last executing test programs:

2m34.939854475s ago: executing program 0 (id=1727):
mmap$binder(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/fib_trie\x00')
read$FUSE(r2, &(0x7f0000002640)={0x2020}, 0x958)
r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r3, 0x90009427, &(0x7f0000000180))
getsockopt$inet_tcp_int(r3, 0x6, 0x88015d5b3d1a6e25, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x8001000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x2e0, 0xb, 0x5, 0x148, 0x128, 0x0, 0x248, 0x2a8, 0x2a8, 0x248, 0x2a8, 0x3, 0x0, {[{{@ip={@remote, @loopback, 0x0, 0x0, 'wg0\x00', 'nr0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@physdev={{0x68}, {'veth1_to_batadv\x00', {}, 'wlan1\x00', {}, 0x4, 0x6}}]}, @common=@inet=@SYNPROXY={0x28}}, {{@ip={@local, @multicast2, 0x0, 0x0, 'xfrm0\x00', 'team0\x00'}, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@socket0={{0x20}}, @common=@ah={{0x30}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @random="6f79fb339557"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x340)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
write$binfmt_script(r5, 0x0, 0xb)
splice(r7, 0x0, r8, 0x0, 0xf3a, 0x0)
write$binfmt_misc(r8, &(0x7f0000000980), 0xfdef)

2m31.907989835s ago: executing program 0 (id=1750):
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f00000000c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000020c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4b8, 0x0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x3e8, 0x3d8, 0x3d8, 0x3e8, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x200000, 0x0, 0x1, 0x0, 'syz1\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x80, 0x0}, 'virt_wifi0\x00', {0x6dbf}}}}, {{@uncond, 0x0, 0xd8, 0x108, 0x0, {0x0, 0x7000000}, [@common=@ah={{0x30}, {[0x4d5, 0x4d4], 0x4, 0x2, 0x1}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x0, 0x4, 0x1}, {0xffffffffffffffff, 0x3, 0x6}, 0x5}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x518)

2m30.927621513s ago: executing program 0 (id=1760):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = io_uring_setup(0x25f3, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x0, 0x257})
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001640), 0x0, 0x0, 0x0, 0xffffffc3}, 0x0)
io_uring_enter(r0, 0x2000000, 0x50ba, 0xf, &(0x7f0000000000), 0x8)
r1 = socket$unix(0x1, 0x3, 0x0)
socket$kcm(0x10, 0x2, 0x0)
epoll_create1(0x0)
epoll_create1(0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400))
epoll_create1(0x80000)
ioctl$DRM_IOCTL_MODE_GETGAMMA(0xffffffffffffffff, 0xc02064a4, &(0x7f00000005c0)={0x0, 0x3, &(0x7f00000004c0)=[0x5, 0x6, 0x81], &(0x7f0000000500)=[0x4dee], &(0x7f0000000540)=[0x4]})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
socket$kcm(0x10, 0x0, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
pipe2(&(0x7f00000000c0), 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r5, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000600)=ANY=[@ANYBLOB="500000000102030000000000ff0000000a0000043c000280050001"], 0x50}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x48, 0x8, 0x28, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r6, @ANYRESHEX=r0], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_SET_CONFIG(r9, &(0x7f0000000440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0x34, 0x0, 0x20, 0x70bd2c, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x200}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x828fc208d10fbbe7}, 0xd0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r6}, &(0x7f0000000240), &(0x7f00000003c0)=r8}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r7, r3, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x2a, &(0x7f00000002c0)={@random="591a1d9a2bdb", @local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @empty}}}}}, 0x0)
connect$unix(r1, &(0x7f0000000040)=@abs={0x1, 0x0, 0x4e20}, 0x6e)

2m28.782535133s ago: executing program 0 (id=1777):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(r8, 0x4068aea3, &(0x7f00000000c0)={0xe1})
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r3}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
prlimit64(0x0, 0x7, &(0x7f0000000ec0), 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x1, 0x1000000000000, &(0x7f0000000780)="cb"})
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r9, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)

2m27.751306217s ago: executing program 0 (id=1781):
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x3f0, 0xf0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x320, 0xffffffff, 0xffffffff, 0x320, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xd0, 0xf0, 0x60030000, {0x0, 0xff000000}, [@common=@hl={{0x28}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x1c8, 0x230, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x42, 0x0, 'syz0\x00'}}, @common=@inet=@set2={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xc8}, {0x28}}}}, 0x450)
r1 = openat$smackfs_ipv6host(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000200)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cabf00", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra}}}}}, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
setsockopt$MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f0000000480)={{0xa, 0x4e23, 0x2ba, @mcast2, 0x7f}, {0xa, 0x4e21, 0xe4cf3d9, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x6}, 0x1, {[0x7, 0xfa6, 0xffff, 0xcfd, 0x7, 0x9, 0x2, 0x9]}}, 0x5c)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x1607010, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x87}, './file0\x00'})
write$smackfs_ipv6host(r1, &(0x7f0000000380)=@l2={{0xba, 0x3a, 0x5, 0x3a, 0x18, 0x3a, 0x4, 0x3a, 0x4, 0x3a, 0xa5, 0x3a, 0x329a, 0x3a, 0x3800000000000}, 0x2f, 0x8000000000007f, 0x20, '+\\'}, 0xb0)

2m26.591777176s ago: executing program 0 (id=1782):
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0xbb, 0x66, 0x0, 0x0, 0x1}, [@call={0x16}]}, &(0x7f0000000140)='GPL\x00', 0x8, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
unshare(0x22020600)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r1, 0x802c550a, &(0x7f0000000000)=ANY=[])
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x15, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="00000000007200000000000000f09b30077e87581b7834830ebf9802edb4d502eaa7c59bbbaa3950d48b2df84ad0cd201f7b92d0dfc793b49f30c241ea0b4b978f1084d84d0756cbce8fcd73573a298409a9c92aa83d7601c49f4833b7175a869ecf8613aeaff03bca146f4268a564a7b3ba8fdb8f5d2b9ae5bebead239c4ea31dfeeb538c4643ef2efaedf7f39ac0c19ccbf8213ec5100256c5a8f1c6e671ad7ad5f9490195ca5a64459b8746505a30f3920a6225afeeaed6490bceb694f91c5d9ef969b07625e83016c923552f5ff46f8a7ed556c375ade1bfe15851c88ebd6f"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[], &(0x7f0000001f40)=""/4089, 0x3a, 0xff9, 0xa, 0x0, 0x0, @void, @value}, 0x28)
setsockopt$sock_attach_bpf(r0, 0x1, 0x34, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x28, r3, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x4}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_RX={0x5, 0xb, 0x1}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5}]}, 0x28}}, 0x20040084)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
getsockopt$inet_mptcp_buf(0xffffffffffffffff, 0x11c, 0x0, 0x0, &(0x7f0000000000))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
close(r4)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = socket$netlink(0x10, 0x3, 0x2)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r6)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000100)=@ethtool_link_settings={0x2, 0xc48c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)

2m11.497083955s ago: executing program 32 (id=1782):
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0xbb, 0x66, 0x0, 0x0, 0x1}, [@call={0x16}]}, &(0x7f0000000140)='GPL\x00', 0x8, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
unshare(0x22020600)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r1, 0x802c550a, &(0x7f0000000000)=ANY=[])
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x15, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="00000000007200000000000000f09b30077e87581b7834830ebf9802edb4d502eaa7c59bbbaa3950d48b2df84ad0cd201f7b92d0dfc793b49f30c241ea0b4b978f1084d84d0756cbce8fcd73573a298409a9c92aa83d7601c49f4833b7175a869ecf8613aeaff03bca146f4268a564a7b3ba8fdb8f5d2b9ae5bebead239c4ea31dfeeb538c4643ef2efaedf7f39ac0c19ccbf8213ec5100256c5a8f1c6e671ad7ad5f9490195ca5a64459b8746505a30f3920a6225afeeaed6490bceb694f91c5d9ef969b07625e83016c923552f5ff46f8a7ed556c375ade1bfe15851c88ebd6f"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[], &(0x7f0000001f40)=""/4089, 0x3a, 0xff9, 0xa, 0x0, 0x0, @void, @value}, 0x28)
setsockopt$sock_attach_bpf(r0, 0x1, 0x34, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x28, r3, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x4}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_RX={0x5, 0xb, 0x1}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5}]}, 0x28}}, 0x20040084)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
getsockopt$inet_mptcp_buf(0xffffffffffffffff, 0x11c, 0x0, 0x0, &(0x7f0000000000))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
close(r4)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = socket$netlink(0x10, 0x3, 0x2)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r6)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000100)=@ethtool_link_settings={0x2, 0xc48c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)

45.017054951s ago: executing program 4 (id=2189):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) (async)
r2 = socket$kcm(0x10, 0x2, 0x4)
close(r2)
socket$kcm(0x10, 0x2, 0x0) (async, rerun: 64)
sendmsg$inet(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514000cc00800030081000200060004000364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) (async, rerun: 64)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000740)={0x40, 0x2a, 0x9, 0x0, 0x0, {0x4, 0x0, 0x2c00}, [@typed={0x2a, 0x11, 0x0, 0x0, @binary="863c0c29d932bc949b553791c5e48ba1f4bed0cbdd123b7f262fe96987bc058b9d9809335c84"}]}, 0x40}, 0x1, 0x3000000}, 0x40)

44.630626049s ago: executing program 4 (id=2194):
socket$inet6(0xa, 0x1, 0x84)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r1 = socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
sendmsg$key(r1, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@dev}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @local}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}]}, 0xa0}, 0x1, 0x0, 0x0, 0x3000}, 0x0)

43.602880905s ago: executing program 4 (id=2200):
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x4000, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0}, 0x18)
utime(&(0x7f0000000200)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, &(0x7f0000000100))
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000200)={0xff07, 0x0, 0x0, 0x1ff, 0x0, "5f330000a90100f9"})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x7, &(0x7f0000000040)={&(0x7f0000007040)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x17}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0xfff5}}, 0x94}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a32000000001400048008000240326565a708000140000000000900010073797a300000000048000000060a010400000000000000000100000008000b40000000000900010073797a3000000000200004801c0001800b00010072656a65637400000c000280080001400000000114000000110001"], 0xd0}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
syz_clone(0x20001000, 0x0, 0x0, 0x0, 0x0, 0x0)

42.682270281s ago: executing program 4 (id=2202):
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000000c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000800)=@raw={'raw\x00', 0x8, 0x3, 0x3b0, 0x1d0, 0x43, 0xa0, 0x1d0, 0x98, 0x318, 0x178, 0x178, 0x318, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1b0, 0x1d0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@helper={{0x48}, {0x0, 'ftp-20000\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@unspec=@connbytes={{0x38}}, @common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@multicast1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x410)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x5, 0x20, 0x200, 0x9d, 0x6, 0x3, 0x101, 0x80000, 0x200}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r6, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r7=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r6, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, <r8=>0x0], &(0x7f0000000200), 0x3, r7})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)={0x20, r10, 0x1, 0x0, 0x25dfdbfd, {0x1c}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}}, 0x0)
r11 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
lseek(r11, 0xe, 0x1)
ioctl$PIO_FONT(r11, 0x4b61, &(0x7f00000001c0)="27567ed72fcd5eb8bdc735c51f7a9d99")
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r5, 0xc01864ba, &(0x7f0000000300)={0x11, r8})

40.658130312s ago: executing program 4 (id=2210):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000001c0)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004d00)=@newchain={0x24, 0x64, 0x800, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xffff, 0xffe0}, {0xe, 0xb}, {0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x40)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x3ff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
write(r4, 0x0, 0x0)
setsockopt$sock_int(r3, 0x1, 0x7, 0x0, 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r6 = fanotify_init(0x0, 0x0)
fanotify_mark(r6, 0x105, 0x40001032, r5, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000200)={[{0x8, 0x3c, 0xf, 0x9, 0x4, 0x0, 0x8, 0x4, 0xf0, 0x9, 0x2, 0x7, 0x2}, {0x9, 0x7ff, 0x9, 0x68, 0x9, 0x6, 0x8, 0x1, 0x1, 0xe7, 0x81, 0x8, 0x2}, {0x2, 0x8, 0x6, 0xfc, 0xfd, 0x7, 0xa3, 0x80, 0x96, 0x1, 0x2, 0x4, 0x8}], 0x4})
openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x16f041, 0x0)
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000000)='./file0\x00')
openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0/..\x00', &(0x7f00000000c0)={0x0, 0x0, 0x8}, 0x18)

