last executing test programs:

2m1.295985343s ago: executing program 4 (id=757):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0x1}, 0x18)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
fsconfig$FSCONFIG_SET_PATH_EMPTY(0xffffffffffffffff, 0x4, &(0x7f0000000080)='dirsync\x00', 0x0, 0xffffffffffffffff)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000300)={0x3b, @loopback, 0x4e24, 0x4, 'rr\x00', 0x9, 0xe93, 0x30}, 0x2c)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)=@newlink={0x50, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x24, 0x2, 0x0, 0x1, [@IFLA_HSR_MULTICAST_SPEC={0x5}, @IFLA_HSR_SLAVE1={0x8, 0x1, r6}, @IFLA_HSR_VERSION={0x5}, @IFLA_HSR_SLAVE2={0x8, 0x2, r4}]}}}]}, 0x50}}, 0x0)

2m0.426847506s ago: executing program 4 (id=759):
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f0000000240)='fuseblk\x00', 0x0, r1)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='mmap_lock_acquire_returned\x00', r2}, 0x10)
r3 = socket$kcm(0x1e, 0x1, 0x0)
sendmsg$kcm(r3, &(0x7f0000000540)={&(0x7f0000000280)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000300)="80", 0xfdef}], 0x1}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000000000), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', <r7=>0x0})
sendmsg$can_bcm(r6, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r7}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x1, 0x7ab0715dca68fed7, 0x401, {}, {0x77359400}, {}, 0x4, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x80}}, 0x80)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = syz_io_uring_setup(0x410c, &(0x7f0000000380)={0x0, 0x5885, 0x40, 0x1}, &(0x7f0000000340)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_FSYNC={0x3, 0x7, 0x0, @fd_index})
io_uring_enter(r8, 0x3516, 0x0, 0x0, 0x0, 0x0)

1m59.314997403s ago: executing program 4 (id=768):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f000083d000/0x3000)=nil, 0x3000, 0xcf72427647ba2179, 0x4000010, r1, 0x80000000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
keyctl$set_reqkey_keyring(0xe, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$loop(&(0x7f0000000300), 0x2, 0x40000)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, 0x0)
ioctl$sock_bt_hci(r4, 0x800448d3, 0x0)
inotify_init1(0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @empty, 0x4}], 0x1c)
shutdown(r5, 0x1)
eventfd2(0x0, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'veth1\x00', <r7=>0x0})
setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f00000004c0)={r7, 0x3, 0x6, @broadcast}, 0x10)
r8 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r8, 0x104, 0x7, 0x0, 0x1a)

1m57.083221494s ago: executing program 4 (id=772):
syz_emit_ethernet(0x52, &(0x7f0000000100)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x0, 0x44, 0x64, 0x0, 0x0, 0x5, 0x0, @dev, @private=0xa010100, {[@timestamp_addr={0x44, 0x14, 0x5, 0x3, 0x0, [{@empty}, {@rand_addr=0x64010102}]}, @ssrr={0x89, 0x3, 0xce}, @generic={0x7, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141b02)
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}})
r5 = syz_open_procfs(0x0, 0x0)
preadv(r5, 0x0, 0x0, 0xc1ce, 0x0)
bind$alg(r5, 0x0, 0x0)
read$FUSE(r4, &(0x7f0000006380)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000004200)={0x50, 0x0, r6, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x0, {0x0, 0x8}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x130, 0xfffffffffffffff5, 0x0, {0x43c, 0x0, 0x0, '\x00', {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, {0x0, 0xffffffff}, {}, {0x0, 0xd}, {0xf}}}}})
r7 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r7, 0x0, 0x0)
syz_fuse_handle_req(r4, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)={0xb0, 0x0, 0x0, [{{0x200000000004, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000}}, {0x0, 0x0, 0x1, 0x0, '\x00'}}]}, 0x0, 0x0})
mremap(&(0x7f000076a000/0xc000)=nil, 0xc000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0'}, 0xf000)
io_setup(0x9, &(0x7f0000000000))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000611230000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

1m55.652288779s ago: executing program 4 (id=777):
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@rights={{0x10}}], 0x10}, 0x40000100)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000e80)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26765ba5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbdf8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d9447c4df6e21ee0e54f8be072e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0xe80, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@rights={{0x10}}], 0x10}, 0x40000100) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000e80)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26765ba5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbdf8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d9447c4df6e21ee0e54f8be072e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0xe80, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40) (async)

1m55.425056332s ago: executing program 4 (id=780):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x80000001, 0x1, 0x5, "21cb00f707a8ceb178ecb4000060fca47bc58f3c9dc4fa00000000000900", 0x4c314356})
socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
writev(0xffffffffffffffff, &(0x7f0000000400)=[{0x0}], 0x1)
r2 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$kcm(r2, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x200ce0c0)
r3 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
ioctl$I2C_PEC(r3, 0x708, 0x9)
r4 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r4, &(0x7f0000001940)=""/4086, 0xff6)
request_key(&(0x7f0000000240)='rxrpc\x00', &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000002c0)='/dev/cpu/#/msr\x00', r4)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket(0x10, 0x803, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000100)={<r6=>0x0, 0x10, &(0x7f00000025c0)=[@in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x0)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000040)={r6, 0x4401, 0x8, 0x80000002, 0x6, 0x1ff}, 0x14)
ioctl$I2C_SMBUS(r3, 0x720, &(0x7f0000000100)={0x0, 0x0, 0x4, &(0x7f00000000c0)={0x0, "a26df55a767236e62139c2071a176250a12fab5932b902510feb36506cb52f0560"}})
r7 = openat$smackfs_cipsonum(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/smackfs/doi\x00', 0x2, 0x0)
pwritev(r7, &(0x7f0000003640)=[{&(0x7f0000000380)="0935b130aee15034d8079ee60a2fb85c4ee0f9bb9d2e1c7a7eef7575dcaf959eda2467f1e381f93fc41b97fe201a1c", 0x2f}, {&(0x7f00000031c0)="c1", 0x1}], 0x2, 0x9, 0x8000)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4044}, 0xc810)

1m39.842371732s ago: executing program 32 (id=780):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x80000001, 0x1, 0x5, "21cb00f707a8ceb178ecb4000060fca47bc58f3c9dc4fa00000000000900", 0x4c314356})
socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
writev(0xffffffffffffffff, &(0x7f0000000400)=[{0x0}], 0x1)
r2 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$kcm(r2, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x200ce0c0)
r3 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
ioctl$I2C_PEC(r3, 0x708, 0x9)
r4 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r4, &(0x7f0000001940)=""/4086, 0xff6)
request_key(&(0x7f0000000240)='rxrpc\x00', &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000002c0)='/dev/cpu/#/msr\x00', r4)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket(0x10, 0x803, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000100)={<r6=>0x0, 0x10, &(0x7f00000025c0)=[@in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x0)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000040)={r6, 0x4401, 0x8, 0x80000002, 0x6, 0x1ff}, 0x14)
ioctl$I2C_SMBUS(r3, 0x720, &(0x7f0000000100)={0x0, 0x0, 0x4, &(0x7f00000000c0)={0x0, "a26df55a767236e62139c2071a176250a12fab5932b902510feb36506cb52f0560"}})
r7 = openat$smackfs_cipsonum(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/smackfs/doi\x00', 0x2, 0x0)
pwritev(r7, &(0x7f0000003640)=[{&(0x7f0000000380)="0935b130aee15034d8079ee60a2fb85c4ee0f9bb9d2e1c7a7eef7575dcaf959eda2467f1e381f93fc41b97fe201a1c", 0x2f}, {&(0x7f00000031c0)="c1", 0x1}], 0x2, 0x9, 0x8000)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4044}, 0xc810)

10.668009897s ago: executing program 1 (id=1079):
r0 = syz_open_dev$vim2m(&(0x7f0000000280), 0x7, 0x2) (async)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000200)={0x6, 0x5, {0xffffffffffffffff}, {0xee00}, 0x9, 0x8b6}) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000400)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="1b0000000000000000400000", @ANYRES32, @ANYBLOB="de1059e860a52091b04e0f573a7e31a6889ab2e0835e80d6cde7233aab1f0e1828f1c7d6677259aea0da76b012034b97e7d94266536fc9a34594e9922a0edb33d75eb7954ddd5bc65ce5b9d84611bfe5b3ba1c6436bc2f894a2fb3f2c2ef2d82781382663414e20d4f9087accb4067cd35bbab7007d6c233e741e61ae43a78012f", @ANYRES8], 0x10) (async)
r1 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(r3, r3, r3) (async)
setresuid(r2, r2, 0x0) (async)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x541102)
socket$inet_udp(0x2, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f}}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r0)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0x1) (async)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket(0x11, 0x800000003, 0x0) (async)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) (async)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000300), 0x8000, 0x0) (async)
r6 = syz_io_uring_setup(0xeee, &(0x7f0000000080)={0x0, 0xdcac, 0x10100}, &(0x7f00000001c0)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) (async)
io_uring_enter(r6, 0x567, 0x0, 0x0, 0x0, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000600)={'team0\x00', <r9=>0x0}) (async)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0x4, 0x0, 0x0, {0x0, 0x0, 0x12, r9, {0x0, 0xfff2}, {0xffff, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_REFILL_DELAY={0x8, 0x9, 0xffffd16b}]}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x810}, 0x0)
madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xd)
mlock2(&(0x7f0000018000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) (async)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, {<r11=>0xee01}}, './file0\x00'})
setresuid(r2, r2, r11)

9.700120595s ago: executing program 5 (id=1080):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020d000010000000000000000000000008001200020002000000000000000000100032000affffe6000000000000000010003300000000000000000000000000fc020000000000000000000000000000030005000000000002000000ac1414aa0000000000000000030006000000000002"], 0x80}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x82602, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@migrate={0xec, 0x21, 0x1, 0x70bd28, 0x0, {{@in=@private, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0}}, [@migrate={0x9c, 0x11, [{@in6=@empty, @in6=@remote, @in=@multicast1, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in6=@remote, @in=@multicast2, @in=@dev, 0x0, 0x0, 0x0, 0x2, 0xa}]}]}, 0xec}}, 0x0)
dup(r6)
syz_clone3(&(0x7f0000000080)={0x2001080, 0x0, 0x0, 0x0, {0x25}, 0x0, 0x0, 0x0, 0x0}, 0x58)

9.05279281s ago: executing program 1 (id=1081):
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0))
io_setup(0x81, &(0x7f0000000180)=<r0=>0x0)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r2, 0x3b87, &(0x7f0000000080)={0x18})
syz_open_dev$evdev(&(0x7f00000001c0), 0x8, 0x42203)
io_submit(r0, 0x1, &(0x7f0000001d00)=[&(0x7f00000000c0)={0x200000000000000, 0x0, 0x0, 0x7, 0x0, r1, &(0x7f0000000340)='p', 0x300, 0xeffdffffffffffff}])
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00')
r4 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1)
fchown(r3, 0x0, 0xee01)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = socket(0x200000100000011, 0x803, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
r8 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$read(0xb, r8, &(0x7f0000000300)=""/134, 0x86)
r9 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r9, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000140)={r3, r3}, 0xc)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'xfrm0\x00', <r10=>0x0})
futex(&(0x7f0000000040)=0x1, 0xa, 0x0, 0x0, &(0x7f0000000080)=0x1, 0x2)
sendto$packet(r6, &(0x7f0000000480)="4dcdc7d96a760000000000000000000000000000008b541f3198664ed3a8a12a1d4e5e738331b3a840aa987c3db780bdf6fcce5ef1be6f643323393826e22b907b54cae28d387bed189d2105000000013545e0de919478190f7cd062d75c60ff0000", 0x62, 0x810, &(0x7f00000003c0)={0x11, 0x0, r10, 0x1, 0x3, 0x6, @multicast}, 0x14)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000380)={'geneve1\x00', <r11=>0x0})
bind$packet(r5, &(0x7f0000000080)={0x11, 0x0, r11, 0x1, 0x0, 0x6, @broadcast}, 0x14)
r12 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="ffffff7f00"/20, @ANYRES32=r11, @ANYRES32=0x0, @ANYBLOB="02000000000000000000000000000000000000000000000000000000f593a223214eb4df44183d517a8a946033fd93be0feae5c9819a0afb2ec830ca6851742cfbcf37793ae9b1851f91ed2aa5338f203c05cf028d0db7412d573b578c45cfac73de303b1ac20024f594ecf9c88840507801aff335f8129a4a4ef52dfe9664a7edfe576ca21274eb9f6b5e132290"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000500)=ANY=[@ANYBLOB="180800000000feff00"/20, @ANYRES32, @ANYRES64=0x0, @ANYRES32=r12, @ANYBLOB="0000000000000000b70500000800000015000000760000e4be980000000000001e080000000000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, @void, @value}, 0x94)

9.051675661s ago: executing program 3 (id=1082):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x1000000000006005, 0x1)
r0 = socket$inet6(0xa, 0x80001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r2, 0xffffffffffffffff, &(0x7f0000002080)=0x64, 0x23b)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f00000001c0)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x108)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000480)=ANY=[@ANYBLOB="8510000004a2ff00950000000000000018000000000000000000000000000000950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073"], 0x7c}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a80)={r3, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000100)={0x1, {{0xa, 0x0, 0x0, @mcast1}}}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r4, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)=[0xff], 0x0, 0x50000000000000, 0x1}}, 0x40)
openat$dsp(0xffffffffffffff9c, 0x0, 0x802, 0x0)

8.664037199s ago: executing program 0 (id=1083):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x1})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000140), 0x10)
sendmsg$IPSET_CMD_SAVE(r4, &(0x7f0000005ec0)={0x0, 0x0, &(0x7f0000005e80)={&(0x7f0000000740)=ANY=[@ANYBLOB="2800000008060102000000000000000005800003050001000700000009000280"], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x2000c000)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
io_uring_setup(0x1de0, &(0x7f0000001040))
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_REMOVE(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)={0x24, r9, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x11}, 0x20000000)
mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000001c0))
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000004c0)="e0"})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0x4c, 0x0, &(0x7f0000000200)=[@acquire, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x13, r2, 0xcbff9000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000300)={0x44, 0x0, &(0x7f0000000b80)=[@reply={0x40406301, {0x2, 0x6800, 0x0, 0x0, 0x28, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000400)={@flat=@binder={0x73622a85, 0xa}, @fd, @fda={0x66646185, 0xb, 0x1, 0x35}}, &(0x7f0000000080)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

7.345680342s ago: executing program 1 (id=1084):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
r2 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x2, &(0x7f0000000780)='\x8d\"', &(0x7f0000000440)="dc", 0x1)
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, 0x0, 0x0)
recvmsg(r1, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x100)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4000, 0x0, 0x0, 0x3)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, 0x0, 0x282, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f000049c000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(r7, 0xae9a)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
shutdown(r1, 0x0)
ioctl$KVM_GET_XSAVE2(r7, 0x9000aecf, &(0x7f000035b000/0x3000)=nil)
sendto$inet(r0, &(0x7f0000000480)="d5fb4dfe4757d5c0539d2db606301dee522d94af8db838a1a732deb0a5454ec5ae68108e2c0981397ad8ff18b51a2fbf341e239f3ae13527ae2b890cd1f94c9464c058e0defb5a23c03ae19ff31a20272a8fcce222fbe5debca0ae1f2055d58ebc3b9ae6b432f0e24d3a1af09713c523d2ef5ab8c6ae0700000000000000d43c596408d792684b927ba06ba6ddb305dc5560db6451a17598707cef807d8f2500e169e23e48a50f53e5b0713f5b5e39db044dbc87de4899742ddc2ba08096ad4738a25a925f4f66378f3307a82afafbe62c2e2255a387dc31445cbcd88819b01bf45eb14d34926d742e4d7d6b62f805c02751d8ea6276120e3d694784619cf05ee242bd89d950c3cbbca304787907857823fd42264a0e568cac2c01e785457eeee3b8e79de5e7767dff75c051c91201051718ab6b400f5772991f05cf9a99c9a809ed89998da8a8d129863333", 0x14c, 0x3ca611852b6aef6, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
sendto$inet(r0, &(0x7f00000001c0)='\r\x00', 0x2, 0x0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xdd}}, 0x10)

6.660096361s ago: executing program 3 (id=1085):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='load default user:trust^d: '], 0x31, 0xfffffffffffffffc)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000800)={0x0}, 0x1, 0x0, 0x0, 0x4004040}, 0x2400c0d0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
writev(r1, &(0x7f0000000040)=[{&(0x7f0000000180)="1c0000002000190f00003fffffffda060200000018e80001dd000004", 0x1c}], 0x1)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x34, &(0x7f0000004240)=0x3, 0x4)
setsockopt$inet6_int(r2, 0x29, 0x8, 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000600)='./file0\x00', 0x0, 0xa0002, 0x0)
syz_open_dev$vim2m(0x0, 0x0, 0x2)

6.130042747s ago: executing program 5 (id=1086):
prlimit64(0x0, 0xe, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f00000015c0), 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x9, 0x40}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7528e000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$rtc(0xffffff9c, 0x0, 0x0, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect={0x0, 0x5517, 0xe4})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
syz_clone(0x60000400, 0x0, 0x0, 0x0, 0x0, 0x0)

5.812104486s ago: executing program 0 (id=1087):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, 0x0, &(0x7f00000010c0))
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000001c0), 0x488082)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="e400000000010104000000000000000002000000240001801400018008000100e000000108000200000000000c00028005000100000000003c0002802c00018014000300fc02000000000000000000000000000014000400ff0100000000000000000000000000010c0002800500010000000000080007400000000068000680080001000000000034000380060001004e210000060001004e240000060001004e220000060001004e240000060001004e220000060001004e20000014000400ff02000000000000000000000000000114000400fe8000000000000000000000000000bb045150a96b7280927a2ca4e898f6879e320b83dbee2cedc5a338f4eef730d0ae3854a9f706a8438d808d076d818376f1416286223c63411d590c723a69377092f656667849fcb2fd654d9756c88fb5b6bb834680c827810d967637cba4599b3b6636c7bf18c5dee7699883ec5e46ad9c2e4ae264009cb742639f955676d44633c37741c00ea43879"], 0xe4}}, 0x2000)
r2 = socket(0x2b, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)=ANY=[@ANYBLOB="3800dd0300000000000000000000000002001fb84734000600000000060015000800000014001680100008800c0003800800010000000000"], 0x38}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a2c000000020a01020000000000000000030000080c00044000000000000000030900000073797a3000000000140000001100010000000000000000000700000a"], 0x19}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_io_uring_setup(0x110, 0x0, &(0x7f0000000040), 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$SIOCPNDELRESOURCE(r2, 0x89ef, &(0x7f0000000180)=0x80000000)
syz_io_uring_setup(0x80000304, &(0x7f0000000240)={0x0, 0x0, 0x4, 0x2, 0xdf}, &(0x7f0000000380)=<r5=>0x0, &(0x7f00000002c0)=<r6=>0x0)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='cpuset.effective_cpus\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x2, 0x0, 0x0, 0x1, 0x7})
getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f00000001c0), 0x0)
write$UHID_CREATE2(r7, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_TIMEOUT={0xb, 0x25, 0x0, 0x0, 0x6, 0x0, 0x1, 0x1})
io_uring_enter(r7, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x0, 0x12040, 0x0)
get_robust_list(0x0, 0x0, 0xffffffffffffffff)

5.779980878s ago: executing program 3 (id=1088):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r0, &(0x7f0000000940)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1c, 0x0, 0x0, 0x0, 0x0, 0xe0}}, {{&(0x7f00000001c0)={0xa, 0x4e24, 0xffff3269, @private0={0xfc, 0x0, '\x00', 0x1}, 0x9}, 0x1c, 0x0, 0x0, 0x0, 0x0, 0xff00}}], 0x2, 0x0)

5.712851093s ago: executing program 2 (id=1089):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x3, 0x4, 0x4, 0xbf22, 0x0, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1c, 0x3, &(0x7f0000000040)=@raw=[@map_val={0x18, 0x0, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x20000000}, @exit], &(0x7f0000000000)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlinkprop={0x40, 0x10, 0xf8b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @random="2cf9f54fbe58"}]}}}]}, 0x40}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c0002800500010003000000060018"], 0x4c}}, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r3, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3ff}, 0xe)
r4 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r5, @ANYBLOB="0000000002000000b705000008000000850000005e00000095"], &(0x7f0000000300)='GPL\x00', 0x4, 0xff9, &(0x7f00000014c0)=""/4089, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_INTERFACE(r6, &(0x7f00000004c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000003c0)={&(0x7f0000000280)={0x30, r7, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan4\x00'}, @NL802154_ATTR_IFTYPE={0x8}]}, 0x30}}, 0x44854)
ioctl$sock_bt_bnep_BNEPCONNADD(r4, 0x400442c8, &(0x7f0000000000)=ANY=[@ANYRES32=r3])
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r8, &(0x7f0000000500)={0xa, 0x4e20, 0x9, @mcast2, 0x7}, 0x1c)
gettid()
ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000040)={0x3, 0x0, [{0x2, 0x6, 0xffffffff, 0x7, 0x2}, {0xd, 0x10, 0x43, 0x9}, {0xc0000000, 0x0, 0x5, 0x5, 0x1}]})

