last executing test programs:

22.827347953s ago: executing program 0 (id=1741):
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x321040, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r1, &(0x7f0000000000), 0x10)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000040)={0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
futex(0x0, 0x0, 0x0, &(0x7f00000005c0), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240), 0x0})
ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, 0x0)
connect$llc(r1, &(0x7f0000000340)={0x1a, 0x337, 0x0, 0x0, 0x0, 0x0, @multicast}, 0x10)
r6 = syz_init_net_socket$llc(0x1a, 0x802, 0x0)
bind$llc(0xffffffffffffffff, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x3e}, 0x10)
ioctl$F2FS_IOC_SET_PIN_FILE(r6, 0x4004f50d, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000540)={0x50, 0x0, 0x0, {0x7, 0x28, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x40}}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={0xffffffffffffffff, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}, 0x50)
close_range(0xffffffffffffffff, r0, 0x2)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000240), &(0x7f0000000300)=[&(0x7f0000000280)='\x00'])

21.923659435s ago: executing program 0 (id=1746):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_mreq(r1, 0x29, 0x0, 0x0, &(0x7f00000000c0))
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
r2 = memfd_create(0x0, 0x0)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000040))
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080))
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000040)={0xb000001c})
epoll_pwait(r6, &(0x7f0000000180)=[{}], 0x1, 0xa2c, 0x0, 0x0)
epoll_pwait(r6, &(0x7f00000000c0), 0x0, 0xfff, 0x0, 0x0)
close(r4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x12, r2, 0x0)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r7, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xf8, 0x0, 0x0, 0x0, 0x8}, 0xe)

20.216467352s ago: executing program 0 (id=1755):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000003c0)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
syz_open_dev$video4linux(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioctl$IOCTL_STOP_ACCEL_DEV(0xffffffffffffffff, 0x40046104, &(0x7f0000000240))
r7 = syz_open_dev$dri(&(0x7f00000005c0), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000000)={0x2, 0x52b, 0x3})

19.238456431s ago: executing program 0 (id=1756):
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x321040, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r1, &(0x7f0000000000), 0x10)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000040)={0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
futex(0x0, 0x0, 0x0, &(0x7f00000005c0), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240), 0x0})
ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, 0x0)
connect$llc(r1, &(0x7f0000000340)={0x1a, 0x337, 0x0, 0x0, 0x0, 0x0, @multicast}, 0x10)
r6 = syz_init_net_socket$llc(0x1a, 0x802, 0x0)
bind$llc(0xffffffffffffffff, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x3e}, 0x10)
ioctl$F2FS_IOC_SET_PIN_FILE(r6, 0x4004f50d, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000540)={0x50, 0x0, 0x0, {0x7, 0x28, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x40}}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={0xffffffffffffffff, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}, 0x50)
close_range(0xffffffffffffffff, r0, 0x2)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000240), &(0x7f0000000300)=[&(0x7f0000000280)='\x00'])

18.350378986s ago: executing program 0 (id=1759):
r0 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000030000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
socket$packet(0x11, 0x3, 0x300)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r5, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000540)}, {&(0x7f0000000140)="383f64d83a04ee94219d9e4b8a44c8e7a53731d262650dafe882ea140e87627ec5dd5f81b76d17515400000000000000", 0x30}, {&(0x7f0000000d40)="54af385182a9a5123acb61176f6963465d6ab5682a206237d7af45361a2191caf6d91fe5d0df0977dbd25f681088d9376f204016738af11e3e512c5204ba4110ab10a9fe2c5d7c1178abe58c351cbe841b155e1d826b9a0db6e1d4a94bf37e749c67f3b4bda42589345e41b45c799ed834c5385d5d88d9691bcb72335b1b6d261cac83d45c45865c8d0f76b7aec2595de76ad6b86c019934d05d4066d3ddcff32297c0bf3098d239ccc652eacdbe6405a90b9410e71c86dffcf717b8e85083120748420393b30117517a4ed739f4f3f3d4a91aa10fda0ddd5b95976e2d8aabdc076b3dd5cf2f653fdbbf16270576d75a2d2183f7f4050b6d52fc5fe10767de69be2889aeba825968628d57dc6c639d1f974cebf5d8ae3614e3bcf61172cffabbb4073b323d0acd61cb867aa47ca034b62ec2233af65d03f368c417c36206c4a8925cb38b00dc83aa46b327f6c7784b67e520fa692548bad4d48e05db2203c681f3f04c45c43baebb0e9454030f3589290e3be7170048b8168714cb8a26c1c9a1395f5b173376f82bc2fff2c235d1590a167427efab17c41809dbcffafbb1f95664bd1dfc71fe6c8f3f81012fbbf0a9bb6ea65d2ffb70e007687081bda648219b47be035e00df120af48fd4b544618eabf84d74ba28ab6a80e285703f5553ad9cbbeb8b6ba08abb9f4ddbcc6e2b25d09a650fc9e1aeaeec62ae1fd4b538dc66356e35df809482f48b52f161cd333266565cc3a11a99bcd5593b6d207f7033d8b8db95e4f845fdf2bcad80e5d84250230a666f84e6a5586faa70fff672edbd3f8a22b7d2bc6a09aadc09dc0180c683bb2e3dbd1e34f9c17cbbaf751454a3be28a0171d717d13ca5af49f35a67445864923eba85876652772866a53cb6f24a00080032d21b8f70ac094e8e67ddc13fff938c17975cfa12594367dee51f67c77e2051abf72534d27283dc4ef680417b936146bc2da9f680c0c2271132b4c2239644623615b1ad320f91465aa24dd3644215661801c61e6d9482dd666c22fd0b288ab587c22d0ffae07f88f583d1f02aeb0950691a3f76c3abe8cfd8d429f4bfa19f23226cff97a80e7b929000aa1739ce110410346c69c1b61f1836aa94a1db6446d9e9ec735cd9ad326d3894459736326ac61f537f4d253da4d5145ee1363ee2d2a75a44453160b974b6a8627fce9c4186daba6afc7c17676fdd869be09e8a4ed7a57c76bd8b65229de49075280b841debfec02134a2b4ade3db1964718434042fe2b27db968133883e0ce5f8470f58572e4227681715fafe295900aae0e2d7a88b95750575ab25cfdbeaa4e5196ec8dec7251529979b07fcfccbc9ca8b07dd3b2905b7079fda17c71ab7c6163a82ac6372820b795b628c36812931354a9e00e55ab5bc9750d7df050a2cc828f70129bc9e1f806ccde7c4c611d35f5338d0fb041452238e15f6d9cafe0effbdfd90f5b687998f55ca6a5a885029aabdb0e9953828ce446147a6af255580581feeacac623dbb1359efe0381ab5ac44c99aac21ffe197ec61d87e8ef327281db31a383388933a3e85f302036e466a3e3c5fd84ff986a28b26444ab502c8ee3a36f13b4efa493df9e104948bac644c6986c2b390f9ba55d1fb59471d068cbe976f8a69674aa86eaf0e81eef0def93d0257e5044ee37ae615e3d220c0d607055a8070649e05e549b3a9fe3727e17f51fef989d79668f5e597923c62f6fc9c32723e0f11510027d25e2e6dc64c9d326e82353bdb822c66a0a3c3706623201e68a60d484a9839a7d32b8b38756b1682f97ebfa56ee32ed65d92d3baf410028a003b646af2061070d72cc3f62102fb3b11394bdf37f53bdae9f4a928ea636eedfa4e87f4f40aeb99a8eba54821efddfcbc4288f0a03457bbbadde3599de830aa0ee963cb495cb606723be4cd123d1af1b56abdfe155226bab90a380073eabc974675dfb0fbba5f3b89e952c25faba68533978554a77fbc99e7052eaf9e68b280ee91c3fa26da3c5bb08cc5cdac226a58d1adaad2789792bf4db302248d863b487f65fe40a91cbb8f2095dca44996bdaf70c364681451185cadb48c605160062a86a37fb2cbb65655f8f8e1bd864133ad33798b824f53502c4eaef4b0a14f8aa91766ca449433b16e8e08bad96a644c7a1e1286f01ff324ce1dd9a1375e45470127de982e6d4daa54ec872a6ec1f10cce53cbc66c472d301628dfcc9d0de91db3012874ce8b9a68bde562500cb521e5981f309926f5da65a1563f3b7d2826f90ac5e53a891a5cd2773b26aacb1d63f9040a612234c74e7108290150dba6dc3c28f072684ef3ccdabf490fd4a25afb3ae6410425c94533e32e7feb30f871840126de538631000abd78ac41f40ee8b91d5ec4b72b701b25bbd4481164445c9f49937684c8e206012accfed3a60527fbcca686bbc4d790a3a35e1a46d9275a4c5fabeaa7b49fb70f9b55558eb920ecfdc552940d653242c570ab27f35128db8dcdf244a203f4e99afcbedb5c2fe2a07f48c8ab6f4bce9277ad978471dbdb99416c51d59f83eb8e25d86d81c7d7d85e3fc498ff20686fc5d6438feb7ec38c65be8d3f4091dbd8be48540274574c93eaaa1b8b3636645051b7010861a9d3b62fd6404d3e2c78e3be2e8239cce278b0e93ea9f389848aa96c483330090ee09fdb20eefa406ecc143bd7be4835edf772dea2184d623b519f432fa6c4b3f337bf06c9e93534c9f91ad331cd8b19253352e74f81be696643266658c57756909a92f718642c48288374cdd12c2e102cdf77827690fffe3483dd352dbbe4d637d319efe493121b666bc091efde2d486d0938d201d293436ffc5c1f73a9825b843e58899e7eb4e357078b0c7f202038ecc1fe4a46e59e9fee757b8c7b5a4972de81bc69dcc8c82eaaaff5eb4e06ce", 0x810}], 0x3}}], 0x1, 0x40440c1)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000080)=@loop={'/dev/loop', 0x0}, &(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='erofs\x00', 0x0, 0x0)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
sendto$inet(r5, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
r6 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)={{0x12, 0x1, 0x0, 0x5f, 0x2a, 0xb4, 0x20, 0xc72, 0xd, 0x279b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xdb, 0xa2, 0x92}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r6, 0x0, &(0x7f0000000840)={0x44, &(0x7f00000005c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

14.85410734s ago: executing program 1 (id=1765):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_mreq(r1, 0x29, 0x0, 0x0, &(0x7f00000000c0))
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
r2 = memfd_create(0x0, 0x0)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000040))
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080))
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000040)={0xb000001c})
epoll_pwait(r6, &(0x7f0000000180)=[{}], 0x1, 0xa2c, 0x0, 0x0)
epoll_pwait(r6, &(0x7f00000000c0), 0x0, 0xfff, 0x0, 0x0)
close(r4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x12, r2, 0x0)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r7, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xf8, 0x0, 0x0, 0x0, 0x8}, 0xe)

14.794708467s ago: executing program 0 (id=1767):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_CLOSE(r2, 0x40086410, &(0x7f0000000080))
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
read$alg(r1, &(0x7f0000000080)=""/16, 0x10)
recvmmsg(r1, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000080), 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010100000100000000000200fffc0900010073797a30000000000800024000000001cc000000030a0102000000000000000002000000090001"], 0x1e4}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
io_uring_setup(0x0, 0x0)
r7 = syz_open_dev$vim2m(&(0x7f0000000140), 0x10001, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54d24f15247423360608d70566e425a6c36af37b33fac9d31c8a9c7044410d324b03e044e454d2092a62fea8f13441431ce248bfc73a6726ee61ba491d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d15ea05e97ed3dcad452db6e08a991e2c78b057f55de7fdeba7411ce65700c0a1ad7946ff7c355db87566e3e5abb7a37a06731ed19ddfa970bb58a27fd9fa194c092730319"})
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="14000000000000000000000001000000fbffffff0000000014000000000000000000000001000000000000000000000014000000000000000000000001000000020000000000000014000000000000000000000001000000ba00000000000000110000000000000000000000010000001f000000000000003800000000000000000000000700000007095b2bc86267c9e9880ee75253b3dfa365cedc7bfa0e860effffffff05088a6a42efef478903641400000000000000000000000100"], 0x170}}], 0x1, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

12.625216159s ago: executing program 1 (id=1776):
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x216243)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000200)={0x1, 0x0, 0x0, 0xb7d375beb1f4ba0d})
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240))
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VIDIOC_QUERYCTRL(r5, 0xc0445624, &(0x7f0000000100)={0x7ffffff, 0x0, "7eb07d82287af45095b338f9ebf9b45c9041dbac2c227be9b033f71f8edccf09"})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, 0x0)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, 0x0)

12.490818725s ago: executing program 4 (id=1777):
r0 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000030000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
socket$packet(0x11, 0x3, 0x300)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r5, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000540)}, {&(0x7f0000000140)="383f64d83a04ee94219d9e4b8a44c8e7a53731d262650dafe882ea140e87627ec5dd5f81b76d17515400000000000000", 0x30}, {&(0x7f0000000d40)="54af385182a9a5123acb61176f6963465d6ab5682a206237d7af45361a2191caf6d91fe5d0df0977dbd25f681088d9376f204016738af11e3e512c5204ba4110ab10a9fe2c5d7c1178abe58c351cbe841b155e1d826b9a0db6e1d4a94bf37e749c67f3b4bda42589345e41b45c799ed834c5385d5d88d9691bcb72335b1b6d261cac83d45c45865c8d0f76b7aec2595de76ad6b86c019934d05d4066d3ddcff32297c0bf3098d239ccc652eacdbe6405a90b9410e71c86dffcf717b8e85083120748420393b30117517a4ed739f4f3f3d4a91aa10fda0ddd5b95976e2d8aabdc076b3dd5cf2f653fdbbf16270576d75a2d2183f7f4050b6d52fc5fe10767de69be2889aeba825968628d57dc6c639d1f974cebf5d8ae3614e3bcf61172cffabbb4073b323d0acd61cb867aa47ca034b62ec2233af65d03f368c417c36206c4a8925cb38b00dc83aa46b327f6c7784b67e520fa692548bad4d48e05db2203c681f3f04c45c43baebb0e9454030f3589290e3be7170048b8168714cb8a26c1c9a1395f5b173376f82bc2fff2c235d1590a167427efab17c41809dbcffafbb1f95664bd1dfc71fe6c8f3f81012fbbf0a9bb6ea65d2ffb70e007687081bda648219b47be035e00df120af48fd4b544618eabf84d74ba28ab6a80e285703f5553ad9cbbeb8b6ba08abb9f4ddbcc6e2b25d09a650fc9e1aeaeec62ae1fd4b538dc66356e35df809482f48b52f161cd333266565cc3a11a99bcd5593b6d207f7033d8b8db95e4f845fdf2bcad80e5d84250230a666f84e6a5586faa70fff672edbd3f8a22b7d2bc6a09aadc09dc0180c683bb2e3dbd1e34f9c17cbbaf751454a3be28a0171d717d13ca5af49f35a67445864923eba85876652772866a53cb6f24a00080032d21b8f70ac094e8e67ddc13fff938c17975cfa12594367dee51f67c77e2051abf72534d27283dc4ef680417b936146bc2da9f680c0c2271132b4c2239644623615b1ad320f91465aa24dd3644215661801c61e6d9482dd666c22fd0b288ab587c22d0ffae07f88f583d1f02aeb0950691a3f76c3abe8cfd8d429f4bfa19f23226cff97a80e7b929000aa1739ce110410346c69c1b61f1836aa94a1db6446d9e9ec735cd9ad326d3894459736326ac61f537f4d253da4d5145ee1363ee2d2a75a44453160b974b6a8627fce9c4186daba6afc7c17676fdd869be09e8a4ed7a57c76bd8b65229de49075280b841debfec02134a2b4ade3db1964718434042fe2b27db968133883e0ce5f8470f58572e4227681715fafe295900aae0e2d7a88b95750575ab25cfdbeaa4e5196ec8dec7251529979b07fcfccbc9ca8b07dd3b2905b7079fda17c71ab7c6163a82ac6372820b795b628c36812931354a9e00e55ab5bc9750d7df050a2cc828f70129bc9e1f806ccde7c4c611d35f5338d0fb041452238e15f6d9cafe0effbdfd90f5b687998f55ca6a5a885029aabdb0e9953828ce446147a6af255580581feeacac623dbb1359efe0381ab5ac44c99aac21ffe197ec61d87e8ef327281db31a383388933a3e85f302036e466a3e3c5fd84ff986a28b26444ab502c8ee3a36f13b4efa493df9e104948bac644c6986c2b390f9ba55d1fb59471d068cbe976f8a69674aa86eaf0e81eef0def93d0257e5044ee37ae615e3d220c0d607055a8070649e05e549b3a9fe3727e17f51fef989d79668f5e597923c62f6fc9c32723e0f11510027d25e2e6dc64c9d326e82353bdb822c66a0a3c3706623201e68a60d484a9839a7d32b8b38756b1682f97ebfa56ee32ed65d92d3baf410028a003b646af2061070d72cc3f62102fb3b11394bdf37f53bdae9f4a928ea636eedfa4e87f4f40aeb99a8eba54821efddfcbc4288f0a03457bbbadde3599de830aa0ee963cb495cb606723be4cd123d1af1b56abdfe155226bab90a380073eabc974675dfb0fbba5f3b89e952c25faba68533978554a77fbc99e7052eaf9e68b280ee91c3fa26da3c5bb08cc5cdac226a58d1adaad2789792bf4db302248d863b487f65fe40a91cbb8f2095dca44996bdaf70c364681451185cadb48c605160062a86a37fb2cbb65655f8f8e1bd864133ad33798b824f53502c4eaef4b0a14f8aa91766ca449433b16e8e08bad96a644c7a1e1286f01ff324ce1dd9a1375e45470127de982e6d4daa54ec872a6ec1f10cce53cbc66c472d301628dfcc9d0de91db3012874ce8b9a68bde562500cb521e5981f309926f5da65a1563f3b7d2826f90ac5e53a891a5cd2773b26aacb1d63f9040a612234c74e7108290150dba6dc3c28f072684ef3ccdabf490fd4a25afb3ae6410425c94533e32e7feb30f871840126de538631000abd78ac41f40ee8b91d5ec4b72b701b25bbd4481164445c9f49937684c8e206012accfed3a60527fbcca686bbc4d790a3a35e1a46d9275a4c5fabeaa7b49fb70f9b55558eb920ecfdc552940d653242c570ab27f35128db8dcdf244a203f4e99afcbedb5c2fe2a07f48c8ab6f4bce9277ad978471dbdb99416c51d59f83eb8e25d86d81c7d7d85e3fc498ff20686fc5d6438feb7ec38c65be8d3f4091dbd8be48540274574c93eaaa1b8b3636645051b7010861a9d3b62fd6404d3e2c78e3be2e8239cce278b0e93ea9f389848aa96c483330090ee09fdb20eefa406ecc143bd7be4835edf772dea2184d623b519f432fa6c4b3f337bf06c9e93534c9f91ad331cd8b19253352e74f81be696643266658c57756909a92f718642c48288374cdd12c2e102cdf77827690fffe3483dd352dbbe4d637d319efe493121b666bc091efde2d486d0938d201d293436ffc5c1f73a9825b843e58899e7eb4e357078b0c7f202038ecc1fe4a46e59e9fee757b8c7b5a4972de81bc69dcc8c82eaaaff5eb4e06ce", 0x810}], 0x3}}], 0x1, 0x40440c1)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000080)=@loop={'/dev/loop', 0x0}, &(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='erofs\x00', 0x0, 0x0)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
sendto$inet(r5, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
r6 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)={{0x12, 0x1, 0x0, 0x5f, 0x2a, 0xb4, 0x20, 0xc72, 0xd, 0x279b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xdb, 0xa2, 0x92}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r6, 0x0, &(0x7f0000000840)={0x44, &(0x7f00000005c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

11.646191165s ago: executing program 1 (id=1779):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_ERRQUEUE(0xffffffffffffffff, 0x6b, 0x4, &(0x7f0000000000)=0x1, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f000000a400)={0x2020}, 0x2020)
close_range(r2, 0xffffffffffffffff, 0x0)

8.765208051s ago: executing program 1 (id=1785):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000200), 0x8)
connect$bt_sco(r0, &(0x7f0000000240)={0x1f, @fixed}, 0x8) (fail_nth: 2)

8.201092122s ago: executing program 4 (id=1788):
socket$vsock_stream(0x28, 0x1, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r0)
socket$nl_netfilter(0x10, 0x3, 0xc)
epoll_create1(0x0)
r1 = socket(0x10, 0x80002, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
epoll_create1(0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240))
r4 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
write$binfmt_elf64(r4, &(0x7f0000000700)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003003e00000000000000000000000000400000000000000000000000000000000000000000003800020000000000000003000000000000000000000000000000000000000000000007000002000000000101"], 0xb0)
close(r4)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendmsg$NL80211_CMD_DEL_INTERFACE(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x0, 0x933, 0x70bd25, 0x25dfdbfb, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x24008804}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001ac0)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x44}}, 0x0)

7.83486406s ago: executing program 4 (id=1789):
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x216243)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000200)={0x1, 0x0, 0x0, 0xb7d375beb1f4ba0d})
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240))
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VIDIOC_QUERYCTRL(r5, 0xc0445624, &(0x7f0000000100)={0x7ffffff, 0x0, "7eb07d82287af45095b338f9ebf9b45c9041dbac2c227be9b033f71f8edccf09"})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, 0x0)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, 0x0)

6.855076124s ago: executing program 1 (id=1791):
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x0, 0x100}})
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f00000000c0), 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000000440)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f00000001c0)='./bus\x00')
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x2000, 0x103)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r1, &(0x7f0000000400)={0x10, 0x30, 0xfa00, {&(0x7f00000003c0)={<r4=>0xffffffffffffffff}, 0x1, {0xa, 0x4e24, 0x0, @mcast2, 0x101}}}, 0x38)
write$RDMA_USER_CM_CMD_LEAVE_MCAST(r1, &(0x7f00000005c0)={0x11, 0x10, 0xfa00, {&(0x7f0000000340), r4}}, 0x18)
sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000006c0)=ANY=[@ANYRESOCT=r2, @ANYRESHEX=r3, @ANYRES16=r0, @ANYRESOCT=r3, @ANYRES32=r0, @ANYBLOB="8f861ade7a03dbd278a196d2e2e42abcbe11cd42b0cbfbe9ae8982b0de7bd1b9afa114c631becbc9133d5216dbe27012c615db77d8bd2ee652bbbfe4a53719c6bf021ae93911b0f81f6c8c175cb1922e50862738734b58a524a276fe782afb267918420880302c9b711c0cffd36ebfe464fea2a173c584cfc499b8a6879cea89b2c5611da94f4f57cded62d70784946b08f816d16ae221e4c84ce1c7fa7865ada630ddf409c324398ea01b1fd2d87a691f"], 0x40}}, 0x41080)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000480)={{0xffffffff, 0x0, 0x400, 0x2, '\x00', 0x7}, 0x5, 0x3, 0x5, 0x0, 0x0, 0x3, 'syz0\x00', &(0x7f0000000300)})
mkdirat(0xffffffffffffffff, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r5, 0x541b, &(0x7f0000000000)={<r6=>0xffffffffffffffff, 0xa1})
r7 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r8}, 0x10)
syz_usb_control_io$hid(r7, 0x0, 0x0)
syz_usb_control_io$hid(r7, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xf, {[@main=@item_012={0x1, 0x0, 0x0, 'd'}, @global=@item_4={0x3, 0x1, 0x0, "05007948"}, @main=@item_4={0x3, 0x0, 0xb, "0577f5d2"}, @local=@item_012={0x2, 0x2, 0x0, "ddbc"}]}}, 0x0}, 0x0)
r9 = syz_open_dev$hiddev(&(0x7f0000000d40), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r9, 0x8004480e, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="180800000000000000000000c0ff000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70000000100308500000405000000bca900000000000035090100000000009500500000000006b70200739af0ff00000000b509020000000000dbaaf0ff000000002f8900000000000007080000f8ffffffbfa400000000000007040000f0ffffff8843d603a252a47fe58b9bd2b702000008000000180000000000", @ANYRES32, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000036080000000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

6.125577369s ago: executing program 2 (id=1795):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB]}, 0x78)
sendmmsg$inet6(r0, &(0x7f0000001f40)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)="f4", 0x1}], 0x1}}], 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa5654"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000080), 0x3, 0x0)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000280)={'\x00', 0x11, 0x8, 0x401})
syz_open_dev$loop(&(0x7f0000000000), 0x3, 0x0)
r5 = socket(0x1, 0x3, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r6 = syz_open_dev$vivid(&(0x7f0000000000), 0x2, 0x2)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wpan0\x00', <r8=>0x0})
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)={0x40, r7, 0x101, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_SEC_DEVKEY={0x24, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}]}]}]}, 0x40}}, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r6, 0xc0205647, &(0x7f0000000080)={0x0, 0x500, 0x0, '\x00', 0x0})
r10 = shmget$private(0x0, 0x13000, 0x0, &(0x7f0000feb000/0x13000)=nil)
shmat(r10, &(0x7f0000ff7000/0x3000)=nil, 0x400c)

6.122831003s ago: executing program 3 (id=1796):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r3, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x2080)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r4, 0x40405514, &(0x7f0000000000)={0x6, 0x0, 0x800000, 0x0, 'syz0\x00'})