37.554298281s ago: executing program 4 (id=2217):
r0 = syz_open_dev$vbi(&(0x7f00000009c0), 0x1, 0x2)
ioctl$VIDIOC_S_PARM(r0, 0xc0cc5616, &(0x7f0000000300)={0xc, @raw_data="fe52b65bea7af1ffa15f329084304bcbf66f5db018ba53f14cc11df183baa34c72210a6ca9ab48ebee5acf09866349e1c6e289b62aa77dc96d7d30c35bf60238b7bbd4cc98a655cd4db4e361f6358de12bdf746d568ce2115445dc24e1c0ac2fd78a9667bc8b948c164651ba6a6cef37f3d8b01fac4c2e03038dd21952cadddfad5b75490c27a5383efe5e5ebc9d8b64ee7d556ac1a426f38e5814e4da6c11c8324f2088cac553c7604615f2be70c149690f997c19724547df371285e86a35688c3732bad02a6f65"})
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000021c0)="34e3093512512da9fcedb73354b13b3b9f830331b3f1ad626594ca018910f0547b2ca95eff39c9df33a206e9eeb5e910790d8ec6133650339466dddae81971745fbb48a483c306b6bd8f3c19b6dbef04dee2021d94868b01321efa03e858962589d4706e206773fa2e08421f1ee3d0a47b06d5553e137637879cf51d75d3c95c852e0e639d6a61157b53479be7b9b83606ef8ff88d327cb601c870cbb94dc09b2fad3f98c36fa1c73b11eec292e7de0ce35175be17cd338011481a97b7d4636078ebed8ce8f9d0a0e64026cce0cac7a86b42f44e811e0a15fac742cc1eb6a3346dd268a81dd62c0fd1cccaee38a33da363a742913a9f79009bae623852e219a3fcc69b12b1069a6058b789d28088847f29a38148d1dec88f58776aad91ba516378b5f2d584da032ebc6b0dd3c4d016bb4a3548d31508d1fad9a7f1fd94eb60e8454d7ba6a26ea67e2ae1c2b19341705ec7c6c6e9bc1968ab942e14183c4a342d1d94ec565b86490b0300d12ba0ceb1dec2d2f277669cafd6274013956a91d1a82c431ac2b2d109d6cb4308cace615e8c43a546f411342df966e270fe68c44a47692fc10b678c61e4d496b585e161ee481918a18d7691c2c99ed29f7829ffa2d9a5cd438fdae9918abfc235eca4b61a6c17b13787e698f9adc21cd34b1452280172686ba7fe7df29b99208a23ffd25e17e19583d5b351aa1ccd5e8e4e2dc206db59c03db668f7bb901c185f6f63d8d8ed04119f534384e28d28d84fdff70fe2da5a9e20620a2dd63494b93cdd571e9a71f0af3c916e3e96c33356e552d8d0996bd2c94239a3adb1391b1eb448e1d747ea2dbf2fa0597a85f80d0a6efae9e445a441d1fcd93aeac365984c6168ca7786d4b120c69f4808e8ae9fce025b3b91222c0a6c30f2b0307ce3782d2a024b54a24ab6ba0a2ef903059d3da91ef1e440d6be488c4acab817ebeb88a3fc26d958c829296c4d5591f38d9403ce999dde7886771c8a86c2f5ea8cf1d1e0f2bd5bf9a41edf7b2282a250201927b5dfabc06e12a09b2615d4f147ad75000ab8bb04cd892ef00260f8da7b34f46409eb4370c06e8ec5202d46455419e52ebb2021350bceea2dce7e54849b78ccd836af1644c73951d9f19e874c1425c9cd4ea530a9bfb74d1c4feda1811542d0fcd7865b94fa520844585759689b4e688ffe451ef61574fc12155a7cd91dae4ce77e56072afb7a44b1c8d2e1a6f3daddb096dcee836d636e47c31acdb703791cdc03faf3221bdafe89a4f64b794b37a51aada1c62b524d6d61524046fa822b568a6a2bbeeeab3ce7983261ac9d9f81307fff5ab232549f9e840f7607e420c380199cbc38710e86e6be16c3a8dbdbfe9195d4f93a6b8f5649490f01ec5fa4c0b332e5765c4f2ca2d061fa3dd554ac27ec5d2f80ae0c1ffb5646e11b26091f4014587108207f4f14f25eb20dc7853b60088a198ecda55f0887a667aea4d8081eb7b8cd344921d7e473b8715e583e1625388e0e2354cc5f3350031079842046c2e7e6a19ab982d1c02ab588f6ec1f73b0dbf186fa852ef312349dc72e0bab12b71cc61d4c72e1fdf1cdbc4fcbc27494adca6547edbadf03e87f56501b1565898003b60075d4fe6548bd0d682624fa8e370dd619e05112bc8ccbadc536648a100e6afb00ff7a97c4bd2036a38ce3f3acbb46743fb30d96359669a7c7d2ba2623988e3aedf9449677f9e06f80e8b0f1a7865ccc7b0586b0f7e2370785b50bb0c4899d5f973035cc8ebc61b57a02b21ddb8739e15de7c1b0f177598b6b2836d8594964957b2064efe2dd43e290acd33ef40ac9b85497e17948793e5eab079fbb13cf63d624b66c462cd624112c29a38e64faef98aa8b9043c5f5c4eedaf300a95f2f4ced6ebae3c3deffce7718e46bcccdbcc2f29e5c9e870c00b12c1681d067536714e4dcca6a469c81d754cb0e7360c4f8e6d8e73f827dafe71e9b3aa4505eec608601155d31811854c170f4d8682a8b524d515b311f93b5b3650cfa09a73a3d5f33e45c74754c65c5d123051f9effd8799e68411ef6900bc1cf3591206500a1f8a3c4cb46dd081079483279a878ae0101492517dc7cb1f9e640a4894ea0b46ac4625fc66f27a18bf56cdcfdd12f57e769a44a015d5c871afc1eb4f5c0fd34483112a30c1cd56dedd90f8bed17c6d55a89c963f02e52b98e816252589790f402752465748d08f0002e38552153e37bb9a46438d05f22fc9d752034131988474e172cd50e07dbbde69657be2caf47acd04b8c7c6e1cc602bf3445b0923fed8a0de21434fabfdbee9cfe5e633ade060cc85bf22e73aa6fc94e24273e026fe67c7e7cb0b40c31605962239f8ffa93e2668424ef9524692a90b56958d1ea79f9afec7339efec15b4f154e069ed03e6291bea1950badee2a2685e9962985111cbb0b7f440bcb4b4fff381d87d1f015495faae6b5eeab18625e0f08fcf984d8e0e022e05b7499aebdae2fab7f4a8cbae482fec789a7c401881e42e56a33112625b3f665265a44a7bf521443a33c140d9b4a9ef8ea6515719b20b035680d75da83ee96ee8c4b65d34c4cab26ff0e33b0988387a5e42a06afa3d00d23836be0a2d04a8045703fb68062bb1b8fe2b9b36c53664cf88f989bcd0b8cc343f22c2e76288a1f635e1089cd30ca9e00217d65d667ee295d69a69cbdc392468db5d096bda9919db2b3216e4e0f19ca073365468a6fd4a766e145b3f9c75254f26127a83fa3c4295d1125d4f082d099084e170b65545c66baf65d74b8b9cc0f1060d7f6ed44e7c83fffe2d8449283fe936ed2da6c57190a89ecc27fb3632afdaa074b7c351b2815b346d7348e3073e35b200c471b6b99a557c57127ab97f909560c4efb272e8868e1f5df7f0b564e6a9ff7aa951b06134b904baa7c3400c00e21470c5e2a5da55a2935372973421c2854b88f980d65640ebb70edb93dae6beb0f3147a32dbbef3fcddbd0910929cc9f63e14338f3a84ec11a9a10459c58d46aed6b2215c34fa7f95e22c05a5923da5a544cb0fdaad37e22bbf99d136ef8c9a2a4255706ded5a8057ba3c0ff7d4cc3952a0307f5d4f5552bd4063037607dd8e12c1a8496df0ee4c62a24322631a595bbba7e53e29cba70d8e224d8079150aec3ed53574b0a3df52a880e35f96277939be506a475d75e016d8752d71d8f41377641175f09c8d41ef0c5952d8585b9094d379306e4ba6b837a64ac992dc7274bda88d84eb3d6a65a60d8e6b43272fabd470ff4dc7d5db8ed39fdfd93bd9931ec37f0b97ccba1c601928f9c06f5bc3338ed95f33721977a088c1007d04f8bd15125254e4d6888fd98546a201a9c76dbce076a59bdf287a0aaa6c9759fd219177ca1f9a702696eb7aeb3e774dec804ee6d280e198f2fb10ddea0e3c33831f589d40fc261c29b81997a6cbf076f606fbb93e0a1b269079f525d4de995ba70935d49f71895e3bad61f75aa9c13ccc09a2b9958c3e5cdf0fa455bdd45b2cfff21be78e9bde6acca0b26c9e426f2aea5485bfeaef55ac92da2e85752943eaaf3ccf4be2141c59d521f68fbc420b8c1252c990b3ea9a65dd979ad8b75d20b59275cd81e0bbe6f3b36987e84d08b9a7189a0a7b044289fe3a408331d1557265b7cec4ef9cda7d7ebc9b245811d29d0c5e8502d308fa6d393e912cac09b8f420bca68d730d2e4d17f7c4ccf9fbbd2f73c6e800fb4ac45319568c41292e029db47c6247fe52403a944e52100199cac98e4ab3867821c99a44c1d7f81f33eff81e112c8d4fc8e6f1a67b98d6667f7d61aecab7411b228b851f9c000f5a825ed9cc09d0ecb96a311e95586b37e922b29ca26b3aa6fecbde86bdee75324d09034bc6969197e8676c3f60b8130924eba00161d2922fc18dd367ed457ad894985edb4160d9e020ea2d44c5197f34afdd2f6552e18308099e82459cb72577484cfca50e031a2f57a27592e4d3ce85e63a5aa04318adcf293d87a0241d7e1195776f553a202ea4f7bada77feaede20d5da5239d2fcde48feaeec44c5db327b3b3087000ee552987937196f5ed5cbd31bb8630acd7918362246875fbc629d7c03a04587c150385cbda4d8493e57c1f2e737bc6de0dcab0e1b6e528e016a29e0e3a078a30567ded24af82d6066fede3811472cb0687ad4601b28281a63c0f3395f2780fa66a688cd536d77705ba82cd994a025608293778dcc300fcdfdbed376e255b90b9ac4fdb1701e654ead53d9ef1d8b80513747e57769684905325bc9f0f33227d384802a3070bdb3ef90a65f127f5f88d4d2475b931f2a0554d53f0fa5098e768b0d5c1658a87a27e18049181cd1f20e397118a5d3c5e4e1d171f3782343bb9687a03634945ec51bf16cc5d0ebafd8e69a3f8ea6ee8fe70f8609d8dd6395ff1e3ce80fcc2a2a13ca461ae7d2c1377d3b141361aee34c63d17f4df570a48b79d9189c43469917dd2c7b1326ea86ca0b59eca05b5bb460ff2dd6837fdaf3c33da92225aea19aaaf5ecd04b9d8e81f2b63d85028a69b1da4465669ff82a8a41c93c4c6c0e07476e4a763f11288ced341c56f3c04ea7831818c191c6e8ea5507963edadce5da75e00d6aa31c4fced40fac1e47564e4a76d239b8a910844bf8220c849e6264d43440505aef80cb322f707093d69e3cc24552fc43d38c90b5b995dd3854dea33415fe51489bac4177f8c7bb2a19f7470214248601e4cff67b6625d53dd4cf03b08d3b3123418984fd9c0fe3bdf8593365f622312c0937e79e64830db428fb196ec7d8bd2cd59f890d8c40c564701e6c17d5c8ac5867fd3f5e1b0e34224a172d900686c1f6b5521b7a56dee51a1c304a1370d79f7d519991377ffd3a61930dcf00526e3a772b85619fb0cd16767c1e03f69f49973ab1ac7d18c9b279b74c6a5423e2e8f3b4c43c6bcb4643a4d40ac58445298ef6a932a2aea4908d79a31843f9ab6427f06100e888dad28cc4041eb688f3f5e4329c6c0d452fb274885023ae3420946eff9a1fa8eebd5c404ebcec1936c5f05c686abeaf74049157f06bfa7d260915b3ca6c9e7cb869495aba3dbbe7563000460e1e46597fb7594e81c7c5def4f8723389d4ae37a9e598f2a526751cb47a1af68437569d5275f0cf36b641788463d6b4d620bdaf96f91dc40be2867056ad8ef1de110114ae2f161ab75172cd34c5c050f08ed9b1165c300d1c6d9463bc0155ea679367a9cb3fbd12756dba5265de7135f291ea17697de658e4d4a022b3bd8f3a7ec0800463c535afeb525f8beb2e21b314dd54997f3f5046ed8dcaad19377046ba7301b9ac0f56bf1cbd714e0c1e5c07ba71bc588c356e9ce76644739fae0b6455c7e580c27b9e0f36e629cd58239debd103e7099cc72269b10e52ae18e5fad9d3653917d379ff267d9b29fa207e333ad2a77be63c6139adaee42c4824aa212e755b3386660d71e099941aa0c2cc110eb0b13a952854c7056dc81d13286acaacec33e43383a208a5764488daf0e8ba6a5074b821cf82e661620c547e3acab5d2f7aaad4d64508ffbfd5fc029a46cabdf3a79bd428ca7f7d245d148b9d049e94651d55ecf2c7c81054bf13d9713493c870ea81deca6674ea1cf6dc7edb85b01a262fbc8d1b6cd00f40c0dcfba907b964c6653600a11f006fb145c70cba3c0f7cd0b7bdb94f79a4d846938a5f73d1fbe313c70c61d3403ee3cd939eebb617cf5fb850c0b4e900c33a9fd7b731373f11d46db814d461f7248b486b3052dc4f86c352583b06521667a9b20fe78a7d2fbceee8d97a1a5e219bca3fb8761ae404a0c29e405492a8bcdefb251c62726f388d1128f7643bb61389a35e5b74ba293b8b044aa1cbf80c5dac8505591775233bdd8ca460bdcd3f0dfe25762635dbf9fe04522d50e242c2660d9d6cd5d8a7b87507e803e952665b7aeaa4939b847165aa5b2b9fe80d33dfae5f678990aaf3db1427d731a000d07b5c56f272bc10df1122d3fc1be65456f629736855711e64b518e0fd7c31fab5ecbd3920cd6927e26671e6c755d67680f3a280bbd4c8629a5906310e75ce52cf2f027a86af2fe9b61f9920a25c4a419915cf21563a9948c539ad2b2e88d6f2474cc7764187d9e9d27d0022c9b075c86b00b55213406e53ef05be5ab80137a1c2fa472ac6729eaab92df424189618e514eb438d9d9616cd56dcd9c51c69ba15ed660fa69d7189639c6d4ffed27da74f60636ff48d11b0f85a3c531a3824891265c48e7447a5ea83f8f372e97ac2f7f22af4cef065ff28c5e7e3dd31b18ca51f5608e5f0e87bafaa5ae25a97ef3dc721c8c73288f43de53590ae26cb4636b3816fb91c1eb6340b71ed8a87cee69a6ff3390aabd6be66cb49bfedacd989035768614f248f89992ac8f211606610681706c0fae5acf8f6c97bc229312fea6ef1baaf5b731fa508f943ff9ef7aa962bcbab5596e722cf35c2f96aeab361a19cde190bff9ab93e5d1708244af9b7414e35541da42cd6b70254c582ea2674f92ef676797a01150369077b1e2b152b3b6fbef0e14caf2f7169fcfe2e9b29d737df927ab8651a275b3134f2837eac298d6d3a6f0eee293a366528ca9acb8f145c8a927bb15787fb3ce84213c4a9b3267c805f8f747c2c2836479d74f118a061c2444d12504c9089302e7533a9ec949fd001d147b802d7d125f4de2209937f7bc0e691f2d7dc50e5e74fb29f6edc293b05e802bb9dbd65a1141f4b80951968146357483d223708c15ce49ca733adf20f06d9f59a3ad74cb1ec6f61c27177194879f9ca7d524be59a40947b4ae16c846ccfc27c258a4dbada9945b3ed2f13c6cedc462c9c26b1fde9958b46a21a8dcebf7d87e1351f2573031ebf6b7bcd3d3be7338338eb30daed4d94203a373c04d0fdcacfa5877a1c0abcf9dbcba1d4245c23a109c28e1fe3b725de9143b31dc7cbcc2382113b8087866061e479fa3c2099cab2546f71bbc6546ab2005efb379afe48d4d252fd8c66b9ab3bab4c311983047b27a4222289bba6f2aad4f24692e54cc8f7db3961fd93da2e2f46ebdc1083b1b1098a17cebdb7a97542bf687a9f499241f96836025637c0ddf798381cdbc1f6516f9f0a68702c31ad56fe93448417f2d2d76b596321e1376ec075aa849b10efa38bbbf94ba310c8352d9c09cca4dc0f0886311b934494d4d9d825da1be91837ca938343dbdea65c610ea4b79167a6d2bd594c4955a6c298ac4060c5068fc76747b2d4f0528433a4fc9c39785d8d2da34c5f4a8a09e62677d6346d9bfc606d24bb5cbc8a44d2ed2bbfc5e31fcb40cbcef24f7cb518150706865b919abe9dc1296d6901ab2d3b1b40b4cd78fcae4525e7eb08e7b87d15d89d0b7d06d5d1e56e0ff777cb48cc779d8bbd0443265a5c3ebe3feae695136f28eb185ca7c320d1bcbc74989a55f1c707cb356f54497f4abcbd4f1e33f916acd6f1efea7b79f3462e6dfedc8bd3e769ee230db639bc0cb69ee862e1cf1e7ee49c4467f4e463846d3479b527248da9bfb27a679d35b954712fa0bfa56cf3a15e8af1ee2a0bce03602447cfff1833f36f957abc299ac538e802534da2963ee199445770805a255caadfbb4604a1796b9caf93e580ed0808b481c66e21a87f2b29c0f5916c0e0bf9d4a6761d4629c7ec45cbb0c86abfa87d68e4c9f47dd8d204828db7b4f579d04edf179aab387c08dbda02e0ac11a243b53c6c8096e54a36ca42ae2e5f6428e4c9db710d1b6e31d2f947f316312ba74e01d6b65bdac71d52c2d8825a8588dff4fa7ea8525f49ad64a507264eb9b9a05ad0e89d88d006b9c5d6894d782d29d94e759fd4776fa38db5a4dcf141a3e03966b19e347732c12f89505e13896ea9026ad58fbb0a101713e1a83a8b8eff3cf73b0669a9fd719050868b3d99e099be8901d9d822d0aa49cd2ba168f7f0449d92766d5d02663128251a8a2b3073625461a790fade53b2dcbcfebf0dcaf1ae7f13aea964ada292b15e04ab5cc41e546b2b61a3199435521a1af4124bf1f6233d65daa0c5d3befc5e61bd1c812aa598ee34cb818590bf6d77c1a4b0baeefec669bd1b47e5b1c4f3e781c1afae62af210cd6a8c38ca3b4337be5acbb0df7aaba98ec8671e77ecd6c55f83bc91fcfd95a9ec793ae7f0b61b887416225aff4321068a89b35c64daaa1cbfec579ac0dbcaa4b545ef892020ae1d1a1d700f1ca0235961687939b87cf80475c0adb8d6a0cbebac61b4c1fae2bef0e19fc00edd9d09da1cf5cc7043dfae4f6ac2750c115a3eb9700280cb3262e861be6425d92f8cf4ffdf7f85c868571feee32d3d8885ae7dab01785bc8bcaf142cd0c0c74785e3e39ac106e6e3fe3314571fb3be34b5232e682e2a80bddee62c9c74ef7c46dd73bab9a148fd2c2ca43eacf1dcc42ad3de0202efb794ad51da3ae1482552cb1fbe6df23a37db383d8de61f3a6a33df5026f8f209f09b617a0f7d99560fd6e5f3248300e14ef5d555301d5ebeb00d68bf38906c894d65b286d9c13862de48194d088441a37350c9338ffef815955f4b367b9379a38f76a5d50e8e31dd4ca9f8c8cb9ce4c8f099b5522a8e03c187c19af1029766e8ad05304a8932dc22a4552dea39b385608d7f2026b78f30c60dcc483385f596da6c9cb6f669d34925b513e770fcf5d9be1d100aa4bf6253fe1cccbab1b25e9294c6d98210de5257ca3e7b0d9ca0ec81426c913f1030db272465c6a9801bce73c16e5fe2949f358696393666eda417fedbde911b5db50031a5dca355e4e70ea24abee5805a3748da7eacf354aad728db2a558d64d3b5edbc32f1c805d255e3b30db447881e79bbb1ef255b108e6a0dea2cf387e63ba43b937aa0c4a326d96a36b6fb7f8e18aa52bf0d00d4cd88226c67ca345ac3ed759ea75433a65bc3a697688e5c8ca9d529677a1261a00d3b23e22e4a570dd1c2254d064df8478f22bbdc6a4e552963f095624d5e8c37a1149dab252f50cc7d1d204f9260de36522b7fe39fff9b746fd6413f0346e867cc8b558c80208ec80091a08592357d50d4c23aa1aa1faea7312a52dd7d706e2ce95ad50cc0fa0dff91ff09e3c71878f651ad678c99e2f72d8b22ce21bcc6e474a34689f6eb688ddea3c142ee9f490b4548c02c5d87005ca9c37d4516be96cab5d3e2d9e6ed21cf874dd879262c07bb34790227832954851e4913e8e1bd7dfa384de9b5f0a4baf39746bc33d0da65ae5a1034bdd33b14adb165cc6840af82f6e6a216e0930b7eb428ab335656439cd12ba8ab8b245b1f5ee1ac9e2856e7cda6fec5193198d2a06995ca37bb49a1e54640f0343415eb1fe6b888e13fbea31524dd3bb3a6bbbeb8442a7e940ef321fd6cf5f6daa50a347395025257de59b171a9f8835ab0c186134f65a8ffd5395498a5349d481ece300f96339e0f1fd163dfdf75199f5e1f6a9bb863f95cb9569e0432081eebf13bf46d003e491a32e5066c6da5e08b61edec2661175342b1ffe7ca932ca7293b20d0570544d50c948c14555cf2b645b6061ca511674d82e09914db63846685416c7ab4fa52982c2ad1f06a83c9d019efa8c595e5c52e7aef0f062343a3b869b729b11319d52ce5f1b966149b1448b54bbbaf19a5c80e1bcc99e58b264ccb892482ddca633582e27c30d5ef8f25d580d3674fb1adc2b4618be489d895abd11bfde4a586e7f2b343f26d39c74157cf5b421e42dfa7ccf42c1cd23844dac703141edc72ba38d34329e6cd0022d2397d18460dd468ce59f0c8f686aee51704bc29f21850e3a0f93ad2674f4cb539b370c02a4d19881d68f5c35c251f5b266f98d47cc86ec0c41c538ebf06b52b3bd31dbc97176b453a7e5b6a6ac445e5a3bfd0606e01ec879ad1ee9582b445d0315fb8fdb6bc405e2006d5759227c291a630b5f1e76025cb4c4292a0605d0a83084ddf3c92016788b38c51a10ff1e96860d47738a6888bbcc371e7fd9bacd5ea97e7e94260a2913ef2bc976ed491037159e4d57412d3bc0cc3694554328b30af41f92fa57012a4ad52b10dfc08a83891240827fd03fdbbd5cff7d69d4249628310e394860ca29e991e2daee713cdd2e722518b8d2f7e32ef910c995c6ccb552f2b7cdde3a82a5a26e2e406997f296ad24d7be5083da22d324a7af7181edd5354e4dd1dedc2c4b9b9786a30f51b093593f629e8a4d6156dff41a5493482003b433861223e903a81b2eb43b06182e004212032adc3c6cc8a00478dd53ac41b36eedd261a8021f5153bed43d1c3ced74deb04cfa8d7cbe7ccd791be15f446f506a107bfd0131051fcde2e459f4cf7fe623d8c2638d177866f67c6fda68387165e570e4060d82692aeecd316b499fc827669173f11256330fa9782c7c82cfbe8e65f6410298b7b2f78cd7311ec26ee47679334a87f7011ebc69e00eade37cef913bb5af42216a6c892a09afe71c6ac486ca627c94d4cb0bdb5b76f4a139fa07ae16efc6a07d749de98d8b7a02766f651577b7cf706026685f4be5b65c783ca5519f9f722fbb96f8d53daf5ffdb83fda7b5e900b5f91bd1684ba1ac2cad236355d076eac6852ac218f514cb35d26607bb44150b3c76411b02f4ba852e6c972f8302d75a9d4bf4d19a35595a3755cbc072014ef3994f0c9971d9b535271538131b8d869e7590d225e46fea3f8782721a66512d109f944cdc7f11c1fa82d45e53ac299e10aae2d0e8e3cca9e521671048ccfb0117dfa0cfda121a49bec2ab364d4152a8c8cf3cc8e2a48f1a9e573c5b53bd7a8d8f190210eca0fac51006b24c84f8ca6fe013e4117278737a2a518cee28b8627390d12dc89e3185561282fb0c738233048d110badef42fca77406b9e831a3ec3b52d1df19ab05ea5b42fdf459f126019975ab9c76150a3347706862d02b02e63d011f1ffeb62a6223d1cc9c1ecd5f2bc6cd953c06bd700169cf5a13c1f1353df3c87653b4a8f508862065923e325ceb6f92e9201e6b7629d79e8cc7ecc0995550523fa68996fecd7fd3515073a914c6e52b108612d1522b511f651d314149ae83b0861a67e892e4b09089bb047255aa8a8f33de25865e31fc04abe4573f58cd49d1be6da99c73e31436ba5c2b2c7ebbd8283160c2c5ef4e078c8f857a0d9b2c577871a708afae7b21d8b44c83505a5e814d5f2d1362e87e290bb053aa4ae636569619e45c98e1e03977d1d51304870f70b4f1aa535b4d1e596cc61bf88eeaeb4a449f366fdee9d97e6e3d32b4d11803504c7c5c5a4924d25e6d2e23e3a159ba3642f51cae61dca933314ea030c93fbe41322435c5c749cbfd21429348673a05538f1ae1ecc3722870b4e2fab43cd2a3395dcf4e9c9340cebf2648cb88908ad8676698ec87a46034853c650f9241d9934d724df81516e9d9c37eafd54d1b5efec69a252b587a1cf3d77dcc89808712c0994a36b0dd7fdda6afe662efc3bfb66bb5c60674f9287b18b72b714213db412f27e71cb23f44d2cc3d4c8b861d9e2dccae71783ef9349ea4832fa2c899959a22cbcc0844cced1f98bba85a2667e9a2886f21e1ac099274a979abe00ea6567485470079eacd3f648ac55bdfe21ee0ff89264f55c184667697dc1b18fc6939e092b41a816719136d0378d6ab9886714ba5936a4e8d49", 0x2000, 0x0)
syz_open_dev$usbfs(&(0x7f0000000000), 0x77, 0x105301)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x200, 0x400)
ioctl$USBDEVFS_CONNECTINFO(r1, 0x8004550f, &(0x7f0000000080))