5.424082924s ago: executing program 3 (id=1090):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sched_setaffinity(0x0, 0x96dca55c25fb4027, &(0x7f0000000180)=0x40000000010001)
r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r2, r2, r2}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha1-ssse3\x00'}})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r4 = dup(r3)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000890000/0x18000)=nil, &(0x7f00000008c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xa031, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYRES64])
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f00000004c0)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04bef9ffffffaf4985fe45e30500680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd25479024a676b21b3adc5e463c9effbaad4469a7462ec28ff3221d5eb87a70542a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953584db11b7f89ec68098eafa48cebd6882a1825d32130a31abfeafd1987317879e29ac51b93c9429e023fff3ddb5e39dd19cc3ef1d883c78b9e273d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833be71679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62708a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30e7f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56f335e2373b2cde5600db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba4453680093dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce5ef7fe8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c004000000000000008e60488a2ae0a1930786874dc21a2eadc8f96c26342811d265d21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb118030000000000000000002100"})
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$int_in(r5, 0x5421, &(0x7f0000000000)=0x4)
r6 = dup(r5)
bind$bt_l2cap(r6, &(0x7f0000000080), 0xe)
listen(r6, 0x0)
accept4$vsock_stream(r6, 0x0, 0x58, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r7 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r7, &(0x7f0000000340)='0', 0x1, 0x0, &(0x7f0000000240)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c)
shutdown(r7, 0x1)
r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r8, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f0000000100)={0x0, 0xa, 0x93}, 0x8)
syz_usb_control_io$hid(r8, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000740)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x0, "a8407a73"}, @local=@item_4={0x3, 0x2, 0xa, "5f09b89f"}, @local=@item_4={0x3, 0x2, 0x9, "f3a72937"}]}}, 0x0}, 0x0)
getsockopt$bt_hci(r7, 0x84, 0x14, &(0x7f0000000f00)=""/4111, &(0x7f0000000200)=0x100f)
openat$bsg(0xffffffffffffff9c, &(0x7f00000000c0), 0x4800, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(r4, 0x10e, 0xa, &(0x7f0000000040)=0x2, 0x4)

4.486417898s ago: executing program 1 (id=1091):
r0 = memfd_create(&(0x7f0000000d00)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea', 0xe)
r1 = fcntl$dupfd(r0, 0x0, r0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xa, 0x13, r1, 0x8000000)
ftruncate(r0, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x8040ae9f, &(0x7f0000000040))
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="34000000110001000000000000000000100000000c00000000000000000000000000ffffe0000001000000000000000000000000fea1a59f80ebb01c0dee945c185ed126307c8cde204ee25ea6ebc065775824b3"], 0x34}], 0x1}, 0x0)

4.154502554s ago: executing program 2 (id=1092):
socket(0x2a, 0x2, 0xe2)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000001600)=ANY=[@ANYBLOB="61128c004100000061134c0000000000bf200000000000002600020007ffffffbd0310000000000095002000000000006916000000000000bf6700000000000004070000b964b01a4607feff00200000540700000ee61e00bf150000000000000f5700000000000065070000d23700002c030000000000001f75000000000000bf54000000000000070000000400f9ffad430100000000007c000000000000000500000000000000950000000000000032ed3c5be95e5db67754bb12dc8c4ed68ecf264e0f84f9f17d3c30e3c7bdd2d17f2f175455000078af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd390700000500000000f18c30907d7bee45a0100000fe9de56c9d05000000c6c60bef0d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cac3f1d5af65727546e7c955ccefa1f6ab689ffffff7f63ede202fa4e0a2127b8b83c71a51445dc8dfd13ff15f852a39e5b2ab7bcb8f512036a5ba6d04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916fcecc8158f0200000000c8fb735fd552bdc268694aeb0743e326c819b6cf5c8ac86f8a297dff0445a13d0045fb3cda30a673a6037ed8c85f21ec2c081bdce431e56723888fb126a19bc1172b84b3ebe174aba210d739a018f9bbec63222d20cecac4d03723f1c921b5bbf7949632cacfdd32b3a6aa57f1ad2e99e0e67a993716dbf580469f0f53acbb400001e3738270b315d362ed834f2af97787f696649a462e7e090000000000000045eac1f2014f720e83b7838e3eede14308d582685e1becd6f35154bcb4000000000000000000000000000000bc3af2b170ad3e2b26539cebca8f4ddc211bc3ccf0bd9d42ca019dd5d022cf74686e9fbe2562979eaed840a7afaab43176e65ec1118d46d1e827f3472f4445d353887a5ad103649afa1769080584f800031e03a651bb04000000ab04871bc47287cd31cc43ea0ffb567b4040c1458d0320ce7d0000413a0000000000000000005f37983f84e98a523d80bd56a57fa82b82f639601ae899a559944cb9a62a29ab028acfc1cb26a0f6a5480a55d624a0c544ba0dc828c22fe30000aa391598000000437d57fcf8295f63a70837f5cd4e5e77964522dc7ca3aa3476b7f2d851d27fd4de6eabb43e0799dc8d9fb7dc6c523ffbd74a6a40e4acb1ac872ade9d1f2ab779b8dbe843aeeda0426c767c00327b8c95b2bb6ddb55117669d9598c0f3598073f3a921c76beceff7e4fbf909a2cabf5b8ea5011db9020823b83abe54346c7af0a99fa077ffe7000feb9e44023a1749eb1d0d572b77d6e0d0fcd74031c8ef2629f5ecff4626746d6abe98a255e92c3c4f79bfcd0d91741380000cfeb73dec68ed56b5d3dfdf0cb8b71ad79000000000000000000000000000000dd434a25e95d0ec29d3adaccf89d0888031ecdfdb4dfbe444673be099ece7e4009c76c7108ef0a7e59fd6d906fbc3c9b412e0478cfee4485f423c63f49db43833c92eeeb647cebd4d7a93a17bcbb6bae5ff876375d4fe39cc2d292691672cc18ca372104ceb83a35ecedd97fc191d8f64d2b1d60c6d12911aada66c26aa4802c3514c3d92ec905000000b13f4a2575fbe943a6c40000000000000000000000000000028026b80c3899543223a6079ee96198b9a326db3be3a48af415ca28ca68c502550044ed8e29af8d763ef9b1f31befcad2ce5394601c7cdc233bff7f0000000000009fb3ad650f77e339768924dfdbeead13b88371154d743544a6091ec93e0d3fd5b4dc42911c1ba322fd4d6fbf19e617d51f964727bfd5cc5ba15370f6e1141d2271eded0b15e4316a1e4623272beb249a0928c417720be14c898f397411c88a7bcf3df46ab3efe7cd5e160c2afd3cc945f75011a102d952c7ad17a58d9be691c334ea35bae71e76e160cc2260bd028162917807ce89e11b5f261052ee0dde18efa1d802af2b7bcf6f8af41933cea0d0343261bccf64ca1c81045153eafbefdb91fbdff9ee3307d4a1837963b2dc2a3698d90e7915b098f19392e792adaea86052f4e948184001b6494e906925a092483adc7e9c8f7a29d226763c100aecae7f00619c36bceb9fb6dd7e55487d8485e498fdfc377fd3d266d21d46ab2f6b2ce22cd0aebba9b0ffbfe8ec3143c3734967c90b16ebbeeae1ce2baaae05aed6bf0f40c8a323f9235dc99698bd0b800067a901a79daada03cc77e74feb98b1586946b452764ff917a8ecc10e529c5bea49cad70e22df522c2803b6ef65df70223c6e22c3433e322d8dbd6e9b040065a9d6b3d5ae276cffe935d559bea88e1aa36b4e6c19e78457904297e77370e013b705a96548d47c609a93c45f4d1382b39c05dcc07d5b49ad75ddb3ce5b5b9416e03995da04647aa5e6fc1a6f5d663380967ccef9de49a90ced031335e3219ebd9d06c257a50497ec523f5ff7361261ccfe239d603364a42e2e81fc068fcbb9792b673827fe7018a988fbce55bb74cdb327ced4b77b8743fb3cb72cc280b9f62e4f92f46a19600b802cba88b7d0a938d9e0e6cfe5d66b874c9a0c6c04b96360d6f499d004179e5b6025c0e1050faec7ecd9de190a975db2f8c06a551236278c4766d7e22e3b85168c9851de6266c791252f919b4f8b257b5a786734e5142e4666c67aef5b7b2f88c6640995434aa8636993089c73f196c54ae829ad4307132655b075ae534fa7f1ea9a17e62357b0bd2bd1d62d34bfc1364640250136729ba4f763ff25c33e8acc806611792add8254e705fefd2a44d5b15e3b36f6b75c97c9c04c511d8cf9e24c61c8284a913a381cb1a5628878040000000000000017b68afd95d4abf7920de9ebe1c89661f4adc3d83d72b1b778e30c2bf2efbbcd054cf51f4205ebf9a98a0d9f18135cb1d8d567c3436fa697b72c3b0200000000000079c0b3339debc78352b2e65299223d7ef2bd540e78167b3ac92a4c4f826f6d0e5c4ebf4f7a70c03e2f5ddbebf168586360c3663531eb5995d228f011a10ffc8b17d716b0c528dab6d0c4fe2ee402348104bc5d4012babedee898c6d3e1017be2e9bc759d3ab4d615f5000000000000000000000000000000000000000000007fff0000000000e693e314adf7dc9f517d04f1e6ca367d30d31d3647c6059db6e1e9529eb1623ef99e2d9ac2ab4872f8e784b07a31110bef6d000000a6f9e89e6d50ee06ce716f94da60f1f22d9669560d296287c13c92070000ee7553eb2df17839542fa88d09f000e88a90cf4406b9000000000000000000000000f441d6a6f516c235c6f5863e7f454ee0e16b9aa2593eb31fa3836703e7765aaeb77a8770e518efaa6d3dd85e03b3b133eb749057cea9af75a0e6f633532f2891b8e263cb6eecea691842827bc7c8c0130187081c8d320642389f5f0c42dba0ff68e84d7b130906f17f6aa075a257310f2d92cb1d1e16468949f5675262ee318e735930b01d8f586e34537bcff7d6196f494cdcf3a712078d745db0f5687a78ee6d000b3d171a0f08299b52d207f32e9da311ca090000003a42732808515eec574f892622c5be497fc3d9ca122d7c18b9e54637812c8debc61f0e42d838e44a819b74bce1a56108bb0fde97a02475920532309c55b2c9ae9f281391ec5cc72a5e94cca1cbf1ff01000000000000bdb537a0c52bd45a9f966c25616cec30c3ea3246cb8e6aac7cf273638e6656a3e4ccadc348f0172028c99cc5f6d5c6d09ed65aa54549e73c28b7c8ad06ad3c5e3c27eec0eff1a6c84f1189919eefcee807fc081e004ffb7d3104af00ac92f1080211c4bee74381a0e31021918f27863fdbafb50f70857d52a1f7df51935a80b1980a4778d35f183ea517f55a98095305701ab3f3ae43f06e91bc7d85e3800b46926944fba9805a985e63e53a62232fcd3f01dbe1728f300e247a7ebe344f9749818ff3961b2a42664ccd680a90bbb6ab400e286acc8f9febef64594777f848ed1cf980a3da2f0f7745760a05887d0c28060d613dd6539d392fc21fee0b5131609664b821d7a994e6c5965a4fa1ec1790c54e54586907dcc5e8bac16e79da9c2444420900000000000000f888a94365b99b72796fca1b922fc9aefaf1546c17cbb1d2d2fd12cb1a49cad501a3ca218c595b667b634606c57987ebfb0783a4948e4561d5cda158fe74453ff4a837beeedba483842c57d6005b544b4f80003386edfd3d4a88a667bd41eefe0d808abed08a29e6bc370a80cc0366fb4080bfbaaa946fd47ab662c794846e403950bbc3a48bb276cbb08a8eab145c06221ef16a238e3d50ad18aea9a2cec97d3c2d0569caabe2bffe02506bc9cb7294c5d020536dd5e7a6351642112df3b55d0215aaec7e45598995e79699e47567e353e68b03f82be860b188554b734e1192f9c1a867b815ef52cdc3307c0cc9be05a40fde69c350e59f11f1d26a4d04d8c8b2c4a4d23ec931d14bc7807db773a614b670acf46f83f7c65a0f8d43c5f64705f0d27c46d4b686e867e9b0be76a7978a8f962bb5a070df97f2bf7612115cfe5ebdc7ad0bc5a5f3ace25347d0e5c347279d55aa67a967380000000000000000000000000000000000000000000000ed0942d980c754c6c69ef65c375ad018824f78b260d5f51bc3feba504408a8c8141d84f3f417603b5081680f346ff0ffbe4ae19e936511966965ce268b6345a0001c0f26a32e0a999fc869292e939dcf89b9bfd794f9c12d41959a00688cca43015a9eec58f647796adea520cd2abeb0b55c22949d10e5a05fee4543fdc1e02554a55b5fef2427a6e5708edc38fac53c2f961945a3f83cdf01979939b49bc6b1aef8c733401bbe473de8d64efbe0d123739f387d1c0d9e74f2175c174ada1678c7db79492e8dd0f34e2ccf419cf7f14ffa408b50a52685b36aed14aa22ad928191d5a2697646edc52a1c0c5d720ae690add2b34aed161f51cc1cb424f76098e1e1921e5a405f9d298a8461f2da30e47b7c6ed7c95c84c745f58723e4cddffae3b53b5b947f9435e589f9ae55b30ecd3827b2de5df31976870823da8058c2538c04e397f3d0ef90c11c74da984fa558697ecb57224ce8fa6f79aadbd7dbf3678e74d790bc2ee72769a3ada1dd504f8e4133ce1effd446bc9a2f139e65cc4bd83912af3122352506c7c2191b3705116b2f4fc20d4e93882bdd6ccea97f3a08d3565b0000000000000000000000000000d35fb97c2d7a9374294dcec3da3df9a13c4fc63b00426682534d894caee0b963a3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe50, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

4.052164821s ago: executing program 0 (id=1093):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r4=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r4}, @IFLA_HSR_VERSION={0x5}, @IFLA_HSR_SLAVE2={0x8, 0x2, r2}]}}}]}, 0x48}}, 0x0)

3.339487186s ago: executing program 1 (id=1094):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x7, &(0x7f00000000c0)=[{0x79, 0xd, 0x0, 0x7}, {0xf1be, 0x0, 0x0, 0x7fff}, {0x9, 0xa, 0x2}, {0xf6ec, 0x5, 0x0, 0x69}, {0x7f9a, 0x64, 0x9, 0x2}, {0x0, 0x5, 0x2, 0x49}, {0xc67f, 0xd, 0x9, 0x7}]}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
mount$nfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000005c0)={[{'ac,'}]})
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="8c0000000001010400000000ffffff8802000000240001801400018008000100ac1414bb08000200ac1414bb0c00028005000100000000002400028014000180080001000000004008000200ac1414bb0c0002800500010000000000080007400000000028000680080002007f00000108000100", @ANYRES64], 0x8c}, 0x1, 0x600000000000000, 0x0, 0x40}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x12, 0x80801)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000044002, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0x0, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0xfffffffffffffffe, 0x2, 0x0, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

3.149184437s ago: executing program 2 (id=1095):
openat$kvm(0xffffffffffffff9c, 0x0, 0x80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
socket(0x29, 0x2, 0x1000000)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000004f80), r3)
sendmsg$NLBL_MGMT_C_ADD(r3, &(0x7f0000005440)={0x0, 0x38, &(0x7f0000005400)={&(0x7f0000005340)={0x54, r4, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private1}, @NLBL_MGMT_A_DOMAIN={0x14, 0x1, '-+^]\x1b!+&]+//\xa2*#\x00'}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @private=0xa010102}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @rand_addr=0x64010100}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x200000d0}, 0x20000011)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x401d031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000cb2000/0x4000)=nil, 0x4000, 0x6, &(0x7f0000000000)=0x72e2, 0x9, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2)

2.924096637s ago: executing program 5 (id=1096):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x2a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b7000000286c0000bca30000000000202403000040feffff7b0af0ff0000000079a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000e61141800000000001d430000000000007a0a00fe0000001f6114140000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f2440000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c9494963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fbf05b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b60f132a2bf8a858392f34072d99aee0ec70aa6d75096e608d97ac4b7bfa2e0ae3e59718e7a7691a98b1334e34553300"/4140], &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r4 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
lchown(&(0x7f0000000340)='./bus\x00', r5, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48)
r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x143742, 0x0)
r8 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r7, &(0x7f0000000000))
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041)
write$sndseq(r9, &(0x7f0000000080)=[{0xb, 0x0, 0xfe, 0xfd, @tick, {0x1, 0x8}, {0xe}, @result}], 0x1c)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000ff0000000000000000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000000300000095"], 0x0, 0x67, 0x0, 0x0, 0x0, 0x79, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
quotactl$Q_GETINFO(0xffffffff80000501, &(0x7f0000000040)=@nullb, r5, 0x0)

2.787904589s ago: executing program 0 (id=1097):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000080)={'#! ', './file0'}, 0xb)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000002000000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000400)=ANY=[@ANYBLOB="1c0000001400010000000000000000c903000080080002"], 0x1c}], 0x1}, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0xc0189436, &(0x7f0000000140))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb0100180000000000000078000000780000000500000000000000f7c40932116af1365211db23a097fc730600000d00000000030000000400000002000000030000000f00000001000000100000000500000022000000000000000f000000040000000d00000006000006040000000d000000010000000c0000000500000000000000080000000f000000090000000b"], &(0x7f0000000400)=""/42, 0x95, 0x2a, 0x1, 0x0, 0x0, @void, @value}, 0x28)
ioctl$vim2m_VIDIOC_G_FMT(r3, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x0, 0x7, &(0x7f0000000040), 0x0, 0x0}})
flistxattr(r0, &(0x7f0000000100)=""/165, 0xa5)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000fc0)=ANY=[@ANYBLOB="b40500000000000061109e0000000000040673810000000095000020000000983f26bffae588504867e9cb23fabefdee5f35b674e1b97050dbd81f72937dcb2d088ce42912cc9297f33ede4785ce0a63dbc886b942c6e24bc315866add088af9bc66a1de53b833abd15bc34792656cb7b9117ff5821f7c54d5163afdd218eb674988dadb408e93bff2fc9530f0add6a061a0ec48d15e355f225fc79fda856ff46b5df897dd3f50757b1e8ef86fe1972c2fcba29ddfac71dc6c9d351564bff28396d9550952ed07321d070eea6088000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = dup(r6)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
openat2(r7, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x400000, 0x40, 0x20}, 0x18)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0xeeef0000, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x4b564d00, 0x0, 0x3}]})
r9 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$AUDIT_TTY_SET(r3, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x18, 0x3f9, 0x8, 0x70bd2d, 0x25dfdbfe, {0x1}, ["", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x40000}, 0xc0)
sendmsg$802154_dgram(r9, &(0x7f0000000140)={&(0x7f0000000040), 0x14, &(0x7f0000000100)={0x0}, 0x7}, 0x0)
setsockopt$WPAN_WANTLQI(r9, 0x0, 0x3, &(0x7f0000000000)=0x1, 0x4)
dup(r9)

1.787860571s ago: executing program 2 (id=1098):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000000c0)={0x42, 0x1, 0x2, "9601f800000800f8ffbfff000000000000000500", 0x42345335})

1.532131493s ago: executing program 0 (id=1099):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_SEND={0x1a, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000880)="910f88d6d6ba44d92cfa3cf95176156a3971f87e332bfad2bc4cefe940f58163b1a20de787ab2ad1f65c07f594a1b0ef9e16dfb1bf80a19abb5448137441954fc97dc74e6ad06b88038462039d49514e5e5d0e8738403db79dd2ddea039adfec64f4b0311bf9146689aa4510324d8c3041bac34b3b611bb7eda0d056bb37f0d111d941db22d65738c7edbf4f7a528989705ecf0d67661a2b7ffddc15472a725964f5119c1afaf658f5d7894d5e8e8a8813692aa177a0ddbe76b39f4432bf5a403f4d1b553c0ee979845a", 0xca, 0x24008090, 0x1})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0) (fail_nth: 2)

1.479027487s ago: executing program 5 (id=1100):
syz_io_uring_setup(0x324d, &(0x7f0000000080)={0x0, 0x0, 0x13580, 0x2, 0x1000}, &(0x7f0000000100), &(0x7f0000000280))
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
sendmsg$inet(r1, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x38, 0x1403, 0x1, 0x70ad30, 0x25dfdbfb, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'veth0_vlan\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4048086}, 0x4)

1.418041884s ago: executing program 1 (id=1101):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
r2 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x2, &(0x7f0000000780)='\x8d\"', &(0x7f0000000440)="dc", 0x1)
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, 0x0, 0x0)
recvmsg(r1, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x100)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4000, 0x0, 0x0, 0x3)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, 0x0, 0x282, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f000049c000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(r7, 0xae9a)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
shutdown(r1, 0x0)
ioctl$KVM_GET_XSAVE2(r7, 0x9000aecf, &(0x7f000035b000/0x3000)=nil)
sendto$inet(r0, &(0x7f0000000480)="d5fb4dfe4757d5c0539d2db606301dee522d94af8db838a1a732deb0a5454ec5ae68108e2c0981397ad8ff18b51a2fbf341e239f3ae13527ae2b890cd1f94c9464c058e0defb5a23c03ae19ff31a20272a8fcce222fbe5debca0ae1f2055d58ebc3b9ae6b432f0e24d3a1af09713c523d2ef5ab8c6ae0700000000000000d43c596408d792684b927ba06ba6ddb305dc5560db6451a17598707cef807d8f2500e169e23e48a50f53e5b0713f5b5e39db044dbc87de4899742ddc2ba08096ad4738a25a925f4f66378f3307a82afafbe62c2e2255a387dc31445cbcd88819b01bf45eb14d34926d742e4d7d6b62f805c02751d8ea6276120e3d694784619cf05ee242bd89d950c3cbbca304787907857823fd42264a0e568cac2c01e785457eeee3b8e79de5e7767dff75c051c91201051718ab6b400f5772991f05cf9a99c9a809ed89998da8a8d129863333", 0x14c, 0x3ca611852b6aef6, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
sendto$inet(r0, &(0x7f00000001c0)='\r\x00', 0x2, 0x0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xdd}}, 0x10)

