd'
[  409.921954][T13417] netlink: 6 bytes leftover after parsing attributes in process `syz.5.2201'.
[  410.070742][T13422] qrtr: Invalid version 0
[  410.104253][T13424] loop4: detected capacity change from 0 to 2640
[  410.132381][T13424] buffer_io_error: 252 callbacks suppressed
[  410.132400][T13424] Buffer I/O error on dev loop4, logical block 0, lost async page write
[  410.153181][ T5827] Buffer I/O error on dev loop4, logical block 256, async page read
[  410.164815][T13422] syzkaller1: entered promiscuous mode
[  410.173833][T13424] Buffer I/O error on dev loop4, logical block 1, lost async page write
[  410.189001][T13424] Buffer I/O error on dev loop4, logical block 2, lost async page write
[  410.202049][T13422] syzkaller1: entered allmulticast mode
[  410.202363][T13424] Buffer I/O error on dev loop4, logical block 3, lost async page write
[  410.219725][T13424] Buffer I/O error on dev loop4, logical block 4, lost async page write
[  410.230943][T13424] Buffer I/O error on dev loop4, logical block 5, lost async page write
[  410.242699][T13424] Buffer I/O error on dev loop4, logical block 6, lost async page write
[  410.254489][T13424] Buffer I/O error on dev loop4, logical block 7, lost async page write
[  410.264004][T13424] Buffer I/O error on dev loop4, logical block 8, lost async page write
[  410.403163][T13426] program syz.0.2205 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  410.925048][ T5710] usb 2-1: USB disconnect, device number 109
[  410.951557][ T5710] legousbtower 2-1:14.228: LEGO USB Tower #-160 now disconnected
[  411.554378][T13453] loop4: detected capacity change from 0 to 2640
[  411.607958][T13457] program syz.0.2219 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  411.901118][T13465] fuse: Bad value for 'fd'
[  413.416797][T13502] fuse: Bad value for 'fd'
[  413.518057][T13506] syzkaller0: entered promiscuous mode
[  413.525389][T13506] syzkaller0: entered allmulticast mode
[  415.317769][T13568] qrtr: Invalid version 20
[  416.144545][T13592] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  416.202050][T13592] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  416.913461][T13599] kAFS: unable to lookup cell '(,c¾Ì'
[  417.267818][T13609] bond7 (unregistering): Released all slaves
[  417.541470][T13625] loop4: detected capacity change from 0 to 2640
[  417.571825][T13628] qrtr: Invalid version 0
[  417.583271][T13625] buffer_io_error: 505 callbacks suppressed
[  417.583292][T13625] Buffer I/O error on dev loop4, logical block 0, lost async page write
[  417.612655][T13625] Buffer I/O error on dev loop4, logical block 1, lost async page write
[  417.651542][T13625] Buffer I/O error on dev loop4, logical block 2, lost async page write
[  417.666451][T13625] Buffer I/O error on dev loop4, logical block 3, lost async page write
[  417.677520][T13625] Buffer I/O error on dev loop4, logical block 4, lost async page write
[  417.687728][T13625] Buffer I/O error on dev loop4, logical block 5, lost async page write
[  417.696783][T13625] Buffer I/O error on dev loop4, logical block 6, lost async page write
[  417.705703][T13625] Buffer I/O error on dev loop4, logical block 7, lost async page write
[  417.715928][T13625] Buffer I/O error on dev loop4, logical block 8, lost async page write
[  417.724899][T13625] Buffer I/O error on dev loop4, logical block 9, lost async page write
[  418.678813][ T5723] usb 1-1: new full-speed USB device number 112 using dummy_hcd
[  418.836591][T13653] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2292'.
[  418.864176][ T5723] usb 1-1: config 0 has an invalid interface number: 8 but max is 0
[  418.882075][ T5723] usb 1-1: config 0 has no interface number 0
[  418.900572][ T5723] usb 1-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F
[  418.945318][ T5723] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  418.980308][ T5723] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  419.008925][ T5723] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  419.032430][ T5723] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  419.086640][ T5723] usb 1-1: Product: syz
[  419.101633][ T5723] usb 1-1: SerialNumber: syz
[  419.120821][ T5723] usb 1-1: config 0 descriptor??
[  419.139195][ T5723] cm109 1-1:0.8: invalid payload size 0, expected 4
[  419.166472][ T5723] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input70
[  419.356392][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  419.364681][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  419.372423][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  419.380134][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  419.387279][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  419.395227][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  419.402920][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  419.410626][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  419.417791][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  419.425767][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  419.489141][ T5723] usb 1-1: USB disconnect, device number 112
[  419.495241][    C0] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  419.576956][ T5723] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  419.959208][ T5710] usb 2-1: new high-speed USB device number 110 using dummy_hcd
[  420.120290][ T5710] usb 2-1: Using ep0 maxpacket: 32
[  420.130398][ T5710] usb 2-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  420.147029][ T5710] usb 2-1: config 0 interface 0 has no altsetting 0
[  420.160870][ T5710] usb 2-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  420.200172][ T5710] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.230311][ T5710] usb 2-1: config 0 descriptor??
[  420.353783][T13665] loop4: detected capacity change from 0 to 2640
[  421.472592][T13684] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2300'.
[  421.483406][T13677] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  421.494855][T13684] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2300'.
[  421.516061][T13677] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  421.606313][T13677] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  421.645176][T13677] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  421.836763][T13688] qrtr: Invalid version 0
[  422.976164][T13705] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2309'.
[  423.005282][ T5710] usbhid 2-1:0.0: can't add hid device: -71
[  423.033152][ T5710] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  423.064101][ T5710] usb 2-1: USB disconnect, device number 110
[  423.361439][T13719] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(9)
[  423.368011][T13719] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  423.515160][T13719] vhci_hcd vhci_hcd.0: Device attached
[  423.816146][T13721] vhci_hcd: connection closed
[  423.816427][   T76] vhci_hcd vhci_hcd.5: stop threads
[  423.826928][ T5675] usb 44-1: SetAddress Request (2) to port 0
[  423.837889][ T5675] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[  423.849751][   T76] vhci_hcd vhci_hcd.5: release socket
[  423.867684][   T76] vhci_hcd vhci_hcd.5: disconnect device
[  423.888657][ T5675] usb 44-1: enqueue for inactive port 0
[  424.289311][ T5675] usb usb44-port1: attempt power cycle
[  424.961337][ T5675] usb usb44-port1: unable to enumerate USB device
[  424.977234][T13745] qrtr: Invalid version 0
[  425.562853][T13760] mac80211_hwsim hwsim2 syzkaller0: entered promiscuous mode
[  425.582791][T13760] mac80211_hwsim hwsim2 syzkaller0: entered allmulticast mode
[  426.639846][T13793] netlink: 'syz.2.2335': attribute type 1 has an invalid length.
[  426.838496][T13796] syzkaller0: entered promiscuous mode
[  426.856854][T13796] syzkaller0: entered allmulticast mode
[  427.346883][T13815] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2340'.
[  427.379502][T13815] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2340'.
[  428.130054][T13829] fuse: Bad value for 'fd'
[  428.135886][T13830] netlink: 188 bytes leftover after parsing attributes in process `syz.0.2344'.
[  428.233795][T13833] netlink: 'syz.5.2347': attribute type 1 has an invalid length.
[  428.335146][T13825] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  428.358757][T13825] netdevsim netdevsim0 netdevsim0: left allmulticast mode
[  428.379035][T13825] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2344'.
[  429.967547][T13871] fuse: Bad value for 'fd'
[  430.600807][T13882] netlink: 'syz.4.2361': attribute type 1 has an invalid length.
[  431.175394][T13889] fuse: Bad value for 'fd'
[  431.750070][T13900] fuse: Bad value for 'fd'
[  432.437022][T13913] bond2 (unregistering): Released all slaves
[  433.313489][T13927] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2378'.
[  433.483903][T13936] fuse: Bad value for 'fd'
[  435.944887][T13975] fuse: Bad value for 'fd'
[  440.059675][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  440.069109][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  440.198492][T14046] qrtr: Invalid version 0
[  440.236606][T14046] syzkaller1: entered promiscuous mode
[  440.256642][T14046] syzkaller1: entered allmulticast mode
[  440.557235][T14052] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2419'.
[  442.555265][T14086] qrtr: Invalid version 0
[  442.997385][T14102] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  443.030082][T14102] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  443.547465][T14118] 8021q: adding VLAN 0 to HW filter on device bond9
[  443.573898][T14118] bond0: (slave bond9): Enslaving as an active interface with an up link
[  444.681219][T14144] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2448'.
[  445.406360][T14153] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2451'.
[  445.456314][T14153] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2451'.
[  446.088863][T14173] qrtr: Invalid version 0
[  446.180171][T14173] syzkaller1: entered promiscuous mode
[  446.208925][   T10] usb 2-1: new high-speed USB device number 111 using dummy_hcd
[  446.216746][T14173] syzkaller1: entered allmulticast mode
[  446.359504][   T10] usb 2-1: device descriptor read/64, error -71
[  446.609109][   T10] usb 2-1: new high-speed USB device number 112 using dummy_hcd
[  446.779876][   T10] usb 2-1: device descriptor read/64, error -71
[  446.916301][   T10] usb usb2-port1: attempt power cycle
[  446.940636][T14189] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2463'.
[  446.990689][T14189] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2463'.
[  447.288832][   T10] usb 2-1: new high-speed USB device number 113 using dummy_hcd
[  447.325218][   T10] usb 2-1: device descriptor read/8, error -71
[  447.569109][   T10] usb 2-1: new high-speed USB device number 114 using dummy_hcd
[  447.611890][   T10] usb 2-1: device descriptor read/8, error -71
[  447.729332][   T10] usb usb2-port1: unable to enumerate USB device
[  448.670997][T14217] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2474'.
[  448.703393][T14217] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2474'.
[  448.943381][T14224] program syz.2.2476 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  449.459046][   T10] usb 5-1: new full-speed USB device number 122 using dummy_hcd
[  449.620372][   T10] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[  449.643313][   T10] usb 5-1: config 0 has no interface number 0
[  449.662252][   T10] usb 5-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F
[  449.694513][   T10] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  449.724646][   T10] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  449.753961][   T10] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  449.776389][   T10] usb 5-1: Product: syz
[  449.789818][   T10] usb 5-1: SerialNumber: syz
[  449.805460][   T10] usb 5-1: config 0 descriptor??
[  449.829610][   T10] usbhid 5-1:0.8: couldn't find an input interrupt endpoint
[  450.032174][ T5675] usb 5-1: USB disconnect, device number 122
[  450.287983][T14246] netlink: 43 bytes leftover after parsing attributes in process `syz.2.2485'.
[  450.330920][T14248] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2486'.
[  450.851780][T14258] netlink: 56 bytes leftover after parsing attributes in process `syz.5.2489'.
