last executing test programs:

6m45.76843226s ago: executing program 3 (id=1705):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x20, 0x10, 0x200, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r1, 0x68824, 0x60043}}, 0x20}}, 0x404c040)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x0, 0x0, &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_generic(r3, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c000200"], 0x20}}, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{0x0}], 0x1, 0x0, 0x0, 0xf5ffffff}, 0x3f01)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c040, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r7, 0x18, &(0x7f0000000180)={0x3, r2, 0x20, {0x7fffffffffffffff, 0x4}, 0x6b}, 0x1)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000006c0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f00000005c0)="49df22d6ba797efd1ecc2b4db3ad3f7840a343a16e8e05392cb6ca5739572f418fc6d5c24d673989eb463b4a32bf99e80e8d55a1a30b902a1cd4f6e80691fb78763f4383bebcd436fd78ac823c83c2b59d56", 0x52}], 0x6, 0x0, 0x0, 0x20000000}, 0x4044052)
setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, &(0x7f0000000040), 0x4)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='nfs4\x00', 0x0, &(0x7f00000001c0)='\x01')

6m44.829792612s ago: executing program 3 (id=1710):
openat$kvm(0xffffffffffffff9c, 0x0, 0x327fa1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioperm(0x0, 0x1fb, 0x4)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x0, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000080)={@dev, 0x400, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000040)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x200, 0x0, 0x3, 0xb, 0x13ec, 0x1}, 0x20)
syz_open_dev$ptys(0xc, 0x3, 0x0)

6m43.846711326s ago: executing program 3 (id=1717):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
stat(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0})
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000980)=<r1=>0x0)
fstat(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000c40)={{{@in=@remote, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@local}, 0x0, @in=@empty}}, &(0x7f0000000d40)=0xe8)
newfstatat(0xffffffffffffff9c, &(0x7f0000000d80)='./bus\x00', 0x0, 0x1000)
r4 = getuid()
getgroups(0x1, &(0x7f0000000e40)=[<r5=>0x0])
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000001000)={{{@in6=@private2, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@remote}, 0x0, @in=@loopback}}, &(0x7f0000001100)=0xe8)
newfstatat(0xffffffffffffff9c, &(0x7f0000001140)='./file0\x00', &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}, 0x400)
r8 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r8, 0xc0045516, &(0x7f00000000c0)=0x81)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r8, 0xc1105517, &(0x7f0000000480)={{0x8, 0x2, 0x82, 0x40000009, 'syz0\x00', 0xffffffff}, 0x4, 0x1, 0x4, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
r9 = dup(r8)
read$FUSE(r9, &(0x7f0000004580)={0x2020, 0x0, 0x0, <r10=>0x0}, 0x2020)
r11 = syz_usb_connect(0x0, 0x24, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000b5b30a40450c8f6055b5010203010902120001000000000904"], 0x0)
syz_usb_control_io$printer(r11, 0x0, &(0x7f00000001c0)={0x34, &(0x7f0000000300)=ANY=[@ANYRES8=r10], 0x0, 0x0, 0x0, 0x0, 0x0})
read$FUSE(0xffffffffffffffff, &(0x7f0000006140)={0x2020, 0x0, 0x0, <r12=>0x0, <r13=>0x0}, 0x2020)
lchown(&(0x7f0000000040)='./file0\x00', r12, r13)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000001640)="919d49291ab1b2d7f5b21eb44d239aafb9f80feadf6fdc889bb5c5fdac717259d73502853a776f128c38aac91a01452fb2e72c2733b794de9f986e476ecd6d97983cd96c36d969136ddee877c47f41627cb4a58d72702156d47268d172ec63976b9725e2b49f3c40c48578c7b22f8b0fe4f18768243f7e7a0e8bfad34d42174ea80ad9149e449f3b9f195b5d349f2e9b8d0b730ca35e8303d470eb5801c31b7f78aac1e9643cda80625c5e5438fa9ec7fce64aef33cae5ceec495a4fa2952ab7ac76647365d0ab156eecf8b6f8a67f576d27a90b0b10742e0577774ad7a3f46d64c0626938362a3d9ac083c756b447871a4019d4fc1174b9c43ed3fd5370d5aadb902a6b6761cb940aa0b07a821100ab5ad1f893e6fa306a3fed6b9e2c462027e4426e1b4e8d4d93b62155ab9b40327fff759508b2a6c837ce237e84a6d70a8b6e363a36df95999e30e72b2b2d04d8fc37e923dc084949cbdbe35d60bf3d427c5e7fd874c34c752e3279dcc5767483ca649c429e50df05a687464fd7b9c47f884692a7902cacca6cef24b49d0dc5f24d961bfc1f55684c10006a4e201218fc72d4dc8a68f4276b8632ff0321797b77795e6c437eaf79fc749df5edf4dfd69df5b8a7f80e244da633a690273794ef0d5f4f7484a961e99254b41a25d1d87313440cc023ae4b39fb3542d6887e790e29824c38a6ee5b53726b8681edb948ce3fb0ed208a273dc4f2ef8a49e5b74b71466397b02861bc04cdcdb81573c704a8daed6bd44671d6c80a750467055483a5b311c6cdfced3bc2277bc3b1535cd90365dd7141c45d18de54c55a47fb36cebde58474398d88865b219a70f299f0deb6b16a9a81123d8ebb213f7ef997ab8359edfb746e69b8e4a0d410e3f7768936e8ce5b0067227d16bff191de320f69d9fef3317073b9db47c08a6a055d6b226b7b5d8b896f8833f9bf7bbaeee8e2129f537a78277a69fdd8167e40f89bd1750edc12e211834ff81eebb9c0fa16bc9f236be582e7400f1d4da2c8b5bea164747aac3eb66a288923ee0125316e0f775a70070ea14f80ccc70dcf3dd0a62e2f8941948ea22d0d210b2a36d3d5c7e4d525b3e6963b97380fbef22293de39e598874c7629f2d9fb248e31671a3bbab0cb6c6e83ff481414e052824bf710ec7cb2ddf7781217d1283735236600c13c4779a911208b801d8b16c06f8c9719032e444ea7a368c0159fa5f4e951ef2b3b206d1b01df620c3b9214f938bf25612cea98c4f1a481d23ee389b84531338b3239a312c96968cdd0966fd423dff7c0b45db6b641e3896168aaaa9870e15fbb513089982643789474ac4c917c438a569d4c48a150e1d0d9f7ffef2d494d44b0b9d46147ea91a7767e5422a0d82392410649ed7564a2f42b148ed13bca170fb7d9723f713a6cf9d4d26648de8b3b11259cbc2f89726d79e37ddae8c1ee78556fcfaa4fa804b80eec0f708cd08427ab71cab5d9b5fc51dc4fe39046330c99563a6f611c2d765ad578675ea58678c4bbce56df82a3df81c80c0837c32b8b7d8139e775fa2beb21fa5e4f7816938896d186432900c17850d179a0a8b35485627c2262e8e590c0ed0700713d0061f8b61fa840aee871c3dccccde08204ebc143342ac8323e1c69a4b5479f3ad1c47a6dadf73c85957c152f46da0f94f487b278a45207af9484742668fe9bf53230f4927ccfaeea20674fd8ad121687eadb4c9e82095035f7ccfb3edc454761b8d3cd1e5e28a8305e982fb8eca7dea0d13860c9b5717316b2c67457d3649fce6919fc548114154595aaed97f882445b99429e07f5ff0e7ecfcfddede6a15de6d7c1d76db94e0ba0205d84179b1f705f68aabc3de7a5888754fc20e1d3c38ff2ad94d6d54e14dbd4d696d9b5113fa1f18193879df629decd3af3abee22178dd5ffd0fbc94e286717ff3bbf79c3276c708341ca5c6b986b194fb4a80f8c69b1b066a6771941b607fb703206e9e0e1fb96cc32c913f2d9580c1b56f5c325e0e1c0d48636b95421a67b0f35947cbb876fd76ff42a7a2fe93eb52fa79da1b06366255563134a91a7804cfe3b28dce77d9d41e91c81e4bdb7f01b062246b1e4e9a52a80229a72ffaff3e9fae9717c101a28d119fe0501a990614b4228019886bd3e4d74f517578a69ce29ccf4aafeb93c0f4967dafa5b0fd3459eddbcee652c6d2e90ec1685285e934c571f1fb0adc6dea14d14200f1c1e72236ce80aee2c8e197392ff40ce4e7feeee75fdb89f150de851602e77ace68c28871b461103d389e3a6eacf0dce98c392e60e57ad6024d2a0f17696ed4851391dd2b6bf04f4cd66d298f841076875cd364d44ce4c05845e6ff9f8e3733fcd53b0172328e78ddc624840a11c44f684e148b9dbb0fbd8bdd02e18a4ec6004b7f33b97a0a6fb568fdb0bff866bf88bfc0172133f77a8f86f1a500b197adac5906cf49066dcbf2930dc58bb9ea3e2d3a18cfe66d88dc9ff137fc56baa154266cf9cc8e13105648d27c3b055f996936cb2f8e516f7c857574772955232d4276ebca9921962ae401a12fc553142795b6c772bbdbe66062d949c7842f4186b38b50831afc943241b5e8df20e3f5921e23f6d45c6a2810417c3dbd46cba45cb5f0a83bff204a13c7110737aacb6bb792acc2efaa26d1dc633a9fb55cd3e402c6e14c498d210b5dd349a47c63087c9376d5b029f44bef213441b8fedd63101a3fd44501a56bda241ef2dd948ed61a68cb9488ee22f85eeba029c9e1c0439c134a4e2edaebf15f4ce5be9fad55d031774e72952df5b5396dc657419b6477c82c73554f6946c8b63f320b784d8cb0172bff1f3064673ef0098e3a90912d8ee87d06cf5c57ae50b822e838d24f361853f314bfcbaf04243f1669ae049ae3387c5eec00e9b9c379b459f66f808abd8bba795e872ff632ade189ed71d029099971a5ffb402a2f1bd9c4884dde79861e6d753b05aab4b82598c32c95986ea81bdf585826e3e8fea612e4a906b04a9912b92f3be3b795ed8e1cd196e76fcaaf89f61d967486dc0140414bd9b498d568845e2b57b2967357e52a30d58ee26125677d9bea46897974c2b1a7fd0270aaa960693042714cc43e09ccbb5be0043bc1994e901e399fd5b6694acb00bed52582c2ee09cf033ca67f95ce6da12f80bb9bc7d39905bd386270b212129ad033dbec4f40bd8930aa222ce2b15aaff8a515f3d1c3e4e5ffbf47b75e9718e725bf0b5152790bccc7f1d60e34c0bb7d06415d520c05719f3503f0f688e3e9ecbd29bc54aeb9f3bd79bc0f0eaf7613ee97d51359b7f135825a78def3f490bbd7c707fa5b4b373bfc329ccc2996f3668e88605e3ef1c882b8a1d4477c9a569e27babc5c1efd1575ecc4d9dbce149eda3c014e22dfeb448e56a99f612707f0cb11b0fa6c20e0cc6f7903ecb199bfa648786e5010185d9dc9640cbbc82220284e4c341bd57064c19e7d29b4ce401744b6bfc1de441663a634904df50bb643ab082d6c547ee77855c8bbea689a77238710ffa9b92af3c1031b77e4c7d5788f4aaba23c7646ec22900b0761bfd8a62fa42657b66020b11d50e4bbce80c579ea85f24adcd2ed035578509e2d8da1773c4c521a83c3db0f8a14aeafaeb49f9624288f16670116bb56247a59c987e24b491ec04f61d7e004d13181281270517b9a126a33a51baede5a29b1277661be52e3f5289e81d019d24ad308a8f1f817b2341821e91bac54bfc431f9ceb55cc589c08bbd3908046b8fa6c20436fa5f7613695a3d41350af9fa9a93d976c8a9038b051f8ea22fb38a05b8fa2b6ab92d1ccc73842f9656e8d62e85d3d9cf0ec073edbbe355e3e4a2c4f04fbc19c56011b27552fceebc6f0b7756d092e11747e2e299d31441f09d360308de95ec3c42c669dbb96e60c5977e22af51ec5acd0e571ebaa2c02039849e9bad69bd7a5191da349a58d6a228c76009811a4e92550792bfcf45a6e0d34e18938752e696893e02430bc1084c10efa9469efe93e3b2ec5433356491cabe97239cdd8fef2a38922bf8945d5cb990833cc330448ebbb1d3359d342df4c263d8bb0f7fa13e0eb0e6bd181deafbdc4e5d8c226b4c559fd099c8064c73ef96282b79ff61c536d12ed1a5534e6da9787a62c4591a4999807df3096d25897d48d5164863b0ecd01534efa79cf71bc1f756aa2a0ed63df3f75e078656b2c0da12b7f7b526c8f7088c7ba4563d0d44590b0fa040c1c106c5a8dd9e3cdfc6142d39ef0a91eb639a5ee98bb6a809ea8a9e26f2ea0957e4d44d0fef29f360298101e6cf16a8977f4c1b506688d67a3fe3f00c5455590eff6e073ba4055f1a4cde0e9564070c766c284ededf4b1249027a4ed34c28cd000bdc1aa180f1d97a6792d207f6ca1a9c07a1190ac879c2cdc37f10330635dd0fbe6e9af78bf86ad2273983b370f1a4eee18028498a3298ae87b9203e9f35c5bf64f8f2dd3b3d8834556a3c166012399cac80fb054e84395f2b740206fd2a41345685408f9ab6b4f09c6c2df9d95243c82a4bcac293ee45850738f3b1edf0c527bdda9ef88b95aef980ec445f7926c3fc58a9459be9561e398acbe2c32d644b74ebfaf0d641d76adffd99019214130ccf68840afba23c144f4920526e6ffa048c86f673d5b134b9340f0a194155a5750e0fdfffb8c81c45c0d3aeb1973db7edd71d5325eb5f27fcc4352238d4f0f7194a5dbc88cd9cb6b8d56d49ccca046f7f6246ff0a6626c22dac1d16bc3e71832cd5dea1c957e3475bb433d6f3989f74ecc9eef3fce7181f987c7084a049b8a4d08b787ce9ec88652d052afddcac7bd0fb25082f137e501df167f32e9af38db7c94c114a8e7c1b3e8194f65db74c050a58d89b4063adf1a3b86ec4bc3fc19d20c61fc346af7821c6ae494ef926be7c1515730db8077b95c88b79b2fcfb5789a9ff45c9fce84edf49adcbe37cc993bd05482f49ae491535b25d6bac7a610aeea764ad3a21cb1fa8e72ab84da7117cf5d96c2618010488efacaa3ad9c7682785b85db579560ba8c458d1b150d0016feb7fb44b4c03d65dbf4f73f780adc0698ef3deb6cf25dfa190b56409088e2e487531b8da512364656bd9957eea9a82bcd5965ae2fda5e8951dcfcb1737bc3dae287adb10aa2bb0b880d7a7853635bdc2ae480c6c160943626fef99d7606090f59f12b2d0fa80b88df2e78079e4389240b38747674e570ef3c96367f4e24101e71c5bb7d5292cec0f6df4b8e926c964ad1720a65f7ab44b2b27b4707ceed4f045f67b2f858d5e3d3b718c98d682d1ac96af2003f7f4360291ae2e761333d23a9a8c4f68643dbbd9248c677e02351f922aa5f7a2f5af44b3989a6e1188e0ae815e3430dbba337ab066d65cd7c7257aa0ebce39a29772e3c497763431b273cd7856184adf1a8f174f973d7252519e95307b96af7c0cf5919fc0b4de89fec36271eeceda67c9b0c0fc2178fb9562a30a21425c8100205f5b1f07a18028df9e3c08f1b6d922e1d8717a9acad603db2251fd92549d89ebefaae479d5c6987b33e7cdfb799b1f29bf3cf5a3896cb4cefa983581ecb85d108c824d5543aabdedc2b10296b032ea8e6758be35b5f710840b9f7f726b48309576f284d056c9a8ebc01a61042203ea9553769c634bbf30e1008e1ea9e9c707a702764bc5a09e91c2d35f7d2767aa460c2608b552ae9f966a41cec6c851559c7aafcc37f5620efb7560ed6c9834fecf3d3513f2a53b52ddd6451f701f7ffb4f9f01e3f2d22c85a525c04c391d00e4adaf4f795f596002aee4ae6e2402ff188fa81777662ee1ea3e35cd6728ed80dfdec6bb3ea7d47212493578246d60953288a1ea7be0a408a3b3e209b586171bc9a8192264e40eb34cbb02a607648ea9148e9c37e3193ff39b8854ac24c0e81209e9d5eec608a3c948be1828f4515cee5751ef4f9fdd8558ee76bd5d29e1aab2a593ae34f1e7b92ed929a787456dd72d0b14e7334feddb04810f4740484ea8ed4658dbc127ab05a8fe4fdf217ddc104c2e70009f97d90c53e49791419184bebb9c970228ba033dad211875fa65a031afaf12946435fc7fb6159479ac43b5e223092ac6a69bdba5e91bf8223ec49a84b8db5e4af2803e1959accfcbab3564669aae80dcfe3e1e645ec45b28f76de3e93e04dba2e6520a0d88d715e2b7e908b052677ccd64f09cf3955fed74556092cee423d48e0b6ed64143849a2ae4fa83a19171edbb1b9be1b601e06bd95daaa05550be601afde6fb5b43e5fe2ecf1f5d7cd8892f1db3877b56b245ed26e9dc9f57988f15de678d86bc825246817b9ae21f37562102af4bc05680ed5019c77e6b3d2cb3c5f30a53f8893a57b8c7e4903724b14fecec59aee9b7b1085d31983ddba24676314885a5a180cb407983c6ee7956ab6c58303d943a637807b3922a7712707719ad2484750f47e86a0edb27fdfc5164993d7aec226ab276c69a9f182cb5202a549fa1b92a6c326f9207b83ca0c9bc87a270b1c18ee48ad98a8dcf5acade4e2ea25682534903be02f0862e8875954a93841102aa9ba4b9ad1e4156b07db15a06efe22c999be5ff0191d54d61c2f8c6ccb4610aa1fd131294205adf495419029de010ee9e0e6d0e3ca6062c2696c7a13afd6eb0945c405b5df1c9ac9df3215d94683246951ab55c41f07bbb8e11c91f367656d11d0f61f9cecc87bfa6e9fb7852bff80c7d8ff0c9f934d05ace4e958706d4cde857ee62acd6f5595fcf481ee1383feb24d072eddc533a5c09555926edab304c1f0f8d496ac98959a277174a67aefd5ba7cf1a1a9352eec411bb0b22c4150ac7e1166c2e3d201112962094d5295c798171c9dafd6e33860edae766d5a367832f60c864301430be71283518b015ebf8a30f489a9a376f711bcf61de889aebc5a47e3d5786b0e01b65819428a644f9a6197537a61b5bcf4197ee996660d56330b589c87541cf1af9b31312fb46b0a22afe538be0176cbe64eb0515adbbb4b11dbd0f2dbc73ccd297cffd99097f06a5159f54029f6ac83372d48196a5a474c511359637310d4bbc2e65d11b20e0ad430b05613ff450a47d69f66cba298b8ce93f7a14a75f46f1a9650e2d046fa4e64567efcace5249a592d424287f2dc5f76a675c9fab4bc99f21406045e5f4b0be7dc10eb3ad954acbbd100ad53c5a3781bdcfff0af390719a80a2078c8f27494e78dbfed2340ff66994d9d9f72758b986794966da20b392af7691b8a618c2081b1999cbb5066ae5fb54a9423816ae6f5c814328e0a483fe123f22034546734fffb398ea29f34c9e6e1beef68c7f91790bde37210698a258912169e0af1a4f878b2902d26fb334a7b06222b2efb4dbb8ce5312dcbfe2706bf1f64c3446cff4fce95607a01158307b75bc59c657732e53138bb7184af0a75817e775c984ff4800aa63a73dcf321d310fdc917cc69313e7ad62a415a75f5306e5c4d8493fc0d32c286dfa2e1922156d8297af9134c3cc10dee4b31783270faea7975c81c21ca18a595f9caef1ba61a70a909dfbee57ae14e635d3922cc30e8f199845cfb1be38d28941b6db7d9ae3596bcf50fcd6db25ae502345c355c096bbcd5fee39a8404539f2c6656e364d0d8fe6e9d39a0eff3fb0b44c66b9da434fd4ae84ae4cb95061161d59dceaf7fbbe1650010434be516938650a7b790096228abf802e85172155bbd6845fa9eae195118c182f43c715eff3ee0f59639bd4e448d86fd34ae70864f0a3c6f622255a7ca7da62121b9524588fe7affa85dd68dfe15b9122db5b7f19734dbaa42d4ff00b0227597e6363eb601d64db1830054473ec4b0990a58ec2dac489d860f7a18877c0c549b0de5fed7c87dd462a095bd695e1401a67ad2a3d42d2b6f48408192291d8e2196bdd1868c0154f6b9533e523c7ac6439f56e170e375c57f13b35d22014b30d838eb18adb49c4bbc8bbca83dde0d403d0de7e00457f0cf4b7121092a70a3c4da28316b8d5053ca45a2205198216adb12649188003b0fe2d765b1a66708e1b92be8f83881487e3d4ed59e7dd876c5997f20890c4e59ab7b040084dae0f8c8c1f985926ac6fdbdb351fea39c99d7444881dd1d65c8a1e0b0c87db0f6a05b9df9d82b10c619677c072e6eed7c6a8588fe7fd66576208745742809924792a074efd4a87ae5aedf9255185dbabc5f2499d2490392e7db372eb4767ae88e43aec244f6ebb7f596a7aa8179cb420d911f368b7127ef6ae53ea65dee5e63c618c520b9d9ae1be205991565d6d0ccef8c17aa9c057e3f0dc60686b78f6a964650254d788f5b5bb022af5e4befc07e2942527f978e5cdce725d077131b5f7d5ed984b636bb2611241cd555ef0a8ce9537a156b1d3aa234533595f5f9c400814bf7b2a213d4e22386f2f179734010987dd7500a7b3d78e4141c0e610248ac9d781c0e1d728e8efdf6be994eadaf6045d0e45cb59eb0dd20166f1a8cea19a8e2187d72d5a2d5bb8dfd69b3ad3577340b653b9da68644bce6b5cc3ad951a4fd1e6d385bfa890eb3125a8cb40d961bef99aba9cb5c6ce2ccf9ed0afa9cfa9b02ec58c5a03d6b553d401446da660fba1ca495cc882c59422b9a388bd5a1d6f0ebeda7a56b9cdcbc92d131b06e2d214d86ac4a4416eae9cbf753d3d3acddf10029a5bbf04c3a2023fba47db3c7dcc479127aea9d9efa0e0189a447ddcee7fbc1ff4a96b0be5ec4328c42cbceee4e5b75cbe53ab837a8b7dd3608c50849f0c5274b0e8b7c87a38cb3f873badf36faeca3274ee3886278e5b32bd3947a78b6f896f36dca7f1280d2b4288181c8a85a2d9e0544cb56295e4a80766f025ebf689a1ed069605188219fb6e248bd66b2e4c28c49fa8a49e84df81777338e28699684ab28da626e1d56c27f4ce577fe3a681827436af6e3fde569b997cf50b4383f11a690ba8aa4628d55f27527c0dac8bdeef94eaf863019f8bf4872a308b6378b3e8d6b1344e16a72047452e1a39007ecd045ee58582d2e6a0cb3221901b905d2552aefce4efab8f6bf8246ed02b36601e64ebad604e09a1e7333b6d37fa4d28c533f5190be895fe3e0e9c98f3aef885061b713fceba5e749cfec11f7280a754c3ca9e9820dffe8e17255f9181e6e2dafc795e42a9a932723a8faf30649c165fe7a57396d9f18c5eb08311edbf643d8b4a6c9152cb01ceeba1f3f811fb7623fcb757d0b541e500c50197091aa8bd7b49e63170823d385cca55c31fb457e436cacb8d31d95e23cebfc12da3b0e367fa1ece6a533a6a1c27898943b535101865f3ca0c4b4cb8704f17073f8b79e7dfa02d5ee71ec719ee75a013e33129b96db67a2d797db672cf905bcde6ac6600ccc636d026298c04ee297f0c6b16b08bdee695981cd544b80a427b768cfc57ca5c5c6abfe34c49b780a5715d97c8c23f80d40609cf93b13abb51df573b073cb1a5a1ae2366fe3f76d36b5a9261c73f21b10916f414da4bba24732c3f662cd53b796379689b35623d614dac2bd79b9dcfbcb3c1eaff14ba02ad6dd574794af60ba019e2a678cc2240b3e12d3ec81e556b9b53bc486a603abdd7e7bb2fcab724cee95b09b313162461c4608c43d4f7966a2d5d879b5be2593a06b29496954a5b624b53e595fd011f11e54a5d1bf4ebddf78af36aa73da130e25b4534b4ccccce519b9e07ccaa6098011a0533bf0ea57b9ed3d529ce4bedb4cc32708e9c8207bc00259c02a2f119255a10546fdc455ae54987662e8083b3d0b3e5c495a6003a6e306e8568180d5384b2f8e999171008f1630de04e8429eff4f3fda97ad185ea44d0eb0cb3f59eba8c143b5adcd3de6538c8151d5496fa17338d8d7b8ba2d890e279212fd61a52f95fce8c0b14f77187bdf1cbd788cb17981952e8f1b9a450456bc8061cd226d6ac74080b4f5408afe781f159c9de169c92d70bd5b1203bdb611104642059d8baaa2ef41c4b84baf1ea2aa4753d1ed452ac36045f5378b2a265797c4d075900f99e8c026d78ed2445c5aef778aa3b8a0894db109e43fae12ce2aa4234163ed638906c32b047e628addec7447597555f9d60a27e01e006cac9284e39191cbc5b3fce2bec28fdc652bc375fa136ef688fd3ca784929d0169d80f53d4c43a53499d4bd1eecda6f4dd95c354b8696614f7464590bf4020ff0d8a289f0d1033a3e35a3f009e3689ebc5e02aea3b28665392d73542c5ca59728c3804566048e4bee7bbf861b22b70c87f7b9891bc160b7c8f3ef97b26a100882a0f4c9511a4d35966c17604f9af75a4f506d1385ec9c0c25a2ba87e72f59eaa6900fec99269208ed4515db08ab76304481031b82c20e7a156db205645268488aeae6c625a307efa6ba09b5e998520b7f4f4d403435300ff25915b3a03a7042ec666e3cd14f115b51b3572ad48ef1cb82c3ff824d4695f05ea836724d43196c76b0e0d1acb19f7e4b6875c1c267de8d23dac260937b96a0b7173e9809329fbd935b9c1799aaf51b856691f3dc5e9386eb0a885decc73fae4c723a049f7a310f2419a52a86e6249d2efad5fc5a26fa36cfff7e1e27c3a62d098a2357bc3b53f73a3f65beaec84f89082b4799ae3cb015736d1d658eed6abdcc722f8f3901e64cb2883227b98a46c9d0d546744aaa54a92092a9e52c5ffa9cbac05c0c534d43722bd43ab1e370f85002c45c469b238a36be85f647b5ae44e79fe75c4869952702d31c12e694a4f2e494686712d4f15d7d40fc72a4b7f17b90babe522207d2890bb0cf95b9083a510336c8058abcab89c54a9c4df02d2b18f072ee462f35aa4011075e241187b167efc8195264676a8f9e26679a0a7622efbd529d15acc621ba563fc6403bdde083f0a1b1b5cb9b76aa8ce2d9214b0f125530a68dfa6c047aa28e6718ec33a020dd7e848502a63650c11737d1f76d6ffb7e79fdcc5b777b5b0600009927cc5741df628849584e44e5381a49f676c560e5b8b719dcf5bfe2d70cc6b3f3625ab1d2929e56a1304d7c137033250ebd7dae4fec963d342e52694cba4482c21c99b7309939d25db065efbcec00d12e83de646ad6317e751888a241bab2f93eca5c4c43f933625e6d786b20a2aff98ca52ea7f55cbad784001a7de4f9df1e34c5c4be052611fdd21ea2bdff2dd95c1de21aa5a54777a5f050edba159630555a89e617c033053587c94fdbacdb84930b79a7d4952c7c5c7b1eb6b7cfb219890d2dc0ae7e1196775c52fe45182d3aa68d0674700df07549b66556050bb997f25115f39b206ea7e4fdb8cffaf6462551679b3a7935113c26bbf850ea50bd38c817a3a41e0f7ac9e2738d1dde59e92adbc3fabb47eee1977ac7e16281e4a3cc76e60e106f55013d1daad0d21e765ef8d13c514f21f180df1090a6d0c7ad23954dcb394463d3ed1a901231887863828a4400e1445c5d5da3c3f5b56da143b4273f36ed32a6b3f3df5cc50ec7c552562d2016a3584ab601c6a591eea77a516d54372bb45fb8edbe2c8f1ef94ac4d18e1972c71af223b8a1e1d15ade72f0007259ad97cfc68b9df5493b0136eb10444b54b54ca23e955ca7d2ed92d032e502aeaea1a6f10e4bc67ac0e5c48df2a7154cf316fbb1e5b1290fcc54ca7e5ad1cf23dd09", 0x2000, &(0x7f0000001440)={&(0x7f0000000280)={0x50, 0x0, 0xfffffffffffffff7, {0x7, 0x29, 0x1, 0x10008, 0x3, 0x9, 0xd4cc, 0x7, 0x0, 0x0, 0x10, 0xf}}, &(0x7f0000000380)={0x18, 0x0, 0x1, {0x4}}, &(0x7f00000003c0)={0x18, 0x0, 0x2, {0x8}}, &(0x7f0000000440)={0x18, 0x0, 0x80000001, {0x8dd}}, &(0x7f0000000480)={0x18, 0x0, 0x401, {0x6}}, &(0x7f0000000580)={0x28, 0x0, 0x0, {{0x7fffffff, 0x9, 0x1}}}, &(0x7f00000005c0)={0x60, 0x0, 0x6e587815, {{0x6, 0x4, 0x5, 0x5, 0x0, 0x4a00, 0x994, 0x8}}}, &(0x7f0000000640)={0x18, 0xffffffffffffffda, 0x4, {0x101}}, &(0x7f0000000680)={0x16, 0x0, 0x5, {'kfree\x00'}}, &(0x7f00000006c0)={0x20, 0x0, 0x3d8, {0x0, 0x15}}, &(0x7f0000000900)={0x78, 0x0, 0xfffffffffffffff8, {0x3, 0x63, 0x0, {0x6, 0xfffffffffffffffe, 0x81, 0x0, 0x230, 0xffffffff, 0x800, 0xfffffffd, 0x400, 0xc000, 0x4, 0x0, r0, 0x1, 0x1}}}, &(0x7f0000000a40)={0x90, 0x0, 0x76f, {0x1, 0x1, 0x8000000000000000, 0x9, 0xcf88, 0x2, {0x1, 0x2, 0xffffffffffffff80, 0x9, 0x2, 0x2, 0x9e9f, 0x5, 0x3, 0x8000, 0x10, r1, r2, 0x2, 0x1}}}, &(0x7f0000000b00)={0x110, 0x0, 0x3, [{0x1, 0xa, 0x1, 0x1, '\x00'}, {0x2, 0xc6ab, 0x8, 0x8, '*g%&!+{*'}, {0x4, 0x1ff, 0x1, 0x9, '\x00'}, {0x3, 0x7ff, 0xb, 0x2, 'metacopy=on'}, {0x4, 0x2, 0x6, 0x81, 'kfree\x00'}, {0x6, 0x8000, 0x0, 0x4}, {0x6, 0x6, 0x8, 0xebfb, 'overlay\x00'}, {0x5, 0xa07a, 0x8, 0x0, 'upperdir'}]}, &(0x7f0000000e80)={0x150, 0x0, 0x5, [{{0x1, 0x3, 0x9, 0x3, 0x1, 0x6, {0x3, 0x5, 0xee, 0x8, 0x8, 0x6, 0x6, 0x5, 0x6, 0x4000, 0xfffffff7, r3, 0x0, 0x8, 0x1}}, {0x1, 0x9, 0x6, 0x10001, 'kfree\x00'}}, {{0x6, 0x1, 0xdcd9, 0x1, 0x6, 0x7ff, {0x1, 0x0, 0x0, 0x7, 0xfff, 0xe9, 0x9, 0x7, 0x6, 0x2000, 0x2, r4, r5, 0x7f, 0x7fff}}, {0x0, 0x100000000, 0x8, 0x0, 'upperdir'}}]}, &(0x7f0000001200)={0xa0, 0xfffffffffffffffe, 0x6, {{0x4, 0x2, 0x58, 0x2, 0x3, 0x8, {0x0, 0xb0c1, 0xd9, 0x6, 0x5413bb7e, 0x3, 0x8, 0x6, 0x44, 0x2000, 0x5, r6, r7, 0x4, 0x9}}}}, &(0x7f00000012c0)={0x20, 0x0, 0x5253, {0x3, 0x0, 0xff, 0x5}}, &(0x7f0000001300)={0x130, 0x0, 0xb0, {0x3, 0x3, 0x0, '\x00', {0x1004, 0x80000000, 0x2, 0x3, r10, r13, 0x6000, '\x00', 0x3, 0xfffffffffffffffb, 0xffffffffffffffff, 0x6, {0x84, 0x43b8}, {0x7, 0x518}, {0x78, 0x35}, {0x6, 0x2}, 0x9, 0x1ff, 0x7, 0xd3c}}}})
mkdir(&(0x7f00000004c0)='./bus\x00', 0x92)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
r14 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r14, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
r15 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r15}, 0x10)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
creat(&(0x7f0000000100)='./bus\x00', 0x0)