21.815356239s ago: executing program 33 (id=2217):
r0 = syz_open_dev$vbi(&(0x7f00000009c0), 0x1, 0x2)
ioctl$VIDIOC_S_PARM(r0, 0xc0cc5616, &(0x7f0000000300)={0xc, @raw_data="fe52b65bea7af1ffa15f329084304bcbf66f5db018ba53f14cc11df183baa34c72210a6ca9ab48ebee5acf09866349e1c6e289b62aa77dc96d7d30c35bf60238b7bbd4cc98a655cd4db4e361f6358de12bdf746d568ce2115445dc24e1c0ac2fd78a9667bc8b948c164651ba6a6cef37f3d8b01fac4c2e03038dd21952cadddfad5b75490c27a5383efe5e5ebc9d8b64ee7d556ac1a426f38e5814e4da6c11c8324f2088cac553c7604615f2be70c149690f997c19724547df371285e86a35688c3732bad02a6f65"})
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000021c0)="34e3093512512da9fcedb73354b13b3b9f830331b3f1ad626594ca018910f0547b2ca95eff39c9df33a206e9eeb5e910790d8ec6133650339466dddae81971745fbb48a483c306b6bd8f3c19b6dbef04dee2021d94868b01321efa03e858962589d4706e206773fa2e08421f1ee3d0a47b06d5553e137637879cf51d75d3c95c852e0e639d6a61157b53479be7b9b83606ef8ff88d327cb601c870cbb94dc09b2fad3f98c36fa1c73b11eec292e7de0ce35175be17cd338011481a97b7d4636078ebed8ce8f9d0a0e64026cce0cac7a86b42f44e811e0a15fac742cc1eb6a3346dd268a81dd62c0fd1cccaee38a33da363a742913a9f79009bae623852e219a3fcc69b12b1069a6058b789d28088847f29a38148d1dec88f58776aad91ba516378b5f2d584da032ebc6b0dd3c4d016bb4a3548d31508d1fad9a7f1fd94eb60e8454d7ba6a26ea67e2ae1c2b19341705ec7c6c6e9bc1968ab942e14183c4a342d1d94ec565b86490b0300d12ba0ceb1dec2d2f277669cafd6274013956a91d1a82c431ac2b2d109d6cb4308cace615e8c43a546f411342df966e270fe68c44a47692fc10b678c61e4d496b585e161ee481918a18d7691c2c99ed29f7829ffa2d9a5cd438fdae9918abfc235eca4b61a6c17b13787e698f9adc21cd34b1452280172686ba7fe7df29b99208a23ffd25e17e19583d5b351aa1ccd5e8e4e2dc206db59c03db668f7bb901c185f6f63d8d8ed04119f534384e28d28d84fdff70fe2da5a9e20620a2dd63494b93cdd571e9a71f0af3c916e3e96c33356e552d8d0996bd2c94239a3adb1391b1eb448e1d747ea2dbf2fa0597a85f80d0a6efae9e445a441d1fcd93aeac365984c6168ca7786d4b120c69f4808e8ae9fce025b3b91222c0a6c30f2b0307ce3782d2a024b54a24ab6ba0a2ef903059d3da91ef1e440d6be488c4acab817ebeb88a3fc26d958c829296c4d5591f38d9403ce999dde7886771c8a86c2f5ea8cf1d1e0f2bd5bf9a41edf7b2282a250201927b5dfabc06e12a09b2615d4f147ad75000ab8bb04cd892ef00260f8da7b34f46409eb4370c06e8ec5202d46455419e52ebb2021350bceea2dce7e54849b78ccd836af1644c73951d9f19e874c1425c9cd4ea530a9bfb74d1c4feda1811542d0fcd7865b94fa520844585759689b4e688ffe451ef61574fc12155a7cd91dae4ce77e56072afb7a44b1c8d2e1a6f3daddb096dcee836d636e47c31acdb703791cdc03faf3221bdafe89a4f64b794b37a51aada1c62b524d6d61524046fa822b568a6a2bbeeeab3ce7983261ac9d9f81307fff5ab232549f9e840f7607e420c380199cbc38710e86e6be16c3a8dbdbfe9195d4f93a6b8f5649490f01ec5fa4c0b332e5765c4f2ca2d061fa3dd554ac27ec5d2f80ae0c1ffb5646e11b26091f4014587108207f4f14f25eb20dc7853b60088a198ecda55f0887a667aea4d8081eb7b8cd344921d7e473b8715e583e1625388e0e2354cc5f3350031079842046c2e7e6a19ab982d1c02ab588f6ec1f73b0dbf186fa852ef312349dc72e0bab12b71cc61d4c72e1fdf1cdbc4fcbc27494adca6547edbadf03e87f56501b1565898003b60075d4fe6548bd0d682624fa8e370dd619e05112bc8ccbadc536648a100e6afb00ff7a97c4bd2036a38ce3f3acbb46743fb30d96359669a7c7d2ba2623988e3aedf9449677f9e06f80e8b0f1a7865ccc7b0586b0f7e2370785b50bb0c4899d5f973035cc8ebc61b57a02b21ddb8739e15de7c1b0f177598b6b2836d8594964957b2064efe2dd43e290acd33ef40ac9b85497e17948793e5eab079fbb13cf63d624b66c462cd624112c29a38e64faef98aa8b9043c5f5c4eedaf300a95f2f4ced6ebae3c3deffce7718e46bcccdbcc2f29e5c9e870c00b12c1681d067536714e4dcca6a469c81d754cb0e7360c4f8e6d8e73f827dafe71e9b3aa4505eec608601155d31811854c170f4d8682a8b524d515b311f93b5b3650cfa09a73a3d5f33e45c74754c65c5d123051f9effd8799e68411ef6900bc1cf3591206500a1f8a3c4cb46dd081079483279a878ae0101492517dc7cb1f9e640a4894ea0b46ac4625fc66f27a18bf56cdcfdd12f57e769a44a015d5c871afc1eb4f5c0fd34483112a30c1cd56dedd90f8bed17c6d55a89c963f02e52b98e816252589790f402752465748d08f0002e38552153e37bb9a46438d05f22fc9d752034131988474e172cd50e07dbbde69657be2caf47acd04b8c7c6e1cc602bf3445b0923fed8a0de21434fabfdbee9cfe5e633ade060cc85bf22e73aa6fc94e24273e026fe67c7e7cb0b40c31605962239f8ffa93e2668424ef9524692a90b56958d1ea79f9afec7339efec15b4f154e069ed03e6291bea1950badee2a2685e9962985111cbb0b7f440bcb4b4fff381d87d1f015495faae6b5eeab18625e0f08fcf984d8e0e022e05b7499aebdae2fab7f4a8cbae482fec789a7c401881e42e56a33112625b3f665265a44a7bf521443a33c140d9b4a9ef8ea6515719b20b035680d75da83ee96ee8c4b65d34c4cab26ff0e33b0988387a5e42a06afa3d00d23836be0a2d04a8045703fb68062bb1b8fe2b9b36c53664cf88f989bcd0b8cc343f22c2e76288a1f635e1089cd30ca9e00217d65d667ee295d69a69cbdc392468db5d096bda9919db2b3216e4e0f19ca073365468a6fd4a766e145b3f9c75254f26127a83fa3c4295d1125d4f082d099084e170b65545c66baf65d74b8b9cc0f1060d7f6ed44e7c83fffe2d8449283fe936ed2da6c57190a89ecc27fb3632afdaa074b7c351b2815b346d7348e3073e35b200c471b6b99a557c57127ab97f909560c4efb272e8868e1f5df7f0b564e6a9ff7aa951b06134b904baa7c3400c00e21470c5e2a5da55a2935372973421c2854b88f980d65640ebb70edb93dae6beb0f3147a32dbbef3fcddbd0910929cc9f63e14338f3a84ec11a9a10459c58d46aed6b2215c34fa7f95e22c05a5923da5a544cb0fdaad37e22bbf99d136ef8c9a2a4255706ded5a8057ba3c0ff7d4cc3952a0307f5d4f5552bd4063037607dd8e12c1a8496df0ee4c62a24322631a595bbba7e53e29cba70d8e224d8079150aec3ed53574b0a3df52a880e35f96277939be506a475d75e016d8752d71d8f41377641175f09c8d41ef0c5952d8585b9094d379306e4ba6b837a64ac992dc7274bda88d84eb3d6a65a60d8e6b43272fabd470ff4dc7d5db8ed39fdfd93bd9931ec37f0b97ccba1c601928f9c06f5bc3338ed95f33721977a088c1007d04f8bd15125254e4d6888fd98546a201a9c76dbce076a59bdf287a0aaa6c9759fd219177ca1f9a702696eb7aeb3e774dec804ee6d280e198f2fb10ddea0e3c33831f589d40fc261c29b81997a6cbf076f606fbb93e0a1b269079f525d4de995ba70935d49f71895e3bad61f75aa9c13ccc09a2b9958c3e5cdf0fa455bdd45b2cfff21be78e9bde6acca0b26c9e426f2aea5485bfeaef55ac92da2e85752943eaaf3ccf4be2141c59d521f68fbc420b8c1252c990b3ea9a65dd979ad8b75d20b59275cd81e0bbe6f3b36987e84d08b9a7189a0a7b044289fe3a408331d1557265b7cec4ef9cda7d7ebc9b245811d29d0c5e8502d308fa6d393e912cac09b8f420bca68d730d2e4d17f7c4ccf9fbbd2f73c6e800fb4ac45319568c41292e029db47c6247fe52403a944e52100199cac98e4ab3867821c99a44c1d7f81f33eff81e112c8d4fc8e6f1a67b98d6667f7d61aecab7411b228b851f9c000f5a825ed9cc09d0ecb96a311e95586b37e922b29ca26b3aa6fecbde86bdee75324d09034bc6969197e8676c3f60b8130924eba00161d2922fc18dd367ed457ad894985edb4160d9e020ea2d44c5197f34afdd2f6552e18308099e82459cb72577484cfca50e031a2f57a27592e4d3ce85e63a5aa04318adcf293d87a0241d7e1195776f553a202ea4f7bada77feaede20d5da5239d2fcde48feaeec44c5db327b3b3087000ee552987937196f5ed5cbd31bb8630acd7918362246875fbc629d7c03a04587c150385cbda4d8493e57c1f2e737bc6de0dcab0e1b6e528e016a29e0e3a078a30567ded24af82d6066fede3811472cb0687ad4601b28281a63c0f3395f2780fa66a688cd536d77705ba82cd994a025608293778dcc300fcdfdbed376e255b90b9ac4fdb1701e654ead53d9ef1d8b80513747e57769684905325bc9f0f33227d384802a3070bdb3ef90a65f127f5f88d4d2475b931f2a0554d53f0fa5098e768b0d5c1658a87a27e18049181cd1f20e397118a5d3c5e4e1d171f3782343bb9687a03634945ec51bf16cc5d0ebafd8e69a3f8ea6ee8fe70f8609d8dd6395ff1e3ce80fcc2a2a13ca461ae7d2c1377d3b141361aee34c63d17f4df570a48b79d9189c43469917dd2c7b1326ea86ca0b59eca05b5bb460ff2dd6837fdaf3c33da92225aea19aaaf5ecd04b9d8e81f2b63d85028a69b1da4465669ff82a8a41c93c4c6c0e07476e4a763f11288ced341c56f3c04ea7831818c191c6e8ea5507963edadce5da75e00d6aa31c4fced40fac1e47564e4a76d239b8a910844bf8220c849e6264d43440505aef80cb322f707093d69e3cc24552fc43d38c90b5b995dd3854dea33415fe51489bac4177f8c7bb2a19f7470214248601e4cff67b6625d53dd4cf03b08d3b3123418984fd9c0fe3bdf8593365f622312c0937e79e64830db428fb196ec7d8bd2cd59f890d8c40c564701e6c17d5c8ac5867fd3f5e1b0e34224a172d900686c1f6b5521b7a56dee51a1c304a1370d79f7d519991377ffd3a61930dcf00526e3a772b85619fb0cd16767c1e03f69f49973ab1ac7d18c9b279b74c6a5423e2e8f3b4c43c6bcb4643a4d40ac58445298ef6a932a2aea4908d79a31843f9ab6427f06100e888dad28cc4041eb688f3f5e4329c6c0d452fb274885023ae3420946eff9a1fa8eebd5c404ebcec1936c5f05c686abeaf74049157f06bfa7d260915b3ca6c9e7cb869495aba3dbbe7563000460e1e46597fb7594e81c7c5def4f8723389d4ae37a9e598f2a526751cb47a1af68437569d5275f0cf36b641788463d6b4d620bdaf96f91dc40be2867056ad8ef1de110114ae2f161ab75172cd34c5c050f08ed9b1165c300d1c6d9463bc0155ea679367a9cb3fbd12756dba5265de7135f291ea17697de658e4d4a022b3bd8f3a7ec0800463c535afeb525f8beb2e21b314dd54997f3f5046ed8dcaad19377046ba7301b9ac0f56bf1cbd714e0c1e5c07ba71bc588c356e9ce76644739fae0b6455c7e580c27b9e0f36e629cd58239debd103e7099cc72269b10e52ae18e5fad9d3653917d379ff267d9b29fa207e333ad2a77be63c6139adaee42c4824aa212e755b3386660d71e099941aa0c2cc110eb0b13a952854c7056dc81d13286acaacec33e43383a208a5764488daf0e8ba6a5074b821cf82e661620c547e3acab5d2f7aaad4d64508ffbfd5fc029a46cabdf3a79bd428ca7f7d245d148b9d049e94651d55ecf2c7c81054bf13d9713493c870ea81deca6674ea1cf6dc7edb85b01a262fbc8d1b6cd00f40c0dcfba907b964c6653600a11f006fb145c70cba3c0f7cd0b7bdb94f79a4d846938a5f73d1fbe313c70c61d3403ee3cd939eebb617cf5fb850c0b4e900c33a9fd7b731373f11d46db814d461f7248b486b3052dc4f86c352583b06521667a9b20fe78a7d2fbceee8d97a1a5e219bca3fb8761ae404a0c29e405492a8bcdefb251c62726f388d1128f7643bb61389a35e5b74ba293b8b044aa1cbf80c5dac8505591775233bdd8ca460bdcd3f0dfe25762635dbf9fe04522d50e242c2660d9d6cd5d8a7b87507e803e952665b7aeaa4939b847165aa5b2b9fe80d33dfae5f678990aaf3db1427d731a000d07b5c56f272bc10df1122d3fc1be65456f629736855711e64b518e0fd7c31fab5ecbd3920cd6927e26671e6c755d67680f3a280bbd4c8629a5906310e75ce52cf2f027a86af2fe9b61f9920a25c4a419915cf21563a9948c539ad2b2e88d6f2474cc7764187d9e9d27d0022c9b075c86b00b55213406e53ef05be5ab80137a1c2fa472ac6729eaab92df424189618e514eb438d9d9616cd56dcd9c51c69ba15ed660fa69d7189639c6d4ffed27da74f60636ff48d11b0f85a3c531a3824891265c48e7447a5ea83f8f372e97ac2f7f22af4cef065ff28c5e7e3dd31b18ca51f5608e5f0e87bafaa5ae25a97ef3dc721c8c73288f43de53590ae26cb4636b3816fb91c1eb6340b71ed8a87cee69a6ff3390aabd6be66cb49bfedacd989035768614f248f89992ac8f211606610681706c0fae5acf8f6c97bc229312fea6ef1baaf5b731fa508f943ff9ef7aa962bcbab5596e722cf35c2f96aeab361a19cde190bff9ab93e5d1708244af9b7414e35541da42cd6b70254c582ea2674f92ef676797a01150369077b1e2b152b3b6fbef0e14caf2f7169fcfe2e9b29d737df927ab8651a275b3134f2837eac298d6d3a6f0eee293a366528ca9acb8f145c8a927bb15787fb3ce84213c4a9b3267c805f8f747c2c2836479d74f118a061c2444d12504c9089302e7533a9ec949fd001d147b802d7d125f4de2209937f7bc0e691f2d7dc50e5e74fb29f6edc293b05e802bb9dbd65a1141f4b80951968146357483d223708c15ce49ca733adf20f06d9f59a3ad74cb1ec6f61c27177194879f9ca7d524be59a40947b4ae16c846ccfc27c258a4dbada9945b3ed2f13c6cedc462c9c26b1fde9958b46a21a8dcebf7d87e1351f2573031ebf6b7bcd3d3be7338338eb30daed4d94203a373c04d0fdcacfa5877a1c0abcf9dbcba1d4245c23a109c28e1fe3b725de9143b31dc7cbcc2382113b8087866061e479fa3c2099cab2546f71bbc6546ab2005efb379afe48d4d252fd8c66b9ab3bab4c311983047b27a4222289bba6f2aad4f24692e54cc8f7db3961fd93da2e2f46ebdc1083b1b1098a17cebdb7a97542bf687a9f499241f96836025637c0ddf798381cdbc1f6516f9f0a68702c31ad56fe93448417f2d2d76b596321e1376ec075aa849b10efa38bbbf94ba310c8352d9c09cca4dc0f0886311b934494d4d9d825da1be91837ca938343dbdea65c610ea4b79167a6d2bd594c4955a6c298ac4060c5068fc76747b2d4f0528433a4fc9c39785d8d2da34c5f4a8a09e62677d6346d9bfc606d24bb5cbc8a44d2ed2bbfc5e31fcb40cbcef24f7cb518150706865b919abe9dc1296d6901ab2d3b1b40b4cd78fcae4525e7eb08e7b87d15d89d0b7d06d5d1e56e0ff777cb48cc779d8bbd0443265a5c3ebe3feae695136f28eb185ca7c320d1bcbc74989a55f1c707cb356f54497f4abcbd4f1e33f916acd6f1efea7b79f3462e6dfedc8bd3e769ee230db639bc0cb69ee862e1cf1e7ee49c4467f4e463846d3479b527248da9bfb27a679d35b954712fa0bfa56cf3a15e8af1ee2a0bce03602447cfff1833f36f957abc299ac538e802534da2963ee199445770805a255caadfbb4604a1796b9caf93e580ed0808b481c66e21a87f2b29c0f5916c0e0bf9d4a6761d4629c7ec45cbb0c86abfa87d68e4c9f47dd8d204828db7b4f579d04edf179aab387c08dbda02e0ac11a243b53c6c8096e54a36ca42ae2e5f6428e4c9db710d1b6e31d2f947f316312ba74e01d6b65bdac71d52c2d8825a8588dff4fa7ea8525f49ad64a507264eb9b9a05ad0e89d88d006b9c5d6894d782d29d94e759fd4776fa38db5a4dcf141a3e03966b19e347732c12f89505e13896ea9026ad58fbb0a101713e1a83a8b8eff3cf73b0669a9fd719050868b3d99e099be8901d9d822d0aa49cd2ba168f7f0449d92766d5d02663128251a8a2b3073625461a790fade53b2dcbcfebf0dcaf1ae7f13aea964ada292b15e04ab5cc41e546b2b61a3199435521a1af4124bf1f6233d65daa0c5d3befc5e61bd1c812aa598ee34cb818590bf6d77c1a4b0baeefec669bd1b47e5b1c4f3e781c1afae62af210cd6a8c38ca3b4337be5acbb0df7aaba98ec8671e77ecd6c55f83bc91fcfd95a9ec793ae7f0b61b887416225aff4321068a89b35c64daaa1cbfec579ac0dbcaa4b545ef892020ae1d1a1d700f1ca0235961687939b87cf80475c0adb8d6a0cbebac61b4c1fae2bef0e19fc00edd9d09da1cf5cc7043dfae4f6ac2750c115a3eb9700280cb3262e861be6425d92f8cf4ffdf7f85c868571feee32d3d8885ae7dab01785bc8bcaf142cd0c0c74785e3e39ac106e6e3fe3314571fb3be34b5232e682e2a80bddee62c9c74ef7c46dd73bab9a148fd2c2ca43eacf1dcc42ad3de0202efb794ad51da3ae1482552cb1fbe6df23a37db383d8de61f3a6a33df5026f8f209f09b617a0f7d99560fd6e5f3248300e14ef5d555301d5ebeb00d68bf38906c894d65b286d9c13862de48194d088441a37350c9338ffef815955f4b367b9379a38f76a5d50e8e31dd4ca9f8c8cb9ce4c8f099b5522a8e03c187c19af1029766e8ad05304a8932dc22a4552dea39b385608d7f2026b78f30c60dcc483385f596da6c9cb6f669d34925b513e770fcf5d9be1d100aa4bf6253fe1cccbab1b25e9294c6d98210de5257ca3e7b0d9ca0ec81426c913f1030db272465c6a9801bce73c16e5fe2949f358696393666eda417fedbde911b5db50031a5dca355e4e70ea24abee5805a3748da7eacf354aad728db2a558d64d3b5edbc32f1c805d255e3b30db447881e79bbb1ef255b108e6a0dea2cf387e63ba43b937aa0c4a326d96a36b6fb7f8e18aa52bf0d00d4cd88226c67ca345ac3ed759ea75433a65bc3a697688e5c8ca9d529677a1261a00d3b23e22e4a570dd1c2254d064df8478f22bbdc6a4e552963f095624d5e8c37a1149dab252f50cc7d1d204f9260de36522b7fe39fff9b746fd6413f0346e867cc8b558c80208ec80091a08592357d50d4c23aa1aa1faea7312a52dd7d706e2ce95ad50cc0fa0dff91ff09e3c71878f651ad678c99e2f72d8b22ce21bcc6e474a34689f6eb688ddea3c142ee9f490b4548c02c5d87005ca9c37d4516be96cab5d3e2d9e6ed21cf874dd879262c07bb34790227832954851e4913e8e1bd7dfa384de9b5f0a4baf39746bc33d0da65ae5a1034bdd33b14adb165cc6840af82f6e6a216e0930b7eb428ab335656439cd12ba8ab8b245b1f5ee1ac9e2856e7cda6fec5193198d2a06995ca37bb49a1e54640f0343415eb1fe6b888e13fbea31524dd3bb3a6bbbeb8442a7e940ef321fd6cf5f6daa50a347395025257de59b171a9f8835ab0c186134f65a8ffd5395498a5349d481ece300f96339e0f1fd163dfdf75199f5e1f6a9bb863f95cb9569e0432081eebf13bf46d003e491a32e5066c6da5e08b61edec2661175342b1ffe7ca932ca7293b20d0570544d50c948c14555cf2b645b6061ca511674d82e09914db63846685416c7ab4fa52982c2ad1f06a83c9d019efa8c595e5c52e7aef0f062343a3b869b729b11319d52ce5f1b966149b1448b54bbbaf19a5c80e1bcc99e58b264ccb892482ddca633582e27c30d5ef8f25d580d3674fb1adc2b4618be489d895abd11bfde4a586e7f2b343f26d39c74157cf5b421e42dfa7ccf42c1cd23844dac703141edc72ba38d34329e6cd0022d2397d18460dd468ce59f0c8f686aee51704bc29f21850e3a0f93ad2674f4cb539b370c02a4d19881d68f5c35c251f5b266f98d47cc86ec0c41c538ebf06b52b3bd31dbc97176b453a7e5b6a6ac445e5a3bfd0606e01ec879ad1ee9582b445d0315fb8fdb6bc405e2006d5759227c291a630b5f1e76025cb4c4292a0605d0a83084ddf3c92016788b38c51a10ff1e96860d47738a6888bbcc371e7fd9bacd5ea97e7e94260a2913ef2bc976ed491037159e4d57412d3bc0cc3694554328b30af41f92fa57012a4ad52b10dfc08a83891240827fd03fdbbd5cff7d69d4249628310e394860ca29e991e2daee713cdd2e722518b8d2f7e32ef910c995c6ccb552f2b7cdde3a82a5a26e2e406997f296ad24d7be5083da22d324a7af7181edd5354e4dd1dedc2c4b9b9786a30f51b093593f629e8a4d6156dff41a5493482003b433861223e903a81b2eb43b06182e004212032adc3c6cc8a00478dd53ac41b36eedd261a8021f5153bed43d1c3ced74deb04cfa8d7cbe7ccd791be15f446f506a107bfd0131051fcde2e459f4cf7fe623d8c2638d177866f67c6fda68387165e570e4060d82692aeecd316b499fc827669173f11256330fa9782c7c82cfbe8e65f6410298b7b2f78cd7311ec26ee47679334a87f7011ebc69e00eade37cef913bb5af42216a6c892a09afe71c6ac486ca627c94d4cb0bdb5b76f4a139fa07ae16efc6a07d749de98d8b7a02766f651577b7cf706026685f4be5b65c783ca5519f9f722fbb96f8d53daf5ffdb83fda7b5e900b5f91bd1684ba1ac2cad236355d076eac6852ac218f514cb35d26607bb44150b3c76411b02f4ba852e6c972f8302d75a9d4bf4d19a35595a3755cbc072014ef3994f0c9971d9b535271538131b8d869e7590d225e46fea3f8782721a66512d109f944cdc7f11c1fa82d45e53ac299e10aae2d0e8e3cca9e521671048ccfb0117dfa0cfda121a49bec2ab364d4152a8c8cf3cc8e2a48f1a9e573c5b53bd7a8d8f190210eca0fac51006b24c84f8ca6fe013e4117278737a2a518cee28b8627390d12dc89e3185561282fb0c738233048d110badef42fca77406b9e831a3ec3b52d1df19ab05ea5b42fdf459f126019975ab9c76150a3347706862d02b02e63d011f1ffeb62a6223d1cc9c1ecd5f2bc6cd953c06bd700169cf5a13c1f1353df3c87653b4a8f508862065923e325ceb6f92e9201e6b7629d79e8cc7ecc0995550523fa68996fecd7fd3515073a914c6e52b108612d1522b511f651d314149ae83b0861a67e892e4b09089bb047255aa8a8f33de25865e31fc04abe4573f58cd49d1be6da99c73e31436ba5c2b2c7ebbd8283160c2c5ef4e078c8f857a0d9b2c577871a708afae7b21d8b44c83505a5e814d5f2d1362e87e290bb053aa4ae636569619e45c98e1e03977d1d51304870f70b4f1aa535b4d1e596cc61bf88eeaeb4a449f366fdee9d97e6e3d32b4d11803504c7c5c5a4924d25e6d2e23e3a159ba3642f51cae61dca933314ea030c93fbe41322435c5c749cbfd21429348673a05538f1ae1ecc3722870b4e2fab43cd2a3395dcf4e9c9340cebf2648cb88908ad8676698ec87a46034853c650f9241d9934d724df81516e9d9c37eafd54d1b5efec69a252b587a1cf3d77dcc89808712c0994a36b0dd7fdda6afe662efc3bfb66bb5c60674f9287b18b72b714213db412f27e71cb23f44d2cc3d4c8b861d9e2dccae71783ef9349ea4832fa2c899959a22cbcc0844cced1f98bba85a2667e9a2886f21e1ac099274a979abe00ea6567485470079eacd3f648ac55bdfe21ee0ff89264f55c184667697dc1b18fc6939e092b41a816719136d0378d6ab9886714ba5936a4e8d49", 0x2000, 0x0)
syz_open_dev$usbfs(&(0x7f0000000000), 0x77, 0x105301)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x200, 0x400)
ioctl$USBDEVFS_CONNECTINFO(r1, 0x8004550f, &(0x7f0000000080))