[  450.938558][ T5675] usb 2-1: new high-speed USB device number 115 using dummy_hcd
[  451.128876][ T5675] usb 2-1: device descriptor read/64, error -71
[  451.399078][ T5675] usb 2-1: new high-speed USB device number 116 using dummy_hcd
[  451.579158][ T5675] usb 2-1: device descriptor read/64, error -71
[  451.699335][ T5675] usb usb2-port1: attempt power cycle
[  452.090251][ T5675] usb 2-1: new high-speed USB device number 117 using dummy_hcd
[  452.139200][ T5675] usb 2-1: device descriptor read/8, error -71
[  452.418281][ T5675] usb 2-1: new high-speed USB device number 118 using dummy_hcd
[  452.461086][ T5675] usb 2-1: device descriptor read/8, error -71
[  452.600211][ T5675] usb usb2-port1: unable to enumerate USB device
[  453.210240][T14291] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2501'.
[  453.856705][T14298] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2503'.
[  454.317120][T14317] qrtr: Invalid version 0
[  454.413414][T14317] syzkaller1: entered promiscuous mode
[  454.441617][T14317] syzkaller1: entered allmulticast mode
[  455.379696][T14338] qrtr: Invalid version 0
[  456.179356][T14350] netlink: 27 bytes leftover after parsing attributes in process `syz.1.2519'.
[  456.640713][T14360] 8021q: adding VLAN 0 to HW filter on device bond4
[  456.654025][T14360] bond0: (slave bond4): Enslaving as an active interface with an up link
[  458.460304][T14393] qrtr: Invalid version 0
[  459.029358][   T10] usb 5-1: new high-speed USB device number 123 using dummy_hcd
[  459.189102][   T10] usb 5-1: Using ep0 maxpacket: 32
[  459.204739][   T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  459.231270][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  459.277691][   T10] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  459.307285][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  459.342755][   T10] usb 5-1: config 0 descriptor??
[  459.358030][   T10] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  462.150989][ T5675] usb 5-1: USB disconnect, device number 123
[  462.312978][T14459] FAULT_INJECTION: forcing a failure.
[  462.312978][T14459] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  462.336905][T14459] CPU: 0 UID: 0 PID: 14459 Comm: syz.5.2560 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  462.336945][T14459] Tainted: [L]=SOFTLOCKUP
[  462.336953][T14459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  462.336969][T14459] Call Trace:
[  462.336981][T14459]  <TASK>
[  462.336989][T14459]  dump_stack_lvl+0xe8/0x150
[  462.337020][T14459]  should_fail_ex+0x40c/0x560
[  462.337053][T14459]  _copy_to_user+0x31/0xb0
[  462.337080][T14459]  simple_read_from_buffer+0xe1/0x170
[  462.337105][T14459]  proc_fail_nth_read+0x1bb/0x230
[  462.337131][T14459]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  462.337158][T14459]  ? rw_verify_area+0x24a/0x4c0
[  462.337183][T14459]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  462.337207][T14459]  vfs_read+0x213/0xa80
[  462.337233][T14459]  ? trace_contention_end+0x3d/0x140
[  462.337258][T14459]  ? rcu_is_watching+0x15/0xb0
[  462.337281][T14459]  ? __pfx_vfs_read+0x10/0x10
[  462.337307][T14459]  ? __mutex_unlock_slowpath+0x724/0x8e0
[  462.337341][T14459]  ksys_read+0x150/0x270
[  462.337366][T14459]  ? __pfx_ksys_read+0x10/0x10
[  462.337390][T14459]  ? seq_lseek+0x1c4/0x260
[  462.337418][T14459]  ? rcu_is_watching+0x15/0xb0
[  462.337440][T14459]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  462.337462][T14459]  do_syscall_64+0x174/0x580
[  462.337487][T14459]  ? trace_irq_disable+0x3b/0x140
[  462.337515][T14459]  ? clear_bhb_loop+0x40/0x90
[  462.337539][T14459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  462.337560][T14459] RIP: 0033:0x7fc37a55d68e
[  462.337580][T14459] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  462.337598][T14459] RSP: 002b:00007fc37b4c0fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  462.337621][T14459] RAX: ffffffffffffffda RBX: 00007fc37b4c16c0 RCX: 00007fc37a55d68e
[  462.337636][T14459] RDX: 000000000000000f RSI: 00007fc37b4c10a0 RDI: 0000000000000004
[  462.337649][T14459] RBP: 00007fc37b4c1090 R08: 0000000000000000 R09: 0000000000000000
[  462.337662][T14459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  462.337675][T14459] R13: 00007fc37a816038 R14: 00007fc37a815fa0 R15: 00007fc37a93fa48
[  462.337698][T14459]  </TASK>
[  462.707031][T14462] loop5: detected capacity change from 0 to 7
[  462.737357][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  462.746770][    C0] buffer_io_error: 325 callbacks suppressed
[  462.746788][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  462.764220][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  462.773497][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  462.783210][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  462.792511][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  462.805401][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  462.814676][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  462.825507][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  462.834825][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  462.851796][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  462.861095][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  462.871678][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  462.880982][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  462.891292][T14462] ldm_validate_partition_table(): Disk read failed.
[  462.913056][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  462.922331][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  462.940398][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  462.949649][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  462.959085][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  462.968391][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  462.977724][T14462] Dev loop5: unable to read RDB block 0
[  462.994255][T14462]  loop5: unable to read partition table
[  463.047864][T14462] loop5: partition table beyond EOD, truncated
[  463.091349][T14462] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5)
[  463.832363][T14488] netlink: 7012 bytes leftover after parsing attributes in process `syz.4.2564'.
[  463.862822][T14488] openvswitch: netlink: Message has 4 unknown bytes.
[  464.026625][T14493] netlink: 'syz.4.2564': attribute type 1 has an invalid length.
[  465.306003][   T29] audit: type=1326 audit(1781727025.887:8556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14514 comm="syz.4.2577" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6d7139ce59 code=0x0
[  465.952379][T14520] netlink: 43 bytes leftover after parsing attributes in process `syz.5.2579'.
[  467.074379][T14553] netlink: 43 bytes leftover after parsing attributes in process `syz.4.2590'.
[  467.538275][ T5675] usb 5-1: new high-speed USB device number 124 using dummy_hcd
[  467.743247][ T5675] usb 5-1: Using ep0 maxpacket: 8
[  467.794846][ T5675] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  467.830226][ T5675] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x11, changing to 0x1
[  467.867722][ T5675] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 64
[  467.927137][ T5675] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  467.955046][ T5675] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  467.984588][T14561] openvswitch: netlink: Actions may not be safe on all matching packets
[  467.993398][ T5675] usb 5-1: Product: syz
[  467.999855][ T5675] usb 5-1: Manufacturer: syz
[  468.023218][ T5675] usb 5-1: SerialNumber: syz
[  468.042858][T14557] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  468.759790][ T5710] usb 2-1: new high-speed USB device number 119 using dummy_hcd
[  468.827026][T14579] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  468.837976][T14579] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  468.920248][ T5710] usb 2-1: config 0 has too many interfaces: 253, using maximum allowed: 32
[  468.939643][ T5710] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 253
[  468.976133][ T5710] usb 2-1: New USB device found, idVendor=055f, idProduct=c630, bcdDevice=b6.ac
[  468.999202][ T5710] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  469.007655][ T5710] usb 2-1: Product: syz
[  469.013382][ T5710] usb 2-1: Manufacturer: syz
[  469.019993][ T5710] usb 2-1: SerialNumber: syz
[  469.030926][ T5710] usb 2-1: config 0 descriptor??
[  469.042676][ T5710] gspca_main: sunplus-2.14.0 probing 055f:c630
[  469.078734][ T5675] cdc_ncm 5-1:1.0: bind() failure
[  469.122004][ T5675] usbtest 5-1:1.1: probe with driver usbtest failed with error -71
[  469.159862][ T5675] usb 5-1: USB disconnect, device number 124
[  469.371836][ T5710] gspca_sunplus: reg_r err -71
[  469.382384][ T5710] sunplus 2-1:0.0: probe with driver sunplus failed with error -71
[  469.396827][ T5710] usb 2-1: USB disconnect, device number 119
[  469.482258][T14587] loop4: detected capacity change from 0 to 2640
[  469.513057][T14587] buffer_io_error: 10 callbacks suppressed
[  469.513073][T14587] Buffer I/O error on dev loop4, logical block 0, lost async page write
[  469.538611][T14587] Buffer I/O error on dev loop4, logical block 1, lost async page write
[  469.562105][T14587] Buffer I/O error on dev loop4, logical block 2, lost async page write
[  469.593708][T14587] Buffer I/O error on dev loop4, logical block 3, lost async page write
[  469.628948][T14587] Buffer I/O error on dev loop4, logical block 4, lost async page write
[  469.653367][T14587] Buffer I/O error on dev loop4, logical block 5, lost async page write
[  469.675989][T14587] Buffer I/O error on dev loop4, logical block 6, lost async page write
[  469.695481][T14587] Buffer I/O error on dev loop4, logical block 7, lost async page write
[  469.712614][T14587] Buffer I/O error on dev loop4, logical block 8, lost async page write
[  469.726120][T14587] Buffer I/O error on dev loop4, logical block 9, lost async page write
[  469.753227][T14588] FAULT_INJECTION: forcing a failure.
[  469.753227][T14588] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  469.775631][T14588] CPU: 0 UID: 0 PID: 14588 Comm: syz.2.2604 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  469.775678][T14588] Tainted: [L]=SOFTLOCKUP
[  469.775685][T14588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  469.775697][T14588] Call Trace:
[  469.775705][T14588]  <TASK>
[  469.775714][T14588]  dump_stack_lvl+0xe8/0x150
[  469.775744][T14588]  should_fail_ex+0x40c/0x560
[  469.775778][T14588]  copy_folio_from_iter_atomic+0x45a/0x1a30
[  469.775814][T14588]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  469.775854][T14588]  iomap_file_buffered_write+0x520/0xbb0
[  469.775888][T14588]  ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[  469.775913][T14588]  ? __pfx_iomap_file_buffered_write+0x10/0x10
[  469.775957][T14588]  ? rcu_is_watching+0x15/0xb0
[  469.775983][T14588]  ? down_read+0x2be/0x330
[  469.776009][T14588]  ? file_update_time_flags+0x400/0x4a0
[  469.776040][T14588]  blkdev_write_iter+0x50d/0x700
[  469.776064][T14588]  vfs_write+0x612/0xba0
[  469.776084][T14588]  ? __pfx_vfs_write+0x10/0x10
[  469.776123][T14588]  ? __fget_files+0x2a/0x420
[  469.776148][T14588]  ksys_write+0x150/0x270
[  469.776173][T14588]  ? __pfx_ksys_write+0x10/0x10
[  469.776203][T14588]  ? rcu_is_watching+0x15/0xb0
[  469.776219][T14588]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.776233][T14588]  do_syscall_64+0x174/0x580
[  469.776252][T14588]  ? trace_irq_disable+0x3b/0x140
[  469.776294][T14588]  ? clear_bhb_loop+0x40/0x90
[  469.776316][T14588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.776335][T14588] RIP: 0033:0x7fe91f39ce59
[  469.776358][T14588] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  469.776371][T14588] RSP: 002b:00007fe9202f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  469.776387][T14588] RAX: ffffffffffffffda RBX: 00007fe91f616090 RCX: 00007fe91f39ce59
[  469.776398][T14588] RDX: 0000000000100000 RSI: 0000200000000080 RDI: 0000000000000005
[  469.776408][T14588] RBP: 00007fe9202f4090 R08: 0000000000000000 R09: 0000000000000000
[  469.776433][T14588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  469.776447][T14588] R13: 00007fe91f616128 R14: 00007fe91f616090 R15: 00007fe91f73fa48
[  469.776470][T14588]  </TASK>
[  470.598036][T14608] FAULT_INJECTION: forcing a failure.