1.092192439s ago: executing program 2 (id=1102):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x9, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee517d34460bc06180000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

1.091744394s ago: executing program 3 (id=1103):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x4, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="180200000000000000000000000000008500000061000000850000005000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xb, 0x0, &(0x7f0000000040)="e02742e8680d85ff978276", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

876.081435ms ago: executing program 5 (id=1104):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newqdisc={0x70, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xfffffffa, "60d7f74b38433ed7bf20a5dc0dfbb554"}}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x421]}}]}]}, 0x70}}, 0x0) (fail_nth: 2)

573.16634ms ago: executing program 2 (id=1105):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='projid_map\x00')
preadv(r0, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/176, 0xb0}], 0x1, 0x4, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000000300)=0x49b9, 0x4)
shutdown(r2, 0x1)
sendmmsg$inet6(r2, &(0x7f0000002c80)=[{{&(0x7f0000000000)={0xa, 0x4e1b, 0x0, @loopback, 0x20060}, 0x1c, 0x0}}], 0x1, 0x4044)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r4}, 0x10)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
r7 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x0, 0x10100, 0x0, 0x3b9}, &(0x7f0000000000)=<r8=>0x0, &(0x7f00000001c0)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r7, 0x2def, 0x0, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r6, &(0x7f0000000880)={0xc, 0x8, 0xfa00, {0x0}}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000d00)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000cc0)={<r10=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r6, &(0x7f0000000d40)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @local}, r10}}, 0x48)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'tunl0\x00'})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000100)={'wg2\x00', <r11=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newchain={0x5c, 0x64, 0x100, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r11, {0xfff3, 0xfff3}, {0xc, 0x10}, {0x8, 0xffe0}}, [@TCA_RATE={0x6, 0x5, {0xf7, 0xf2}}, @TCA_RATE={0x6}, @TCA_CHAIN={0x8, 0xb, 0x9}, @filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_IP_TTL={0x5, 0x52, 0x9}]}}, @TCA_CHAIN={0x8, 0xb, 0x3}]}, 0x5c}}, 0x0)
r12 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r12)
socket$inet6(0xa, 0x3, 0x6)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e26, 0x800, @dev={0xfe, 0x80, '\x00', 0x31}, 0x13}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd60ff00f500140600fe800000000000000000000000f8ffa9fe8000000000000000000000000000aa"], 0x0)
r13 = bpf$ITER_CREATE(0x21, &(0x7f0000000140)={r3}, 0x8)
ioctl$KVM_TPR_ACCESS_REPORTING(r13, 0xc028ae92, &(0x7f0000000240)={0xffff, 0x9e})

528.111931ms ago: executing program 3 (id=1106):
socket$nl_xfrm(0x10, 0x3, 0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x50)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xe, 0x4, &(0x7f0000000380)=ANY=[], 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002400)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000400000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e345c65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d57aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c295122a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e720c9901de2ebb9000000018e3095c4c5c7a156cec37dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e8f0a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340bdc8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9fae997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfd0aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5ea3c88d5480efd8329d9a733d8f9ffffff5f91ae162745f6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bc39c1e91c000b85457917dcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a9c1f2dc7e8542422113285b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b4a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef3b398f0e6bb7a30006000000cba12953d58cff0f65fd31fbd9853fd57b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0091245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689df8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000040000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00122e812a5e37cd52c9eb7336281cb8c6c64c382680fdc8f7eeafce2e993c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710b20f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaaf56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9f30f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c67491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce169117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd803bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfc8c00000000000000afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb56923b0735ab60a539ade786bd6004d0ea3edbd6c49859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3030000000000000059f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee2838903b6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2caa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5cc98d992f3de7d1cdfb24384b9f10f615c87c441dc970ec896a5af6bf69b50a244bc131538c6cfc98a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d5b7b29a938f488be7eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cb00000000000000000000f4e1b774d0732ede6385923110ae01da6437a9b7a01b2d8c6afdcf15fd0040393ed3f2d3bf40285c414df6ddaab8e27b4c0028bd945d6e622017b2d96c978859fc2917951c5662b325f7fead9c68f9df5ef9f401a2127dc1d386022cdf8a786b02d0a7a74f7c7564e993772bacf42831528fa72bbb64cbe93d2ce0ff64ec7499e7d4c326d1497916ce58b283ff659db3ef576a74571a2bc325e87a72a3ed27a57efe5d6016193ea3d6c63fb777ca5aec649e977443cbe3603ebf1a3b1f705b6f576fe7a6bfa7f20036821615b808c442658d069434c8fb423dd1e5673b61f867e042172654f48c3aa8464e8f75f93b5660f6449b93a5957198ee5c258f04edd640b77f3a49b01230a2a863d4a8d69ebbd0cffbae7602956090f6681131b7ced5ac86f330282f1e3a435a915a790dd88e2220c7904457576c4e0942ccbd07f1cd9c04645ae4c77bcd2f95b263b7495bd56a99536092c1fc86b32d9e57d1d7627ec3390ffa7d4f229a071639f4d61bf0030b4f9ee0533d8c5ce2e06b98e859df68e9491b1a708c60baa367370b2cd91b56b537425ed74d811ff4e07f53abeb164a"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket(0x10, 0x80002, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ffff", @ANYRES16=r5, @ANYRESDEC], 0x52)

134.882649ms ago: executing program 0 (id=1107):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_IOVA_RANGES(r1, 0x3b84, &(0x7f0000000280)={0x20, r2, 0x7, 0x0, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {}]})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r3=>0x0})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000860d29063eb08ec315478ae7632eb45f2f58f7ecedcc678263a0550f3ec4451327a20000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='contention_end\x00', r4}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000060a0b0400000000000000000200000028000480140001800a000100726564697200000004000280100001800a00010071756f70610000000900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a49d0e0a5132fb13356800e214e40de8350774669befd50e9ce2573a227262338ad804ed53b7227be9b43400d92cee5dac0e6205398747202c1d12f3dc4"], 0x7c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="6800070000000900000000000000a10000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000480012800e008775eea2df8aab7a7461428008000100000000000000", @ANYRES8=r3, @ANYBLOB="44f18344fe80040000000000000000000000001514000747f0b42ff19488d527f789867d3c"], 0x68}, 0x1, 0x0, 0x0, 0xc040}, 0x10)
ioctl$sock_inet_SIOCGIFNETMASK(r0, 0x891b, &(0x7f0000000180)={'veth1_to_team\x00', {0x2, 0x0, @loopback}})

0s ago: executing program 5 (id=1108):
socket$nl_rdma(0x10, 0x3, 0x14)
syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x101301)
setsockopt(0xffffffffffffffff, 0x1, 0x10000000000009, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14}, 0x14}}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_init_net_socket$llc(0x1a, 0x3, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r4, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0x80}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b9f802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963cd14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f0d9ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d579531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a785d820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37dfd149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f2729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab21842da1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a99b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f8f4ed0b27cedd1c5e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000180)="660f388084000072baf80c66b860b4498c66efbafc0c66b80e00000066ef64f30fc7b000100f850100f30fc7b1030066b9800000c00f326635000400000f30d2bc0a000f23c80f21f86635040040000f23f8b8f4008ee0", 0x57}], 0x1, 0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2)
r6 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
openat$cgroup_procs(r7, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000040)={0xc3f2, 0x2, 0x1, "046d30d271ea65a772c53ab69f1439395bfa053234e3a84d3d8dd58ffd3d992b", 0x31424752})
ioctl$TIOCL_BLANKSCREEN(r5, 0x4b67, &(0x7f0000000000))
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000080)=ANY=[])

kernel console output (not intermixed with test programs):