6m40.732208707s ago: executing program 3 (id=1735):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
read$FUSE(r0, 0x0, 0x0) (fail_nth: 1)

6m40.276175466s ago: executing program 3 (id=1740):
syz_usb_connect(0x2, 0x3d, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000540)=@filter={'filter\x00', 0x2, 0x4, 0x388, 0xffffffff, 0x0, 0x0, 0xd0, 0xfeffffff, 0xffffffff, 0x2b8, 0x2b8, 0x2b8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @mcast1, [], [], 'macsec0\x00', 'bond_slave_0\x00', {}, {}, 0x0, 0x0, 0x3}, 0x2f2, 0xa8, 0xd0}, @REJECT={0x28}}, {{@ipv6={@mcast1, @loopback, [], [], 'netdevsim0\x00', 'geneve0\x00', {}, {}, 0x0, 0x96}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "ddabf53d9b1435965491f6531877000001e770b667f10900000000000000e3121114449fd20ba2be6e45cae72a972f25170163232ed996b4789b9d00"}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a00)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in6=@mcast1, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0xa0}, {@in=@remote, 0x0, 0x32}, @in=@dev={0xac, 0x14, 0x14, 0x2f}, {0x16c000000000, 0x0, 0x0, 0x1, 0x0, 0x4, 0xfffffffffffffffd}, {0x0, 0x2}, {0x0, 0x0, 0x4}, 0x0, 0x0, 0xa, 0x2, 0x4, 0x6a}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @replay_esn_val={0x1c, 0x17, {0x0, 0x70bd28, 0x70bd28, 0x70bd2b, 0x70bd29, 0x2}}]}, 0x154}}, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r5, &(0x7f0000000200)="18", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
shutdown(r5, 0x1)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r5, 0x84, 0xa, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r6 = fanotify_init(0x60, 0x0)
fanotify_mark(r6, 0x71, 0x800000a, 0xffffffffffffffff, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x804)
syz_usbip_server_init(0x1)
pselect6(0x40, &(0x7f00000005c0)={0x6, 0xb, 0xbc, 0x4, 0x5, 0x2, 0x0, 0x4}, &(0x7f0000000600)={0xf6, 0x80, 0x4, 0xca, 0x7, 0x8000000000000000, 0x9b, 0x8000}, 0x0, 0x0, 0x0)

6m37.129761547s ago: executing program 3 (id=1746):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x403, 0x6030, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x2}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000680)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="600802000000020c2a5af9e501382500d5611dc591274ead1e0e3faa36115de082b7ed6c9be381fe7c62d3365cc275f18a4da8db816d0b10753abbf09e01027099f9c278c141e5d93ed029f3bbcd57c218c0443460627f7ca1cfe9813155bb39b168"], 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffffce)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}, 0x1, 0x0, 0x0, 0x2408c004}, 0x4808)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
socket$packet(0x11, 0x2, 0x300)
dup(0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r4, 0x0, 0x0}, 0x20)

6m21.57023657s ago: executing program 32 (id=1746):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x403, 0x6030, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x2}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000680)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="600802000000020c2a5af9e501382500d5611dc591274ead1e0e3faa36115de082b7ed6c9be381fe7c62d3365cc275f18a4da8db816d0b10753abbf09e01027099f9c278c141e5d93ed029f3bbcd57c218c0443460627f7ca1cfe9813155bb39b168"], 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffffce)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}, 0x1, 0x0, 0x0, 0x2408c004}, 0x4808)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
socket$packet(0x11, 0x2, 0x300)
dup(0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r4, 0x0, 0x0}, 0x20)

17.1495333s ago: executing program 2 (id=2807):
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, 0x0, &(0x7f0000000380)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x9}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
kcmp(r0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @private0}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000100)={0x66, 0xfe, 0x4, 0x0, 0x40, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x9}, 0xe)
shutdown(r4, 0x1)
recvmmsg(r4, &(0x7f0000001040)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000ac0)=""/241, 0xf1}], 0x1}, 0x800000}, {{0x0, 0x0, 0x0}, 0xb6}], 0x2, 0x0, 0x0)
mq_unlink(0x0)
close(0xffffffffffffffff)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r5, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0}})
r6 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r7 = dup(r6)
write$UHID_INPUT(r7, &(0x7f0000001040)={0xc, {"a2e3ad214fc752f91b3e090987f70e06d038e7ff7fc6e5539b3264078b089b0e083871090890e0878f0e1ac6e7049b334c959b679a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31360d3b5d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d780231c9c99a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f068bb87af8b90fd8f08876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b281769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e51074b41bc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x7c4}}, 0x1006)

15.562207167s ago: executing program 2 (id=2813):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_BEACON(r0, &(0x7f0000000480)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000440)={&(0x7f0000000080)={0x3a8, r1, 0x400, 0x70bd25, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_IE_ASSOC_RESP={0xd2, 0x80, [@random_vendor={0xdd, 0xf, "77ae4d3ab1631052e6ba7b875b27ed"}, @chsw_timing={0x68, 0x4, {0x200, 0x200}}, @link_id={0x65, 0x12, {@random="edaf37b99654", @broadcast, @broadcast}}, @ht={0x2d, 0x1a, {0x0, 0x1, 0x4, 0x0, {0x2, 0x980, 0x0, 0x3, 0x0, 0x1, 0x1, 0x3, 0x1}, 0x800, 0x6, 0x1}}, @link_id={0x65, 0x12, {@initial, @broadcast}}, @perr={0x84, 0x69, {0x8, 0x7, [{{0x0, 0x1}, @device_a, 0x200, @value=@device_b, 0x3d}, {{}, @device_a, 0xffffffff, @void, 0x32}, {{}, @device_a, 0x9, @void, 0x8}, {{}, @broadcast, 0x2, @void, 0x32}, {{0x0, 0x1}, @broadcast, 0x2, @value=@device_b, 0x42}, {{}, @broadcast, 0x7, @void, 0x14}, {{}, @device_b, 0x0, @void, 0x35}]}}, @cf={0x4, 0x6, {0x3, 0x4, 0x2, 0x1}}]}, @NL80211_ATTR_IE={0x11c, 0x2a, [@mic={0x8c, 0x10, {0x4a0, "a5091321a688", @short="36af8158ba38bd2d"}}, @erp={0x2a, 0x1, {0x0, 0x1, 0x1}}, @mesh_id={0x72, 0x6}, @tim={0x5, 0xa9, {0x2, 0x42, 0xb, "741f1e0e9538be13e6c92099d2f87d465e36bc6513dd99bafb97a71782906088cc4bc4adf185376c1d4c251ec9e79313980d4c76caca0b246b6b361767e436698deddf12bbeb840ca89973514f348805fb22fffa0e40b30475cd18954f4e79b5d2d19084e650334a0ab54602dff0e6588cd4c587118ca557d7ef6b4ff16da2f0b7c185cb8176c89c2d8cb02fd65671c37b9593dc86c5f3aabd2951a397a757dc9438743cb48c"}}, @measure_req={0x26, 0x4b, {0xd, 0x7, 0x47, "819132e2219c2cc6366ab8a157862cfb7b26130faea97edc21e5b96137c9090e8d7ab12fb07e3a1349a4222ccd438a8a10a53d17ddb58431016aee07ae13789852ef72180c84ac6b"}}, @sec_chan_ofs={0x3e, 0x1, 0x1}]}, @NL80211_ATTR_IE={0xf, 0x2a, [@ssid={0x0, 0x6, @default_ibss_ssid}, @sec_chan_ofs={0x3e, 0x1, 0x3}]}, @NL80211_ATTR_IE_PROBE_RESP={0x1e, 0x7f, [@erp={0x2a, 0x1, {0x1, 0x1, 0x1}}, @sec_chan_ofs={0x3e, 0x1, 0x1}, @link_id={0x65, 0x12, {@random="65516cc6d5d5", @device_a, @device_b}}]}, @NL80211_ATTR_IE={0x125, 0x2a, [@sec_chan_ofs={0x3e, 0x1}, @chsw_timing={0x68, 0x4, {0xf0, 0x4}}, @measure_req={0x26, 0xe, {0x3, 0x8, 0x5, "67c98cc38b0a30211dc360"}}, @random={0xde, 0xc6, "9f233c499deef92409a6e71b037f7f3ebd4e28fd0e56425b64511a6dfef4b5d85c8c3c425fca15a666ed0f87f8075cb10918b07b11bba79e89899444fb2a26d7b9f3f023206822bea5a86b999a45d98132d5d739e7359a0419a49a8983abce13874ca9ec739bec306d708596601b56010a919b2fd99e11fec2de6b80fb2a39a85519bd8fab363aab92007a9036572e5e7d47b03d976b2c79bcf4c49671985e12b77a1e4066ab05926eda623029b7c2c2f0ecf209e0cc51c5b19083845699fb9a8ba2ac9e5afa"}, @ssid={0x0, 0x6, @default_ibss_ssid}, @random={0xe, 0x36, "6f6a559d13e0ac5e20f331967ad2304dbc4570893e506d7437f06f4a4e10eeb0529534d26168a522c5236ba28dc181a690ace4a8e11f"}]}, @NL80211_ATTR_FTM_RESPONDER={0x4c, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_LCI={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x3e, 0x3, "97e722f3b8b6ebee68fd46e95dc3077146040ce49137645ec523e619f28454109cabff83ce834da13f8eeebdd39ff9422c05c8a04c7df7e6f034"}]}]}, 0x3a8}, 0x1, 0x0, 0x0, 0x4000}, 0x4040090) (async)
sendmsg$NL80211_CMD_SET_KEY(r0, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x5c, 0x0, 0x1, 0x70bd28, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x3, 0x76}}}}, [@NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "95fcd71277"}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "465d71ef2dee0459454085316d"}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "fb77840a52"}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4000005)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000600)={{0x1, 0x1, 0x18, <r2=>r0}, './file0\x00'})
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000640)=0xc)
fcntl$addseals(r2, 0x409, 0x1) (async)
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000680), 0xc000, 0x0) (async)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000700), r2)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x1c, r4, 0x20, 0x70bd2c, 0x25dfdbfe, {}, [@ETHTOOL_A_COALESCE_RX_USECS_HIGH={0x8, 0x13, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000815}, 0x4000800) (async)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88) (async)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000840)={0x1, &(0x7f0000000800)=[{0x3, 0x5, 0xf5, 0x1}]})
ioctl$PPPIOCSACTIVE(r2, 0x40107446, &(0x7f00000008c0)={0x1, &(0x7f0000000880)=[{0x9, 0xc7, 0x59, 0xffffffff}]}) (async)
ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r3, 0xc008551c, &(0x7f0000000900)={0x3, 0x10, [0xfffffffd, 0x8, 0x6, 0x401]})
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r2, 0xf50f, 0x0) (async)
unshare(0x200)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000940)={r3}, 0x4) (async)
unshare(0x8040880) (async)
unshare(0x20000000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$gtp(&(0x7f0000000980), r5) (async)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000009c0)={[0x30, 0x7fffffff, 0x0, 0x8, 0x3, 0x1, 0x3, 0x3, 0x4, 0x0, 0x1, 0x5, 0x4bf, 0xfff, 0x100000000, 0x3], 0xeeef0000, 0x24451}) (async)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r7 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000ac0), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADD(r6, &(0x7f0000000b80)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x2c, r7, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @loopback}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40004}, 0x200480c1)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), r5)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000c40)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f0000000d40)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c80)={0x70, r8, 0x300, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x4, 0x1e}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x5}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x74}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x3e}, @NL80211_ATTR_COOKIE={0xc}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x38}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x34}]}, 0x70}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
syz_open_dev$dri(&(0x7f0000000d80), 0x266, 0x10041)

14.87190741s ago: executing program 2 (id=2816):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000002c0)=0x7933, 0x4)
recvmmsg(r0, &(0x7f0000001d40), 0x400000000000215, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYRESHEX=r0, @ANYRES8=r0], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
r2 = socket$kcm(0x11, 0x2, 0x0)
r3 = io_uring_setup(0x4527, &(0x7f0000000400)={0x0, 0x171a, 0x80, 0x0, 0x2e2})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r5, 0xab00, r6)
r7 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
ioctl$NBD_SET_FLAGS(r7, 0xab0a, 0x1000001000104)
ioctl$NBD_SET_SOCK(r5, 0xab00, r4)
ioctl$NBD_CLEAR_SOCK(r7, 0xab04)
io_uring_enter(r3, 0x2000000, 0x2, 0xf, &(0x7f0000000000), 0x18)
r8 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r8, 0x6, 0x0, 0x0, 0x0)
getsockopt$inet_mreqn(r4, 0x0, 0x20, &(0x7f0000000140)={@private, @multicast2}, &(0x7f0000000240)=0xc)
r9 = fsmount(r8, 0x0, 0x0)
r10 = openat$cgroup_ro(r9, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r10, 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r10, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x80000})
sendmsg$sock(r2, &(0x7f0000000100)={&(0x7f0000000040)=@phonet={0x23, 0x0, 0x0, 0x27}, 0x80, 0x0, 0x0, &(0x7f0000000300)}, 0x0)
recvmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x2000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='afs_make_vl_call\x00', r1}, 0x18)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x4000000)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="010000000000000000001a000000070021006161000005009200000000003400228004"], 0x58}}, 0x0)

13.203033042s ago: executing program 0 (id=2823):
prlimit64(0x0, 0x0, &(0x7f00000001c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_LOOKUP_BATCH(0x19, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
set_mempolicy(0x8006, 0x0, 0x5)
syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
ppoll(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$SG_IO(r7, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x51, &(0x7f0000000240)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x39f1f09b64b283bb, 0x1)
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4048aecb, 0x0)
lseek(0xffffffffffffffff, 0x4, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6c000000de930f906c051b0ba565c188b273b8c89df39ba10e9020bbd050b8e20b4a4c18a11807ab943af2e53ae2f922e31c60c2b9523f95dc55b44b44c4a7b8edc1cf569b431ef9c9e3f63f78fdc40d422ebe3d8c810e4ef0b354bba3f6c1275e448453339d41465a8871d82d02bf0d3fe2d63a2d8e0d7e172d7b67e95ee6ef168175e7fb51d51c3bb045cf3d7ea6db4f72eb7be62fac5232aa210cafa73b3f96b0492e31922226593a1c6bc5c954c7e51d8293ee1531a68b5c55f7a7034b6631e563e7758fecdddbfe0000000000007842ec33a5e36ce53e43d515b292bd2c2beb34f1195b66c096b0afe88a88d7646e95111e4f4a42cbf5cb1d700229ba44065a18cdebc572f059696712b7e86ea63c7404ef3d51fa1ee5ed331fe700"/298, @ANYRES16=r9, @ANYBLOB="01000000000000000000030000005800018044000400200001000a00000000000000fe800000000000000000000000000010f8000000200002000a00000000000000ff010000000000000000000000000001000000000d0001007564703a73797a3000000000"], 0x6c}}, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)

13.192004732s ago: executing program 2 (id=2824):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=@mgmt_frame=@beacon={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36)
read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x207645a}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000020bd28940000000000000109022400010000000009040100010300000009210000000122070009058103"], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f00000009c0)={0x2c, &(0x7f0000000980)={0x0, 0x0, 0x7, {0x7, 0x0, "12279dfa7e"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
listxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000d00)=""/4096, 0x1000)
syz_usb_control_io(r2, &(0x7f00000003c0)={0x2c, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00030cffffff031e3cecee73b1d2987a18"], 0x0, 0x0, 0x0}, 0x0)