5.055102641s ago: executing program 3 (id=1797):
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x321040, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)
r2 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000040)={0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
futex(0x0, 0x0, 0x0, &(0x7f00000005c0), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240), 0x0})
ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, 0x0)
connect$llc(r1, &(0x7f0000000340)={0x1a, 0x337, 0x0, 0x0, 0x0, 0x0, @multicast}, 0x10)
r6 = syz_init_net_socket$llc(0x1a, 0x802, 0x0)
bind$llc(0xffffffffffffffff, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x3e}, 0x10)
ioctl$F2FS_IOC_SET_PIN_FILE(r6, 0x4004f50d, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000540)={0x50, 0x0, 0x0, {0x7, 0x28, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x40}}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={0xffffffffffffffff, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}, 0x50)
close_range(0xffffffffffffffff, r0, 0x2)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000240), &(0x7f0000000300)=[&(0x7f0000000280)='\x00'])

4.04725694s ago: executing program 3 (id=1799):
socket$vsock_stream(0x28, 0x1, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r0)
socket$nl_netfilter(0x10, 0x3, 0xc)
epoll_create1(0x0)
r1 = socket(0x10, 0x80002, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
epoll_create1(0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240))
r4 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
write$binfmt_elf64(r4, &(0x7f0000000700)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003003e00000000000000000000000000400000000000000000000000000000000000000000003800020000000000000003000000000000000000000000000000000000000000000007000002000000000101"], 0xb0)
close(r4)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendmsg$NL80211_CMD_DEL_INTERFACE(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x0, 0x933, 0x70bd25, 0x25dfdbfb, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x24008804}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001ac0)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x44}}, 0x0)

4.02215457s ago: executing program 2 (id=1800):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="111014000000000095000000"], &(0x7f0000000280)='GPL\x00'}, 0x90)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000500)=[{&(0x7f00000013c0)="27050200590200000600002fb96dbcf706e10500000088641103000000000057e445320f6463ac19f2978f6763f32c8d8a6ea224fe2b9c5b3348c9d1de8d71e9a864d09456c6a35e11a17935784f80c44ccfbe7bcaeed3cec4304c0cbc77cc00bb49f8095fae213cc3e8531890e9b91a96a9b5ca80b38fd1e9fd9fb5d2588752dcdae5b7ff1174a04c946574c93bce3046ca498afb16a9ed384e023fe1112d4a9cdeb6c259557bdbe932bd9ffe389e06263799c62ea65c0b88e11072a1a7d141e471fc185db564437d647438746402959c2c0a39380eadf1ed000000", 0xdc}, {&(0x7f00000014c0)="2bd384d110e22a8afeffbf649298d74667c3072d6e3eb256209063a27115de7132a6bda8ef4c8075f54737df4eedb06424294e7e8c22b968b45f2059a10cd5b6692fefd8e892737b9577c096e8f72ac4b35a57e2fbc7afb6a274672cf8c825fd6fa6c14b9210c5851811f769c2c1bd7775a31f66d012a3ec2722de8587de038038259054d80c5e13782cbbd3f09a8e66cba01b512fe4ace154193816d6e8165bfe9ae488e074a9cb927f68404bb6d1a2aa3fd50061c45dc8e8572992bbe2e66c", 0xc0}, {&(0x7f00000005c0)="3ebca3ad643a5180b7c6ae7cc38dfb6e39cb7a9e0c68b5ddbfb19accfe0f9418ff03b37bcda0b2320792b51a73d3d9887b594a04a8e156ecceb7385f1ea96317212530ae9d9556b3ade67fe9abc8a2681c056cc74849754d612d4864220c2614a3dbee876d0e25d9bc6223bd54e4e237b3900bf05b94133b7a1da5220dec0d2c4a679a85f0be4b46377ba95b68f42042cf953b37653a5b96070425bd442a01758c0fb972e760ab671aa580d52824847f0c11618e2e427bdee79119710f8518795a09c18b75afb550fd1cc7d75fef5aaa2384410bee00c0096fddf297bfd882feb69310968428977616008ad10aa51b11bb1782de3acffadf025ae77ba6a812873ea05766a38d6996d470fb66b35d65a38356cd9b1626fc0ff82d69cde393a09e5a61ee58239346b95ef8d62b20d61bf22b77306e4fbe3a4098d332d06ba3b7866ad073821a7fc96c48cd511ce8fe1e0ce3b4a599efe84c2755572555e90c8cff31045d9559032c5cb9fd833932509f26580ec5a3247d98092c16957616356664478442cc2a0519b087ea4d6fcd20cb3f40609407316317c18b28da2cbbbbea4307a108d634188ae7337cdc31ab1994f4f5bbd27b40613396249dd2c42d5f6b58573a0959019df1ed0a4b20e6508cc75b35cfb357f182507fbf369c57cf7c9c794d5b0a40a211e42d653622658e45ef01eaced7f52afa82112267569e735f272e7489e132c1427024366c3cff556dacfbb967729406151953b7ee27fb75dd0bf49d57657f6e6f31b6d8416eb52d27e08050d08c75e2c4f3dd15402a93b3be169efd491a177104fce1cdbd97e01b432bb569694708238b55cac1ed351d71c6fc5dc8876109d3416804ee03d4e8e3e57ac6caaba269fd0fe1eb0d54c98148c6689e2a0b8a9244d7b09f9be1300949f0bee2be9188ebad80f2e868bf4a6b193038ed65700f319c8717c5a70a1285f45d23064973695020aa65eb157ce1ff3dd12e37d0e342408a653bf0f9475b26a90f971fe8622a64ed15d96b0aaf6d2dd35eb912c2d055a4163dc987fa6991044cefbf6b0f89936f7afea7eb328bf3669090ba7b10a440be56d6619db7a33d7fc2f7de343fd5180f743c2058b54fdd4c846de606057bf2e743bc66176f7fc687ebcf872f78df63537f2f78a094cad92d8daf2597136067109e793a09dd9f123439cfd0d1b5802855e66ce3ff3cb5383d892ecb6a56c1d0eb968c212a3abc54e97bd76a7fb396237830d051603158d1b77c8484d528b903c6fd43c83fe4e37fea5864b994155a7ad9517f174972ceb29cac007728b23114a36a77ed3bb5badc326a373d1ca10a09ff19e9af6d1ccd60fc91815d540ba609c2544c061fe998b5144fddf78746958767be226f67068fbe725b0f74dea32b2f546a07c66056571f3a4e9f9df97356d787072dfe54b0d5964dbf3633c70d1760c78705e6db670ebc9e802484af36e32081208a6c853b89676adf2e50356e492e1aad662a2ba3d6362ed84cc81cd6b8d3e46a943c264d0bd695038748d58b83200665635dded6b62f68737cb11065eb55920a218b5d71343e859360fd445b97b2e9975791196b78b48daa352984d1c856d600b0dfd81862b7c9c687cb07d7191592e7618629a19f0dfedf5d04d4a5b42ee68af021de7f0e7733a86e02b7dd3071ebdd4d60e5060aaecedfd7b6e192fa3a372ec042af29ebd74ef9669405a40214dd4181ed9d70f1b644e10c4827ffad1007d135381374b319fedbb87b2292d028cb3f6ec10a493798076319f133702b16ddd55df02e1fa0c2386a878c036a8288740f1ff3a65fc25a8aaae33d7c3b76688071edf1fb57490dfa6faf5c55927924aae65c7a65cd97b0107a764e389898ae1c2f86d234da10040a8c925e8bec2c5de921341b3790df102384c3f2585e1ef29b050d4e8f69c91dbff82df8c2b4a6aaac686cbe4200aeb4017d72943d1973a72726b8af466949c438fb913c2f00c3b09a9367c84f57dee9a3994eb644e63b6d95c160021af37bcd9bae05f418340cc5cd60c5faff7d9143b002793fb83705865858c04c9c9a3e4738fcab420ca362e5d1c44fea7d6b7ed5532563e6489cc87a45ae92e21ff542a832c866e170e103740d4b9a741cf7f39d7163944c917c0da9794a56b734d9fcd34508db42a46584ce8155c399a5e8fcd22d70a8a42e0e7382a15dbe8c0f73bfbeec0c073848234438bdcc770dda930d5d5dd76736a2ea19e1e2cc55c380f48c090b20ee55f164c8ed1924f6e6288cfa4a53a92a8cd1e2c3b365172088cb0c262ccf5ab88aff6fbfe67aa0ebe8b69e26689ee47ddc2ea5d427cb36d5f2facc68199330cda70386488d548d50e3521d9f779d85c3ae12e8d3a71b2ecf8e165a2e74ed2ae22342c70742d2f91e3ed8d123e340185f1559038a9ed0eeeb226b33bc17d611ffbd9a4feaef1dafe9d9b8154eccf26d263013d5f939e682a42802df23489cdbf16abe62b25a62a735bb84be0341888fcc3a87240fe9fefd6c78f42b6e2746e0664b2ac2edf986c7ab3bbe3e88cab31dbebcd59e9fbcfd419772c291c04acb9304ae48302251c3234a5cfd012903a0f9542f38f6334b09f2058b818ead0b38155389c97212e520518e600db88d936d251121c51d7aa5c276142406c84f33b5db362df6546a37c3840ac6e88e67b0d7b39735c675d83f586891e63fffab21d84d40d26fa8ca7f0e27b03bc0917c79930a7e06409b3565bddb5f85be6322aa0430e34e9a3f45bdc94f4a061ef56a52f9b01c3a8260baa247df47aea8a2efe3db6d1021ca00ad36073cad2e221ae8bd9448a63dd70ef71115d65e304302da87c784a95530d68594cc4e4af380e1c8c6e1ea913551f9cf471cc2a950afff8c9fef8d83e46f94e9dc49c4f86bf6866e1f29bf1f1e8330484551471448d6fd86c0c75e5fca5f378471804d2b14de406614702e7a4d4a11ab67ff55066a523faa5bcc06dbc4103b6a4096a4672182752b1f6fcd62e406d61c8c307709c33a098bd39b4868b5874aecfcfa860fba0d029b7ca35d7f643b6ad70c9582101a39a74c54bddfebdf580aae950cd0766c7a4c5d09f94083e2bd8989ad4b63eb31304c9a889982606f6a09894e8ab3c18711b8ad75532ebcb5305ef3aad4e9d8151344223aacb13b1caa4147354232c7fe4ccf0b8dc7594a3fc79f28786cdc2fa7fa8b337ced61f0a9c4209c4b9f66bab14ee279780c8b32bc3d037ea1c39cdc604daf56b5f1c30ed4fd583ca2413b018221d2e2ccb74fa3dde8f933b9cb35e6649fb29e4530297db96e6d1f66f53b21cc5d24ca782eee8e729f59716af324762ef3028802ef619938affd6b0e0e34118a28558032eb984162e92024693e031c5c4df19c72ffd5188ca6f4cfa353dbb3c702c2d43ff059043d542606e93d92f9d24ccd4c670fa80bc8955ebb9a2fe0de0e1b63abed4d110f23d58c56b888115bf7fa2858951e4dca4c55d06faafedac4f8e9bde007aeaba4258ce5af4bc59ed8c75060ec63518a5cb20a9b96b62edfb0c0a37af5faee44e6019282819f9dd41807fef8f0e3da072cbae8911e36a01d17f0387704c7876b683144f9865a26ffeb7814708d7ea8f0daccfb83c148f10da2fa56b8014f650efd9034b7fa838288e9a92410b5be3ac8706dde95303af67863097f8770328ed66655c8657f353c546b64cf38ac92fcd743be4925ed3eb83e18f710bbc96aed8197eb327f4587d0b884c089b4f570bf6e7db1f6d3fd6e2d376e12e2bb10c6311ff39bbcef3a20ea672389c488829b9d50246475d898873769a6d713b3e1bc958af556d941c6baf0354a304dc5bf78f428d6205e40cded5cef33de6d2647c7638031d022715c9f21079dfe0275917c5016602b6f79e1a9d2d559e5caebdc8fc1d1ef981ce1a72b383ff9ea68f0ceb2dad9233f0c41188e6f144093535b02ea235eeae944723e6a998b4f483dd3ff9d49e7dbd23acd47100de887fd31c2e6e0ac64a60b2aef2d9532c923b53e79f3ae00a02aa7d27bed3db54a873678309e7d178507380c060e9d1726205d94b2035d947f802a7564b11f9bf605ba4748b0b91d2e9481c2c8c6b1da959f65a76670ba2dfb5594436e2286c3d13aa6926c81acc0624c65ab298cc8a3149b0ec5810141efafd96209db552f5b0b3481ae8e01b1892bc3c3bde6428cacad9799d99cb5d11e2fc2a553454fd5ef01c07286cef7aa11368bbf4183a90bf0794c80d00998479c7b0dd8c4f114b07ad4cea0c0d6b481d65453b45276621e3ccba7a6b31652ec37cd9984f6d77cd70b174d154d14de1bc3e9fdf9cb62f9a19fca0b3bbbabf12037eeaa40bab31c", 0xc02}], 0x3}, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000040)=0x7e, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22}, 0x1c)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r2, 0x29, 0xd2, &(0x7f0000000600)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
setsockopt$MRT6_FLUSH(r2, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000880)={{{@in6=@remote, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@remote}, 0x0, @in=@initdev}}, &(0x7f0000000140)=0xe8)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x4}]}, &(0x7f00000000c0)='GPL\x00', 0x8, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x60000000}, 0x70)
ioctl$TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000001cc0)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c0ef815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaad1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69922050000f5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762e122428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302be7ff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9d3fded31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000bb60bc1f1635caf0ca9eabf804adc94e0a73923976299c7ac285542e5de1dd14183f1bb171eabe19fe98f551e1b635300d8e38f07eda29341535e532a6d64ed36fac9c77827bf85ac369eac8879e515b58a03438561c5e78157649c6d45e7e621b79d724e277f1ee49e5b63e81180626a73510be26082a097de42b016336707866d422a93e01c1cbe0cefd4a89dc24b0d7f549908b8620ffd7d900a0a96a381fdd763b39f0bc0af5faf593c5d39fdf43430e4b7c23b5cf691792248cfb9ec9f882dd19a9f6e9426b4f88fe14487942bb34e585083f7b98900682e2683922a94e2f0baecc00f74071d025220bcdbc7f5575ce72981e918681b5a0b1ee9af749885fd8cefb9e182b326eaebad4616647fe"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r6}, 0x10)
sendmmsg$alg(r5, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_AEAD_AUTHSIZE(0xffffffffffffffff, 0x117, 0x5, 0x0, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f000000e0c0), 0x10010)
ioctl$FS_IOC_GETFSMAP(r7, 0x40305839, &(0x7f0000000000)=ANY=[])
getsockopt$IP_VS_SO_GET_SERVICES(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000001200)=""/190, 0x0)
write$tun(0xffffffffffffffff, &(0x7f00000012c0)=ANY=[@ANYRES8=r7, @ANYRESHEX, @ANYRESOCT=r0, @ANYRES16=r0, @ANYRES8=r3, @ANYRES32=r7, @ANYRESDEC, @ANYBLOB="65e6580c6b0f117d008dcf919b9daa8b2b2c45f7d92a988dc00ef2103d20a30c91fc5d40f489b07b54c0994cf05efa78a8fc80dff0cdda0e267e28980592aec77787d29196d8882c69adbad2b35ed30cda661706bb7dc3ffeee2d5c78f", @ANYRES64, @ANYRES64], 0xfdef)
r8 = socket$netlink(0x10, 0x3, 0x4)
writev(r8, &(0x7f0000000180)=[{&(0x7f0000000280)="580000001400add4273200000000b4560a117fffffff81000e220e227f000001000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000c335237676a8e5dc968b2bf8ec", 0x58}], 0x1)

3.94045458s ago: executing program 4 (id=1801):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r3, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x2080)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r4, 0x40405515, &(0x7f00000001c0)={0xa, 0x5, 0x6, 0x800000, 'syz1\x00', 0x1000})

2.885157309s ago: executing program 4 (id=1802):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_mreq(r1, 0x29, 0x0, 0x0, &(0x7f00000000c0))
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
r2 = memfd_create(0x0, 0x0)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000040))
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080))
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000040)={0xb000001c})
epoll_pwait(r6, &(0x7f0000000180)=[{}], 0x1, 0xa2c, 0x0, 0x0)
epoll_pwait(r6, &(0x7f00000000c0)=[{}], 0x1, 0x0, 0x0, 0x0)
close(r4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x12, r2, 0x0)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r7, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xf8, 0x0, 0x0, 0x0, 0x8}, 0xe)

2.775519911s ago: executing program 3 (id=1803):
syz_emit_ethernet(0x5d9, &(0x7f00000001c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd60cb653e05a33a00fe800000000000000000000000000000fe8000000000000000000000000000aa86029078000002000000000000000000000e7db4265c9f"], 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket(0x40000000015, 0x5, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0xfffffffffffffeb4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x39}}, 0x10)
sendmmsg$inet(r2, &(0x7f00000013c0)=[{{&(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10, 0x0}}], 0x1, 0x4000000)
setsockopt(r1, 0x84, 0x7f, &(0x7f0000000040)="000000000980ffff", 0x8)
socket$inet6(0xa, 0x80002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000340)={r5})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x4080)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x4)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffe000/0x1000)=nil, 0x1000, &(0x7f0000000000)=' \x00\x00\x00\x00\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffe000/0x1000)=nil, 0x1000, &(0x7f0000000040)='!+^+/\x00')
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000a40)="5ed05da8080eb0a86588179b3f54", 0xe}], 0x1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=@getsadinfo={0x1c, 0x23, 0x200, 0x70bd2c, 0x25dfdbfc, 0x0, [@etimer_thresh={0x8, 0xc, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8804)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)

2.73571402s ago: executing program 2 (id=1804):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f00000000c0)=0x10000)
connect$inet(r0, &(0x7f0000001fc0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x12, &(0x7f0000000000), 0x4)