 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.105291][ T7318] RSP: 002b:00007fed4fdb5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  189.105315][ T7318] RAX: ffffffffffffffda RBX: 00007fed4f175fa0 RCX: 00007fed4ef85d19
[  189.105330][ T7318] RDX: 0000000020000380 RSI: 0000000020000100 RDI: 0000000020000580
[  189.105343][ T7318] RBP: 00007fed4fdb5090 R08: 0000000020000980 R09: 0000000000000000
[  189.105357][ T7318] R10: 0000000000010001 R11: 0000000000000246 R12: 0000000000000001
[  189.105371][ T7318] R13: 0000000000000000 R14: 00007fed4f175fa0 R15: 00007ffcd0267298
[  189.105399][ T7318]  </TASK>
[  189.105575][    C0] vkms_vblank_simulate: vblank timer overrun
[  189.390158][    T9] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  189.467649][ T7326] netlink: 28 bytes leftover after parsing attributes in process `syz.2.373'.
[  189.575213][    T9] usb 5-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e
[  189.585403][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.597928][ T5899] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  189.615847][    T9] usb 5-1: Product: syz
[  189.646105][    T9] usb 5-1: Manufacturer: syz
[  189.665057][    T9] usb 5-1: SerialNumber: syz
[  189.694523][    T9] usb 5-1: config 0 descriptor??
[  189.877544][ T5867] usbhid 2-1:0.0: can't add hid device: -71
[  189.886776][ T5867] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  189.898264][ T5867] usb 2-1: USB disconnect, device number 9
[  190.024891][ T5899] usb 1-1: device descriptor read/64, error -71
[  190.287839][  T974] usb 4-1: USB disconnect, device number 8
[  190.364884][    T9] mos7840 5-1:0.0: required endpoints missing
[  190.477658][    T9] usb 5-1: USB disconnect, device number 9
[  190.515768][ T5899] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  190.860072][ T5870] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  190.930133][ T5899] usb 1-1: device descriptor read/64, error -71
[  190.967578][ T7337] hsr0: entered promiscuous mode
[  191.682193][ T5870] usb 3-1: Using ep0 maxpacket: 8
[  191.686969][ T5899] usb usb1-port1: attempt power cycle
[  191.960576][ T5870] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  191.973261][ T5870] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.020191][ T5870] usb 3-1: Product: syz
[  192.026518][ T5870] usb 3-1: Manufacturer: syz
[  192.050404][ T5870] usb 3-1: SerialNumber: syz
[  192.064680][ T5870] usb 3-1: config 0 descriptor??
[  192.220134][ T5899] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  192.261108][ T5899] usb 1-1: device descriptor read/8, error -71
[  192.310074][ T5867] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  192.330214][   T25] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  192.355753][ T5870] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  192.660944][ T5867] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  192.673747][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.686873][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  192.705784][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.717476][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  192.741106][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.752917][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  192.779998][ T7355] netlink: 32 bytes leftover after parsing attributes in process `syz.1.382'.
[  192.796285][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.807786][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  192.819663][   T25] usb 5-1: config 8 has an invalid interface number: 79 but max is 0
[  192.828077][   T25] usb 5-1: config 8 contains an unexpected descriptor of type 0x1, skipping
[  192.837055][   T25] usb 5-1: config 8 has an invalid descriptor of length 87, skipping remainder of the config
[  192.847586][   T25] usb 5-1: config 8 has no interface number 0
[  192.853920][   T25] usb 5-1: config 8 interface 79 altsetting 1 bulk endpoint 0xC has invalid maxpacket 32
[  192.863884][   T25] usb 5-1: config 8 interface 79 altsetting 1 bulk endpoint 0x4 has invalid maxpacket 1023
[  192.874025][   T25] usb 5-1: config 8 interface 79 altsetting 1 has a duplicate endpoint with address 0x4, skipping
[  192.885263][   T25] usb 5-1: config 8 interface 79 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 7
[  192.900100][   T25] usb 5-1: config 8 interface 79 has no altsetting 0
[  192.911267][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.923472][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  192.935703][   T25] usb 5-1: string descriptor 0 read error: -22
[  192.942270][   T25] usb 5-1: New USB device found, idVendor=19d2, idProduct=ff4b, bcdDevice=36.37
[  192.951613][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.962421][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.974767][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  192.987445][ T7344] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  192.998384][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  193.010154][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  193.017459][ T7344] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  193.022432][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  193.039249][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  193.054919][ T5870] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  193.081662][   T25] option 5-1:8.79: GSM modem (1-port) converter detected
[  193.119248][ T5870] usb 3-1: USB disconnect, device number 7
[  193.126810][ T5867] usb 4-1: New USB device found, idVendor=056a, idProduct=0000, bcdDevice= 0.00
[  193.142552][ T5867] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.162399][ T5867] usb 4-1: config 0 descriptor??
[  193.750582][ T5867] wacom 0003:056A:0000.0005: Unknown device_type for 'HID 056a:0000'. Assuming pen.
[  194.085486][ T7377] netlink: 20 bytes leftover after parsing attributes in process `syz.3.378'.
[  194.259188][ T5867] wacom 0003:056A:0000.0005: hidraw0: USB HID v0.00 Device [HID 056a:0000] on usb-dummy_hcd.3-1/input0
[  194.271631][ T5867] input: Wacom Penpartner Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0000.0005/input/input10
[  194.581177][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  194.587983][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  194.786628][ T7392] syz_tun: entered promiscuous mode
[  194.955021][ T7392] batadv_slave_0: entered promiscuous mode
[  195.097522][ T7392] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  195.243920][ T7392] Cannot create hsr debugfs directory
[  195.452617][   T25] usb 4-1: USB disconnect, device number 9
[  195.593004][ T5870] usb 5-1: USB disconnect, device number 10
[  195.603055][ T5870] option 5-1:8.79: device disconnected
[  195.617620][ T7395] netlink: 'syz.1.390': attribute type 11 has an invalid length.
[  197.338489][ T7412] smk_cipso_doi:693 remove rc = -2
[  197.344400][ T7412] smk_cipso_doi:706 cipso add rc = -17
[  199.701205][ T7443] netlink: 12 bytes leftover after parsing attributes in process `syz.0.405'.
[  201.635635][ T7462] smk_cipso_doi:693 remove rc = -2
[  201.642251][ T7462] smk_cipso_doi:706 cipso add rc = -17
[  202.640100][ T7475] smk_cipso_doi:693 remove rc = -2
[  202.646034][ T7475] smk_cipso_doi:706 cipso add rc = -17
[  208.646044][ T7536] netlink: 8 bytes leftover after parsing attributes in process `syz.1.427'.
[  209.512246][ T7544] netlink: 4 bytes leftover after parsing attributes in process `syz.1.427'.
[  209.949870][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88807f331800: rx timeout, send abort
[  209.962541][    C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff88807f331800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  210.519504][ T5899] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  211.080138][ T5899] usb 1-1: Using ep0 maxpacket: 32
[  211.118750][ T5899] usb 1-1: config 0 has an invalid interface number: 25 but max is 0
[  211.144503][ T5899] usb 1-1: config 0 has no interface number 0
[  211.172349][ T5899] usb 1-1: New USB device found, idVendor=0b95, idProduct=2791, bcdDevice=a8.91
[  211.181567][ T5899] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.189595][ T5899] usb 1-1: Product: syz
[  211.198020][ T5899] usb 1-1: Manufacturer: syz
[  211.209867][ T5899] usb 1-1: SerialNumber: syz
[  211.231113][ T5899] usb 1-1: config 0 descriptor??
[  211.429337][   T29] kauditd_printk_skb: 7 callbacks suppressed
[  211.429358][   T29] audit: type=1804 audit(1734439281.552:67): pid=7563 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.437" name="/newroot/95/bus/file1" dev="overlay" ino=514 res=1 errno=0
[  211.473717][ T5899] usb 1-1: USB disconnect, device number 17
[  211.760274][ T5868] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  211.900168][ T5868] usb 5-1: device descriptor read/64, error -71
[  211.941422][ T5819] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  212.171848][ T5868] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  212.195131][ T5819] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  212.261830][ T5819] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  212.321418][ T5819] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  212.340088][ T5868] usb 5-1: device descriptor read/64, error -71
[  212.354921][ T5819] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  212.413423][ T5819] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  212.431044][ T5819] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.450967][ T5868] usb usb5-port1: attempt power cycle
[  212.469207][ T5819] usb 2-1: config 0 descriptor??
[  212.490889][ T7572] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  212.655520][ T7587] dccp_close: ABORT with 36 bytes unread
[  212.726286][ T7572] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  212.735326][ T7572] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  212.953391][ T5819] plantronics 0003:047F:FFFF.0006: unknown main item tag 0xd
[  212.963221][ T5868] usb 5-1: new full-speed USB device number 13 using dummy_hcd
[  212.969719][ T5819] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  213.030039][ T5868] usb 5-1: device descriptor read/8, error -71
[  213.107319][ T5819] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  213.246878][ T5819] usb 2-1: USB disconnect, device number 10
[  213.280117][ T5868] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  213.343184][ T5868] usb 5-1: device descriptor read/8, error -71
[  213.561143][ T5868] usb usb5-port1: unable to enumerate USB device
[  214.460402][ T5899] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  214.762538][ T5899] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  214.773927][ T5899] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  214.788683][ T5899] usb 3-1: New USB device found, idVendor=0404, idProduct=2801, bcdDevice= 0.00
[  214.800070][ T5899] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.836076][ T5899] usb 3-1: config 0 descriptor??
[  214.847367][ T5899] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  216.234860][ T7615] smk_cipso_doi:693 remove rc = -2
[  216.240788][ T7615] smk_cipso_doi:706 cipso add rc = -17
[  216.868268][ T7635] FAULT_INJECTION: forcing a failure.
[  216.868268][ T7635] name failslab, interval 1, probability 0, space 0, times 0
[  216.881778][ T7635] CPU: 1 UID: 0 PID: 7635 Comm: syz.3.459 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[  216.892600][ T7635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  216.902773][ T7635] Call Trace:
[  216.906076][ T7635]  <TASK>
[  216.909037][ T7635]  dump_stack_lvl+0x241/0x360
[  216.913780][ T7635]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.919021][ T7635]  ? __pfx__printk+0x10/0x10
[  216.923652][ T7635]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  216.929672][ T7635]  ? __pfx___might_resched+0x10/0x10
[  216.935006][ T7635]  should_fail_ex+0x3b0/0x4e0
[  216.939725][ T7635]  should_failslab+0xac/0x100
[  216.944538][ T7635]  kmem_cache_alloc_node_noprof+0x77/0x380
[  216.950379][ T7635]  ? __alloc_skb+0x1c3/0x440
[  216.955011][ T7635]  __alloc_skb+0x1c3/0x440
[  216.959501][ T7635]  ? l2tp_session_get_by_ifname+0x3c8/0x450
[  216.965437][ T7635]  ? __pfx___alloc_skb+0x10/0x10
[  216.970407][ T7635]  ? l2tp_nl_session_get+0x85/0x230
[  216.975638][ T7635]  ? l2tp_nl_cmd_session_modify+0x6e/0x630
[  216.981472][ T7635]  l2tp_nl_cmd_session_modify+0x3d6/0x630
[  216.987210][ T7635]  ? __pfx_l2tp_nl_cmd_session_modify+0x10/0x10
[  216.993552][ T7635]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  216.999905][ T7635]  genl_rcv_msg+0xb14/0xec0
[  217.004438][ T7635]  ? __pfx_genl_rcv_msg+0x10/0x10
[  217.009502][ T7635]  ? __pfx_lock_acquire+0x10/0x10
[  217.014532][ T7635]  ? __pfx_l2tp_nl_cmd_session_modify+0x10/0x10
[  217.020962][ T7635]  ? __pfx___might_resched+0x10/0x10
[  217.026267][ T7635]  netlink_rcv_skb+0x1e3/0x430
[  217.031038][ T7635]  ? __pfx_genl_rcv_msg+0x10/0x10
[  217.036074][ T7635]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  217.041371][ T7635]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  217.046847][ T7635]  genl_rcv+0x28/0x40
[  217.050836][ T7635]  netlink_unicast+0x7f6/0x990
[  217.055621][ T7635]  ? __pfx_netlink_unicast+0x10/0x10
[  217.061093][ T7635]  ? __virt_addr_valid+0x45f/0x530
[  217.066213][ T7635]  ? __phys_addr_symbol+0x2f/0x70
[  217.071246][ T7635]  ? __check_object_size+0x47a/0x730
[  217.076547][ T7635]  netlink_sendmsg+0x8e4/0xcb0
[  217.081445][ T7635]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.086776][ T7635]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.092159][ T7635]  __sock_sendmsg+0x221/0x270
[  217.096864][ T7635]  ____sys_sendmsg+0x52a/0x7e0
[  217.101650][ T7635]  ? __pfx_____sys_sendmsg+0x10/0x10
[  217.106944][ T7635]  ? __fget_files+0x2a/0x410
[  217.111544][ T7635]  ? __fget_files+0x2a/0x410
[  217.116148][ T7635]  __sys_sendmsg+0x269/0x350
[  217.120748][ T7635]  ? __pfx_lock_release+0x10/0x10
[  217.125783][ T7635]  ? __pfx___sys_sendmsg+0x10/0x10
[  217.130944][ T7635]  ? __pfx_vfs_write+0x10/0x10
[  217.135828][ T7635]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  217.142255][ T7635]  ? do_syscall_64+0x100/0x230
[  217.147038][ T7635]  ? do_syscall_64+0xb6/0x230
[  217.151731][ T7635]  do_syscall_64+0xf3/0x230
[  217.156333][ T7635]  ? clear_bhb_loop+0x35/0x90
[  217.161021][ T7635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.167107][ T7635] RIP: 0033:0x7fcbda585d19
[  217.171536][ T7635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.191158][ T7635] RSP: 002b:00007fcbdb3f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.199588][ T7635] RAX: ffffffffffffffda RBX: 00007fcbda775fa0 RCX: 00007fcbda585d19
[  217.207573][ T7635] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  217.215732][ T7635] RBP: 00007fcbdb3f9090 R08: 0000000000000000 R09: 0000000000000000
[  217.223734][ T7635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.231783][ T7635] R13: 0000000000000000 R14: 00007fcbda775fa0 R15: 00007fffc262f328
[  217.239783][ T7635]  </TASK>
[  217.251112][   T25] usb 3-1: USB disconnect, device number 8
[  218.245266][ T5868] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  219.200966][ T5868] usb 5-1: device descriptor read/64, error -71
[  219.382495][ T7663] smk_cipso_doi:693 remove rc = -2
[  219.389496][ T7663] smk_cipso_doi:706 cipso add rc = -17
[  219.590178][ T5868] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  219.795580][ T7670] tap0: tun_chr_ioctl cmd 35111
[  219.831918][ T7672] hugetlbfs: syz.3.473 (7672): Using mlock ulimits for SHM_HUGETLB is obsolete
[  219.840217][ T5868] usb 5-1: device descriptor read/64, error -71
[  219.890977][ T5819] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  219.960430][ T5868] usb usb5-port1: attempt power cycle
[  220.043196][ T7679] mkiss: ax0: crc mode is auto.
[  220.070554][ T5819] usb 3-1: Using ep0 maxpacket: 32
[  220.136802][ T5819] usb 3-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  220.149888][ T5819] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.160385][ T5819] usb 3-1: Product: syz
[  220.164710][ T5819] usb 3-1: Manufacturer: syz
[  220.169640][ T5819] usb 3-1: SerialNumber: syz
[  220.279710][ T5819] usb 3-1: config 0 descriptor??
[  220.395480][ T7685] 9pnet_fd: Insufficient options for proto=fd
[  221.180140][ T5868] usb 5-1: new full-speed USB device number 17 using dummy_hcd
[  221.446451][ T5819] airspy 3-1:0.0: usb_control_msg() failed -32 request 0a
[  221.476552][ T5819] airspy 3-1:0.0: Could not detect board
[  221.482400][ T5868] usb 5-1: device not accepting address 17, error -71
[  221.504354][ T5819] airspy 3-1:0.0: probe with driver airspy failed with error -32
[  222.733466][ T7710] smk_cipso_doi:693 remove rc = -2
[  222.739463][ T7710] smk_cipso_doi:706 cipso add rc = -17
[  223.832943][   T25] usb 3-1: USB disconnect, device number 9
[  224.000869][ T5867] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  224.190284][ T5867] usb 2-1: device descriptor read/64, error -71
[  225.761736][ T5867] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  225.986330][ T7754] ceph: Bad value for 'source'
[  226.151250][ T5867] usb 2-1: device descriptor read/64, error -71
[  226.195400][ T7765] netlink: 'syz.0.500': attribute type 21 has an invalid length.
[  226.214065][ T7765] netlink: 132 bytes leftover after parsing attributes in process `syz.0.500'.
[  226.260991][ T5867] usb usb2-port1: attempt power cycle
[  229.204355][ T7809] veth1: entered promiscuous mode
[  229.379434][ T7789] veth1: left promiscuous mode
[  230.340203][ T5868] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  230.490829][ T5868] usb 3-1: device descriptor read/64, error -71
[  230.704328][ T7839] netlink: 92 bytes leftover after parsing attributes in process `syz.3.521'.
[  230.730991][ T5868] usb 3-1: new full-speed USB device number 11 using dummy_hcd
[  231.040090][ T5868] usb 3-1: device descriptor read/64, error -71
[  231.170319][ T5868] usb usb3-port1: attempt power cycle
[  231.590221][ T5868] usb 3-1: new full-speed USB device number 12 using dummy_hcd
[  231.612238][ T5868] usb 3-1: device descriptor read/8, error -71
[  231.854687][ T5868] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[  231.880752][ T5868] usb 3-1: device descriptor read/8, error -71
[  232.000483][ T5868] usb usb3-port1: unable to enumerate USB device
[  233.248958][ T7872] block nbd2: NBD_DISCONNECT
[  233.517859][    T9] usb 1-1: new full-speed USB device number 18 using dummy_hcd
[  233.527031][ T7869] overlayfs: failed to resolve './file0': -2
[  233.561054][ T7880] veth1: entered promiscuous mode
[  234.109129][ T7874] veth1: left promiscuous mode
[  234.182338][    T9] usb 1-1: not running at top speed; connect to a high speed hub
[  234.192323][    T9] usb 1-1: config 1 interface 0 altsetting 145 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[  234.229346][    T9] usb 1-1: config 1 interface 0 altsetting 145 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  234.305988][    T9] usb 1-1: config 1 interface 0 has no altsetting 0
[  234.326337][    T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  234.337100][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.348462][    T9] usb 1-1: Product: syz
[  234.362200][    T9] usb 1-1: Manufacturer: syz
[  234.369625][    T9] usb 1-1: SerialNumber: syz
[  234.402385][ T7877] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  235.391337][ T7896] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  235.543424][ T7896] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  236.235556][ T7906] smk_cipso_doi:693 remove rc = -2
[  236.241547][ T7906] smk_cipso_doi:706 cipso add rc = -17
[  237.411891][    T9] usb 1-1: USB disconnect, device number 18
[  237.593718][ T5867] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[  237.893794][ T5867] usb 3-1: device descriptor read/64, error -71
[  238.175630][ T7929] veth1: entered promiscuous mode
[  238.624938][ T7920] veth1: left promiscuous mode
[  238.845646][ T5867] usb 3-1: new full-speed USB device number 15 using dummy_hcd
[  239.153452][ T7936] FAULT_INJECTION: forcing a failure.
[  239.153452][ T7936] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.166817][ T7936] CPU: 0 UID: 0 PID: 7936 Comm: syz.4.547 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[  239.177451][ T7936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  239.187615][ T7936] Call Trace:
[  239.191001][ T7936]  <TASK>
[  239.194042][ T7936]  dump_stack_lvl+0x241/0x360
[  239.198785][ T7936]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.204026][ T7936]  ? __pfx__printk+0x10/0x10
[  239.208680][ T7936]  ? snprintf+0xda/0x120
[  239.212978][ T7936]  should_fail_ex+0x3b0/0x4e0
[  239.217691][ T7936]  _copy_to_user+0x31/0xb0
[  239.222235][ T7936]  simple_read_from_buffer+0xca/0x150
[  239.227648][ T7936]  proc_fail_nth_read+0x1e9/0x250
[  239.232714][ T7936]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  239.238301][ T7936]  ? rw_verify_area+0x568/0x6f0
[  239.243189][ T7936]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  239.248765][ T7936]  vfs_read+0x1fc/0xb70
[  239.252965][ T7936]  ? do_sock_setsockopt+0x3e2/0x720
[  239.258211][ T7936]  ? __pfx_vfs_read+0x10/0x10
[  239.262907][ T7936]  ? do_sys_openat2+0x17a/0x1d0
[  239.267773][ T7936]  ? __pfx_ax25_setsockopt+0x10/0x10
[  239.273063][ T7936]  ? do_sock_setsockopt+0x3e2/0x720
[  239.278277][ T7936]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  239.283836][ T7936]  ksys_read+0x18f/0x2b0
[  239.288087][ T7936]  ? __pfx_ksys_read+0x10/0x10
[  239.292868][ T7936]  ? do_syscall_64+0x100/0x230
[  239.297740][ T7936]  ? do_syscall_64+0xb6/0x230
[  239.302424][ T7936]  do_syscall_64+0xf3/0x230
[  239.306952][ T7936]  ? clear_bhb_loop+0x35/0x90
[  239.311641][ T7936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.317573][ T7936] RIP: 0033:0x7f306938472c
[  239.322022][ T7936] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  239.342398][ T7936] RSP: 002b:00007f306a189030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  239.350932][ T7936] RAX: ffffffffffffffda RBX: 00007f3069575fa0 RCX: 00007f306938472c
[  239.358913][ T7936] RDX: 000000000000000f RSI: 00007f306a1890a0 RDI: 0000000000000003
[  239.366890][ T7936] RBP: 00007f306a189090 R08: 0000000000000000 R09: 0000000000000000
[  239.374874][ T7936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.382886][ T7936] R13: 0000000000000000 R14: 00007f3069575fa0 R15: 00007ffea70d50f8
[  239.390896][ T7936]  </TASK>
[  239.394030][    C0] vkms_vblank_simulate: vblank timer overrun
[  239.400118][ T5867] usb 3-1: device descriptor read/64, error -71
[  239.511563][ T5867] usb usb3-port1: attempt power cycle
[  239.933328][ T5867] usb 3-1: new full-speed USB device number 16 using dummy_hcd
[  240.065264][ T7946] SET target dimension over the limit!
[  240.118029][ T7946] netlink: 12 bytes leftover after parsing attributes in process `syz.4.549'.
[  240.189065][ T5867] usb 3-1: device descriptor read/8, error -71
[  245.777708][ T7980] veth1: entered promiscuous mode
[  245.954532][ T7973] veth1: left promiscuous mode
[  245.961621][ T5867] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  247.013687][    T9] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[  247.160195][    T9] usb 4-1: device descriptor read/64, error -71
[  247.400349][    T9] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  247.640352][    T9] usb 4-1: device descriptor read/64, error -71
[  247.950448][    T9] usb usb4-port1: attempt power cycle
[  248.766136][ T8019] veth1: entered promiscuous mode
[  248.784730][ T5870] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  248.830241][    T9] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[  248.964298][    T9] usb 4-1: device descriptor read/8, error -71
[  249.217445][ T8016] veth1: left promiscuous mode
[  249.250035][ T5870] usb 1-1: Using ep0 maxpacket: 32
[  249.261291][ T5870] usb 1-1: config 0 interface 0 has no altsetting 0
[  250.169490][ T5870] usb 1-1: New USB device found, idVendor=0a5c, idProduct=2033, bcdDevice=39.2b
[  250.179008][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.189988][ T5870] usb 1-1: Product: syz
[  250.195711][ T5870] usb 1-1: Manufacturer: syz
[  250.200943][ T5870] usb 1-1: SerialNumber: syz
[  250.213643][ T5870] usb 1-1: config 0 descriptor??
[  250.285625][ T5870] usb 1-1: Direct firmware load for BCM2033-MD.hex failed with error -2
[  250.312717][ T5870] usb 1-1: Falling back to sysfs fallback for: BCM2033-MD.hex
[  250.720063][ T8012] netlink: 10 bytes leftover after parsing attributes in process `syz.0.563'.
[  250.928243][ T8012] binder: Binderfs stats mode cannot be changed during a remount
[  252.250105][    T9] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  252.304971][   T29] audit: type=1326 audit(1734439322.432:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8059 comm="syz.2.584" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f107b385d19 code=0x0
[  252.840634][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  252.859997][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  252.935524][    T9] usb 4-1: New USB device found, idVendor=0404, idProduct=2801, bcdDevice= 0.00
[  253.248015][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.269238][    T9] usb 4-1: config 0 descriptor??