10.937429934s ago: executing program 5 (id=2829):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), r0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x4}, 0x6)
setsockopt$bt_hci_HCI_FILTER(r1, 0x0, 0x2, &(0x7f0000000040)={0xfffc, [0xfffffffc, 0x2], 0x5ca}, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = syz_usb_connect(0x5, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000062d14406d0470084761000000010902120001000000000904"], 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$printer(r3, 0x0, 0x0)
syz_usb_control_io$uac1(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$printer(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, 0x0, &(0x7f0000000d00)={0x2c, &(0x7f0000000bc0)=ANY=[@ANYBLOB="40d6b9b3b700"], 0x0, 0x0, 0x0, 0x0})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
pivot_root(0x0, 0x0)
ioctl$TCFLSH(r2, 0x400455c8, 0x0)
mount$overlay(0x0, &(0x7f0000000640)='./file1\x00', &(0x7f0000000340), 0x0, &(0x7f0000000880))
chdir(&(0x7f0000000140)='./bus\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f00000001c0), 0x17b981, 0x0)
syz_usb_connect$cdc_ecm(0x6, 0x6c, &(0x7f0000000200)=ANY=[@ANYBLOB="12010022020000082505a1a440000102030109025a00010100900609040001020206000306240600008c0524004c4a0d240f0101000000090000006c1524120b00a317a88b045e4f01a607c0ffcb7e392a0905810300040701da092a2e1e1800000000090507020000000000"], &(0x7f0000000800)={0xa, &(0x7f0000000280)={0xa, 0x6, 0x200, 0x0, 0x8, 0x8, 0x8, 0x5}, 0x193, &(0x7f0000000440)=ANY=[@ANYBLOB="050f9301040b10010c08000808001009e410038450910f0592d86e928148573d42ca3d7f67956a9fcc281bd4f376c81d4f0dc3e9cec4c8d764203cd3165387696560beebd42be7942d97544b0b15392080e88618c75baf73d7cb3808aea7887538053c1a83e086704fe3ab21eeec0c74376810927c07ae3ba2d424ac41b64f83f11f0db9c7f385e81de3e9c6b11c2c3765810490a43ad05c59f9a08f2398759ad397be4e81538938bf334ee5f0f6a03ff9cd05470eb278de22d1510c304d2739a4bc7c83082cb23d197a84c6b2ea62fa2a14bcf028b17c4ef347c303636fd53b1943b8dcc7ed9e152089ba4226da2cb34090c1e303100b9c10035a58ae5cf366683c9cc5fcfd89741e8a83e05e37a051431317afcf2094be4ed4bd09df4b86d1ccf7c8bf014fcaa920a485cf1cfe27990362d823e9c2e8922594b3903de828eb0ef3119a76358ac94024f17ee31a6adbd6a65a9518f6f8e08a240eb6206c63236424fae6bd6f44a8c1fd775ad1072db44dce9530861742add4cc840bd1a81e2b0843fb1f68b560110307cb1f925fb3a3cbc12b"], 0x8, [{0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x444}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x1407}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x44c}}, {0x4, &(0x7f0000000600)=@lang_id={0x4, 0x3, 0xc5c}}, {0x9c, &(0x7f00000008c0)=ANY=[@ANYBLOB="9c03d70e26c936b41048404cecd463f0d537af41fb7c5aad516a92bb835d6326c1c23d64290500000043d7869c0d043e7deaa44ca3c83c43619c19ab78ebf0ff432e4c8411bbb2b31f29f5baeebbe07a507ac5f8c650be91e5d5d24f8df65b13b0d1615776b052e305bfa872d35a3ecf3573453d6baa1e6d433c375aa8ccc78c626da7d90dc69c9d821f7d6b2454e9c36b24605e8256018975000000000000000000000000005d753e16d0ceff66964a6351159fc4dfd279540b34067dbb3592a8bcc4eaad64252ac9cbff39b5a5f795aae326a3e114a4a9cbc7c5f91ceaa114a8b6b5d685d5612fc26023efdf0debeb192d40b48241dee106b53e6d4420ebcf951e0c0e06263b5b7b5606e13007bb4e697ab4c114906ad24797dcdc5d0bc2b3004a48fb1f767ba20371267840eb454b7108b7aade6efba15f615d014f82431944af2e3f517f83d66c4f6a08da259c6b7cc57c162e196685a19a4da4c025e45e9c0a71525b4590d1e5e9a2cf98fa11f16c11"]}, {0x4, &(0x7f0000000680)=@lang_id={0x4, 0x3, 0x42f}}, {0x4, &(0x7f00000006c0)=@lang_id={0x4, 0x3, 0x7421}}, {0xce, &(0x7f0000000700)=@string={0xce, 0x3, "3e2e850be4d5c5595f2d62ddb79eaa7870733dbd74f891dab8d2e67e6554cb2f5c8baddcce17a1c6f92cd754f5fe9e89f305d5ed321977235042ed0cc8a84d5dcb521cb9ff5caafaa1fb86af4d3c3c38ec107a94c902d810b4b4c5cd15b55cfb34fcbec827ad2a593f0935daaf4481d1580209f0c4cfa7606c35c832401c8fb3a261edcfdce47b6bf1ab5b35f36b059a874d2bf7e6c0f6c7e874f533ff7895ded62a0955b49d9b44ad1ce33934fcae3317a14b94a25ade6b08facd0bd28488f13427578f3584f31d9f77f6a8"}}]})

8.917983435s ago: executing program 0 (id=2831):
mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0, 0x0, 0x2}, 0x18)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$setsig(r1, 0xa, 0x21)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x4000, 0x0)
creat(&(0x7f0000002240)='./file1\x00', 0x804000000000040)

8.911790072s ago: executing program 2 (id=2832):
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x141141, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000e5373526a01edb"], 0x1c}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r4}, 0x10)
recvmmsg$unix(r3, &(0x7f0000002380)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f00000002c0)=""/4096, 0x1004}], 0x1}}], 0x8, 0x34000, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b70300000000000085000000730000"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r5}, 0x18)
mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
munlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000)

8.901602939s ago: executing program 1 (id=2833):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = socket(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f00000007c0)={0x0, {0x2, 0x0, @empty}, {0x2, 0x4e24, @empty}, {0x2, 0x0, @empty}})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r3, 0xc01064bd, &(0x7f0000000780)={0x0, 0x1b})
read$msr(r2, &(0x7f0000019bc0)=""/102400, 0x19000)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
getsockopt$inet6_opts(r1, 0x29, 0x39, &(0x7f0000000440)=""/227, &(0x7f0000000080)=0xe3)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
syz_open_dev$usbmon(&(0x7f0000000040), 0x1, 0xec83)
write$FUSE_INIT(r4, &(0x7f0000004300)={0x50, 0x0, r5, {0x7, 0x26, 0x0, 0x2, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x80}}, 0x50)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000001a00)={{0x2, 0x4e21, @remote}, {0x306, @broadcast}, 0x0, {0x2, 0x4e22, @loopback}, 'nicvf0\x00'})

7.04018774s ago: executing program 5 (id=2835):
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x141141, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000e5373526a01edb"], 0x1c}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r4}, 0x10)
recvmmsg$unix(r3, &(0x7f0000002380)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f00000002c0)=""/4096, 0x1004}], 0x1}}], 0x8, 0x34000, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffff"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r5}, 0x18)
mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
munlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000)

6.716914016s ago: executing program 0 (id=2837):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f00000000c0)={'fscrypt:', @desc2}, &(0x7f0000000100)={0x0, "92a08b59b371a74cadc29486b6d34e362028dab33f548435586bfa126fc774858b625b6445ff770b79fb50049ace6b402850ca3c314b3f69ea943e0cd0e453a1", 0x1e}, 0x48, 0xfffffffffffffffe)
add_key(&(0x7f0000000180)='.dead\x00', &(0x7f0000000280)={'syz', 0x3}, &(0x7f00000002c0)="1d", 0x1, r0)
socketpair(0x1, 0x5, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="042f"], 0x7)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x84, @remote, 0x0, 0x0, 'wrr\x00', 0x12, 0x0, 0x4}, 0x2c)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000004c0)=@nat={'nat\x00', 0x670, 0x5, 0x3f8, 0x450, 0x2c0, 0xffffffff, 0x3a8, 0x2c0, 0x450, 0x450, 0xffffffff, 0x450, 0x450, 0x5, 0x0, {[{{@uncond, 0x0, 0x130, 0x168, 0x48, {}, [@common=@unspec=@string={{0xc0}, {0x5, 0xc, 'kmp\x00', "0d01d3e4c6b2bfd892aa7400051624fa86999b13d39b99407a9b7abe75a728baa18da576811985de44110b8602025e1298ea55f1c5087ab16f67b18ca90ac68f0b3d6a068f727f7d23fa5fad26a59a5da2651212bdf9d29248ae63e2349b2470915eea2c39ade5129ff26b6fe772493180cfda2cdd49412e9469d85abdb467ba", 0x79, 0x2, {0x1}}}]}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x801, {0x0, @broadcast, @multicast2, @port=0x1, @port=0x4e24}}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@ip={@multicast2, @broadcast, 0x0, 0x0, 'virt_wifi0\x00', 'veth1_vlan\x00'}, 0x0, 0x70, 0xb8}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0xe, @ipv6=@ipv4={'\x00', '\xff\xff', @empty}, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @icmp_id=0x65, @port=0x4e21}}}, {{@ip={@private=0xa010100, @rand_addr, 0x0, 0x0, 'nicvf0\x00', 'nr0\x00'}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @dev={0xac, 0x14, 0x14, 0x2a}, @icmp_id, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x458)
personality(0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
creat(&(0x7f0000000300)='./bus\x00', 0x0)
open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) (fail_nth: 3)

6.716242658s ago: executing program 1 (id=2838):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000800000000000000100000094"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$PPPIOCGL2TPSTATS(r2, 0x80487436, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_disconnect(r3)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0x8, 0x0, 0x0)
ioctl$EVIOCGMASK(r4, 0x5b03, 0x0)
read$char_usb(r4, &(0x7f0000000040)=""/33, 0x21)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdf30, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4], 0x1, 0x400})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000080)={&(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x1, 0x400})

4.891241502s ago: executing program 5 (id=2840):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000020000009511000000000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
syz_clone(0x800c000, &(0x7f0000001480)="627807434619734911420e123cb6f44fb54d82f86f3720b1d5ecd9651a9fcb2a1c358b9cd99a9da0b00953486764e0c7d13faa0d43ad3164e14aa9d4eafc2ae39ce2be18d63433b7dfc78608", 0x4c, 0x0, 0x0, 0x0)
r1 = getpid()
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="19b200000400000016000000639e87aaffffff7f88bb2f7c73b834cc8a2bec601d8601c8c2462049460a7cc7c276dd3dbc723cc83ed7123aa7c95b4bb03ae7d274010d6742a5777ecf909c2a12046313dca95c77599e518d70d3fd0e7e46e0f11b30c152575625e4ad4f172057e44786a0a859ba4bba1b679faaf121ba3781aa3204323e04b2878fa61692b0c565b3352ee9e7a99bd2b8f9aa444ddd6c1deeb1f91e8dc138b576adeac6d455e04e181e2d7b", @ANYRES32, @ANYBLOB='\x00'/15, @ANYBLOB='\x00'/28], 0x50)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, &(0x7f0000000380)})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, 0x0, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="020300090a00000000000000000000000300060000000e0002000000e0000009000000000000000002000100000000000000000200000000030005000000000002000000e00000010000000000000000017f8c98dc0ddf9e9bfa93bb4fd8a47ec23ff0b06108246e1805611c3d4aa3f6f9dd6ba5768ef53b8e9d016606a686"], 0x50}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[], 0x94}}, 0x0)
openat$uinput(0xffffff9c, &(0x7f0000000700), 0x0, 0x0)
openat$snapshot(0xffffff9c, &(0x7f0000000240), 0x800, 0x0)

4.502223782s ago: executing program 0 (id=2841):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x41, 0x3, 0x380, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e8, 0x1f0, 0x1f0, 0x2e8, 0x1f0, 0x3, 0x0, {[{{@uncond, 0x0, 0x1f8, 0x218, 0x0, {0x0, 0xffffffffa0028000}, [@common=@unspec=@quota={{0x38}}, @common=@inet=@hashlimit2={{0x150}, {'nicvf0\x00', {0xffffffff, 0x0, 0x20, 0x0, 0x0, 0x3, 0x7bfd, 0x18}}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x3e0)

4.28615763s ago: executing program 4 (id=2842):
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x10, 0x0, 0x20040001, 0x1, 0x8000, 0x2000, 0x545, 0x0, 0xfffffffd}})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xa, 0x4, 0x8, 0xa, 0x0, 0xffffffffffffffff, 0x1000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000019b9a2075972cf356e634f4546d904e0d0d34beab10b05429a9ca3676a90f4f4bdd5b642033a89e9256c8c8f2ce5f8bc7044fa093c57572a181e250bccfc23e926f30a458d9ed6b8"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f000000bd80), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x28, r3, 0x1, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10152, 0x2, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r7, 0x3ba0, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r7, 0x3ba0, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x18, 0x0, 0x0)
socket(0x0, 0x1, 0x0)
r8 = syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r8, 0xc0205647, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000200)={0xf0f041, 0x0, '\x00', @value64}})
r9 = openat$dsp(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4)
mmap$dsp(&(0x7f000032d000/0x4000)=nil, 0x4000, 0x5, 0x11, r9, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

2.932493709s ago: executing program 1 (id=2843):
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000980)=@ethtool_dump={0x3f, 0xfffe000, 0xd56c}})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f00000002c0)=@assoc_value={0x0, 0x4}, 0x8)
write$UHID_CREATE2(r4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1d"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000/0x2000)=nil, 0x2000})
io_uring_enter(r0, 0x2d3e, 0x0, 0x7f00000000000000, 0x0, 0x0)

2.82938135s ago: executing program 0 (id=2844):
r0 = syz_create_resource$binfmt(&(0x7f00000004c0)='./file0\x00')
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x41, 0x3, 0x380, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e8, 0x1f0, 0x1f0, 0x2e8, 0x1f0, 0x3, 0x0, {[{{@uncond, 0x0, 0x1f8, 0x218, 0x0, {0x0, 0xffffffffa0028000}, [@common=@unspec=@quota={{0x38}}, @common=@inet=@hashlimit2={{0x150}, {'nicvf0\x00', {0xffffffff, 0x0, 0x20, 0x0, 0x0, 0x3, 0x7bfd, 0x18}}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x3e0)
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r7 = dup(r6)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_int(r8, &(0x7f00000004c0)='blkio.throttle.write_bps_device\x00', 0x2, 0x0)
r10 = openat$cgroup_procs(r8, &(0x7f0000000780)='cgroup.procs\x00', 0x2, 0x0)
sendfile(r10, r9, 0x0, 0x7)
r11 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_MSG_GETRULE(r12, 0x0, 0xc0c4)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r13 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
close(r13)
socket$nl_netfilter(0x10, 0x3, 0xc)

2.827766791s ago: executing program 4 (id=2845):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = socket(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCADDRT(r1, 0x890b, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r3, 0xc01064bd, &(0x7f0000000780)={0x0, 0x1b})
read$msr(r2, &(0x7f0000019bc0)=""/102400, 0x19000)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
getsockopt$inet6_opts(r1, 0x29, 0x39, &(0x7f0000000440)=""/227, &(0x7f0000000080)=0xe3)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
syz_open_dev$usbmon(&(0x7f0000000040), 0x1, 0xec83)
write$FUSE_INIT(r4, &(0x7f0000004300)={0x50, 0x0, r5, {0x7, 0x26, 0x0, 0x2, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x80}}, 0x50)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000001a00)={{0x2, 0x4e21, @remote}, {0x306, @broadcast}, 0x0, {0x2, 0x4e22, @loopback}, 'nicvf0\x00'})

2.825968866s ago: executing program 5 (id=2846):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), r0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x4}, 0x6)
setsockopt$bt_hci_HCI_FILTER(r1, 0x0, 0x2, &(0x7f0000000040)={0xfffc, [0xfffffffc, 0x2], 0x5ca}, 0x10)

2.732487882s ago: executing program 5 (id=2847):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000300)=0x32)
readv(r0, &(0x7f0000000c40)=[{&(0x7f00000003c0)=""/7, 0x7}], 0x1)

2.637307459s ago: executing program 1 (id=2848):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = socket(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f00000007c0)={0x0, {0x2, 0x0, @empty}, {0x2, 0x4e24, @empty}, {0x2, 0x0, @empty}})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r3, 0xc01064bd, &(0x7f0000000780)={0x0, 0x1b})
read$msr(r2, &(0x7f0000019bc0)=""/102400, 0x19000)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
getsockopt$inet6_opts(r1, 0x29, 0x39, &(0x7f0000000440)=""/227, &(0x7f0000000080)=0xe3)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
syz_open_dev$usbmon(&(0x7f0000000040), 0x1, 0xec83)
write$FUSE_INIT(r4, &(0x7f0000004300)={0x50, 0x0, r5, {0x7, 0x26, 0x0, 0x2, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x80}}, 0x50)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000001a00)={{0x2, 0x4e21, @remote}, {0x306, @broadcast}, 0x0, {0x2, 0x4e22, @loopback}, 'nicvf0\x00'})

2.636621909s ago: executing program 5 (id=2849):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000380)={{0x12, 0x1, 0x250, 0x4, 0xda, 0xb0, 0x10, 0xccd, 0x39, 0x4499, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x4, 0xf8, 0x90, 0x1, [{{0x9, 0x4, 0x6f, 0x8, 0x1, 0x37, 0x6d, 0xbe, 0x9, [], [{{0x9, 0x5, 0x1, 0x2, 0x8, 0xc0, 0x94, 0xa3}}]}}]}}]}}, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0})
ioctl$KVM_GET_CLOCK(r2, 0x8030ae7c, &(0x7f0000000140))
r3 = socket$kcm(0x2, 0x3, 0x2)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0x4008ae48, &(0x7f0000001280)=0xdddd0000)
syz_emit_ethernet(0x26, &(0x7f00000000c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local, @val={@val={0x88a8, 0x5, 0x0, 0x3}, {0x8100, 0x4, 0x1, 0x1}}, {@can={0xc, {{0x3, 0x1, 0x0, 0x1}, 0x4, 0x2, 0x0, 0x0, "88d4108a64d79bd5"}}}}, &(0x7f0000000100)={0x1, 0x1, [0x55b, 0xafc, 0x5ca, 0xdde]})
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190011000000000002000000e000000200000000000000000000000000000000000000030000000a00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00"/112], 0xb8}}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
msync(&(0x7f0000ffb000/0x1000)=nil, 0xffffffffdf004fff, 0x4)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$BTRFS_IOC_SNAP_CREATE(r5, 0x50009401, &(0x7f0000000280)={{r5}, "a10dfeeb1d6c9b51308226a922118aedccd44542cba8d326facff95dabbfa2b43294953587afb45554f8b9d6d729a412a22e8436d8134ec31b00ad0e4508a8d14fbe19147bc086ad74939dab9a6ae9a9bece4a2d8a26ade08c63f259724fb5b03713037df02bbd98aea454da71e51ce1e9252104e010f34fec7391283fc04ab9165d060eabbf596aa512d7f45a74a842d73fbf14977d3f3a2d41196325902ad090eaf6a00882a87236a7cd4954af0c7bd4abccbbc91f7f50413fa27895fc17f6086c1904ec3c86cd4e74c79e8d73c48c966a459708d602b05958535a05e87608c34498f0378fa82d10321ccf9f4bac93b2e2fb2918e6e8658debebc369d1b87e1cf3b24680f92249ab9f510b74b48fa4e3429f27420afdf411a7337dd766f55aea5aaf4cd63684cf1b318fd1cd7793cde123c388688586cc5a1607c2459e1084ff72a9069f603d885bba99ae351ee41a1154a9dd16e231243131ac373e84fa94275a0cc50bf79aaf5984898dd978a3446c3d9a57b9a4ffc479e8294948aa47536c2ff509301432b0f2b718cbff63b95335fb358ce6e0615ba1aeb31cc4591aa9c5bd5a3dddc52b390901077643ca9f5d882f7234279c6d7a6ac3ddd4104cad3dc447349c3122077e01a74267049327a9d7a8b48196c365f8048ed4f711632e734231e149f86e1d0162732af376f42f140591100bfb749432441f7037c3f746422238fff3be4a1012fb69c047ebbf75227f890cb9dc7e9b69bcee6883f5ee2a5c7daea927927a935752a90339f50db5087ffdf58850de6a242a787f6dc6eefee54033f6a22a58e85249dbb87b5024f6942a0f1592b549171c355e4ffabec97385271040c649b23361a757dbce48c871c6686c9cd86ddf1e957f52e2344d7c2dd6d9027321076df953bc33be0172edbce981f166ce1d7ed84eb19fc65dd3a73509114e10b14c6d8ed5ef3f5a4d87ad02d8780febe5648aa5b79cfb5b79c5f87ad7718bac6260e5341c1fbe9d4eb92c2e9762e64c14ac2472f4f193cf81284f4c3d06deb75f41ef2d0b0adb822f6cbaa606b2014678c737a84a427cd74f84a0c5c0fffc32198ea4e7cbd91268c4e6cf731beeeef3c9123d9a51519ee2554302b57e8e988df9f6624ceade848df5f6b97ac1c7c246b2fe942bedb0a60308216c16794c18ee2c17f90c7a5746481fb97381b1c73b5d0f8813be763e349f224d09a21388dd56958cd793c3bc866ac4ae4e6e56c7c73782d147a74509dad5b3353d235c2118b8730ff2af39c60f23afabe0490ef99d8adba78d395369c3f504a08371bb5c2bf7052e5a0633094b4efb7cb8c1465ebb2c27937d91bf079b7698d281412a3285d5f7dcfe39ff3c258934f2693de7140be366075fa9ae054907e6f801809ac658ef7c29dfd564ac095fcfe5e2a282393c6a9d40a24acfbabdf7478886646bc30d3f233df271b14c4af21a1923fe4def723159b5fb1e528eb7e67811940d3762228a25ec1abc9cf89405e6e96bac8c27421a23bc5c5a5078b27c9e58242cbdf2a80c3f201b968d60da997afd51811c0a5d23e9a1ac2b519ac77d0b17ffb6a4e9c72f1b599925b9dffe7b8be1c32b229c94973314274150b124095fb2d9abeb0571efc9fd649ff9ee0c14cac0eb45a35917a009527917dab2467cea9eaac68a42f03fb53490df832f223f462896189ccb71beac4f45773c9259450dc5f03de9579e8276dac7df3817e26abe614348aa96ce5d43d7fa93b9511e5ad6b01f3f17e9882dead400b366e1c44a7ad3b4ea028b2c270cfb012e8704726732761aebb4d04aedb70ace77390e140b7ef48a5edc7baff3a4ade3aa0dada7c4b81294fb6fd89cd5913fe9183e112c069fa53f2b701dae37374a5e0eae30c8152e3536a8b26bdea15b13ea67652cfbe1e859ff2adfbf3921d477c966d909372a1e1ac21181183d76b18d89780463028c64db8a1aa492dd904259f4ea7758c154bf8d9641babb2a8e8e9660111fd43f19ff182d9a72ae4c23ed5d28514f9ff2153637d66492bb4743b8025ff46e21fa65355e205b8ec6a0ffc8c8f3061eb8ce448c50cba9a07a21074a84e20933c2fc1df45b344605b18e2153bd820ce913ec959ffc84a069c24e426c3586345ac874ce06b7fa2e39b47363d4780e541c29d7c8eafe4470472d83315567023438d2536ee4eb3861496ffc7281349b8e7ed584acdd0036b4906151a7d0a3e7e2e63337dcb722507b0f7abc03dcf0e9981d871912ffa126daf1c80d2b601720c3bab88f97fb10d8b8e2eed67be1fe5db9222224426a6ebd6beeecfe5d5ec6e87bb323fc514341180f01f349972cadacdb06bc4a7b9df9e8c27dc71d037d5c1691e30b5ea73d2a3a2369fcd54d4bebf1b189d250dd712444ea8d1bbb8b4409f4b6b12a396c1387b8f26fefde30e5652db08e359f057c3514c44555f5bc5961edade51c3459264f7ced453511541b71c632bb58cc5ccfce061f4c76a1581fb75c7cfbf628b7568a4127f980635894e64c60e6a0455f6cb07e847129f32998655891843f691df18116e13bb8ec30819bdf3ec691186034d42821b8e8f1734c4814d4a5613f430d2148e04b5fbf947eca37a134058d0e8dd762676597a8a7d7dda34f79e2d293e5b48b28651df01a266245a7c82d20c20e16fc8c882cdc8d85b07597c7362da336f4cc99e79edfa30a4271f5285ae8b564d83d88e89ec8dad616c5eaec32c2ea21dc2458e02cfe544ddc6bc4c1ab218cdd73d3ed8e479e3160355356de84b43837714f24a9c63c8f020d6fcdc0e8545787d6993a0bac668fbe6fdd321491c104e10750b95622e637164d4b6505a770f4e7bc9136a86fc3a0ea7c83e507fa71cc74fc6978ce989a8eb64709ac1ced0b5eef2cefd4e241c41b5af3dbba81e0067bbd8c0c0c4a1129bbf18b6b764a5384f66ebc2ab75b5cbf36b463a41300c3ae0dbb681b2dd3460a4430cf54fee892f7de3f92c1b2a39aa12cc904ff916aa9d393c588069b1bd9fb7d20e531c07950aabc922a24d356e94f458228977e791b9c04ad467746fb859f5dc2213ef46c4ce30ba36ca95dfb3845af46f22558296037a0d7b4544c02a5a1a4cbbfaee3710545c18b47b61521ee575e6c6e9f267c51421c9db52bb6dc65c27f2fbeef757802c71ea6f4dc3e10a8249b56ea8822f0bc3a9799a0e69b2d5443933d6b4be4ee5f0d5ffdc9cacd80742563942cdf2e71634fae1f22e0fa337ebd0e8bdb2d0db757d8e3f1b9e7f6948923df98aafdbad6555a1fe6a81f5ec4c171aa8187a469f020e683b0d250516140ce821cdf3851937eadaa45eaaa70ec6db0dba87a965f6bcd1f7edbc28867a4749f29fc8d4b4ff410494d6981babb3306f236131665e532b0084044430d77c50f0294e27877b600e26e9b3ea90b5f8b4219d0e162675e0f927cd0d9d6682f2eecf8eba6d7f6e356ab8ff12cec4df5bcbbccc37a7e94595db66ec577391cb9e4ab4d79816f0e27c543992a75176f1c3211087ec1b21568539c1451339941b4e3b8f2482fa556b7aba6a5fd13738ec3ddf04b2edec7e0b17dd9729e70d628cf3af52f19a902553716b1492e3b2121aaf97ec97340fff0a1d992ef2c21f20f6f41d1af1e44de310b926c900f5440dd91bdd01925ec0777bda32aade1f57fe22a0a2b5130195ebab9fbb224c78a008ba7734878e4d068443ef803729567d72052e0af0d9b572b609d59dd99947b443b56003f0355710539673dff6e387a59569dfcf7224c2aeed1e6c5392bc6cc50505889eecbf3204defc10984d8dc58686066bb4a78cd3385756821bd9f3839f5043b76393029bbfbd5de754d8acf83ee9ef08f5ee796c87910fe02314a344d7dd53893e0286d5eb330877870002c5499eac60581568ba758308f84f0a1c297aadf3d3a8216b56a6d9ac2038fb1486abdd08afb22a09221031f0911b5794a53c4232b74db9afbd958e6c73d5b72d475f236429951dd35e1e0256df21caf8de24da9ebd40450dfdd3353aa0e598a3703307fee39e16c6f10752a687addc24781db1b0f7f4dbe8e9b6442a9180811219055ce0c1b99ac0c10af96b6a147b292b747d253d19ebd9976853818f532c08a4e623bcfe0231e9bff6fbf10bd971f54e099b71a5e6ea2a3d4cf57c107abbcdc981da1b2985771e8d3599f8240b72f1ec702d94cd46c252148cae5e135413c7afac15da9b015632cb7064bc9efbf9af4513da9d1f68195faad2d5e43ae0a718f775af59a4795750be5d669306ae70c3ed55ff975081e5237ed0eb63f2200c07a98ffda0e29336ebd8c6151f06e9380de34b7b28d45c8e61b11b65c7dc0807af0836f7e08d6c1551c6be880ac0bd786e8ebe50f6954a2d09ee7f7487909076de22624018ca4c64d808533eaff50b3579dab92f45cdf85104a36f026a841ec7c321eaaaa5505af676891f19c595a61364d43b200c88ae40cec0b005170489174d385c7b6132580bc0177a891ca84864115cb2cf3f9a0f9490ba3762d633b6a7915d4c3c4c145af9ebc018f8853732c7347dc24c515fa103b425018979786b34c96f5e855b9fce1077d4ca8673fbeced6b7bf35185de8b46bd432f16d88c95ef8154da7daa5c919cebfe87e14247cdad03edfc8b27e8913899559d49773b542c364a736c6b4c081ec85bd6377d8fdc138f9709d3b51485a5c29b8613fc73df96303ccd3a841eb2c5fae9521b45fae0bb4c86e59a811e9ff2eb4cf9b70f81c0b03da82d5ab15ebab2d78f71787cd69aac9058d06613b0eba7cb7ee1ff6ee8e02fcc15a7b1cf07f7f18324d56f9385dbb37d0f741d51f31a0aa41c177b8dab5cd36ac3f79f59919681aeecc316d448df81e57212eb28a1875609935cb529f230ebd45454a1b2dda0c695980cedea741fdb1fbf0efd2430f043e3a214438a15b844e039dab30e1aea71c4bf2e7ce38df384504ddc73c2657ba7b7e0285c05d717f582519fa05f88007506a43f2012a20e8b2d9ae04c239136bbca38f403f1cd039b6695b817a4bd5fbfb5ceef857d82be4618b6780829a21e6a2354fa344ac19393c33bbcd46ec67ab87142f032a2f86d8edb54175a49fc381270cdcf364636a1f9a2c2263f4efa65e0a148a39ccdadf294ad93a7b4bb4343de21a87ad57a9cd2a25620568158b6f7c770818400f64820ee131790d0861b8659a29e8aad3b9b8d8acbb3f754aace186bc16294124c3b23bb621924fe3493bea0701e615aa774bfbdb457b22ba565165f6e5cd20cba3537aac68d73aa6fab2eb569f49a6762094bd30d0a59b45d8f3776dcf2bbd9d920292d191b59d73bbc6bb93284c435817c9530ccacb94db61a714bcf326944f45e3b29423510df4a5f2c912f3e170553c9599fd879c73c608e9b127be321793b3484381938d2196745c113d4b74858fdd8b777b5773bc3a7f7c2964efddb7e2037aeff0fb69d32b2fa0d27fb9059d8cf38d7fed3b5c1b1b6db89241108af118e13d3b5e7af4d5e17e0230f363e922ad821da38ef20f00300c3620c3a07dfe85546a062396ff41b95de5cca5306958074d5de611ae04224ef48e17142f4a9d0981c46da01a14e88633ab103a8cb1993a40cfb61638f73e64cef46862fe196de213221501694cdd5ec811cd1de505c30f59a64f3c07e4f42a267acb1da4f542dfd3dbcb8d27117abb76789db82e47e3985260383e110aab368d24e0aa6059ba87e60fe8aa2df87d1ef4d708aef1bf79337353a1f8da6e6d3bceb25b2292c2c018963a4795ee776fb6d60c27ec48026ab8ef38"})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000040), 0x55af)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f00000012c0)=0xe)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=@newlink={0x3c, 0x10, 0x403, 0x70b528, 0x25dfdbfe, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_DPORT={0x6, 0x12, 0x4e20}]}}}]}, 0x3c}, 0x1, 0xba01, 0x0, 0x4004}, 0x810)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r6, 0x0)
ioctl$VT_RESIZEX(r5, 0x560a, &(0x7f0000000240)={0x0, 0x0, 0x8, 0x4, 0x3, 0x3f00})
timer_create(0x3, 0x0, &(0x7f0000000280)=<r8=>0x0)
timer_settime(r8, 0x1, &(0x7f0000000000)={{}, {0x0, 0x989680}}, 0x0)
timer_settime(r8, 0x1, &(0x7f0000001300)={{0x0, 0x3938700}, {0x77359400}}, &(0x7f0000001340))
write$tun(r0, &(0x7f0000003040)={@val={0x8, 0x800}, @val={0x0, 0x3, 0x0, 0x1}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x89, 0x0, @rand_addr=0x3fc, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}, 0x36)