2.398518024s ago: executing program 2 (id=1805):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
setsockopt$packet_int(r3, 0x107, 0x7, &(0x7f0000000180)=0x8, 0x4)
syz_emit_ethernet(0xfdef, &(0x7f0000000080)=ANY=[@ANYRESDEC], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000140)=@newtaction={0x48, 0x30, 0x328, 0x0, 0x0, {}, [{0x34, 0x1, [@m_skbedit={0x30, 0x11, 0x0, 0x0, {{0xc}, {0x4}, {0x4}, {0xc, 0xa, {0x1}}, {0xc, 0x9, {0x0, 0x1}}}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x200000c0}, 0x0)
r4 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r4, 0xc05c6104, &(0x7f00000001c0)={"f2efe21e", 0x0, 0x6, 0x4d, 0x0, 0x1ff, "2179d46fd08e3c0ced34c7d0c7e6d7", "7ca24a13", "5161dc20", "a2d1d4a2", ["1af0b1ba1cb8fd54c9c9b587", "bed0f3d6ce7a5f7389827f04", "33af343c60abc64f2fdc9ddf", "9b3842fc63849f62b6eb1c3c"]})
r5 = syz_open_dev$cec(&(0x7f0000000d00), 0x0, 0x40000)
ioctl$CEC_TRANSMIT(r5, 0xc0386105, &(0x7f0000000d40)={0x0, 0x0, 0x4, 0x0, 0x0, 0x4063, "57c1169b6664ea61326ac71ae7213059"})
syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
fadvise64(r6, 0x40000000000000, 0xfffffffffffffffd, 0x3)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000012c0), 0x0, &(0x7f0000001500)={{'fd', 0x3d, r7}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r7, &(0x7f000000b800)={0x2020, 0x0, <r8=>0x0}, 0x204b)
write$FUSE_INIT(r7, &(0x7f0000004200)={0x50, 0x0, r8, {0x7, 0x1f, 0x0, 0x100002}}, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r7, &(0x7f0000006380)="164dfcb4a166ff68e813ff4bbbb0d7413be54d297a3f6f2aba8c4fd53ccc7df987fb1bcea4cbbfc48eab0c1e0a831c5f5a4ef2dc273c6441bf285df09d683d43b38108e6530d3d00ca41f73d226b03e2ec7b00f207636b028a5077f45671662cbecb6f579006ddcca0a3c57b86180bab0b1705ea85ce4aaf60d9a4f9bfccb32c16e318b24050f162a9d1504c5e958a84ebcf42428f11617942f02e0673e89f6a8cc66976749a1b2e5c2e0ea87fdf1cd40531654a382be125c88a0e183362208164faf638123d729629906065a7f556ece02e80cafb219c35bddb1826ff6c013b56fc142c49b69c5da3117f8becfefa3a02c3945d248f6813d035aaf439101ff25281d354d0e59d3fa0a491d8a2d9e329c9b2f9db971f4ae034308f2de5e8422c3e295733a70f474b9a613ea7b6dba1fe2f669622300df56b731ab859fad7c407b51fb9d42700ef366af7da8a347e8095a0cd78ab05a0853e108352af40cc0e966f671cdc7fa80d59d021f188403840efa96be972e6e9e979369e920c8f4e2335ad821e41405d40428fb0098fcfe6b3d2a144522b9ca9255ba8c69c9c6c4b370079a9d78a53fb1ed16ef9c1467a60141b35a7efb5d1932d16e6f48243f77d9a7f9892cd12aa2835a4442ff2fab6208643fe6562c7e77639795902d16525537a3feb3f58c550e3108975b975573b2ebedd7773cdef9dc625932d1aa3310ef3392433a497f4c1f873370186fa7d9b9ab7ffab8bcc12d0f550e95f4735e823e3fc365359fffb22d2e1d3776d00655bdd43a2633d200684c94bb75c9e677ce96a281441cef4534b6caca7c2c0142d731d7814c945ef82e5134cbd060333438b292396e39d821a1205086d5210ce0e5f180d497cbd91971beed2c7e520f72e54be32c8ebc53a8e3ea6ae772543bd9c90abae7e84a05f467ea59e006aeda0a6f80c2a6653a92ba638d9a9ef9ca004be086f2d237c799cdeeebffea921e6ee17b7e18dd2e7a5fe80bcae60ceb9ab70095b0229a6969e7c52e1f4d7967ee929b2c6694c9d271717a218d9d8e24baa4f2ffbafd7660f2e82e7d7b15d5379a4bfe83fdb994ba3e0e94189b8f581c13bc323102ac73f5599eed01fa31e3bc2109f2ddfbb1b1cfaa2c3df50428c7a79c0addddd7acfdc65d424fb1cbe079eaf9093ffd15d19999e786a6abd2127efc9db2a547be4a52ad7d62b19e3b37f7cdd6cb54e3d9310cb969d99bf678252ec6298dcd51d6e52ec49dc7819395ce63d9ee13db4f6a2444b72d3f138a662396d2824c7ad09f5bc612e81e86b9c33112191dd9cb87354b3649e3d7486466ddc09f84577d42478a2cb33cc553146be18ba73ee4f448a16069c8a99551b87fb18cecb136e2e50f8d1363ed118e46aa528966c4cb7ff577f38d729b5dfbdaf223666468879f898793ceee17942b44c3e3481a9e746bb7a32b0510fe6b9d6e3f583cc4d3bea3a4954f7cef29396bad4b7cedb76437fbba0abaa60d223ac98f85448626bb40a554e66ff19815c6aab5589bce67c4b25d23057baba1cbe9974df2c477d5824e7cf2e903a910d6b680730e3b455096c0c3847b508d8cf6fcaed1256eb8003d7ea50e8f592bb5663b06ab5b86cb134978000b819a5a64648d89aeb1a305eaa9e4699913a44a78993da7602f219960c90a0b118320afe3023d533d749dad4e2a60a10d5ec697da98dbf5a99932be20c2b8903fd480f8568b6e667374f2c6acb41fdaf5c9760825a1c30710a5ac3fdeec241c3ec82c0bcfc785f568a181d4dda2ae847ab06febc7788fb5e634e22a154e72f7105c3e090980d207b8df62ed022ada54f2ba7562ccbacc5a795e19ea5b33b52a21cd627de74f113536934858886e74ddabdc95241fe4e758d8dd0eac64b9567d1bf9a03263199fe82852e6b0890cb7a218108bdc9e89fa570263c80c121170d27aac8dbde72f6acf1bf25647590cd8f1d630ff45e72bd40e9913092ae90a305ca0c04118c5d1a4200ac4232e671e1745d7a87f60b7a6a43f459f3b9dfee3d9e18f6abd4e31ff3fe989729e1e37136e51b96bd5de2d45c3cb8e756c6b74198f548a3e6b7ff1b434d26ddec808e7ae900a77250355862e1cf20c31d8dca4b08f6f351a0e3d3554c54d6d344c7eb21b6704bb8a9e4ef3ee4e4fc899c3aaf2b77e25c9c5e6a9cf9ec0f42cb3f571ae7cbbc53eaa78e135ced3e673aa6b0a1bf71f230663144e1c521c74da3adb069b8226aa29bed0d65af8cd57ef891cbf2d43ee7a45af6a07bf6de0c25afc336314ec48dff4bfb88e4a0734d4bc0bab015efd787f5533259cdb0a2758965a909cdfc0c52577ba197cd7108b181a98e01dbb9108830c90d6fc7811e55383ed992fd639bf853300b1e93e8c7c6978a6928ae3197b4a5b5344113c913de2221a1701104d50ccda8313ce14e87fa2e7b4b7eeb4f7e6e2cd19e962c519f494e0ed3d7ca8f2be9de3e35a10d62cbad03de499eb426fae9b8c117f67ba13a7cbb3af47b376992a2882e96486c6630c356c8eddad37cc267887dc3a714121317bb4664711d553587b84905dc142ab946a9d5f721644570cfba9cfa2df6ca435475b666107ce3bc204ec7c6b39ffdf592d2a766ab9f2cfae557255ca909de0ee2609616dfa51dbc8692aa58b21703f23c6f74d2658b197d3693c22b8b21f2c0efdb41ef8ad2c29526b29caa5f257975490a6b044fbc084faf6e2ea27f0bbe855b1bb62f1687c306ea46f91b4e6e15f7ace308299fde92ca6cb7ed33314f2ce74a4bc6f671b87aabb836ad72fd2ab26f84045fa162922911fcb795840faed7fb79ba54e0c10fb8df9cd23cc5fd09e99189db7ea181676d94f5f5e24fc2ff28a4cc5a46112f0f969b57633fb72371e5e42fd5aff4d3697507ab9833027a675f65c85a80aad04c0961defd45daa57b704fcbff120c1cb3b54b7e2b9e0005f75778df239556869b4d4618410bd15290d89963189243315c85d9b072efaa9a09ec52cc66166e52cd559c459d00094be7edc20b6cfdd1c50a1dff1922f115f5ac04133508aecced4c57d6d1213b513fe80e30272981f2904a43b4c58de3e18b244641c2edb81b6e08de73f24a5b3c082e97940354ad8222ebc5aaab453c9996454c221d5ca63f5beea320cab8b37618d2c27a320b05760b618f02a10c680740adcc28f8eaae696e5f9e7c6978582c5181b7897d234856bb7b1f400f65e0ab8c7f283fcac7b4119ee50365e7260100e2aac7ee3c56c46ec061a74a400c9781cbec84c30750761f06d73f82d454c96fe3c9ef5a9443a6fe9520cb788eaf9cdc06f71bba9edad3e9d7abdf9e29bc61400e67c3057cbe6d330aac9536fed959024cf4cb54559e0c0e7b9aee2761de0937170139afa89554f141ce8fbd24c261a71d5efb057e51d06fee1b40a4b76228cd291f654bbc0b00cf3133bd26916e1b6948092c63a6de90926e730764038d549780881ad814695464ba9b02c3ca17a60545e63d7af59a6a8c283fa74b3c569defb19a388991912e0cca746cdab48de43f970a92b25573fa9048cef7b6b53db6c72cba23163363eefe2577af4dea971bd737100713a433525fdd7e820a8708802f19a277d422d3f053f031af701dd559334f0f921239024d35273b0c6080ee7f94ac7d5b09c867f2d9b22fe93c396ad8d91ebbc46914e823680e4dff674bca759ae5f089a4951c7b5451443fd4940c0c2340360c8f60c2d09d43a147ed993e917c7332d8fa290492df77f1a29abf94e1839f7766020a283f253d4b306ebb6a9d07238eaec605905eed22a466becf56632dc58098456f5261866a7f79d5679c3f6ef920a38f7b3821c1eef34db8d7f238eea06ddae73f2bd8a63110374861ca20f2ed33a949e7f36b2f96453fc16e2e6b939bb5ad6e923f5e1c59224b3efbefde2327a63bbadcd7668ada8c83bd43981f42ec72fce604eb7f5d0604eba19846d32306cfa50b6751b6754aa2282d4fc3a2167566c59431c9134c4293527928d14b72051289c41d3f795897b73dae6ce9f5bf4279a653f376d0613950ab52b491962a5bd545428c5d3edfe32d8e0fcc2b76021a0d30546b492e1a3954aa27fb950cefce072549e6253090feebeb88f931bf5c68f8f6e04ba02498b7b77377ee8904c54c8fd1fa45b127d44508c3bf1e5846a4fe3e484ca0d87a36980142907a3096719588861404dc856c33ffb677afc19e8c62c474f82e88479d5bdd1baf96e12a4fefda1c837c931c1975c1ce5c0bc3723e51e839279ab7625a4bd6eaf62396fc94b200016a7a920f8f4f1748dcac1658262d5309e1986c69d4fee2f1864a9730a0ca074b104f584f3af809c8b5b93f4c1909434a9aa5d2dedeb4f2ee6584edb253b1adf0562660d6dec1ae6d06060c10e37d97c5de3817cfc1268e6df2eb23b0217a6590d9b7e175f6d9e89e96e9cf69ce3a63e8ea75dfbc1c5d663815184d5a90a591e253275c9d1e4be9c4c8fc54c85cfe601a5e4c335b57cb0b4b6c7679c56bdac401be473e7ad6c8a0f3ade1c663228111f8e6e36919362245700f8a93f32c9588e2de691c2dcb7ad8d6d69c8754d6a8a218e7d6d47ac90d7bec50b5403d12be3bbe9efcc067bf8efe77db447865cac655dc26acbcb85a64a62f89c6a8ca95cc00ae3eb7f9a585feb195b94d86c3c1154b4670bcdb19790ec8ecb078ec845246d1e3851aba2d57c84c9ac9798286d00da5ee8a3b28fe814a30522a80d931394db38c318d11027423f3b35c93f0804d095f1c8296847c2f000ced68f6e530378ab852a1b59ea2aa4eaa4bb18b0b659d94764b94c5363f7cfac48a36ddbdf36f9ee06e503c2c5407bf869387d9ba63cff76a25131d3aa8e0b29e62ed9948c7cd6f8824379dc58cf20e08b9b8556b3908e58018f435189fb32674f3a73f78f0bff8c65384432249fd64b1543d3a00960d39c5dc4e289836672025ffd16ca97622decdecff0c076478b4f903e681759ca60bb51b0a3f20591f7602756564483db259975022d7d490fe6228654ee20d4dc8d4154c4f17312f3d87414210eae4f8594a9c5f4a4d42484c79c5409c711778e616bbc9110d61578935e3fb31aaa4d275aa29296b1e58417442198c5dedf217832186da27e9f06b4d4b0dead7f29084334e0bc99615a514cc4648e9997f4f0b5d8b9499ea0d1f73a18c40309549bbab30a5e0879bec14703886c37a437629d6fdb3e87a13231a0a08f9adec18758b0e157de7c14b73f3196a8f1fa469faa92b446534665d4f6d87b3807cfba5dc068db36d7559cfd6ab0e799cc50bdd77a8462b22e1b0c963003ea7639cc76c8a94913b9e1c1904abc5b68250e5edfb2634057582f92c3832675e3083ff65795f47e1776b0c746348b9f721c069af562cc86bbec4517e338cf10ab343d337efe1d53ae251b6f3b66c44fdaa165d18de973ebaa0fb6383351ec70b55c76615f6dcaf2a3721d55ac6d27520e687acbe3fa9106e98cb8750d527d6b2a61a72a35306b788e483d0c591218e756affe0c7375db6529a7e947b86722e1f229433f8618503a1522e6f19b4a43a763bed2709aa18cf8cb9d6946bc3c3eb96bb68d8edfa1da76223b03f1a0825268e2efcad098008f5d918749a6a57d0ef2219767c889b4f2ae1b5fcb7d51cfbf217d65dcc2e87b041a4222ab8091e051627093d27fce89a6a18e50b9132ecf6b808fd2df724a027ee6488a6c42f363f54a66820b3d28643ee0274fda730c9febf596d393db8bbe5994fc6f78301aa7be86c1d96b311eecf1d88648517d6c255d5ef6e65981072f077e273a82e051c4ea2ab1dcf162f84880e60996ee762903d8340bf4fca4d966b795635ec3de099e72b9597e8fc122387e7c2c7301ba928aab8d415cf7fc0856154805cf9d020dcc350ccfcac41f0b21b560f9d36dedfc8c8ba7b98e8d5cf6a79feeab80ef8802715fcc4ab1fe858b44eea4536e300ff891b0560d8d4f536dbec352b84aa8a6703f99073da3ce784fb108d2928233d3080fde4bb69615f1608ea5a886c4a96a2e23b6e93a4168e6177425c724902b154f633764eadccb86b72117067cbcd86a5550600c101aa1a10992c3503e1706710a32958be3588c51dcc306f3267a9640480378572daea34e294c2734cbc3b5152d8558a6109e2a19088971648ab4535e139c3937c530a2c059a0681b38190c132b0e20424fb03bd1156b98e83e3939a2095f89bb3c4bfb544addd4df0c14161a02852de4d550098533fecf3a68619ae4e351ab46c18e8076fa25a9b37d112ed868c21c0fbe25ac42088f0d6f70b00ba14fd90d41042fffdccac19a3350c8e68bf539c36e34b58dd2802c4bc8311bd33d52660ceab7a4b78493c92741aae546f1c88916efb73ba041fe2b26228a7bc9ec4a3ae1c07509c5ac19c0b8badb7dc634a461db2aa81cb1f387a47ce1549dd6d7417e2ca32b786bab2881a7394170be78eca7b952fbdafb49a188f054d777cdabee0924c7134b110606cf711252f1f7e8000724e5bcfa618bc93d667957675457058ee7c939f30df892bf2b0fb533c7722d7f1cb91aa4b2fcd2c886b095945bff87204886d45afd6435544bb03818ac3641e545109ed0178702a462c13e744430b1c11bffce3091187225c74572b9eef71a40a0922d1b1f9795f1a3c0fdfff1709d42eccdecaf88a49a896517065f2634b5181d093600d4c9337256fd822496e02a77e32cdcc486b01b0e98784b32c675c7fdf35e47bfa0bfdab9112d0137e754cdfd95e6ba7b4abb63b38c1ff5f859b678c5e2ab5ef266cc43b9af644bbaf5d8b6043e15ec96a24d486648d05f849ddf7901d42a207adbc959fbe45f83ea272eb875bef6f6ca533afaba6b82d71b5ac5abcc54eb6d394c7184ac67f7e6fc5c160bc6f06f2725d0890feef49b09828ca3ca3cf3d2a60579b519b9b5a7cc9dae1cd29d8b3cd3cc45bc9f9628b4d7ac0566221cac2bdf50acca373c57723ace58e449ba4c62cf421e40c339d92e94f39971b60a772c8df859a991f39a41f9d6080283437875d2dfeb69380e0cdbe9fa132c8ecd953c8e2880ae102361a34030012f843ed3595531552f9718515311a83ea975485cc87ce649caaeda38f0e9d627b9d76344b4dcd8269ae5747c8e4e30105016da0d440c66cd534a7112fcc00199999f8616f6db4ecf218deded002d2246fb02796272db7a792269843e89ec32c1f04575fc9bded7ff7f92813d8f44cadbefb7cf656632a70c415610dce60ea0f795009d8cc9f532e566424d674365ad310087e6f1987be919582d8cd05928e059de21f6d01f5b01b0a246b0e307287b168ab49be07707cf05e7358ffb002c9557f37f56e3cf76f066b389a85eaa6432a668fb7ea0096d30dde77e39a32095f95a9ef0add3b12f9be0fc58ccf34f85b1483571affc931a85ccbe31cebea27045f99a4cc74469977b8cb6026be399bbec764314d95f72296cb867c409e98fd755e8e07a81482af90dfebbf0662fbbbac8cd31fa880561cfec6fbc8c89457a7e4fb0bda30397f9f3950b57dcaf88295bf6364ea1bc9f5cf7a01802a3e4eb7f34c4026162e5964f37622a8421020c89bca2b889fe38c4344b7f97ca28a3be4ec73c2f99ed4da62fe18d626ff4e230d2de6867705ae338ebbc6bff291fe1b1b30e6b75e704c60cee2f1e2651ce765d3fddb6bfc2dff621009a26db0a9e2b1066e14fa9cf006392e7416af9f091a112d21b776af3bfc4424108c371fb6ff1a035a6c048b23febddc72f4db9ddd662c4bca3129d14dbf48079b6a950faa61e64bfdd23de2ac30cdcc05f50325c545a73964e75ac2bb6f8f323ca3435b3f259de1e5804d0c00d513c1eb447ad8b919d388e8360d7aefae1add61352a790af8ab81981c2db508572fdd841ab5597ca99652f74917c3f7b3840161274431b8b3e42d8695d25ca8d8505e48e4cdfaf1af547fd27636d87b9bfae1325712cd96e59f2e65fe46c8ffd32eda10c621a7d4ea521fc8ed78c3673ea81b286bed0ace117df00e477f2070661da142a7b9d8d070cf1ded5455678607738d85898408fe60cf03972afa6f538dc81ffe899a66d8bdbba5531cd2f519e75d9c59e4dac50117e871183130c6b914c8e4773ee29b448d73505e2d7c0d099217459b048a5e76aa6bbfd9d0ce0bf1bbc13db8b774b97bb89159d2af3be82c6b383e49f554777ec5f5aa02b96791b729ac86a1430f7bf6c51044240fe6dcc3ead6aa94f822f2bc534cdce77ddffc84cdea2dd62044ef05da2ca4ddad9f85d008216085e1e698756793bd5756e2bb906cfa1d7919f3a55776ec80eb4ef903a93dcf73f5146a493a904852f530053d808f1eaa721243d1d3f8e15bdbf2d266707f2a4bd9d6c2ea706941fa04c4f952f4a0bd485578216ad5c69412af71ac6a3b395bed1b4328e3171e28c26a2e7a6b96e06c6603a832c6181f286bcec2b29952e0d00cd7f8053cf113a2a718151670c9f4495cb4300bd913252515579ea93675eda283aa373174995fa8a337158ced596960fa377d69a646db7e699b45cdfc0a53cbcadf25671d9c2cbfff6dcd4b2cef659aac55f9955e918ff316627869a28efc4ebd13d862c57a10c86bb0299a09db80c7489e7096ff59e89f170e104f2cbccdd586976b30ee51ec252a761a8f4cb59ed526568806acdd1da1f8a5b1199e2b1f9e37c0bc7533cbf558d200395afad9bdffbab870ec24630e18308802aaf5ec9b6c7fdf9d8b4dc97f79797708a7dabd9f5dae658e303e9306bb39431b88f00678a21e709aaad91dbaf31aa782ce54428c98a4d2e83e1a936b9efa38a006f60790c19ebd1575c8acb84e8e6a148ab26d81bae1d3f9a0da2743336a9591d97daf721071c7a13bd9eb9115335cd7be199d928ee42b641001e5697d95f88c7d12f5ccf6e584bb86680716de159395b42189d373ca53798c40da57d2131b3fc265134d02f4902fbe977679010b48933f23b756e0c6fbf573a752ee6126982d36a49cf2c6624c28cf0caac5a878e7dd1c40e77d0a8d3d0b25aba7e245f8d9b203bcb7eddd1e1bab008571d3c8a3b10c43d1c7d8a63f7ad0386bf8db397de1e7161de4b06794b3da62a878afea00ad68ff2fc2d6c843a0238d9127f6235626168e77e2de00e28f4c26a6a627c4128f26d7185c00951b38633f01500a3adf68a186779111ff8db83d3279aadbbd932b3ede8785253b34b000e749c08d1329803d7afa3297cc93b796e31043693e372e8ee4cd1d6cba66e9e80c10a07fa4c5a50842fa53f980aa28544827200d2be7c473f813f26133fa8db6829e872f82add7462f07015adf4ac259b67d537dfeea2931b08b595da9b7249c09d2bc9c8f59aaf1cab41159da8bfd2d6a0d07fa92983c241a900dfcedfddfb6cf15e8282e43bdb4da2793b347eab3a428c1d867e1b2c525dff22251993217b109911565ea2a1c1bafd1cd1695b917dd95b37bc146e9a67cf1f19eabf806044adabb9117c6f910fc95bbfc975d5fafd012de7d4d209a71b6624316b705566b96f804c4482069c4a9c40238fa3856d8ad960af6a8dc3b19c29b603590ccb7fea5619587c30c4695d633cb22f2a51bd13c4eb0c83a078b322817389a8f463222e8d57717ffa28253b77eea45c08b2a0094c229cb94994c47745c8486eb9e5293676edb93be086488cb6900a4b400f110037f2f57d5beecc262f89c88bc3bb3436333dec187e7937c02ae5ffe6ace71595f75f463d2cfeb30690a68479f3e06ef0d2f507685908a25b937105d04e271b9651fd62cc73ec2d972d663fa067e9b6340e50318aa7afdf2878bf23f24452a61d648800b167032bd5b3e6628aedc91af8b84e8a1dde8df17dd208de4640d452fd45784803a8faed62d3c7d3807259a6ad47cb9c0c345fa4c74731a31f3d621016b1b6ad88cebd275087a8cdadf3ab22610198fe63025be232fe080109d247f92604ed94572c3b9af9506f6a2ea35463e5ecd76a6eb912ea1c0a0fa179a72d57e498f7c9fdb1232a82acfdbebdbdcc48e40951234057302edcdebee968679578fc6e118b7505234a26652ee25dfe8b1f2f74c40bc6bff3f293c5d2a345450f34a27747647ffbf162160d0ccccb9d0b85965701573089775f472635d62c74a675a37354f5da26c55fd1ecd297190ff70283b04a706ae7416080879d7bdda5141f41abd39801695a42fa213e450e9dc6ac66aa8051c9a6f1b24880f50c0023ad9be1a998be233752404316d2e8ad162edfcfee93fadaf7d4d63b054d03180f1d93f93955520a2760b202b66956ccb25edd20bfd31cfc2b608ed25d947a270985290bbc394502d19cc3b14207f2b08a329c96c1cdff00c6bd3b64450038eff49e416513c4bc4c78502e50404b6b21cf1dd6c774d53c4bf44d6db6d2c08d52331b472254a8cba11418cc5892d217f623e77fcf15b69dbc397e80ad63174e1cbfabaed40a8147ac4f632674175f7b97a8772db1f9f8b75e98112cda04a158d57e4d04c1c8f3ca90d54deea51f7ea49001addcfc813c80e6606f520661e71de72810f73a76a5b7dc49b367800a50293f88d95a427f97fc068aa11a6de02124e1f5a35ca3c5f0cd7ec86a0842ef057effe0829e7ed6a101073bd9bde3b42ca326d431b521cd41606eb7156bf39144ed7af1b55192497adff9b9f6992ab1ea6bab2f587c41b8b084740f574642c8c02f57e0148dd14a36571380c31a95ba205e3394ed2fd21f19d1980bb4201f3c1890ab399b4b9930afd0e09c2d276581e35aa893ef34988e226dfb091badf55f907e710d657c48bb431bce0d064bba5093dbea3e2d1d74acaa1db9e7d467d11cdd45e17113918bab74e000cf298f3083c8d922b5005bb6b9c3f67871b2a3c9d7b36f1691c7210e22ec3411d0f42acd5408d71c257aaa3b0e1ca19609aa95c72554350c7237306bfe827c77c03c573d52bd957e4ecd7bd189e407e7f7fcc7177aacecb1ed8b49a3b52d2146e617b12e88c521e3a6662611d3dc7b27dc8bbb9ab65b35b31dd6b5656c3dbc47a01795f3911d22828f00f70d75d18c4943fce0ca6906e8f961cbcf26c20a7a2b75c19fc737c4c042f58c06277a08698e75d1163168a2dd646264bd0e7609f4c97ce1ef355c3f209fb8dd9484ee82b9f8514e2fedded8b00cf7610ff46b9b1e996b87fdfb99d9c7880626613881f055ed6ac0b79dc24354661cdac3df42abbad4772338ace145bd3a8fb288a55057b16850ed79cf7beefaa8309bd7d09be60ffab5ef79868a65159221d8e975b6fe8d583aad4cbdaf6bff0af39549bff1abc8eb049a57f8de7360f4b8111b4afd462ebbdaf6b07e9cce554de56c8f75ca4142a00914d6cbc8d3726afef25d02a77fce0684d4bcc0ad3d6533918352b75e54c2eb972e921d71c4426dc415113c1b240a060b17a7a043ba5cbb6bd953769561e816fa6e6ad0eb8df8eeacce7f95179f8932957e148edcb6c4b0d593faecc88b1fa56833b4da5e1bd9a1a617867a5fd678abeed8d5807a49ba22450a6fddffce8c63feea78e1c83a83df6573a2c8a4e01f2de0b1cac6cbb931b79c8407ab7ed913e6b0755671ce2086e9534cacd2f91443c698a74264c571e", 0x2000, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r9 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r9, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
recvfrom(r9, 0x0, 0xf96, 0x0, 0x0, 0x0)
setsockopt$inet_opts(r9, 0x0, 0xc, &(0x7f00000000c0)='H', 0x1)
r10 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r10, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, 0x0}}], 0x1, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="340000001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000014001a80100004800c000a800800010000000000"], 0x34}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x5, 0x1, &(0x7f0000000280)=ANY=[@ANYRES8], &(0x7f0000000080)='GPL\x00', 0xe, 0xc1, &(0x7f00000000c0)=""/193, 0x0, 0x0, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xe}, 0x90)

1.705457575s ago: executing program 3 (id=1806):
socket$inet_smc(0x2b, 0x1, 0x0)
socket$alg(0x26, 0x5, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="020101090800000000170006ffffff00030006001000000002000000e0000009f9ff0f0005000000030005007217440502000000e0000001"], 0x40}}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000}, 0x48)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r5 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000200)='.\x00', 0x400)
r6 = dup(0xffffffffffffffff)
read$FUSE(r6, &(0x7f0000002280)={0x2020}, 0x18b5)
inotify_rm_watch(r4, r5)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@bloom_filter={0x1e, 0x0, 0x5, 0x10, 0x811, r7, 0x9, '\x00', 0x0, r7, 0x3, 0x5, 0x4, 0x3}, 0x48)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000580)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x2f, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@map_fd={0x18, 0x7, 0x1, 0x0, r4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r6}}, @map_fd={0x18, 0xb, 0x1, 0x0, r7}, @ldst={0x1, 0x8ac3b5bf9ac925d5, 0x4, 0x5, 0x6, 0x6, 0x1}, @alu={0x4, 0x1, 0xd, 0x0, 0x9, 0xfffffffffffffff8, 0x4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r10, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x4, 0xb)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x1a, &(0x7f0000000300)=ANY=[@ANYRES16=r1], &(0x7f0000000240)='syzkaller\x00', 0xfffffffa, 0x30, &(0x7f0000000000)=""/48, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x9}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000600)=[{0x4, 0x4, 0x5, 0xc}, {0x4, 0x2, 0x6, 0x1}, {0x2, 0x40000003, 0x0, 0x7}, {0x2, 0x3, 0x1, 0x1}], 0x10, 0x7f}, 0x90)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x2e9, 0x0)

1.483020683s ago: executing program 1 (id=1807):
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000500)='ns/time\x00')
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x7, 0x8000, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x31e4}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{r2}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x20, 0x19, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff0000", @ANYRES64=r3, @ANYRESHEX=r4], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_mtu(r6, 0x29, 0x17, &(0x7f0000000100)=0x5, 0x4)
sendto$inet6(r6, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4621, 0x0, @local}, 0x1c)
socket$rds(0x15, 0x5, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6}]})
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, 0x0, 0x0)
r8 = socket$inet(0x2, 0x80003, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r8, 0x0, 0x80, &(0x7f0000000140)=@broute={'broute\x00', 0x20, 0x2, 0x330, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000580], 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000002000000000000feffffff0100000019000000000000000000726f7365300000000000000000000000726f736530000000cc000000000000007465616d5f736c6176655f310000000064756d6d7930000000000000000000000180c2000000000000000000ffffffffffff0000000000000000d00000000801000038010000706b74747970650000000000000000000000000000000000000000000000000008000000000000000000000000000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000006d61726b0000000000000000000000000000000000000000000000000000000010000000000000000000000000000000ddffffff00000000726564697265637400000000396c27db39b2eedb0000000000000000000000000800000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff01000000030000000000000080357665746831000000000000000000000074756e6c30000000000000000000000074756e6c300000000005000000000000006c616e300000000000000000000000aaaaaaaaaabb000000000000aaaaaaaaaa0000000000000000000001000000010000380100006367726f757000000000000000000000000000000000000000000000000000000800000000000000000000000000000061727000000000000000000000000000000000000000000000000000000000003800000000000000000000000000000000000000000000007f0000010000000072ce35f34121000000000000000000000000000000000000eaffffff00000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000fdffffff00000000"]}, 0x3a8)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_buf(r9, 0x1, 0x3b, 0x0, &(0x7f0000000000))
setns(r0, 0x0)
fcntl$setsig(r0, 0xa, 0x3e)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

693.228549ms ago: executing program 2 (id=1808):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000), 0x48)
pipe2(0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001300)={{r0}, &(0x7f0000000400), &(0x7f00000003c0)='%pS    \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.stat\x00', 0x26e1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000080)=@mangle={'mangle\x00', 0x1f, 0x6, 0x4a0, 0x4e8, 0x340, 0xc0, 0xc0, 0x340, 0x4e8, 0x4e8, 0x4e8, 0x4e8, 0x4e8, 0x6, 0x0, {[{{@ip={@multicast1, @local, 0x0, 0x0, 'nicvf0\x00', 'gretap0\x00'}, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @ECN={0x28}}, {{@ip={@rand_addr, @private, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pimreg0\x00'}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@inet=@esp={{0x30}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr, 0x0, 0x0, 'bond_slave_1\x00', 'veth0_virt_wifi\x00'}, 0x0, 0x128, 0x150, 0x0, {}, [@common=@unspec=@conntrack1={{0xb8}, {{@ipv6=@mcast1, [], @ipv6=@dev, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], @ipv6=@remote}}}]}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 'gretap0\x00', 'syzkaller0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x500)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r1, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x42, &(0x7f0000000100)=0x1e79, 0x4)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