[  253.280752][    T9] usb 4-1: can't set config #0, error -71
[  253.306362][    T9] usb 4-1: USB disconnect, device number 13
[  253.577626][ T8068] smk_cipso_doi:693 remove rc = -2
[  253.583166][ T8068] smk_cipso_doi:706 cipso add rc = -17
[  255.044514][ T8075] vivid-000: kernel_thread() failed
[  255.502417][ T8089] netlink: 32 bytes leftover after parsing attributes in process `syz.3.593'.
[  255.536305][ T8089] netlink: 32 bytes leftover after parsing attributes in process `syz.3.593'.
[  255.645516][ T8089] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  255.678215][ T8089] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  255.715718][ T8089] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  255.741031][ T8089] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  255.781274][ T8089] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  255.789317][ T8089] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  255.804976][ T8089] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  255.816745][ T8089] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  255.826376][ T8089] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  255.839248][ T8089] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  255.964728][ T8107] fuse: Bad value for 'fd'
[  256.052134][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  256.061007][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  256.714301][ T8119] veth1: entered promiscuous mode
[  257.252591][ T8114] veth1: left promiscuous mode
[  257.690120][ T5131] Bluetooth: hci0: command 0x0406 tx timeout
[  257.729885][ T5867] usb 3-1: new full-speed USB device number 18 using dummy_hcd
[  257.734161][ T8128] smk_cipso_doi:693 remove rc = -2
[  257.749328][ T8128] smk_cipso_doi:706 cipso add rc = -17
[  257.830717][ T5131] Bluetooth: hci1: command 0x0406 tx timeout
[  257.850471][ T5131] Bluetooth: hci4: command 0x0406 tx timeout
[  257.858948][ T5131] Bluetooth: hci3: command 0x0406 tx timeout
[  257.865430][ T5820] Bluetooth: hci2: command 0x0406 tx timeout
[  257.971661][ T5867] usb 3-1: config 4 has an invalid interface number: 231 but max is 0
[  258.062130][ T5867] usb 3-1: config 4 has no interface number 0
[  258.193962][ T5867] usb 3-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  258.352399][ T5867] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.370098][ T5867] usb 3-1: Product: syz
[  258.380776][ T5867] usb 3-1: Manufacturer: syz
[  258.396526][ T5867] usb 3-1: SerialNumber: syz
[  258.425591][ T5867] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  258.847354][ T5867] vp7045: USB control message 'in' went wrong.
[  258.854431][ T5867] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  258.869192][ T5867] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  259.089434][ T5819] usb 3-1: USB disconnect, device number 18
[  259.785883][ T5830] Bluetooth: hci0: command 0x0406 tx timeout
[  259.850190][ T5830] Bluetooth: hci1: command 0x0406 tx timeout
[  259.894091][ T8137] fuse: Bad value for 'fd'
[  259.894091][ T8156] fuse: Bad value for 'fd'
[  259.930104][ T5820] Bluetooth: hci3: command 0x0406 tx timeout
[  259.936638][ T5820] Bluetooth: hci4: command 0x0406 tx timeout
[  259.943805][ T5830] Bluetooth: hci2: command 0x0406 tx timeout
[  260.499698][ T8162] SET target dimension over the limit!
[  260.508222][ T5830] Bluetooth: hci3: unexpected event for opcode 0x1002
[  261.345995][ T8162] netlink: 12 bytes leftover after parsing attributes in process `syz.3.613'.
[  261.634738][ T8178] smk_cipso_doi:693 remove rc = -2
[  261.640129][ T8178] smk_cipso_doi:706 cipso add rc = -17
[  261.821146][ T8183] tipc: Can't bind to reserved service type 0
[  261.830397][ T5868] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  262.026191][ T5868] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  262.289687][ T5868] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  262.343919][ T5868] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  262.374705][ T5868] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  262.454383][ T5868] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  262.486640][ T5868] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.550618][ T5868] usb 5-1: config 0 descriptor??
[  262.714050][ T5131] Bluetooth: hci5: sending frame failed (-49)
[  262.723526][ T5830] Bluetooth: hci5: Opcode 0x1003 failed: -49
[  262.830118][    T9] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  262.913217][ T8202] netlink: 8 bytes leftover after parsing attributes in process `syz.1.623'.
[  262.929521][ T8202] netlink: 8 bytes leftover after parsing attributes in process `syz.1.623'.
[  262.980794][ T5868] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  262.991935][ T5868] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving
[  263.000137][    T9] usb 3-1: device descriptor read/64, error -71
[  263.986115][ T5868] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  264.111909][    T9] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  264.340173][ T5819] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  264.581642][ T5830] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  264.593448][ T5830] Bluetooth: hci3: Injecting HCI hardware error event
[  264.610737][ T5131] Bluetooth: hci3: hardware error 0x00
[  264.625208][ T5819] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  264.655821][ T5868] usb 5-1: USB disconnect, device number 20
[  264.736591][ T5819] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  264.750902][ T5819] usb 2-1: New USB device found, idVendor=0404, idProduct=2801, bcdDevice= 0.00
[  264.760890][ T5819] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.772662][ T5819] usb 2-1: config 0 descriptor??
[  264.782167][ T5819] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  264.850095][    T9] usb 3-1: device descriptor read/64, error -71
[  265.009698][    T9] usb usb3-port1: attempt power cycle
[  265.360239][    T9] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  265.661650][ T8220] vivid-000: kernel_thread() failed
[  265.970173][ T8225] vivid-000: =================  START STATUS  =================
[  265.980114][ T8225] vivid-000: Generate PTS: true
[  265.986019][ T8225] vivid-000: Generate SCR: true
[  266.025892][ T8225] tpg source WxH: 320x180 (R'G'B)
[  266.031334][ T8225] tpg field: 1
[  266.035790][ T8225] tpg crop: 320x180@0x0
[  266.041448][ T8225] tpg compose: 320x180@0x0
[  266.052224][    T9] usb 3-1: device descriptor read/8, error -71
[  266.055312][ T8225] tpg colorspace: 8
[  266.095198][ T8225] tpg transfer function: 0/2
[  266.105011][ T8225] tpg quantization: 0/1
[  266.113320][ T8225] tpg RGB range: 0/2
[  266.400604][ T8225] vivid-000: ==================  END STATUS  ==================
[  266.512421][ T5868] usb 2-1: USB disconnect, device number 14
[  266.690885][ T5131] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  270.338878][ T8263] netlink: 20 bytes leftover after parsing attributes in process `syz.1.640'.
[  271.185566][ T5918] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  271.215055][    T9] usb 4-1: new full-speed USB device number 14 using dummy_hcd
[  271.598053][ T5918] usb 5-1: Using ep0 maxpacket: 8
[  271.610524][ T5918] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  271.621995][    T9] usb 4-1: config 4 has an invalid interface number: 231 but max is 0
[  271.630462][    T9] usb 4-1: config 4 has no interface number 0
[  271.644306][ T5918] usb 5-1: New USB device found, idVendor=0fe9, idProduct=db59, bcdDevice=d3.dd
[  271.654663][ T5918] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.664361][    T9] usb 4-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  271.691191][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.706861][ T5918] usb 5-1: Product: syz
[  272.071974][ T5899] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  272.302243][    T9] usb 4-1: Product: syz
[  272.307039][    T9] usb 4-1: Manufacturer: syz
[  272.319284][ T5918] usb 5-1: Manufacturer: syz
[  272.330200][ T5918] usb 5-1: SerialNumber: syz
[  272.336171][    T9] usb 4-1: SerialNumber: syz
[  272.348387][ T5918] usb 5-1: config 0 descriptor??
[  272.375375][ T5918] usb 5-1: can't set config #0, error -71
[  272.384027][ T5918] usb 5-1: USB disconnect, device number 21
[  272.402003][    T9] usb 4-1: can't set config #4, error -71
[  272.419121][    T9] usb 4-1: USB disconnect, device number 14
[  272.493418][ T8285] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  272.503191][ T8285] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  272.516620][ T5899] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  272.530902][ T5899] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  272.545187][ T5899] usb 3-1: New USB device found, idVendor=0404, idProduct=2801, bcdDevice= 0.00
[  272.557042][ T5899] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.570919][ T5899] usb 3-1: config 0 descriptor??
[  272.580386][ T5899] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  272.960166][    T9] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  273.125817][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  273.137847][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  273.149815][    T9] usb 4-1: New USB device found, idVendor=1532, idProduct=011d, bcdDevice= 0.00
[  273.160657][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.178088][    T9] usb 4-1: config 0 descriptor??
[  273.854055][    T9] hid-rmi 0003:1532:011D.0008: unbalanced delimiter at end of report description
[  274.174195][    T9] hid-rmi 0003:1532:011D.0008: parse failed
[  274.209766][    T9] hid-rmi 0003:1532:011D.0008: probe with driver hid-rmi failed with error -22
[  274.246134][    T9] usb 4-1: USB disconnect, device number 15
[  274.306733][ T5918] usb 3-1: USB disconnect, device number 23
[  274.354666][ T8301] netlink: 8 bytes leftover after parsing attributes in process `syz.4.651'.
[  274.378685][ T8301] netlink: 8 bytes leftover after parsing attributes in process `syz.4.651'.
[  274.503187][ T8301] dummy0: entered promiscuous mode
[  275.529159][ T8313] netlink: 20 bytes leftover after parsing attributes in process `syz.4.654'.
[  276.673773][ T8333] netlink: 20 bytes leftover after parsing attributes in process `syz.1.660'.
[  277.609757][   T95] IPVS: starting estimator thread 0...
[  278.063537][ T8336] IPVS: using max 20 ests per chain, 48000 per kthread
[  278.530159][    T9] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  279.450255][ T5918] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  279.604692][    T9] usb 4-1: device not accepting address 16, error -71
[  279.628121][ T5918] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  279.654958][ T5918] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  280.366267][   T25] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  280.366362][ T5918] usb 3-1: New USB device found, idVendor=0404, idProduct=2801, bcdDevice= 0.00
[  280.386128][ T5918] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.411076][ T5918] usb 3-1: config 0 descriptor??
[  280.422928][ T5918] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  280.520087][   T25] usb 5-1: device descriptor read/64, error -71
[  280.770346][   T25] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  280.850335][ T8376] capability: warning: `syz.1.672' uses 32-bit capabilities (legacy support in use)
[  280.930766][   T25] usb 5-1: device descriptor read/64, error -71
[  281.042834][   T25] usb usb5-port1: attempt power cycle
[  281.131011][ T5868] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  281.705835][ T5899] usb 3-1: USB disconnect, device number 24
[  281.728634][ T5868] usb 2-1: config 64 has an invalid interface number: 184 but max is 0
[  281.772021][ T5868] usb 2-1: config 64 has an invalid descriptor of length 36, skipping remainder of the config
[  281.803677][ T8380] FAULT_INJECTION: forcing a failure.
[  281.803677][ T8380] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  281.819799][ T5868] usb 2-1: config 64 has no interface number 0
[  281.827713][ T5868] usb 2-1: config 64 interface 184 altsetting 6 has an invalid descriptor for endpoint zero, skipping
[  281.830728][ T8380] CPU: 0 UID: 0 PID: 8380 Comm: syz.4.673 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[  281.841777][ T5868] usb 2-1: config 64 interface 184 altsetting 6 endpoint 0x88 has invalid maxpacket 55457, setting to 64
[  281.850407][ T8380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  281.850431][ T8380] Call Trace:
[  281.850442][ T8380]  <TASK>
[  281.850452][ T8380]  dump_stack_lvl+0x241/0x360
[  281.850488][ T8380]  ? __pfx_dump_stack_lvl+0x10/0x10
[  281.850512][ T8380]  ? __pfx__printk+0x10/0x10
[  281.850537][ T8380]  ? __pfx_lock_release+0x10/0x10
[  281.850553][ T8380]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  281.850575][ T8380]  ? get_synthdev+0x117/0x2c0
[  281.850594][ T8380]  should_fail_ex+0x3b0/0x4e0
[  281.850617][ T8380]  _copy_from_user+0x2f/0xc0
[  281.863500][ T5868] usb 2-1: config 64 interface 184 has no altsetting 0
[  281.872686][ T8380]  snd_seq_oss_write+0x5a9/0xbb0
[  281.872721][ T8380]  ? mark_lock+0x9a/0x360
[  281.872754][ T8380]  ? __pfx_snd_seq_oss_write+0x10/0x10
[  281.872783][ T8380]  ? bpf_lsm_file_permission+0x9/0x10
[  281.872807][ T8380]  ? security_file_permission+0x74/0x280
[  281.872833][ T8380]  odev_write+0x5b/0x80
[  281.872853][ T8380]  ? __pfx_odev_write+0x10/0x10
[  281.872876][ T8380]  vfs_write+0x2a3/0xd30
[  281.872914][ T8380]  ? __pfx_vfs_write+0x10/0x10
[  281.872937][ T8380]  ? __fget_files+0x2a/0x410
[  281.872956][ T8380]  ? __fget_files+0x395/0x410
[  281.872971][ T8380]  ? __fget_files+0x2a/0x410
[  281.872992][ T8380]  ksys_write+0x18f/0x2b0
[  281.873015][ T8380]  ? __pfx_ksys_write+0x10/0x10
[  281.873036][ T8380]  ? do_syscall_64+0x100/0x230
[  281.889991][ T5868] usb 2-1: New USB device found, idVendor=067b, idProduct=331a, bcdDevice=b2.a8
[  281.890600][ T8380]  ? do_syscall_64+0xb6/0x230
[  281.895560][ T5868] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.900559][ T8380]  do_syscall_64+0xf3/0x230
[  281.900604][ T8380]  ? clear_bhb_loop+0x35/0x90
[  281.900652][ T8380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.900680][ T8380] RIP: 0033:0x7f3069385d19
[  281.900700][ T8380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.900717][ T8380] RSP: 002b:00007f306a189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  281.900737][ T8380] RAX: ffffffffffffffda RBX: 00007f3069575fa0 RCX: 00007f3069385d19
[  281.900750][ T8380] RDX: 0000000000000234 RSI: 00000000200006c0 RDI: 0000000000000003
[  281.900763][ T8380] RBP: 00007f306a189090 R08: 0000000000000000 R09: 0000000000000000
[  281.907679][ T5868] usb 2-1: Product: syz
[  281.912400][ T8380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  281.912423][ T8380] R13: 0000000000000000 R14: 00007f3069575fa0 R15: 00007ffea70d50f8
[  281.912448][ T8380]  </TASK>
[  282.088595][    C1] vkms_vblank_simulate: vblank timer overrun
[  282.170098][ T5868] usb 2-1: Manufacturer: syz
[  282.175399][ T5868] usb 2-1: SerialNumber: syz
[  282.200427][ T8376] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  282.531145][   T25] usb usb5-port1: Cannot enable. Maybe the USB cable is bad?
[  282.690027][   T25] usb 5-1: new full-speed USB device number 25 using dummy_hcd
[  282.746589][   T25] usb 5-1: config 4 has an invalid interface number: 231 but max is 0
[  283.072775][   T25] usb 5-1: config 4 has no interface number 0
[  283.105730][   T25] usb 5-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  283.120024][ T5868] pl2303 2-1:64.184: required endpoints missing
[  283.151180][ T5868] usb 2-1: USB disconnect, device number 15
[  283.869849][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.900963][   T25] usb 5-1: Product: syz
[  283.910417][   T25] usb 5-1: Manufacturer: syz
[  283.915795][   T25] usb 5-1: SerialNumber: syz
[  284.072896][   T25] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  284.835268][   T25] vp7045: USB control message 'in' went wrong.
[  284.841825][   T25] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  284.853994][   T25] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  285.020176][   T95] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  285.102746][ T5868] usb 5-1: USB disconnect, device number 25
[  286.084338][   T95] usb 2-1: device descriptor read/64, error -71
[  286.680023][   T95] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  286.974104][   T95] usb 2-1: device descriptor read/64, error -71
[  287.566603][ T8434] veth1: entered promiscuous mode
[  287.573254][ T8433] veth1: left promiscuous mode
[  287.781131][   T95] usb usb2-port1: attempt power cycle
[  288.273911][ T8446] x_tables: duplicate underflow at hook 2
[  290.109946][ T5868] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[  290.933551][ T8478] veth1: entered promiscuous mode
[  290.937611][ T8477] veth1: left promiscuous mode
[  291.093074][ T5868] usb 4-1: config 4 has an invalid interface number: 231 but max is 0
[  291.093107][ T5868] usb 4-1: config 4 has no interface number 0
[  291.101187][ T5868] usb 4-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  291.101225][ T5868] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.101248][ T5868] usb 4-1: Product: syz
[  291.101264][ T5868] usb 4-1: Manufacturer: syz
[  291.101281][ T5868] usb 4-1: SerialNumber: syz
[  291.116501][ T5868] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  291.565396][ T8489] netlink: 20 bytes leftover after parsing attributes in process `syz.1.703'.
[  292.242334][ T5868] vp7045: USB control message 'in' went wrong.
[  292.242384][ T5868] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  292.242411][ T5868] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  293.040938][ T5918] usb 4-1: USB disconnect, device number 18
[  294.601076][ T8512] netlink: 156 bytes leftover after parsing attributes in process `syz.3.708'.
[  296.255103][ T8523] netlink: 8 bytes leftover after parsing attributes in process `syz.0.710'.
[  297.731285][ T8535] lo speed is unknown, defaulting to 1000
[  297.749958][ T8535] lo speed is unknown, defaulting to 1000
[  297.760925][ T8535] lo speed is unknown, defaulting to 1000
[  297.927441][ T8532] lo speed is unknown, defaulting to 1000
[  297.933351][ T8532] lo speed is unknown, defaulting to 1000
[  297.939542][ T8532] lo speed is unknown, defaulting to 1000
[  297.953632][ T8532] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  297.978395][ T8536] »»»»»»: renamed from lo (while UP)
[  298.016476][ T8532] »»»»»» speed is unknown, defaulting to 1000
[  298.024934][ T8532] »»»»»» speed is unknown, defaulting to 1000
[  298.032322][ T8532] »»»»»» speed is unknown, defaulting to 1000
[  298.039651][ T8532] »»»»»» speed is unknown, defaulting to 1000
[  298.047491][ T8532] »»»»»» speed is unknown, defaulting to 1000
[  298.054231][ T8535] infiniband s
z1: set active
[  298.059389][ T8535] infiniband s
z1: added »»»»»»
[  298.070601][   T95] »»»»»» speed is unknown, defaulting to 1000
[  298.169448][ T8535] RDS/IB: s
z1: added
[  298.174563][ T8535] smc: adding ib device s
z1 with port count 1
[  298.184084][ T8535] smc:    ib device s
z1 port 1 has pnetid 
[  298.191226][ T8535] »»»»»» speed is unknown, defaulting to 1000
[  298.258650][ T5866] »»»»»» speed is unknown, defaulting to 1000
[  298.310094][ T8535] »»»»»» speed is unknown, defaulting to 1000
[  298.573938][ T5918] usb 3-1: new full-speed USB device number 25 using dummy_hcd
[  298.629771][ T8535] »»»»»» speed is unknown, defaulting to 1000
[  298.688519][ T8535] »»»»»» speed is unknown, defaulting to 1000
[  298.745444][ T8535] »»»»»» speed is unknown, defaulting to 1000
[  299.644337][ T5918] usb 3-1: config 4 has an invalid interface number: 231 but max is 0
[  299.653941][ T5918] usb 3-1: config 4 has no interface number 0
[  299.663067][ T5918] usb 3-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  299.673003][ T5918] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  299.698191][ T5918] usb 3-1: Product: syz
[  299.703085][ T5918] usb 3-1: Manufacturer: syz
[  299.717218][ T5918] usb 3-1: SerialNumber: syz
[  299.770547][ T5918] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  299.778371][ T8561] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  299.786114][ T8561] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  299.809061][ T8561] vhci_hcd vhci_hcd.0: Device attached
[  299.821654][ T8566] vhci_hcd: cannot find the pending unlink 25363
[  299.829650][ T8561] macvlan2: mtu less than device minimum
[  299.861705][ T8566] vhci_hcd: connection closed
[  299.899349][ T7454] vhci_hcd: stop threads
[  299.914570][ T7454] vhci_hcd: release socket
[  299.933478][ T7454] vhci_hcd: disconnect device
[  300.164801][   T95] vhci_hcd: vhci_device speed not set
[  300.168505][ T5918] vp7045: USB control message 'in' went wrong.
[  300.200113][ T5918] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  300.216631][ T5918] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  300.855620][ T5899] usb 3-1: USB disconnect, device number 25
[  301.319305][ T8577] FAULT_INJECTION: forcing a failure.
[  301.319305][ T8577] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  301.348061][ T8577] CPU: 1 UID: 0 PID: 8577 Comm: syz.3.726 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[  301.358712][ T8577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  301.368799][ T8577] Call Trace:
[  301.372103][ T8577]  <TASK>
[  301.375061][ T8577]  dump_stack_lvl+0x241/0x360
[  301.379879][ T8577]  ? __pfx_dump_stack_lvl+0x10/0x10
[  301.385126][ T8577]  ? __pfx__printk+0x10/0x10
[  301.389761][ T8577]  ? __pfx_lock_release+0x10/0x10
[  301.394864][ T8577]  ? __lock_acquire+0x1397/0x2100
[  301.400022][ T8577]  should_fail_ex+0x3b0/0x4e0
[  301.404818][ T8577]  _copy_from_user+0x2f/0xc0
[  301.409420][ T8577]  kstrtouint_from_user+0xc6/0x190
[  301.414551][ T8577]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  301.420284][ T8577]  ? __pfx_lock_acquire+0x10/0x10
[  301.425329][ T8577]  proc_fail_nth_write+0xaa/0x2d0
[  301.430364][ T8577]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  301.436264][ T8577]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  301.441917][ T8577]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  301.447562][ T8577]  vfs_write+0x2a3/0xd30
[  301.451995][ T8577]  ? __pfx_vfs_write+0x10/0x10
[  301.456766][ T8577]  ? __fget_files+0x2a/0x410
[  301.461357][ T8577]  ? __fget_files+0x395/0x410
[  301.466038][ T8577]  ? __fget_files+0x2a/0x410
[  301.470634][ T8577]  ksys_write+0x18f/0x2b0
[  301.475062][ T8577]  ? __pfx_ksys_write+0x10/0x10
[  301.479921][ T8577]  ? do_syscall_64+0x100/0x230
[  301.484809][ T8577]  ? do_syscall_64+0xb6/0x230
[  301.489515][ T8577]  do_syscall_64+0xf3/0x230
[  301.494145][ T8577]  ? clear_bhb_loop+0x35/0x90
[  301.498851][ T8577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.504756][ T8577] RIP: 0033:0x7fcbda5847cf
[  301.509198][ T8577] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  301.528922][ T8577] RSP: 002b:00007fcbdb3f9030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  301.537478][ T8577] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcbda5847cf
[  301.545469][ T8577] RDX: 0000000000000001 RSI: 00007fcbdb3f90a0 RDI: 0000000000000003
[  301.553501][ T8577] RBP: 00007fcbdb3f9090 R08: 0000000000000000 R09: 0000000000000000
[  301.561477][ T8577] R10: ffff8880b860a000 R11: 0000000000000293 R12: 0000000000000001
[  301.569454][ T8577] R13: 0000000000000000 R14: 00007fcbda775fa0 R15: 00007fffc262f328
[  301.577443][ T8577]  </TASK>
[  301.625700][ T5866] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  301.961542][ T5866] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  301.964975][ T8586] warning: `syz.3.730' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  301.971257][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  302.020940][ T5866] usb 2-1: config 0 descriptor??
[  302.039096][ T5866] gspca_main: cpia1-2.14.0 probing 0813:0001
[  302.464286][ T5866] gspca_cpia1: usb_control_msg 03, error -32
[  302.474743][ T5866] cpia1 2-1:0.0: unexpected state after lo power cmd: d2
[  303.171583][ T8604] netlink: 20 bytes leftover after parsing attributes in process `syz.3.736'.
[  304.173387][ T8609] netlink: 20 bytes leftover after parsing attributes in process `syz.4.737'.
[  304.265275][ T5866] gspca_cpia1: usb_control_msg 02, error -110
[  304.271492][ T5866] cpia1 2-1:0.0: only firmware version 1 is supported (got: 210)
[  305.527196][    T9] usb 2-1: USB disconnect, device number 19
[  305.759238][ T8618] veth1: entered promiscuous mode
[  305.765898][ T8614] veth1: left promiscuous mode
[  306.051292][    T9] usb 2-1: new full-speed USB device number 20 using dummy_hcd
[  306.298339][    T9] usb 2-1: config 4 has an invalid interface number: 231 but max is 0
[  306.367814][    T9] usb 2-1: config 4 has no interface number 0
[  306.425537][    T9] usb 2-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  306.465573][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.511216][    T9] usb 2-1: Product: syz
[  306.515629][    T9] usb 2-1: Manufacturer: syz
[  306.550508][    T9] usb 2-1: SerialNumber: syz