10.608805693s ago: executing program 3 (id=2339):
r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netfilter\x00')
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r3=>0x0})
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f00000006c0)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r5 = socket(0x28, 0x5, 0x0)
r6 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r6, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r6, 0x0)
connect$vsock_stream(r5, &(0x7f0000000080), 0x10)
sendmmsg(r5, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000000)="1b", 0x1}, {&(0x7f00000006c0)="1a641e28f4d88a4454a8b70a1721f186d9fb02061c135db066cd67a29a254bab853b299576f6669b35f64ddaa6a42891e4d8838e68edf86b4858d77e5f8c51a4e06872d6fcd90980ffd50aab3af0e56643d26868decddaf87d938d691d196a012c4846f033e91007be88573c6ae419a813036e51fd2c1bf57603f3b08612a3dabd6eeea0fd061093d3cfec864b6800a62557ed90fbdd5ba8ac8109c1cb178995cefa7091f353542f2f65906ab291083b9f41aea435f45421ca2aede21829d20b46ab25653d3d0bc2453978e8cc1dd9855c3d792628e6628f39162f33bc09381e1551d7512914f520f964e599ed6fdf1b8658b2262843e1924d446b5bd57b5a0f0f14bf36d8bcee2011949a83a0853b45f55c7e5d5fc42109ba3bfce4930c9dc91dd8224283af19ea78fffdca9bc0a0a95ea464bf48c0718b732fa2f77e2e5821c566b49ffc5fcb6b45141190adbf76be513fd4fe0397d6471bbacccabd606d9c5848da0f97a4eb015306f616f0aa9aa77f44e4ee52cc679718f4006f56c3fccf456577661b3f4f081d60fa05928f9cb327e69274afe998bec4c1eb1efce32b8447ad94d48f2a6fbed9b6a2a6029e7fdf1fef26c24ebb1c5789e575873accb9877a7a5b6c904c5cee46a44b6ba8ca10ef74160a589b5c68cc1f80a7b88384bc4f00bd88ae721156359a731cb155dd03aa6ce42f469698388ebb6d904786d1c2b0c7861c623fe09b8b26822936452f51573663b02bfde610a85059b78082cd55515ff6c22a1515bc6ea12c95e4501279af31441425d3da5c7be61be026b32563fe9d6efef61fa6db44b211a44d880ef13fe57d61a6a4d24b5b02eac2d429418c90227067c9d68edc2af0d2c4e3ebaee646975a4ef723f45552cebaa8903c3c5620e3a8d95be5b8679d8e65cfa6147f55e1a7c9f3df5314ab9860f5de5992e3337d1b99bd8f4db96a9794cf6c250fe14a6e57af1573a16923ec52671fbfc06ca0ac2865e059ab5fc3dbdfe121df6c5374cd8be9cb5999ab41d3f23a55d17d4ca4ce5e62b7085fabef3c9b0b07f220842ae1a7ee4e838bcdb903b7a434e8c8de73d2a4dc75239aeac868f34cd743d98e0c62f2752b5157940166b513654160183a97025cc8ed6808a856e2c942839d5c53b28fd91dea1077a5f585d05f51ed88308f0008963e39c9fb56e0cbb5cd969241e95750942639013929881d6c79c8e21d0154a4b3396292f25cf09d6e635a648682eda1cdc78df8979666ecb758f08977031fb99dd2a63ddfce52cb844451dce5b5c44868221c5643dbcd305d4dd56da11a485c68ef3e1f80f1ac72858b1808a284bcf098c02624008552609929857c7ea2b732bfad178d6b76f2497e106a5a141ff00d54322613f7dcd0e05178a36923b932034fe799e8b45f33ec40e8611affcbb4f1d766f1f869b3fd862a03d64c09718e3bc2ddaefa8c93b9594a368748bd92c2cb9ec4deb741514d69d4110f931687dc4ee1bb9eb483480b007f0d0b7108aeae0db4634ad1d5c8d68a81c60759ac536f17878ffb67ad3f68a182b42ff1339c73304f2dd67257b7c370133b9e5843087074b3d406d58c5facb153b1a81a39546504d0b01f733b43b6a71df031b0b6e678b0cbe2dc496639c2fbd1076a6938a94833de70ad03b9c5e932f2386ab4db8323c23e88c8f79bf5ec717de55bc7ac8698a9030dc28a7b83db6f46afcda599c5f424b96e4e034ef158174385d86cc315fd0529e2a26ddf39319bd9ba4cc17af8c8ca683aea8db186419f8766f7f94bcb8326e2a3fb448115541146d2cb94981a657180251f5b90fd826aac39e520ba6120a4af6447d1e7dffad9190ba327f4e6f8a2254a23a29321336f4940658360a270a7a87b67e087768360d2fc5aaf3f66116515140f390d70d3dd7da24a313b5341be9b135db56a64e39d8a4a93a2c3d879e954ea179fda4b049bb4edcaabba367e9bc50a68083b417211f2b4cae3b23cb02df239b9c8ca1e0df82bba4c846245bf969adc5a823feb0a224dbf8f9af839b2df721839a85999919eff89cbac9d32d4b8e978890121231359ea46c879c8002b4be3669fb5e76b2049d2a11453278666c2eb4667e699b4de0f6f330e4f6fe3ce9ad8d020813b3105b6df2b9632763e4030ec84902e697eb69fec5cd399149327eb1621c27c352d87da9d5fda6d19540bfd32a74920e1e25e1c9332b563c37193e051c6f1b348da2878e98465b747e5f34dd44b5e1b7e630284e7ecaa883d93a5c08f42631c3fba63c3483317597bf457e8cc070c78ed0af7fde154ee54a2ca8f049b490eea4924bd2dd41293503585a318ad32a259f028b4d8acc380e13297845f5764beec514642f11ffe25d292604965913c0a8e90a0a98ebe3214f9d8d25d4625964407c1a88d8cd67cb1c3376c69010c498b91601d0aa4da9ee10fb50ea6878cf04e1560cdd5670a936002cd2d05fcfc03d9dbf99d133d3a0351ca3aa03632a5c890ce1f5cafb017d99d46f9b817ad0b85d3d9462463f8ef4adf72b69a017fb9b57c2b2456f034844823801fac3d2bf8d8ac3eff119dce896a0473330e79c46c80aa97123af9a1a26b9e7979c177bdc3f433d0ed797602333645dfb00faf5b87bfd90fa1c00289eadfe5f553c0b988638b86e43194cca99514c7af74e066d80dec639c767075a437c774a9b5c36f3e68e31bf5c944fdd739773a88362d28c963d1d5357b2397fe191147e083a23e2ddabf444662d4a615ee79ad6438a3c65f79a17517ff647e27310964504d1990f85a834caf6ba44618d7691f749bb155bdec24e865dd64b8be91a54a9c4533a96c92f5f88957d3dfc81bd576123e7e5bf735b5cba3fa06963ef88788b40ff936d10f004ad0b9297ffd6fa674967fab9889c5452d2d72d7c36381bbf67da48a52eaf842b69d4f38afdb7a4dc1ec814bf72091988e93aa205b6f6f9dbe2cfa99d0650ad367444cf04a68d5b0bb0d5c475c4f8de3756f01f230562dca68bc1ef1409ce018ee428e585fefe6be78f9887baccfa92607bc12b86e69097082e1047fde987f560c447ed48d08d6ed2b381a49a3c105599663d0f2bde75c9e2f826d2a7bfc15c1ec53987da87feac39a85732962cd6f3edb8301c597ef4905d32959908b9266851a6322f662607b205d061adc1d2c42686d96d429d21a2b6aba54fa3fc903f08e7dd88e923c658211867c33ca9301d051e149cf99c4fec641a7087288e3ed3340445c44a39454710d8060866c405c6854080b7947b65579206aab02e9ada4d250d68d4a7c7c9d0263caab8b4b11deda4657176b249fba6eda4f8f198647f4246b748730bd5e9573c167f8cd30cc762d9ba186a1fca1614273f7b5c674f567d461bdbc9365ea20a00d3c1f562070fa515c4412997f8ce437093e98a6c5a6a5a8556407ceaf86f7d40ee3b5ef7d434b1929ee1f7e78762f747466a4fa920667b5392983dd46f4f01da17edf911d8502bceed08d139b07935ed0b8ed452db1c658f5230c18ce6e2d0311b5470abf68997ec92290d4979a9927f0c912ca891b860f5d5e37dad2010b9165f2f18222092cd5c5c3f9fc25905576c9f20a1f72f76ec01597431e76afb37874a5e0ac38e85c8ea95843c0c3cbc65ed55dcd7a17659adfb40373b0bf608dbf9995055c58a799c9bab6b4f2023b0e424c0010df35b7a4d3d3d0afea4aedbb8fe5ed8e0d757d7da9ef0f6f8dc7fc571dfb7677f10402dc76786b5bb020f91108b60977605efdbaad028f309456c96cdb978ae1a9a80b693c08f9934a485a0731f9f6bfe39ee6373e36e90e28291ff694923add4fbfe24e1e806e3a0fc9e14cdf3082c3ec56e1944a2ba82b760e9d22ba865d9dd0d2ba651aaa315fe6728bed51d7ca4068f2fd5bec60b235c58637789d86f2b9c6e857e7ef8b0ea16561a071865229e45b6e4a21dfa6c12e2997b95daac0e7601cfd1f1eeec1195c76a5a47b19114e6633824066ac9b999908b666f8b94b9dff7038cb4ee2a80d7a3a232346e6bbdc77aa9743a7024c4ad79d83d98bf87aed9045265c9827469344462e68bd20c9c934da723788f5b51d9f49ae49b3fc37ee5f16f062b1bdee4c5312221b6d649d5cfde331606a307e84e4a36776733172620b610d03d00b8490d9ac11f4cbcfa642162cbb87e6af941f64b8ea02c9e280880f462b920aa2b3bd1acc86bf93b8fc8a080e1c3510e9c0070f37b12a23bfd7e54837e1beb5f608e73c91612e3d30f6a5b4be41cd0cc25fbdcade7356c3f78f6f70060f97a6b1516781e54b7e0c86813be1370a337111ddaa8d19dc9015e5edf6237662d5005b082a9e751e87d7ff28a0797ea100db0cbf4f2cf77e38034bd1fe9494e448995cd0a7b16777e36a096e93a7bed9d14a180439e112d5bc4a36afcea601c61e5204608325a99f8e6bf1ea6c70b24e53315eea40906ad684de8613d3e8a6d2e0f79d8df83b16f862c128a2189a98ff4df15b15310d16dde87a43c16bd61449cc401f34f234a303f4350cc778bf6408a7cc8ac13882dce71f3718cfb6214ce45f5bb97f4309afa5a592aecf0f9685c3a83bfab1224be1c9dddc8f2e737b0c10f8ac89551cb82f30c232dac84e46a6359b6bb885387b935acd09d4bad74f5cc9aa0914bcf20713397a88bced4f530eed46d6dd9a6090aa0542139ec15e8aa11a5952f18018ba56fa28704567b0e37957f6202b0334a1ad1240425e5dc6704c39071b863e1e369f826c89da16126786914035fa0f066c389fef81f0fb275a9016c1c0d526a59f42b346439d60942a154be7fdf9c68fadbc63fc382bd94b886dd26c41f37747b6350f519df0d579066be7388d93362601f27df11b0dc5a189d3634e2f9968906c303924cf361f39166e57f0ce8d6a0b8fb77d8fecb0f957bde5c1a0ce131e067eb044a54000e1039194836d5410d71f8cb8f859a1ca9d2f2687e77565294605356dfd37427aeb2b57ad6d7b292a0d39bf1fa5a4f4a43cd4af54aa05a7ef485ee58c88269db017d1040be3af5a9e3321abf216025d0845fd957ea0f7e9899ab42d166a98fb0f28c96da7d62b4213f98f506b801ee8472bafe8c4370dec281240c503db507039041184b21945ca7a4308fda9f6456418498718761e38f1876290ebb8b6ab76022bdd5f64c487d39e7fb4be7bd3c92c3094830a8dea4c4206236405cb443afb61cb53ca2a6ead790043a43e356d129d6eee690debb481955d3ae88d79d6e7fa89a16d5f62a4", 0xe80}], 0x2}}], 0x1, 0x40084)
r7 = accept4$unix(r6, 0x0, 0x0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
recvfrom$unix(r7, &(0x7f0000000180)=""/235, 0x1ffd4, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r4, r3, 0x25, 0x1, @void}, 0x10)
close_range(r1, 0xffffffffffffffff, 0x0)
add_key(&(0x7f0000000100)='rxrpc\x00', 0x0, &(0x7f0000000000)="0000000000000004ff6943b800000008fed2f4f6174e98d5c850dc00000028f2000000008607000000ebcd1f", 0x2c, r0)