[  470.598036][T14608] name failslab, interval 1, probability 0, space 0, times 0
[  470.647995][T14608] CPU: 0 UID: 0 PID: 14608 Comm: syz.1.2612 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  470.648028][T14608] Tainted: [L]=SOFTLOCKUP
[  470.648038][T14608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  470.648052][T14608] Call Trace:
[  470.648060][T14608]  <TASK>
[  470.648070][T14608]  dump_stack_lvl+0xe8/0x150
[  470.648099][T14608]  should_fail_ex+0x40c/0x560
[  470.648134][T14608]  should_failslab+0xa8/0x100
[  470.648167][T14608]  __kmalloc_noprof+0xe8/0x750
[  470.648201][T14608]  ? get_pid_task+0x20/0x1f0
[  470.648219][T14608]  ? tomoyo_realpath_from_path+0xef/0x640
[  470.648244][T14608]  tomoyo_realpath_from_path+0xef/0x640
[  470.648264][T14608]  ? lock_release+0x4b/0x3c0
[  470.648298][T14608]  ? tomoyo_path_number_perm+0x219/0x5f0
[  470.648330][T14608]  tomoyo_path_number_perm+0x246/0x5f0
[  470.648357][T14608]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  470.648383][T14608]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  470.648411][T14608]  ? preempt_count_add+0x91/0x190
[  470.648441][T14608]  ? rcu_is_watching+0x15/0xb0
[  470.648466][T14608]  ? hook_file_ioctl+0x1f0/0x5c0
[  470.648502][T14608]  ? lock_release+0x4b/0x3c0
[  470.648534][T14608]  ? __fget_files+0x2a/0x420
[  470.648555][T14608]  ? __fget_files+0x3a2/0x420
[  470.648575][T14608]  ? __fget_files+0x2a/0x420
[  470.648597][T14608]  security_file_ioctl+0xc3/0x2a0
[  470.648623][T14608]  __se_sys_ioctl+0x47/0x170
[  470.648648][T14608]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.648670][T14608]  do_syscall_64+0x174/0x580
[  470.648696][T14608]  ? trace_irq_disable+0x3b/0x140
[  470.648726][T14608]  ? clear_bhb_loop+0x40/0x90
[  470.648749][T14608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.648770][T14608] RIP: 0033:0x7ff7a1d9ce59
[  470.648788][T14608] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  470.648805][T14608] RSP: 002b:00007ff7a2bdb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  470.648828][T14608] RAX: ffffffffffffffda RBX: 00007ff7a2015fa0 RCX: 00007ff7a1d9ce59
[  470.648845][T14608] RDX: 0000200000000180 RSI: 0000000040505412 RDI: 0000000000000003
[  470.648858][T14608] RBP: 00007ff7a2bdb090 R08: 0000000000000000 R09: 0000000000000000
[  470.648871][T14608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  470.648883][T14608] R13: 00007ff7a2016038 R14: 00007ff7a2015fa0 R15: 00007ff7a213fa48
[  470.648906][T14608]  </TASK>
[  470.974834][T14608] ERROR: Out of memory at tomoyo_realpath_from_path.
[  471.319387][   T10] usb 5-1: new high-speed USB device number 125 using dummy_hcd
[  471.373741][T14624] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  471.398745][T14624] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  471.478746][   T10] usb 5-1: Using ep0 maxpacket: 16
[  471.496680][   T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  471.512521][   T10] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30
[  471.528968][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 129
[  471.543219][   T10] usb 5-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  471.555251][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  471.572236][   T10] usb 5-1: config 0 descriptor??
[  471.591444][   T10] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  472.347733][T14643] netlink: 'syz.1.2625': attribute type 1 has an invalid length.
[  472.421563][T14643] 8021q: adding VLAN 0 to HW filter on device bond9
[  472.452683][T14645] netlink: 'syz.1.2625': attribute type 10 has an invalid length.
[  472.494214][T14645] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2625'.
[  472.524524][T14644] bond9: (slave veth5): Enslaving as an active interface with a down link
[  472.566095][T14643] bond9: (slave dummy0): making interface the new active one
[  472.602038][T14643] dummy0: entered promiscuous mode
[  472.617505][T14643] bond9: (slave dummy0): Enslaving as an active interface with an up link
[  472.651471][T14645] bond9: (slave dummy0): Releasing active interface
[  472.797530][T14650] qrtr: Invalid version 0
[  473.503621][T14659] netlink: 4136 bytes leftover after parsing attributes in process `syz.0.2629'.
[  474.153614][   T10] usb 5-1: USB disconnect, device number 125
[  474.519703][T14673] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2634'.
[  474.665515][T14676] netlink: 'syz.0.2636': attribute type 1 has an invalid length.
[  475.563369][T14703] program syz.2.2646 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  475.708117][T14708] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  475.723024][T14710] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2648'.
[  475.744479][T14708] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  475.778563][T14706] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  475.789707][T14706] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  475.808405][T14706] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  475.824701][T14706] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  475.858273][T14706] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  475.881675][T14706] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  476.276674][T14735] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  476.291222][T14735] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  476.720647][T14744] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2661'.
[  476.745187][T14730] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2656'.
[  477.654789][T14774] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2670'.
[  478.040131][T14780] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2672'.
[  478.162354][T14782] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  478.191456][T14782] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  479.526949][T14805] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  479.555873][T14805] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  479.963123][T14812] netlink: 91 bytes leftover after parsing attributes in process `syz.2.2683'.
[  480.099663][T14814] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2684'.
[  480.968295][  T808] usb 5-1: new high-speed USB device number 126 using dummy_hcd
[  480.969556][   T10] usb 1-1: new full-speed USB device number 113 using dummy_hcd
[  481.128786][  T808] usb 5-1: Using ep0 maxpacket: 32
[  481.136944][  T808] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  481.148356][  T808] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  481.169643][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  481.174613][  T808] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  481.206579][   T10] usb 1-1: config 0 has no interfaces?
[  481.218320][  T808] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  481.243288][   T10] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  481.264252][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  481.269497][  T808] usb 5-1: config 0 descriptor??
[  481.291877][   T10] usb 1-1: config 0 descriptor??
[  481.304489][  T808] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  481.355081][T14838] netlink: 27 bytes leftover after parsing attributes in process `syz.1.2694'.
[  481.431290][ T4936] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  481.438844][ T4936] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  481.446944][ T4936] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  481.456410][ T4936] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  481.464987][ T4936] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  481.529401][   T10] usb 1-1: USB disconnect, device number 113
[  482.074095][T14840] bridge0: port 1(bridge_slave_0) entered blocking state
[  482.086885][T14853] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2696'.
[  482.111728][T14840] bridge0: port 1(bridge_slave_0) entered disabled state
[  482.159453][T14840] bridge_slave_0: entered allmulticast mode
[  482.200728][T14840] bridge_slave_0: entered promiscuous mode
[  482.228982][T14840] bridge0: port 2(bridge_slave_1) entered blocking state
[  482.245924][T14840] bridge0: port 2(bridge_slave_1) entered disabled state
[  482.279099][T14840] bridge_slave_1: entered allmulticast mode
[  482.316827][T14840] bridge_slave_1: entered promiscuous mode
[  482.370439][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  482.412102][T14859] FAULT_INJECTION: forcing a failure.
[  482.412102][T14859] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  482.419360][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.462241][T14859] CPU: 0 UID: 0 PID: 14859 Comm: syz.0.2699 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  482.462276][T14859] Tainted: [L]=SOFTLOCKUP
[  482.462284][T14859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  482.462298][T14859] Call Trace:
[  482.462306][T14859]  <TASK>
[  482.462315][T14859]  dump_stack_lvl+0xe8/0x150
[  482.462344][T14859]  should_fail_ex+0x40c/0x560
[  482.462381][T14859]  _copy_from_user+0x2d/0xb0
[  482.462408][T14859]  snd_seq_oss_write+0x371/0x8f0
[  482.462439][T14859]  ? __pfx_snd_seq_oss_write+0x10/0x10
[  482.462464][T14859]  ? apparmor_file_permission+0x1f4/0x300
[  482.462494][T14859]  ? security_file_permission+0x75/0x260
[  482.462522][T14859]  odev_write+0x5a/0x80
[  482.462542][T14859]  vfs_writev+0x4bb/0x990
[  482.462577][T14859]  ? __pfx_odev_write+0x10/0x10
[  482.462598][T14859]  ? __pfx_vfs_writev+0x10/0x10
[  482.462634][T14859]  ? lock_release+0x4b/0x3c0
[  482.462669][T14859]  ? __fget_files+0x3a2/0x420
[  482.462690][T14859]  ? __fget_files+0x2a/0x420
[  482.462714][T14859]  do_writev+0x154/0x2e0
[  482.462746][T14859]  ? __pfx_do_writev+0x10/0x10
[  482.462779][T14859]  ? rcu_is_watching+0x15/0xb0
[  482.462802][T14859]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.462824][T14859]  do_syscall_64+0x174/0x580
[  482.462850][T14859]  ? trace_irq_disable+0x3b/0x140
[  482.462880][T14859]  ? clear_bhb_loop+0x40/0x90
[  482.462904][T14859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.462925][T14859] RIP: 0033:0x7fbcbbf9ce59
[  482.462944][T14859] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  482.462963][T14859] RSP: 002b:00007fbcbcdfb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  482.462986][T14859] RAX: ffffffffffffffda RBX: 00007fbcbc215fa0 RCX: 00007fbcbbf9ce59
[  482.463002][T14859] RDX: 0000000000000002 RSI: 0000200000000840 RDI: 0000000000000003
[  482.463016][T14859] RBP: 00007fbcbcdfb090 R08: 0000000000000000 R09: 0000000000000000
[  482.463030][T14859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  482.463043][T14859] R13: 00007fbcbc216038 R14: 00007fbcbc215fa0 R15: 00007fbcbc33fa48
[  482.463067][T14859]  </TASK>
[  482.697195][T14840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  482.710546][T14840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  483.002999][T14840] team0: Port device team_slave_0 added
[  483.054187][T14840] team0: Port device team_slave_1 added
[  483.164202][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  483.204881][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.377022][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  483.403541][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.447849][T14840] batman_adv: batadv0: Adding interface: batadv_slave_0
[  483.455830][T14874] netlink: 27 bytes leftover after parsing attributes in process `syz.5.2704'.