[  306.744002][   T25] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  306.746039][    T9] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  306.950391][   T25] usb 3-1: device descriptor read/64, error -71
[  307.064657][ T8638] FAULT_INJECTION: forcing a failure.
[  307.064657][ T8638] name failslab, interval 1, probability 0, space 0, times 0
[  307.078052][ T8638] CPU: 0 UID: 0 PID: 8638 Comm: syz.3.745 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[  307.088689][ T8638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  307.098761][ T8638] Call Trace:
[  307.102043][ T8638]  <TASK>
[  307.104973][ T8638]  dump_stack_lvl+0x241/0x360
[  307.109657][ T8638]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.114860][ T8638]  ? __pfx__printk+0x10/0x10
[  307.119453][ T8638]  ? kmem_cache_alloc_noprof+0x48/0x380
[  307.125000][ T8638]  ? __pfx___might_resched+0x10/0x10
[  307.130298][ T8638]  should_fail_ex+0x3b0/0x4e0
[  307.134986][ T8638]  should_failslab+0xac/0x100
[  307.139674][ T8638]  ? security_file_alloc+0x32/0x310
[  307.144880][ T8638]  kmem_cache_alloc_noprof+0x70/0x380
[  307.156172][ T8638]  security_file_alloc+0x32/0x310
[  307.161202][ T8638]  init_file+0x91/0x280
[  307.165456][ T8638]  alloc_empty_file+0xb8/0x1d0
[  307.170230][ T8638]  path_openat+0x107/0x3590
[  307.174747][ T8638]  ? mark_lock+0x9a/0x360
[  307.179114][ T8638]  ? __pfx_stack_trace_save+0x10/0x10
[  307.184523][ T8638]  ? __lock_acquire+0x1397/0x2100
[  307.189606][ T8638]  ? __pfx_path_openat+0x10/0x10
[  307.194593][ T8638]  do_filp_open+0x27f/0x4e0
[  307.199232][ T8638]  ? __pfx_do_filp_open+0x10/0x10
[  307.204278][ T8638]  ? do_raw_spin_lock+0x14f/0x370
[  307.209344][ T8638]  do_sys_openat2+0x13e/0x1d0
[  307.214501][ T8638]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  307.220691][ T8638]  ? __pfx_do_sys_openat2+0x10/0x10
[  307.225940][ T8638]  ? __fget_files+0x2a/0x410
[  307.230550][ T8638]  __x64_sys_creat+0x123/0x170
[  307.235345][ T8638]  ? __pfx___x64_sys_creat+0x10/0x10
[  307.240646][ T8638]  ? do_syscall_64+0x100/0x230
[  307.245508][ T8638]  ? do_syscall_64+0xb6/0x230
[  307.250203][ T8638]  do_syscall_64+0xf3/0x230
[  307.254900][ T8638]  ? clear_bhb_loop+0x35/0x90
[  307.259587][ T8638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.265511][ T8638] RIP: 0033:0x7fcbda585d19
[  307.270230][ T8638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.291127][ T8638] RSP: 002b:00007fcbdb3f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  307.300294][ T8638] RAX: ffffffffffffffda RBX: 00007fcbda775fa0 RCX: 00007fcbda585d19
[  307.308385][ T8638] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200001c0
[  307.316458][ T8638] RBP: 00007fcbdb3f9090 R08: 0000000000000000 R09: 0000000000000000
[  307.324461][ T8638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.332461][ T8638] R13: 0000000000000000 R14: 00007fcbda775fa0 R15: 00007fffc262f328
[  307.340498][ T8638]  </TASK>
[  307.360908][ T8620] syzkaller1: entered promiscuous mode
[  307.366921][ T8620] syzkaller1: entered allmulticast mode
[  307.382494][ T8620] loop2: detected capacity change from 0 to 7
[  307.412700][    T9] vp7045: USB control message 'in' went wrong.
[  307.423152][    T9] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  307.435699][ T8620] Dev loop2: unable to read RDB block 7
[  307.441937][ T8620]  loop2: unable to read partition table
[  307.447856][    T9] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  307.477190][ T8620] loop2: partition table beyond EOD, truncated
[  307.511040][ T8620] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  307.530591][   T25] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  307.655324][    T9] usb 2-1: USB disconnect, device number 20
[  307.802930][   T25] usb 3-1: device descriptor read/64, error -71
[  307.923843][   T25] usb usb3-port1: attempt power cycle
[  308.251577][ T8664] netlink: 36 bytes leftover after parsing attributes in process `syz.1.752'.
[  308.262216][ T8664] bond0: entered allmulticast mode
[  308.267672][ T8664] bond_slave_0: entered allmulticast mode
[  308.276519][ T8664] bond_slave_1: entered allmulticast mode
[  308.294978][ T8664] netlink: 'syz.1.752': attribute type 10 has an invalid length.
[  308.344132][ T8664] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  308.362363][ T8664] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  308.455275][ T8664] netlink: 144 bytes leftover after parsing attributes in process `syz.1.752'.
[  308.470169][   T25] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  308.492233][   T25] usb 3-1: device descriptor read/8, error -71
[  308.732283][   T25] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  309.217612][ T8673] veth1: entered promiscuous mode
[  309.227577][ T8672] veth1: left promiscuous mode
[  309.241804][   T25] usb 3-1: device descriptor read/8, error -71
[  309.978712][   T25] usb usb3-port1: unable to enumerate USB device
[  310.249210][ T8691] netlink: 8 bytes leftover after parsing attributes in process `syz.2.760'.
[  310.579247][ T8687] smk_cipso_doi:693 remove rc = -2
[  310.585934][ T8687] smk_cipso_doi:706 cipso add rc = -17
[  310.835293][ T8702] netlink: 20 bytes leftover after parsing attributes in process `syz.1.765'.
[  312.300147][ T8709] veth1: entered promiscuous mode
[  312.509925][ T8708] veth1: left promiscuous mode
[  312.518959][ T5870] Bluetooth: Mini driver request failed
[  312.525766][ T5870] bcm203x 1-1:0.0: probe with driver bcm203x failed with error -5
[  312.542499][ T5870] usb 1-1: USB disconnect, device number 19
[  313.004237][ T5830] Bluetooth: hci4: command 0x0406 tx timeout
[  313.454096][ T8719] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  313.496959][ T8719] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[  316.063261][    T9] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  316.261126][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  316.282007][ T8762] netlink: 'syz.2.781': attribute type 10 has an invalid length.
[  316.318230][ T8762] team0: Port device netdevsim0 added
[  316.960075][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  316.974149][    T9] usb 1-1: New USB device found, idVendor=0404, idProduct=2801, bcdDevice= 0.00
[  316.983663][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.003581][ T8757] smk_cipso_doi:693 remove rc = -2
[  317.018022][    T9] usb 1-1: config 0 descriptor??
[  317.052412][    T9] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  317.183093][ T8757] smk_cipso_doi:706 cipso add rc = -17
[  317.461476][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  317.488337][ T8767] veth1: entered promiscuous mode
[  317.494863][ T8766] veth1: left promiscuous mode
[  317.500935][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  317.582262][ T8771] fuse: Unknown parameter 'fd­‰ýØPuÉÉùà'
[  317.714462][ T8771] kvm: emulating exchange as write
[  317.762496][   T29] audit: type=1326 audit(1734439387.892:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8769 comm="syz.3.785" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbda585d19 code=0x0
[  318.295735][ T5870] usb 1-1: USB disconnect, device number 20
[  323.877945][ T8815] binder: 8805:8815 ioctl 8933 200002c0 returned -22
[  324.499202][ T8825] xt_socket: unknown flags 0x50
[  325.693765][ T8836] binder: 8805:8836 ioctl 89f1 20000700 returned -22
[  326.299332][ T5866] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  326.656024][ T5866] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  326.666542][ T5866] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  326.694113][ T8846] netlink: 20 bytes leftover after parsing attributes in process `syz.1.801'.
[  327.557013][ T5866] usb 4-1: New USB device found, idVendor=0404, idProduct=2801, bcdDevice= 0.00
[  327.566211][ T5866] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  327.607513][ T5866] usb 4-1: config 0 descriptor??
[  327.627302][ T5866] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  328.009667][ T8856] netlink: 32 bytes leftover after parsing attributes in process `syz.0.805'.
[  328.149847][    T9] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  328.420291][    T9] usb 3-1: Using ep0 maxpacket: 16
[  328.439040][    T9] usb 3-1: config 0 has an invalid interface number: 98 but max is 0
[  328.505927][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  328.755492][    T9] usb 3-1: config 0 has no interface number 0
[  328.777695][    T9] usb 3-1: too many endpoints for config 0 interface 98 altsetting 125: 206, using maximum allowed: 30
[  328.815569][    T9] usb 3-1: config 0 interface 98 altsetting 125 has 0 endpoint descriptors, different from the interface descriptor's value: 206
[  328.911179][ T8863] syzkaller0: entered promiscuous mode
[  328.941519][    T9] usb 3-1: config 0 interface 98 has no altsetting 0
[  328.946103][ T8863] syzkaller0: entered allmulticast mode
[  328.955764][    T9] usb 3-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00
[  328.981347][ T5866] usb 4-1: USB disconnect, device number 19
[  328.988282][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.072781][    T9] usb 3-1: config 0 descriptor??
[  329.973978][    T9] usb 3-1: string descriptor 0 read error: -71
[  329.983677][    T9] usb 3-1: USB disconnect, device number 30
[  330.862131][ T5131] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  330.874181][ T5131] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  330.883523][ T5131] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  330.892314][ T5131] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  330.900049][ T5131] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  330.907455][ T5131] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  331.541089][ T5131] Bluetooth: hci4: command 0x0406 tx timeout
[  332.987315][ T5131] Bluetooth: hci5: command tx timeout
[  334.217831][ T8752] syz_tun (unregistering): left promiscuous mode
[  334.262040][ T8882] »»»»»» speed is unknown, defaulting to 1000
[  334.951201][ T8910] input: syz1 as /devices/virtual/input/input14
[  335.028597][ T8913] netlink: 24 bytes leftover after parsing attributes in process `syz.0.817'.
[  335.051579][ T5131] Bluetooth: hci5: command tx timeout
[  335.127425][ T8882] »»»»»» speed is unknown, defaulting to 1000
[  336.074837][ T8924] overlayfs: failed to resolve './file2': -2
[  336.205977][ T8882] chnl_net:caif_netlink_parms(): no params data found
[  337.140084][ T5131] Bluetooth: hci5: command tx timeout
[  337.237876][ T8939] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  337.271495][ T8945] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  337.837897][ T8945] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.865212][ T8945] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.927935][ T8945] bridge0: entered allmulticast mode
[  338.858847][ T8882] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.867115][ T8882] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.950225][ T5866] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  338.974398][ T8882] bridge_slave_0: entered allmulticast mode
[  339.115750][ T5866] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  339.133383][ T8882] bridge_slave_0: entered promiscuous mode
[  339.205808][ T8882] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.215766][ T5866] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  339.225635][ T5131] Bluetooth: hci5: command tx timeout
[  339.238218][ T5866] usb 2-1: New USB device found, idVendor=0404, idProduct=2801, bcdDevice= 0.00
[  339.239326][ T8882] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.247408][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.256337][ T8882] bridge_slave_1: entered allmulticast mode
[  339.270881][ T8882] bridge_slave_1: entered promiscuous mode
[  339.302903][ T5866] usb 2-1: config 0 descriptor??
[  339.409938][ T8963] netlink: 32 bytes leftover after parsing attributes in process `syz.0.829'.
[  340.271500][ T5866] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  340.382792][ T8882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  340.395073][ T8882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  340.491247][ T8882] team0: Port device team_slave_0 added
[  340.518999][ T8882] team0: Port device team_slave_1 added
[  340.702002][ T5899] usb 2-1: USB disconnect, device number 21
[  340.922609][ T8882] batman_adv: batadv0: Adding interface: batadv_slave_0
[  340.958748][ T8882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  341.143603][ T8882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  341.182324][ T8882] batman_adv: batadv0: Adding interface: batadv_slave_1
[  341.198328][ T8882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  341.244802][ T8882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  341.256300][ T8988] netlink: 'syz.3.836': attribute type 12 has an invalid length.
[  341.444571][ T8882] hsr_slave_0: entered promiscuous mode
[  341.511688][ T8882] hsr_slave_1: entered promiscuous mode
[  341.534496][ T8882] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  341.557421][ T8882] Cannot create hsr debugfs directory
[  341.628195][ T8995] netlink: 8 bytes leftover after parsing attributes in process `syz.1.837'.
[  343.840797][ T8882] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  343.861863][ T8882] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  343.876608][ T8882] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  343.907547][ T8882] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  343.971345][    T9] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  344.075798][ T8882] 8021q: adding VLAN 0 to HW filter on device bond0
[  344.107778][ T8882] 8021q: adding VLAN 0 to HW filter on device team0
[  344.123449][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  344.130657][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  344.150390][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[  344.172128][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  344.182752][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  344.200037][    T9] usb 2-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  344.209151][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.218780][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  344.225984][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  344.250251][    T9] usb 2-1: config 0 descriptor??
[  344.301663][ T5918] usb 3-1: new full-speed USB device number 31 using dummy_hcd
[  344.495989][ T5918] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  344.510521][ T5918] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.541967][ T5918] usb 3-1: config 0 descriptor??
[  344.573167][ T5918] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  344.683172][ T8882] 8021q: adding VLAN 0 to HW filter on device batadv0
[  344.754227][ T5918] gp8psk: usb in 128 operation failed.
[  344.971013][ T5918] gp8psk: usb in 146 operation failed.
[  344.989768][ T5918] gp8psk: failed to get FW version
[  345.001114][ T5918] gp8psk: usb in 149 operation failed.
[  345.007524][ T8882] veth0_vlan: entered promiscuous mode
[  345.031208][ T5918] gp8psk: failed to get FPGA version
[  345.079060][ T8882] veth1_vlan: entered promiscuous mode
[  345.146801][    T9] usbhid 2-1:0.0: can't add hid device: -71
[  345.153075][    T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  345.170712][    T9] usb 2-1: USB disconnect, device number 22
[  345.177569][ T8882] veth0_macvtap: entered promiscuous mode
[  345.214238][ T8882] veth1_macvtap: entered promiscuous mode
[  345.236363][ T8882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  345.248616][ T8882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.268629][ T8882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  345.287535][ T8882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.304362][ T8882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  345.328482][ T8882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.330010][ T5819] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  345.341567][ T9042] netlink: 16 bytes leftover after parsing attributes in process `syz.3.850'.
[  345.356431][ T8882] batman_adv: batadv0: Interface activated: batadv_slave_0
[  345.369782][ T9022] netlink: 96 bytes leftover after parsing attributes in process `syz.2.844'.
[  345.382122][ T5918] gp8psk: usb out operation failed.
[  345.387376][ T5918] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  345.407349][ T8882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  345.422923][ T5918] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  345.431034][ T8882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.470964][ T5918] usb 3-1: USB disconnect, device number 31
[  345.505835][ T5819] usb 1-1: Using ep0 maxpacket: 16
[  345.519996][ T5819] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  345.533838][ T8882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  345.545236][ T5819] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  345.554612][ T8882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.582486][ T8882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  345.597875][ T8882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.621622][ T5819] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  345.635170][ T5819] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  345.647169][ T8882] batman_adv: batadv0: Interface activated: batadv_slave_1
[  345.657852][ T5819] usb 1-1: Product: syz
[  345.663294][ T8882] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  345.673139][ T8882] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  345.683024][ T8882] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  345.692236][ T8882] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  345.693629][ T5819] usb 1-1: Manufacturer: syz
[  345.736569][ T5819] usb 1-1: SerialNumber: syz
[  346.042814][ T9038] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  346.137885][ T9038] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  346.178228][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  346.217647][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  346.656894][ T9057] netlink: 20 bytes leftover after parsing attributes in process `syz.3.854'.
[  347.705315][ T6142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  347.717172][ T9054] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.740272][ T9054] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  347.987839][ T6142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  348.353149][ T5819] usb 1-1: cannot find UAC_HEADER
[  348.995983][ T5819] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22
[  349.068611][ T9076] netlink: 20 bytes leftover after parsing attributes in process `syz.5.858'.
[  349.929293][ T5819] usb 1-1: USB disconnect, device number 21
[  350.092706][ T5836] udevd[5836]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  351.719985][   T95] usb 1-1: new full-speed USB device number 22 using dummy_hcd
[  351.882488][ T9093] bond0: entered promiscuous mode
[  351.979802][   T95] usb 1-1: config 4 has an invalid interface number: 231 but max is 0
[  351.980440][ T9100] Cannot find del_set index 0 as target
[  352.107804][   T95] usb 1-1: config 4 has no interface number 0
[  352.487794][   T95] usb 1-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  352.499016][   T95] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.530031][   T95] usb 1-1: Product: syz
[  352.534284][   T95] usb 1-1: Manufacturer: syz
[  352.539819][   T95] usb 1-1: SerialNumber: syz
[  352.565858][   T95] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  353.187181][   T95] vp7045: USB control message 'in' went wrong.
[  353.194417][   T95] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  353.320032][   T95] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  353.406689][   T95] usb 1-1: USB disconnect, device number 22
[  354.306984][ T9117] netlink: 8 bytes leftover after parsing attributes in process `syz.5.871'.
[  354.352497][ T9113] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  354.580895][ T5899] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  354.741625][ T5899] usb 3-1: Using ep0 maxpacket: 16
[  354.748565][ T5899] usb 3-1: config 0 has an invalid descriptor of length 53, skipping remainder of the config
[  354.764432][ T5899] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  354.786082][ T5899] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 49152, setting to 1024
[  354.808501][ T5899] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 1024
[  354.828963][ T5899] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  354.861029][ T5899] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  354.911509][ T5899] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  354.933038][ T5899] usb 3-1: Manufacturer: syz
[  354.958383][ T5899] usb 3-1: config 0 descriptor??
[  355.023173][ T9133] 8021q: adding VLAN 0 to HW filter on device bond0
[  355.063115][ T9133] bond0: (slave rose0): Enslaving as an active interface with an up link
[  355.293028][ T5899] rc_core: IR keymap rc-hauppauge not found
[  355.314338][ T5899] Registered IR keymap rc-empty
[  355.334176][ T5899] mceusb 3-1:0.0: Error: mce write urb status = -71
[  355.384249][ T5899] mceusb 3-1:0.0: Error: mce write urb status = -71
[  355.430078][ T5899] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  355.517820][ T5899] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input15
[  356.353569][ T5899] mceusb 3-1:0.0: Error: mce write urb status = -71
[  356.437323][ T5899] mceusb 3-1:0.0: Error: mce write urb status = -71
[  356.499699][ T5899] mceusb 3-1:0.0: Error: mce write urb status = -71
[  356.599063][ T5899] mceusb 3-1:0.0: Error: mce write urb status = -71
[  356.689963][ T5899] mceusb 3-1:0.0: Error: mce write urb status = -71
[  356.747134][ T5899] mceusb 3-1:0.0: Error: mce write urb status = -71
[  356.772935][ T5899] mceusb 3-1:0.0: Error: mce write urb status = -71
[  356.807360][ T5899] mceusb 3-1:0.0: Error: mce write urb status = -71
[  356.851112][ T5899] mceusb 3-1:0.0: Error: mce write urb status = -71
[  356.890388][ T5899] mceusb 3-1:0.0: Error: mce write urb status = -71
[  356.912767][ T5899] mceusb 3-1:0.0: Registered  with mce emulator interface version 1
[  356.946442][ T5899] mceusb 3-1:0.0: 2 tx ports (0x1 cabled) and 2 rx sensors (0x0 active)
[  356.996911][ T5899] usb 3-1: USB disconnect, device number 32
[  357.503407][   T95] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  358.209965][   T95] usb 6-1: Using ep0 maxpacket: 16
[  358.209995][ T5899] usb 2-1: new full-speed USB device number 23 using dummy_hcd
[  358.235352][   T95] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  358.251198][   T95] usb 6-1: New USB device found, idVendor=05ac, idProduct=0272, bcdDevice= 0.40
[  358.280480][   T95] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  358.281684][ T9193] ptrace attach of "./syz-executor exec"[9196] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  358.288598][   T95] usb 6-1: Product: syz
[  358.376015][ T5899] usb 2-1: config 4 has an invalid interface number: 231 but max is 0
[  358.379712][    C1] vkms_vblank_simulate: vblank timer overrun
[  358.394215][ T5899] usb 2-1: config 4 has no interface number 0
[  358.634211][ T5899] usb 2-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  358.643491][ T5899] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  358.649930][   T95] usb 6-1: Manufacturer: syz
[  358.652731][ T5899] usb 2-1: Product: syz
[  358.656540][   T95] usb 6-1: SerialNumber: syz
[  358.661067][ T5899] usb 2-1: Manufacturer: syz
[  358.670392][ T5899] usb 2-1: SerialNumber: syz
[  358.692248][ T5899] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  359.344890][   T95] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/input/input16
[  359.493818][ T9215] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  359.510401][ T5899] vp7045: USB control message 'in' went wrong.
[  359.516680][ T5899] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  359.550227][   T11] Bluetooth: hci4: Frame reassembly failed (-84)
[  359.560497][ T9215] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  359.569293][ T5899] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  359.621507][ T9214] netlink: 60 bytes leftover after parsing attributes in process `syz.3.890'.
[  359.729563][   T25] usb 2-1: USB disconnect, device number 23
[  359.870092][ T5819] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  360.020802][ T5819] usb 4-1: Using ep0 maxpacket: 32
[  360.035213][ T5819] usb 4-1: unable to get BOS descriptor or descriptor too short
[  360.051453][ T5819] usb 4-1: config 5 has an invalid interface number: 52 but max is 0
[  360.076862][ T5819] usb 4-1: config 5 has no interface number 0
[  360.097960][ T5819] usb 4-1: config 5 interface 52 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  360.132693][ T5819] usb 4-1: config 5 interface 52 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  360.156585][ T5819] usb 4-1: New USB device found, idVendor=16ca, idProduct=1502, bcdDevice=51.58
[  360.166154][ T5819] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  360.245985][ T5819] usb 4-1: Product: syz
[  360.260422][ T5819] usb 4-1: Manufacturer: syz
[  360.265284][ T5819] usb 4-1: SerialNumber: syz