1.582659612s ago: executing program 0 (id=2850):
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x141141, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000e5373526a01edb"], 0x1c}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r4}, 0x10)
recvmmsg$unix(r3, &(0x7f0000002380)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f00000002c0)=""/4096, 0x1004}], 0x1}}], 0x8, 0x34000, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffff"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r5}, 0x18)
mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
munlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000)

1.437191197s ago: executing program 1 (id=2851):
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r0, 0x40186f40, 0x20000502)

1.334836709s ago: executing program 4 (id=2852):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a3200000000140000001100"], 0x7c}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000019b9a2075972cf356e634f4546d904e0d0d34beab10b05429a9ca3676a90f4f4bdd5b642033a89e9256c8c8f2ce5f8bc"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f000000bd80), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x28, r2, 0x1, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f00000006c0)=ANY=[@ANYBLOB="8510000004000000950000000000000018000000000000000000000000000000950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r5, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001680)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'sit0\x00'})
writev(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0xc004743e, 0x3cdd09819dfc34cd)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, 0xffffffffffffffff)

1.197444747s ago: executing program 2 (id=2853):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000800000000000000100000094"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$PPPIOCGL2TPSTATS(r2, 0x80487436, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_disconnect(r3)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0x8, 0x0, 0x0)
ioctl$EVIOCGMASK(r4, 0x5b03, 0x0)
read$char_usb(r4, &(0x7f0000000040)=""/33, 0x21)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdf30, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4], 0x1, 0x400})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000080)={&(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x1, 0x400})

632.885525ms ago: executing program 4 (id=2854):
syz_emit_ethernet(0x82, &(0x7f0000000140)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010101, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @rand_addr, {[@lsrr={0x83, 0x3, 0x2}, @rr={0x7, 0x3}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@private=0xa010184}, {@private}, {@local}, {@remote}, {@private}, {@dev}, {@private}]}]}}}}}}}, 0x0) (fail_nth: 3)

388.510833ms ago: executing program 4 (id=2855):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x41, 0x3, 0x380, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e8, 0x1f0, 0x1f0, 0x2e8, 0x1f0, 0x3, 0x0, {[{{@uncond, 0x0, 0x1f8, 0x218, 0x0, {0x0, 0xffffffffa0028000}, [@common=@unspec=@quota={{0x38}}, @common=@inet=@hashlimit2={{0x150}, {'nicvf0\x00', {0xffffffff, 0x0, 0x20, 0x0, 0x0, 0x3, 0x7bfd, 0x18}}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x3e0)

47.114762ms ago: executing program 1 (id=2856):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000020000009511000000000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
syz_clone(0x800c000, &(0x7f0000001480)="627807434619734911420e123cb6f44fb54d82f86f3720b1d5ecd9651a9fcb2a1c358b9cd99a9da0b00953486764e0c7d13faa0d43ad3164e14aa9d4eafc2ae39ce2be18d63433b7dfc78608", 0x4c, 0x0, 0x0, 0x0)
r1 = getpid()
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="19b200000400000016000000639e87aaffffff7f88bb2f7c73b834cc8a2bec601d8601c8c2462049460a7cc7c276dd3dbc723cc83ed7123aa7c95b4bb03ae7d274010d6742a5777ecf909c2a12046313dca95c77599e518d70d3fd0e7e46e0f11b30c152575625e4ad4f172057e44786a0a859ba4bba1b679faaf121ba3781aa3204323e04b2878fa61692b0c565b3352ee9e7a99bd2b8f9aa444ddd6c1deeb1f91e8dc138b576adeac6d455e04e181e2d7b", @ANYRES32, @ANYBLOB='\x00'/15, @ANYBLOB='\x00'/28], 0x50)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, &(0x7f0000000380)})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, 0x0, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="020300090a00000000000000000000000300060000000e0002000000e0000009000000000000000002000100000000000000000200000000030005000000000002000000e00000010000000000000000017f8c98dc0ddf9e9bfa93bb4fd8a47ec23ff0b06108246e1805611c3d4aa3f6f9dd6ba5768ef53b8e9d016606a686"], 0x50}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[], 0x94}}, 0x0)
openat$uinput(0xffffff9c, &(0x7f0000000700), 0x0, 0x0)
openat$snapshot(0xffffff9c, &(0x7f0000000240), 0x800, 0x0)

0s ago: executing program 4 (id=2857):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x4}, 0x6)
setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000040)={0xfffc, [0xfffffffc, 0x2], 0x5ca}, 0x10)

kernel console output (not intermixed with test programs):