[  483.469151][T14840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  483.500852][ T4936] Bluetooth: hci5: command tx timeout
[  483.519689][T14840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  483.544191][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  483.569339][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.618696][T14840] batman_adv: batadv0: Adding interface: batadv_slave_1
[  483.653623][T14840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  483.691022][T14840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  483.867423][T14884] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2707'.
[  483.906441][T14840] hsr_slave_0: entered promiscuous mode
[  483.921039][T14840] hsr_slave_1: entered promiscuous mode
[  483.930755][T14840] debugfs: 'hsr0' already exists in 'hsr'
[  483.936627][T14840] Cannot create hsr debugfs directory
[  484.105179][   T12] bridge_slave_1: left allmulticast mode
[  484.114832][   T12] bridge_slave_1: left promiscuous mode
[  484.125573][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  484.175489][   T12] bridge_slave_0: left allmulticast mode
[  484.205423][   T12] bridge_slave_0: left promiscuous mode
[  484.235758][T14888] sg_write: data in/out 426973/386 bytes for SCSI command 0x0-- guessing data in;
[  484.235758][T14888]    program syz.5.2709 not setting count and/or reply_len properly
[  484.254243][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  484.320838][T14889] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  484.343807][  T808] usb 5-1: USB disconnect, device number 126
[  484.374655][T14889] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  485.103443][   T12] bond1 (unregistering): (slave geneve2): Releasing active interface
[  485.238647][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  485.250477][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  485.270583][   T12] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  485.283863][   T12] bond0 (unregistering): (slave bond4): Releasing backup interface
[  485.293065][   T12] bond0 (unregistering): Released all slaves
[  485.303218][   T12] bond1 (unregistering): Released all slaves
[  485.316372][   T12] bond2 (unregistering): Released all slaves
[  485.329585][   T12] bond3 (unregistering): Released all slaves
[  485.342540][   T12] bond4 (unregistering): Released all slaves
[  485.455937][   T12] : left promiscuous mode
[  485.532123][   T12] tipc: Left network mode
[  485.541346][T14904] netlink: 27 bytes leftover after parsing attributes in process `syz.4.2715'.
[  485.574216][   T12] IPVS: stopping backup sync thread 9539 ...
[  485.578829][ T4936] Bluetooth: hci5: command tx timeout
[  485.996047][T14840] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  486.013602][T14840] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  486.022167][T14840] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  486.032954][T14840] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  486.047239][T14840] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  486.072059][T14840] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  486.104677][T14840] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  486.134105][T14840] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  486.230009][   T12] hsr_slave_0: left promiscuous mode
[  486.237020][   T12] hsr_slave_1: left promiscuous mode
[  486.243606][ T4936] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  486.246500][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  486.265169][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  486.277139][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  486.285446][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  486.302466][   T12] batadv_slave_1: left promiscuous mode
[  486.315686][   T12] veth1_macvtap: left promiscuous mode
[  486.334049][   T12] veth0_macvtap: left promiscuous mode
[  486.346346][   T12] veth1_vlan: left promiscuous mode
[  486.359582][   T12] veth0_vlan: left promiscuous mode
[  486.614085][   T12] team0 (unregistering): Port device team_slave_1 removed
[  486.636970][   T12] team0 (unregistering): Port device team_slave_0 removed
[  486.898140][T14840] 8021q: adding VLAN 0 to HW filter on device bond0
[  486.944148][T14840] 8021q: adding VLAN 0 to HW filter on device team0
[  486.969858][   T76] bridge0: port 1(bridge_slave_0) entered blocking state
[  486.977015][   T76] bridge0: port 1(bridge_slave_0) entered forwarding state
[  487.024701][   T76] bridge0: port 2(bridge_slave_1) entered blocking state
[  487.031876][   T76] bridge0: port 2(bridge_slave_1) entered forwarding state
[  487.079780][T14953] netlink: 14601 bytes leftover after parsing attributes in process `syz.5.2725'.
[  487.172600][T14840] 8021q: adding VLAN 0 to HW filter on device batadv0
[  487.183852][T14955] netlink: 27 bytes leftover after parsing attributes in process `syz.5.2726'.
[  487.260766][T14840] veth0_vlan: entered promiscuous mode
[  487.302350][T14840] veth1_vlan: entered promiscuous mode
[  487.353698][T14840] veth0_macvtap: entered promiscuous mode
[  487.391797][T14840] veth1_macvtap: entered promiscuous mode
[  487.420436][T14840] batman_adv: batadv0: Interface activated: batadv_slave_0
[  487.451142][T14840] batman_adv: batadv0: Interface activated: batadv_slave_1
[  487.503514][ T1126] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  487.540570][ T1126] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  487.587932][ T1126] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  487.619369][ T1126] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  487.658356][ T4936] Bluetooth: hci5: command tx timeout
[  487.759613][   T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  487.778848][   T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  487.815119][  T293] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  487.829388][  T293] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  488.168822][   T10] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[  488.320467][   T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  488.331224][   T10] usb 3-1: config 0 has no interfaces?
[  488.336744][   T10] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  488.346559][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  488.356374][   T10] usb 3-1: config 0 descriptor??
[  488.567657][   T10] usb 3-1: USB disconnect, device number 9
[  488.596573][T14988] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  488.614853][T14988] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  489.410048][  T808] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  489.581792][  T808] usb 3-1: config 0 has an invalid interface number: 33 but max is 0
[  489.593558][  T808] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  489.604897][  T808] usb 3-1: config 0 has no interface number 0
[  489.612696][  T808] usb 3-1: config 0 interface 33 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1023
[  489.623355][  T808] usb 3-1: config 0 interface 33 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  489.639446][  T808] usb 3-1: New USB device found, idVendor=2040, idProduct=4901, bcdDevice=68.64
[  489.649088][  T808] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  489.657208][  T808] usb 3-1: Product: syz
[  489.661359][   T10] usb 1-1: new high-speed USB device number 114 using dummy_hcd
[  489.670164][  T808] usb 3-1: Manufacturer: syz
[  489.674891][  T808] usb 3-1: SerialNumber: syz
[  489.682694][  T808] usb 3-1: config 0 descriptor??
[  489.688997][T14995] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  489.708642][  T808] hdpvr 3-1:0.33: Could not find bulk-in endpoint
[  489.725853][  T808] hdpvr 3-1:0.33: probe with driver hdpvr failed with error -12
[  489.738710][ T4936] Bluetooth: hci5: command tx timeout
[  489.829543][   T10] usb 1-1: Using ep0 maxpacket: 8
[  489.842502][   T10] usb 1-1: config 0 has an invalid interface number: 113 but max is 0
[  489.862650][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  489.882054][   T10] usb 1-1: config 0 has no interface number 0
[  489.893099][   T10] usb 1-1: config 0 interface 113 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  489.920605][   T10] usb 1-1: config 0 interface 113 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 7
[  489.941906][   T10] usb 1-1: New USB device found, idVendor=0b48, idProduct=1006, bcdDevice=c0.0a
[  489.952202][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  489.961472][   T10] usb 1-1: Product: syz
[  489.965903][   T10] usb 1-1: Manufacturer: syz
[  489.971394][   T10] usb 1-1: SerialNumber: syz
[  489.980612][   T10] usb 1-1: config 0 descriptor??
[  489.996033][   T10] ttusb_dec_send_command: command bulk message failed: error -8
[  490.005401][   T10] ttusb-dec 1-1:0.113: probe with driver ttusb-dec failed with error -8
[  490.014881][   T10] usbhid 1-1:0.113: couldn't find an input interrupt endpoint
[  490.027207][T14995] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  490.143010][  T808] usb 3-1: USB disconnect, device number 10
[  490.203554][T15002] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  490.214885][T15002] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  490.224682][ T5675] usb 1-1: USB disconnect, device number 114
[  490.822753][T15030] netlink: 27 bytes leftover after parsing attributes in process `syz.0.2745'.
[  491.168247][ T5675] usb 1-1: new full-speed USB device number 115 using dummy_hcd
[  491.322143][ T5675] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  491.335908][ T5675] usb 1-1: config 0 has no interfaces?
[  491.344225][ T5675] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  491.355436][ T5675] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  491.366718][ T5675] usb 1-1: config 0 descriptor??
[  491.577167][   T10] usb 1-1: USB disconnect, device number 115
[  491.735655][T15048] FAULT_INJECTION: forcing a failure.