[  360.510483][   T25] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  360.680098][   T25] usb 3-1: Using ep0 maxpacket: 32
[  360.688063][   T25] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  360.712284][   T25] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  360.749995][   T25] usb 3-1: config 0 interface 0 has no altsetting 0
[  360.760207][   T25] usb 3-1: New USB device found, idVendor=056a, idProduct=4001, bcdDevice= 0.00
[  360.777200][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  360.800815][   T25] usb 3-1: config 0 descriptor??
[  361.228052][   T25] wacom 0003:056A:4001.0009: unknown main item tag 0x0
[  361.267011][   T25] wacom 0003:056A:4001.0009: hidraw0: USB HID v0.00 Device [HID 056a:4001] on usb-dummy_hcd.2-1/input0
[  361.612398][ T5830] Bluetooth: hci4: command 0x1003 tx timeout
[  361.619116][ T5131] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  361.649243][ T5177] bcm5974 6-1:1.0: could not read from device
[  361.892342][ T5177] bcm5974 6-1:1.0: could not read from device
[  362.128076][ T5177] bcm5974 6-1:1.0: could not read from device
[  362.150096][   T95] usb 6-1: USB disconnect, device number 2
[  362.318556][ T5177] bcm5974 6-1:1.0: could not read from device
[  363.235855][ T9260] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.580534][   T25] usb 3-1: USB disconnect, device number 33
[  363.596930][ T9260] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.161406][ T9260] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.279686][ T5819] aircable 4-1:5.52: aircable converter detected
[  364.316191][ T5819] usb 4-1: aircable converter now attached to ttyUSB0
[  364.347362][ T5819] usb 4-1: USB disconnect, device number 20
[  364.387208][ T5819] aircable ttyUSB0: aircable converter now disconnected from ttyUSB0
[  364.434100][ T5819] aircable 4-1:5.52: device disconnected
[  364.513313][ T9260] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.344365][ T9277] 8021q: adding VLAN 0 to HW filter on device bond1
[  365.352859][ T9277] bond1: entered promiscuous mode
[  365.358392][ T9277] bond0: (slave bond1): Enslaving as an active interface with an up link
[  365.595464][ T9260] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  365.651457][ T9260] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  365.683989][ T9260] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  365.706555][ T9260] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  365.724253][ T5868] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  365.801507][ T9288] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  366.020004][ T5819] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  366.050123][ T5868] usb 4-1: config 0 interface 0 altsetting 12 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  366.061818][ T5868] usb 4-1: config 0 interface 0 has no altsetting 0
[  366.140421][ T5868] usb 4-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=d9.c3
[  366.149530][ T5868] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  366.158148][ T5868] usb 4-1: Product: syz
[  366.162919][ T5868] usb 4-1: Manufacturer: syz
[  366.168812][ T5868] usb 4-1: SerialNumber: syz
[  366.190012][ T5819] usb 3-1: Using ep0 maxpacket: 8
[  366.198019][ T5819] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7
[  366.208498][ T5868] usb 4-1: config 0 descriptor??
[  366.218672][ T5819] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  366.228963][ T5819] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  366.245210][ T5868] keyspan 4-1:0.0: Keyspan 2 port adapter converter detected
[  366.252917][ T5868] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 7
[  366.262617][ T5868] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 81
[  366.270560][ T5868] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 1
[  366.278323][ T5868] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 2
[  366.286123][ T5868] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 85
[  366.290258][ T5819] usb 3-1: Product: syz
[  366.294005][ T5868] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 5
[  366.305735][ T5819] usb 3-1: Manufacturer: syz
[  366.314256][ T5868] usb 4-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[  366.323743][ T5868] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 83
[  366.382009][ T5868] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 3
[  366.390070][ T5868] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 4
[  366.392281][ T5819] usb 3-1: SerialNumber: syz
[  366.403506][ T5868] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 86
[  366.411559][ T5868] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 6
[  366.440226][ T5868] usb 4-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[  366.490093][ T5868] usb 4-1: USB disconnect, device number 21
[  366.524053][ T5868] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[  366.576161][ T5868] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[  366.586371][ T5868] keyspan 4-1:0.0: device disconnected
[  366.643290][ T9300] bond_slave_0: left promiscuous mode
[  366.649150][ T9300] bond_slave_1: left promiscuous mode
[  366.654672][ T9300] bond0: entered promiscuous mode
[  366.659721][ T9300] bond_slave_0: entered promiscuous mode
[  366.665610][ T9300] bond_slave_1: entered promiscuous mode
[  366.677962][ T5819] usb 3-1: Invalid connection information received from device
[  366.767437][ T9307] netlink: 4 bytes leftover after parsing attributes in process `syz.5.912'.
[  366.783136][ T9307] geneve0: entered promiscuous mode
[  366.818593][ T9307] geneve0: left promiscuous mode
[  366.920315][ T5819] usb 3-1: USB disconnect, device number 34
[  367.445439][ T9311] vivid-000: kernel_thread() failed
[  367.914676][ T9322] infiniband s
z1: set active
[  367.929402][ T9322] infiniband s
z1: set active
[  368.174094][ T9325] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  368.180626][ T9325] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  368.221778][ T5868] usb 4-1: new full-speed USB device number 22 using dummy_hcd
[  368.239803][ T9322] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.260040][ T9325] vhci_hcd vhci_hcd.0: Device attached
[  368.298024][ T9322] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.356280][ T5819] »»»»»» speed is unknown, defaulting to 1000
[  368.371842][    T9] »»»»»» speed is unknown, defaulting to 1000
[  368.392047][ T5868] usb 4-1: config 4 has an invalid interface number: 231 but max is 0
[  368.400899][ T5868] usb 4-1: config 4 has no interface number 0
[  368.414103][ T5868] usb 4-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  368.429728][ T5868] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.447628][ T5868] usb 4-1: Product: syz
[  368.458384][ T5868] usb 4-1: Manufacturer: syz
[  368.469551][ T5868] usb 4-1: SerialNumber: syz
[  368.487710][ T5868] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  368.510109][ T5866] usb 35-1: new low-speed USB device number 2 using vhci_hcd
[  368.730860][ T9326] vhci_hcd: connection reset by peer
[  368.738606][   T52] vhci_hcd: stop threads
[  368.752404][   T52] vhci_hcd: release socket
[  368.757128][   T52] vhci_hcd: disconnect device
[  369.074913][ T5868] vp7045: USB control message 'in' went wrong.
[  369.081386][ T5868] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  369.092924][ T5868] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  369.257548][    T9] usb 3-1: new full-speed USB device number 35 using dummy_hcd
[  369.393612][ T5868] usb 4-1: USB disconnect, device number 22
[  369.482893][    T9] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  369.494352][    T9] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  369.507880][    T9] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64
[  369.530795][    T9] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  369.565585][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  369.587579][    T9] usb 3-1: Product: syz
[  369.604739][    T9] usb 3-1: Manufacturer: syz
[  369.609420][    T9] usb 3-1: SerialNumber: syz
[  370.585940][ T9342] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  370.593232][ T9342] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  370.600877][ T5868] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  370.765258][ T5868] usb 6-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  370.774780][ T5868] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.810185][ T5868] usb 6-1: Product: syz
[  370.814404][ T5868] usb 6-1: Manufacturer: syz
[  370.827554][ T5868] usb 6-1: SerialNumber: syz
[  370.840991][ T5868] usb 6-1: config 0 descriptor??
[  371.107195][   T95] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  372.011783][ T9366] vivid-000: kernel_thread() failed
[  372.048146][ T9342] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  372.055520][ T9342] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  372.100046][   T95] usb 2-1: Using ep0 maxpacket: 8
[  372.112537][   T95] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  372.124454][   T95] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  372.142740][   T95] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  372.152501][   T95] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.170142][   T95] usb 2-1: Product: syz
[  372.181406][   T95] usb 2-1: Manufacturer: syz
[  372.196324][   T95] usb 2-1: SerialNumber: syz
[  372.275481][    T9] cdc_ncm 3-1:1.0: failed to get mac address
[  372.299167][    T9] cdc_ncm 3-1:1.0: bind() failure
[  372.336155][    T9] cdc_ncm 3-1:1.1: probe with driver cdc_ncm failed with error -71
[  372.350915][    T9] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71
[  372.370690][    T9] usbtest 3-1:1.1: probe with driver usbtest failed with error -71
[  372.410138][    T9] usb 3-1: USB disconnect, device number 35
[  372.472797][ T5868] usb 6-1: Firmware version (0.0) predates our first public release.
[  372.482429][ T5868] usb 6-1: Please update to version 0.2 or newer
[  372.540506][   T95] cdc_ncm 2-1:1.0: bind() failure
[  372.548882][   T95] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  372.555926][   T95] cdc_ncm 2-1:1.1: bind() failure
[  372.613082][   T95] usb 2-1: USB disconnect, device number 24
[  372.752508][ T5868] usb 6-1: USB disconnect, device number 3
[  373.095792][ T9393] mmap: syz.2.932 (9393): VmData 37466112 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[  373.624739][ T5866] vhci_hcd: vhci_device speed not set
[  373.646582][ T9419] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  373.951642][ T9418] netlink: 100 bytes leftover after parsing attributes in process `syz.5.938'.
[  373.952625][ T5131] Bluetooth: hci0: unexpected event for opcode 0x4e05
[  374.040173][   T95] usb 2-1: new full-speed USB device number 25 using dummy_hcd
[  374.591919][   T95] usb 2-1: config 4 has an invalid interface number: 231 but max is 0
[  374.602398][   T95] usb 2-1: config 4 has no interface number 0
[  374.634685][   T95] usb 2-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  374.648445][   T95] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.658633][   T95] usb 2-1: Product: syz
[  374.663166][   T95] usb 2-1: Manufacturer: syz
[  374.667789][   T95] usb 2-1: SerialNumber: syz
[  374.690991][   T95] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  374.733760][ T9435] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  374.910364][ T9441] netlink: 20 bytes leftover after parsing attributes in process `syz.5.943'.
[  375.039815][ T9442] netlink: 32 bytes leftover after parsing attributes in process `syz.3.942'.
[  375.138927][   T95] vp7045: USB control message 'in' went wrong.
[  375.150513][ T9441] netlink: 20 bytes leftover after parsing attributes in process `syz.5.943'.
[  375.230733][   T95] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  375.477286][   T95] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  375.892308][ T9449] TCP: request_sock_TCPv6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  375.903470][   T95] usb 2-1: USB disconnect, device number 25
[  376.488566][   T95] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  377.913195][   T95] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  377.962985][   T95] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  378.065850][   T95] usb 1-1: New USB device found, idVendor=045e, idProduct=009d, bcdDevice= 0.00
[  378.079063][   T95] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  378.391110][   T95] usb 1-1: config 0 descriptor??
[  379.690489][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  379.696872][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  380.026760][   T95] microsoft 0003:045E:009D.000A: unbalanced delimiter at end of report description
[  380.036788][   T95] microsoft 0003:045E:009D.000A: parse failed
[  380.042990][   T95] microsoft 0003:045E:009D.000A: probe with driver microsoft failed with error -22
[  380.770199][ T5918] usb 1-1: USB disconnect, device number 23
[  381.933893][ T9521] 9pnet_fd: Insufficient options for proto=fd
[  382.781502][ T5918] usb 1-1: new full-speed USB device number 24 using dummy_hcd
[  383.558218][ T9550] netlink: 20 bytes leftover after parsing attributes in process `syz.2.958'.
[  383.749350][ T9535] delete_channel: no stack
[  385.559979][ T9569] FAULT_INJECTION: forcing a failure.
[  385.559979][ T9569] name failslab, interval 1, probability 0, space 0, times 0
[  385.573004][ T9569] CPU: 0 UID: 0 PID: 9569 Comm: syz.3.967 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[  385.583616][ T9569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  385.593696][ T9569] Call Trace:
[  385.596986][ T9569]  <TASK>
[  385.599929][ T9569]  dump_stack_lvl+0x241/0x360
[  385.604657][ T9569]  ? __pfx_dump_stack_lvl+0x10/0x10
[  385.609894][ T9569]  ? __pfx__printk+0x10/0x10
[  385.614515][ T9569]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  385.620521][ T9569]  ? __pfx___might_resched+0x10/0x10
[  385.625838][ T9569]  should_fail_ex+0x3b0/0x4e0
[  385.630544][ T9569]  should_failslab+0xac/0x100
[  385.635266][ T9569]  kmem_cache_alloc_node_noprof+0x77/0x380
[  385.641106][ T9569]  ? __alloc_skb+0x1c3/0x440
[  385.645716][ T9569]  __alloc_skb+0x1c3/0x440
[  385.650178][ T9569]  ? __pfx___alloc_skb+0x10/0x10
[  385.655187][ T9569]  ? netlink_autobind+0xd6/0x2f0
[  385.660155][ T9569]  ? netlink_autobind+0x2b0/0x2f0
[  385.665817][ T9569]  netlink_sendmsg+0x638/0xcb0
[  385.671074][ T9569]  ? __pfx_netlink_sendmsg+0x10/0x10
[  385.676471][ T9569]  ? __pfx_netlink_sendmsg+0x10/0x10
[  385.681941][ T9569]  __sock_sendmsg+0x221/0x270
[  385.686650][ T9569]  ____sys_sendmsg+0x52a/0x7e0
[  385.691438][ T9569]  ? __pfx_____sys_sendmsg+0x10/0x10
[  385.696737][ T9569]  ? __fget_files+0x2a/0x410
[  385.701346][ T9569]  ? __fget_files+0x2a/0x410
[  385.705959][ T9569]  __sys_sendmsg+0x269/0x350
[  385.710570][ T9569]  ? __pfx_lock_release+0x10/0x10
[  385.715624][ T9569]  ? __pfx___sys_sendmsg+0x10/0x10
[  385.720765][ T9569]  ? __pfx_vfs_write+0x10/0x10
[  385.725569][ T9569]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  385.731919][ T9569]  ? do_syscall_64+0x100/0x230
[  385.736709][ T9569]  ? do_syscall_64+0xb6/0x230
[  385.741406][ T9569]  do_syscall_64+0xf3/0x230
[  385.745970][ T9569]  ? clear_bhb_loop+0x35/0x90
[  385.750663][ T9569]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.756574][ T9569] RIP: 0033:0x7fcbda585d19
[  385.761002][ T9569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  385.780725][ T9569] RSP: 002b:00007fcbdb3f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  385.789184][ T9569] RAX: ffffffffffffffda RBX: 00007fcbda775fa0 RCX: 00007fcbda585d19
[  385.797179][ T9569] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  385.805479][ T9569] RBP: 00007fcbdb3f9090 R08: 0000000000000000 R09: 0000000000000000
[  385.813477][ T9569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  385.821563][ T9569] R13: 0000000000000000 R14: 00007fcbda775fa0 R15: 00007fffc262f328
[  385.829637][ T9569]  </TASK>
[  386.123493][ T5918] usb 1-1: unable to read config index 0 descriptor/all
[  386.131306][ T5918] usb 1-1: can't read configurations, error -71
[  387.171319][ T9604] ptrace attach of "./syz-executor exec"[5826] was attempted by "./syz-executor exec"[9604]
[  388.790260][ T9639] syz.2.979: attempt to access beyond end of device
[  388.790260][ T9639] nbd2: rw=2048, sector=2, nr_sectors = 1 limit=0
[  389.328258][ T9647] netlink: 8 bytes leftover after parsing attributes in process `syz.2.981'.
[  389.436773][ T9647] team0: entered promiscuous mode
[  389.467578][ T9647] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  389.510871][ T9647] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  389.622598][   T95] usb 4-1: new full-speed USB device number 23 using dummy_hcd
[  389.743922][ T9647] team0: left promiscuous mode
[  389.759092][ T9647] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  390.602188][   T95] usb 4-1: config 4 has an invalid interface number: 231 but max is 0
[  390.610621][   T95] usb 4-1: config 4 has no interface number 0
[  390.621108][   T95] usb 4-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  390.638273][   T95] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  390.731086][ T9657] binder: 9656:9657 ioctl 4018620d 0 returned -22
[  390.742479][   T95] usb 4-1: Product: syz
[  390.746706][   T95] usb 4-1: Manufacturer: syz
[  390.757947][   T95] usb 4-1: SerialNumber: syz
[  390.794252][   T95] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  391.090465][ T5870] usb 1-1: new full-speed USB device number 26 using dummy_hcd
[  391.199102][   T95] vp7045: USB control message 'in' went wrong.
[  391.493660][   T95] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  391.508370][   T95] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  392.128510][ T5870] usb 1-1: config 2 has an invalid interface number: 186 but max is 0
[  392.137069][ T5870] usb 1-1: config 2 has no interface number 0
[  392.152088][ T5868] usb 4-1: USB disconnect, device number 23
[  392.172604][ T5870] usb 1-1: config 2 interface 186 has no altsetting 0
[  392.476219][ T5870] usb 1-1: New USB device found, idVendor=0423, idProduct=000a, bcdDevice=8c.8f
[  392.485756][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.579576][ T5870] usb 1-1: Product: syz
[  392.583890][ T5870] usb 1-1: Manufacturer: syz
[  392.588516][ T5870] usb 1-1: SerialNumber: syz
[  392.830124][ T5899] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  392.981250][ T5899] usb 2-1: Using ep0 maxpacket: 32
[  393.000304][ T5899] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[  393.049064][ T5899] usb 2-1: config 0 has no interface number 0
[  393.069975][ T5899] usb 2-1: config 0 interface 12 has no altsetting 0
[  393.712017][ T5899] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  393.730347][ T5899] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.738496][ T5899] usb 2-1: Product: syz
[  393.743543][ T5899] usb 2-1: Manufacturer: syz
[  393.748183][ T5899] usb 2-1: SerialNumber: syz
[  393.762532][ T5899] usb 2-1: config 0 descriptor??
[  394.051966][ T9701] netlink: 108 bytes leftover after parsing attributes in process `syz.3.998'.
[  394.423352][ T5870] catc 1-1:2.186: Can't set altsetting 1.
[  394.429371][ T5870] catc 1-1:2.186: probe with driver catc failed with error -5
[  394.448370][ T5870] usb 1-1: USB disconnect, device number 26
[  396.101278][ T5899] f81534 2-1:0.12: f81534_get_register: reg: 1003 failed: -32
[  396.109051][ T5899] f81534 2-1:0.12: f81534_find_config_idx: read failed: -32
[  396.585919][ T5899] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -32
[  396.620057][ T5899] f81534 2-1:0.12: probe with driver f81534 failed with error -32
[  396.676785][ T5899] usb 2-1: USB disconnect, device number 26
[  396.881507][    T9] usb 1-1: new full-speed USB device number 27 using dummy_hcd
[  397.926685][    T9] usb 1-1: config 4 has an invalid interface number: 231 but max is 0
[  397.935127][    T9] usb 1-1: config 4 has no interface number 0
[  397.943792][    T9] usb 1-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  397.953347][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.969402][    T9] usb 1-1: Product: syz
[  398.209809][    T9] usb 1-1: Manufacturer: syz
[  398.214550][    T9] usb 1-1: SerialNumber: syz
[  398.244157][    T9] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  398.500011][ T5918] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  398.669460][    T9] vp7045: USB control message 'in' went wrong.
[  398.679243][    T9] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  398.709991][ T5918] usb 2-1: Using ep0 maxpacket: 32
[  398.716120][    T9] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  398.750387][ T5918] usb 2-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  398.761991][ T5918] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  398.844942][    T9] usb 1-1: USB disconnect, device number 27
[  398.919681][ T9766] bridge0: port 3(erspan0) entered blocking state
[  398.927598][ T9766] bridge0: port 3(erspan0) entered disabled state
[  398.934860][ T9766] erspan0: entered allmulticast mode
[  398.944585][ T9766] erspan0: entered promiscuous mode
[  398.951484][ T9766] bridge0: port 3(erspan0) entered blocking state
[  398.958014][ T9766] bridge0: port 3(erspan0) entered forwarding state
[  399.013336][ T9766] Bluetooth: MGMT ver 1.23
[  399.571496][ T5918] usb 2-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=34.05
[  399.580784][ T5918] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.588810][ T5918] usb 2-1: Product: syz
[  399.593089][ T5918] usb 2-1: Manufacturer: syz
[  399.597710][ T5918] usb 2-1: SerialNumber: syz
[  399.699076][ T5918] usb 2-1: config 0 descriptor??
[  399.921575][    T9] usb 2-1: USB disconnect, device number 27
[  400.050117][ T5868] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  400.240134][ T5868] usb 6-1: Using ep0 maxpacket: 32
[  400.278792][ T5868] usb 6-1: unable to get BOS descriptor or descriptor too short
[  400.353529][ T5868] usb 6-1: config 5 has an invalid interface number: 52 but max is 0
[  400.405209][ T5868] usb 6-1: config 5 has no interface number 0
[  400.419739][ T5868] usb 6-1: config 5 interface 52 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  400.431693][ T5868] usb 6-1: config 5 interface 52 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  400.452289][ T5868] usb 6-1: New USB device found, idVendor=16ca, idProduct=1502, bcdDevice=51.58
[  400.462620][ T5868] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  400.478008][ T5868] usb 6-1: Product: syz
[  400.492263][ T5868] usb 6-1: Manufacturer: syz
[  400.497237][ T5868] usb 6-1: SerialNumber: syz
[  400.604221][ T9786] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1020'.
[  400.667344][ T9786] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1020'.
[  400.668617][ T9784] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1019'.
[  400.710490][ T9788] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1020'.
[  400.743508][ T9784] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1019'.
[  400.763938][ T9784] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1019'.
[  400.777666][ T9791] tmpfs: Unknown parameter '^node#2'
[  402.817222][ T5868] aircable 6-1:5.52: aircable converter detected
[  402.896834][ T5870] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  402.951916][ T5868] usb 6-1: aircable converter now attached to ttyUSB0
[  403.230236][    T9] usb 4-1: new full-speed USB device number 24 using dummy_hcd
[  403.645381][ T5868] usb 6-1: USB disconnect, device number 4
[  403.676658][ T5868] aircable ttyUSB0: aircable converter now disconnected from ttyUSB0
[  403.690028][ T5870] usb 1-1: device descriptor read/64, error -71
[  403.727253][ T5868] aircable 6-1:5.52: device disconnected
[  403.945508][    T9] usb 4-1: config 4 has an invalid interface number: 231 but max is 0
[  403.954035][    T9] usb 4-1: config 4 has no interface number 0
[  403.973772][    T9] usb 4-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  403.987847][ T5870] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  403.989232][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  404.031451][    T9] usb 4-1: Product: syz
[  404.045765][    T9] usb 4-1: Manufacturer: syz
[  404.062050][    T9] usb 4-1: SerialNumber: syz
[  404.089615][    T9] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  405.200734][ T9842] veth1: entered promiscuous mode
[  405.205875][ T9842] veth1: left promiscuous mode
[  405.257657][ T5870] usb 1-1: device descriptor read/64, error -71
[  405.353549][    T9] vp7045: USB control message 'in' went wrong.
[  405.359776][    T9] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  405.376344][    T9] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  405.391495][ T5870] usb usb1-port1: attempt power cycle
[  405.531021][    T9] usb 4-1: USB disconnect, device number 24
[  405.579383][ T5868] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  405.864673][   T95] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  405.882005][ T5868] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  405.894294][ T5868] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  405.906875][ T5868] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  405.920328][ T5868] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  405.929478][ T5868] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.950776][ T5868] usb 3-1: config 0 descriptor??