617.709945ms ago: executing program 3 (id=1809):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d7930000000000000000000006970"]}, 0x134)
sendmmsg$inet6(r0, &(0x7f0000001f40)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)="f4", 0x1}], 0x1}}], 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa5654"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000080), 0x3, 0x0)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000280)={'\x00', 0x11, 0x8, 0x401})
syz_open_dev$loop(&(0x7f0000000000), 0x3, 0x0)
r5 = socket(0x1, 0x3, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r6 = syz_open_dev$vivid(&(0x7f0000000000), 0x2, 0x2)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wpan0\x00', <r8=>0x0})
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)={0x40, r7, 0x101, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_SEC_DEVKEY={0x24, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}]}]}]}, 0x40}}, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r6, 0xc0205647, &(0x7f0000000080)={0x0, 0x500, 0x0, '\x00', 0x0})
r10 = shmget$private(0x0, 0x13000, 0x0, &(0x7f0000feb000/0x13000)=nil)
shmat(r10, &(0x7f0000ff7000/0x3000)=nil, 0x400c)

23.679561ms ago: executing program 2 (id=1810):
r0 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000480), 0xc, &(0x7f0000000600)={&(0x7f0000000540)={0x57, r0, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5}, @L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x39}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x0, 0x22, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x4004}, 0xc010)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
execve(0x0, &(0x7f0000000200)=[&(0x7f00000000c0)='9p\x00', &(0x7f0000000140)='9p\x00', &(0x7f0000000180)='{*\x00'], 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
symlink(&(0x7f0000000700)='./file0/file0\x00', &(0x7f0000000740)='./file0/file0\x00')
mkdir(0x0, 0x20)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
clock_gettime(0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r3)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r4 = inotify_init1(0x0)
fcntl$setown(r4, 0x8, 0xffffffffffffffff)
fcntl$getownex(r4, 0x10, &(0x7f0000000140)={0x0, <r5=>0x0})
r6 = syz_open_procfs(r5, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000380))

0s ago: executing program 4 (id=1811):
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003"], 0x69)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, 0x0, 0x0)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
close(r1)
socket$rds(0x15, 0x5, 0x0)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000a00)=@generic={0xa, "8ab77fa26849ff2665dc0500000000000008ece6be1862e20080d2737d00ad6f9fa9f3d74ea715dd9d6d2e198211220940ad5def53b911ba5b9da13641f9826d7012a749f54b801ee80ea6132ca6e88c776553e1833052ca376304313c4b37780136a4b8385704000000000000000000000000000000001800"}, 0x80, 0x0}, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, 0x0, 0x1c)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000000)={0x400000000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="020a060007000000000000000700000005001a00fc000000000000000000000000000000ff02000000000000000000000000000100633587"], 0x38}}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)={0x14, 0x5e, 0xe25, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x4, 0x16, 0x8, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48)
r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x81}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@map_fd={0x18, 0x0, 0x1, 0x0, r5}, @map_fd, @exit]}, 0x0, 0xc}, 0x90)
socket$netlink(0x10, 0x3, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, 0xc)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=@ipv4_newnexthop={0x70, 0x68, 0x0, 0x0, 0x0, {}, [@NHA_GROUP={0x2c, 0x2, [{}, {}, {}, {}, {}]}, @NHA_OIF={0x8}, @NHA_GROUP={0x24, 0x2, [{}, {}, {0x0, 0xd8}, {0x1}]}]}, 0x70}}, 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0xfecc)
r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f0000000280)={'\x00', 0x9, 0x200, 0x3, 0x400, 0x4})

kernel console output (not intermixed with test programs):