9.687879493s ago: executing program 3 (id=2341):
r0 = socket(0x3, 0x800, 0x4007)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYRES16=r0, @ANYRESOCT=r0, @ANYRES8], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
sysfs$1(0x1, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
r3 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
fchownat(r3, &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x1000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0x8, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x0, 0x5}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=@newtfilter={0x2c, 0x2c, 0x10, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r2, {0xfffa, 0xf}, {0x0, 0xe}, {0x1c, 0xfff1}}, [@TCA_CHAIN={0x8, 0xb, 0x8}]}, 0x2c}}, 0x24000000)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200))
r5 = getpid()
process_vm_readv(r5, &(0x7f0000008400)=[{0x0, 0x38}, {0x0}], 0x2, &(0x7f00000001c0)=[{&(0x7f00000005c0)=""/94, 0x5b}], 0x1, 0x0)
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r6, 0xaf01, 0x0)
ioctl$TIOCSIG(0xffffffffffffffff, 0x40045436, 0x5d)
r7 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r6, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r6, 0x4004af07, &(0x7f0000000240)=r7)
ioctl$VHOST_SET_VRING_KICK(r6, 0x4008af20, &(0x7f0000000040)={0x1, r7})
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_VRING_ERR(r6, 0x4008af22, &(0x7f00000002c0)={0x1, r7})
ioctl$VHOST_VSOCK_SET_RUNNING(r6, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYRES8=0x0], &(0x7f0000000100)='syzkaller\x00', 0x4, 0xc5, &(0x7f0000000300)=""/197, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffe}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001"], 0x0)