PacketSize 0
[  614.987286][ T5930] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  615.021433][ T5930] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  615.031077][ T5893] usb 5-1: device descriptor read/64, error -71
[  615.041342][ T5930] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  615.050551][ T5930] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  615.060196][ T5930] usb 6-1: Manufacturer: syz
[  615.086087][ T5930] usb 6-1: config 0 descriptor??
[  615.161483][ T5893] usb usb5-port1: attempt power cycle
[  615.420794][ T5930] rc_core: IR keymap rc-hauppauge not found
[  615.484611][ T5930] Registered IR keymap rc-empty
[  615.489563][ T5930] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  615.511069][ T5893] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  615.521750][ T5930] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  615.551368][ T5930] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  615.586320][ T5893] usb 5-1: device descriptor read/8, error -71
[  615.612377][ T5930] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input12
[  615.665076][ T5930] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  615.690866][ T5930] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  616.327854][ T5930] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  616.368638][T14217] rdma_rxe: rxe_newlink: failed to add team_slave_1
[  616.401549][ T5930] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  616.423764][ T5930] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  616.440934][ T5893] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  616.450902][ T5930] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  616.470836][ T5930] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  616.502713][ T5893] usb 5-1: device descriptor read/8, error -71
[  616.563956][ T5930] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  616.601289][ T5930] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  616.625552][ T5893] usb usb5-port1: unable to enumerate USB device
[  616.636659][ T5930] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  616.672134][ T5930] mceusb 6-1:0.0: Registered Е with mce emulator interface version 1
[  616.699983][ T5930] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  616.711659][   T25] usb 1-1: new full-speed USB device number 18 using dummy_hcd
[  616.893211][   T25] usb 1-1: unable to get BOS descriptor or descriptor too short
[  616.901824][   T25] usb 1-1: not running at top speed; connect to a high speed hub
[  616.925188][   T25] usb 1-1: config 4 has an invalid interface number: 111 but max is 0
[  616.969505][   T25] usb 1-1: config 4 has no interface number 0
[  617.000921][   T25] usb 1-1: config 4 interface 111 has no altsetting 0
[  617.033216][   T25] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=44.99
[  617.074093][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  617.104487][   T25] usb 1-1: Product: syz
[  617.108744][   T25] usb 1-1: Manufacturer: syz
[  617.131056][   T25] usb 1-1: SerialNumber: syz
[  617.364281][T14217] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  617.373249][T14217] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  617.877843][   T29] kauditd_printk_skb: 24 callbacks suppressed
[  617.877859][   T29] audit: type=1400 audit(1734784429.228:52940): avc:  denied  { read write } for  pid=14236 comm="syz.2.2538" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  617.942087][   T29] audit: type=1400 audit(1734784429.228:52941): avc:  denied  { open } for  pid=14236 comm="syz.2.2538" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  617.966604][   T29] audit: type=1400 audit(1734784429.228:52942): avc:  denied  { map } for  pid=14236 comm="syz.2.2538" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  617.993382][   T29] audit: type=1400 audit(1734784429.228:52943): avc:  denied  { execute } for  pid=14236 comm="syz.2.2538" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  618.760337][ T5893] usb 6-1: USB disconnect, device number 14
[  618.781202][   T25] pvrusb2: Hardware description: Terratec Grabster AV400
[  618.790003][   T25] pvrusb2: **********
[  618.794342][   T25] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  618.809880][   T25] pvrusb2: Important functionality might not be entirely working.
[  618.817765][   T25] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  618.829458][   T25] pvrusb2: **********
[  618.834137][   T25] usb 1-1: selecting invalid altsetting 0
[  618.871746][   T25] usb 1-1: USB disconnect, device number 18
[  618.878994][   T25] pvrusb2: Device being rendered inoperable
[  618.966452][T14245] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2540'.
[  619.164839][   T29] audit: type=1400 audit(1734784430.338:52944): avc:  denied  { create } for  pid=14242 comm="syz.2.2540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  620.081041][   T29] audit: type=1400 audit(1734784431.028:52945): avc:  denied  { ioctl } for  pid=14242 comm="syz.2.2540" path="socket:[41925]" dev="sockfs" ino=41925 ioctlcmd=0x42c8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  620.346464][   T29] audit: type=1400 audit(1734784431.048:52946): avc:  denied  { create } for  pid=14242 comm="syz.2.2540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  620.369164][   T29] audit: type=1400 audit(1734784431.048:52947): avc:  denied  { write } for  pid=14242 comm="syz.2.2540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  620.418991][   T29] audit: type=1400 audit(1734784431.128:52948): avc:  denied  { ioctl } for  pid=14250 comm="syz.4.2543" path="socket:[42623]" dev="sockfs" ino=42623 ioctlcmd=0x894a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  620.497521][   T29] audit: type=1400 audit(1734784431.248:52949): avc:  denied  { ioctl } for  pid=14250 comm="syz.4.2543" path="socket:[42630]" dev="sockfs" ino=42630 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  621.951526][T14276] netdevsim netdevsim2: Direct firmware load for printk failed with error -2
[  621.960577][T14276] netdevsim netdevsim2: Falling back to sysfs fallback for: printk
[  622.522840][T14291] syz.2.2550: attempt to access beyond end of device
[  622.522840][T14291] nbd2: rw=0, sector=64, nr_sectors = 2 limit=0
[  622.536225][T14291] syz.2.2550: attempt to access beyond end of device
[  622.536225][T14291] nbd2: rw=0, sector=512, nr_sectors = 2 limit=0
[  622.550855][T14291] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  622.561524][T14291] syz.2.2550: attempt to access beyond end of device
[  622.561524][T14291] nbd2: rw=0, sector=1024, nr_sectors = 2 limit=0
[  622.582725][T14291] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  622.593321][T14291] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[  622.602425][T14291] UDF-fs: Scanning with blocksize 1024 failed
[  622.738993][T14291] syz.2.2550: attempt to access beyond end of device
[  622.738993][T14291] nbd2: rw=0, sector=64, nr_sectors = 4 limit=0
[  623.494612][T14291] syz.2.2550: attempt to access beyond end of device
[  623.494612][T14291] nbd2: rw=0, sector=1024, nr_sectors = 4 limit=0
[  623.507728][T14291] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  623.585427][T14291] syz.2.2550: attempt to access beyond end of device
[  623.585427][T14291] nbd2: rw=0, sector=2048, nr_sectors = 4 limit=0
[  623.601118][T14291] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  623.617310][T14291] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[  623.627700][T14291] UDF-fs: Scanning with blocksize 2048 failed
[  623.636330][T14291] syz.2.2550: attempt to access beyond end of device
[  623.636330][T14291] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  623.640832][   T29] kauditd_printk_skb: 12 callbacks suppressed
[  623.640848][   T29] audit: type=1326 audit(1734784434.938:52962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14298 comm="syz.1.2556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b2385d29 code=0x7ffc0000
[  623.674140][T14291] syz.2.2550: attempt to access beyond end of device
[  623.674140][T14291] nbd2: rw=0, sector=2048, nr_sectors = 8 limit=0
[  623.692071][T14291] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  623.702734][T14291] syz.2.2550: attempt to access beyond end of device
[  623.702734][T14291] nbd2: rw=0, sector=4096, nr_sectors = 8 limit=0
[  623.723996][T14291] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  623.734634][T14291] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[  623.745303][T14291] UDF-fs: Scanning with blocksize 4096 failed
[  623.755976][T14291] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1)
[  623.812755][   T29] audit: type=1326 audit(1734784434.938:52963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14298 comm="syz.1.2556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7ff6b2385d29 code=0x7ffc0000
[  623.866312][   T29] audit: type=1326 audit(1734784434.938:52964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14298 comm="syz.1.2556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b2385d29 code=0x7ffc0000
[  623.996195][   T29] audit: type=1326 audit(1734784434.938:52965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14298 comm="syz.1.2556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b2385d29 code=0x7ffc0000
[  624.027286][   T29] audit: type=1326 audit(1734784434.938:52966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14298 comm="syz.1.2556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff6b2385d29 code=0x7ffc0000
[  624.056353][   T29] audit: type=1326 audit(1734784434.938:52967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14298 comm="syz.1.2556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b2385d29 code=0x7ffc0000
[  624.086336][   T29] audit: type=1326 audit(1734784434.938:52968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14298 comm="syz.1.2556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7ff6b2385d29 code=0x7ffc0000
[  624.110300][   T29] audit: type=1326 audit(1734784434.938:52969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14298 comm="syz.1.2556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b2385d29 code=0x7ffc0000
[  624.138941][   T29] audit: type=1326 audit(1734784435.378:52970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14303 comm="syz.5.2558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79b6d85d29 code=0x7fc00000
[  624.164655][   T29] audit: type=1326 audit(1734784435.378:52971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14303 comm="syz.5.2558" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f79b6d85d29 code=0x0
[  624.295367][T14323] FAULT_INJECTION: forcing a failure.
[  624.295367][T14323] name failslab, interval 1, probability 0, space 0, times 0
[  624.313036][T14323] CPU: 1 UID: 0 PID: 14323 Comm: syz.2.2563 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0
[  624.323842][T14323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  624.332401][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  624.333892][T14323] Call Trace:
[  624.333902][T14323]  <TASK>
[  624.341258][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  624.343386][T14323]  dump_stack_lvl+0x16c/0x1f0
[  624.357223][T14323]  should_fail_ex+0x497/0x5b0
[  624.361909][T14323]  ? fs_reclaim_acquire+0xae/0x150
[  624.367026][T14323]  should_failslab+0xc2/0x120
[  624.371702][T14323]  __kmalloc_noprof+0xcb/0x510
[  624.376462][T14323]  ? rcu_is_watching+0x12/0xc0
[  624.381228][T14323]  tomoyo_encode2+0x100/0x3e0
[  624.385904][T14323]  tomoyo_encode+0x29/0x50
[  624.390320][T14323]  tomoyo_realpath_from_path+0x19d/0x720
[  624.395949][T14323]  ? tomoyo_path_number_perm+0x235/0x590
[  624.401578][T14323]  tomoyo_path_number_perm+0x248/0x590
[  624.407033][T14323]  ? tomoyo_path_number_perm+0x235/0x590
[  624.412662][T14323]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  624.418661][T14323]  ? __pfx_lock_release+0x10/0x10
[  624.423679][T14323]  ? trace_lock_acquire+0x14e/0x1f0
[  624.428878][T14323]  ? lock_acquire+0x2f/0xb0
[  624.433373][T14323]  ? __fget_files+0x40/0x3a0
[  624.437960][T14323]  ? __fget_files+0x206/0x3a0
[  624.442642][T14323]  security_file_ioctl+0x9b/0x240
[  624.447667][T14323]  __x64_sys_ioctl+0xb7/0x200
[  624.452346][T14323]  do_syscall_64+0xcd/0x250
[  624.456849][T14323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  624.462740][T14323] RIP: 0033:0x7f0d5c585d29
[  624.467147][T14323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  624.486746][T14323] RSP: 002b:00007f0d5d3cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  624.495155][T14323] RAX: ffffffffffffffda RBX: 00007f0d5c775fa0 RCX: 00007f0d5c585d29
[  624.503118][T14323] RDX: 0000000020000080 RSI: 0000000000008946 RDI: 0000000000000004
[  624.511087][T14323] RBP: 00007f0d5d3cd090 R08: 0000000000000000 R09: 0000000000000000
[  624.519048][T14323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  624.527008][T14323] R13: 0000000000000000 R14: 00007f0d5c775fa0 R15: 00007ffce8aa71d8
[  624.534989][T14323]  </TASK>
[  624.548048][T14323] ERROR: Out of memory at tomoyo_realpath_from_path.
[  624.555519][T14323] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  625.050900][ T5893] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  625.370839][ T5893] usb 1-1: Using ep0 maxpacket: 8
[  625.386331][ T5893] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  626.251546][   T25] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  626.357406][ T5893] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  626.367233][ T5893] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  626.377000][ T5893] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[  626.388267][ T5893] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  626.398671][ T5893] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  626.418675][T14342] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2569'.
[  626.442506][   T25] usb 6-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  626.457677][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  626.492052][   T25] usb 6-1: config 0 descriptor??
[  626.501088][   T25] gspca_main: spca508-2.14.0 probing 8086:0110
[  626.535477][ T5893] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  626.545702][ T5893] usb 1-1: config 0 descriptor??
[  626.551528][T14325] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  627.163971][T14333] »»»»»» speed is unknown, defaulting to 1000
[  627.240900][   T25] gspca_spca508: reg_read err -110
[  627.247751][   T25] gspca_spca508: reg_read err -32
[  627.257820][   T25] gspca_spca508: reg_read err -32
[  627.269713][   T25] gspca_spca508: reg_read err -32
[  627.276121][   T25] gspca_spca508: reg write: error -32
[  627.283001][   T25] spca508 6-1:0.0: probe with driver spca508 failed with error -32
[  627.660833][   T25] usb 5-1: new full-speed USB device number 23 using dummy_hcd
[  627.780928][ T5893] usb 3-1: new full-speed USB device number 31 using dummy_hcd
[  627.833417][   T25] usb 5-1: config 0 has an invalid interface number: 151 but max is 0
[  627.843490][   T25] usb 5-1: config 0 has no interface number 0
[  627.866613][   T25] usb 5-1: New USB device found, idVendor=0499, idProduct=6bb7, bcdDevice=68.2f
[  627.875857][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  627.884747][T14371] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2577'.
[  627.890773][   T25] usb 5-1: Product: syz
[  627.898580][   T25] usb 5-1: Manufacturer: syz
[  627.920772][   T25] usb 5-1: SerialNumber: syz
[  627.931156][   T25] usb 5-1: config 0 descriptor??
[  627.943406][ T5893] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  627.963157][ T5893] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  627.985813][ T5893] usb 3-1: config 0 descriptor??
[  627.994169][ T5893] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  628.032387][T14333] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2568'.
[  628.050807][ T5930] usb 6-1: USB disconnect, device number 15
[  628.165878][   T25] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  628.228799][   T25] usb 5-1: USB disconnect, device number 23
[  628.661042][T12767] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  628.788010][ T5893] gp8psk: usb in 146 operation failed.
[  628.794426][ T5893] gp8psk: failed to get FW version
[  628.828650][ T5893] gp8psk: usb in 149 operation failed.
[  629.005278][ T5930] usb 1-1: USB disconnect, device number 19
[  629.010783][ T5893] gp8psk: failed to get FPGA version
[  629.023782][ T5893] gp8psk: usb out operation failed.
[  629.029034][ T5893] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  629.053194][ T5893] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  629.067343][   T29] kauditd_printk_skb: 18 callbacks suppressed
[  629.067360][   T29] audit: type=1400 audit(1734784440.418:52990): avc:  denied  { unmount } for  pid=5819 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  629.111278][ T5893] usb 3-1: USB disconnect, device number 31
[  629.137784][T14179] udevd[14179]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.151/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  629.305203][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  629.316694][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  629.335298][T14387] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  629.379628][T14384] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  629.862385][T14395] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2580'.
[  631.042614][   T29] audit: type=1326 audit(1734784442.388:52991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14399 comm="syz.2.2585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  631.171663][T14401] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2585'.
[  631.408600][ T5930] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  631.421305][   T29] audit: type=1326 audit(1734784442.388:52992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14399 comm="syz.2.2585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  631.547178][   T29] audit: type=1326 audit(1734784442.388:52993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14399 comm="syz.2.2585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=59 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  631.570801][   T29] audit: type=1326 audit(1734784442.388:52994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14399 comm="syz.2.2585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  631.611805][   T29] audit: type=1326 audit(1734784442.388:52995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14399 comm="syz.2.2585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  631.686438][ T5930] usb 5-1: Using ep0 maxpacket: 32
[  631.694299][ T5930] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  631.706445][ T5930] usb 5-1: config 0 has no interface number 0
[  631.715042][ T5930] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[  631.735752][   T29] audit: type=1326 audit(1734784442.388:52996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14399 comm="syz.2.2585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  631.769848][ T5930] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 8244, setting to 1024
[  631.790866][ T5930] usb 5-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  631.809277][   T29] audit: type=1326 audit(1734784442.388:52997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14399 comm="syz.2.2585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  631.835467][ T5930] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  631.860977][ T5930] usb 5-1: config 0 descriptor??
[  631.866958][   T29] audit: type=1326 audit(1734784442.388:52998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14399 comm="syz.2.2585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  631.871084][T14412] syz2: rxe_newlink: already configured on team_slave_1
[  631.898078][   T29] audit: type=1326 audit(1734784442.388:52999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14399 comm="syz.2.2585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  632.191080][   T25] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  632.794538][T11423] usb 6-1: new full-speed USB device number 16 using dummy_hcd
[  632.816075][   T25] usb 2-1: Using ep0 maxpacket: 16
[  632.838968][   T25] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00
[  632.852294][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  632.866212][   T25] usb 2-1: Product: syz
[  632.870930][   T25] usb 2-1: Manufacturer: syz
[  632.875729][   T25] usb 2-1: SerialNumber: syz
[  632.883151][   T25] usb 2-1: config 0 descriptor??
[  632.944451][ T5930] uclogic 0003:28BD:0094.000C: pen parameters not found
[  632.961459][   T25] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  632.969429][   T25] usb 2-1: Detected FT-X
[  632.977827][ T5930] uclogic 0003:28BD:0094.000C: interface is invalid, ignoring
[  633.045051][T11423] usb 6-1: unable to get BOS descriptor or descriptor too short
[  633.068273][T11423] usb 6-1: not running at top speed; connect to a high speed hub
[  633.082625][T11423] usb 6-1: config 4 has an invalid interface number: 111 but max is 0
[  633.096224][T11423] usb 6-1: config 4 has no interface number 0
[  633.103091][T11423] usb 6-1: config 4 interface 111 has no altsetting 0
[  633.113420][T11423] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=44.99
[  633.132387][T11423] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  633.140580][T11423] usb 6-1: Product: syz
[  633.144930][T11423] usb 6-1: Manufacturer: syz
[  633.149576][T11423] usb 6-1: SerialNumber: syz
[  633.251970][ T5863] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  633.711836][T14412] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  633.720549][T14412] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  633.927290][ T5863] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  633.936659][ T5863] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.953283][ T5863] usb 3-1: config 0 descriptor??
[  633.961111][ T5863] cp210x 3-1:0.0: cp210x converter detected
[  634.242556][   T25] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  634.251823][   T25] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  634.261011][   T25] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71
[  634.272534][   T25] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  634.315160][   T25] usb 2-1: USB disconnect, device number 34
[  634.339508][   T25] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  634.425043][ T5893] usb 5-1: USB disconnect, device number 24
[  634.573144][   T25] ftdi_sio 2-1:0.0: device disconnected
[  634.613058][ T5863] usb 3-1: cp210x converter now attached to ttyUSB0
[  634.622639][ T5863] usb 3-1: USB disconnect, device number 32
[  634.635716][ T5863] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  634.686737][   T29] kauditd_printk_skb: 137 callbacks suppressed
[  634.686753][   T29] audit: type=1400 audit(1734784446.038:53137): avc:  denied  { name_bind } for  pid=14428 comm="syz.1.2596" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  634.809419][ T5863] cp210x 3-1:0.0: device disconnected
[  634.965388][T14434] NILFS (nullb0): couldn't find nilfs on the device
[  635.620868][   T25] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  635.723789][T11423] pvrusb2: Hardware description: Terratec Grabster AV400
[  635.731227][T11423] pvrusb2: **********
[  635.735232][T11423] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  635.745429][T11423] pvrusb2: Important functionality might not be entirely working.
[  635.753580][T11423] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  635.765493][T11423] pvrusb2: **********
[  635.770046][T11423] usb 6-1: selecting invalid altsetting 0
[  635.781617][   T25] usb 2-1: Using ep0 maxpacket: 8
[  635.793597][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  635.806516][ T2333] pvrusb2: control-write URB failure, status=-71
[  635.813319][ T2333] pvrusb2: Device being rendered inoperable
[  635.820879][ T2333] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  635.823118][   T25] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  635.831435][ T2333] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  635.863359][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  635.978829][T11423] usb 6-1: USB disconnect, device number 16
[  635.985791][   T25] usb 2-1: config 0 descriptor??
[  636.093790][T14446] unknown channel width for channel at 909000KHz?
[  636.679187][   T29] audit: type=1400 audit(1734784448.008:53138): avc:  denied  { write } for  pid=14435 comm="syz.2.2597" name="001" dev="devtmpfs" ino=742 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  636.679617][   T25] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  636.821381][T14449] vlan0: entered promiscuous mode
[  636.836103][   T29] audit: type=1400 audit(1734784448.008:53139): avc:  denied  { getopt } for  pid=14435 comm="syz.2.2597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  636.922964][   T29] audit: type=1400 audit(1734784448.018:53140): avc:  denied  { create } for  pid=14435 comm="syz.2.2597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  637.081455][   T29] audit: type=1400 audit(1734784448.238:53141): avc:  denied  { ioctl } for  pid=14450 comm="syz.4.2601" path="/dev/vhost-net" dev="devtmpfs" ino=1274 ioctlcmd=0xaf21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  637.107607][   T29] audit: type=1400 audit(1734784448.258:53142): avc:  denied  { map } for  pid=14450 comm="syz.4.2601" path="/dev/binderfs/binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  637.132308][   T29] audit: type=1400 audit(1734784448.268:53143): avc:  denied  { call } for  pid=14450 comm="syz.4.2601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  637.152174][   T29] audit: type=1400 audit(1734784448.268:53144): avc:  denied  { transfer } for  pid=14450 comm="syz.4.2601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  637.629234][ T5893] IPVS: starting estimator thread 0...
[  637.723067][T14466] IPVS: using max 25 ests per chain, 60000 per kthread
[  637.751202][    T8] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  638.163419][    T8] usb 6-1: Using ep0 maxpacket: 16
[  638.266426][    T8] usb 6-1: config 0 has an invalid interface number: 41 but max is 0
[  638.347229][    T8] usb 6-1: config 0 has no interface number 0
[  638.374179][    T8] usb 6-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  638.388981][    T8] usb 6-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  638.414410][    T8] usb 6-1: config 0 interface 41 has no altsetting 0
[  638.438626][    T8] usb 6-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[  638.462957][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  638.478794][    T8] usb 6-1: Product: syz
[  638.490870][    T8] usb 6-1: Manufacturer: syz
[  638.509715][    T8] usb 6-1: SerialNumber: syz
[  638.531465][    T8] usb 6-1: config 0 descriptor??
[  638.541735][T14465] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  638.549062][T14465] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  638.763304][T14463] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  638.770595][T14463] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  639.310854][T11423] usb 2-1: USB disconnect, device number 35
[  639.310854][    C1] iowarrior 2-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19
[  639.339236][    T8] Error reading MAC address
[  639.346250][T14465] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  639.353639][T14465] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  639.372862][   T29] audit: type=1400 audit(1734784450.688:53145): avc:  denied  { create } for  pid=14458 comm="syz.5.2602" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  639.685112][T14531] xt_NFQUEUE: number of total queues is 0
[  639.732352][   T29] audit: type=1400 audit(1734784451.088:53146): avc:  denied  { bind } for  pid=14527 comm="syz.1.2608" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  640.256127][   T29] audit: type=1400 audit(1734784451.088:53147): avc:  denied  { write } for  pid=14527 comm="syz.1.2608" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  640.315280][   T29] audit: type=1400 audit(1734784451.118:53148): avc:  denied  { watch_mount watch_reads } for  pid=14524 comm="syz.4.2607" path="/541" dev="tmpfs" ino=2991 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  640.354447][T14531] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  640.361084][T14531] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  640.368867][T14531] vhci_hcd vhci_hcd.0: Device attached
[  640.678971][T14542] NILFS (nullb0): couldn't find nilfs on the device
[  641.321436][T11423] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  641.372128][    T8] sr9700 6-1:0.41 (unnamed net_device) (uninitialized): Error reading MAC address
[  641.389361][    T8] usb 6-1: USB disconnect, device number 17
[  641.425185][   T25] usb 41-1: new low-speed USB device number 13 using vhci_hcd
[  641.447163][   T29] audit: type=1400 audit(1734784452.798:53149): avc:  denied  { bind } for  pid=14543 comm="syz.0.2611" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  641.490152][T11423] usb 2-1: New USB device found, idVendor=0547, idProduct=0080, bcdDevice=67.51
[  641.507632][T11423] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  641.537048][T11423] usb 2-1: Product: syz
[  641.544884][T11423] usb 2-1: Manufacturer: syz
[  641.558120][T11423] usb 2-1: SerialNumber: syz
[  641.576757][T11423] usb 2-1: config 0 descriptor??
[  641.602170][T14550] netlink: 'syz.0.2613': attribute type 1 has an invalid length.
[  641.605071][T11423] usbtest 2-1:0.0: EZ-USB device
[  641.610182][T14550] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2613'.
[  641.691009][T11423] usbtest 2-1:0.0: high-speed {control bulk-in bulk-out} tests (+alt)
[  641.792557][T14533] vhci_hcd: connection reset by peer
[  641.801505][T11423] usb 2-1: USB disconnect, device number 36
[  641.807675][T14492] vhci_hcd: stop threads
[  641.811983][T14492] vhci_hcd: release socket
[  641.816455][T14492] vhci_hcd: disconnect device
[  641.895222][T14554] netlink: 'syz.4.2614': attribute type 1 has an invalid length.
[  641.908057][T14554] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2614'.
[  643.938879][T14564] netlink: 'syz.0.2618': attribute type 2 has an invalid length.
[  644.045488][T14575] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2619'.
[  644.055984][   T29] audit: type=1400 audit(1734784454.268:53150): avc:  denied  { bind } for  pid=14563 comm="syz.0.2618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  644.284035][   T29] audit: type=1400 audit(1734784455.398:53151): avc:  denied  { execute } for  pid=14569 comm="syz.1.2619" path="/dev/dsp" dev="devtmpfs" ino=1283 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  644.335959][   T29] audit: type=1400 audit(1734784455.498:53152): avc:  denied  { setopt } for  pid=14563 comm="syz.0.2618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  644.356600][   T29] audit: type=1400 audit(1734784455.498:53153): avc:  denied  { read } for  pid=14563 comm="syz.0.2618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  644.380276][   T29] audit: type=1400 audit(1734784455.668:53154): avc:  denied  { bind } for  pid=14580 comm="syz.2.2621" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  645.371629][T14583] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  645.455599][ T5930] usb 3-1: new full-speed USB device number 33 using dummy_hcd