[  491.735655][T15048] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  491.752130][T15048] CPU: 0 UID: 0 PID: 15048 Comm: syz.4.2752 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  491.752163][T15048] Tainted: [L]=SOFTLOCKUP
[  491.752171][T15048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  491.752183][T15048] Call Trace:
[  491.752192][T15048]  <TASK>
[  491.752201][T15048]  dump_stack_lvl+0xe8/0x150
[  491.752227][T15048]  should_fail_ex+0x40c/0x560
[  491.752262][T15048]  _copy_from_user+0x2d/0xb0
[  491.752288][T15048]  msr_io+0xab/0x8b0
[  491.752319][T15048]  ? kvm_arch_vcpu_ioctl+0x731/0x2fb0
[  491.752356][T15048]  ? rcu_is_watching+0x15/0xb0
[  491.752377][T15048]  ? __pfx_do_set_msr+0x10/0x10
[  491.752398][T15048]  ? __pfx_msr_io+0x10/0x10
[  491.752414][T15048]  ? unwind_next_frame+0x8f/0x2550
[  491.752440][T15048]  ? __srcu_check_read_flavor+0x116/0x260
[  491.752465][T15048]  kvm_arch_vcpu_ioctl+0x76b/0x2fb0
[  491.752495][T15048]  ? kvm_arch_vcpu_ioctl+0x731/0x2fb0
[  491.752518][T15048]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  491.752537][T15048]  ? unwind_next_frame+0x8f/0x2550
[  491.752559][T15048]  ? rcu_is_watching+0x15/0xb0
[  491.752586][T15048]  ? is_bpf_text_address+0x26/0x2b0
[  491.752609][T15048]  ? rcu_is_watching+0x15/0xb0
[  491.752625][T15048]  ? rcu_is_watching+0x15/0xb0
[  491.752655][T15048]  ? lock_release+0x4b/0x3c0
[  491.752685][T15048]  ? lock_release+0x4b/0x3c0
[  491.752716][T15048]  ? is_bpf_text_address+0x292/0x2b0
[  491.752747][T15048]  ? is_bpf_text_address+0x26/0x2b0
[  491.752771][T15048]  ? kernel_text_address+0xa5/0xe0
[  491.752786][T15048]  ? __kernel_text_address+0xd/0x30
[  491.752820][T15048]  ? unwind_get_return_address+0x4d/0x90
[  491.752843][T15048]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  491.752871][T15048]  ? arch_stack_walk+0xfb/0x150
[  491.752903][T15048]  ? stack_trace_save+0xa9/0x100
[  491.752939][T15048]  ? __pfx_stack_trace_save+0x10/0x10
[  491.752966][T15048]  ? kasan_save_track+0x4f/0x80
[  491.752991][T15048]  ? stack_depot_save_flags+0x33/0x800
[  491.753023][T15048]  ? format_decode+0xdc/0xe20
[  491.753043][T15048]  ? kasan_save_track+0x4f/0x80
[  491.753069][T15048]  ? kasan_save_track+0x3e/0x80
[  491.753086][T15048]  ? kasan_save_free_info+0x40/0x50
[  491.753118][T15048]  ? __kasan_slab_free+0x5c/0x80
[  491.753142][T15048]  ? kfree+0x1c5/0x640
[  491.753161][T15048]  ? tomoyo_path_number_perm+0x4ba/0x5f0
[  491.753192][T15048]  ? security_file_ioctl+0xc3/0x2a0
[  491.753210][T15048]  ? __se_sys_ioctl+0x47/0x170
[  491.753227][T15048]  ? do_syscall_64+0x174/0x580
[  491.753258][T15048]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.753291][T15048]  ? __mutex_trylock_common+0x15f/0x270
[  491.753321][T15048]  ? __pfx___mutex_trylock_common+0x10/0x10
[  491.753350][T15048]  ? rcu_is_watching+0x15/0xb0
[  491.753365][T15048]  ? trace_contention_end+0x3d/0x140
[  491.753382][T15048]  ? __mutex_lock+0x30d/0x1550
[  491.753414][T15048]  ? rcu_is_watching+0x15/0xb0
[  491.753437][T15048]  ? trace_irq_enable+0x3b/0x140
[  491.753465][T15048]  ? rcu_is_watching+0x15/0xb0
[  491.753485][T15048]  ? kvm_vcpu_ioctl+0x27f/0xfd0
[  491.753512][T15048]  ? __pfx___mutex_lock+0x10/0x10
[  491.753530][T15048]  ? tomoyo_path_number_perm+0x219/0x5f0
[  491.753564][T15048]  ? do_vfs_ioctl+0x116f/0x1540
[  491.753593][T15048]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  491.753620][T15048]  kvm_vcpu_ioctl+0x7e3/0xfd0
[  491.753652][T15048]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  491.753671][T15048]  ? hook_file_ioctl+0x1f0/0x5c0
[  491.753696][T15048]  ? lock_release+0x4b/0x3c0
[  491.753742][T15048]  ? __fget_files+0x2a/0x420
[  491.753761][T15048]  ? __fget_files+0x3a2/0x420
[  491.753803][T15048]  ? __fget_files+0x2a/0x420
[  491.753821][T15048]  ? bpf_lsm_file_ioctl+0x9/0x20
[  491.753840][T15048]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  491.753872][T15048]  __se_sys_ioctl+0xfc/0x170
[  491.753898][T15048]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.753919][T15048]  do_syscall_64+0x174/0x580
[  491.753941][T15048]  ? trace_irq_disable+0x3b/0x140
[  491.753970][T15048]  ? clear_bhb_loop+0x40/0x90
[  491.753986][T15048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.754020][T15048] RIP: 0033:0x7f6d7139ce59
[  491.754038][T15048] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  491.754056][T15048] RSP: 002b:00007f6d721ba028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  491.754078][T15048] RAX: ffffffffffffffda RBX: 00007f6d71615fa0 RCX: 00007f6d7139ce59
[  491.754093][T15048] RDX: 0000200000000000 RSI: 000000004008ae89 RDI: 0000000000000005
[  491.754107][T15048] RBP: 00007f6d721ba090 R08: 0000000000000000 R09: 0000000000000000
[  491.754125][T15048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  491.754134][T15048] R13: 00007f6d71616038 R14: 00007f6d71615fa0 R15: 00007f6d7173fa48
[  491.754165][T15048]  </TASK>
[  492.019310][ T5675] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  492.470471][ T5675] usb 3-1: Using ep0 maxpacket: 32
[  492.477180][ T5675] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  492.515615][ T5675] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  492.533539][ T5675] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  492.545386][T15063] FAULT_INJECTION: forcing a failure.
[  492.545386][T15063] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  492.559694][ T5675] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  492.568608][T15063] CPU: 1 UID: 0 PID: 15063 Comm: syz.1.2759 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  492.568643][T15063] Tainted: [L]=SOFTLOCKUP
[  492.568652][T15063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  492.568665][T15063] Call Trace:
[  492.568673][T15063]  <TASK>
[  492.568682][T15063]  dump_stack_lvl+0xe8/0x150
[  492.568709][T15063]  should_fail_ex+0x40c/0x560
[  492.568754][T15063]  _copy_to_user+0x31/0xb0
[  492.568781][T15063]  simple_read_from_buffer+0xe1/0x170
[  492.568806][T15063]  proc_fail_nth_read+0x1bb/0x230
[  492.568833][T15063]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  492.568858][T15063]  ? rw_verify_area+0x24a/0x4c0
[  492.568883][T15063]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  492.568905][T15063]  vfs_read+0x213/0xa80
[  492.568938][T15063]  ? __pfx___mutex_lock+0x10/0x10
[  492.568964][T15063]  ? __pfx_vfs_read+0x10/0x10
[  492.568989][T15063]  ? __fget_files+0x3a2/0x420
[  492.569005][T15063]  ? __fget_files+0x2a/0x420
[  492.569024][T15063]  ksys_read+0x150/0x270
[  492.569045][T15063]  ? __pfx_ksys_read+0x10/0x10
[  492.569065][T15063]  ? rcu_is_watching+0x15/0xb0
[  492.569084][T15063]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.569102][T15063]  do_syscall_64+0x174/0x580
[  492.569122][T15063]  ? trace_irq_disable+0x3b/0x140
[  492.569145][T15063]  ? clear_bhb_loop+0x40/0x90
[  492.569163][T15063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.569182][T15063] RIP: 0033:0x7ff7a1d5d68e
[  492.569200][T15063] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  492.569215][T15063] RSP: 002b:00007ff7a2bdafe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  492.569235][T15063] RAX: ffffffffffffffda RBX: 00007ff7a2bdb6c0 RCX: 00007ff7a1d5d68e
[  492.569247][T15063] RDX: 000000000000000f RSI: 00007ff7a2bdb0a0 RDI: 0000000000000004
[  492.569258][T15063] RBP: 00007ff7a2bdb090 R08: 0000000000000000 R09: 0000000000000000
[  492.569268][T15063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  492.569278][T15063] R13: 00007ff7a2016038 R14: 00007ff7a2015fa0 R15: 00007ff7a213fa48
[  492.569297][T15063]  </TASK>
[  492.807727][ T5675] usb 3-1: config 0 descriptor??
[  492.816924][ T5675] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  492.839475][ T5682] usb 5-1: new high-speed USB device number 127 using dummy_hcd
[  492.907812][T15067] netlink: 27 bytes leftover after parsing attributes in process `syz.0.2761'.
[  493.019714][ T5682] usb 5-1: device descriptor read/64, error -71
[  493.152024][T15072] netlink: 'syz.0.2763': attribute type 11 has an invalid length.
[  493.260290][ T5682] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  493.399070][ T5682] usb 5-1: device descriptor read/64, error -71
[  493.517134][T15087] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  493.530408][ T5682] usb usb5-port1: attempt power cycle
[  493.536259][T15087] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  493.748515][T15087] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  493.766698][T15087] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  493.856740][ T5710] usb 1-1: new full-speed USB device number 116 using dummy_hcd
[  493.896700][ T5682] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  493.922411][T15093] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  493.930787][ T5682] usb 5-1: device descriptor read/8, error -71
[  493.949130][T15093] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  493.984830][ T5723] usb 2-1: new high-speed USB device number 120 using dummy_hcd
[  494.039575][ T5710] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  494.050728][ T5710] usb 1-1: config 0 has no interfaces?
[  494.060913][ T5710] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  494.078789][ T5710] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  494.089759][ T5710] usb 1-1: config 0 descriptor??
[  494.149103][ T5723] usb 2-1: Using ep0 maxpacket: 8
[  494.157053][ T5723] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  494.165476][ T5723] usb 2-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  494.186025][ T5723] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  494.199354][ T5682] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  494.207111][ T5723] usb 2-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  494.220381][ T5723] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  494.235423][ T5723] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  494.249083][ T5723] usb 2-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  494.263673][ T5682] usb 5-1: device descriptor read/8, error -71
[  494.275959][ T5723] usb 2-1: config 168 interface 0 has no altsetting 0
[  494.288863][ T5723] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  494.304554][ T5710] usb 1-1: USB disconnect, device number 116
[  494.317979][ T5723] usb 2-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  494.334691][ T5723] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  494.350596][ T5723] usb 2-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  494.364561][ T5723] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  494.377677][ T5723] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  494.390038][ T5682] usb usb5-port1: unable to enumerate USB device
[  494.399786][T15096] fuse: Unknown parameter 'group_i00000000000000000000'
[  494.408129][ T5723] usb 2-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  494.423153][ T5723] usb 2-1: config 168 interface 0 has no altsetting 0
[  494.432988][ T5723] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  494.441285][ T5723] usb 2-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  494.453348][ T5723] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  494.467320][ T5723] usb 2-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  494.487147][ T5723] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  494.510317][ T5723] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  494.530828][ T5723] usb 2-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  494.551097][ T5723] usb 2-1: config 168 interface 0 has no altsetting 0
[  494.561669][ T5723] usb 2-1: string descriptor 0 read error: -22
[  494.568990][ T5723] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  494.578108][ T5723] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  494.593412][ T5723] adutux 2-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  495.243186][T15106] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  495.255024][T15106] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  495.624816][ T5723] usb 3-1: USB disconnect, device number 11
[  495.831854][T15118] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2776'.
[  495.955812][T15118] bond5 (unregistering): Released all slaves
[  496.092222][T15121] netlink: 'syz.5.2777': attribute type 11 has an invalid length.