9.672188265s ago: executing program 6 (id=2342):
mmap$binder(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_procfs(0x0, &(0x7f0000000140)='net/fib_trie\x00')
read$FUSE(r4, &(0x7f0000002640)={0x2020}, 0x958)
r5 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r5, 0x90009427, &(0x7f0000000180))
getsockopt$inet_tcp_int(r5, 0x6, 0x88015d5b3d1a6e25, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x8001000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x2e0, 0xb, 0x5, 0x148, 0x128, 0x0, 0x248, 0x2a8, 0x2a8, 0x248, 0x2a8, 0x3, 0x0, {[{{@ip={@remote, @loopback, 0x0, 0x0, 'wg0\x00', 'nr0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@physdev={{0x68}, {'veth1_to_batadv\x00', {}, 'wlan1\x00', {}, 0x4, 0x6}}]}, @common=@inet=@SYNPROXY={0x28}}, {{@ip={@local, @multicast2, 0x0, 0x0, 'xfrm0\x00', 'team0\x00'}, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@socket0={{0x20}}, @common=@ah={{0x30}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @random="6f79fb339557"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x340)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
write$binfmt_script(r7, 0x0, 0xb)
splice(r9, 0x0, r10, 0x0, 0xf3a, 0x0)
write$binfmt_misc(r10, &(0x7f0000000980), 0xfdef)