[  645.595751][   T29] audit: type=1400 audit(1734784456.948:53155): avc:  denied  { append } for  pid=14589 comm="syz.5.2624" name="v4l-subdev5" dev="devtmpfs" ino=945 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  646.315017][T14591] netdevsim netdevsim1: Direct firmware load for printk failed with error -2
[  646.326161][T14591] netdevsim netdevsim1: Falling back to sysfs fallback for: printk
[  646.398248][ T5930] usb 3-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  646.571155][   T25] vhci_hcd: vhci_device speed not set
[  646.695650][ T5930] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  646.740094][ T5930] usb 3-1: config 0 descriptor??
[  646.989400][ T5930] pegasus 3-1:0.0: probe with driver pegasus failed with error -71
[  647.001914][ T5930] usb 3-1: USB disconnect, device number 33
[  647.009470][ T5893] IPVS: starting estimator thread 0...
[  647.120918][T14606] IPVS: using max 24 ests per chain, 57600 per kthread
[  647.640909][T12767] Bluetooth: hci5: command 0x0c1a tx timeout
[  647.987098][T14618] rdma_rxe: rxe_newlink: failed to add team_slave_1
[  648.626251][T14622] syz.1.2623: attempt to access beyond end of device
[  648.626251][T14622] nbd1: rw=0, sector=64, nr_sectors = 1 limit=0
[  648.630861][   T29] audit: type=1326 audit(1734784459.318:53156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14612 comm="syz.4.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c57585d29 code=0x7ffc0000
[  648.667798][   T29] audit: type=1326 audit(1734784459.318:53157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14612 comm="syz.4.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f5c57585d29 code=0x7ffc0000
[  648.694247][   T29] audit: type=1326 audit(1734784459.328:53158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14612 comm="syz.4.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c57585d29 code=0x7ffc0000
[  648.718150][   T29] audit: type=1326 audit(1734784459.328:53159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14612 comm="syz.4.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7f5c57585d29 code=0x7ffc0000
[  648.768107][   T29] audit: type=1326 audit(1734784459.328:53160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14612 comm="syz.4.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c57585d29 code=0x7ffc0000
[  648.792055][   T29] audit: type=1326 audit(1734784459.328:53161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14612 comm="syz.4.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c57585d29 code=0x7ffc0000
[  648.801000][ T5863] usb 5-1: new full-speed USB device number 25 using dummy_hcd
[  648.815838][   T29] audit: type=1326 audit(1734784459.328:53162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14612 comm="syz.4.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c57585d29 code=0x7ffc0000
[  648.848430][   T29] audit: type=1326 audit(1734784459.328:53163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14612 comm="syz.4.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5c57585d29 code=0x7ffc0000
[  648.872342][   T29] audit: type=1326 audit(1734784459.328:53164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14612 comm="syz.4.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c57585d29 code=0x7ffc0000
[  649.272132][T14622] syz.1.2623: attempt to access beyond end of device
[  649.272132][T14622] nbd1: rw=0, sector=256, nr_sectors = 1 limit=0
[  649.295665][T14622] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  649.311149][T14622] syz.1.2623: attempt to access beyond end of device
[  649.311149][T14622] nbd1: rw=0, sector=512, nr_sectors = 1 limit=0
[  649.356574][T14622] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  649.367622][T14622] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found
[  649.377719][T14622] UDF-fs: Scanning with blocksize 512 failed
[  649.413941][ T5863] usb 5-1: unable to get BOS descriptor or descriptor too short
[  649.594674][T14622] syz.1.2623: attempt to access beyond end of device
[  649.594674][T14622] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0
[  649.628005][T14628] rdma_rxe: rxe_newlink: failed to add team_slave_1
[  649.628414][ T5863] usb 5-1: not running at top speed; connect to a high speed hub
[  649.666914][T14622] syz.1.2623: attempt to access beyond end of device
[  649.666914][T14622] nbd1: rw=0, sector=512, nr_sectors = 2 limit=0
[  649.688655][T14622] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  649.701419][ T5863] usb 5-1: config 4 has an invalid interface number: 111 but max is 0
[  649.715161][ T5863] usb 5-1: config 4 has no interface number 0
[  649.726879][T14622] syz.1.2623: attempt to access beyond end of device
[  649.726879][T14622] nbd1: rw=0, sector=1024, nr_sectors = 2 limit=0
[  649.749292][ T5863] usb 5-1: config 4 interface 111 has no altsetting 0
[  649.866759][ T5863] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=44.99
[  649.876089][ T5863] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  649.876799][T14622] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  649.884159][ T5863] usb 5-1: Product: syz
[  649.884180][ T5863] usb 5-1: Manufacturer: syz
[  649.884197][ T5863] usb 5-1: SerialNumber: syz
[  649.912066][T14622] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found
[  649.940233][T14622] UDF-fs: Scanning with blocksize 1024 failed
[  649.953598][T14622] syz.1.2623: attempt to access beyond end of device
[  649.953598][T14622] nbd1: rw=0, sector=64, nr_sectors = 4 limit=0
[  649.969216][T14637] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2633'.
[  649.971043][    T8] usb 1-1: new full-speed USB device number 20 using dummy_hcd
[  650.019457][T14622] syz.1.2623: attempt to access beyond end of device
[  650.019457][T14622] nbd1: rw=0, sector=1024, nr_sectors = 4 limit=0
[  650.032788][T14622] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  650.042488][T14622] syz.1.2623: attempt to access beyond end of device
[  650.042488][T14622] nbd1: rw=0, sector=2048, nr_sectors = 4 limit=0
[  650.055802][T14622] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  650.065422][T14622] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found
[  650.073197][T14622] UDF-fs: Scanning with blocksize 2048 failed
[  650.079706][T14622] syz.1.2623: attempt to access beyond end of device
[  650.079706][T14622] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[  650.139307][T14617] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  650.148043][T14617] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  650.163039][    T8] usb 1-1: unable to get BOS descriptor or descriptor too short
[  650.168736][T14622] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  650.180494][T14622] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  650.190492][    T8] usb 1-1: not running at top speed; connect to a high speed hub
[  650.199615][T14622] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found
[  650.213519][T14622] UDF-fs: Scanning with blocksize 4096 failed
[  650.220079][T14622] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1)
[  650.230621][    T8] usb 1-1: config 4 has an invalid interface number: 111 but max is 0
[  650.252971][    T8] usb 1-1: config 4 has no interface number 0
[  650.260500][    T8] usb 1-1: config 4 interface 111 has no altsetting 0
[  650.272850][    T8] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=44.99
[  650.282409][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  650.290562][    T8] usb 1-1: Product: syz
[  650.295346][    T8] usb 1-1: Manufacturer: syz
[  650.300059][    T8] usb 1-1: SerialNumber: syz
[  650.349802][T14640] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  650.525982][T14628] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  650.534665][T14628] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  650.809661][   T29] kauditd_printk_skb: 143 callbacks suppressed
[  651.106388][   T29] audit: type=1326 audit(1734784462.098:53308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14623 comm="syz.0.2631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b4dd85d29 code=0x7ffc0000
[  651.149509][   T29] audit: type=1326 audit(1734784462.098:53309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14623 comm="syz.0.2631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b4dd85d29 code=0x7ffc0000
[  651.180519][   T29] audit: type=1326 audit(1734784462.098:53310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14623 comm="syz.0.2631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3b4dd85d29 code=0x7ffc0000
[  651.356085][T14650] syz2: rxe_newlink: already configured on team_slave_1
[  651.641679][ T5893] usb 6-1: new full-speed USB device number 18 using dummy_hcd
[  651.694147][   T29] audit: type=1326 audit(1734784462.098:53311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14623 comm="syz.0.2631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b4dd85d29 code=0x7ffc0000
[  651.794678][ T5863] pvrusb2: Hardware description: Terratec Grabster AV400
[  651.833785][ T5863] pvrusb2: **********
[  651.837821][ T5863] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  651.848140][ T5863] pvrusb2: Important functionality might not be entirely working.
[  651.856100][ T5863] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  651.867882][ T5863] pvrusb2: **********
[  651.872253][ T5863] usb 5-1: selecting invalid altsetting 0
[  651.872602][    T8] pvrusb2: Hardware description: Terratec Grabster AV400
[  651.915158][    T8] pvrusb2: **********
[  651.919320][   T29] audit: type=1326 audit(1734784462.098:53312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14623 comm="syz.0.2631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b4dd85d29 code=0x7ffc0000
[  652.008081][ T5863] usb 5-1: USB disconnect, device number 25
[  652.090946][ T2333] pvrusb2: control-write URB failure, status=-71
[  652.148538][ T2333] pvrusb2: Device being rendered inoperable
[  652.360969][   T29] audit: type=1326 audit(1734784462.678:53313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14647 comm="syz.5.2637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79b6d85d29 code=0x7ffc0000
[  652.362173][ T2333] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  652.395571][    T8] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  652.406227][    T8] pvrusb2: Important functionality might not be entirely working.
[  652.420889][    T8] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  652.432246][    T8] pvrusb2: **********
[  652.436539][    T8] usb 1-1: selecting invalid altsetting 0
[  652.447245][ T2333] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  652.459766][ T5908] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  652.624453][ T2333] pvrusb2: control-write URB failure, status=-71
[  652.676354][   T29] audit: type=1326 audit(1734784462.678:53314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14647 comm="syz.5.2637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f79b6d85d29 code=0x7ffc0000
[  652.779479][ T2333] pvrusb2: Device being rendered inoperable
[  653.378092][    T8] usb 1-1: USB disconnect, device number 20
[  653.379124][ T2333] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  653.393330][ T5893] usb 6-1: unable to get BOS descriptor or descriptor too short
[  653.402594][ T5893] usb 6-1: not running at top speed; connect to a high speed hub
[  653.412081][ T5893] usb 6-1: config 4 has an invalid interface number: 111 but max is 0
[  653.420608][ T5893] usb 6-1: config 4 has no interface number 0
[  653.437289][ T5893] usb 6-1: config 4 interface 111 has no altsetting 0
[  653.476072][   T29] audit: type=1326 audit(1734784462.688:53315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14647 comm="syz.5.2637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79b6d85d29 code=0x7ffc0000
[  653.500606][ T2333] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  653.503564][ T5893] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=44.99
[  653.510767][   T29] audit: type=1326 audit(1734784462.688:53316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14647 comm="syz.5.2637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7f79b6d85d29 code=0x7ffc0000
[  653.533196][ T5893] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  653.552713][T14663] FAULT_INJECTION: forcing a failure.
[  653.552713][T14663] name failslab, interval 1, probability 0, space 0, times 0
[  653.562884][   T29] audit: type=1326 audit(1734784462.688:53317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14647 comm="syz.5.2637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79b6d85d29 code=0x7ffc0000
[  653.567310][ T5908] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  653.605172][T14663] CPU: 0 UID: 0 PID: 14663 Comm: syz.4.2641 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0
[  653.615967][T14663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  653.626017][T14663] Call Trace:
[  653.629291][T14663]  <TASK>
[  653.632213][T14663]  dump_stack_lvl+0x16c/0x1f0
[  653.636892][T14663]  should_fail_ex+0x497/0x5b0
[  653.641570][T14663]  ? fs_reclaim_acquire+0xae/0x150
[  653.646685][T14663]  should_failslab+0xc2/0x120
[  653.651360][T14663]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  653.657167][T14663]  ? __alloc_skb+0x2b1/0x380
[  653.661761][T14663]  __alloc_skb+0x2b1/0x380
[  653.666177][T14663]  ? __pfx___alloc_skb+0x10/0x10
[  653.671112][T14663]  ? selinux_socket_getpeersec_dgram+0x1a5/0x370
[  653.677444][T14663]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  653.684118][T14663]  netlink_alloc_large_skb+0x69/0x130
[  653.689491][T14663]  netlink_sendmsg+0x689/0xd70
[  653.694257][T14663]  ? __pfx_netlink_sendmsg+0x10/0x10
[  653.699547][T14663]  ____sys_sendmsg+0xaaf/0xc90
[  653.704307][T14663]  ? copy_msghdr_from_user+0x10b/0x160
[  653.709758][T14663]  ? __pfx_____sys_sendmsg+0x10/0x10
[  653.715051][T14663]  ___sys_sendmsg+0x135/0x1e0
[  653.719724][T14663]  ? __pfx____sys_sendmsg+0x10/0x10
[  653.724922][T14663]  ? __pfx_lock_release+0x10/0x10
[  653.729940][T14663]  ? trace_lock_acquire+0x14e/0x1f0
[  653.735144][T14663]  ? __fget_files+0x206/0x3a0
[  653.739821][T14663]  __sys_sendmsg+0x16e/0x220
[  653.744405][T14663]  ? __pfx___sys_sendmsg+0x10/0x10
[  653.749522][T14663]  do_syscall_64+0xcd/0x250
[  653.754024][T14663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  653.759915][T14663] RIP: 0033:0x7f5c57585d29
[  653.764323][T14663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  653.783928][T14663] RSP: 002b:00007f5c58428038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  653.792335][T14663] RAX: ffffffffffffffda RBX: 00007f5c57775fa0 RCX: 00007f5c57585d29
[  653.800302][T14663] RDX: 0000000004000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  653.808265][T14663] RBP: 00007f5c58428090 R08: 0000000000000000 R09: 0000000000000000
[  653.816230][T14663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  653.824191][T14663] R13: 0000000000000000 R14: 00007f5c57775fa0 R15: 00007ffc3f9195c8
[  653.832166][T14663]  </TASK>
[  653.837775][ T5893] usb 6-1: Product: syz
[  653.843018][ T5908] usb 3-1: config 0 has no interface number 0
[  653.869495][ T5893] usb 6-1: Manufacturer: syz
[  653.880021][ T5908] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  653.891482][ T5893] usb 6-1: SerialNumber: syz
[  653.914562][ T5908] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  653.934901][ T5908] usb 3-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18
[  653.965302][ T5908] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  654.007936][ T5908] usb 3-1: config 0 descriptor??
[  654.178314][T14649] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  654.187120][T14649] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  654.988068][T14675] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2646'.
[  655.052914][T14678] netlink: 'syz.0.2643': attribute type 1 has an invalid length.
[  655.069433][T14678] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2643'.
[  655.165161][ T5908] input: HID 04d9:a055 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.1/0003:04D9:A055.000D/input/input13
[  655.191122][ T5865] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  655.261641][ T5893] pvrusb2: Hardware description: Terratec Grabster AV400
[  655.273961][T14655] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  655.297745][ T5908] holtek_kbd 0003:04D9:A055.000D: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.2-1/input1
[  655.320940][ T5893] pvrusb2: **********
[  655.324958][ T5893] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  655.352595][T14675] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2646'.
[  655.368486][ T5865] usb 5-1: Using ep0 maxpacket: 8
[  655.376511][ T5865] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  655.387504][ T5865] usb 5-1: config 0 has no interface number 0
[  655.393840][ T5893] pvrusb2: Important functionality might not be entirely working.
[  655.402150][ T5865] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  655.413369][ T5893] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  655.425161][ T5865] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  655.434456][ T5893] pvrusb2: **********
[  655.438732][ T5893] usb 6-1: selecting invalid altsetting 0
[  655.444921][ T5865] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  655.454701][ T2333] pvrusb2: control-write URB failure, status=-71
[  655.461677][ T2333] pvrusb2: Device being rendered inoperable
[  655.469270][T14688] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2647'.
[  655.481070][ T5908] usb 3-1: USB disconnect, device number 34
[  655.491370][ T5865] usb 5-1: config 0 descriptor??
[  655.499648][ T5893] usb 6-1: USB disconnect, device number 18
[  655.506269][ T2333] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  655.534369][ T5865] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  655.551313][ T2333] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  655.610931][ T5863] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  655.744732][    T8] usb 5-1: USB disconnect, device number 26
[  655.772647][ T5863] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  655.783141][ T5863] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  655.805746][ T5863] usb 2-1: config 0 descriptor??
[  656.071972][ T5863] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00
[  656.080526][ T5863] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  656.089842][ T5863] [drm:udl_init] *ERROR* Selecting channel failed
[  656.107079][ T5863] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2
[  656.113839][ T5863] [drm] Initialized udl on minor 2
[  656.122560][ T5863] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  656.135606][ T5863] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  656.149733][ T5930] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  656.162643][ T5930] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  656.171427][ T5930] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  656.235297][ T5863] usb 2-1: USB disconnect, device number 37
[  656.579266][T14701] 9pnet: Unknown protocol version 9p200
[  657.673521][   T29] kauditd_printk_skb: 53 callbacks suppressed
[  657.673538][   T29] audit: type=1400 audit(1734784469.028:53371): avc:  denied  { connect } for  pid=14691 comm="syz.0.2649" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  657.743716][T14715] netlink: 'syz.4.2657': attribute type 1 has an invalid length.
[  657.754064][T14715] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2657'.
[  657.763329][    T8] usb 3-1: new full-speed USB device number 35 using dummy_hcd
[  657.834803][ T5893] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  657.986080][T14720] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2656'.
[  658.466488][ T5930] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  658.467518][    T8] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[  658.482785][    T8] usb 3-1: config 0 has no interface number 0
[  658.488921][    T8] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  658.499835][    T8] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  658.511623][    T8] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  658.522970][    T8] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 64
[  658.534597][    T8] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  658.548155][    T8] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  658.557666][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  658.664657][    T8] usb 3-1: config 0 descriptor??
[  658.712640][T14706] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  658.728194][ T5893] usb 2-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36
[  658.737376][ T5893] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  658.746119][    T8] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  658.758977][ T5893] usb 2-1: config 0 descriptor??
[  658.790880][ T5930] usb 5-1: Using ep0 maxpacket: 16
[  658.797529][ T5930] usb 5-1: config index 0 descriptor too short (expected 16420, got 115)
[  658.821918][ T5930] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  658.849149][ T5930] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  658.870069][ T5930] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  658.897877][ T5930] usb 5-1: New USB device found, idVendor=172f, idProduct=0500, bcdDevice= 0.00
[  658.923183][ T5930] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  658.957926][ T5930] usb 5-1: config 0 descriptor??
[  658.969130][ T5908] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  659.030849][ T5893] kaweth 2-1:0.0: Firmware present in device.
[  659.174155][   T29] audit: type=1400 audit(1734784470.528:53372): avc:  denied  { write } for  pid=14719 comm="syz.4.2658" path="socket:[44425]" dev="sockfs" ino=44425 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  659.301422][ T5893] kaweth 2-1:0.0: Statistics collection: 0
[  659.308068][ T5893] kaweth 2-1:0.0: Multicast filter limit: 0
[  659.314118][ T5893] kaweth 2-1:0.0: MTU: 0
[  659.318449][ T5893] kaweth 2-1:0.0: Read MAC address 00:00:00:00:00:00
[  659.403664][ T5908] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  659.414045][ T5908] usb 6-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config
[  659.426293][ T5908] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  659.439949][ T5908] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[  659.631844][ T5908] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024
[  659.888003][ T5908] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  659.975465][ T5908] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  659.997334][ T5908] usb 6-1: Product: syz
[  660.001914][ T5908] usb 6-1: Manufacturer: syz
[  660.017275][ T5908] cdc_wdm 6-1:1.0: skipping garbage
[  660.025782][ T5908] cdc_wdm 6-1:1.0: skipping garbage
[  660.049851][ T5908] cdc_wdm 6-1:1.0: cdc-wdm1: USB WDM device
[  660.058291][ T5893] kaweth 2-1:0.0: Error setting SOFS wait
[  660.064368][ T5893] kaweth 2-1:0.0: probe with driver kaweth failed with error -5
[  660.080137][ T5893] usb 2-1: USB disconnect, device number 38
[  660.087308][ T5908] cdc_wdm 6-1:1.0: Unknown control protocol
[  660.415319][T14722] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  660.415698][T14735] Cannot find set identified by id 0 to match
[  660.478160][   T29] audit: type=1400 audit(1734784471.828:53373): avc:  denied  { read } for  pid=14725 comm="syz.5.2660" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  660.524315][   T29] audit: type=1400 audit(1734784471.828:53374): avc:  denied  { open } for  pid=14725 comm="syz.5.2660" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  660.557342][T14722] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  660.994532][ T5863] usb 6-1: USB disconnect, device number 19
[  661.008439][ T5930] usbhid 5-1:0.0: can't add hid device: -71
[  661.080424][   T29] audit: type=1400 audit(1734784471.878:53375): avc:  denied  { ioctl } for  pid=14725 comm="syz.5.2660" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  661.101745][ T5930] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  661.105909][    C0] vkms_vblank_simulate: vblank timer overrun
[  661.122640][   T25] usb 3-1: USB disconnect, device number 35
[  661.136855][ T5930] usb 5-1: USB disconnect, device number 27
[  661.174564][   T25] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[  661.408569][   T29] audit: type=1326 audit(1734784472.758:53376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14741 comm="syz.0.2663" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b4dd85d29 code=0xffff0000
[  663.001016][T14761] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  663.013777][   T29] audit: type=1400 audit(1734784474.368:53377): avc:  denied  { create } for  pid=14755 comm="syz.5.2668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  663.175792][   T29] audit: type=1400 audit(1734784474.418:53378): avc:  denied  { write } for  pid=14755 comm="syz.5.2668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  663.175955][T14766] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2670'.
[  663.248918][T14766] trusted_key: encrypted_key: insufficient parameters specified
[  663.417706][   T29] audit: type=1400 audit(1734784474.768:53379): avc:  denied  { write } for  pid=14755 comm="syz.5.2668" name="route" dev="proc" ino=4026533946 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  663.440661][    C0] vkms_vblank_simulate: vblank timer overrun
[  663.810790][ T5930] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  663.970996][ T5930] usb 5-1: Using ep0 maxpacket: 32
[  663.993883][ T5930] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  664.053649][ T5930] usb 5-1: config 0 has no interface number 0
[  664.072387][ T5930] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[  664.132562][ T5930] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 8244, setting to 1024
[  664.148572][ T5930] usb 5-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  664.285305][ T5930] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  664.400057][ T5930] usb 5-1: config 0 descriptor??
[  665.020810][ T5908] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  665.045882][ T5930] uclogic 0003:28BD:0094.000E: pen parameters not found
[  665.060852][ T5930] uclogic 0003:28BD:0094.000E: interface is invalid, ignoring
[  665.069707][T14786] FAULT_INJECTION: forcing a failure.
[  665.069707][T14786] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  665.108070][T14786] CPU: 1 UID: 0 PID: 14786 Comm: syz.0.2673 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0
[  665.118873][T14786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  665.128956][T14786] Call Trace:
[  665.132233][T14786]  <TASK>
[  665.135163][T14786]  dump_stack_lvl+0x16c/0x1f0
[  665.139846][T14786]  should_fail_ex+0x497/0x5b0
[  665.144548][T14786]  _copy_from_user+0x2e/0xd0
[  665.149159][T14786]  sk_getsockopt+0x1096/0x3440
[  665.153935][T14786]  ? hlock_class+0x4e/0x130
[  665.158444][T14786]  ? __lock_acquire+0x15a9/0x3c40
[  665.163469][T14786]  ? __pfx_sk_getsockopt+0x10/0x10
[  665.168585][T14786]  ? __pfx___lock_acquire+0x10/0x10
[  665.173780][T14786]  ? __lock_acquire+0xcc5/0x3c40
[  665.178717][T14786]  ? find_held_lock+0x2d/0x110
[  665.183482][T14786]  ? __might_fault+0x13b/0x190
[  665.188251][T14786]  ? __pfx_lock_release+0x10/0x10
[  665.193270][T14786]  ? trace_lock_acquire+0x14e/0x1f0
[  665.198473][T14786]  ? lock_acquire+0x2f/0xb0
[  665.202975][T14786]  ? __might_fault+0xe3/0x190
[  665.207653][T14786]  ? __might_fault+0xe3/0x190
[  665.212338][T14786]  do_sock_getsockopt+0x647/0x800
[  665.217364][T14786]  ? trace_lock_acquire+0xf0/0x1f0
[  665.222481][T14786]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  665.228028][T14786]  ? lock_acquire+0x2f/0xb0
[  665.232527][T14786]  ? __fget_files+0x40/0x3a0
[  665.237116][T14786]  ? __fget_files+0x206/0x3a0
[  665.241792][T14786]  __sys_getsockopt+0x12f/0x260
[  665.246644][T14786]  __x64_sys_getsockopt+0xbd/0x160
[  665.251749][T14786]  ? do_syscall_64+0x91/0x250
[  665.256430][T14786]  ? lockdep_hardirqs_on+0x7c/0x110
[  665.261629][T14786]  do_syscall_64+0xcd/0x250
[  665.266135][T14786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  665.272027][T14786] RIP: 0033:0x7f3b4dd85d29
[  665.276435][T14786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  665.296046][T14786] RSP: 002b:00007f3b4eb76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  665.304460][T14786] RAX: ffffffffffffffda RBX: 00007f3b4df76160 RCX: 00007f3b4dd85d29
[  665.312436][T14786] RDX: 000000000000003b RSI: 0000000000000001 RDI: 0000000000000004
[  665.320405][T14786] RBP: 00007f3b4eb76090 R08: 0000000020000440 R09: 0000000000000000
[  665.328369][T14786] R10: 0000000020000380 R11: 0000000000000246 R12: 0000000000000001
[  665.336333][T14786] R13: 0000000000000001 R14: 00007f3b4df76160 R15: 00007ffd57a122f8
[  665.344310][T14786]  </TASK>
[  665.425384][ T5908] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  665.433980][ T5908] usb 6-1: config 0 has no interface number 0
[  665.440258][ T5908] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  665.572402][ T5908] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  665.606345][ T5908] usb 6-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18
[  665.615961][ T5908] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  665.731784][ T5908] usb 6-1: config 0 descriptor??
[  666.240628][ T5908] input: HID 04d9:a055 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.1/0003:04D9:A055.000F/input/input16
[  666.294870][T14789] FAULT_INJECTION: forcing a failure.
[  666.294870][T14789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  666.308161][T14789] CPU: 1 UID: 0 PID: 14789 Comm: syz.0.2675 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0
[  666.318940][T14789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  666.329015][T14789] Call Trace:
[  666.332303][T14789]  <TASK>
[  666.335243][T14789]  dump_stack_lvl+0x16c/0x1f0
[  666.339944][T14789]  should_fail_ex+0x497/0x5b0
[  666.344650][T14789]  _copy_from_user+0x2e/0xd0
[  666.349261][T14789]  copy_msghdr_from_user+0x99/0x160
[  666.354471][T14789]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  666.360303][T14789]  ___sys_recvmsg+0xdc/0x1a0
[  666.364909][T14789]  ? __pfx____sys_recvmsg+0x10/0x10
[  666.370107][T14789]  ? __fget_files+0x1fc/0x3a0
[  666.374782][T14789]  ? trace_lock_acquire+0x14e/0x1f0
[  666.379990][T14789]  ? __fget_files+0x206/0x3a0
[  666.384666][T14789]  __sys_recvmsg+0x16b/0x220
[  666.389252][T14789]  ? __pfx___sys_recvmsg+0x10/0x10
[  666.394375][T14789]  do_syscall_64+0xcd/0x250
[  666.398881][T14789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  666.404772][T14789] RIP: 0033:0x7f3b4dd85d29