[  496.724758][ T5723] usb 2-1: USB disconnect, device number 120
[  496.760009][T15136] loop4: detected capacity change from 0 to 2640
[  496.795225][T15136] buffer_io_error: 576 callbacks suppressed
[  496.806623][T15136] Buffer I/O error on dev loop4, logical block 0, lost async page write
[  496.825452][T15136] Buffer I/O error on dev loop4, logical block 1, lost async page write
[  496.854607][T15136] Buffer I/O error on dev loop4, logical block 2, lost async page write
[  496.874732][T15136] Buffer I/O error on dev loop4, logical block 3, lost async page write
[  496.885063][T15136] Buffer I/O error on dev loop4, logical block 4, lost async page write
[  496.894466][T15136] Buffer I/O error on dev loop4, logical block 5, lost async page write
[  496.907693][T15136] Buffer I/O error on dev loop4, logical block 6, lost async page write
[  496.920957][T15136] Buffer I/O error on dev loop4, logical block 7, lost async page write
[  496.932562][T15136] Buffer I/O error on dev loop4, logical block 8, lost async page write
[  496.942245][T15136] Buffer I/O error on dev loop4, logical block 9, lost async page write
[  497.209195][ T5723] usb 2-1: new full-speed USB device number 121 using dummy_hcd
[  497.346493][T15141] fuse: Unknown parameter 'group_i00000000000000000000'
[  497.381364][ T5723] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  497.396787][ T5723] usb 2-1: config 0 has no interfaces?
[  497.406216][ T5723] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  497.444735][ T5723] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  497.479972][ T5723] usb 2-1: config 0 descriptor??
[  497.701896][ T5710] usb 2-1: USB disconnect, device number 121
[  497.808286][ T5723] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  497.969708][ T5723] usb 3-1: Using ep0 maxpacket: 32
[  497.976721][ T5723] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  497.997622][ T5723] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  498.025027][ T5723] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  498.054827][ T5723] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  498.077861][ T5723] usb 3-1: config 0 descriptor??
[  498.101878][ T5723] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  498.323433][T15156] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  498.362673][T15156] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  498.421794][T15156] futex_wake_op: syz.5.2787 tries to shift op by 32; fix this program
[  498.455157][T15158] netlink: 'syz.1.2788': attribute type 11 has an invalid length.
[  498.481567][T15156] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  498.507972][T15156] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  498.898232][  T808] usb 2-1: new high-speed USB device number 122 using dummy_hcd
[  499.086714][  T808] usb 2-1: config 0 has too many interfaces: 253, using maximum allowed: 32
[  499.123294][  T808] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 253
[  499.189814][T15171] FAULT_INJECTION: forcing a failure.
[  499.189814][T15171] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  499.191037][  T808] usb 2-1: New USB device found, idVendor=055f, idProduct=c630, bcdDevice=b6.ac
[  499.232558][T15171] CPU: 0 UID: 0 PID: 15171 Comm: syz.5.2791 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  499.232600][T15171] Tainted: [L]=SOFTLOCKUP
[  499.232609][T15171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  499.232622][T15171] Call Trace:
[  499.232631][T15171]  <TASK>
[  499.232640][T15171]  dump_stack_lvl+0xe8/0x150
[  499.232667][T15171]  should_fail_ex+0x40c/0x560
[  499.232702][T15171]  _copy_from_user+0x2d/0xb0
[  499.232729][T15171]  restore_altstack+0xae/0x4f0
[  499.232749][T15171]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  499.232778][T15171]  ? __pfx_restore_altstack+0x10/0x10
[  499.232800][T15171]  ? rcu_is_watching+0x15/0xb0
[  499.232822][T15171]  ? trace_irq_enable+0x3b/0x140
[  499.232852][T15171]  __ia32_sys_rt_sigreturn+0x2bd/0x8c0
[  499.232887][T15171]  ? trace_irq_enable+0x3b/0x140
[  499.232914][T15171]  ? __pfx___ia32_sys_rt_sigreturn+0x10/0x10
[  499.232944][T15171]  ? _raw_spin_unlock_irq+0x2e/0x50
[  499.232966][T15171]  ? signal_setup_done+0x22f/0x310
[  499.232995][T15171]  ? arch_do_signal_or_restart+0x4f4/0x860
[  499.233027][T15171]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  499.233059][T15171]  ? __task_pid_nr_ns+0x28/0x470
[  499.233078][T15171]  ? rcu_is_watching+0x15/0xb0
[  499.233101][T15171]  ? rcu_is_watching+0x15/0xb0
[  499.233122][T15171]  ? lock_release+0x4b/0x3c0
[  499.233152][T15171]  ? rcu_is_watching+0x15/0xb0
[  499.233175][T15171]  ? rcu_is_watching+0x15/0xb0
[  499.233197][T15171]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.233219][T15171]  do_syscall_64+0x174/0x580
[  499.233245][T15171]  ? clear_bhb_loop+0x40/0x90
[  499.233267][T15171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.233288][T15171] RIP: 0033:0x7fc37a53e1d9
[  499.233306][T15171] Code: 11 06 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 0c 25
[  499.233324][T15171] RSP: 002b:00007fc37b4c0a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  499.233348][T15171] RAX: ffffffffffffffda RBX: 00007fc37a815fa0 RCX: 00007fc37a53e1d9
[  499.233364][T15171] RDX: 00007fc37b4c0a80 RSI: 00007fc37b4c0bb0 RDI: 0000000000000021
[  499.233378][T15171] RBP: 00007fc37b4c1090 R08: 0000000000000000 R09: 0000000000000000
[  499.233391][T15171] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  499.233403][T15171] R13: 00007fc37a816038 R14: 00007fc37a815fa0 R15: 00007fc37a93fa48
[  499.233427][T15171]  </TASK>
[  499.733112][  T808] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  499.773283][  T808] usb 2-1: Product: syz
[  499.786790][  T808] usb 2-1: Manufacturer: syz
[  499.799504][  T808] usb 2-1: SerialNumber: syz
[  499.829895][  T808] usb 2-1: config 0 descriptor??
[  499.844944][  T808] gspca_main: sunplus-2.14.0 probing 055f:c630
[  500.226675][  T808] gspca_sunplus: reg_r err -71
[  500.247626][  T808] sunplus 2-1:0.0: probe with driver sunplus failed with error -71
[  500.281307][  T808] usb 2-1: USB disconnect, device number 122
[  500.653648][    T9] usb 3-1: USB disconnect, device number 12
[  501.069818][T15188] FAULT_INJECTION: forcing a failure.
[  501.069818][T15188] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  501.113922][T15188] CPU: 0 UID: 0 PID: 15188 Comm: syz.0.2796 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  501.113955][T15188] Tainted: [L]=SOFTLOCKUP
[  501.113969][T15188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  501.113978][T15188] Call Trace:
[  501.113985][T15188]  <TASK>
[  501.113992][T15188]  dump_stack_lvl+0xe8/0x150
[  501.114038][T15188]  should_fail_ex+0x40c/0x560
[  501.114071][T15188]  _copy_from_iter+0x1d3/0x1660
[  501.114104][T15188]  ? rcu_is_watching+0x15/0xb0
[  501.114139][T15188]  ? trace_kmem_cache_alloc+0x29/0xe0
[  501.114163][T15188]  ? __build_skb+0x62/0x440
[  501.114187][T15188]  ? kmem_cache_alloc_noprof+0x303/0x650
[  501.114209][T15188]  ? __build_skb+0x62/0x440
[  501.114233][T15188]  ? __pfx__copy_from_iter+0x10/0x10
[  501.114257][T15188]  ? __build_skb+0x2a2/0x440
[  501.114281][T15188]  ? netlink_sendmsg+0x650/0xb40
[  501.114311][T15188]  ? skb_put+0x112/0x210
[  501.114336][T15188]  netlink_sendmsg+0x6c0/0xb40
[  501.114371][T15188]  ? __pfx_netlink_sendmsg+0x10/0x10
[  501.114401][T15188]  ? get_pid_task+0x20/0x1f0
[  501.114414][T15188]  ? aa_sock_msg_perm+0xf1/0x1b0
[  501.114437][T15188]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  501.114478][T15188]  ? __pfx_netlink_sendmsg+0x10/0x10
[  501.114504][T15188]  sock_write_iter+0x47a/0x4c0
[  501.114541][T15188]  ? __pfx_sock_write_iter+0x10/0x10
[  501.114566][T15188]  ? bpf_lsm_file_permission+0x9/0x20
[  501.114587][T15188]  ? security_file_permission+0x75/0x260
[  501.114629][T15188]  vfs_write+0x612/0xba0
[  501.114657][T15188]  ? __pfx_vfs_write+0x10/0x10
[  501.114684][T15188]  ? __fget_files+0x2a/0x420
[  501.114709][T15188]  ksys_write+0x150/0x270
[  501.114728][T15188]  ? __pfx_ksys_write+0x10/0x10
[  501.114747][T15188]  ? rcu_is_watching+0x15/0xb0
[  501.114782][T15188]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.114804][T15188]  do_syscall_64+0x174/0x580
[  501.114827][T15188]  ? trace_irq_disable+0x3b/0x140
[  501.114858][T15188]  ? clear_bhb_loop+0x40/0x90
[  501.114875][T15188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.114889][T15188] RIP: 0033:0x7fbcbbf9ce59
[  501.114903][T15188] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  501.114933][T15188] RSP: 002b:00007fbcbcdfb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  501.114956][T15188] RAX: ffffffffffffffda RBX: 00007fbcbc215fa0 RCX: 00007fbcbbf9ce59
[  501.114972][T15188] RDX: 0000000000033fe0 RSI: 0000200000000000 RDI: 0000000000000003
[  501.114986][T15188] RBP: 00007fbcbcdfb090 R08: 0000000000000000 R09: 0000000000000000
[  501.114999][T15188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  501.115010][T15188] R13: 00007fbcbc216038 R14: 00007fbcbc215fa0 R15: 00007fbcbc33fa48
[  501.115033][T15188]  </TASK>
[  501.468175][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  501.605269][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  501.613230][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  501.707428][T15192] fuse: Unknown parameter 'group_i00000000000000000000'
[  501.874171][T15199] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2798'.
[  502.000140][T15197] netlink: 'syz.5.2799': attribute type 11 has an invalid length.
[  502.158963][ T5723] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  502.320763][ T5723] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  502.355604][ T5723] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  502.409231][ T5723] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[  502.457947][ T5723] usb 3-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  502.476768][ T5723] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  502.522134][ T5723] usb 3-1: Product: syz
[  502.564873][ T5723] usb 3-1: Manufacturer: syz
[  502.582924][ T5723] usb 3-1: SerialNumber: syz
[  502.617557][ T5723] usb 3-1: config 0 descriptor??
[  502.649312][T15201] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  502.665503][T15201] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  502.705347][ T5723] usb 3-1: ucan: probing device on interface #0
[  502.841120][ T5675] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  503.018303][ T5675] usb 5-1: Using ep0 maxpacket: 32
[  503.029213][ T5675] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.065485][ T5675] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  503.094841][ T5675] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  503.111676][ T5675] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.129704][ T5675] usb 5-1: config 0 descriptor??