506]  </TASK>
[  701.613604][ T5227] Bluetooth: hci4: command tx timeout
[  701.833429][ T5267] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  702.894388][ T5267] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  702.910597][ T5267] usb 1-1: New USB device found, idVendor=6c06, idProduct=c479, bcdDevice=7b.f7
[  702.955307][ T5267] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  702.977757][ T5267] usb 1-1: Product: syz
[  702.983380][ T7874] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  702.990016][ T5267] usb 1-1: Manufacturer: syz
[  703.007433][   T29] audit: type=1326 audit(1722989086.709:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10515 comm="syz.2.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  703.014853][ T5267] usb 1-1: SerialNumber: syz
[  703.043585][   T29] audit: type=1326 audit(1722989086.729:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10515 comm="syz.2.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  703.066975][   T29] audit: type=1326 audit(1722989086.729:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10515 comm="syz.2.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  703.088433][    C1] vkms_vblank_simulate: vblank timer overrun
[  703.093457][ T5267] usb 1-1: config 0 descriptor??
[  703.130851][ T5267] usb-storage 1-1:0.0: USB Mass Storage device detected
[  703.134381][T10517] =======================================================
[  703.134381][T10517] WARNING: The mand mount option has been deprecated and
[  703.134381][T10517]          and is ignored by this kernel. Remove the mand
[  703.134381][T10517]          option from the mount to silence this warning.
[  703.134381][T10517] =======================================================
[  703.165708][   T29] audit: type=1326 audit(1722989086.729:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10515 comm="syz.2.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  703.172653][    C1] vkms_vblank_simulate: vblank timer overrun
[  703.196078][T10523] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  703.209510][ T7874] usb 5-1: Using ep0 maxpacket: 32
[  703.212817][   T29] audit: type=1326 audit(1722989086.729:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10515 comm="syz.2.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  703.221639][T10523] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  703.248762][   T29] audit: type=1326 audit(1722989086.739:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10515 comm="syz.2.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f18a3376390 code=0x7ffc0000
[  703.270368][    C1] vkms_vblank_simulate: vblank timer overrun
[  703.281426][ T7874] usb 5-1: config index 0 descriptor too short (expected 8260, got 68)
[  703.303234][ T7874] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  703.328997][ T7874] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  703.346738][ T7874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[  703.354609][   T29] audit: type=1326 audit(1722989086.739:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10515 comm="syz.2.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  703.372061][ T7874] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  703.399470][ T7874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  703.406684][   T29] audit: type=1326 audit(1722989086.739:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10515 comm="syz.2.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  703.494484][T10533] netlink: 'syz.0.1277': attribute type 20 has an invalid length.
[  703.532716][   T29] audit: type=1326 audit(1722989086.739:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10515 comm="syz.2.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  703.565338][ T5267] usb 1-1: USB disconnect, device number 25
[  703.590315][   T29] audit: type=1326 audit(1722989086.739:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10515 comm="syz.2.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  703.611910][ T7874] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  703.622429][ T7874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  703.634590][ T7874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  703.644326][ T7874] usb 5-1: config 0 interface 0 altsetting 0 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[  703.659410][ T7874] usb 5-1: New USB device found, idVendor=0572, idProduct=cafe, bcdDevice=55.01
[  703.668537][ T7874] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  703.676647][ T7874] usb 5-1: Product: syz
[  703.680817][ T7874] usb 5-1: Manufacturer: syz
[  703.685571][ T7874] usb 5-1: SerialNumber: syz
[  703.908703][ T7874] usb 5-1: config 0 descriptor??
[  703.923567][ T5268] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  703.996327][T10508] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  704.136016][ T5268] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  704.279596][ T7874] cxacru 5-1:0.0: usbatm_usb_probe: invalid endpoint 02!
[  704.308086][ T5268] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  704.333973][ T7874] cxacru 5-1:0.0: probe with driver cxacru failed with error -22
[  704.360494][ T5268] usb 2-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00
[  704.400766][ T7874] usb 5-1: USB disconnect, device number 22
[  704.415179][ T5268] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  704.463528][ T5268] usb 2-1: config 0 descriptor??
[  705.865378][T10557] fuse: Bad value for 'fd'
[  706.217688][T10572] sg_write: data in/out 196608/1 bytes for SCSI command 0xf2-- guessing data in;
[  706.217688][T10572]    program syz.0.1295 not setting count and/or reply_len properly
[  707.380104][T10572] sg_write: data in/out 1818846731/53 bytes for SCSI command 0x46-- guessing data in;
[  707.380104][T10572]    program syz.0.1295 not setting count and/or reply_len properly
[  707.504456][T10583] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1298'.
[  707.524926][T10569] Illegal XDP return value 8 on prog  (id 194) dev N/A, expect packet loss!
[  707.619364][ T5268] usbhid 2-1:0.0: can't add hid device: -71
[  707.634509][ T5268] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  707.667524][ T5268] usb 2-1: USB disconnect, device number 15
[  708.133755][ T5227] Bluetooth: hci4: command tx timeout
[  708.582985][T10591] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1301'.
[  709.041936][T10598] pimreg: entered allmulticast mode
[  710.130381][T10612] fuse: Bad value for 'fd'
[  710.274805][   T29] kauditd_printk_skb: 104 callbacks suppressed
[  710.274822][   T29] audit: type=1326 audit(1722989093.979:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10613 comm="syz.1.1307" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faa1c5779f9 code=0x0
[  711.736329][ T5266] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  711.803433][ T5268] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  711.843526][ T5263] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  711.993387][ T5266] usb 1-1: Using ep0 maxpacket: 32
[  712.033373][ T5268] usb 4-1: Using ep0 maxpacket: 32
[  712.045600][ T5263] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[  712.054926][ T5263] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  712.070086][ T5268] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[  712.074433][ T5263] usb 5-1: config 0 descriptor??
[  712.091367][ T5268] usb 4-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  712.114870][ T5268] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  712.158366][ T5268] usb 4-1: Product: syz
[  712.182808][ T5268] usb 4-1: Manufacturer: syz
[  712.195099][ T5268] usb 4-1: SerialNumber: syz
[  712.225834][ T5268] usb 4-1: config 0 descriptor??
[  712.261664][T10633] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  712.519086][ T5268] hub 4-1:0.0: bad descriptor, ignoring hub
[  712.533801][ T5268] hub 4-1:0.0: probe with driver hub failed with error -5
[  712.778900][T10633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  712.805404][T10633] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  712.811183][ T5268] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input32
[  713.636610][T10645] netlink: 'syz.3.1312': attribute type 10 has an invalid length.
[  713.693803][ T8897] Bluetooth: hci3: command 0x0406 tx timeout
[  713.700145][ T6247] Bluetooth: hci4: command 0x0406 tx timeout
[  713.707995][ T8868] Bluetooth: hci7: command 0x0406 tx timeout
[  713.752130][T10645] batman_adv: batadv0: Adding interface: team0
[  713.758575][T10645] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  713.789541][T10645] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  713.949838][ T5263] ath6kl: Failed to read usb control message: -71
[  713.966737][ T5263] ath6kl: Unable to read the bmi data from the device: -71
[  713.993941][T10646] netlink: 'syz.3.1312': attribute type 10 has an invalid length.
[  714.044243][T10646] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1312'.
[  714.053825][T10646] team0: entered promiscuous mode
[  714.058964][T10646] team_slave_0: entered promiscuous mode
[  714.065292][T10646] team_slave_1: entered promiscuous mode
[  714.080520][T10646] 8021q: adding VLAN 0 to HW filter on device team0
[  714.087795][T10646] batman_adv: batadv0: Interface activated: team0
[  714.094798][T10646] batman_adv: batadv0: Interface deactivated: team0
[  714.101534][T10646] batman_adv: batadv0: Removing interface: team0
[  717.685506][ T5266] usb 1-1: device descriptor read/all, error -110
[  717.692248][ T5263] ath6kl: unable to read target info byte count: -71
[  717.720811][ T5263] ath6kl: Failed to init ath6kl core: -71
[  717.739374][ T5263] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71
[  717.766317][    C1] usbtouchscreen 4-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  717.775477][ T5268] usb 4-1: USB disconnect, device number 19
[  717.800074][T10646] bridge0: port 2(team0) entered blocking state
[  717.838199][ T5263] usb 5-1: USB disconnect, device number 23
[  717.877577][T10646] bridge0: port 2(team0) entered disabled state
[  717.884025][ T5266] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  717.892287][T10646] team0: entered allmulticast mode
[  717.904771][T10646] team_slave_0: entered allmulticast mode
[  717.910507][T10646] team_slave_1: entered allmulticast mode
[  717.923242][T10646] bridge0: port 2(team0) entered blocking state
[  717.929669][T10646] bridge0: port 2(team0) entered forwarding state
[  718.462642][ T5266] usb 1-1: device descriptor read/64, error -32
[  718.873603][ T5266] usb usb1-port1: attempt power cycle
[  719.031260][T10656] macvlan2: entered promiscuous mode
[  719.050470][T10656] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  719.096753][T10656] team0: Port device macvlan2 added
[  719.221228][T10665] netlink: 203452 bytes leftover after parsing attributes in process `syz.1.1322'.
[  719.244169][T10665] netlink: 'syz.1.1322': attribute type 2 has an invalid length.
[  719.443629][ T5266] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  719.503863][ T5266] usb 1-1: device descriptor read/8, error -32
[  719.784078][ T5227] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  719.794170][ T5227] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  719.802624][ T5227] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  719.812239][ T5266] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  719.834377][T10598] raw-gadget.1 gadget.0: failed to queue disconnect event
[  719.845641][ T5266] usb 1-1: device descriptor read/8, error -71
[  719.869465][ T5227] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  719.879137][ T5227] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  719.893681][ T5227] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  719.977706][ T5266] usb usb1-port1: unable to enumerate USB device
[  721.494687][T10695] capability: warning: `syz.3.1329' uses deprecated v2 capabilities in a way that may be insecure
[  721.629103][T10697] Bluetooth: MGMT ver 1.23
[  721.639409][ T3009] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  721.711041][T10674] chnl_net:caif_netlink_parms(): no params data found
[  721.871688][T10701] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  721.878539][T10701] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  721.899324][ T3009] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  721.921901][T10701] vhci_hcd vhci_hcd.0: Device attached
[  721.938183][ T4612] Bluetooth: hci0: command tx timeout
[  721.950090][T10704] usbip_core: unknown command
[  721.965231][T10704] vhci_hcd: unknown pdu 3020988904
[  721.970410][T10704] usbip_core: unknown command
[  722.097163][ T2982] vhci_hcd: stop threads
[  722.146098][ T2982] vhci_hcd: release socket
[  722.153640][ T2982] vhci_hcd: disconnect device
[  722.166418][ T3009] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.199075][T10674] bridge0: port 1(bridge_slave_0) entered blocking state
[  722.224882][T10674] bridge0: port 1(bridge_slave_0) entered disabled state
[  722.236073][T10674] bridge_slave_0: entered allmulticast mode
[  722.248431][T10674] bridge_slave_0: entered promiscuous mode
[  722.274586][T10718] netlink: 203452 bytes leftover after parsing attributes in process `syz.4.1334'.
[  722.288361][T10718] netlink: 'syz.4.1334': attribute type 2 has an invalid length.
[  722.317343][ T3009] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.360730][T10674] bridge0: port 2(bridge_slave_1) entered blocking state
[  722.388326][T10674] bridge0: port 2(bridge_slave_1) entered disabled state
[  722.406529][T10674] bridge_slave_1: entered allmulticast mode
[  722.423243][T10674] bridge_slave_1: entered promiscuous mode
[  722.430952][T10715] netlink: 'syz.1.1333': attribute type 21 has an invalid length.
[  722.441653][T10715] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1333'.
[  722.452143][T10715] netlink: 'syz.1.1333': attribute type 5 has an invalid length.
[  722.460477][T10715] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1333'.
[  723.607303][   T29] audit: type=1326 audit(1722989106.649:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10722 comm="syz.2.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  723.646110][T10674] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  723.683512][   T29] audit: type=1326 audit(1722989106.649:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10722 comm="syz.2.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  723.734262][T10674] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  723.773228][   T29] audit: type=1326 audit(1722989106.649:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10722 comm="syz.2.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  723.828517][   T29] audit: type=1326 audit(1722989106.649:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10722 comm="syz.2.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  723.905147][   T29] audit: type=1326 audit(1722989106.649:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10722 comm="syz.2.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  723.983897][   T29] audit: type=1326 audit(1722989106.659:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10722 comm="syz.2.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  723.985426][T10674] team0: Port device team_slave_0 added
[  724.020219][ T4612] Bluetooth: hci0: command tx timeout
[  724.027957][   T29] audit: type=1326 audit(1722989106.659:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10722 comm="syz.2.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  724.050662][   T29] audit: type=1326 audit(1722989106.659:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10722 comm="syz.2.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  724.080468][   T29] audit: type=1326 audit(1722989106.659:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10722 comm="syz.2.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  724.108769][   T29] audit: type=1326 audit(1722989106.659:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10722 comm="syz.2.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a33779f9 code=0x7ffc0000
[  724.132587][T10674] team0: Port device team_slave_1 added
[  724.368903][T10674] batman_adv: batadv0: Adding interface: batadv_slave_0
[  724.406692][T10674] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  724.519618][T10674] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  724.589925][T10674] batman_adv: batadv0: Adding interface: batadv_slave_1
[  724.641881][T10674] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  724.756770][T10674] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  724.840524][ T3009] bridge_slave_1: left allmulticast mode
[  724.862556][ T3009] bridge_slave_1: left promiscuous mode
[  724.896805][ T3009] bridge0: port 2(bridge_slave_1) entered disabled state
[  724.918646][ T3009] bridge_slave_0: left allmulticast mode
[  724.950166][ T3009] bridge_slave_0: left promiscuous mode
[  724.976832][ T3009] bridge0: port 1(bridge_slave_0) entered disabled state
[  728.593459][ T4612] Bluetooth: hci0: command tx timeout
[  729.077667][T10755] netlink: 200 bytes leftover after parsing attributes in process `syz.4.1345'.
[  729.130144][T10758] netlink: 203452 bytes leftover after parsing attributes in process `syz.1.1346'.
[  729.152059][T10758] netlink: 'syz.1.1346': attribute type 2 has an invalid length.
[  732.913723][ T4612] Bluetooth: hci0: command tx timeout
[  734.106619][T10773] overlayfs: conflicting lowerdir path
[  734.406251][ T5266] usb 2-1: new low-speed USB device number 16 using dummy_hcd
[  734.418407][ T3009] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  734.455241][ T3009] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  734.469485][ T3009] bond0 (unregistering): Released all slaves
[  734.610949][T10674] hsr_slave_0: entered promiscuous mode
[  734.649356][ T5266] usb 2-1: config index 0 descriptor too short (expected 1307, got 27)
[  734.650534][T10674] hsr_slave_1: entered promiscuous mode
[  734.659053][ T5266] usb 2-1: config 0 has an invalid interface number: 0 but max is -1
[  734.683890][T10782] overlayfs: missing 'workdir'
[  734.688818][ T5266] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 0
[  734.705614][ T5266] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  734.705981][T10674] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  734.715816][ T5266] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  734.746799][T10674] Cannot create hsr debugfs directory
[  735.093584][ T3009] hsr_slave_0: left promiscuous mode
[  735.105497][ T3009] hsr_slave_1: left promiscuous mode
[  735.121381][ T3009] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  735.134713][ T3009] batman_adv: batadv0: Removing interface: batadv_slave_0
[  735.154672][ T3009] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  735.162095][ T3009] batman_adv: batadv0: Removing interface: batadv_slave_1
[  735.288325][ T3009] veth1_macvtap: left promiscuous mode
[  735.313434][ T3009] veth0_macvtap: left promiscuous mode
[  735.323599][ T3009] veth1_vlan: left promiscuous mode
[  735.328952][ T3009] veth0_vlan: left promiscuous mode
[  736.484205][ T3009] pimreg (unregistering): left allmulticast mode
[  736.703507][T10799] netlink: 203452 bytes leftover after parsing attributes in process `syz.3.1358'.
[  736.712924][T10799] netlink: 'syz.3.1358': attribute type 2 has an invalid length.
[  736.820589][ T5268] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  737.003681][ T5268] usb 3-1: Using ep0 maxpacket: 8
[  737.023873][ T5268] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 235, using maximum allowed: 30
[  737.044843][ T5268] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 235
[  737.076823][ T5268] usb 3-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=32.a3
[  737.109475][ T5268] usb 3-1: New USB device strings: Mfr=1, Product=0, SerialNumber=3
[  737.121523][ T5268] usb 3-1: Manufacturer: syz
[  737.143471][ T5268] usb 3-1: SerialNumber: syz
[  737.154716][ T5268] usb 3-1: config 0 descriptor??
[  737.178125][ T5266] usb 2-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de
[  737.199876][ T5266] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  737.242166][ T5266] usb 2-1: config 0 descriptor??
[  737.285570][ T5266] usb 2-1: can't set config #0, error -71
[  737.307413][ T5266] usb 2-1: USB disconnect, device number 16
[  738.327787][ T3009] team0 (unregistering): Port device team_slave_1 removed
[  738.387935][ T3009] team0 (unregistering): Port device team_slave_0 removed
[  738.617610][   T58] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  738.818268][   T58] usb 2-1: Using ep0 maxpacket: 16
[  738.830388][   T58] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  738.850756][   T58] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  738.867982][   T58] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b09, bcdDevice= 0.00
[  738.903190][   T58] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  738.934309][   T58] usb 2-1: config 0 descriptor??
[  739.215577][T10824] netlink: 'syz.3.1364': attribute type 10 has an invalid length.
[  739.229338][ T5268] msi2500 3-1:0.0: Registered as swradio16
[  739.234374][T10824] geneve0: entered promiscuous mode
[  739.235330][ T5268] msi2500 3-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  739.257936][ T5268] usb 3-1: USB disconnect, device number 18
[  739.266969][T10824] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  739.375974][   T58] corsair 0003:1B1C:1B09.001B: item fetching failed at offset 2/5
[  739.384107][ T5264] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  739.392795][   T58] corsair 0003:1B1C:1B09.001B: parse failed
[  739.403086][   T58] corsair 0003:1B1C:1B09.001B: probe with driver corsair failed with error -22
[  739.583689][ T5264] usb 5-1: Using ep0 maxpacket: 32
[  739.612618][ T5264] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[  739.615384][ T3009] IPVS: stop unused estimator thread 0...
[  739.667543][ T5264] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  739.697920][ T5264] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  739.719196][ T5264] usb 5-1: Product: syz
[  739.726508][T10674] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  739.729035][ T5264] usb 5-1: Manufacturer: syz
[  739.743972][T10674] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  739.752389][ T5264] usb 5-1: SerialNumber: syz
[  739.766665][T10674] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  739.767226][ T5264] usb 5-1: config 0 descriptor??
[  739.789372][T10674] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  739.792558][T10820] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  739.810717][ T5264] hub 5-1:0.0: bad descriptor, ignoring hub
[  739.824713][ T5264] hub 5-1:0.0: probe with driver hub failed with error -5
[  739.846847][ T5264] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input33
[  740.184424][T10674] 8021q: adding VLAN 0 to HW filter on device bond0
[  740.330432][T10674] 8021q: adding VLAN 0 to HW filter on device team0
[  740.367789][ T5225] bridge0: port 1(bridge_slave_0) entered blocking state
[  740.375007][ T5225] bridge0: port 1(bridge_slave_0) entered forwarding state
[  740.395738][ T5225] bridge0: port 2(bridge_slave_1) entered blocking state
[  740.402915][ T5225] bridge0: port 2(bridge_slave_1) entered forwarding state
[  740.506881][T10820] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  740.523269][T10820] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  740.605798][T10844] netlink: 'syz.4.1363': attribute type 10 has an invalid length.
[  740.630590][T10844] batman_adv: batadv0: Adding interface: team0
[  740.636971][T10844] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  740.663067][T10844] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  740.696753][T10844] netlink: 'syz.4.1363': attribute type 10 has an invalid length.
[  740.704862][T10844] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1363'.
[  740.714100][T10844] team0: entered promiscuous mode
[  740.719182][T10844] team_slave_0: entered promiscuous mode
[  740.725118][T10844] team_slave_1: entered promiscuous mode
[  740.733440][T10844] 8021q: adding VLAN 0 to HW filter on device team0
[  740.740429][T10844] batman_adv: batadv0: Interface activated: team0
[  740.750273][T10844] batman_adv: batadv0: Interface deactivated: team0
[  740.757082][T10844] batman_adv: batadv0: Removing interface: team0
[  740.942164][T10844] bridge0: port 3(team0) entered blocking state
[  740.948801][T10844] bridge0: port 3(team0) entered disabled state
[  740.955568][T10844] team0: entered allmulticast mode
[  740.960880][T10844] team_slave_0: entered allmulticast mode
[  740.966811][T10844] team_slave_1: entered allmulticast mode
[  740.972627][T10844] macvlan2: entered allmulticast mode
[  740.978258][T10844] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  740.989368][T10844] bridge0: port 3(team0) entered blocking state
[  740.995860][T10844] bridge0: port 3(team0) entered forwarding state
[  742.899671][ T5262] usb 2-1: USB disconnect, device number 17
[  744.197717][ T5225] usb 5-1: USB disconnect, device number 24
[  744.197729][    C0] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  745.288899][T10674] 8021q: adding VLAN 0 to HW filter on device batadv0
[  745.532612][T10674] veth0_vlan: entered promiscuous mode
[  745.551253][T10674] veth1_vlan: entered promiscuous mode
[  745.616915][   T29] kauditd_printk_skb: 10 callbacks suppressed
[  745.616934][   T29] audit: type=1326 audit(1722989129.299:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10864 comm="syz.2.1370" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f18a33779f9 code=0x0
[  745.626931][T10674] veth0_macvtap: entered promiscuous mode
[  745.644101][    C1] vkms_vblank_simulate: vblank timer overrun
[  745.699852][T10674] veth1_macvtap: entered promiscuous mode
[  745.739833][T10674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  745.793173][T10674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  745.831248][T10674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  745.842104][T10674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  745.864481][T10674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  745.886987][T10674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  745.917154][T10674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  745.933395][T10674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  745.974804][T10674] batman_adv: batadv0: Interface activated: batadv_slave_0
[  745.995577][T10874] netlink: 'syz.2.1370': attribute type 4 has an invalid length.
[  746.018195][T10674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  746.058933][T10674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  746.072285][T10674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  746.088159][T10674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  746.100778][T10674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  746.131079][T10674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  746.178773][T10674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  746.221395][T10674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  746.265550][T10674] batman_adv: batadv0: Interface activated: batadv_slave_1
[  746.284578][T10674] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  746.299119][T10674] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  746.317345][T10674] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  746.331006][T10674] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  746.514116][ T3009] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  746.546830][ T3009] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  746.597845][ T3009] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  746.631742][ T3009] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  746.667858][T10884] netlink: 6 bytes leftover after parsing attributes in process `syz.2.1377'.
[  746.683508][T10884] netlink: 6 bytes leftover after parsing attributes in process `syz.2.1377'.
[  746.715719][T10884] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  746.914132][T10888] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 39704 - 0
[  746.934999][T10888] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 39704 - 0
[  746.971270][T10888] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 39704 - 0
[  746.991142][T10888] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 39704 - 0
[  747.002898][T10888] netdevsim netdevsim2 netdevsim0: set [1, 2] type 2 family 0 port 43162 - 0
[  747.021369][T10888] netdevsim netdevsim2 netdevsim1: set [1, 2] type 2 family 0 port 43162 - 0
[  747.030472][T10888] netdevsim netdevsim2 netdevsim2: set [1, 2] type 2 family 0 port 43162 - 0
[  747.033387][ T5268] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  747.045687][T10888] netdevsim netdevsim2 netdevsim3: set [1, 2] type 2 family 0 port 43162 - 0
[  747.064990][T10888] geneve2: entered promiscuous mode
[  747.070508][T10888] geneve2: entered allmulticast mode
[  747.179142][   T29] audit: type=1326 audit(1722989130.879:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10893 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c571779f9 code=0x7ffc0000
[  747.240369][   T29] audit: type=1326 audit(1722989130.879:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10893 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c571779f9 code=0x7ffc0000
[  747.277736][ T5268] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  747.288911][ T5225] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  747.306684][ T5268] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  747.320173][   T29] audit: type=1326 audit(1722989130.879:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10893 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f9c571779f9 code=0x7ffc0000
[  747.344313][   T29] audit: type=1326 audit(1722989130.879:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10893 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c571779f9 code=0x7ffc0000
[  747.835357][ T5268] usb 2-1: config 0 descriptor??
[  748.229544][   T29] audit: type=1326 audit(1722989130.879:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10893 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c571779f9 code=0x7ffc0000
[  748.232884][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  748.251537][   T29] audit: type=1326 audit(1722989130.879:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10893 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c571779f9 code=0x7ffc0000
[  748.288172][ T5268] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  748.328626][   T29] audit: type=1326 audit(1722989130.879:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10893 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9c571779f9 code=0x7ffc0000
[  748.351088][   T29] audit: type=1326 audit(1722989130.879:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10893 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c571779f9 code=0x7ffc0000
[  748.373006][ T5225] usb 3-1: Using ep0 maxpacket: 16
[  748.380606][   T29] audit: type=1326 audit(1722989130.879:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10893 comm="syz.4.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c571779f9 code=0x7ffc0000
[  748.404553][ T5225] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  748.416240][ T5225] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  748.431289][ T5225] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  748.453115][ T5225] usb 3-1: config 0 descriptor??
[  748.603774][ T5263] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  748.813689][ T5263] usb 4-1: Using ep0 maxpacket: 32
[  748.825789][ T5263] usb 4-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  748.849560][ T5263] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  748.877129][ T5263] usb 4-1: Product: syz
[  748.892709][ T5263] usb 4-1: Manufacturer: syz
[  748.899679][ T5263] usb 4-1: SerialNumber: syz
[  748.905919][T10884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  748.907605][ T5263] usb 4-1: config 0 descriptor??