[  666.409181][T14789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  666.428785][T14789] RSP: 002b:00007f3b4eb97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  666.437200][T14789] RAX: ffffffffffffffda RBX: 00007f3b4df76080 RCX: 00007f3b4dd85d29
[  666.445170][T14789] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000008
[  666.453141][T14789] RBP: 00007f3b4eb97090 R08: 0000000000000000 R09: 0000000000000000
[  666.461107][T14789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  666.469071][T14789] R13: 0000000000000000 R14: 00007f3b4df76080 R15: 00007ffd57a122f8
[  666.477049][T14789]  </TASK>
[  666.482718][T14782] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  666.515197][ T5908] holtek_kbd 0003:04D9:A055.000F: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.5-1/input1
[  666.551449][T14790] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2675'.
[  666.579689][   T29] audit: type=1400 audit(1734784477.918:53380): avc:  denied  { ioctl } for  pid=14787 comm="syz.0.2675" path="socket:[44541]" dev="sockfs" ino=44541 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  666.607638][ T5908] usb 6-1: USB disconnect, device number 20
[  666.656056][   T29] audit: type=1400 audit(1734784478.008:53381): avc:  denied  { accept } for  pid=14787 comm="syz.0.2675" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  667.514682][T14797] Cannot find add_set index 0 as target
[  668.947862][ T5863] usb 5-1: USB disconnect, device number 28
[  669.544422][T14820] netlink: 'syz.0.2684': attribute type 1 has an invalid length.
[  669.565187][T14820] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2684'.
[  669.652942][T14824] program syz.5.2683 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  669.662698][T14824] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  669.766988][   T29] audit: type=1400 audit(1734784481.118:53382): avc:  denied  { listen } for  pid=14822 comm="syz.2.2686" lport=43047 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  670.085385][   T29] audit: type=1400 audit(1734784481.188:53383): avc:  denied  { accept } for  pid=14822 comm="syz.2.2686" lport=43047 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  670.140812][ T5863] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  670.168622][   T29] audit: type=1400 audit(1734784481.238:53384): avc:  denied  { write } for  pid=14822 comm="syz.2.2686" lport=43047 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  670.289917][   T29] audit: type=1400 audit(1734784481.268:53385): avc:  denied  { getopt } for  pid=14822 comm="syz.2.2686" lport=43047 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  670.329616][ T5863] usb 5-1: Using ep0 maxpacket: 32
[  670.383902][ T5863] usb 5-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  670.565412][ T5863] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  670.574922][   T29] audit: type=1400 audit(1734784481.308:53386): avc:  denied  { setopt } for  pid=14822 comm="syz.2.2686" lport=43047 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  670.610576][ T5863] usb 5-1: config 0 descriptor??
[  670.631043][ T5930] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  670.812249][T14838] Cannot find add_set index 0 as target
[  671.576111][   T29] audit: type=1326 audit(1734784481.358:53387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14818 comm="syz.1.2685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b2385d29 code=0x7ffc0000
[  671.599890][   T29] audit: type=1326 audit(1734784481.358:53388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14818 comm="syz.1.2685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b2385d29 code=0x7ffc0000
[  671.623365][ T5863] gspca_main: sq930x-2.14.0 probing 041e:403c
[  671.674556][   T29] audit: type=1326 audit(1734784481.428:53389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14818 comm="syz.1.2685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7ff6b2385d29 code=0x7ffc0000
[  671.861078][ T5930] usb 3-1: Using ep0 maxpacket: 32
[  671.925239][ T5930] usb 3-1: config 0 has an invalid interface number: 159 but max is 0
[  672.050801][ T5930] usb 3-1: config 0 has an invalid descriptor of length 16, skipping remainder of the config
[  672.077003][   T29] audit: type=1326 audit(1734784481.438:53390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14818 comm="syz.1.2685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b2385d29 code=0x7ffc0000
[  672.127178][ T5930] usb 3-1: config 0 has no interface number 0
[  672.133888][ T5863] gspca_sq930x: reg_r 001f failed -110
[  672.139575][ T5863] sq930x 5-1:0.0: probe with driver sq930x failed with error -110
[  672.157787][ T5930] usb 3-1: config 0 interface 159 altsetting 15 has an endpoint descriptor with address 0x68, changing to 0x8
[  672.187994][   T29] audit: type=1326 audit(1734784481.438:53391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14818 comm="syz.1.2685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b2385d29 code=0x7ffc0000
[  672.216976][ T5930] usb 3-1: config 0 interface 159 altsetting 15 endpoint 0x8 has an invalid bInterval 0, changing to 7
[  672.245657][ T5930] usb 3-1: config 0 interface 159 altsetting 15 endpoint 0x8 has invalid maxpacket 16408, setting to 1024
[  672.258756][ T5930] usb 3-1: config 0 interface 159 altsetting 15 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  672.277008][ T5930] usb 3-1: config 0 interface 159 has no altsetting 0
[  672.362714][ T5864] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  672.390201][ T5930] usb 3-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=f0.de
[  672.427530][ T5930] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  672.435856][ T5930] usb 3-1: Product: syz
[  672.440035][ T5930] usb 3-1: Manufacturer: syz
[  672.444981][ T5930] usb 3-1: SerialNumber: syz
[  672.451631][ T5930] usb 3-1: config 0 descriptor??
[  672.461462][ T5930] qmi_wwan 3-1:0.159: probe with driver qmi_wwan failed with error -22
[  672.537919][T14850] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2691'.
[  672.550857][ T5864] usb 2-1: Using ep0 maxpacket: 32
[  672.561899][ T5864] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  672.580810][ T5930] usb 3-1: USB disconnect, device number 36
[  672.600622][ T5864] usb 2-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00
[  672.613595][ T5864] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  672.655048][ T5864] usb 2-1: config 0 descriptor??
[  672.990970][T14857] /dev/nullb0: Can't open blockdev
[  673.257718][ T5864] dragonrise 0003:0079:0006.0010: hidraw0: USB HID v0.00 Device [HID 0079:0006] on usb-dummy_hcd.1-1/input0
[  673.510225][ T5864] dragonrise 0003:0079:0006.0010: no inputs found
[  673.524915][ T5864] dragonrise 0003:0079:0006.0010: force feedback init failed
[  673.534093][T14848] Trying to write to read-only block-device nullb0
[  673.658112][ T5864] usb 2-1: USB disconnect, device number 39
[  673.741720][T14860] netlink: 'syz.4.2681': attribute type 39 has an invalid length.
[  674.622819][ T5864] usb 5-1: USB disconnect, device number 29
[  674.952276][T14884] SET target dimension over the limit!
[  675.852095][   T29] kauditd_printk_skb: 3 callbacks suppressed
[  675.852106][   T29] audit: type=1400 audit(1734784487.208:53395): avc:  denied  { getopt } for  pid=14891 comm="syz.4.2702" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  676.051077][ T5908] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  676.223559][T14904] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  676.261134][ T5908] usb 1-1: Using ep0 maxpacket: 8
[  676.279588][ T5908] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  676.298275][ T5908] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  676.339535][ T5908] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  676.998472][ T5908] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  677.008500][ T5908] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  677.021560][ T5908] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  677.030616][ T5908] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  677.035288][T14912] 9pnet_fd: Insufficient options for proto=fd
[  677.061335][   T29] audit: type=1400 audit(1734784488.378:53396): avc:  denied  { read } for  pid=14911 comm="syz.1.2708" dev="sockfs" ino=45017 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  677.277358][ T5908] usb 1-1: usb_control_msg returned -32
[  677.283209][ T5908] usbtmc 1-1:16.0: can't read capabilities
[  677.330852][    T8] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  677.433171][ T5893] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  677.540149][T14919] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  677.546789][T14919] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  677.554513][T14919] vhci_hcd vhci_hcd.0: Device attached
[  677.620380][    T8] usb 3-1: Using ep0 maxpacket: 32
[  677.816878][ T5893] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  677.930919][    T8] usb 3-1: config 0 has an invalid interface number: 159 but max is 0
[  677.948260][ T5893] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  677.957751][    T8] usb 3-1: config 0 has an invalid descriptor of length 16, skipping remainder of the config
[  677.958834][T14923] usbtmc 1-1:16.0: usb_control_msg returned -32
[  677.980036][    T8] usb 3-1: config 0 has no interface number 0
[  677.986889][ T5893] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  677.996181][ T5893] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  678.010320][    T8] usb 3-1: config 0 interface 159 altsetting 15 has an endpoint descriptor with address 0x68, changing to 0x8
[  678.023070][ T5893] usb 2-1: SerialNumber: syz
[  678.034669][    T8] usb 3-1: config 0 interface 159 altsetting 15 endpoint 0x8 has an invalid bInterval 0, changing to 7
[  678.039673][T14879] usbtmc 1-1:16.0: send_request_dev_dep_msg_in returned -90
[  678.046288][    T8] usb 3-1: config 0 interface 159 altsetting 15 endpoint 0x8 has invalid maxpacket 16408, setting to 1024
[  678.065141][    T8] usb 3-1: config 0 interface 159 altsetting 15 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  678.078638][ T5864] usb 1-1: USB disconnect, device number 21
[  678.078653][    T8] usb 3-1: config 0 interface 159 has no altsetting 0
[  678.080876][    T8] usb 3-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=f0.de
[  678.104090][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  678.119922][    T8] usb 3-1: Product: syz
[  678.125801][    T8] usb 3-1: Manufacturer: syz
[  678.130518][    T8] usb 3-1: SerialNumber: syz
[  678.146292][    T8] usb 3-1: config 0 descriptor??
[  678.159932][    T8] qmi_wwan 3-1:0.159: probe with driver qmi_wwan failed with error -22
[  678.211502][ T5908] usb 41-1: new low-speed USB device number 14 using vhci_hcd
[  678.239581][ T5893] usb 2-1: 0:2 : does not exist
[  678.246613][ T5893] usb 2-1: unit 5: unexpected type 0x0a
[  678.265106][ T5893] usb 2-1: USB disconnect, device number 40
[  678.461465][T14101] udevd[14101]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  679.708862][ T5893] usb 3-1: USB disconnect, device number 37
[  680.189479][T14921] vhci_hcd: connection reset by peer
[  680.196818][   T29] audit: type=1400 audit(1734784491.518:53397): avc:  denied  { watch } for  pid=14925 comm="syz.0.2711" path="/533" dev="tmpfs" ino=2922 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  680.272813][  T269] vhci_hcd: stop threads
[  680.277713][  T269] vhci_hcd: release socket
[  680.286440][  T269] vhci_hcd: disconnect device
[  680.862582][   T29] audit: type=1326 audit(1734784492.218:53398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14950 comm="syz.2.2718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  680.897110][   T29] audit: type=1326 audit(1734784492.218:53399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14950 comm="syz.2.2718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  680.950781][   T29] audit: type=1326 audit(1734784492.218:53400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14950 comm="syz.2.2718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  681.014971][   T29] audit: type=1326 audit(1734784492.218:53401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14950 comm="syz.2.2718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  681.042586][T14956] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  681.060836][   T29] audit: type=1326 audit(1734784492.218:53402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14950 comm="syz.2.2718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  681.106631][   T29] audit: type=1326 audit(1734784492.218:53403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14950 comm="syz.2.2718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  681.170820][   T29] audit: type=1326 audit(1734784492.218:53404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14950 comm="syz.2.2718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  682.171972][   T29] audit: type=1326 audit(1734784492.218:53405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14950 comm="syz.2.2718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5c585d29 code=0x7ffc0000
[  682.197946][   T29] audit: type=1400 audit(1734784492.508:53406): avc:  denied  { watch watch_reads } for  pid=14957 comm="syz.1.2721" path="pipe:[4581]" dev="pipefs" ino=4581 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  682.650850][   T29] audit: type=1400 audit(1734784493.998:53407): avc:  denied  { read } for  pid=14967 comm="syz.5.2725" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  683.401929][ T5908] vhci_hcd: vhci_device speed not set
[  683.434949][T14987] bio_check_eod: 2 callbacks suppressed
[  683.434967][T14987] syz.4.2731: attempt to access beyond end of device
[  683.434967][T14987] md0: rw=0, sector=2, nr_sectors = 1 limit=0
[  683.458420][T14987] hfs: can't find a HFS filesystem on dev md0
[  683.474032][T14990] syz.0.2733: attempt to access beyond end of device
[  683.474032][T14990] md0: rw=0, sector=2, nr_sectors = 1 limit=0
[  683.507595][T14990] hfs: can't find a HFS filesystem on dev md0
[  683.546112][T14995] syz.1.2734: attempt to access beyond end of device
[  683.546112][T14995] md0: rw=0, sector=2, nr_sectors = 1 limit=0
[  683.560761][T14995] hfs: can't find a HFS filesystem on dev md0
[  684.012884][T15000] SET target dimension over the limit!
[  684.760982][T15013] fuse: Bad value for 'fd'
[  684.777774][T15013] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  685.503310][T15006] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  685.802272][T15029] rdma_rxe: rxe_newlink: failed to add team_slave_1
[  685.835117][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  685.875352][  T826] kworker/0:2 (826) used greatest stack depth: 21392 bytes left
[  686.364943][   T29] kauditd_printk_skb: 27 callbacks suppressed
[  686.364972][   T29] audit: type=1326 audit(1734784497.708:53435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15025 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3b4dd8592b code=0x7ffc0000
[  686.384491][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  686.397530][ T5908] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  686.433415][   T29] audit: type=1326 audit(1734784497.788:53436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15025 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3b4dd8592b code=0x7ffc0000
[  686.456890][    C0] vkms_vblank_simulate: vblank timer overrun
[  686.715978][ T5893] usb 1-1: new full-speed USB device number 22 using dummy_hcd
[  686.887267][   T29] audit: type=1326 audit(1734784498.218:53437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15025 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3b4dd8592b code=0x7ffc0000
[  686.910738][    C0] vkms_vblank_simulate: vblank timer overrun
[  686.917361][   T29] audit: type=1326 audit(1734784498.218:53438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15025 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3b4dd8592b code=0x7ffc0000
[  686.940803][    C0] vkms_vblank_simulate: vblank timer overrun
[  686.947332][   T29] audit: type=1326 audit(1734784498.238:53439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15025 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3b4dd8592b code=0x7ffc0000
[  686.970781][    C0] vkms_vblank_simulate: vblank timer overrun
[  687.041889][   T29] audit: type=1326 audit(1734784498.398:53440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15025 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3b4dd8592b code=0x7ffc0000
[  687.080900][ T5908] usb 6-1: Using ep0 maxpacket: 32
[  687.087562][ T5908] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  687.095841][ T5908] usb 6-1: config 0 has no interface number 0
[  687.106894][ T5908] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[  687.128336][ T5908] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 8244, setting to 1024
[  687.140046][T12767] Bluetooth: hci5: command 0x0c1a tx timeout
[  687.153044][   T29] audit: type=1400 audit(1734784498.498:53441): avc:  denied  { bind } for  pid=15032 comm="syz.2.2744" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  687.153855][ T5893] usb 1-1: unable to get BOS descriptor or descriptor too short
[  687.172777][    C0] vkms_vblank_simulate: vblank timer overrun
[  687.198216][ T5908] usb 6-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  687.199858][   T29] audit: type=1400 audit(1734784498.498:53442): avc:  denied  { read } for  pid=15032 comm="syz.2.2744" path="socket:[46377]" dev="sockfs" ino=46377 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  687.217584][ T5908] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  687.240991][ T5893] usb 1-1: not running at top speed; connect to a high speed hub
[  687.251503][ T5908] usb 6-1: config 0 descriptor??
[  687.258439][ T5893] usb 1-1: config 4 has an invalid interface number: 111 but max is 0
[  687.270104][ T5893] usb 1-1: config 4 has no interface number 0
[  687.276320][ T5893] usb 1-1: config 4 interface 111 has no altsetting 0
[  687.286550][ T5893] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=44.99
[  687.295939][ T5893] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  687.304222][ T5893] usb 1-1: Product: syz
[  687.308622][ T5893] usb 1-1: Manufacturer: syz
[  687.312087][   T29] audit: type=1326 audit(1734784498.508:53443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15025 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3b4dd8592b code=0x7ffc0000
[  687.313286][ T5893] usb 1-1: SerialNumber: syz
[  687.340579][   T29] audit: type=1326 audit(1734784498.508:53444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15025 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3b4dd8592b code=0x7ffc0000
[  687.610812][ T5930] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  687.627289][T15028] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  687.636049][T15028] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  687.802536][ T5930] usb 3-1: unable to get BOS descriptor or descriptor too short
[  687.817055][ T5930] usb 3-1: config 129 has an invalid interface number: 32 but max is 1
[  687.837360][ T5930] usb 3-1: config 129 has an invalid interface number: 32 but max is 1
[  687.850774][ T5930] usb 3-1: config 129 has 1 interface, different from the descriptor's value: 2
[  687.873882][ T5908] uclogic 0003:28BD:0094.0011: failed retrieving string descriptor #100: -71
[  687.886379][ T5908] uclogic 0003:28BD:0094.0011: failed retrieving pen parameters: -71
[  687.894844][ T5908] uclogic 0003:28BD:0094.0011: pen probing failed: -71
[  687.902411][ T5930] usb 3-1: config 129 has no interface number 0
[  687.907171][ T5908] uclogic 0003:28BD:0094.0011: failed probing parameters: -71
[  687.915245][ T5930] usb 3-1: config 129 interface 32 has no altsetting 0
[  687.916691][ T5908] uclogic 0003:28BD:0094.0011: probe with driver uclogic failed with error -71
[  687.929936][ T5930] usb 3-1: config 129 interface 32 has no altsetting 1
[  688.001343][ T5908] usb 6-1: USB disconnect, device number 21
[  688.248038][ T5930] usb 3-1: New USB device found, idVendor=eb1a, idProduct=2885, bcdDevice=74.d5
[  688.257229][ T5930] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  688.270843][ T5930] usb 3-1: Product: syz
[  688.275044][ T5930] usb 3-1: Manufacturer: syz
[  688.279919][ T5930] usb 3-1: SerialNumber: syz
[  689.238602][ T5930] usb 3-1: USB disconnect, device number 38
[  689.384166][T15047] syz.0.2748: attempt to access beyond end of device
[  689.384166][T15047] md0: rw=0, sector=2, nr_sectors = 1 limit=0
[  689.419783][T15047] hfs: can't find a HFS filesystem on dev md0
[  689.752906][ T5893] pvrusb2: Hardware description: Terratec Grabster AV400
[  689.760073][ T5893] pvrusb2: **********
[  689.764229][ T5893] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  689.774416][ T5893] pvrusb2: Important functionality might not be entirely working.
[  689.782894][ T5893] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  689.794742][ T5893] pvrusb2: **********
[  689.799087][ T5893] usb 1-1: selecting invalid altsetting 0
[  689.834095][ T5893] usb 1-1: USB disconnect, device number 22
[  689.846774][ T5893] pvrusb2: Device being rendered inoperable
[  690.332279][ T5930] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  690.351055][ T5893] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  690.510837][ T5893] usb 5-1: Using ep0 maxpacket: 8
[  690.529927][ T5930] usb 6-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  690.553784][ T5930] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  690.650042][ T5930] usb 6-1: config 0 descriptor??
[  690.693828][ T5893] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  690.699727][ T5930] gspca_main: spca508-2.14.0 probing 8086:0110
[  690.755611][ T5893] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  690.782231][ T5893] usb 5-1: config 0 descriptor??
[  691.145726][T15065] »»»»»» speed is unknown, defaulting to 1000
[  691.411076][ T5930] gspca_spca508: reg_read err -110
[  691.416578][ T5930] gspca_spca508: reg_read err -32
[  691.427019][ T5930] gspca_spca508: reg_read err -32
[  691.441347][ T5930] gspca_spca508: reg_read err -32
[  691.454357][ T5930] gspca_spca508: reg write: error -32
[  691.470525][ T5930] spca508 6-1:0.0: probe with driver spca508 failed with error -32
[  691.680503][   T29] kauditd_printk_skb: 31 callbacks suppressed
[  691.680519][   T29] audit: type=1326 audit(1734784503.028:53476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15071 comm="syz.2.2755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0d5c585d29 code=0x7fc00000
[  691.710254][    C0] vkms_vblank_simulate: vblank timer overrun
[  691.900927][ T5930] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  692.060800][ T5930] usb 2-1: Using ep0 maxpacket: 16
[  692.087870][ T5930] usb 2-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  692.097205][ T5930] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  692.105429][   T25] usb 3-1: new full-speed USB device number 39 using dummy_hcd
[  692.114930][ T5930] usb 2-1: Product: syz
[  692.119212][ T5930] usb 2-1: Manufacturer: syz
[  692.124164][ T5930] usb 2-1: SerialNumber: syz
[  692.150324][ T5930] usb 2-1: config 0 descriptor??
[  692.171079][ T5930] as10x_usb: device has been detected
[  692.183256][ T5930] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  692.184325][    T8] usb 6-1: USB disconnect, device number 22
[  692.244901][ T5930] usb 2-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  692.272720][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  692.299059][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  692.310407][   T25] usb 3-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  692.323624][ T5930] as10x_usb: error during firmware upload part1
[  692.332007][ T5930] Registered device Sky IT Digital Key (green led)
[  692.357919][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  692.380944][   T25] usb 3-1: config 0 descriptor??
[  692.841379][   T29] audit: type=1400 audit(1734784504.148:53477): avc:  denied  { ioctl } for  pid=15081 comm="syz.1.2757" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  692.944759][T15089] random: crng reseeded on system resumption
[  693.335479][   T25] cougar 0003:060B:700A.0012: unknown main item tag 0x0
[  693.359034][   T29] audit: type=1400 audit(1734784504.298:53478): avc:  denied  { write } for  pid=15081 comm="syz.1.2757" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  693.425587][   T25] cougar 0003:060B:700A.0012: unknown main item tag 0x0
[  693.460566][   T25] cougar 0003:060B:700A.0012: unknown main item tag 0x0
[  693.485613][   T25] cougar 0003:060B:700A.0012: unknown main item tag 0x0
[  693.495494][   T25] cougar 0003:060B:700A.0012: unknown main item tag 0x0
[  693.530549][   T25] cougar 0003:060B:700A.0012: hidraw0: USB HID v0.00 Device [HID 060b:700a] on usb-dummy_hcd.2-1/input0
[  693.633823][   T25] usb 3-1: USB disconnect, device number 39
[  693.739453][T15093] FAULT_INJECTION: forcing a failure.
[  693.739453][T15093] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  693.763393][T15093] CPU: 0 UID: 0 PID: 15093 Comm: syz.5.2759 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0
[  693.774203][T15093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  693.784261][T15093] Call Trace:
[  693.787534][T15093]  <TASK>
[  693.790459][T15093]  dump_stack_lvl+0x16c/0x1f0
[  693.795141][T15093]  should_fail_ex+0x497/0x5b0
[  693.799822][T15093]  ? fs_reclaim_acquire+0xae/0x150
[  693.804939][T15093]  should_fail_alloc_page+0xe7/0x130
[  693.810310][T15093]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  693.816467][T15093]  __alloc_pages_noprof+0x190/0x25b0
[  693.821759][T15093]  ? hlock_class+0x4e/0x130
[  693.826268][T15093]  ? __lock_acquire+0x15a9/0x3c40
[  693.831291][T15093]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  693.837013][T15093]  ? hlock_class+0x4e/0x130
[  693.841517][T15093]  ? __lock_acquire+0x15a9/0x3c40
[  693.846548][T15093]  ? __pfx___lock_acquire+0x10/0x10
[  693.851741][T15093]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  693.857636][T15093]  ? policy_nodemask+0xea/0x4e0
[  693.862487][T15093]  alloc_pages_mpol_noprof+0x2c9/0x610
[  693.867949][T15093]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  693.873954][T15093]  ? __pfx_lock_release+0x10/0x10
[  693.878981][T15093]  ? __pfx_lock_release+0x10/0x10
[  693.883999][T15093]  ? do_raw_spin_lock+0x12d/0x2c0
[  693.889026][T15093]  folio_alloc_mpol_noprof+0x36/0xd0
[  693.894314][T15093]  vma_alloc_folio_noprof+0xee/0x1b0
[  693.899602][T15093]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  693.905493][T15093]  ? __anon_vma_prepare+0x2e2/0x5e0
[  693.910698][T15093]  do_wp_page+0x1431/0x47c0
[  693.915211][T15093]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  693.920842][T15093]  ? __pfx_do_wp_page+0x10/0x10
[  693.925692][T15093]  ? rcu_is_watching+0x12/0xc0
[  693.930458][T15093]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  693.935829][T15093]  ? lock_acquire+0x2f/0xb0
[  693.940327][T15093]  ? __handle_mm_fault+0xdfa/0x2a40
[  693.945530][T15093]  __handle_mm_fault+0x1ade/0x2a40
[  693.950649][T15093]  ? __pfx___handle_mm_fault+0x10/0x10
[  693.956105][T15093]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  693.961747][T15093]  ? find_vma+0xc0/0x140
[  693.965986][T15093]  ? __pfx_find_vma+0x10/0x10
[  693.970658][T15093]  handle_mm_fault+0x3fa/0xaa0
[  693.975433][T15093]  do_user_addr_fault+0x7a3/0x13f0
[  693.980549][T15093]  exc_page_fault+0x5c/0xc0
[  693.985055][T15093]  asm_exc_page_fault+0x26/0x30
[  693.989903][T15093] RIP: 0010:rep_movs_alternative+0x15/0x70
[  693.995707][T15093] Code: cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84
[  694.015311][T15093] RSP: 0018:ffffc9000c2f7a98 EFLAGS: 00050202
[  694.021375][T15093] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000000004
[  694.029340][T15093] RDX: fffff5200185ef6b RSI: ffffc9000c2f7b58 RDI: 0000000020000000
[  694.037306][T15093] RBP: 0000000020000000 R08: 0000000000000000 R09: fffff5200185ef6b
[  694.045273][T15093] R10: 0000000000000003 R11: 0000000000000000 R12: ffffc9000c2f7b58
[  694.053243][T15093] R13: 0000000020000004 R14: 00007ffffffff000 R15: 0000000000000000
[  694.061226][T15093]  _copy_to_user+0xbb/0xd0
[  694.065642][T15093]  sk_getsockopt+0x10d3/0x3440
[  694.070429][T15093]  ? count_memcg_events_mm.constprop.0+0x138/0x340
[  694.076953][T15093]  ? __pfx_sk_getsockopt+0x10/0x10
[  694.082072][T15093]  ? __up_read+0x1fb/0x760
[  694.086495][T15093]  ? __pfx___up_read+0x10/0x10
[  694.091263][T15093]  ? do_user_addr_fault+0x83d/0x13f0
[  694.096548][T15093]  ? irqentry_exit+0x3b/0x90
[  694.101141][T15093]  ? lockdep_hardirqs_on+0x7c/0x110
[  694.106355][T15093]  ? rep_movs_alternative+0x13/0x70
[  694.111551][T15093]  do_sock_getsockopt+0x647/0x800
[  694.116576][T15093]  ? trace_lock_acquire+0xf0/0x1f0
[  694.121692][T15093]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  694.127235][T15093]  ? lock_acquire+0x2f/0xb0
[  694.131734][T15093]  ? __fget_files+0x40/0x3a0
[  694.136330][T15093]  ? __fget_files+0x206/0x3a0
[  694.141010][T15093]  __sys_getsockopt+0x12f/0x260
[  694.145869][T15093]  __x64_sys_getsockopt+0xbd/0x160
[  694.150973][T15093]  ? do_syscall_64+0x91/0x250
[  694.155650][T15093]  ? lockdep_hardirqs_on+0x7c/0x110
[  694.160850][T15093]  do_syscall_64+0xcd/0x250
[  694.165355][T15093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  694.171249][T15093] RIP: 0033:0x7f79b6d85d29
[  694.175665][T15093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  694.195270][T15093] RSP: 002b:00007f79b6bf9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  694.203683][T15093] RAX: ffffffffffffffda RBX: 00007f79b6f75fa0 RCX: 00007f79b6d85d29
[  694.211651][T15093] RDX: 000000000000002a RSI: 0000000000000001 RDI: 0000000000000003
[  694.219613][T15093] RBP: 00007f79b6bf9090 R08: 0000000020000000 R09: 0000000000000000
[  694.227578][T15093] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000002
[  694.235542][T15093] R13: 0000000000000000 R14: 00007f79b6f75fa0 R15: 00007fffdcb873a8
[  694.243529][T15093]  </TASK>
[  694.246592][    C0] vkms_vblank_simulate: vblank timer overrun
[  694.532546][   T29] audit: type=1400 audit(1734784505.888:53479): avc:  denied  { write } for  pid=15096 comm="syz.5.2761" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  694.625579][T15100] Cannot find add_set index 0 as target
[  695.402926][   T29] audit: type=1400 audit(1734784506.758:53480): avc:  denied  { connect } for  pid=15103 comm="syz.2.2762" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  695.422601][    C0] vkms_vblank_simulate: vblank timer overrun
[  695.462302][ T5893] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  695.472698][ T5893] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[  695.503165][ T5893] asix 5-1:0.0: probe with driver asix failed with error -71
[  695.537734][ T5893] usb 5-1: USB disconnect, device number 30
[  695.625244][T15111] syz.0.2764: attempt to access beyond end of device
[  695.625244][T15111] md0: rw=0, sector=2, nr_sectors = 1 limit=0
[  695.660882][T15111] hfs: can't find a HFS filesystem on dev md0
[  695.702348][ T5908] usb 2-1: USB disconnect, device number 41