[  405.960858][ T9844] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  406.034031][ T9860] netlink: 'syz.5.1041': attribute type 27 has an invalid length.
[  406.042086][ T9860] C: renamed from team_slave_0 (while UP)
[  406.130039][   T95] usb 2-1: Using ep0 maxpacket: 8
[  406.302091][   T95] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  406.488523][   T95] usb 2-1: config 179 has no interface number 0
[  406.726769][ T5868] plantronics 0003:047F:FFFF.000B: unknown main item tag 0xd
[  406.734409][   T95] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  406.749205][ T5868] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  406.759441][   T95] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  406.773181][   T95] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  406.793748][ T5868] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  406.840169][   T95] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  406.891243][    T9] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  406.895706][   T95] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  406.967289][   T95] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  407.021133][   T95] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.038807][ T5918] usb 3-1: USB disconnect, device number 36
[  407.046823][ T9848] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  407.108973][ T5899] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  407.130042][    T9] usb 4-1: Using ep0 maxpacket: 32
[  407.143665][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  407.198763][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  407.238582][    T9] usb 4-1: New USB device found, idVendor=05ac, idProduct=026c, bcdDevice= 0.00
[  407.255114][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.272091][    T9] usb 4-1: config 0 descriptor??
[  407.305134][ T5899] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  407.317571][ T5899] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  407.335864][ T5899] usb 6-1: New USB device found, idVendor=056a, idProduct=0315, bcdDevice= 0.00
[  407.358820][ T5899] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.381831][ T9848] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  407.388396][ T9848] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  407.391990][ T5899] usb 6-1: config 0 descriptor??
[  407.398203][ T9848] vhci_hcd vhci_hcd.0: Device attached
[  407.460429][ T9870] vhci_hcd: connection closed
[  407.462060][ T6142] vhci_hcd: stop threads
[  407.471736][ T6142] vhci_hcd: release socket
[  407.477969][ T5918] usb 2-1: USB disconnect, device number 28
[  407.478082][    C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  407.493715][    C1] dummy_hcd dummy_hcd.1: timer fired with no URBs pending?
[  407.496236][ T6142] vhci_hcd: disconnect device
[  407.658025][ T9867] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input21
[  407.771019][   T29] audit: type=1326 audit(1734439477.902:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9866 comm="syz.5.1044" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa748d85d19 code=0x0
[  407.827564][ T9867] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  407.837010][ T9867] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  407.870263][ T5870] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  408.051925][ T5870] usb 1-1: Using ep0 maxpacket: 32
[  408.100793][ T5870] usb 1-1: unable to get BOS descriptor or descriptor too short
[  408.177336][ T5870] usb 1-1: config 5 has an invalid interface number: 52 but max is 0
[  408.238204][ T5870] usb 1-1: config 5 has no interface number 0
[  408.304476][ T5870] usb 1-1: config 5 interface 52 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  408.431917][ T5870] usb 1-1: config 5 interface 52 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  408.563851][ T5870] usb 1-1: New USB device found, idVendor=16ca, idProduct=1502, bcdDevice=51.58
[  408.677101][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.750291][ T5899] wacom 0003:056A:0315.000C: Unknown device_type for 'HID 056a:0315'. Assuming pen.
[  408.784298][ T5870] usb 1-1: Product: syz
[  408.788525][ T5870] usb 1-1: Manufacturer: syz
[  408.793256][ T5870] usb 1-1: SerialNumber: syz
[  408.800332][    T9] usbhid 4-1:0.0: can't add hid device: -71
[  408.806365][    T9] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  408.850773][ T9884] FAULT_INJECTION: forcing a failure.
[  408.850773][ T9884] name failslab, interval 1, probability 0, space 0, times 0
[  408.864248][ T9884] CPU: 0 UID: 0 PID: 9884 Comm: syz.2.1050 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[  408.874976][ T9884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  408.885067][ T9884] Call Trace:
[  408.888379][ T9884]  <TASK>
[  408.891346][ T9884]  dump_stack_lvl+0x241/0x360
[  408.896067][ T9884]  ? __pfx_dump_stack_lvl+0x10/0x10
[  408.901317][ T9884]  ? __pfx__printk+0x10/0x10
[  408.905986][ T9884]  ? kmem_cache_alloc_noprof+0x48/0x380
[  408.911595][ T9884]  ? __pfx___might_resched+0x10/0x10
[  408.916933][ T9884]  should_fail_ex+0x3b0/0x4e0
[  408.921917][ T9884]  should_failslab+0xac/0x100
[  408.926616][ T9884]  ? alloc_empty_file+0x9e/0x1d0
[  408.931664][ T9884]  kmem_cache_alloc_noprof+0x70/0x380
[  408.937057][ T9884]  alloc_empty_file+0x9e/0x1d0
[  408.941832][ T9884]  alloc_file_pseudo+0x1da/0x290
[  408.946971][ T9884]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  408.952524][ T9884]  ? alloc_fd+0x61a/0x690
[  408.956873][ T9884]  anon_inode_getfd+0xce/0x1e0
[  408.961669][ T9884]  __se_sys_fsopen+0x233/0x2c0
[  408.966445][ T9884]  do_syscall_64+0xf3/0x230
[  408.970958][ T9884]  ? clear_bhb_loop+0x35/0x90
[  408.975648][ T9884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.981556][ T9884] RIP: 0033:0x7f107b385d19
[  408.985975][ T9884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  409.005592][ T9884] RSP: 002b:00007f107c286038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  409.014013][ T9884] RAX: ffffffffffffffda RBX: 00007f107b575fa0 RCX: 00007f107b385d19
[  409.021990][ T9884] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200000c0
[  409.029969][ T9884] RBP: 00007f107c286090 R08: 0000000000000000 R09: 0000000000000000
[  409.038131][ T9884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  409.046199][ T9884] R13: 0000000000000001 R14: 00007f107b575fa0 R15: 00007fffb00cddf8
[  409.054202][ T9884]  </TASK>
[  409.057277][    C0] vkms_vblank_simulate: vblank timer overrun
[  409.066882][ T5899] wacom 0003:056A:0315.000C: hidraw0: USB HID v0.00 Device [HID 056a:0315] on usb-dummy_hcd.5-1/input0
[  409.079482][ T5899] input: Wacom Intuos Pro M Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:0315.000C/input/input22
[  410.127436][    T9] usb 4-1: USB disconnect, device number 25
[  410.721951][ T5899] usb 6-1: reset high-speed USB device number 5 using dummy_hcd
[  411.173080][ T9897] netlink: 'syz.1.1052': attribute type 10 has an invalid length.
[  411.343480][ T5870] aircable 1-1:5.52: aircable converter detected
[  411.389382][ T5870] usb 1-1: aircable converter now attached to ttyUSB0
[  411.406697][ T9902] netlink: 'syz.1.1052': attribute type 10 has an invalid length.
[  412.042513][ T5870] usb 1-1: USB disconnect, device number 31
[  412.414954][ T9907] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1055'.
[  412.424110][ T9907] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1055'.
[  412.458648][ T5870] aircable ttyUSB0: aircable converter now disconnected from ttyUSB0
[  413.032947][ T5870] aircable 1-1:5.52: device disconnected
[  413.045229][ T5918] usb 6-1: USB disconnect, device number 5
[  413.101349][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  413.251546][ T9897] bond0: (slave netdevsim0): Releasing backup interface
[  413.390646][ T9897] netdevsim netdevsim1 netdevsim0: left allmulticast mode
[  413.429090][ T9897] team0: Port device netdevsim0 added
[  413.456511][ T9914] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  413.530060][ T9914] batman_adv: batadv0: Removing interface: batadv_slave_1
[  413.718719][ T9925] netlink: 412 bytes leftover after parsing attributes in process `syz.5.1059'.
[  415.276209][ T9944] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1065'.
[  415.332998][   T29] audit: type=1326 audit(1734439485.462:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9940 comm="syz.1.1065" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd05df85d19 code=0x0
[  418.193644][ T9967] netlink: 'syz.0.1071': attribute type 11 has an invalid length.
[  418.212766][ T9967] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1071'.
[  418.272293][ T9970] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  418.660479][ T9982] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1074'.
[  419.805486][ T9987] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1077'.
[  422.077393][T10008] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1078'.
[  423.042663][T10008] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1078'.
[  423.879188][T10019] trusted_key: encrypted_key: hex blob is missing
[  425.075379][T10037] hub 6-0:1.0: USB hub found
[  425.082131][T10037] hub 6-0:1.0: 1 port detected
[  425.849658][T10041] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3524339764 (7048679528 ns) > initial count (4953718868 ns). Using initial count to start timer.
[  425.880847][T10038] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode broadcast(3)
[  425.963493][T10037] »»»»»» speed is unknown, defaulting to 1000
[  426.099751][T10037] »»»»»» speed is unknown, defaulting to 1000
[  426.105429][T10051] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1091'.
[  426.261775][ T5899] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  426.520908][ T5899] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  426.532080][ T5899] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  426.551082][ T5899] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  426.600208][ T5899] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  426.796189][ T5899] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.009046][ T5899] usb 4-1: config 0 descriptor??
[  427.587267][T10075] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1094'.
[  427.607326][ T5899] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  427.645749][ T5899] plantronics 0003:047F:FFFF.000D: unbalanced delimiter at end of report description
[  427.907796][ T5899] plantronics 0003:047F:FFFF.000D: parse failed
[  427.923682][ T5899] plantronics 0003:047F:FFFF.000D: probe with driver plantronics failed with error -22
[  428.012956][ T5870] usb 4-1: USB disconnect, device number 26
[  428.195320][ T5131] Bluetooth: hci5: link tx timeout
[  428.201750][ T5131] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[  428.911964][ T5830] Bluetooth: hci5: link tx timeout
[  428.917271][ T5830] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[  428.959116][ T5830] Bluetooth: hci5: link tx timeout
[  428.965464][ T5830] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[  429.280025][T10091] rdma_rxe: rxe_newlink: failed to add veth0_vlan
[  429.405226][ T5830] Bluetooth: hci5: link tx timeout
[  429.412592][ T5830] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[  429.572258][T10119] FAULT_INJECTION: forcing a failure.
[  429.572258][T10119] name failslab, interval 1, probability 0, space 0, times 0
[  429.585229][T10119] CPU: 0 UID: 0 PID: 10119 Comm: syz.5.1104 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[  429.596022][T10119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  429.606113][T10119] Call Trace:
[  429.609464][T10119]  <TASK>
[  429.612437][T10119]  dump_stack_lvl+0x241/0x360
[  429.617150][T10119]  ? __pfx_dump_stack_lvl+0x10/0x10
[  429.622475][T10119]  ? __pfx__printk+0x10/0x10
[  429.627064][T10119]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  429.633192][T10119]  ? __pfx___might_resched+0x10/0x10
[  429.638520][T10119]  should_fail_ex+0x3b0/0x4e0
[  429.643677][T10119]  should_failslab+0xac/0x100
[  429.648500][T10119]  kmem_cache_alloc_node_noprof+0x77/0x380
[  429.656551][T10119]  ? __alloc_skb+0x1c3/0x440
[  429.661971][T10119]  __alloc_skb+0x1c3/0x440
[  429.666589][T10119]  ? __pfx___alloc_skb+0x10/0x10
[  429.671520][T10119]  ? netlink_autobind+0xd6/0x2f0
[  429.676457][T10119]  ? netlink_autobind+0x2b0/0x2f0
[  429.681525][T10119]  netlink_sendmsg+0x638/0xcb0
[  429.686306][T10119]  ? __pfx_netlink_sendmsg+0x10/0x10
[  429.691606][T10119]  ? __pfx_netlink_sendmsg+0x10/0x10
[  429.696900][T10119]  __sock_sendmsg+0x221/0x270
[  429.701593][T10119]  ____sys_sendmsg+0x52a/0x7e0
[  429.706359][T10119]  ? __pfx_____sys_sendmsg+0x10/0x10
[  429.711637][T10119]  ? __fget_files+0x2a/0x410
[  429.716242][T10119]  ? __fget_files+0x2a/0x410
[  429.720844][T10119]  __sys_sendmsg+0x269/0x350
[  429.725426][T10119]  ? __pfx_lock_release+0x10/0x10
[  429.730457][T10119]  ? __pfx___sys_sendmsg+0x10/0x10
[  429.735675][T10119]  ? __pfx_vfs_write+0x10/0x10
[  429.740551][T10119]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  429.747082][T10119]  ? do_syscall_64+0x100/0x230
[  429.751865][T10119]  ? do_syscall_64+0xb6/0x230
[  429.756552][T10119]  do_syscall_64+0xf3/0x230
[  429.761060][T10119]  ? clear_bhb_loop+0x35/0x90
[  429.765732][T10119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.771627][T10119] RIP: 0033:0x7fa748d85d19
[  429.776032][T10119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  429.795737][T10119] RSP: 002b:00007fa749b18038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  429.804160][T10119] RAX: ffffffffffffffda RBX: 00007fa748f75fa0 RCX: 00007fa748d85d19
[  429.812127][T10119] RDX: 0000000000000000 RSI: 0000000020001200 RDI: 0000000000000003
[  429.820112][T10119] RBP: 00007fa749b18090 R08: 0000000000000000 R09: 0000000000000000
[  429.828092][T10119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  429.836070][T10119] R13: 0000000000000000 R14: 00007fa748f75fa0 R15: 00007ffc371b91d8
[  429.847304][T10119]  </TASK>
[  430.312177][ T5830] Bluetooth: hci5: command 0x0406 tx timeout
[  430.318306][ T5830] Bluetooth: hci5: link tx timeout
[  430.323562][ T5830] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[  430.456134][ T5830] Bluetooth: hci5: link tx timeout
[  430.462259][ T5830] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[  430.486195][ T5830] ==================================================================
[  430.494301][ T5830] BUG: KASAN: slab-use-after-free in hci_disconnect+0x208/0x2d0
[  430.501952][ T5830] Read of size 1 at addr ffff88803460803d by task kworker/u9:7/5830
[  430.509950][ T5830] 
[  430.512283][ T5830] CPU: 1 UID: 0 PID: 5830 Comm: kworker/u9:7 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[  430.523148][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  430.533232][ T5830] Workqueue: hci5 hci_tx_work
[  430.537942][ T5830] Call Trace:
[  430.541247][ T5830]  <TASK>
[  430.544194][ T5830]  dump_stack_lvl+0x241/0x360
[  430.548912][ T5830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  430.554145][ T5830]  ? __pfx__printk+0x10/0x10
[  430.558759][ T5830]  ? _printk+0xd5/0x120
[  430.562932][ T5830]  ? __virt_addr_valid+0x183/0x530
[  430.568057][ T5830]  ? __virt_addr_valid+0x183/0x530
[  430.573190][ T5830]  print_report+0x169/0x550
[  430.577709][ T5830]  ? __virt_addr_valid+0x183/0x530
[  430.582839][ T5830]  ? __virt_addr_valid+0x183/0x530
[  430.587971][ T5830]  ? __virt_addr_valid+0x45f/0x530
[  430.593106][ T5830]  ? __phys_addr+0xba/0x170
[  430.597630][ T5830]  ? hci_disconnect+0x208/0x2d0
[  430.602565][ T5830]  kasan_report+0x143/0x180
[  430.607104][ T5830]  ? hci_disconnect+0x208/0x2d0
[  430.611982][ T5830]  hci_disconnect+0x208/0x2d0
[  430.616693][ T5830]  ? __pfx_hci_disconnect+0x10/0x10
[  430.621950][ T5830]  ? hci_sched_esco+0x336/0x440
[  430.626830][ T5830]  ? __rcu_read_unlock+0xa1/0x110
[  430.631885][ T5830]  ? __check_timeout+0x181/0x550
[  430.636848][ T5830]  __check_timeout+0x3a5/0x550
[  430.641631][ T5830]  ? __check_timeout+0x181/0x550
[  430.646583][ T5830]  hci_tx_work+0xb68/0x1590
[  430.651120][ T5830]  ? __pfx_lock_acquire+0x10/0x10
[  430.656165][ T5830]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  430.662168][ T5830]  ? __pfx_hci_tx_work+0x10/0x10
[  430.667144][ T5830]  ? process_scheduled_works+0x976/0x1840
[  430.672892][ T5830]  process_scheduled_works+0xa66/0x1840
[  430.678477][ T5830]  ? __pfx_process_scheduled_works+0x10/0x10
[  430.684491][ T5830]  ? assign_work+0x364/0x3d0
[  430.689116][ T5830]  worker_thread+0x870/0xd30
[  430.693730][ T5830]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  430.699653][ T5830]  ? __kthread_parkme+0x169/0x1d0
[  430.704708][ T5830]  ? __pfx_worker_thread+0x10/0x10
[  430.709840][ T5830]  kthread+0x2f0/0x390
[  430.713924][ T5830]  ? __pfx_worker_thread+0x10/0x10
[  430.719048][ T5830]  ? __pfx_kthread+0x10/0x10
[  430.723650][ T5830]  ret_from_fork+0x4b/0x80
[  430.728069][ T5830]  ? __pfx_kthread+0x10/0x10
[  430.732656][ T5830]  ret_from_fork_asm+0x1a/0x30
[  430.737440][ T5830]  </TASK>
[  430.740451][ T5830] 
[  430.742770][ T5830] Allocated by task 5131:
[  430.747086][ T5830]  kasan_save_track+0x3f/0x80
[  430.751763][ T5830]  __kasan_kmalloc+0x98/0xb0
[  430.756348][ T5830]  __kmalloc_cache_noprof+0x243/0x390
[  430.761712][ T5830]  __hci_conn_add+0x2f9/0x1890
[  430.766469][ T5830]  le_conn_complete_evt+0x2f6/0x12e0
[  430.771752][ T5830]  hci_le_conn_complete_evt+0x18c/0x420
[  430.777296][ T5830]  hci_event_packet+0xa55/0x1540
[  430.782233][ T5830]  hci_rx_work+0x3f3/0xdb0
[  430.786735][ T5830]  process_scheduled_works+0xa66/0x1840
[  430.792278][ T5830]  worker_thread+0x870/0xd30
[  430.796859][ T5830]  kthread+0x2f0/0x390
[  430.800923][ T5830]  ret_from_fork+0x4b/0x80
[  430.805332][ T5830]  ret_from_fork_asm+0x1a/0x30
[  430.810101][ T5830] 
[  430.812417][ T5830] Freed by task 5131:
[  430.816384][ T5830]  kasan_save_track+0x3f/0x80
[  430.821060][ T5830]  kasan_save_free_info+0x40/0x50
[  430.826076][ T5830]  __kasan_slab_free+0x59/0x70
[  430.830834][ T5830]  kfree+0x196/0x430
[  430.834729][ T5830]  device_release+0x99/0x1c0
[  430.839335][ T5830]  kobject_put+0x22f/0x480
[  430.843747][ T5830]  hci_conn_del+0x8c4/0xc40
[  430.848243][ T5830]  hci_conn_failed+0x319/0x400
[  430.853001][ T5830]  hci_abort_conn_sync+0x56c/0x11f0
[  430.858192][ T5830]  hci_cmd_sync_work+0x22b/0x400
[  430.863121][ T5830]  process_scheduled_works+0xa66/0x1840
[  430.868663][ T5830]  worker_thread+0x870/0xd30
[  430.873245][ T5830]  kthread+0x2f0/0x390
[  430.877306][ T5830]  ret_from_fork+0x4b/0x80
[  430.881715][ T5830]  ret_from_fork_asm+0x1a/0x30
[  430.886476][ T5830] 
[  430.888793][ T5830] The buggy address belongs to the object at ffff888034608000
[  430.888793][ T5830]  which belongs to the cache kmalloc-8k of size 8192
[  430.902842][ T5830] The buggy address is located 61 bytes inside of
[  430.902842][ T5830]  freed 8192-byte region [ffff888034608000, ffff88803460a000)
[  430.916636][ T5830] 
[  430.918953][ T5830] The buggy address belongs to the physical page:
[  430.925365][ T5830] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34608
[  430.934123][ T5830] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  430.942636][ T5830] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  430.950173][ T5830] page_type: f5(slab)
[  430.954143][ T5830] raw: 00fff00000000040 ffff88801ac42280 ffffea00017f0c00 dead000000000004
[  430.962718][ T5830] raw: 0000000000000000 0000000000020002 00000001f5000000 0000000000000000
[  430.971321][ T5830] head: 00fff00000000040 ffff88801ac42280 ffffea00017f0c00 dead000000000004
[  430.983910][ T5830] head: 0000000000000000 0000000000020002 00000001f5000000 0000000000000000
[  430.992584][ T5830] head: 00fff00000000003 ffffea0000d18201 ffffffffffffffff 0000000000000000
[  431.001253][ T5830] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  431.009921][ T5830] page dumped because: kasan: bad access detected
[  431.016343][ T5830] page_owner tracks the page as allocated
[  431.022139][ T5830] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5131, tgid 5131 (kworker/u9:1), ts 330928102492, free_ts 330917835185
[  431.044313][ T5830]  post_alloc_hook+0x1f3/0x230
[  431.049084][ T5830]  get_page_from_freelist+0x3651/0x37a0
[  431.054627][ T5830]  __alloc_pages_noprof+0x292/0x710
[  431.059826][ T5830]  alloc_pages_mpol_noprof+0x3e8/0x680
[  431.065289][ T5830]  alloc_slab_page+0x6a/0x110
[  431.069960][ T5830]  allocate_slab+0x5a/0x2b0
[  431.074456][ T5830]  ___slab_alloc+0xc27/0x14a0
[  431.079218][ T5830]  __slab_alloc+0x58/0xa0
[  431.083541][ T5830]  __kmalloc_cache_noprof+0x27b/0x390
[  431.088907][ T5830]  __hci_conn_add+0x2f9/0x1890
[  431.093668][ T5830]  le_conn_complete_evt+0x2f6/0x12e0
[  431.098946][ T5830]  hci_le_conn_complete_evt+0x18c/0x420
[  431.104486][ T5830]  hci_event_packet+0xa55/0x1540
[  431.109425][ T5830]  hci_rx_work+0x3f3/0xdb0
[  431.113839][ T5830]  process_scheduled_works+0xa66/0x1840
[  431.119392][ T5830]  worker_thread+0x870/0xd30
[  431.123978][ T5830] page last free pid 5131 tgid 5131 stack trace:
[  431.130292][ T5830]  free_unref_page+0xd2c/0x1000
[  431.135150][ T5830]  __put_partials+0x160/0x1c0
[  431.139822][ T5830]  put_cpu_partial+0x17c/0x250
[  431.144595][ T5830]  __slab_free+0x290/0x380
[  431.149032][ T5830]  qlist_free_all+0x9a/0x140
[  431.153792][ T5830]  kasan_quarantine_reduce+0x14f/0x170
[  431.159268][ T5830]  __kasan_slab_alloc+0x23/0x80
[  431.164121][ T5830]  kmem_cache_alloc_noprof+0x1d9/0x380
[  431.169574][ T5830]  skb_clone+0x20c/0x390
[  431.173816][ T5830]  hci_cmd_work+0xe7/0x6c0
[  431.178234][ T5830]  process_scheduled_works+0xa66/0x1840
[  431.183793][ T5830]  worker_thread+0x870/0xd30
[  431.188483][ T5830]  kthread+0x2f0/0x390
[  431.192642][ T5830]  ret_from_fork+0x4b/0x80
[  431.197058][ T5830]  ret_from_fork_asm+0x1a/0x30
[  431.201921][ T5830] 
[  431.204254][ T5830] Memory state around the buggy address:
[  431.209876][ T5830]  ffff888034607f00: 04 fc fc fc 04 fc fc fc 04 fc fc fc 04 fc fc fc
[  431.218023][ T5830]  ffff888034607f80: 04 fc fc fc 04 fc fc fc 04 fc fc fc 04 fc fc fc
[  431.226103][ T5830] >ffff888034608000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  431.234154][ T5830]                                         ^
[  431.240135][ T5830]  ffff888034608080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  431.248194][ T5830]  ffff888034608100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  431.256245][ T5830] ==================================================================
[  431.475236][ T5830] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  431.482480][ T5830] CPU: 1 UID: 0 PID: 5830 Comm: kworker/u9:7 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[  431.493496][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  431.503663][ T5830] Workqueue: hci5 hci_tx_work
[  431.508371][ T5830] Call Trace:
[  431.511663][ T5830]  <TASK>
[  431.514607][ T5830]  dump_stack_lvl+0x241/0x360
[  431.519301][ T5830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  431.524532][ T5830]  ? __pfx__printk+0x10/0x10
[  431.529145][ T5830]  ? vscnprintf+0x5d/0x90
[  431.533490][ T5830]  panic+0x349/0x880
[  431.537398][ T5830]  ? check_panic_on_warn+0x21/0xb0
[  431.542520][ T5830]  ? __pfx_panic+0x10/0x10
[  431.547047][ T5830]  ? check_panic_on_warn+0x21/0xb0
[  431.552201][ T5830]  ? check_panic_on_warn+0x72/0xb0
[  431.557327][ T5830]  check_panic_on_warn+0x86/0xb0
[  431.562299][ T5830]  ? hci_disconnect+0x208/0x2d0
[  431.567177][ T5830]  end_report+0x77/0x160
[  431.571439][ T5830]  kasan_report+0x154/0x180
[  431.575958][ T5830]  ? hci_disconnect+0x208/0x2d0
[  431.580824][ T5830]  hci_disconnect+0x208/0x2d0
[  431.585608][ T5830]  ? __pfx_hci_disconnect+0x10/0x10
[  431.590919][ T5830]  ? hci_sched_esco+0x336/0x440
[  431.595872][ T5830]  ? __rcu_read_unlock+0xa1/0x110
[  431.601376][ T5830]  ? __check_timeout+0x181/0x550
[  431.606429][ T5830]  __check_timeout+0x3a5/0x550
[  431.611210][ T5830]  ? __check_timeout+0x181/0x550
[  431.616163][ T5830]  hci_tx_work+0xb68/0x1590
[  431.620778][ T5830]  ? __pfx_lock_acquire+0x10/0x10
[  431.625812][ T5830]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  431.631804][ T5830]  ? __pfx_hci_tx_work+0x10/0x10
[  431.636759][ T5830]  ? process_scheduled_works+0x976/0x1840
[  431.642494][ T5830]  process_scheduled_works+0xa66/0x1840
[  431.648067][ T5830]  ? __pfx_process_scheduled_works+0x10/0x10
[  431.654067][ T5830]  ? assign_work+0x364/0x3d0
[  431.658674][ T5830]  worker_thread+0x870/0xd30
[  431.663276][ T5830]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  431.669250][ T5830]  ? __kthread_parkme+0x169/0x1d0
[  431.674288][ T5830]  ? __pfx_worker_thread+0x10/0x10
[  431.679419][ T5830]  kthread+0x2f0/0x390
[  431.683503][ T5830]  ? __pfx_worker_thread+0x10/0x10
[  431.688644][ T5830]  ? __pfx_kthread+0x10/0x10
[  431.693266][ T5830]  ret_from_fork+0x4b/0x80
[  431.697701][ T5830]  ? __pfx_kthread+0x10/0x10
[  431.702318][ T5830]  ret_from_fork_asm+0x1a/0x30
[  431.707112][ T5830]  </TASK>
[  431.710438][ T5830] Kernel Offset: disabled
[  431.714760][ T5830] Rebooting in 86400 seconds..