8.692233012s ago: executing program 1 (id=2344):
r0 = openat$smackfs_ipv6host(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$smackfs_ipv6host(r0, &(0x7f0000000380)=@l2={{0xba, 0x3a, 0x5, 0x3a, 0x5a8e, 0x3a, 0x6, 0x3a, 0x4, 0x3a, 0xa8, 0x3a, 0x329a, 0x3a, 0x3800000000000}, 0x2f, 0x8000000000007f, 0x20, '+\\'}, 0xb0)

8.173188372s ago: executing program 1 (id=2345):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="9feb010018000000000000006faa4b06d9642b4301dc6471c84740280000002800000004000000020000000000001103000000ffffffff0000000000000002000000000a1d5cf57dfaaa2d39b31515c669d3f9cc5ce34a432581de10489fb5c49161f6c3f94e71f505e9a18615de5c8933781624497ea6b0cc580b4394aca48c1618107f8346a89d79be0fd021d8595a5d735cd7c8d61fa33bf785dd6af0ab4fe24b1b70dd314a6c7da89565fbff41123da20718d79fe3a8f1a9630e0f6845690e1197586ed411cc3b87bb6e40925e512a84f58045758017c77fa9e66c8baecf96bcf7a1154501edd0c72a5b5be08f370b28ff98262fee94b9c2059de9978cd8c3aa11c9371e5a9dcff8ea9309c1fdba226c1f67c9b248ab"], 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="6e0000000400000000000000ca1a0000950000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x4}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1)
mount$9p_rdma(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', &(0x7f0000000580), 0x0, &(0x7f0000000740)={'trans=rdma,', {'port', 0x3d, 0x4e20}, 0x2c, {[], [{@smackfshat={'smackfshat', 0x3d, 'vxfs\x00'}}]}})
syz_usb_connect(0x0, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="120100004366b408c70b0800c84f0102030109022d00010000000009040000032eb47d000905f9ffffff00000009050f47f0"], 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x29, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r3, 0x27, 0x37, 0x0, &(0x7f0000000000)="f8ad48cc02cb29dcc8007f5b86dda51d64cc50aa132e905be5b2500a48328dcdf28886581ba61fc1ed93e3a34bd2f0f86ffb090e4f0c4b", 0x0, 0x4000, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x10012, r2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$fou(&(0x7f0000003c80), 0xffffffffffffffff)
sendmsg$FOU_CMD_DEL(r4, &(0x7f0000003d40)={0x0, 0x0, &(0x7f0000003d00)={&(0x7f0000003cc0)={0x18, r5, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4040044}, 0x90)
r6 = syz_open_dev$media(&(0x7f0000000040), 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r8, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r9 = dup(r8)
write$FUSE_BMAP(r9, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@posixacl}]}})
ioctl$MEDIA_IOC_G_TOPOLOGY(r6, 0xc0487c04, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001100)=[{}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xd, 0x4, &(0x7f0000000240)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

7.491266092s ago: executing program 5 (id=2351):
socket$phonet_pipe(0x23, 0x5, 0x2)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setresuid(r1, r1, r1)
setsockopt$PNPIPE_ENCAP(0xffffffffffffffff, 0x113, 0x1, &(0x7f0000000280), 0xffa4)

7.400182395s ago: executing program 5 (id=2352):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000200000d000000060c"], &(0x7f0000000f40)=""/4068, 0x3e, 0xfe4, 0x1, 0x0, 0x26000000, @void, @value}, 0x28)

7.392077577s ago: executing program 5 (id=2353):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000003c0)={'syz0\x00', {0x8000, 0x0, 0x0, 0x400}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xac5, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1], [0x1, 0xfffffffe, 0x0, 0x7, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x6e3a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000]}, 0x45c)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(r8, 0x4068aea3, &(0x7f00000000c0)={0xe1})
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r3}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
prlimit64(0x0, 0x7, &(0x7f0000000ec0), 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x1, 0x1000000000000, &(0x7f0000000780)="cb"})
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r9, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)

7.193135088s ago: executing program 3 (id=2354):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000001800dd8d000000000000000002000000000000060000000006001500010000001800168014000100000000000000000000003000000011"], 0x3c}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000040)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000080), 0x4)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r7=>0x0})
bind$tipc(0xffffffffffffffff, &(0x7f0000000180)=@id={0x1e, 0x3, 0x2, {0x4e20, 0x1}}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[], 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r8 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r8, &(0x7f0000000180)='`', 0x500, 0x0, &(0x7f0000000240)={0x2f, 0x0, r7, 0x1, 0x0, 0x6, @local}, 0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000080)=ANY=[@ANYBLOB="18030000000000000000000000000000851000000600000018100000", @ANYRES32=r4, @ANYBLOB="00000000000000006600000000000000180000000000000000000000000000009500000000000000a7030000001f000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

6.472281831s ago: executing program 6 (id=2357):
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000000c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000800)=@raw={'raw\x00', 0x8, 0x3, 0x3b0, 0x1d0, 0x43, 0xa0, 0x1d0, 0x98, 0x318, 0x178, 0x178, 0x318, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1b0, 0x1d0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@helper={{0x48}, {0x0, 'ftp-20000\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@unspec=@connbytes={{0x38}}, @common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@multicast1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x410)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x5, 0x20, 0x200, 0x9d, 0x6, 0x3, 0x101, 0x80000, 0x200}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r6=>0x0], 0x1})
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r8=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r7, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, <r9=>0x0], &(0x7f0000000200), 0x3, r8})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)={0x20, r11, 0x1, 0x0, 0x25dfdbfd, {0x1c}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}}, 0x0)
r12 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
lseek(r12, 0xe, 0x1)
ioctl$PIO_FONT(r12, 0x4b61, &(0x7f00000001c0)="27567ed72fcd5eb8bdc735c51f7a9d99")
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r5, 0xc01864ba, &(0x7f0000000300)={0x11, r9, r6})

6.310202838s ago: executing program 3 (id=2358):
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61154c000000000061138c000000000abfa000000000000015030000088d4e002d3501000000000095000000000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a81426104000000000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546ccd3f1d5ab2af27546e7c070000000000000095cb202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec85eeeb83ccaec388158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d0800e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb400f692f374dfab73f90000000000000000000000004000bc00f679629709e7e78f4d08000000ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43000000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d0000000000000000b712c1e47be511fe32fbc90e2364a55e9bb609c64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd4722a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d632bd1f61b007e1d913c3fd6edc9b9bfc8c6a14ff595eff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c835d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a0397c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed551c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff5af657a67463d7dbf85ae9321fad16ee751cd7dde94ec97549c2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8bf377b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059a6cffb92e2a0cfd81434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5c4d188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a5cbb8be3f7741b18007dff12eb95f9ddf30e066cc6bc256f0a12282224bb031bbee6d23cef7074f6d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873d0ecdf904c2bdbef81f246d26f4b40df949e12bdac18092f4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054e5deb27f7922fe6c14eba96c9af409da03290e4009f872d5aac263dbe239efb1e02dd4fc07f8c5b070e2ddeb4b5afa6df2e7e162962e334d85fa4373d5b569ac3353cc56008ddc8277fa9e8f6684513bfa827686b6fb71259743f55f46fa7e6379312e93213faf275f0441d46bc5690181244c44bea45854ed4ccd99f3fd328110ae22ef1504ec0566652d742ed8a7e202539c6531824f7399b486fbb906a91b77f2a6ba27bf97ebc7482cea32278a7acd9f2210e6ed2defcbd112f29a92401c5a37c58835f870b056186ef3971d3d9effa5661cabc2ff070000cfb030dd4ac0fe54db67510d3e9a5d36b900000074000000000000000000000000006e96ba8f5e7e89bef4226173e20ebb17b924e9e6d0ee163713b2bd56f58dec64df91417beaac4061e6216774e048276e110d25ae7feb600897c8364af49ce59027a6ee5d7c6e12c0f45c0f376d9da065ca0499e209655d2420fcfa10fccf2cbe7b60161cc6cbd874c928689acd9d4e00cefacc887b76767ca1279e34d20b276dff8318e0ec5ab2929e63ef6a32b1abc55859804e2ec19e5b96a2df9f488e7e25a839701e37cdd850c2f26685047f1d492571482f993bb96642a3f56a0ea24d765c6edf2352e00bc4ff4a723ee2d9307e6f25bd05f98583cc0868"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3c)