[  695.726718][ T5908] Unregistered device Sky IT Digital Key (green led)
[  695.727728][ T5908] as10x_usb: device has been disconnected
[  697.201152][   T29] audit: type=1400 audit(1734784508.498:53481): avc:  denied  { read } for  pid=15108 comm="syz.4.2763" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  697.269107][   T29] audit: type=1400 audit(1734784508.618:53482): avc:  denied  { setopt } for  pid=15130 comm="syz.5.2771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  697.331793][T15138] netlink: 1788 bytes leftover after parsing attributes in process `syz.2.2772'.
[  697.646098][T15142] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2772'.
[  698.630751][   T29] audit: type=1400 audit(1734784509.608:53483): avc:  denied  { ioctl } for  pid=15145 comm="syz.5.2773" path="socket:[45858]" dev="sockfs" ino=45858 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  698.673307][   T29] audit: type=1400 audit(1734784510.008:53484): avc:  denied  { create } for  pid=15137 comm="syz.2.2772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  699.383653][   T29] audit: type=1400 audit(1734784510.018:53485): avc:  denied  { ioctl } for  pid=15137 comm="syz.2.2772" path="socket:[46668]" dev="sockfs" ino=46668 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  699.408701][    C0] vkms_vblank_simulate: vblank timer overrun
[  699.691008][T15156] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  699.924166][   T29] audit: type=1400 audit(1734784511.278:53486): avc:  denied  { ioctl } for  pid=15161 comm="syz.1.2776" path="socket:[45884]" dev="sockfs" ino=45884 ioctlcmd=0x8905 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  699.940997][ T5908] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  699.956992][ T5893] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  700.071311][T15172] syz.1.2779: attempt to access beyond end of device
[  700.071311][T15172] md0: rw=0, sector=2, nr_sectors = 1 limit=0
[  700.087791][T15172] hfs: can't find a HFS filesystem on dev md0
[  700.777471][ T5893] usb 6-1: Using ep0 maxpacket: 8
[  700.785519][ T5908] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  700.795717][ T5893] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  700.804153][ T5893] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  700.820155][ T5908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  700.828422][ T5893] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  700.839961][ T5908] usb 5-1: config 0 descriptor??
[  700.861064][ T5893] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  700.873434][ T5893] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  700.886946][ T5893] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  700.896117][ T5893] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  701.124584][ T5893] usb 6-1: usb_control_msg returned -32
[  701.130231][ T5893] usbtmc 6-1:16.0: can't read capabilities
[  701.191518][ T5908] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00
[  701.273469][    T8] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  701.301002][ T5863] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  701.302369][ T5908] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  701.468630][ T5863] usb 1-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  701.477706][ T5893] usb 6-1: USB disconnect, device number 23
[  701.504645][ T5908] [drm:udl_init] *ERROR* Selecting channel failed
[  701.506049][ T5863] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  701.548383][ T5863] usb 1-1: config 0 descriptor??
[  701.554078][ T5908] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2
[  701.568561][ T5863] gspca_main: spca508-2.14.0 probing 8086:0110
[  701.575089][    T8] usb 3-1: Using ep0 maxpacket: 16
[  701.580297][ T5908] [drm] Initialized udl on minor 2
[  701.588718][    T8] usb 3-1: config 0 has an invalid interface number: 251 but max is 0
[  701.597143][ T5908] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  701.605328][    T8] usb 3-1: config 0 has no interface number 0
[  701.615255][ T5908] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  701.623303][    T8] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  701.635981][ T5865] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  701.647272][ T5908] usb 5-1: USB disconnect, device number 31
[  701.653354][    T8] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  701.681354][ T5865] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  701.759397][    T8] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  701.769626][T12767] Bluetooth: hci5: command 0x0c1a tx timeout
[  701.781900][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  701.805664][    T8] usb 3-1: Product: syz
[  701.855678][    T8] usb 3-1: Manufacturer: syz
[  701.860409][    T8] usb 3-1: SerialNumber: syz
[  702.331277][ T5863] gspca_spca508: reg_read err -110
[  702.397856][    T8] usb 3-1: config 0 descriptor??
[  702.408819][T15182] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  702.435721][T15184] »»»»»» speed is unknown, defaulting to 1000
[  702.451227][T15182] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  702.539221][ T5863] gspca_spca508: reg_read err -32
[  702.549421][ T5863] gspca_spca508: reg_read err -32
[  702.554834][ T5863] gspca_spca508: reg_read err -32
[  702.560264][ T5863] gspca_spca508: reg write: error -32
[  702.565842][ T5863] spca508 1-1:0.0: probe with driver spca508 failed with error -32
[  702.731342][T15182] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  702.746140][T15182] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  703.281824][T15199] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  703.527712][    T8] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  703.537911][    T8] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -71
[  703.547822][    T8] asix 3-1:0.251: probe with driver asix failed with error -5
[  703.635153][    T8] usb 3-1: USB disconnect, device number 40
[  703.725816][   T29] audit: type=1400 audit(1734784515.048:53487): avc:  denied  { read } for  pid=15212 comm="syz.5.2789" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  703.795318][T15222] syz.5.2792: attempt to access beyond end of device
[  703.795318][T15222] md0: rw=0, sector=2, nr_sectors = 1 limit=0
[  703.812124][T15222] hfs: can't find a HFS filesystem on dev md0
[  703.990825][ T5863] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  704.183535][ T5863] usb 5-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  704.202683][ T5863] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  704.229880][ T5863] usb 5-1: config 0 descriptor??
[  704.315783][ T5863] gspca_main: spca508-2.14.0 probing 8086:0110
[  704.892421][T12767] Bluetooth: hci5: command 0x0c1a tx timeout
[  704.916132][T15218] »»»»»» speed is unknown, defaulting to 1000
[  705.037531][ T5930] usb 1-1: USB disconnect, device number 23
[  705.100814][   T25] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  705.200957][ T5863] gspca_spca508: reg_read err -110
[  705.321590][   T25] usb 6-1: Using ep0 maxpacket: 8
[  705.328664][   T25] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  705.339517][   T25] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  706.225727][ T5863] gspca_spca508: reg_read err -32
[  706.230938][   T25] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  706.241117][   T25] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  706.251149][   T25] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  706.264314][   T25] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  706.273559][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  706.282778][ T5863] gspca_spca508: reg_read err -32
[  706.288579][ T5863] gspca_spca508: reg_read err -32
[  706.296668][T15239] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  706.382215][ T5863] gspca_spca508: reg write: error -32
[  706.389664][ T5863] spca508 5-1:0.0: probe with driver spca508 failed with error -32
[  706.703484][   T25] usb 6-1: usb_control_msg returned -32
[  706.709114][   T25] usbtmc 6-1:16.0: can't read capabilities
[  706.721344][   T25] usb 6-1: USB disconnect, device number 24
[  707.912770][T15248] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  708.947130][T15254] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  708.998427][T15263] netlink: 'syz.5.2802': attribute type 1 has an invalid length.
[  709.168452][T15270] syz.0.2804: attempt to access beyond end of device
[  709.168452][T15270] md0: rw=0, sector=2, nr_sectors = 1 limit=0
[  709.186767][T15270] hfs: can't find a HFS filesystem on dev md0
[  709.771259][T15276] »»»»»» speed is unknown, defaulting to 1000
[  710.304009][T12767] Bluetooth: hci5: command 0x0c1a tx timeout
[  710.610534][   T29] audit: type=1400 audit(1734784521.068:53488): avc:  denied  { create } for  pid=15266 comm="syz.2.2805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  710.743537][   T29] audit: type=1400 audit(1734784521.108:53489): avc:  denied  { sys_admin } for  pid=15266 comm="syz.2.2805" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  710.769434][   T29] audit: type=1400 audit(1734784522.028:53490): avc:  denied  { create } for  pid=15265 comm="syz.5.2806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  712.238953][ T5863] usb 5-1: USB disconnect, device number 32
[  712.378741][   T29] audit: type=1326 audit(1734784523.728:53491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15304 comm="syz.2.2813" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0d5c585d29 code=0x0
[  712.984532][T15303] syz.5.2812 (15303): drop_caches: 2
[  712.992454][T15303] syz.5.2812 (15303): drop_caches: 2
[  713.317764][T15301] syz.1.2811 (15301) used greatest stack depth: 21360 bytes left
[  713.354997][T15323] block nbd2: shutting down sockets
[  714.065227][T15314] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  714.791439][T14506] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  714.802954][T15346] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  714.820727][T14506] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  714.848921][T15344] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  715.590815][ T5829] Bluetooth: hci5: command 0x0c1a tx timeout
[  715.794595][T15356] syz.5.2827 (15356): drop_caches: 2
[  715.821048][T15356] syz.5.2827 (15356): drop_caches: 2
[  716.079742][ T5930] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  716.140861][ T5863] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  716.480894][ T5930] usb 3-1: Using ep0 maxpacket: 32
[  716.501402][ T5930] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  716.566326][ T5863] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  716.600167][ T5930] usb 3-1: config 0 has no interface number 0
[  716.636302][ T5863] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  716.686465][ T5930] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[  716.832488][ T5863] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  716.841583][ T5930] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 8244, setting to 1024
[  716.852715][ T5930] usb 3-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  716.861799][ T5930] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  716.872469][ T5863] usb 5-1: config 0 descriptor??
[  716.878608][ T5930] usb 3-1: config 0 descriptor??
[  716.914124][ T5863] pwc: Askey VC010 type 2 USB webcam detected.
[  717.230769][ T5908] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  717.347139][ T5863] pwc: recv_control_msg error -32 req 02 val 2b00
[  717.354827][ T5863] pwc: recv_control_msg error -32 req 02 val 2700
[  717.375250][ T5863] pwc: recv_control_msg error -32 req 02 val 2c00
[  717.382243][ T5908] usb 6-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  717.391367][ T5863] pwc: recv_control_msg error -32 req 04 val 1000
[  717.391562][ T5908] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  717.406008][ T5863] pwc: recv_control_msg error -32 req 04 val 1300
[  717.414238][ T5908] usb 6-1: config 0 descriptor??
[  717.431877][ T5863] pwc: recv_control_msg error -32 req 04 val 1400
[  717.433245][ T5908] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  717.452344][ T5863] pwc: recv_control_msg error -32 req 02 val 2000
[  717.566259][ T5930] uclogic 0003:28BD:0094.0013: pen parameters not found
[  717.578244][ T5930] uclogic 0003:28BD:0094.0013: interface is invalid, ignoring
[  717.662508][ T5863] pwc: recv_control_msg error -32 req 04 val 1500
[  717.675154][ T5863] pwc: recv_control_msg error -32 req 02 val 2500
[  717.685556][ T5863] pwc: recv_control_msg error -32 req 02 val 2400
[  717.952311][T15354] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  717.967174][T15354] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  718.041260][   T29] audit: type=1400 audit(1734784529.368:53492): avc:  denied  { listen } for  pid=15353 comm="syz.4.2826" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  718.060957][    C0] vkms_vblank_simulate: vblank timer overrun
[  718.081722][ T5863] pwc: recv_control_msg error -71 req 02 val 2900
[  718.090931][   T29] audit: type=1400 audit(1734784529.368:53493): avc:  denied  { accept } for  pid=15353 comm="syz.4.2826" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  718.121018][ T5863] pwc: recv_control_msg error -71 req 02 val 2800
[  718.127793][ T5863] pwc: recv_control_msg error -71 req 04 val 1100
[  718.134502][ T5863] pwc: recv_control_msg error -71 req 04 val 1200
[  718.152870][ T5863] pwc: Registered as video103.
[  718.158477][ T5863] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input17
[  718.222623][T15373] ubi0: attaching mtd0
[  718.227077][T15373] ubi0 error: ubi_attach_mtd_dev: bad VID header (8454144) or data offsets (8454208)
[  718.393994][ T5863] usb 5-1: USB disconnect, device number 33
[  718.865588][ T5930] usb 3-1: USB disconnect, device number 41
[  719.187885][T15387] fuse: Bad value for 'fd'
[  720.792103][T15378] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  720.804781][ T5908] usb 6-1: USB disconnect, device number 25
[  721.121308][ T5829] Bluetooth: hci5: command 0x0c1a tx timeout
[  722.380789][ T5863] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  722.715050][T15406] FAULT_INJECTION: forcing a failure.
[  722.715050][T15406] name failslab, interval 1, probability 0, space 0, times 0
[  722.728242][T15406] CPU: 0 UID: 0 PID: 15406 Comm: syz.0.2837 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0
[  722.739022][T15406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  722.749084][T15406] Call Trace:
[  722.752365][T15406]  <TASK>
[  722.755304][T15406]  dump_stack_lvl+0x16c/0x1f0
[  722.759999][T15406]  should_fail_ex+0x497/0x5b0
[  722.764692][T15406]  ? fs_reclaim_acquire+0xae/0x150
[  722.769822][T15406]  should_failslab+0xc2/0x120
[  722.774512][T15406]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  722.779897][T15406]  ? alloc_empty_file+0x73/0x1e0
[  722.784851][T15406]  alloc_empty_file+0x73/0x1e0
[  722.789627][T15406]  path_openat+0xe1/0x2d60
[  722.794051][T15406]  ? hlock_class+0x4e/0x130
[  722.798567][T15406]  ? __lock_acquire+0x15a9/0x3c40
[  722.803608][T15406]  ? __pfx_path_openat+0x10/0x10
[  722.808557][T15406]  ? __pfx___lock_acquire+0x10/0x10
[  722.813763][T15406]  ? lock_acquire.part.0+0x11b/0x380
[  722.819058][T15406]  ? find_held_lock+0x2d/0x110
[  722.823838][T15406]  do_filp_open+0x20c/0x470
[  722.828352][T15406]  ? __pfx_do_filp_open+0x10/0x10
[  722.833386][T15406]  ? find_held_lock+0x2d/0x110
[  722.838184][T15406]  ? _raw_spin_unlock+0x28/0x50
[  722.843046][T15406]  ? alloc_fd+0x41f/0x760
[  722.847392][T15406]  do_sys_openat2+0x17a/0x1e0
[  722.852085][T15406]  ? __pfx_do_sys_openat2+0x10/0x10
[  722.857305][T15406]  ? __fget_files+0x206/0x3a0
[  722.861999][T15406]  __x64_sys_open+0x154/0x1e0
[  722.866692][T15406]  ? __pfx___x64_sys_open+0x10/0x10
[  722.871914][T15406]  do_syscall_64+0xcd/0x250
[  722.876437][T15406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  722.882350][T15406] RIP: 0033:0x7f3b4dd85d29
[  722.886774][T15406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  722.906404][T15406] RSP: 002b:00007f3b4eb97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  722.914837][T15406] RAX: ffffffffffffffda RBX: 00007f3b4df76080 RCX: 00007f3b4dd85d29
[  722.922815][T15406] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000440
[  722.930798][T15406] RBP: 00007f3b4eb97090 R08: 0000000000000000 R09: 0000000000000000
[  722.938781][T15406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  722.946863][T15406] R13: 0000000000000000 R14: 00007f3b4df76080 R15: 00007ffd57a122f8
[  722.954868][T15406]  </TASK>
[  722.957959][    C0] vkms_vblank_simulate: vblank timer overrun
[  723.071559][ T5863] usb 2-1: Using ep0 maxpacket: 8
[  723.152104][   T29] audit: type=1400 audit(1734784533.998:53494): avc:  denied  { unlink } for  pid=15401 comm="syz.0.2837" name="#41" dev="tmpfs" ino=3053 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  723.533775][ T5863] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  723.610790][ T5863] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  723.695991][   T29] audit: type=1400 audit(1734784533.998:53495): avc:  denied  { mount } for  pid=15401 comm="syz.0.2837" name="/" dev="overlay" ino=3047 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  723.736762][ T5863] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  723.938738][ T5863] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  723.949840][ T5863] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  723.962983][ T5863] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  723.974477][ T5863] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  724.627360][   T29] audit: type=1400 audit(1734784534.858:53496): avc:  denied  { unmount } for  pid=5823 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  724.861282][T15419] Cannot find add_set index 0 as target
[  724.894905][ T5863] usb 2-1: can't set config #16, error -71
[  724.902355][ T5863] usb 2-1: USB disconnect, device number 42
[  724.951952][T15423] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  725.404930][T15444] Cannot find add_set index 0 as target
[  726.568834][T15453] ubi0: attaching mtd0
[  726.665979][T15453] ubi0: scanning is finished
[  726.672742][T15453] ubi0: empty MTD device detected
[  726.963961][ T5829] Bluetooth: hci5: command 0x0c1a tx timeout
[  727.080969][ T5863] usb 6-1: new full-speed USB device number 26 using dummy_hcd
[  727.349437][ T5863] usb 6-1: unable to get BOS descriptor or descriptor too short
[  727.408384][ T5863] usb 6-1: not running at top speed; connect to a high speed hub
[  727.462906][ T5863] usb 6-1: config 4 has an invalid interface number: 111 but max is 0
[  727.508894][ T5863] usb 6-1: config 4 has no interface number 0
[  727.545105][ T5863] usb 6-1: config 4 interface 111 has no altsetting 0
[  727.591633][T15465] SET target dimension over the limit!
[  727.598369][ T5863] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=44.99
[  727.642234][ T5863] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  727.687054][ T5863] usb 6-1: Product: syz
[  727.720977][ T5863] usb 6-1: Manufacturer: syz
[  727.724821][T15453] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[  727.750856][ T5863] usb 6-1: SerialNumber: syz
[  728.174327][ T5908] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  728.997330][T15448] syzkaller1: entered promiscuous mode
[  729.001799][    C0] ------------[ cut here ]------------
[  729.003316][T15448] syzkaller1: entered allmulticast mode
[  729.008319][    C0] WARNING: CPU: 0 PID: 15470 at net/mac80211/tx.c:5040 __ieee80211_beacon_get+0x14ac/0x16b0
[  729.008375][    C0] Modules linked in:
[  729.027980][    C0] CPU: 0 UID: 0 PID: 15470 Comm: syz.1.2856 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0
[  729.040999][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  729.041019][    C0] RIP: 0010:__ieee80211_beacon_get+0x14ac/0x16b0
[  729.041063][    C0] Code: 00 89 df 44 89 e6 e8 a3 44 ee f6 44 38 e3 72 a1 e8 79 43 ee f6 48 89 ef e8 21 16 46 f7 31 ed e9 9c fe ff ff e8 65 43 ee f6 90 <0f> 0b 90 e9 86 f6 ff ff 48 89 c6 48 c7 c7 60 21 2d 90 48 89 04 24
[  729.041096][    C0] RSP: 0000:ffffc90000007b70 EFLAGS: 00010246
[  729.041122][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8aabc872
[  729.041141][    C0] RDX: ffff88802687c880 RSI: ffffffff8aabd1eb RDI: 0000000000000001
[  729.041161][    C0] RBP: ffffc90000007c20 R08: 0000000000000001 R09: 0000000000000000
[  729.041180][    C0] R10: 0000000000000000 R11: 0000000000000002 R12: ffff88806136b400
[  729.041198][    C0] R13: 0000000000000041 R14: ffff888021f64d80 R15: ffff888021f669d0
[  729.041217][    C0] FS:  00007ff6b326a6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  729.041245][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  729.041265][    C0] CR2: 0000000020404030 CR3: 0000000054528000 CR4: 00000000003526f0
[  729.041284][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  729.041301][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  729.041320][    C0] Call Trace:
[  729.041330][    C0]  <IRQ>
[  729.041342][    C0]  ? __warn+0xea/0x3c0
[  729.041372][    C0]  ? __ieee80211_beacon_get+0x14ac/0x16b0
[  729.041416][    C0]  ? report_bug+0x3c0/0x580
[  729.041453][    C0]  ? handle_bug+0x54/0xa0
[  729.041489][    C0]  ? exc_invalid_op+0x17/0x50
[  729.041526][    C0]  ? asm_exc_invalid_op+0x1a/0x20
[  729.041570][    C0]  ? __ieee80211_beacon_get+0xb32/0x16b0
[  729.041609][    C0]  ? __ieee80211_beacon_get+0x14ab/0x16b0
[  729.041650][    C0]  ? __ieee80211_beacon_get+0x14ac/0x16b0
[  729.041703][    C0]  ieee80211_beacon_get_tim+0xa7/0x280
[  729.041747][    C0]  ? __pfx_ieee80211_beacon_get_tim+0x10/0x10
[  729.041788][    C0]  ? psi_trigger_destroy+0x320/0x9d0
[  729.041823][    C0]  mac80211_hwsim_beacon_tx+0x4ea/0xa10
[  729.041858][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  729.041890][    C0]  ? rcu_is_watching+0x12/0xc0
[  729.041930][    C0]  __iterate_interfaces+0x2e5/0x640
[  729.041969][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  729.042003][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  729.042034][    C0]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  729.042074][    C0]  ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0
[  729.042123][    C0]  mac80211_hwsim_beacon+0x105/0x200
[  729.042164][    C0]  __hrtimer_run_queues+0x20a/0xae0
[  729.042210][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  729.042245][    C0]  ? read_tsc+0x9/0x20
[  729.042289][    C0]  hrtimer_run_softirq+0x17d/0x350
[  729.042329][    C0]  handle_softirqs+0x213/0x8f0
[  729.042368][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  729.042408][    C0]  __irq_exit_rcu+0x109/0x170
[  729.042440][    C0]  irq_exit_rcu+0x9/0x30
[  729.042470][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  729.042502][    C0]  </IRQ>
[  729.042513][    C0]  <TASK>
[  729.042525][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  729.042564][    C0] RIP: 0010:lock_acquire.part.0+0x155/0x380
[  729.042596][    C0] Code: b8 ff ff ff ff 65 0f c1 05 90 c2 8b 7e 83 f8 01 0f 85 d0 01 00 00 9c 58 f6 c4 02 0f 85 e5 01 00 00 48 85 ed 0f 85 b6 01 00 00 <48> b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7
[  729.042623][    C0] RSP: 0000:ffffc90003e9fbb8 EFLAGS: 00000206
[  729.042646][    C0] RAX: 0000000000000046 RBX: 1ffff920007d3f78 RCX: ffffffff8175d0de
[  729.042666][    C0] RDX: 0000000000000001 RSI: ffffffff8b6cdb60 RDI: ffffffff8bd1eba0
[  729.042684][    C0] RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff2dca39f
[  729.042702][    C0] R10: ffffffff96e51cff R11: 0000000000000000 R12: 0000000000000000
[  729.042721][    C0] R13: ffff8880794f4620 R14: 0000000000000000 R15: 0000000000000000
[  729.042747][    C0]  ? hlock_class+0x4e/0x130
[  729.042791][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  729.042823][    C0]  ? rcu_is_watching+0x12/0xc0
[  729.042857][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  729.042897][    C0]  ? __might_fault+0xe3/0x190
[  729.042935][    C0]  ? lock_acquire+0x2f/0xb0
[  729.042962][    C0]  ? __might_fault+0xe3/0x190
[  729.042997][    C0]  ? __might_fault+0xe3/0x190
[  729.043033][    C0]  __might_fault+0x11b/0x190
[  729.043067][    C0]  ? __might_fault+0xe3/0x190
[  729.043109][    C0]  do_recvmmsg+0x321/0x740
[  729.043143][    C0]  ? __pfx_do_recvmmsg+0x10/0x10
[  729.043192][    C0]  ? __pfx___schedule+0x10/0x10
[  729.043223][    C0]  ? __x64_sys_futex+0x1e1/0x4c0
[  729.043254][    C0]  __x64_sys_recvmmsg+0x239/0x290
[  729.043285][    C0]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  729.043322][    C0]  do_syscall_64+0xcd/0x250
[  729.043357][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.043391][    C0] RIP: 0033:0x7ff6b2385d29
[  729.043413][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  729.043439][    C0] RSP: 002b:00007ff6b326a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  729.043466][    C0] RAX: ffffffffffffffda RBX: 00007ff6b2576080 RCX: 00007ff6b2385d29
[  729.043486][    C0] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000004
[  729.043504][    C0] RBP: 00007ff6b2401aa8 R08: 0000000000000000 R09: 0000000000000000
[  729.043523][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  729.043540][    C0] R13: 0000000000000000 R14: 00007ff6b2576080 R15: 00007ffcf9444d68
[  729.043574][    C0]  </TASK>
[  729.043589][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  729.043604][    C0] CPU: 0 UID: 0 PID: 15470 Comm: syz.1.2856 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0
[  729.043636][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  729.043652][    C0] Call Trace:
[  729.043660][    C0]  <IRQ>
[  729.043669][    C0]  dump_stack_lvl+0x3d/0x1f0
[  729.043703][    C0]  panic+0x71d/0x800
[  729.043738][    C0]  ? __pfx_panic+0x10/0x10
[  729.043774][    C0]  ? show_trace_log_lvl+0x29d/0x3d0
[  729.043811][    C0]  ? check_panic_on_warn+0x1f/0xb0
[  729.043836][    C0]  ? __ieee80211_beacon_get+0x14ac/0x16b0
[  729.043876][    C0]  check_panic_on_warn+0xab/0xb0
[  729.043902][    C0]  __warn+0xf6/0x3c0
[  729.043926][    C0]  ? __ieee80211_beacon_get+0x14ac/0x16b0
[  729.043967][    C0]  report_bug+0x3c0/0x580
[  729.044002][    C0]  handle_bug+0x54/0xa0
[  729.044037][    C0]  exc_invalid_op+0x17/0x50
[  729.044074][    C0]  asm_exc_invalid_op+0x1a/0x20
[  729.044112][    C0] RIP: 0010:__ieee80211_beacon_get+0x14ac/0x16b0
[  729.044154][    C0] Code: 00 89 df 44 89 e6 e8 a3 44 ee f6 44 38 e3 72 a1 e8 79 43 ee f6 48 89 ef e8 21 16 46 f7 31 ed e9 9c fe ff ff e8 65 43 ee f6 90 <0f> 0b 90 e9 86 f6 ff ff 48 89 c6 48 c7 c7 60 21 2d 90 48 89 04 24
[  729.044180][    C0] RSP: 0000:ffffc90000007b70 EFLAGS: 00010246
[  729.044202][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8aabc872
[  729.044220][    C0] RDX: ffff88802687c880 RSI: ffffffff8aabd1eb RDI: 0000000000000001
[  729.044238][    C0] RBP: ffffc90000007c20 R08: 0000000000000001 R09: 0000000000000000
[  729.044256][    C0] R10: 0000000000000000 R11: 0000000000000002 R12: ffff88806136b400
[  729.044273][    C0] R13: 0000000000000041 R14: ffff888021f64d80 R15: ffff888021f669d0
[  729.044300][    C0]  ? __ieee80211_beacon_get+0xb32/0x16b0
[  729.044340][    C0]  ? __ieee80211_beacon_get+0x14ab/0x16b0
[  729.044393][    C0]  ieee80211_beacon_get_tim+0xa7/0x280
[  729.044435][    C0]  ? __pfx_ieee80211_beacon_get_tim+0x10/0x10
[  729.044476][    C0]  ? psi_trigger_destroy+0x320/0x9d0
[  729.044510][    C0]  mac80211_hwsim_beacon_tx+0x4ea/0xa10
[  729.044545][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  729.044576][    C0]  ? rcu_is_watching+0x12/0xc0
[  729.044615][    C0]  __iterate_interfaces+0x2e5/0x640
[  729.044652][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  729.044686][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  729.044717][    C0]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  729.044755][    C0]  ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0
[  729.044798][    C0]  mac80211_hwsim_beacon+0x105/0x200
[  729.044839][    C0]  __hrtimer_run_queues+0x20a/0xae0
[  729.044884][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  729.044918][    C0]  ? read_tsc+0x9/0x20
[  729.044962][    C0]  hrtimer_run_softirq+0x17d/0x350
[  729.045002][    C0]  handle_softirqs+0x213/0x8f0
[  729.045039][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  729.045078][    C0]  __irq_exit_rcu+0x109/0x170
[  729.045114][    C0]  irq_exit_rcu+0x9/0x30
[  729.045145][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  729.045177][    C0]  </IRQ>
[  729.045186][    C0]  <TASK>
[  729.045196][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  729.045233][    C0] RIP: 0010:lock_acquire.part.0+0x155/0x380
[  729.045264][    C0] Code: b8 ff ff ff ff 65 0f c1 05 90 c2 8b 7e 83 f8 01 0f 85 d0 01 00 00 9c 58 f6 c4 02 0f 85 e5 01 00 00 48 85 ed 0f 85 b6 01 00 00 <48> b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7
[  729.045290][    C0] RSP: 0000:ffffc90003e9fbb8 EFLAGS: 00000206
[  729.045311][    C0] RAX: 0000000000000046 RBX: 1ffff920007d3f78 RCX: ffffffff8175d0de
[  729.045330][    C0] RDX: 0000000000000001 RSI: ffffffff8b6cdb60 RDI: ffffffff8bd1eba0
[  729.045348][    C0] RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff2dca39f
[  729.045367][    C0] R10: ffffffff96e51cff R11: 0000000000000000 R12: 0000000000000000
[  729.045385][    C0] R13: ffff8880794f4620 R14: 0000000000000000 R15: 0000000000000000
[  729.045411][    C0]  ? hlock_class+0x4e/0x130
[  729.045455][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  729.045486][    C0]  ? rcu_is_watching+0x12/0xc0
[  729.045522][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  729.045561][    C0]  ? __might_fault+0xe3/0x190
[  729.045596][    C0]  ? lock_acquire+0x2f/0xb0
[  729.045623][    C0]  ? __might_fault+0xe3/0x190
[  729.045658][    C0]  ? __might_fault+0xe3/0x190
[  729.045693][    C0]  __might_fault+0x11b/0x190
[  729.045727][    C0]  ? __might_fault+0xe3/0x190
[  729.045769][    C0]  do_recvmmsg+0x321/0x740
[  729.045800][    C0]  ? __pfx_do_recvmmsg+0x10/0x10
[  729.045847][    C0]  ? __pfx___schedule+0x10/0x10
[  729.045877][    C0]  ? __x64_sys_futex+0x1e1/0x4c0
[  729.045906][    C0]  __x64_sys_recvmmsg+0x239/0x290
[  729.045937][    C0]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  729.045975][    C0]  do_syscall_64+0xcd/0x250
[  729.046012][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.046047][    C0] RIP: 0033:0x7ff6b2385d29
[  729.046068][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  729.046098][    C0] RSP: 002b:00007ff6b326a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  729.046124][    C0] RAX: ffffffffffffffda RBX: 00007ff6b2576080 RCX: 00007ff6b2385d29
[  729.046144][    C0] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000004
[  729.046160][    C0] RBP: 00007ff6b2401aa8 R08: 0000000000000000 R09: 0000000000000000
[  729.046177][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  729.046194][    C0] R13: 0000000000000000 R14: 00007ff6b2576080 R15: 00007ffcf9444d68
[  729.046228][    C0]  </TASK>
[  729.046467][    C0] Kernel Offset: disabled