[  748.922188][ T5263] cdc_ether 4-1:0.0: More than one union descriptor, skipping ...
[  748.925959][T10884] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  748.949331][ T5263] usb 4-1: bad CDC descriptors
[  748.965575][ T5263] usb 4-1: unsupported MDLM descriptors
[  748.966934][ T5225] hid (null): nested delimiters
[  748.999197][ T5225] hid (null): nested delimiters
[  749.007769][ T5225] hid (null): nested delimiters
[  749.012897][ T5225] hid (null): report_id 24797 is invalid
[  749.027057][ T5225] hid (null): unknown global tag 0xc
[  749.041166][ T5225] hid-generic 0003:0158:0100.001C: unknown main item tag 0x1
[  749.052624][ T5225] hid-generic 0003:0158:0100.001C: unexpected long global item
[  749.118073][ T5225] hid-generic 0003:0158:0100.001C: probe with driver hid-generic failed with error -22
[  749.140297][ T5227] Bluetooth: hci0: command tx timeout
[  749.153625][T10915] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1385'.
[  749.184421][T10905] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  749.448232][T10905] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  749.696868][ T5268] usb 2-1: USB disconnect, device number 18
[  749.739489][ T5264] usb 3-1: USB disconnect, device number 19
[  749.835054][T10919] netlink: 'syz.0.1384': attribute type 4 has an invalid length.
[  751.310052][ T5225] usb 4-1: USB disconnect, device number 20
[  751.723492][   T29] kauditd_printk_skb: 6 callbacks suppressed
[  751.723511][   T29] audit: type=1326 audit(1722989135.419:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10941 comm="syz.0.1393" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4e35b779f9 code=0x0
[  752.001642][T10957] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  752.190840][   T29] audit: type=1326 audit(1722989135.889:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10953 comm="syz.4.1397" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9c571779f9 code=0x0
[  752.295341][T10964] netlink: 'syz.4.1397': attribute type 4 has an invalid length.
[  752.414373][T10963] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1398'.
[  752.478929][T10963] vlan2: entered promiscuous mode
[  752.498029][T10963] vlan2: entered allmulticast mode
[  753.853613][ T5227] Bluetooth: hci4: command 0x0406 tx timeout
[  755.693831][ T5227] Bluetooth: hci7: command 0x0406 tx timeout
[  756.277605][T11008] netlink: 'syz.4.1411': attribute type 4 has an invalid length.
[  757.405934][    C1] vxcan0: j1939_tp_rxtimer: 0xffff888064514800: rx timeout, send abort
[  757.915522][    C1] vxcan0: j1939_tp_rxtimer: 0xffff888064514800: abort rx timeout. Force session deactivation
[  758.074154][T11020] overlay: filesystem on ./file1 not supported as upperdir
[  758.333465][ T5225] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  758.363593][   T58] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  758.557210][ T5225] usb 5-1: Using ep0 maxpacket: 32
[  758.582525][ T5225] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[  758.606947][   T58] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  758.633424][ T5225] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  758.642856][ T5225] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  758.677147][   T58] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  758.703831][ T5225] usb 5-1: Product: syz
[  758.708042][ T5225] usb 5-1: Manufacturer: syz
[  758.712686][ T5225] usb 5-1: SerialNumber: syz
[  758.763611][   T58] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  758.794234][ T5225] usb 5-1: config 0 descriptor??
[  758.800041][T11033] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  758.830491][   T58] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  758.854239][ T5225] hub 5-1:0.0: bad descriptor, ignoring hub
[  758.881126][ T5225] hub 5-1:0.0: probe with driver hub failed with error -5
[  758.885584][   T58] usb 2-1: config 0 descriptor??
[  758.918659][ T5225] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input34
[  759.277332][T11033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  759.519826][   T58] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0
[  759.558284][T11033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  759.567514][   T58] plantronics 0003:047F:FFFF.001D: No inputs registered, leaving
[  759.619558][   T58] plantronics 0003:047F:FFFF.001D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  759.783995][T11045] netlink: 'syz.4.1418': attribute type 10 has an invalid length.
[  759.983352][   T58] usb 2-1: USB disconnect, device number 19
[  760.084761][T11045] bridge0: port 3(team0) entered disabled state
[  760.344746][T11045] team0: left allmulticast mode
[  760.349877][T11045] team_slave_0: left allmulticast mode
[  760.358115][T11045] team_slave_1: left allmulticast mode
[  760.363842][T11045] macvlan2: left allmulticast mode
[  760.369138][T11045] net veth1_virt_wifi virt_wifi0: left allmulticast mode
[  760.376636][T11045] team0: left promiscuous mode
[  760.381524][T11045] team_slave_0: left promiscuous mode
[  760.388016][T11045] team_slave_1: left promiscuous mode
[  760.395416][T11045] bridge0: port 3(team0) entered disabled state
[  761.235019][T11045] batman_adv: batadv0: Adding interface: team0
[  761.258527][T11045] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  761.405012][T11045] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  761.434301][T11046] netlink: 'syz.4.1418': attribute type 10 has an invalid length.
[  761.442176][T11046] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1418'.
[  761.463840][T11046] team0: entered promiscuous mode
[  761.477933][T11046] team_slave_0: entered promiscuous mode
[  761.501069][T11046] team_slave_1: entered promiscuous mode
[  761.528046][T11046] 8021q: adding VLAN 0 to HW filter on device team0
[  761.547037][T11046] batman_adv: batadv0: Interface activated: team0
[  761.616949][T11046] batman_adv: batadv0: Interface deactivated: team0
[  761.685761][T11046] batman_adv: batadv0: Removing interface: team0
[  761.686182][T11060] netlink: 203452 bytes leftover after parsing attributes in process `syz.2.1426'.
[  761.716548][T11046] bridge0: port 3(team0) entered blocking state
[  761.731133][T11060] netlink: 'syz.2.1426': attribute type 2 has an invalid length.
[  761.764969][T11046] bridge0: port 3(team0) entered disabled state
[  761.780374][T11046] team0: entered allmulticast mode
[  761.789009][T11046] team_slave_0: entered allmulticast mode
[  761.801426][T11046] team_slave_1: entered allmulticast mode
[  761.810523][T11046] macvlan2: entered allmulticast mode
[  761.819844][T11046] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  761.829158][T11046] bridge0: port 3(team0) entered blocking state
[  761.835572][T11046] bridge0: port 3(team0) entered forwarding state
[  761.984659][    C1] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  762.004124][T11065] netlink: 'syz.0.1427': attribute type 4 has an invalid length.
[  762.020695][ T5268] usb 5-1: USB disconnect, device number 25
[  762.082934][T11068] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1428'.
[  762.150233][T11072] netlink: 'syz.4.1430': attribute type 10 has an invalid length.
[  762.189250][T11072] mac80211_hwsim hwsim45 wlan1: entered promiscuous mode
[  762.211697][T11072] mac80211_hwsim hwsim45 wlan1: entered allmulticast mode
[  762.234151][T11072] team0: Port device wlan1 added
[  762.321271][T11071] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  762.543762][ T5268] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  762.574121][ T7874] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  762.661191][T11085] FAULT_INJECTION: forcing a failure.
[  762.661191][T11085] name failslab, interval 1, probability 0, space 0, times 0
[  762.674463][T11085] CPU: 0 UID: 0 PID: 11085 Comm: syz.2.1434 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  762.685249][T11085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  762.695324][T11085] Call Trace:
[  762.697024][T11088] netlink: 203452 bytes leftover after parsing attributes in process `syz.0.1435'.
[  762.698596][T11085]  <TASK>
[  762.710451][T11088] netlink: 'syz.0.1435': attribute type 2 has an invalid length.
[  762.710771][T11085]  dump_stack_lvl+0x241/0x360
[  762.723180][T11085]  ? __pfx_dump_stack_lvl+0x10/0x10
[  762.728403][T11085]  ? __pfx__printk+0x10/0x10
[  762.733024][T11085]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  762.739024][T11085]  ? __pfx___might_resched+0x10/0x10
[  762.744306][T11085]  ? tcp_established_options+0x3c1/0x800
[  762.749938][T11085]  should_fail_ex+0x3b0/0x4e0
[  762.754611][T11085]  should_failslab+0xac/0x100
[  762.759277][T11085]  ? __alloc_skb+0x1c3/0x440
[  762.763856][T11085]  kmem_cache_alloc_node_noprof+0x71/0x320
[  762.769655][T11085]  ? tcp_current_mss+0x29b/0x4d0
[  762.774584][T11085]  __alloc_skb+0x1c3/0x440
[  762.779000][T11085]  ? __pfx___alloc_skb+0x10/0x10
[  762.784019][T11085]  ? _parse_integer_limit+0xd0/0x200
[  762.789294][T11085]  ? mark_lock+0x9a/0x350
[  762.793622][T11085]  tcp_stream_alloc_skb+0x3d/0x310
[  762.798733][T11085]  tcp_sendmsg_locked+0xd6a/0x4e10
[  762.803842][T11085]  ? __lock_acquire+0x137a/0x2040
[  762.808875][T11085]  ? mark_lock+0x9a/0x350
[  762.813213][T11085]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  762.818754][T11085]  ? __local_bh_enable_ip+0x168/0x200
[  762.824139][T11085]  ? do_raw_spin_unlock+0x13c/0x8b0
[  762.829345][T11085]  tcp_sendmsg+0x30/0x50
[  762.833586][T11085]  __sock_sendmsg+0x1a6/0x270
[  762.838267][T11085]  __sys_sendto+0x3a4/0x4f0
[  762.842766][T11085]  ? __pfx___sys_sendto+0x10/0x10
[  762.847801][T11085]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  762.853782][T11085]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  762.860113][T11085]  __x64_sys_sendto+0xde/0x100
[  762.864874][T11085]  do_syscall_64+0xf3/0x230
[  762.869371][T11085]  ? clear_bhb_loop+0x35/0x90
[  762.874042][T11085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  762.879934][T11085] RIP: 0033:0x7f18a33779f9
[  762.884347][T11085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  762.903963][T11085] RSP: 002b:00007f18a4231048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  762.912376][T11085] RAX: ffffffffffffffda RBX: 00007f18a3505f80 RCX: 00007f18a33779f9
[  762.920341][T11085] RDX: 00000000000109e8 RSI: 00000000200004c0 RDI: 0000000000000003
[  762.928318][T11085] RBP: 00007f18a42310a0 R08: 0000000000000000 R09: 0000000000000006
[  762.936287][T11085] R10: 0000000000000805 R11: 0000000000000246 R12: 0000000000000001
[  762.944252][T11085] R13: 000000000000000b R14: 00007f18a3505f80 R15: 00007ffd91a79508
[  762.952233][T11085]  </TASK>
[  762.958963][ T5268] usb 4-1: config 0 has an invalid interface number: 156 but max is 1
[  762.969116][ T5268] usb 4-1: config 0 has no interface number 1
[  762.975382][ T5268] usb 4-1: config 0 interface 156 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  762.985626][ T5268] usb 4-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  762.998051][ T7874] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  763.009245][ T5268] usb 4-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  763.020209][ T7874] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  763.030240][ T5268] usb 4-1: config 0 interface 156 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  763.043358][ T7874] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  763.052404][ T7874] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  763.063487][ T5268] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  763.072538][ T5268] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  763.095808][T11070] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  763.105685][ T7874] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  763.113964][ T5268] usb 4-1: config 0 descriptor??
[  763.147025][ T5268] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  763.157247][ T5268] usb 4-1: MIDIStreaming interface descriptor not found
[  763.191641][ T5268] gspca_main: spca561-2.14.0 probing abcd:cdee
[  763.469371][ T5268] spca561 4-1:0.0: probe with driver spca561 failed with error -22
[  763.500643][ T5268] usb 4-1: USB disconnect, device number 21
[  763.589397][T11070] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  763.634764][T11070] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  763.768633][T11070] fuse: Bad value for 'user_id'
[  763.783747][T11070] fuse: Bad value for 'user_id'
[  763.818825][ T5268] usb 2-1: USB disconnect, device number 20
[  763.853554][T11097] nbd4: detected capacity change from 0 to 12
[  763.949154][T11097] block nbd4: NBD_DISCONNECT
[  763.974713][T11097] block nbd4: Send disconnect failed -89
[  764.012022][T11097] block nbd4: Send control failed (result -89)
[  764.030035][T11097] block nbd4: Request send failed, requeueing
[  764.039421][T11097] block nbd4: Disconnected due to user request.
[  764.053057][   T43] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  764.063158][   T43] Buffer I/O error on dev nbd4, logical block 0, async page read
[  764.071901][T11097] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  764.085249][T11097] Buffer I/O error on dev nbd4, logical block 0, async page read
[  764.093208][T11097] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  764.102750][T11097] Buffer I/O error on dev nbd4, logical block 0, async page read
[  764.110629][T11097] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  764.119954][T11097] Buffer I/O error on dev nbd4, logical block 0, async page read
[  764.127843][T11097] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  764.137205][T11097] Buffer I/O error on dev nbd4, logical block 0, async page read
[  764.146490][T11097] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  764.224326][T11097] Buffer I/O error on dev nbd4, logical block 0, async page read
[  764.243563][T11097] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  764.263406][T11097] Buffer I/O error on dev nbd4, logical block 0, async page read
[  764.271287][T11097] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  764.312386][T11097] Buffer I/O error on dev nbd4, logical block 0, async page read
[  764.403543][T11097] ldm_validate_partition_table(): Disk read failed.
[  764.412021][T11097] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  764.421235][T11097] Buffer I/O error on dev nbd4, logical block 0, async page read
[  764.429736][T11097] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  764.438883][T11097] Buffer I/O error on dev nbd4, logical block 0, async page read
[  764.476090][T11097] Dev nbd4: unable to read RDB block 0
[  764.483087][T11097]  nbd4: unable to read partition table
[  764.490307][T11097] nbd4: partition table beyond EOD, truncated
[  765.415998][T11116] kvm: emulating exchange as write
[  765.483436][ T7874] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  765.494062][ T5268] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  765.679950][T11127] netlink: 'syz.2.1445': attribute type 4 has an invalid length.
[  765.693746][ T5268] usb 2-1: Using ep0 maxpacket: 32
[  765.700567][ T7874] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  765.720051][ T5268] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 91, changing to 10
[  765.731575][ T7874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  765.742892][ T5268] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 16
[  765.753261][ T7874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  765.765716][ T5268] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[  765.776089][ T7874] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  765.794799][ T5268] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  765.812503][ T5268] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  765.825648][ T7874] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  765.835114][ T5268] usb 2-1: Product: ⁥
[  765.839338][ T5268] usb 2-1: Manufacturer: 㹚閰霙憜炤汐孡✓뗅외휣텚ٸ漦鬞⊇㘚٪쵯筗ᅊ΢젼움謟䏽롼꼌毽궾控繃햋㔞槹⧶䤷됛팽ⓑ砤㸭ൺ㒽俅篨覜矖
[  766.614173][ T7874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  766.635244][ T7874] usb 5-1: config 0 descriptor??
[  766.644034][T11117] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  766.651462][   T29] audit: type=1400 audit(1722989149.629:539): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=11128 comm="syz.0.1446" dest=20002 netif=wpan0
[  766.697254][ T5268] usb 2-1: SerialNumber: ᚨ땊宙缫ܜ㬔祵ꭜ秷풪㟊ꈽ윫롒䙝멈創῎ꕕ䜱봵襩怞䂐켩直ԁ腬ᡏ팵袩솿鮓쭠蠝￿䲁ｗ凖ᬙ駬⇍獲甫齖⡶䎚ᜂ뫴웫表
[  766.944402][T11143] tmpfs: Unknown parameter 'usrquotaic'
[  766.979854][T11111] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1441'.
[  767.010268][T11111] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  767.022995][T11111] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  767.067286][ T5268] cdc_ncm 2-1:1.0: bind() failure
[  767.078394][ T5268] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  767.089954][ T5268] cdc_ncm 2-1:1.1: bind() failure
[  767.100815][ T5268] usb 2-1: USB disconnect, device number 21
[  767.108820][ T7874] plantronics 0003:047F:FFFF.001E: unknown main item tag 0xd
[  767.124437][ T7874] plantronics 0003:047F:FFFF.001E: No inputs registered, leaving
[  767.136396][ T7874] plantronics 0003:047F:FFFF.001E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  768.074527][T11117] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  768.074731][T11117] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  768.133380][ T7874] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  768.155319][   T58] usb 5-1: USB disconnect, device number 26
[  768.444892][ T7874] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  768.454614][ T7874] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  768.464415][ T7874] usb 3-1: config 0 descriptor??
[  768.477742][ T7874] cp210x 3-1:0.0: cp210x converter detected
[  769.350676][ T7874] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[  769.666670][ T7874] usb 3-1: cp210x converter now attached to ttyUSB0
[  769.869650][ T7874] usb 3-1: USB disconnect, device number 20
[  769.925555][ T7874] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  769.990281][ T7874] cp210x 3-1:0.0: device disconnected
[  769.998916][T11177] netlink: 'syz.3.1459': attribute type 4 has an invalid length.
[  770.638709][   T29] audit: type=1326 audit(1722989154.338:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11184 comm="syz.1.1463" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faa1c5779f9 code=0x0
[  771.602258][   T29] audit: type=1326 audit(1722989155.288:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11186 comm="syz.2.1464" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f18a33779f9 code=0x0
[  771.747448][T11205] FAULT_INJECTION: forcing a failure.
[  771.747448][T11205] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  771.772901][T11205] CPU: 1 UID: 0 PID: 11205 Comm: syz.4.1467 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  771.783687][T11205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  771.793730][T11205] Call Trace:
[  771.796995][T11205]  <TASK>
[  771.799912][T11205]  dump_stack_lvl+0x241/0x360
[  771.804582][T11205]  ? __pfx_dump_stack_lvl+0x10/0x10
[  771.809770][T11205]  ? __pfx__printk+0x10/0x10
[  771.814352][T11205]  ? __pfx_lock_release+0x10/0x10
[  771.819369][T11205]  should_fail_ex+0x3b0/0x4e0
[  771.824051][T11205]  strncpy_from_user+0x36/0x2e0
[  771.828907][T11205]  ? kmem_cache_alloc_noprof+0x185/0x2a0
[  771.834533][T11205]  getname_flags+0xf1/0x540
[  771.839028][T11205]  user_path_at+0x24/0x60
[  771.843357][T11205]  __se_sys_mount+0x297/0x3c0
[  771.848025][T11205]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  771.854001][T11205]  ? __pfx___se_sys_mount+0x10/0x10
[  771.859187][T11205]  ? do_syscall_64+0x100/0x230
[  771.863948][T11205]  ? __x64_sys_mount+0x20/0xc0
[  771.868699][T11205]  do_syscall_64+0xf3/0x230
[  771.873196][T11205]  ? clear_bhb_loop+0x35/0x90
[  771.877877][T11205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  771.883885][T11205] RIP: 0033:0x7f9c571779f9
[  771.888311][T11205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  771.907919][T11205] RSP: 002b:00007f9c58005048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  771.916320][T11205] RAX: ffffffffffffffda RBX: 00007f9c57306058 RCX: 00007f9c571779f9
[  771.924274][T11205] RDX: 0000000020000040 RSI: 0000000020000140 RDI: 0000000000000000
[  771.932233][T11205] RBP: 00007f9c580050a0 R08: 0000000000000000 R09: 0000000000000000
[  771.940197][T11205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  771.948152][T11205] R13: 000000000000006e R14: 00007f9c57306058 R15: 00007ffdcccb75a8
[  771.956114][T11205]  </TASK>
[  772.036281][ T5264] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  772.193946][ T7874] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  772.453454][ T5264] usb 1-1: Using ep0 maxpacket: 32
[  772.939751][   T29] audit: type=1804 audit(1722989156.288:542): pid=11211 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.1.1469" name="/newroot/83/file0" dev="fuse" ino=1 res=1 errno=0
[  773.106752][ T5264] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[  773.133354][ T7874] usb 4-1: device descriptor read/64, error -71
[  773.202517][ T5264] usb 1-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  773.220751][ T5264] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  773.239048][ T5264] usb 1-1: Product: syz
[  773.249134][ T5264] usb 1-1: Manufacturer: syz
[  773.258797][ T5264] usb 1-1: SerialNumber: syz
[  773.278084][ T5264] usb 1-1: config 0 descriptor??
[  774.003494][ T7874] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  774.060399][ T5264] usb 1-1: can't set config #0, error -71
[  774.093190][T11219] binder: BINDER_SET_CONTEXT_MGR already set
[  774.143560][T11219] binder: 11215:11219 ioctl 4018620d 20000100 returned -16
[  774.187433][ T5264] usb 1-1: USB disconnect, device number 30
[  774.203989][ T7874] usb 4-1: device descriptor read/64, error -71
[  774.349659][ T7874] usb usb4-port1: attempt power cycle
[  774.491990][T11223] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1474'.
[  774.523651][T11223] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1474'.
[  774.567814][T11223] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1474'.
[  774.635645][T11223] erspan0: entered promiscuous mode
[  774.661475][T11223] batadv_slave_1: entered promiscuous mode
[  774.694877][T11226] netlink: 'syz.2.1475': attribute type 4 has an invalid length.
[  774.743489][ T5266] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  774.983531][ T5266] usb 1-1: Using ep0 maxpacket: 16
[  774.997825][ T5266] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  775.020683][ T5266] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  775.052693][ T5266] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  775.083249][ T5266] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  775.110920][ T5266] usb 1-1: config 0 descriptor??
[  775.143759][ T4612] Bluetooth: hci1: command 0x0406 tx timeout
[  775.544572][T11221] Context (ID=0x0) not attached to queue pair (handle=0xffffffff:0x2)
[  777.012836][ T5266] usbhid 1-1:0.0: can't add hid device: -71
[  777.040670][ T5266] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  777.124335][ T5266] usb 1-1: USB disconnect, device number 31
[  777.306434][T11265] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1484'.
[  777.548838][T11265] fuse: Bad value for 'fd'
[  777.565712][T11265] netlink: 'syz.4.1484': attribute type 32 has an invalid length.
[  777.588582][T11269] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1485'.
[  777.693585][ T5227] Bluetooth: hci0: command tx timeout
[  778.717465][ T5266] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  778.803059][T11282] netlink: 'syz.3.1488': attribute type 4 has an invalid length.
[  778.913387][ T5266] usb 2-1: Using ep0 maxpacket: 8
[  778.934930][ T5266] usb 2-1: config 0 has an invalid descriptor of length 209, skipping remainder of the config
[  778.950162][ T5266] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  778.962317][ T5266] usb 2-1: New USB device found, idVendor=0547, idProduct=7303, bcdDevice=c4.ff
[  778.972648][ T5266] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  778.996376][ T5266] usb 2-1: config 0 descriptor??
[  779.018105][T11294] blktrace: Concurrent blktraces are not allowed on loop3
[  779.043600][ T5264] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  779.087448][T11300] FAULT_INJECTION: forcing a failure.
[  779.087448][T11300] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  779.104782][T11300] CPU: 1 UID: 0 PID: 11300 Comm: syz.3.1494 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  779.115566][T11300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  779.125633][T11300] Call Trace:
[  779.128924][T11300]  <TASK>
[  779.131865][T11300]  dump_stack_lvl+0x241/0x360
[  779.136568][T11300]  ? __pfx_dump_stack_lvl+0x10/0x10
[  779.141788][T11300]  ? __pfx__printk+0x10/0x10
[  779.146404][T11300]  ? snprintf+0xda/0x120
[  779.150668][T11300]  should_fail_ex+0x3b0/0x4e0
[  779.155368][T11300]  _copy_to_user+0x2f/0xb0
[  779.159803][T11300]  simple_read_from_buffer+0xca/0x150
[  779.165199][T11300]  proc_fail_nth_read+0x1e9/0x250
[  779.170245][T11300]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  779.175820][T11300]  ? rw_verify_area+0x520/0x6b0
[  779.180695][T11300]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  779.186263][T11300]  vfs_read+0x204/0xbc0
[  779.190430][T11300]  ? __pfx_lock_release+0x10/0x10
[  779.195479][T11300]  ? __pfx_vfs_read+0x10/0x10
[  779.200172][T11300]  ? __fget_files+0x29/0x470
[  779.204776][T11300]  ? __fget_files+0x3f6/0x470
[  779.209482][T11300]  ksys_read+0x1a0/0x2c0
[  779.213742][T11300]  ? __pfx_ksys_read+0x10/0x10
[  779.218521][T11300]  ? do_syscall_64+0x100/0x230
[  779.223304][T11300]  ? do_syscall_64+0xb6/0x230
[  779.227998][T11300]  do_syscall_64+0xf3/0x230
[  779.232524][T11300]  ? clear_bhb_loop+0x35/0x90
[  779.237214][T11300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  779.243122][T11300] RIP: 0033:0x7f694817643c
[  779.243357][ T5264] usb 5-1: Using ep0 maxpacket: 8
[  779.247531][T11300] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  779.264361][ T5264] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  779.272117][T11300] RSP: 002b:00007f6948eb5040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  779.288721][T11300] RAX: ffffffffffffffda RBX: 00007f6948305f80 RCX: 00007f694817643c
[  779.296225][ T5264] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  779.296685][T11300] RDX: 000000000000000f RSI: 00007f6948eb50b0 RDI: 0000000000000004
[  779.313386][ T5264] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  779.314326][T11300] RBP: 00007f6948eb50a0 R08: 0000000000000000 R09: 0000000000000000
[  779.332036][T11300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  779.333398][ T5264] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  779.340002][T11300] R13: 000000000000000b R14: 00007f6948305f80 R15: 00007ffd68c47848
[  779.340043][T11300]  </TASK>
[  779.340137][    C1] vkms_vblank_simulate: vblank timer overrun
[  779.354657][ T5264] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  779.444109][ T5264] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  779.468643][ T5264] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  779.767246][ T5264] usb 5-1: usb_control_msg returned -32
[  779.773020][ T5264] usbtmc 5-1:16.0: can't read capabilities
[  780.314346][T11309] netlink: 203452 bytes leftover after parsing attributes in process `syz.0.1496'.
[  780.340983][T11309] netlink: 'syz.0.1496': attribute type 2 has an invalid length.
[  780.599228][ T5264] usb 2-1: USB disconnect, device number 22
[  780.702894][ T5227] Bluetooth: hci7: unexpected cc 0x1408 length: 57 > 4
[  780.711085][ T5227] Bluetooth: hci7: unexpected event for opcode 0x1408
[  781.069723][T11332] netlink: 'syz.1.1503': attribute type 1 has an invalid length.
[  781.347617][T11338] netlink: 'syz.2.1504': attribute type 4 has an invalid length.
[  781.840987][ T5264] usb 5-1: USB disconnect, device number 27
[  782.058120][T11359] FAULT_INJECTION: forcing a failure.
[  782.058120][T11359] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  782.082311][ T5266] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  782.130383][T11359] CPU: 0 UID: 0 PID: 11359 Comm: syz.1.1514 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  782.141200][T11359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  782.151271][T11359] Call Trace:
[  782.154564][T11359]  <TASK>
[  782.157594][T11359]  dump_stack_lvl+0x241/0x360
[  782.162298][T11359]  ? __pfx_dump_stack_lvl+0x10/0x10
[  782.167518][T11359]  ? __pfx__printk+0x10/0x10
[  782.172143][T11359]  ? __pfx_lock_release+0x10/0x10
[  782.177185][T11359]  ? __lock_acquire+0x137a/0x2040
[  782.182230][T11359]  should_fail_ex+0x3b0/0x4e0
[  782.186932][T11359]  _copy_from_user+0x2f/0xe0
[  782.191540][T11359]  kstrtouint_from_user+0xc6/0x190
[  782.196667][T11359]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  782.202411][T11359]  ? __pfx_lock_acquire+0x10/0x10
[  782.207471][T11359]  proc_fail_nth_write+0xaa/0x2d0
[  782.212522][T11359]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  782.218441][T11359]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  782.224099][T11359]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  782.229755][T11359]  vfs_write+0x2a2/0xc90
[  782.234024][T11359]  ? __pfx_vfs_write+0x10/0x10
[  782.238807][T11359]  ? __fget_files+0x29/0x470
[  782.243404][T11359]  ? __fget_files+0x3f6/0x470
[  782.248082][T11359]  ksys_write+0x1a0/0x2c0
[  782.252501][T11359]  ? __pfx_ksys_write+0x10/0x10
[  782.257344][T11359]  ? do_syscall_64+0x100/0x230
[  782.262102][T11359]  ? do_syscall_64+0xb6/0x230
[  782.266775][T11359]  do_syscall_64+0xf3/0x230
[  782.271279][T11359]  ? clear_bhb_loop+0x35/0x90
[  782.275950][T11359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  782.281842][T11359] RIP: 0033:0x7faa1c5764df
[  782.286248][T11359] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48
[  782.305843][T11359] RSP: 002b:00007faa1d354040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  782.314248][T11359] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faa1c5764df
[  782.322207][T11359] RDX: 0000000000000001 RSI: 00007faa1d3540b0 RDI: 0000000000000005
[  782.330165][T11359] RBP: 00007faa1d3540a0 R08: 0000000000000000 R09: 0000000000000000
[  782.338123][T11359] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  782.346079][T11359] R13: 000000000000000b R14: 00007faa1c705f80 R15: 00007ffe57a3c7f8
[  782.354050][T11359]  </TASK>
[  782.479885][ T5266] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  782.590080][ T5266] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  782.745642][ T5266] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  782.907809][ T5266] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  783.050352][T11348] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  783.092002][ T5266] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  783.344052][   T58] usb 1-1: USB disconnect, device number 32
[  783.526331][T11383] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1522'.
[  784.590933][T11406] FAULT_INJECTION: forcing a failure.
[  784.590933][T11406] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  784.648840][T11406] CPU: 0 UID: 0 PID: 11406 Comm: syz.1.1528 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  784.659661][T11406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  784.669724][T11406] Call Trace:
[  784.672987][T11406]  <TASK>
[  784.675903][T11406]  dump_stack_lvl+0x241/0x360
[  784.680576][T11406]  ? __pfx_dump_stack_lvl+0x10/0x10
[  784.685763][T11406]  ? __pfx__printk+0x10/0x10
[  784.690339][T11406]  ? __pfx_lock_release+0x10/0x10
[  784.695356][T11406]  should_fail_ex+0x3b0/0x4e0
[  784.700016][T11406]  _copy_from_iter+0x1f6/0x1960
[  784.704852][T11406]  ? __virt_addr_valid+0x183/0x530
[  784.709963][T11406]  ? __pfx_lock_release+0x10/0x10
[  784.714991][T11406]  ? __alloc_skb+0x28f/0x440
[  784.719600][T11406]  ? __pfx__copy_from_iter+0x10/0x10
[  784.724878][T11406]  ? __virt_addr_valid+0x183/0x530