[  503.146912][ T5675] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  503.849037][    T9] usb 2-1: new high-speed USB device number 123 using dummy_hcd
[  503.989253][ T5723] usb 3-1: ucan: failed to retrieve device info
[  504.001882][ T5723] usb 3-1: ucan: probe failed; try to update the device firmware
[  504.017160][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  504.039183][ T5675] usb 1-1: new full-speed USB device number 117 using dummy_hcd
[  504.066486][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  504.101934][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  504.127127][    T9] usb 2-1: New USB device found, idVendor=247f, idProduct=ffff, bcdDevice= 0.00
[  504.143743][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.163586][    T9] usb 2-1: config 0 descriptor??
[  504.210493][ T5675] usb 1-1: config 0 has an invalid interface number: 8 but max is 0
[  504.223831][ T5675] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  504.236019][ T5675] usb 1-1: config 0 has no interface number 0
[  504.244216][ T5675] usb 1-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  504.274009][ T5675] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  504.297886][ T5675] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  504.321767][ T5675] usb 1-1: Product: syz
[  504.335651][ T5675] usb 1-1: SerialNumber: syz
[  504.357918][ T5675] usb 1-1: config 0 descriptor??
[  504.609443][ T5675] usbhid 1-1:0.8: couldn't find an input interrupt endpoint
[  504.622813][    T9] hid_parser_main: 7 callbacks suppressed
[  504.622834][    T9] hid-generic 0003:247F:FFFF.0012: unknown main item tag 0x4
[  504.657419][    T9] hid-generic 0003:247F:FFFF.0012: unbalanced collection at end of report description
[  504.678615][ T5675] usb 1-1: USB disconnect, device number 117
[  504.703646][    T9] hid-generic 0003:247F:FFFF.0012: probe with driver hid-generic failed with error -22
[  504.779600][    T9] usb 3-1: USB disconnect, device number 13
[  504.807314][T12985] usb 2-1: USB disconnect, device number 123
[  505.188741][T15250] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  505.207526][T15250] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  505.253396][T15250] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  505.281143][T15250] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  505.672810][T12985] usb 5-1: USB disconnect, device number 5
[  506.311291][T15280] forcing mempool usage for bio_alloc_bioset+0x631/0xc80
[  506.679067][    T9] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  506.861369][    T9] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[  506.874572][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  506.888760][    T9] usb 5-1: config 0 has no interface number 0
[  506.895153][    T9] usb 5-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  506.920373][    T9] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  506.930975][    T9] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  506.941052][    T9] usb 5-1: Product: syz
[  506.945640][    T9] usb 5-1: SerialNumber: syz
[  506.954466][    T9] usb 5-1: config 0 descriptor??
[  507.068302][T12985] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  507.185694][    T9] usbhid 5-1:0.8: couldn't find an input interrupt endpoint
[  507.215941][    T9] usb 5-1: USB disconnect, device number 6
[  507.260305][T12985] usb 3-1: Using ep0 maxpacket: 32
[  507.278743][T12985] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  507.301310][T12985] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  507.338891][T12985] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  507.366155][T12985] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.399807][T12985] usb 3-1: config 0 descriptor??
[  507.436195][T12985] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  507.544438][T15307] netlink: 75 bytes leftover after parsing attributes in process `syz.5.2835'.
[  507.555293][T15305] netlink: 67 bytes leftover after parsing attributes in process `syz.0.2834'.
[  507.678061][T15313] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2838'.
[  509.024125][T15336] loop4: detected capacity change from 0 to 2640
[  509.085922][ T5827] buffer_io_error: 576 callbacks suppressed
[  509.085937][ T5827] Buffer I/O error on dev loop4, logical block 0, async page read
[  509.139254][T15342] netlink: 75 bytes leftover after parsing attributes in process `syz.4.2847'.
[  509.158852][ T5827] Buffer I/O error on dev loop4, logical block 0, async page read
[  509.177301][ T5827] Buffer I/O error on dev loop4, logical block 0, async page read
[  509.199266][ T5827] Buffer I/O error on dev loop4, logical block 0, async page read
[  509.221626][ T5827] Buffer I/O error on dev loop4, logical block 0, async page read
[  509.314365][T15347] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2849'.
[  509.426441][T15351] FAULT_INJECTION: forcing a failure.
[  509.426441][T15351] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  509.472661][T15351] CPU: 0 UID: 0 PID: 15351 Comm: syz.5.2851 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  509.472705][T15351] Tainted: [L]=SOFTLOCKUP
[  509.472715][T15351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  509.472728][T15351] Call Trace:
[  509.472738][T15351]  <TASK>
[  509.472747][T15351]  dump_stack_lvl+0xe8/0x150
[  509.472775][T15351]  should_fail_ex+0x40c/0x560
[  509.472808][T15351]  _copy_from_iter+0x1d3/0x1660
[  509.472834][T15351]  ? rcu_is_watching+0x15/0xb0
[  509.472859][T15351]  ? __pfx__copy_from_iter+0x10/0x10
[  509.472880][T15351]  ? kmem_cache_alloc_node_noprof+0x3ca/0x680
[  509.472909][T15351]  ? netlink_sendmsg+0x650/0xb40
[  509.472938][T15351]  ? skb_put+0x112/0x210
[  509.472965][T15351]  netlink_sendmsg+0x6c0/0xb40
[  509.472997][T15351]  ? __pfx_netlink_sendmsg+0x10/0x10
[  509.473029][T15351]  ? aa_sock_msg_perm+0xf1/0x1b0
[  509.473060][T15351]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  509.473083][T15351]  ? __pfx_netlink_sendmsg+0x10/0x10
[  509.473113][T15351]  ____sys_sendmsg+0x9b9/0xa20
[  509.473144][T15351]  ? __pfx_____sys_sendmsg+0x10/0x10
[  509.473174][T15351]  ? lock_release+0x4b/0x3c0
[  509.473205][T15351]  ? import_iovec+0x73/0xa0
[  509.473231][T15351]  ___sys_sendmsg+0x2a5/0x360
[  509.473257][T15351]  ? rcu_is_watching+0x15/0xb0
[  509.473277][T15351]  ? get_pid_task+0x20/0x1f0
[  509.473297][T15351]  ? __pfx____sys_sendmsg+0x10/0x10
[  509.473324][   T29] audit: type=1326 audit(1781727070.057:8557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15352 comm="syz.0.2850" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  509.473328][T15351]  ? rcu_is_watching+0x15/0xb0
[  509.473365][T15351]  ? __fget_files+0x2a/0x420
[  509.473449][T15351]  ? __fget_files+0x3a2/0x420
[  509.473543][T15351]  __x64_sys_sendmsg+0x1b1/0x290
[  509.473632][T15351]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  509.473735][T15351]  ? rcu_is_watching+0x15/0xb0
[  509.473787][T15351]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.473842][T15351]  do_syscall_64+0x174/0x580
[  509.473905][T15351]  ? trace_irq_disable+0x3b/0x140
[  509.473979][T15351]  ? clear_bhb_loop+0x40/0x90
[  509.474041][T15351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.474087][T15351] RIP: 0033:0x7fc37a59ce59
[  509.474140][T15351] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  509.474177][T15351] RSP: 002b:00007fc37b4c1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  509.474232][T15351] RAX: ffffffffffffffda RBX: 00007fc37a815fa0 RCX: 00007fc37a59ce59
[  509.474274][T15351] RDX: 0000000020040040 RSI: 0000200000000200 RDI: 0000000000000004
[  509.474307][T15351] RBP: 00007fc37b4c1090 R08: 0000000000000000 R09: 0000000000000000
[  509.474346][T15351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  509.474377][T15351] R13: 00007fc37a816038 R14: 00007fc37a815fa0 R15: 00007fc37a93fa48
[  509.474432][T15351]  </TASK>
[  509.884397][   T29] audit: type=1326 audit(1781727070.347:8558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15352 comm="syz.0.2850" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  509.962552][   T29] audit: type=1326 audit(1781727070.397:8559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15352 comm="syz.0.2850" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  510.046030][   T29] audit: type=1326 audit(1781727070.397:8560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15352 comm="syz.0.2850" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=199 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  510.070715][ T5675] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  510.132217][   T29] audit: type=1326 audit(1781727070.397:8561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15352 comm="syz.0.2850" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  510.192211][  T808] usb 3-1: USB disconnect, device number 14
[  510.203891][   T29] audit: type=1326 audit(1781727070.397:8562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15352 comm="syz.0.2850" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  510.228676][ T5675] usb 5-1: device descriptor read/64, error -71
[  510.240863][   T29] audit: type=1326 audit(1781727070.397:8563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15352 comm="syz.0.2850" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  510.305084][   T29] audit: type=1326 audit(1781727070.397:8564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15352 comm="syz.0.2850" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  510.336340][   T29] audit: type=1326 audit(1781727070.397:8565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15352 comm="syz.0.2850" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  510.368105][   T29] audit: type=1326 audit(1781727070.397:8566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15352 comm="syz.0.2850" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcbbf9ce59 code=0x7ffc0000
[  510.488269][ T5675] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  510.563652][T15373] netlink: 75 bytes leftover after parsing attributes in process `syz.2.2859'.
[  510.599330][T15375] qrtr: Invalid version 0
[  510.628529][ T5675] usb 5-1: device descriptor read/64, error -71
[  510.652935][T15375] syzkaller1: entered promiscuous mode
[  510.662107][T15375] syzkaller1: entered allmulticast mode
[  510.704138][T15379] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  510.758506][ T5675] usb usb5-port1: attempt power cycle
[  510.963338][T15390] syzkaller0: entered promiscuous mode
[  510.974286][T15390] syzkaller0: entered allmulticast mode
[  511.101633][   T30] INFO: task kworker/1:5:5696 blocked for more than 143 seconds.
[  511.121073][ T5675] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[  511.134375][   T30]       Tainted: G             L      syzkaller #0
[  511.160180][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  511.177135][ T5675] usb 5-1: device descriptor read/8, error -71
[  511.193954][   T30] task:kworker/1:5     state:D stack:22440 pid:5696  tgid:5696  ppid:2      task_flags:0x4208060 flags:0x00080000
[  511.222616][   T30] Workqueue: usb_hub_wq hub_event
[  511.240706][   T30] Call Trace:
[  511.250025][   T30]  <TASK>
[  511.275527][   T30]  __schedule+0x17d9/0x56c0
[  511.292891][   T30]  ? worker_thread+0xa47/0xfb0
[  511.311234][   T30]  ? do_raw_spin_lock+0x12b/0x2f0
[  511.323189][   T30]  ? __pfx___schedule+0x10/0x10
[  511.334692][   T30]  ? rcu_is_watching+0x15/0xb0
[  511.351148][   T30]  ? rcu_is_watching+0x15/0xb0
[  511.368783][   T30]  ? lock_release+0x4b/0x3c0
[  511.379177][ T5723] usb 1-1: new high-speed USB device number 118 using dummy_hcd
[  511.403392][   T30]  ? rcu_is_watching+0x15/0xb0
[  511.415168][   T30]  ? schedule+0x90/0x360
[  511.430894][   T30]  ? trace_irq_enable+0x3b/0x140
[  511.438253][ T5675] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  511.463787][   T30]  schedule+0x164/0x360
[  511.472731][   T30]  schedule_preempt_disabled+0x13/0x30
[  511.484535][   T30]  __mutex_lock+0x7bf/0x1550
[  511.491002][ T5675] usb 5-1: device descriptor read/8, error -71
[  511.501420][   T30]  ? __mutex_lock+0x5d4/0x1550
[  511.513460][   T30]  ? hub_event+0x20c9/0x4d30
[  511.528822][ T5723] usb 1-1: device descriptor read/64, error -71
[  511.540139][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  511.559489][   T30]  hub_event+0x20c9/0x4d30
[  511.580107][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  511.605400][   T30]  ? __pfx_hub_event+0x10/0x10
[  511.614800][ T5675] usb usb5-port1: unable to enumerate USB device
[  511.629988][   T30]  ? rcu_is_watching+0x15/0xb0
[  511.650268][   T30]  ? lock_acquire+0x5f/0x350
[  511.669937][   T30]  ? rcu_is_watching+0x15/0xb0
[  511.684901][   T30]  ? process_scheduled_works+0xa20/0x14e0
[  511.698791][   T30]  process_scheduled_works+0xa8e/0x14e0
[  511.710343][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  511.727475][   T30]  ? do_raw_spin_lock+0x12b/0x2f0
[  511.747415][   T30]  ? assign_work+0x3cf/0x5d0
[  511.765514][   T30]  worker_thread+0xa47/0xfb0
[  511.781761][   T30]  ? __kthread_parkme+0x71/0x1f0
[  511.790335][ T5723] usb 1-1: new high-speed USB device number 119 using dummy_hcd
[  511.799137][   T30]  kthread+0x388/0x470
[  511.807746][   T30]  ? __pfx_worker_thread+0x10/0x10
[  511.824067][   T30]  ? __pfx_kthread+0x10/0x10
[  511.839799][   T30]  ret_from_fork+0x514/0xb70
[  511.851049][   T30]  ? __pfx_ret_from_fork+0x10/0x10
[  511.871561][   T30]  ? __switch_to+0xc89/0x1420
[  511.887390][   T30]  ? __pfx_kthread+0x10/0x10
[  511.907622][   T30]  ret_from_fork_asm+0x1a/0x30
[  511.922082][   T30]  </TASK>
[  511.932378][   T30] INFO: lockdep is turned off.
[  511.947047][   T30] NMI backtrace for cpu 1
[  511.947069][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  511.947098][   T30] Tainted: [L]=SOFTLOCKUP
[  511.947109][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  511.947118][   T30] Call Trace:
[  511.947126][   T30]  <TASK>
[  511.947132][   T30]  dump_stack_lvl+0xe8/0x150
[  511.947151][   T30]  nmi_cpu_backtrace+0x274/0x2d0
[  511.947167][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  511.947192][   T30]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  511.947207][   T30]  sys_info+0x135/0x170
[  511.947228][   T30]  watchdog+0xfd7/0x1030
[  511.947251][   T30]  ? watchdog+0x1c7/0x1030
[  511.947271][   T30]  kthread+0x388/0x470
[  511.947285][   T30]  ? __pfx_watchdog+0x10/0x10
[  511.947303][   T30]  ? __pfx_kthread+0x10/0x10
[  511.947316][   T30]  ret_from_fork+0x514/0xb70
[  511.947331][   T30]  ? __pfx_ret_from_fork+0x10/0x10
[  511.947345][   T30]  ? __switch_to+0xc89/0x1420
[  511.947367][   T30]  ? __pfx_kthread+0x10/0x10
[  511.947380][   T30]  ret_from_fork_asm+0x1a/0x30
[  511.947402][   T30]  </TASK>
[  511.947436][   T30] Sending NMI from CPU 1 to CPUs 0:
[  511.951449][ T5723] usb 1-1: device descriptor read/64, error -71
[  511.952227][    C0] NMI backtrace for cpu 0
[  511.952244][    C0] CPU: 0 UID: 0 PID: 5723 Comm: kworker/0:7 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  511.952268][    C0] Tainted: [L]=SOFTLOCKUP
[  511.952275][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  511.952287][    C0] Workqueue: usb_hub_wq hub_event
[  511.952316][    C0] RIP: 0010:io_serial_in+0x77/0xc0
[  511.952344][    C0] Code: e8 ae 73 7f fc 44 89 f9 d3 e3 49 83 c6 40 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 ff 91 ec fc 41 03 1e 89 da ec <0f> b6 c0 5b 41 5c 41 5e 41 5f e9 0a 23 66 06 cc 44 89 f9 80 e1 07
[  511.952359][    C0] RSP: 0018:ffffc900044eef68 EFLAGS: 00000002
[  511.952374][    C0] RAX: 1ffffffff34f7600 RBX: 00000000000003fd RCX: 0000000000000000
[  511.952387][    C0] RDX: 00000000000003fd RSI: 00000000000068f6 RDI: 00000000000068f7
[  511.952398][    C0] RBP: dffffc0000000000 R08: ffff888140eb8237 R09: 1ffff110281d7046
[  511.952411][    C0] R10: dffffc0000000000 R11: ffffffff85469110 R12: dffffc0000000000
[  511.952425][    C0] R13: 0000000000000000 R14: ffffffff9a7bb460 R15: 0000000000000000
[  511.952446][    C0] FS:  0000000000000000(0000) GS:ffff888125272000(0000) knlGS:0000000000000000
[  511.952462][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  511.952474][    C0] CR2: 00002000001c3030 CR3: 000000002b6ec000 CR4: 00000000003526f0
[  511.952490][    C0] Call Trace:
[  511.952497][    C0]  <TASK>
[  511.952505][    C0]  wait_for_lsr+0x184/0x2f0
[  511.952531][    C0]  serial8250_console_write+0x1373/0x1bd0
[  511.952562][    C0]  ? __pfx_serial8250_console_write+0x10/0x10
[  511.952588][    C0]  ? rcu_is_watching+0x15/0xb0
[  511.952607][    C0]  ? lock_acquire+0x5f/0x350
[  511.952635][    C0]  ? do_raw_spin_unlock+0xf5/0x210
[  511.952657][    C0]  ? console_flush_all+0x123/0xaf0
[  511.952678][    C0]  console_flush_all+0x6ea/0xaf0
[  511.952701][    C0]  ? console_flush_all+0x123/0xaf0
[  511.952727][    C0]  ? __pfx_console_flush_all+0x10/0x10
[  511.952750][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[  511.952776][    C0]  console_unlock+0xd1/0x1c0
[  511.952795][    C0]  ? __pfx_console_unlock+0x10/0x10
[  511.952813][    C0]  ? vprintk_emit+0x2cf/0x560
[  511.952832][    C0]  ? rcu_is_watching+0x15/0xb0
[  511.952851][    C0]  ? vprintk_emit+0x2cf/0x560
[  511.952870][    C0]  ? vprintk_emit+0x2cf/0x560
[  511.952889][    C0]  vprintk_emit+0x485/0x560
[  511.952908][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  511.952931][    C0]  dev_vprintk_emit+0x338/0x400
[  511.952953][    C0]  ? __pfx_dev_vprintk_emit+0x10/0x10
[  511.952980][    C0]  ? rcu_is_watching+0x15/0xb0
[  511.953004][    C0]  dev_printk_emit+0xee/0x140
[  511.953027][    C0]  ? __pfx_dev_printk_emit+0x10/0x10
[  511.953048][    C0]  ? __pfx___up_read+0x10/0x10
[  511.953069][    C0]  ? __dev_printk+0x131/0x190
[  511.953088][    C0]  _dev_err+0x11e/0x180
[  511.953110][    C0]  ? __pfx__dev_err+0x10/0x10
[  511.953139][    C0]  hub_port_init+0x1e42/0x28c0
[  511.953170][    C0]  hub_event+0x24e8/0x4d30
[  511.953190][    C0]  ? do_raw_spin_unlock+0xf5/0x210
[  511.953242][    C0]  ? __pfx_hub_event+0x10/0x10
[  511.953261][    C0]  ? rcu_is_watching+0x15/0xb0
[  511.953281][    C0]  ? lock_acquire+0x5f/0x350
[  511.953307][    C0]  ? rcu_is_watching+0x15/0xb0
[  511.953327][    C0]  ? process_scheduled_works+0xa20/0x14e0
[  511.953350][    C0]  process_scheduled_works+0xa8e/0x14e0
[  511.953382][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  511.953402][    C0]  ? do_raw_spin_lock+0x12b/0x2f0
[  511.953428][    C0]  ? assign_work+0x3cf/0x5d0
[  511.953456][    C0]  worker_thread+0xa47/0xfb0
[  511.953483][    C0]  ? __kthread_parkme+0x71/0x1f0
[  511.953510][    C0]  kthread+0x388/0x470
[  511.953525][    C0]  ? __pfx_worker_thread+0x10/0x10
[  511.953548][    C0]  ? __pfx_kthread+0x10/0x10
[  511.953565][    C0]  ret_from_fork+0x514/0xb70
[  511.953583][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  511.953598][    C0]  ? __switch_to+0xc89/0x1420
[  511.953622][    C0]  ? __pfx_kthread+0x10/0x10
[  511.953637][    C0]  ret_from_fork_asm+0x1a/0x30
[  511.953662][    C0]  </TASK>
[  512.017986][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  512.018058][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  512.018139][   T30] Tainted: [L]=SOFTLOCKUP
[  512.018161][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  512.018201][   T30] Call Trace:
[  512.018222][   T30]  <TASK>
[  512.018245][   T30]  vpanic+0x56c/0xa60
[  512.018337][   T30]  ? __pfx_vpanic+0x10/0x10
[  512.018402][   T30]  ? irqentry_exit+0x218/0x8f0
[  512.018472][   T30]  ? trace_irq_disable+0x3b/0x140
[  512.018564][   T30]  panic+0xc5/0xd0
[  512.018619][   T30]  ? __pfx_panic+0x10/0x10
[  512.018693][   T30]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  512.018778][   T30]  watchdog+0x1030/0x1030
[  512.018879][   T30]  ? watchdog+0x1c7/0x1030
[  512.018973][   T30]  kthread+0x388/0x470
[  512.019026][   T30]  ? __pfx_watchdog+0x10/0x10
[  512.019098][   T30]  ? __pfx_kthread+0x10/0x10
[  512.019151][   T30]  ret_from_fork+0x514/0xb70
[  512.019207][   T30]  ? __pfx_ret_from_fork+0x10/0x10
[  512.019266][   T30]  ? __switch_to+0xc89/0x1420
[  512.019342][   T30]  ? __pfx_kthread+0x10/0x10
[  512.019396][   T30]  ret_from_fork_asm+0x1a/0x30
[  512.019476][   T30]  </TASK>
[  512.022242][   T30] Kernel Offset: disabled