[  784.729980][T11406]  ? __virt_addr_valid+0x183/0x530
[  784.735078][T11406]  ? __virt_addr_valid+0x45f/0x530
[  784.740176][T11406]  ? __check_object_size+0x49c/0x900
[  784.745454][T11406]  netlink_sendmsg+0x73d/0xcb0
[  784.750218][T11406]  ? __pfx_netlink_sendmsg+0x10/0x10
[  784.755511][T11406]  ? __import_iovec+0x536/0x820
[  784.756788][ T5227] Bluetooth: hci7: Controller not accepting commands anymore: ncmd = 0
[  784.760363][T11406]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  784.760390][T11406]  ? security_socket_sendmsg+0x87/0xb0
[  784.769489][ T5227] Bluetooth: hci7: Injecting HCI hardware error event
[  784.773997][T11406]  ? __pfx_netlink_sendmsg+0x10/0x10
[  784.774019][T11406]  __sock_sendmsg+0x221/0x270
[  784.781912][ T5227] Bluetooth: hci7: hardware error 0x00
[  784.786200][T11406]  ____sys_sendmsg+0x525/0x7d0
[  784.786235][T11406]  ? __pfx_____sys_sendmsg+0x10/0x10
[  784.786271][T11406]  __sys_sendmsg+0x2b0/0x3a0
[  784.816314][T11406]  ? __pfx___sys_sendmsg+0x10/0x10
[  784.821411][T11406]  ? vfs_write+0x7c4/0xc90
[  784.825832][T11406]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  784.832149][T11406]  ? do_syscall_64+0x100/0x230
[  784.836926][T11406]  ? do_syscall_64+0xb6/0x230
[  784.841602][T11406]  do_syscall_64+0xf3/0x230
[  784.846098][T11406]  ? clear_bhb_loop+0x35/0x90
[  784.850764][T11406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.856652][T11406] RIP: 0033:0x7faa1c5779f9
[  784.861051][T11406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  784.880642][T11406] RSP: 002b:00007faa1d354048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  784.889051][T11406] RAX: ffffffffffffffda RBX: 00007faa1c705f80 RCX: 00007faa1c5779f9
[  784.897011][T11406] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  784.904974][T11406] RBP: 00007faa1d3540a0 R08: 0000000000000000 R09: 0000000000000000
[  784.912933][T11406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  784.920888][T11406] R13: 000000000000000b R14: 00007faa1c705f80 R15: 00007ffe57a3c7f8
[  784.928855][T11406]  </TASK>
[  784.968943][T11400] netlink: 'syz.0.1525': attribute type 4 has an invalid length.
[  785.302065][   T29] audit: type=1326 audit(1722989168.998:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11410 comm="syz.3.1529" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f69481779f9 code=0x0
[  785.495204][T11429] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  785.502916][T11429] audit: out of memory in audit_log_start
[  785.537689][T11433] random: crng reseeded on system resumption
[  787.123496][ T5227] Bluetooth: hci7: Opcode 0x0c03 failed: -110
[  787.424791][T11457] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  787.431324][T11457] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  787.438787][T11457] vhci_hcd vhci_hcd.0: Device attached
[  787.454816][T11457] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(10)
[  787.461453][T11457] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  787.468962][T11457] vhci_hcd vhci_hcd.0: Device attached
[  787.480304][T11457] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(12)
[  787.486927][T11457] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  787.495111][T11457] vhci_hcd vhci_hcd.0: Device attached
[  787.512303][T11457] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(14)
[  787.518924][T11457] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  787.526548][T11457] vhci_hcd vhci_hcd.0: Device attached
[  787.546068][T11457] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(16)
[  787.552706][T11457] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  787.560433][T11457] vhci_hcd vhci_hcd.0: Device attached
[  787.567087][T11457] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  787.654427][ T5264] vhci_hcd: vhci_device speed not set
[  787.763534][ T5264] usb 13-1: new full-speed USB device number 2 using vhci_hcd
[  787.904378][T11469] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1541'.
[  788.126700][T11458] vhci_hcd: connection reset by peer
[  788.132547][T11462] vhci_hcd: connection closed
[  788.134369][ T3009] vhci_hcd: stop threads
[  788.149834][T11460] vhci_hcd: connection closed
[  788.163516][T11464] vhci_hcd: connection closed
[  788.830000][T11467] vhci_hcd: connection closed
[  788.848151][ T3009] vhci_hcd: release socket
[  788.931081][ T3009] vhci_hcd: disconnect device
[  788.962564][T11476] netlink: 'syz.4.1542': attribute type 4 has an invalid length.
[  788.979218][ T3009] vhci_hcd: stop threads
[  788.990346][ T3009] vhci_hcd: release socket
[  788.996323][ T3009] vhci_hcd: disconnect device
[  789.032111][ T3009] vhci_hcd: stop threads
[  789.051482][ T3009] vhci_hcd: release socket
[  789.077613][ T3009] vhci_hcd: disconnect device
[  789.126606][ T3009] vhci_hcd: stop threads
[  789.131649][ T3009] vhci_hcd: release socket
[  789.277654][ T3009] vhci_hcd: disconnect device
[  789.286001][ T3009] vhci_hcd: stop threads
[  789.290281][ T3009] vhci_hcd: release socket
[  789.295438][T11484] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1546'.
[  789.305238][ T3009] vhci_hcd: disconnect device
[  789.316090][T11484] vlan2: entered promiscuous mode
[  789.321470][T11484] team0: entered promiscuous mode
[  789.332852][T11484] team_slave_0: entered promiscuous mode
[  789.343056][T11484] team_slave_1: entered promiscuous mode
[  789.393788][T11484] vlan2: entered allmulticast mode
[  789.398943][T11484] team0: entered allmulticast mode
[  789.500302][T11484] team_slave_0: entered allmulticast mode
[  789.503778][ T9548] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  790.455756][T11484] team_slave_1: entered allmulticast mode
[  790.668659][ T9548] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  790.703714][ T9548] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  790.757502][ T9548] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  790.770970][ T9548] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  791.631772][ T9548] usb 4-1: config 0 descriptor??
[  791.762636][T11516] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1552'.
[  792.127758][ T9548] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0
[  792.139297][   T29] audit: type=1326 audit(1722989175.828:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11520 comm="syz.4.1555" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9c571779f9 code=0x0
[  792.183162][ T9548] plantronics 0003:047F:FFFF.001F: No inputs registered, leaving
[  792.271322][ T9548] plantronics 0003:047F:FFFF.001F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  792.454255][T11531] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1557'.
[  792.483947][ T5225] usb 4-1: USB disconnect, device number 25
[  792.536505][T11529] netlink: 'syz.0.1557': attribute type 1 has an invalid length.
[  792.895760][ T5264] vhci_hcd: vhci_device speed not set
[  792.964096][T11536] netlink: 'syz.2.1559': attribute type 4 has an invalid length.
[  793.815428][T11554] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1563'.
[  794.179666][T11562] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1568'.
[  794.413708][ T5266] usb usb14-port1: attempt power cycle
[  795.211170][T11576] netlink: 'syz.3.1573': attribute type 4 has an invalid length.
[  795.559608][ T5266] usb usb14-port1: unable to enumerate USB device
[  795.675607][T11602] vlan2: entered promiscuous mode
[  795.701012][T11602] vlan2: entered allmulticast mode
[  796.058333][   T29] audit: type=1326 audit(1722989179.748:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11604 comm="syz.3.1581" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f69481779f9 code=0x0
[  796.723721][T11626] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 0, id = 0
[  796.738661][T11625] IPVS: stopping backup sync thread 11626 ...
[  797.126342][T11636] netlink: 'syz.0.1588': attribute type 4 has an invalid length.
[  798.704129][T11660] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  799.830577][T11660] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  800.363612][ T5264] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  801.624162][T11683] dvmrp0: entered allmulticast mode
[  802.730287][T11693] netlink: 'syz.2.1603': attribute type 4 has an invalid length.
[  803.002208][T11700] FAULT_INJECTION: forcing a failure.
[  803.002208][T11700] name failslab, interval 1, probability 0, space 0, times 0
[  803.023428][T11700] CPU: 1 UID: 0 PID: 11700 Comm: syz.4.1604 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  803.034241][T11700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  803.044307][T11700] Call Trace:
[  803.047595][T11700]  <TASK>
[  803.050531][T11700]  dump_stack_lvl+0x241/0x360
[  803.055237][T11700]  ? __pfx_dump_stack_lvl+0x10/0x10
[  803.060461][T11700]  ? __pfx__printk+0x10/0x10
[  803.065078][T11700]  ? fs_reclaim_acquire+0x93/0x140
[  803.070200][T11700]  ? __pfx___might_resched+0x10/0x10
[  803.075507][T11700]  should_fail_ex+0x3b0/0x4e0
[  803.080197][T11700]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  803.085932][T11700]  should_failslab+0xac/0x100
[  803.090626][T11700]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  803.096342][T11700]  __kmalloc_noprof+0xd8/0x400
[  803.101099][T11700]  ? kfree+0x4e/0x360
[  803.105079][T11700]  tomoyo_realpath_from_path+0xcf/0x5e0
[  803.110625][T11700]  tomoyo_path_number_perm+0x23a/0x880
[  803.116080][T11700]  ? tomoyo_path_number_perm+0x208/0x880
[  803.121701][T11700]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  803.127696][T11700]  ? __fget_files+0x29/0x470
[  803.132277][T11700]  ? __fget_files+0x3f6/0x470
[  803.136945][T11700]  ? __fget_files+0x29/0x470
[  803.141531][T11700]  security_file_ioctl+0x75/0xb0
[  803.146468][T11700]  __se_sys_ioctl+0x47/0x170
[  803.151057][T11700]  do_syscall_64+0xf3/0x230
[  803.155556][T11700]  ? clear_bhb_loop+0x35/0x90
[  803.160312][T11700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.166203][T11700] RIP: 0033:0x7f9c571779f9
[  803.170608][T11700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  803.190200][T11700] RSP: 002b:00007f9c58005048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  803.198607][T11700] RAX: ffffffffffffffda RBX: 00007f9c57306058 RCX: 00007f9c571779f9
[  803.206569][T11700] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  803.214528][T11700] RBP: 00007f9c580050a0 R08: 0000000000000000 R09: 0000000000000000
[  803.222487][T11700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  803.230446][T11700] R13: 000000000000006e R14: 00007f9c57306058 R15: 00007ffdcccb75a8
[  803.238418][T11700]  </TASK>
[  803.241441][    C1] vkms_vblank_simulate: vblank timer overrun
[  803.254009][T11705] netlink: 203452 bytes leftover after parsing attributes in process `syz.3.1607'.
[  803.263583][T11700] ERROR: Out of memory at tomoyo_realpath_from_path.
[  803.279362][T11705] netlink: 'syz.3.1607': attribute type 2 has an invalid length.
[  804.013628][ T5227] Bluetooth: hci4: command 0x0406 tx timeout
[  804.099610][   T29] audit: type=1326 audit(1722989187.798:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11719 comm="syz.3.1611" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f69481779f9 code=0x0
[  804.235139][T11730] mkiss: ax0: crc mode is auto.
[  804.828244][T11741] netlink: 'syz.2.1616': attribute type 4 has an invalid length.
[  805.173434][ T9548] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  805.390256][ T9548] usb 2-1: Using ep0 maxpacket: 16
[  805.416651][ T9548] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  805.435839][ T9548] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  805.455217][ T9548] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 0, changing to 7
[  805.527519][ T9548] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 17488, setting to 1024
[  805.626472][ T9548] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  805.646538][ T9548] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  805.660918][ T9548] usb 2-1: Manufacturer: syz
[  805.674585][ T9548] usb 2-1: config 0 descriptor??
[  805.692968][T11744] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  805.957201][ T9548] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  805.996507][ T9548] usb 2-1: USB disconnect, device number 23
[  806.067544][T11757] netlink: 'syz.2.1621': attribute type 1 has an invalid length.
[  806.077243][T11757] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.1621'.
[  806.089117][T11757] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1621'.
[  806.225425][T11760] program syz.2.1621 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  806.275889][T11763] fuse: Bad value for 'fd'
[  806.566424][T11765] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1623'.
[  806.618310][T11765] fuse: Bad value for 'fd'
[  808.901168][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  809.224089][T11789] netlink: 'syz.3.1629': attribute type 4 has an invalid length.
[  809.339602][T11795] loop7: detected capacity change from 0 to 16384
[  809.346165][   T29] audit: type=1326 audit(1722989193.038:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11790 comm="syz.0.1630" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4e35b779f9 code=0x0
[  809.395867][T11794] mkiss: ax0: crc mode is auto.
[  809.605702][T11795] blk_print_req_error: 5 callbacks suppressed
[  809.605721][T11795] I/O error, dev loop7, sector 256 op 0x0:(READ) flags 0x80700 phys_seg 17 prio class 0
[  809.664711][T11795] I/O error, dev loop7, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  809.682172][T11799] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  809.706726][T11799] buffer_io_error: 5 callbacks suppressed
[  809.706744][T11799] Buffer I/O error on dev loop7, logical block 0, async page read
[  809.721161][T11795] Buffer I/O error on dev loop7, logical block 32, async page read
[  809.733575][T11799] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  809.763244][T11799] Buffer I/O error on dev loop7, logical block 0, async page read
[  809.793514][T11799] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  809.796209][T11808] netlink: 203452 bytes leftover after parsing attributes in process `syz.4.1634'.
[  809.831067][T11808] netlink: 'syz.4.1634': attribute type 2 has an invalid length.
[  809.843095][T11799] Buffer I/O error on dev loop7, logical block 0, async page read
[  809.871628][T11799] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  809.909222][T11799] Buffer I/O error on dev loop7, logical block 0, async page read
[  809.939994][T11799] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  809.969664][T11799] Buffer I/O error on dev loop7, logical block 0, async page read
[  809.994348][T11799] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  810.022579][T11799] Buffer I/O error on dev loop7, logical block 0, async page read
[  810.057293][T11799] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  810.087590][T11799] Buffer I/O error on dev loop7, logical block 0, async page read
[  810.121377][T11799] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  810.153769][T11799] Buffer I/O error on dev loop7, logical block 0, async page read
[  810.163446][T11799] ldm_validate_partition_table(): Disk read failed.
[  810.193726][T11799] Buffer I/O error on dev loop7, logical block 0, async page read
[  810.212699][T11799] Dev loop7: unable to read RDB block 0
[  810.236312][T11799]  loop7: unable to read partition table
[  810.243887][T11799] loop_reread_partitions: partition scan of loop7 (K�>�i)��/480���#�	�$q�Z����I�����[�u�@3b������j!5MM�]
z) failed (rc=-5)
[  810.355375][T11813] netlink: 203452 bytes leftover after parsing attributes in process `syz.4.1635'.
[  810.369629][T11813] netlink: 'syz.4.1635': attribute type 2 has an invalid length.
[  810.946867][T11825] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1638'.
[  810.980112][T11825] fuse: Bad value for 'fd'
[  811.070830][T11828] fuse: Bad value for 'fd'
[  811.547256][T11842] loop0: detected capacity change from 0 to 7
[  811.577906][T11839] netlink: 'syz.4.1642': attribute type 4 has an invalid length.
[  811.585683][T11842] Dev loop0: unable to read RDB block 7
[  811.609466][T11845] netlink: 203452 bytes leftover after parsing attributes in process `syz.1.1645'.
[  811.620184][T11842]  loop0: AHDI p2
[  811.639788][T11845] netlink: 'syz.1.1645': attribute type 2 has an invalid length.
[  811.648173][T11842] loop0: partition table partially beyond EOD, truncated
[  811.870720][T11852] mkiss: ax0: crc mode is auto.
[  812.244144][T11859] kvm: kvm [11858]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x82001091270000
[  812.444064][T11865] mkiss: ax0: crc mode is auto.
[  812.562150][T11868] overlay: Unknown parameter 'obj_role'
[  812.723876][T11879] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1652'.
[  812.742862][T11879] fuse: Bad value for 'fd'
[  812.748871][T11879] netlink: 'syz.1.1652': attribute type 32 has an invalid length.
[  812.876760][T11884] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1655'.
[  812.909811][T11884] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1655'.
[  812.946317][T11888] netlink: 203452 bytes leftover after parsing attributes in process `syz.1.1657'.
[  813.008196][T11888] netlink: 'syz.1.1657': attribute type 2 has an invalid length.
[  813.273390][ T5268] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  814.298529][ T5268] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  814.343487][ T5268] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  814.398125][ T5268] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  814.422802][ T5268] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  814.468677][ T5268] usb 1-1: config 0 descriptor??
[  814.475680][T11900] mkiss: ax0: crc mode is auto.
[  814.520748][T11923] bond0: (slave bond_slave_0): Error -28 calling ndo_bpf
[  814.769711][T11928] vlan2: entered promiscuous mode
[  814.797867][T11928] vlan2: entered allmulticast mode
[  814.916798][ T5268] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0
[  814.938246][ T5268] plantronics 0003:047F:FFFF.0020: No inputs registered, leaving
[  814.961408][ T5268] plantronics 0003:047F:FFFF.0020: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  815.262162][ T5266] usb 1-1: USB disconnect, device number 33
[  815.533910][ T5227] Bluetooth: hci1: command 0x0406 tx timeout
[  817.898820][T11983] trusted_key: syz.2.1683 sent an empty control message without MSG_MORE.
[  817.921003][T11962] mkiss: ax0: crc mode is auto.
[  819.338759][   T29] audit: type=1326 audit(1722989203.038:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12003 comm="syz.3.1690" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f69481779f9 code=0x0
[  819.366646][T12014] netlink: 'syz.4.1691': attribute type 2 has an invalid length.
[  819.376541][T12014] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1691'.
[  820.186674][T12019] FAULT_INJECTION: forcing a failure.
[  820.186674][T12019] name failslab, interval 1, probability 0, space 0, times 0
[  820.228013][T12019] CPU: 0 UID: 0 PID: 12019 Comm: syz.4.1694 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  820.238824][T12019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  820.249331][T12019] Call Trace:
[  820.252620][T12019]  <TASK>
[  820.255564][T12019]  dump_stack_lvl+0x241/0x360
[  820.260270][T12019]  ? __pfx_dump_stack_lvl+0x10/0x10
[  820.265491][T12019]  ? __pfx__printk+0x10/0x10
[  820.270100][T12019]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  820.276099][T12019]  ? __pfx___might_resched+0x10/0x10
[  820.281402][T12019]  should_fail_ex+0x3b0/0x4e0
[  820.286091][T12019]  should_failslab+0xac/0x100
[  820.290765][T12019]  ? __alloc_skb+0x1c3/0x440
[  820.295352][T12019]  kmem_cache_alloc_node_noprof+0x71/0x320
[  820.301155][T12019]  __alloc_skb+0x1c3/0x440
[  820.305569][T12019]  ? __pfx___alloc_skb+0x10/0x10
[  820.310499][T12019]  ? netlink_autobind+0xd6/0x2f0
[  820.315428][T12019]  ? netlink_autobind+0x2b0/0x2f0
[  820.320446][T12019]  netlink_sendmsg+0x638/0xcb0
[  820.325209][T12019]  ? __pfx_netlink_sendmsg+0x10/0x10
[  820.330487][T12019]  ? __import_iovec+0x536/0x820
[  820.335338][T12019]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  820.340615][T12019]  ? security_socket_sendmsg+0x87/0xb0
[  820.346065][T12019]  ? __pfx_netlink_sendmsg+0x10/0x10
[  820.351334][T12019]  __sock_sendmsg+0x221/0x270
[  820.356007][T12019]  ____sys_sendmsg+0x525/0x7d0
[  820.360771][T12019]  ? __pfx_____sys_sendmsg+0x10/0x10
[  820.366061][T12019]  __sys_sendmsg+0x2b0/0x3a0
[  820.370643][T12019]  ? __pfx___sys_sendmsg+0x10/0x10
[  820.375746][T12019]  ? vfs_write+0x7c4/0xc90
[  820.380182][T12019]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  820.386504][T12019]  ? do_syscall_64+0x100/0x230
[  820.391263][T12019]  ? do_syscall_64+0xb6/0x230
[  820.395934][T12019]  do_syscall_64+0xf3/0x230
[  820.400430][T12019]  ? clear_bhb_loop+0x35/0x90
[  820.405103][T12019]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  820.410988][T12019] RIP: 0033:0x7f9c571779f9
[  820.415393][T12019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  820.434987][T12019] RSP: 002b:00007f9c58026048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  820.443393][T12019] RAX: ffffffffffffffda RBX: 00007f9c57305f80 RCX: 00007f9c571779f9
[  820.451353][T12019] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[  820.459310][T12019] RBP: 00007f9c580260a0 R08: 0000000000000000 R09: 0000000000000000
[  820.467270][T12019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  820.475233][T12019] R13: 000000000000000b R14: 00007f9c57305f80 R15: 00007ffdcccb75a8
[  820.483203][T12019]  </TASK>
[  821.486450][T12037] IPVS: stopping backup sync thread 12034 ...
[  821.496510][T12034] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 0, id = 0
[  823.347231][T12069] FAULT_INJECTION: forcing a failure.
[  823.347231][T12069] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  823.361096][T12069] CPU: 1 UID: 0 PID: 12069 Comm: syz.4.1709 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  823.371879][T12069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  823.381947][T12069] Call Trace:
[  823.385237][T12069]  <TASK>
[  823.388182][T12069]  dump_stack_lvl+0x241/0x360
[  823.392887][T12069]  ? __pfx_dump_stack_lvl+0x10/0x10
[  823.398109][T12069]  ? __pfx__printk+0x10/0x10
[  823.402715][T12069]  ? snprintf+0xda/0x120
[  823.406956][T12069]  should_fail_ex+0x3b0/0x4e0
[  823.411629][T12069]  _copy_to_user+0x2f/0xb0
[  823.416038][T12069]  simple_read_from_buffer+0xca/0x150
[  823.421407][T12069]  proc_fail_nth_read+0x1e9/0x250
[  823.426430][T12069]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  823.431970][T12069]  ? rw_verify_area+0x520/0x6b0
[  823.436820][T12069]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  823.442361][T12069]  vfs_read+0x204/0xbc0
[  823.446513][T12069]  ? __pfx_lock_release+0x10/0x10
[  823.451534][T12069]  ? __pfx_vfs_read+0x10/0x10
[  823.456200][T12069]  ? __fget_files+0x29/0x470
[  823.460779][T12069]  ? __fget_files+0x3f6/0x470
[  823.465453][T12069]  ksys_read+0x1a0/0x2c0
[  823.469688][T12069]  ? __pfx_ksys_read+0x10/0x10
[  823.474440][T12069]  ? do_syscall_64+0x100/0x230
[  823.479200][T12069]  ? do_syscall_64+0xb6/0x230
[  823.483871][T12069]  do_syscall_64+0xf3/0x230
[  823.488369][T12069]  ? clear_bhb_loop+0x35/0x90
[  823.493035][T12069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  823.498923][T12069] RIP: 0033:0x7f9c5717643c
[  823.503331][T12069] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  823.522930][T12069] RSP: 002b:00007f9c58026040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  823.531335][T12069] RAX: ffffffffffffffda RBX: 00007f9c57305f80 RCX: 00007f9c5717643c
[  823.539296][T12069] RDX: 000000000000000f RSI: 00007f9c580260b0 RDI: 0000000000000004
[  823.547257][T12069] RBP: 00007f9c580260a0 R08: 0000000000000000 R09: 0000000000000000
[  823.555214][T12069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  823.563178][T12069] R13: 000000000000000b R14: 00007f9c57305f80 R15: 00007ffdcccb75a8
[  823.571149][T12069]  </TASK>
[  824.375604][T12083] FAULT_INJECTION: forcing a failure.
[  824.375604][T12083] name failslab, interval 1, probability 0, space 0, times 0
[  824.388491][T12083] CPU: 1 UID: 0 PID: 12083 Comm: syz.3.1712 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  824.399266][T12083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  824.409331][T12083] Call Trace:
[  824.412619][T12083]  <TASK>
[  824.415565][T12083]  dump_stack_lvl+0x241/0x360
[  824.420265][T12083]  ? __pfx_dump_stack_lvl+0x10/0x10
[  824.425481][T12083]  ? __pfx__printk+0x10/0x10
[  824.430086][T12083]  ? fs_reclaim_acquire+0x93/0x140
[  824.435210][T12083]  ? __pfx___might_resched+0x10/0x10
[  824.440514][T12083]  should_fail_ex+0x3b0/0x4e0
[  824.445206][T12083]  ? tomoyo_encode+0x26f/0x540
[  824.449984][T12083]  should_failslab+0xac/0x100
[  824.454680][T12083]  ? tomoyo_encode+0x26f/0x540
[  824.459461][T12083]  __kmalloc_noprof+0xd8/0x400
[  824.464249][T12083]  tomoyo_encode+0x26f/0x540
[  824.468860][T12083]  tomoyo_realpath_from_path+0x59e/0x5e0
[  824.474522][T12083]  tomoyo_path_number_perm+0x23a/0x880
[  824.479998][T12083]  ? tomoyo_path_number_perm+0x208/0x880
[  824.485643][T12083]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  824.491672][T12083]  ? __fget_files+0x29/0x470
[  824.496282][T12083]  ? __fget_files+0x3f6/0x470
[  824.500976][T12083]  ? __fget_files+0x29/0x470
[  824.505579][T12083]  security_file_ioctl+0x75/0xb0
[  824.510535][T12083]  __se_sys_ioctl+0x47/0x170
[  824.515140][T12083]  do_syscall_64+0xf3/0x230
[  824.519659][T12083]  ? clear_bhb_loop+0x35/0x90
[  824.524353][T12083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  824.530260][T12083] RIP: 0033:0x7f69481779f9
[  824.534681][T12083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  824.554299][T12083] RSP: 002b:00007f6948eb5048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  824.562735][T12083] RAX: ffffffffffffffda RBX: 00007f6948305f80 RCX: 00007f69481779f9
[  824.570713][T12083] RDX: 0000000000000014 RSI: 0000000040045436 RDI: 0000000000000003
[  824.578676][T12083] RBP: 00007f6948eb50a0 R08: 0000000000000000 R09: 0000000000000000
[  824.586639][T12083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  824.594602][T12083] R13: 000000000000000b R14: 00007f6948305f80 R15: 00007ffd68c47848
[  824.602575][T12083]  </TASK>
[  824.606094][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88802e31c000: rx timeout, send abort
[  824.650227][T12083] ERROR: Out of memory at tomoyo_realpath_from_path.
[  824.675620][ T5266] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  825.011422][ T5266] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  825.114418][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88802e31c000: abort rx timeout. Force session deactivation
[  825.353469][ T5266] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  825.396083][ T5266] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  825.418481][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88802e31f000: rx timeout, send abort
[  825.452526][ T5266] usb 3-1: Product: syz
[  825.493722][ T5266] usb 3-1: Manufacturer: syz
[  825.498465][ T5266] usb 3-1: SerialNumber: syz
[  825.528554][ T5266] usb 3-1: config 0 descriptor??
[  825.926830][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88802e31f000: abort rx timeout. Force session deactivation
[  826.151565][ T5266] usb 3-1: USB disconnect, device number 22
[  826.773959][T12110] overlayfs: failed to decode file handle (len=2, type=0, flags=0, err=-22)
[  826.955183][T12122] FAULT_INJECTION: forcing a failure.
[  826.955183][T12122] name failslab, interval 1, probability 0, space 0, times 0
[  827.003728][T12122] CPU: 1 UID: 0 PID: 12122 Comm: syz.2.1722 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  827.014550][T12122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  827.024617][T12122] Call Trace:
[  827.027896][T12122]  <TASK>
[  827.030828][T12122]  dump_stack_lvl+0x241/0x360
[  827.035526][T12122]  ? __pfx_dump_stack_lvl+0x10/0x10
[  827.040733][T12122]  ? __pfx__printk+0x10/0x10
[  827.045337][T12122]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  827.051326][T12122]  ? __pfx___might_resched+0x10/0x10
[  827.056623][T12122]  should_fail_ex+0x3b0/0x4e0
[  827.061312][T12122]  should_failslab+0xac/0x100
[  827.065999][T12122]  ? __alloc_skb+0x1c3/0x440
[  827.070597][T12122]  kmem_cache_alloc_node_noprof+0x71/0x320
[  827.076417][T12122]  __alloc_skb+0x1c3/0x440
[  827.080844][T12122]  ? __pfx___alloc_skb+0x10/0x10
[  827.085793][T12122]  ? netlink_autobind+0xd6/0x2f0
[  827.090738][T12122]  ? netlink_autobind+0x2b0/0x2f0
[  827.095770][T12122]  netlink_sendmsg+0x638/0xcb0
[  827.100556][T12122]  ? __pfx_netlink_sendmsg+0x10/0x10
[  827.105846][T12122]  ? __import_iovec+0x536/0x820
[  827.110706][T12122]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  827.115999][T12122]  ? security_socket_sendmsg+0x87/0xb0
[  827.121470][T12122]  ? __pfx_netlink_sendmsg+0x10/0x10
[  827.126759][T12122]  __sock_sendmsg+0x221/0x270
[  827.131449][T12122]  ____sys_sendmsg+0x525/0x7d0
[  827.136232][T12122]  ? __pfx_____sys_sendmsg+0x10/0x10
[  827.141543][T12122]  __sys_sendmsg+0x2b0/0x3a0
[  827.146141][T12122]  ? __pfx___sys_sendmsg+0x10/0x10
[  827.151253][T12122]  ? vfs_write+0x7c4/0xc90
[  827.155717][T12122]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  827.162066][T12122]  ? do_syscall_64+0x100/0x230
[  827.166845][T12122]  ? do_syscall_64+0xb6/0x230
[  827.171532][T12122]  do_syscall_64+0xf3/0x230
[  827.176045][T12122]  ? clear_bhb_loop+0x35/0x90
[  827.180735][T12122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.186644][T12122] RIP: 0033:0x7f18a33779f9
[  827.191070][T12122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  827.210680][T12122] RSP: 002b:00007f18a4231048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  827.219108][T12122] RAX: ffffffffffffffda RBX: 00007f18a3505f80 RCX: 00007f18a33779f9
[  827.227089][T12122] RDX: 0000000000000000 RSI: 0000000020000ec0 RDI: 0000000000000003
[  827.235071][T12122] RBP: 00007f18a42310a0 R08: 0000000000000000 R09: 0000000000000000
[  827.243051][T12122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  827.251023][T12122] R13: 000000000000000b R14: 00007f18a3505f80 R15: 00007ffd91a79508
[  827.259019][T12122]  </TASK>
[  827.316563][T12123] erofs: (device loop3): erofs_read_superblock: cannot find valid erofs superblock
[  827.489452][T12119] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1721'.
[  827.804178][T12127] FAULT_INJECTION: forcing a failure.
[  827.804178][T12127] name failslab, interval 1, probability 0, space 0, times 0
[  827.868406][T12129] syz.0.1723 uses obsolete (PF_INET,SOCK_PACKET)
[  827.875181][T12127] CPU: 1 UID: 0 PID: 12127 Comm: syz.3.1725 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  827.885957][T12127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  827.896031][T12127] Call Trace:
[  827.899319][T12127]  <TASK>
[  827.902257][T12127]  dump_stack_lvl+0x241/0x360
[  827.906960][T12127]  ? __pfx_dump_stack_lvl+0x10/0x10
[  827.912168][T12127]  ? __pfx__printk+0x10/0x10
[  827.916766][T12127]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  827.922759][T12127]  ? __pfx___might_resched+0x10/0x10
[  827.928045][T12127]  should_fail_ex+0x3b0/0x4e0
[  827.932717][T12127]  should_failslab+0xac/0x100
[  827.937386][T12127]  ? __alloc_skb+0x1c3/0x440
[  827.941979][T12127]  kmem_cache_alloc_node_noprof+0x71/0x320
[  827.947788][T12127]  __alloc_skb+0x1c3/0x440
[  827.952201][T12127]  ? __pfx___alloc_skb+0x10/0x10
[  827.957135][T12127]  ? security_socket_getpeersec_dgram+0x96/0xb0
[  827.963384][T12127]  netlink_sendmsg+0x638/0xcb0
[  827.968153][T12127]  ? __pfx_netlink_sendmsg+0x10/0x10
[  827.973429][T12127]  ? __import_iovec+0x361/0x820
[  827.978273][T12127]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  827.983552][T12127]  ? security_socket_sendmsg+0x87/0xb0
[  827.989006][T12127]  ? __pfx_netlink_sendmsg+0x10/0x10
[  827.994278][T12127]  __sock_sendmsg+0x221/0x270
[  827.998953][T12127]  ____sys_sendmsg+0x525/0x7d0
[  828.003716][T12127]  ? __pfx_____sys_sendmsg+0x10/0x10
[  828.009025][T12127]  __sys_sendmsg+0x2b0/0x3a0
[  828.013611][T12127]  ? __pfx___sys_sendmsg+0x10/0x10
[  828.018711][T12127]  ? vfs_write+0x7c4/0xc90
[  828.023143][T12127]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  828.029463][T12127]  ? do_syscall_64+0x100/0x230
[  828.034227][T12127]  ? do_syscall_64+0xb6/0x230
[  828.038898][T12127]  do_syscall_64+0xf3/0x230
[  828.043404][T12127]  ? clear_bhb_loop+0x35/0x90
[  828.048169][T12127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  828.054058][T12127] RIP: 0033:0x7f69481779f9
[  828.058461][T12127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  828.078053][T12127] RSP: 002b:00007f6948eb5048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  828.086454][T12127] RAX: ffffffffffffffda RBX: 00007f6948305f80 RCX: 00007f69481779f9
[  828.094413][T12127] RDX: 0000000000000000 RSI: 0000000020000d40 RDI: 0000000000000004
[  828.102370][T12127] RBP: 00007f6948eb50a0 R08: 0000000000000000 R09: 0000000000000000
[  828.110324][T12127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  828.118282][T12127] R13: 000000000000000b R14: 00007f6948305f80 R15: 00007ffd68c47848
[  828.126254][T12127]  </TASK>
[  828.724693][T12133] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1726'.
[  829.053469][ T9548] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  829.274556][ T9548] usb 5-1: Using ep0 maxpacket: 8
[  829.305685][ T9548] usb 5-1: config index 0 descriptor too short (expected 27, got 19)
[  829.330333][ T9548] usb 5-1: config 0 descriptor has 1 excess byte, ignoring
[  830.177949][ T9548] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  830.210638][ T9548] usb 5-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  830.251185][ T9548] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  830.278606][ T9548] usb 5-1: Product: syz
[  830.282966][ T9548] usb 5-1: Manufacturer: syz
[  830.287727][ T9548] usb 5-1: SerialNumber: syz
[  830.322855][ T9548] usb 5-1: config 0 descriptor??
[  830.558206][ T9548] usb 5-1: USB disconnect, device number 29
[  830.738582][T12159] mkiss: ax0: crc mode is auto.
[  831.314271][T12164] 9pnet_fd: Insufficient options for proto=fd
[  831.573385][ T7874] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  831.710073][   T29] audit: type=1326 audit(1722989215.408:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12174 comm="syz.0.1737" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4e35b779f9 code=0x0
[  831.731144][    C0] vkms_vblank_simulate: vblank timer overrun
[  831.783532][ T7874] usb 2-1: Using ep0 maxpacket: 16
[  831.790315][ T7874] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  831.800054][ T7874] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 0
[  831.809771][ T7874] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0
[  831.819583][ T7874] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x87 has invalid maxpacket 0
[  831.836256][ T7874] usb 2-1: New USB device found, idVendor=104f, idProduct=0004, bcdDevice=8f.af
[  831.845457][ T7874] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  831.853634][ T7874] usb 2-1: Product: syz
[  831.857843][ T7874] usb 2-1: Manufacturer: syz
[  831.862461][ T7874] usb 2-1: SerialNumber: syz
[  831.868545][ T7874] usb 2-1: config 0 descriptor??
[  831.877587][ T7874] iuu_phoenix 2-1:0.0: iuu_phoenix converter detected
[  831.886581][ T7874] usb 2-1: iuu_phoenix converter now attached to ttyUSB0
[  832.071571][   T29] audit: type=1107 audit(1722989215.768:550): pid=12182 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=''
[  832.086813][T12185] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  832.098454][   T29] audit: type=1107 audit(1722989215.788:551): pid=12182 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=''
[  832.120971][T12184] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  832.129035][ T5264] usb 2-1: USB disconnect, device number 24
[  832.147504][ T5264] iuu_phoenix ttyUSB0: iuu_phoenix converter now disconnected from ttyUSB0
[  832.157890][ T5264] iuu_phoenix 2-1:0.0: device disconnected
[  834.063984][T12198] fuse: Bad value for 'fd'
[  834.583488][ T9548] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  834.703084][T12223] 9pnet_fd: Insufficient options for proto=fd
[  834.796952][ T9548] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  834.847488][ T9548] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  834.885783][ T9548] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  834.917731][ T9548] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  834.948428][ T9548] usb 2-1: config 0 descriptor??
[  835.112795][T12233] FAULT_INJECTION: forcing a failure.
[  835.112795][T12233] name failslab, interval 1, probability 0, space 0, times 0
[  835.148285][T12233] CPU: 1 UID: 0 PID: 12233 Comm: syz.3.1752 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  835.159095][T12233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  835.169172][T12233] Call Trace:
[  835.172467][T12233]  <TASK>
[  835.175398][T12233]  dump_stack_lvl+0x241/0x360
[  835.180100][T12233]  ? __pfx_dump_stack_lvl+0x10/0x10
[  835.185321][T12233]  ? __pfx__printk+0x10/0x10
[  835.189934][T12233]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  835.195933][T12233]  ? __pfx___might_resched+0x10/0x10
[  835.201250][T12233]  should_fail_ex+0x3b0/0x4e0
[  835.205942][T12233]  should_failslab+0xac/0x100
[  835.210621][T12233]  ? __alloc_skb+0x1c3/0x440
[  835.215232][T12233]  kmem_cache_alloc_node_noprof+0x71/0x320
[  835.221063][T12233]  __alloc_skb+0x1c3/0x440
[  835.225493][T12233]  ? __pfx___alloc_skb+0x10/0x10
[  835.230431][T12233]  ? netlink_autobind+0xd6/0x2f0
[  835.235357][T12233]  ? netlink_autobind+0x2b0/0x2f0
[  835.240377][T12233]  netlink_sendmsg+0x638/0xcb0
[  835.245138][T12233]  ? __pfx_netlink_sendmsg+0x10/0x10
[  835.250414][T12233]  ? __import_iovec+0x536/0x820
[  835.255260][T12233]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  835.260535][T12233]  ? security_socket_sendmsg+0x87/0xb0
[  835.265989][T12233]  ? __pfx_netlink_sendmsg+0x10/0x10
[  835.271261][T12233]  __sock_sendmsg+0x221/0x270
[  835.275940][T12233]  ____sys_sendmsg+0x525/0x7d0
[  835.280703][T12233]  ? __pfx_____sys_sendmsg+0x10/0x10
[  835.285992][T12233]  __sys_sendmsg+0x2b0/0x3a0
[  835.290573][T12233]  ? __pfx___sys_sendmsg+0x10/0x10
[  835.295670][T12233]  ? vfs_write+0x7c4/0xc90
[  835.300108][T12233]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  835.306429][T12233]  ? do_syscall_64+0x100/0x230
[  835.311188][T12233]  ? do_syscall_64+0xb6/0x230
[  835.315871][T12233]  do_syscall_64+0xf3/0x230
[  835.320371][T12233]  ? clear_bhb_loop+0x35/0x90
[  835.325043][T12233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  835.330931][T12233] RIP: 0033:0x7f69481779f9
[  835.335337][T12233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  835.354931][T12233] RSP: 002b:00007f6948eb5048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  835.363336][T12233] RAX: ffffffffffffffda RBX: 00007f6948305f80 RCX: 00007f69481779f9
[  835.371303][T12233] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  835.379259][T12233] RBP: 00007f6948eb50a0 R08: 0000000000000000 R09: 0000000000000000
[  835.387219][T12233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  835.395175][T12233] R13: 000000000000000b R14: 00007f6948305f80 R15: 00007ffd68c47848
[  835.403150][T12233]  </TASK>
[  835.706108][ T9548] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0
[  835.742620][ T9548] plantronics 0003:047F:FFFF.0021: No inputs registered, leaving
[  835.819706][ T9548] plantronics 0003:047F:FFFF.0021: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  836.744673][ T5264] usb 2-1: USB disconnect, device number 25
[  838.277106][ T5268] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  839.373404][ T7874] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  839.521360][ T5268] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  839.876033][ T7874] usb 1-1: Using ep0 maxpacket: 32
[  839.894421][ T5268] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  840.020139][ T7874] usb 1-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b
[  840.056169][ T5268] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  840.097461][ T7874] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  840.097537][ T7874] usb 1-1: Product: syz
[  840.097578][ T7874] usb 1-1: Manufacturer: syz
[  840.097593][ T7874] usb 1-1: SerialNumber: syz
[  840.937395][ T7874] usb 1-1: config 0 descriptor??
[  840.953609][ T5268] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  840.975196][ T5268] usb 5-1: New USB device found, idVendor=067b, idProduct=23c3, bcdDevice=18.a2
[  841.044310][ T7874] peak_usb 1-1:0.0 can0: unable to request usb[type=0 value=1] err=-71
[  841.052870][ T7874] peak_usb 1-1:0.0: unable to read PCAN-USB Pro firmware info (err -71)
[  841.146912][ T5268] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  841.155447][ T5268] usb 5-1: Product: syz
[  841.158240][T12286] 9pnet_fd: Insufficient options for proto=fd
[  841.159608][ T5268] usb 5-1: Manufacturer: syz
[  841.159628][ T5268] usb 5-1: SerialNumber: syz
[  841.184781][ T5268] usb 5-1: config 0 descriptor??
[  841.194432][ T5268] usb 5-1: can't set config #0, error -71
[  841.210492][ T5268] usb 5-1: USB disconnect, device number 30
[  841.266533][ T7874] peak_usb 1-1:0.0: probe with driver peak_usb failed with error -71
[  841.319467][ T7874] usb 1-1: USB disconnect, device number 34
[  842.301254][   T29] audit: type=1326 audit(1722989225.998:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12299 comm="syz.4.1770" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9c571779f9 code=0x0
[  842.804203][T12317] FAULT_INJECTION: forcing a failure.
[  842.804203][T12317] name failslab, interval 1, probability 0, space 0, times 0
[  842.833478][T12317] CPU: 0 UID: 0 PID: 12317 Comm: syz.2.1772 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  842.844277][T12317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  842.854339][T12317] Call Trace:
[  842.857623][T12317]  <TASK>
[  842.860559][T12317]  dump_stack_lvl+0x241/0x360
[  842.865257][T12317]  ? __pfx_dump_stack_lvl+0x10/0x10
[  842.870470][T12317]  ? __pfx__printk+0x10/0x10
[  842.875089][T12317]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  842.881095][T12317]  ? __pfx___might_resched+0x10/0x10
[  842.886411][T12317]  should_fail_ex+0x3b0/0x4e0
[  842.891108][T12317]  should_failslab+0xac/0x100
[  842.895799][T12317]  ? __alloc_skb+0x1c3/0x440
[  842.900415][T12317]  kmem_cache_alloc_node_noprof+0x71/0x320
[  842.906242][T12317]  __alloc_skb+0x1c3/0x440
[  842.910670][T12317]  ? __pfx___alloc_skb+0x10/0x10
[  842.915624][T12317]  ? netlink_autobind+0xd6/0x2f0
[  842.920570][T12317]  ? netlink_autobind+0x2b0/0x2f0
[  842.925607][T12317]  netlink_sendmsg+0x638/0xcb0
[  842.930390][T12317]  ? __pfx_netlink_sendmsg+0x10/0x10
[  842.935692][T12317]  ? __import_iovec+0x536/0x820
[  842.940560][T12317]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  842.945865][T12317]  ? security_socket_sendmsg+0x87/0xb0
[  842.951345][T12317]  ? __pfx_netlink_sendmsg+0x10/0x10
[  842.956644][T12317]  __sock_sendmsg+0x221/0x270
[  842.961345][T12317]  ____sys_sendmsg+0x525/0x7d0
[  842.966136][T12317]  ? __pfx_____sys_sendmsg+0x10/0x10
[  842.971453][T12317]  __sys_sendmsg+0x2b0/0x3a0
[  842.976057][T12317]  ? __pfx___sys_sendmsg+0x10/0x10
[  842.981182][T12317]  ? vfs_write+0x7c4/0xc90
[  842.985647][T12317]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  842.991990][T12317]  ? do_syscall_64+0x100/0x230
[  842.996775][T12317]  ? do_syscall_64+0xb6/0x230
[  843.001473][T12317]  do_syscall_64+0xf3/0x230
[  843.005986][T12317]  ? clear_bhb_loop+0x35/0x90
[  843.010653][T12317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  843.016545][T12317] RIP: 0033:0x7f18a33779f9
[  843.020966][T12317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  843.040578][T12317] RSP: 002b:00007f18a4231048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  843.048983][T12317] RAX: ffffffffffffffda RBX: 00007f18a3505f80 RCX: 00007f18a33779f9
[  843.056942][T12317] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000005
[  843.064896][T12317] RBP: 00007f18a42310a0 R08: 0000000000000000 R09: 0000000000000000
[  843.072852][T12317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  843.080807][T12317] R13: 000000000000000b R14: 00007f18a3505f80 R15: 00007ffd91a79508
[  843.088772][T12317]  </TASK>
[  843.091842][    C0] vkms_vblank_simulate: vblank timer overrun
[  843.326776][T12322] vlan2: entered promiscuous mode
[  843.349553][T12322] vlan2: entered allmulticast mode
[  843.528603][ T9548] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  844.627499][T12337] erofs: (device loop4): erofs_read_superblock: cannot find valid erofs superblock
[  845.542781][ T9548] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  845.566553][ T9548] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  845.591376][ T9548] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  845.602684][ T9548] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  845.634207][ T9548] usb 4-1: config 0 descriptor??
[  845.743426][ T7874] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  845.939261][ T9548] usbhid 4-1:0.0: can't add hid device: -71
[  845.957669][ T7874] usb 5-1: Using ep0 maxpacket: 32
[  845.973031][ T9548] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  845.975948][ T7874] usb 5-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b
[  846.012293][ T9548] usb 4-1: USB disconnect, device number 26
[  846.022930][ T7874] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  846.100306][ T7874] usb 5-1: Product: syz
[  846.133442][ T7874] usb 5-1: Manufacturer: syz
[  846.143393][ T7874] usb 5-1: SerialNumber: syz
[  846.158286][ T7874] usb 5-1: config 0 descriptor??
[  846.509770][T12346] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1782'.
[  846.573596][T12346] netlink: 'syz.3.1782': attribute type 32 has an invalid length.
[  847.643963][ T7874] peak_usb 5-1:0.0 can0: unable to request usb[type=0 value=0] err=-71
[  847.652928][ T7874] peak_usb 5-1:0.0: unable to read PCAN-USB Pro bootloader info (err -71)
[  847.774971][ T4612] Bluetooth: hci0: command 0x0405 tx timeout
[  847.970137][ T7874] peak_usb 5-1:0.0: probe with driver peak_usb failed with error -71
[  848.039524][ T7874] usb 5-1: USB disconnect, device number 31
[  849.184245][T12373] ALSA: mixer_oss: invalid index -1404626105
[  849.205454][T12376] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1792'.
[  849.253625][T12376] netlink: 'syz.3.1792': attribute type 32 has an invalid length.
[  849.501795][T12381] FAULT_INJECTION: forcing a failure.
[  849.501795][T12381] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  849.567078][T12381] CPU: 0 UID: 0 PID: 12381 Comm: syz.2.1794 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  849.577866][T12381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  849.587932][T12381] Call Trace:
[  849.591216][T12381]  <TASK>
[  849.594151][T12381]  dump_stack_lvl+0x241/0x360
[  849.598849][T12381]  ? __pfx_dump_stack_lvl+0x10/0x10
[  849.604064][T12381]  ? __pfx__printk+0x10/0x10
[  849.608673][T12381]  ? snprintf+0xda/0x120
[  849.612948][T12381]  should_fail_ex+0x3b0/0x4e0
[  849.617643][T12381]  _copy_to_user+0x2f/0xb0
[  849.622074][T12381]  simple_read_from_buffer+0xca/0x150
[  849.627473][T12381]  proc_fail_nth_read+0x1e9/0x250
[  849.632519][T12381]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  849.638082][T12381]  ? rw_verify_area+0x520/0x6b0
[  849.642945][T12381]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  849.648511][T12381]  vfs_read+0x204/0xbc0
[  849.652676][T12381]  ? __pfx_lock_release+0x10/0x10
[  849.657732][T12381]  ? __pfx_vfs_read+0x10/0x10
[  849.662414][T12381]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  849.668411][T12381]  ? __fget_files+0x29/0x470
[  849.673014][T12381]  ? __fget_files+0x3f6/0x470
[  849.677716][T12381]  ksys_read+0x1a0/0x2c0
[  849.681975][T12381]  ? __pfx_ksys_read+0x10/0x10
[  849.686747][T12381]  ? do_syscall_64+0x100/0x230
[  849.691526][T12381]  ? do_syscall_64+0xb6/0x230
[  849.696221][T12381]  do_syscall_64+0xf3/0x230
[  849.700738][T12381]  ? clear_bhb_loop+0x35/0x90
[  849.705427][T12381]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  849.711334][T12381] RIP: 0033:0x7f18a337643c
[  849.715755][T12381] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  849.735370][T12381] RSP: 002b:00007f18a4231040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  849.743798][T12381] RAX: ffffffffffffffda RBX: 00007f18a3505f80 RCX: 00007f18a337643c
[  849.751777][T12381] RDX: 000000000000000f RSI: 00007f18a42310b0 RDI: 0000000000000005
[  849.759758][T12381] RBP: 00007f18a42310a0 R08: 0000000000000000 R09: 0000000000000000
[  849.767737][T12381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  849.775719][T12381] R13: 000000000000000b R14: 00007f18a3505f80 R15: 00007ffd91a79508
[  849.783702][T12381]  </TASK>
[  849.794961][ T7874] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  849.856745][ T4612] Bluetooth: hci0: command 0x0405 tx timeout
[  850.946179][T12390] blktrace: Concurrent blktraces are not allowed on loop3
[  851.734706][ T7874] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  851.764433][ T7874] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  851.793384][ T7874] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  851.825242][ T7874] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  851.880820][ T7874] usb 2-1: config 0 descriptor??
[  853.066555][ T7874] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0
[  853.074837][ T7874] plantronics 0003:047F:FFFF.0022: No inputs registered, leaving
[  853.085850][ T7874] plantronics 0003:047F:FFFF.0022: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  853.431520][ T7874] usb 2-1: USB disconnect, device number 26
[  853.609875][ T5227] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  853.620356][ T5227] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  853.628421][ T5227] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  853.637059][ T5227] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  853.647825][ T5227] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  853.655314][ T5227] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  854.164305][T12411] chnl_net:caif_netlink_parms(): no params data found
[  855.547410][   T29] audit: type=1326 audit(1722989239.248:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12431 comm="syz.1.1807" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faa1c5779f9 code=0x0
[  855.692397][T12442] blktrace: Concurrent blktraces are not allowed on loop3
[  855.699741][ T5227] Bluetooth: hci2: command tx timeout
[  855.814698][T12411] bridge0: port 1(bridge_slave_0) entered blocking state
[  855.849009][T12411] bridge0: port 1(bridge_slave_0) entered disabled state
[  855.870612][T12411] bridge_slave_0: entered allmulticast mode
[  855.887025][T12411] bridge_slave_0: entered promiscuous mode
[  855.901521][T12411] bridge0: port 2(bridge_slave_1) entered blocking state
[  855.933581][T12411] bridge0: port 2(bridge_slave_1) entered disabled state
[  855.971092][T12411] bridge_slave_1: entered allmulticast mode
[  856.006400][T12411] bridge_slave_1: entered promiscuous mode
[  856.071599][T12296] ==================================================================
[  856.079748][T12296] BUG: KASAN: slab-use-after-free in sco_conn_del+0xa5/0x310
[  856.087103][T12296] Write of size 4 at addr ffff888066baa080 by task syz.0.1767/12296
[  856.095057][T12296] 
[  856.097362][T12296] CPU: 1 UID: 0 PID: 12296 Comm: syz.0.1767 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  856.108096][T12296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  856.118133][T12296] Call Trace:
[  856.121395][T12296]  <TASK>
[  856.124308][T12296]  dump_stack_lvl+0x241/0x360
[  856.128972][T12296]  ? __pfx_dump_stack_lvl+0x10/0x10
[  856.134163][T12296]  ? __pfx__printk+0x10/0x10
[  856.138767][T12296]  ? _printk+0xd5/0x120
[  856.142927][T12296]  ? __virt_addr_valid+0x183/0x530
[  856.148034][T12296]  ? __virt_addr_valid+0x183/0x530
[  856.153118][T12296]  print_report+0x169/0x550
[  856.157604][T12296]  ? __virt_addr_valid+0x183/0x530
[  856.162687][T12296]  ? __virt_addr_valid+0x183/0x530
[  856.167775][T12296]  ? __virt_addr_valid+0x45f/0x530
[  856.172871][T12296]  ? __phys_addr+0xba/0x170
[  856.177358][T12296]  ? sco_conn_del+0xa5/0x310
[  856.181934][T12296]  kasan_report+0x143/0x180
[  856.186426][T12296]  ? sco_conn_del+0xa5/0x310
[  856.191001][T12296]  kasan_check_range+0x282/0x290
[  856.195928][T12296]  sco_conn_del+0xa5/0x310
[  856.200330][T12296]  ? __pfx_sco_disconn_cfm+0x10/0x10
[  856.205601][T12296]  hci_conn_hash_flush+0xff/0x240
[  856.210612][T12296]  hci_dev_close_sync+0x9ef/0x11a0
[  856.215713][T12296]  hci_unregister_dev+0x20b/0x510
[  856.220725][T12296]  vhci_release+0x83/0xd0
[  856.225038][T12296]  ? __pfx_vhci_release+0x10/0x10
[  856.230048][T12296]  __fput+0x24a/0x8a0
[  856.234022][T12296]  task_work_run+0x24f/0x310
[  856.238598][T12296]  ? __pfx_task_work_run+0x10/0x10
[  856.243693][T12296]  ? do_exit+0xa2a/0x27f0
[  856.248004][T12296]  ? kmem_cache_free+0x145/0x350
[  856.252929][T12296]  do_exit+0xa2f/0x27f0
[  856.257073][T12296]  ? __pfx_do_exit+0x10/0x10
[  856.261646][T12296]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  856.267006][T12296]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  856.272972][T12296]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  856.279285][T12296]  ? _raw_spin_lock_irq+0xdf/0x120
[  856.284393][T12296]  do_group_exit+0x207/0x2c0
[  856.288967][T12296]  ? _raw_spin_unlock_irq+0x23/0x50
[  856.294151][T12296]  ? lockdep_hardirqs_on+0x99/0x150
[  856.299337][T12296]  get_signal+0x1695/0x1730
[  856.303833][T12296]  ? __pfx_get_signal+0x10/0x10
[  856.308671][T12296]  arch_do_signal_or_restart+0x96/0x860
[  856.314207][T12296]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  856.320346][T12296]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  856.326321][T12296]  ? syscall_exit_to_user_mode+0xa3/0x370
[  856.332028][T12296]  syscall_exit_to_user_mode+0xc9/0x370
[  856.337562][T12296]  do_syscall_64+0x100/0x230
[  856.342143][T12296]  ? clear_bhb_loop+0x35/0x90
[  856.346803][T12296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  856.352682][T12296] RIP: 0033:0x7f4e35b779f9
[  856.357081][T12296] Code: Unable to access opcode bytes at 0x7f4e35b779cf.
[  856.364079][T12296] RSP: 002b:00007f4e368dd048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  856.372474][T12296] RAX: 000000000003ff6f RBX: 00007f4e35d06058 RCX: 00007f4e35b779f9
[  856.380428][T12296] RDX: 03ffffffffffff67 RSI: 0000000020002440 RDI: 0000000000000004
[  856.388383][T12296] RBP: 00007f4e35be58ee R08: 0000000000000000 R09: 0000000000000000
[  856.396338][T12296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  856.404295][T12296] R13: 000000000000006e R14: 00007f4e35d06058 R15: 00007ffc17353088
[  856.412254][T12296]  </TASK>
[  856.415256][T12296] 
[  856.417560][T12296] Allocated by task 12341:
[  856.421950][T12296]  kasan_save_track+0x3f/0x80
[  856.426614][T12296]  __kasan_kmalloc+0x98/0xb0
[  856.431185][T12296]  __kmalloc_noprof+0x1fc/0x400
[  856.436019][T12296]  sk_prot_alloc+0xe0/0x210
[  856.440506][T12296]  sk_alloc+0x38/0x370
[  856.444555][T12296]  bt_sock_alloc+0x3c/0x340
[  856.449041][T12296]  sco_sock_create+0xbb/0x390
[  856.453697][T12296]  bt_sock_create+0x161/0x230
[  856.458355][T12296]  __sock_create+0x490/0x920
[  856.462928][T12296]  __sys_socket+0x150/0x3c0
[  856.467417][T12296]  __x64_sys_socket+0x7a/0x90
[  856.472077][T12296]  do_syscall_64+0xf3/0x230
[  856.476565][T12296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  856.482446][T12296] 
[  856.484751][T12296] Freed by task 12341:
[  856.488793][T12296]  kasan_save_track+0x3f/0x80
[  856.493454][T12296]  kasan_save_free_info+0x40/0x50
[  856.498463][T12296]  poison_slab_object+0xe0/0x150
[  856.503381][T12296]  __kasan_slab_free+0x37/0x60
[  856.508124][T12296]  kfree+0x149/0x360
[  856.512025][T12296]  __sk_destruct+0x476/0x5f0
[  856.516601][T12296]  sco_sock_release+0x25e/0x320
[  856.521432][T12296]  sock_close+0xbc/0x240
[  856.525667][T12296]  __fput+0x24a/0x8a0
[  856.529632][T12296]  task_work_run+0x24f/0x310
[  856.534205][T12296]  get_signal+0x15da/0x1730
[  856.538688][T12296]  arch_do_signal_or_restart+0x96/0x860
[  856.544216][T12296]  syscall_exit_to_user_mode+0xc9/0x370
[  856.549748][T12296]  do_syscall_64+0x100/0x230
[  856.554321][T12296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  856.560205][T12296] 
[  856.562510][T12296] The buggy address belongs to the object at ffff888066baa000
[  856.562510][T12296]  which belongs to the cache kmalloc-2k of size 2048
[  856.576543][T12296] The buggy address is located 128 bytes inside of
[  856.576543][T12296]  freed 2048-byte region [ffff888066baa000, ffff888066baa800)
[  856.590405][T12296] 
[  856.592708][T12296] The buggy address belongs to the physical page:
[  856.599102][T12296] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x66ba8
[  856.607841][T12296] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  856.616320][T12296] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  856.624281][T12296] page_type: 0xfdffffff(slab)
[  856.628941][T12296] raw: 00fff00000000040 ffff888015442000 0000000000000000 dead000000000001
[  856.637522][T12296] raw: 0000000000000000 0000000000080008 00000001fdffffff 0000000000000000
[  856.646098][T12296] head: 00fff00000000040 ffff888015442000 0000000000000000 dead000000000001
[  856.654757][T12296] head: 0000000000000000 0000000000080008 00000001fdffffff 0000000000000000
[  856.663413][T12296] head: 00fff00000000003 ffffea00019aea01 ffffffffffffffff 0000000000000000
[  856.672155][T12296] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  856.680802][T12296] page dumped because: kasan: bad access detected
[  856.687204][T12296] page_owner tracks the page as allocated
[  856.692918][T12296] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5222, tgid 5222 (syz-executor), ts 56378749620, free_ts 14244310640
[  856.714272][T12296]  post_alloc_hook+0x1f3/0x230
[  856.719037][T12296]  get_page_from_freelist+0x2e4c/0x2f10
[  856.724571][T12296]  __alloc_pages_noprof+0x256/0x6c0
[  856.729756][T12296]  alloc_slab_page+0x5f/0x120
[  856.734414][T12296]  allocate_slab+0x5a/0x2f0
[  856.738898][T12296]  ___slab_alloc+0xcd1/0x14b0
[  856.743562][T12296]  __slab_alloc+0x58/0xa0
[  856.747875][T12296]  __kmalloc_node_track_caller_noprof+0x281/0x440
[  856.754274][T12296]  kmalloc_reserve+0x111/0x2a0
[  856.759018][T12296]  __alloc_skb+0x1f3/0x440
[  856.763420][T12296]  rtmsg_ifinfo_build_skb+0x84/0x260
[  856.768688][T12296]  rtnetlink_event+0x1b1/0x260
[  856.773434][T12296]  notifier_call_chain+0x19f/0x3e0
[  856.778528][T12296]  dev_set_mac_address+0x3d9/0x510
[  856.783618][T12296]  dev_set_mac_address_user+0x31/0x50
[  856.788967][T12296]  do_setlink+0x8b3/0x41f0
[  856.793375][T12296] page last free pid 1 tgid 1 stack trace:
[  856.799156][T12296]  free_unref_page+0xd19/0xea0
[  856.803902][T12296]  free_contig_range+0x9e/0x160
[  856.808734][T12296]  destroy_args+0x8a/0x890
[  856.813132][T12296]  debug_vm_pgtable+0x4be/0x550
[  856.817965][T12296]  do_one_initcall+0x248/0x880
[  856.822722][T12296]  do_initcall_level+0x157/0x210
[  856.827644][T12296]  do_initcalls+0x3f/0x80
[  856.831965][T12296]  kernel_init_freeable+0x435/0x5d0
[  856.837156][T12296]  kernel_init+0x1d/0x2b0
[  856.841469][T12296]  ret_from_fork+0x4b/0x80
[  856.845875][T12296]  ret_from_fork_asm+0x1a/0x30
[  856.850627][T12296] 
[  856.852931][T12296] Memory state around the buggy address:
[  856.858543][T12296]  ffff888066ba9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  856.866586][T12296]  ffff888066baa000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  856.874628][T12296] >ffff888066baa080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  856.882672][T12296]                    ^
[  856.886717][T12296]  ffff888066baa100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  856.894767][T12296]  ffff888066baa180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  856.902804][T12296] ==================================================================
[  856.913075][T12296] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  856.920291][T12296] CPU: 1 UID: 0 PID: 12296 Comm: syz.0.1767 Not tainted 6.11.0-rc2-syzkaller-00011-geb5e56d14912 #0
[  856.931047][T12296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  856.941084][T12296] Call Trace:
[  856.944349][T12296]  <TASK>
[  856.947261][T12296]  dump_stack_lvl+0x241/0x360
[  856.951926][T12296]  ? __pfx_dump_stack_lvl+0x10/0x10
[  856.957107][T12296]  ? __pfx__printk+0x10/0x10
[  856.961680][T12296]  ? vscnprintf+0x5d/0x90
[  856.965987][T12296]  panic+0x349/0x860
[  856.969865][T12296]  ? check_panic_on_warn+0x21/0xb0
[  856.974953][T12296]  ? __pfx_panic+0x10/0x10
[  856.979352][T12296]  ? mark_lock+0x9a/0x350
[  856.983663][T12296]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  856.989534][T12296]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  856.995403][T12296]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  857.001705][T12296]  ? print_report+0x502/0x550
[  857.006359][T12296]  check_panic_on_warn+0x86/0xb0
[  857.011276][T12296]  ? sco_conn_del+0xa5/0x310
[  857.015844][T12296]  end_report+0x77/0x160
[  857.020066][T12296]  kasan_report+0x154/0x180
[  857.024552][T12296]  ? sco_conn_del+0xa5/0x310
[  857.029123][T12296]  kasan_check_range+0x282/0x290
[  857.034043][T12296]  sco_conn_del+0xa5/0x310
[  857.038436][T12296]  ? __pfx_sco_disconn_cfm+0x10/0x10
[  857.043695][T12296]  hci_conn_hash_flush+0xff/0x240
[  857.048696][T12296]  hci_dev_close_sync+0x9ef/0x11a0
[  857.053789][T12296]  hci_unregister_dev+0x20b/0x510
[  857.058792][T12296]  vhci_release+0x83/0xd0
[  857.063097][T12296]  ? __pfx_vhci_release+0x10/0x10
[  857.068096][T12296]  __fput+0x24a/0x8a0
[  857.072147][T12296]  task_work_run+0x24f/0x310
[  857.076713][T12296]  ? __pfx_task_work_run+0x10/0x10
[  857.081801][T12296]  ? do_exit+0xa2a/0x27f0
[  857.086104][T12296]  ? kmem_cache_free+0x145/0x350
[  857.091019][T12296]  do_exit+0xa2f/0x27f0
[  857.095153][T12296]  ? __pfx_do_exit+0x10/0x10
[  857.099718][T12296]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  857.105067][T12296]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  857.111025][T12296]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  857.117330][T12296]  ? _raw_spin_lock_irq+0xdf/0x120
[  857.122420][T12296]  do_group_exit+0x207/0x2c0
[  857.126989][T12296]  ? _raw_spin_unlock_irq+0x23/0x50
[  857.132166][T12296]  ? lockdep_hardirqs_on+0x99/0x150
[  857.137373][T12296]  get_signal+0x1695/0x1730
[  857.141862][T12296]  ? __pfx_get_signal+0x10/0x10
[  857.146694][T12296]  arch_do_signal_or_restart+0x96/0x860
[  857.152219][T12296]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  857.158350][T12296]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  857.164314][T12296]  ? syscall_exit_to_user_mode+0xa3/0x370
[  857.170016][T12296]  syscall_exit_to_user_mode+0xc9/0x370
[  857.175544][T12296]  do_syscall_64+0x100/0x230
[  857.180114][T12296]  ? clear_bhb_loop+0x35/0x90
[  857.184769][T12296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  857.190644][T12296] RIP: 0033:0x7f4e35b779f9
[  857.195035][T12296] Code: Unable to access opcode bytes at 0x7f4e35b779cf.
[  857.202023][T12296] RSP: 002b:00007f4e368dd048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  857.210412][T12296] RAX: 000000000003ff6f RBX: 00007f4e35d06058 RCX: 00007f4e35b779f9
[  857.218360][T12296] RDX: 03ffffffffffff67 RSI: 0000000020002440 RDI: 0000000000000004
[  857.226321][T12296] RBP: 00007f4e35be58ee R08: 0000000000000000 R09: 0000000000000000
[  857.234287][T12296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  857.242233][T12296] R13: 000000000000006e R14: 00007f4e35d06058 R15: 00007ffc17353088
[  857.250187][T12296]  </TASK>
[  857.253411][T12296] Kernel Offset: disabled
[  857.257715][T12296] Rebooting in 86400 seconds..