4.111378836s ago: executing program 6 (id=2359):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
socket(0x1d, 0x2, 0x6) (async)
r1 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vxcan0\x00'})
openat$nullb(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (async)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40081271, &(0x7f0000000000)=0x400) (async)
ioctl$FS_IOC_SETFLAGS(r2, 0x40081271, &(0x7f0000000000)=0x400)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r4 = accept$packet(0xffffffffffffffff, &(0x7f0000000100), &(0x7f0000000140)=0x14)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000280)={@local}, &(0x7f00000002c0)=0xc) (async)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000280)={@local, @rand_addr, <r5=>0x0}, &(0x7f00000002c0)=0xc)
setsockopt$packet_drop_memb(r4, 0x107, 0x2, &(0x7f0000000300)={r5, 0x1, 0x6, @link_local}, 0x10)
write$binfmt_elf64(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x78) (async)
write$binfmt_elf64(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x78)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid() (async)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0) (async)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r9}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r9}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) (async)
r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r10, 0x400452c9, &(0x7f0000000100)) (async)
ioctl$FS_IOC_GETFSLABEL(r10, 0x400452c9, &(0x7f0000000100))
r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r11, 0xae60)

3.583961068s ago: executing program 2 (id=2360):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f0000000140)={0xa8, 0x0, 0x6})
set_mempolicy(0x6, &(0x7f0000000080)=0x89, 0x4)
r2 = memfd_create(&(0x7f00000006c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f\xf8\xd2\x01\xf4\x1c\xc0\xf9\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xeb\xcd\t\x00\x90k\xd6\x05\r\x84\x87\x1c\b\x8c\x06\x00\x13A\x90m\xb6\x02\x00\x00\x00A\xc5\xb8_\xd4\x18,\fus\xb2\x99/\xc0\x9a\x05O\xdb\xc0\x8b\x19\x17\xb7Rvd\xcb:\b0\xc3\x93;\xcc\x14\x02\xc4\xfd{\xbb-\x80\xbf\xab\xbf\xd2\xd3\xe0Cf\xb7\x7f\x93X\'\xf5/\xf9cY\x828\xa2\x00_\xb0#w\xae\xb8L\xeb\xa1\xecF\xbd\xf0\x91$s\xd8\x80\x1a\xc4\xe5=_b\x99\xf9\x84(\xcb,Y\xe6\xf0\x13\x15J\x9f,\xa5\xf2.A\x00\x00S\x94\xe7\x05no\xee\x8b\xb0ciB\x82\t9*\a\x88\xfe\xca\xcb\xe2G\x00\xa9;q\x0f\xb4\xfa\x8e\v\xf7\xc7\x86>wHw]=rW\x01\xe3\xdb\x10G-\xf7\xacD\xd7\xfb\xa0\x96\x85u\xddDv\x9c\x8b\xab\xe3F\x1d\xd2C\xdc\x1f\x80\x005\'y8a\xd3s_\xa6\b\x90\xab\xc9_\xc9\xcb;z\xcc\x995\xd2j\x1d\xd9\xe1\xcb\x1c\x156\xc5\xf2d\xfe\x0er\x01\xcdyF\xc1H\r\x94\xa9\x89P|\xcff\x9e\x03\xa4:\x04\v)\x02\xbaq\xae\x87\x1a\xc0\xe5\x90\x00'/322, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f00001c5000/0x4000)=nil, 0x4000, 0x0, 0x30, r2, 0x41eb0000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r6, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)}, 0x2000)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x3a)
r8 = fcntl$dupfd(r7, 0x0, r7)
connect$inet6(r8, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, &(0x7f0000000040)='batadv_slave_0\x00', 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x200000b, 0x12, r9, 0x0)
ftruncate(r9, 0x8001)
r10 = syz_open_dev$evdev(&(0x7f0000007bc0), 0x0, 0x0)
ioctl$EVIOCGLED(r10, 0x80044501, &(0x7f0000000000)=""/85)
mmap(&(0x7f00001c3000/0x3000)=nil, 0x3000, 0x4, 0x2012, r2, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r9)
sendmsg$nl_generic(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e64383032313100"], 0x20}}, 0x0)

3.099055113s ago: executing program 5 (id=2361):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS32(0xffffffffffffffff, 0xc0245720, &(0x7f0000000440))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
syz_open_dev$MSR(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000300), 0x100040000, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_smc(0x2b, 0x1, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000000)=@sack_info={0x0, 0x0, 0x6}, 0xc)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e22, @loopback}, @in={0x2, 0x4e23, @multicast1}], 0x20)
sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
writev(r3, &(0x7f0000000080)=[{&(0x7f0000000100)='J', 0x1}], 0x1)
sendmsg$nl_xfrm(r1, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000004980)=@newsa={0x144, 0x10, 0x1, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@local, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@remote, 0x0, 0x6c}, @in=@empty, {0x0, 0x800000000000000, 0x0, 0xfffffff7ffffffff}, {0x0, 0x4}, {}, 0x0, 0x0, 0x2, 0x1, 0x6}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @mark={0xc, 0x15, {0x35075a, 0x1}}]}, 0x144}, 0x1, 0x0, 0x0, 0x4004050}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

2.948098295s ago: executing program 3 (id=2362):
unshare(0x20000000)
gettid()
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$AUTOFS_IOC_PROTOVER(0xffffffffffffffff, 0x80049363, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x200440c1)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8b18, &(0x7f0000000000)={'wlan1\x00'})
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
r4 = socket(0x10, 0x803, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r5}, 0x18)
r6 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, 0x0)
getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
socket$kcm(0x2, 0x1000000000000002, 0x0)
socket$kcm(0x2, 0x5, 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)

2.296111919s ago: executing program 1 (id=2363):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in=@remote, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {@in6=@mcast2, 0x0, 0x32}, @in=@local, {0x4, 0x1000000}, {}, {}, 0x0, 0x0, 0x2, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x7, 0x0, 0x0, @in=@loopback}}]}, 0x154}}, 0x0)

1.782113192s ago: executing program 3 (id=2364):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000001c0)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004d00)=@newchain={0x24, 0x64, 0x800, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xffff, 0xffe0}, {0xe, 0xb}, {0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x40)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x3ff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
write(r4, 0x0, 0x0)
setsockopt$sock_int(r3, 0x1, 0x7, 0x0, 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r6 = fanotify_init(0x0, 0x0)
fanotify_mark(r6, 0x105, 0x40001032, r5, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000200)={[{0x8, 0x3c, 0xf, 0x9, 0x4, 0x0, 0x8, 0x4, 0xf0, 0x9, 0x2, 0x7, 0x2}, {0x9, 0x7ff, 0x9, 0x68, 0x9, 0x6, 0x8, 0x1, 0x1, 0xe7, 0x81, 0x8, 0x2}, {0x2, 0x8, 0x6, 0xfc, 0xfd, 0x7, 0xa3, 0x80, 0x96, 0x1, 0x2, 0x4, 0x8}], 0x4})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.cpu/syz0\x00', 0x1ff)
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000000)='./file0\x00')
openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0/..\x00', &(0x7f00000000c0)={0x0, 0x0, 0x8}, 0x18)

1.709171156s ago: executing program 5 (id=2365):
connect$can_bcm(0xffffffffffffffff, &(0x7f0000000200), 0x10)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}, 0x1, 0x200000000000000}, 0x0)

1.635556139s ago: executing program 1 (id=2366):
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f00000000c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000020c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4b8, 0x0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x3e8, 0x3d8, 0x3d8, 0x3e8, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x200000, 0x0, 0x1, 0x0, 'syz1\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x80, 0x0}, 'virt_wifi0\x00', {0x6dbf}}}}, {{@uncond, 0x0, 0xd8, 0x108, 0x0, {0x0, 0xffff000000000000}, [@common=@ah={{0x30}, {[0x4d5, 0x4d4], 0x4, 0x2, 0x1}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x0, 0x4, 0x1}, {0xffffffffffffffff, 0x3, 0x6}, 0x5}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x518)

1.375205434s ago: executing program 6 (id=2367):
syz_open_dev$vim2m(0x0, 0x47b, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, 0x0, 0x0)
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x1000000}}, 0x1c)

1.170560942s ago: executing program 2 (id=2368):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@setneightbl={0x14, 0x43, 0x1, 0x1, 0x0, {0xa}}, 0x14}}, 0xa888)

644.199858ms ago: executing program 1 (id=2369):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000004980)=@newsa={0x138, 0x10, 0x1, 0x70bd2d, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@local, 0x0, 0x800, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@remote, 0x14, 0x2b}, @in=@empty=0x14, {0x4, 0xfffffffffffffffd, 0x0, 0xfffffff7ffffffff, 0x0, 0x0, 0x1000000000000000}, {0x0, 0x5}, {0x0, 0x401, 0x1a000000}, 0x0, 0x0, 0x2, 0x1, 0x6, 0x469f6dce18de9db}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x4004050}, 0x0)

640.47936ms ago: executing program 2 (id=2370):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f00000005c0)=ANY=[@ANYBLOB="18080000003800000000000201000000851000000600000018000000", @ANYRES32, @ANYBLOB="0000000000000020660800002ab91a00180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000001000000850000000600000095"], &(0x7f0000000880)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

593.244121ms ago: executing program 5 (id=2371):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000003c0)={'syz0\x00', {0x8000, 0x0, 0x0, 0x400}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xac5, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1], [0x1, 0xfffffffe, 0x0, 0x7, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x6e3a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000]}, 0x45c)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(r8, 0x4068aea3, &(0x7f00000000c0)={0xe1})
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r3}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
prlimit64(0x0, 0x7, &(0x7f0000000ec0), 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x1, 0x1000000000000, &(0x7f0000000780)="cb"})
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r9, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)

587.013292ms ago: executing program 1 (id=2372):
r0 = syz_usb_connect(0x0, 0xfffffffffffffe7f, &(0x7f0000000400)={{0x12, 0x1, 0x0, 0x6a, 0x26, 0xad, 0x10, 0x45e, 0x433, 0xd862, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x4, 0x0, 0x0, [{{0x9, 0x4, 0x8e, 0x7, 0x0, 0x11, 0x51, 0xb9, 0x4, [@cdc_ncm={{0x0, 0x24, 0x6, 0x0, 0x1, "97b0dcf2ea6b"}, {0x0, 0x24, 0x0, 0x3ff}, {0x0, 0x24, 0xf, 0x1, 0x7, 0xffff, 0x3, 0xd}, {0x0, 0x24, 0x1a, 0x0, 0x8}, [@call_mgmt={0x0, 0x24, 0x1, 0x3, 0x4}, @mbim={0x0, 0x24, 0x1b, 0x3, 0x100, 0x2, 0x28, 0xff, 0x82}, @call_mgmt={0x0, 0x24, 0x1, 0x0, 0xc}, @country_functional={0x0, 0x24, 0x7, 0x1, 0x7, [0x3ff, 0x5, 0x6b, 0x2]}, @mdlm_detail={0x0, 0x24, 0x13, 0x80, "215588a17c7656230cfeeffb3cd27b8378b6c3dc49b5e87fb85878c232fe89c02892a7c5d41f7f859ed39df595c5c440ce6f09922f868c9e604a3b7a4b"}, @mbim={0x0, 0x24, 0x1b, 0x1, 0x2952, 0x95, 0x33, 0x4, 0x9}]}, @generic={0x0, 0x23, "e0c729e3415934a812885e9ca3190edc600eb14ae5a1a6d9bf209b0efaba7bbd98ecb9960b6702b8ed39d40c563f64dd00764dedcb45aac23c36d1178a428a23030dc6a1e48b95647ee2ffd4834c10aa4dba1f409006bab78ce8"}], [{{0x9, 0x5, 0x4, 0x0, 0x20, 0x6, 0x0, 0x6}}, {{0x9, 0x5, 0x6, 0x10, 0x40, 0x2, 0xf, 0x2, [@uac_iso={0x0, 0x25, 0x1, 0x80, 0x6, 0xf9e3}, @uac_iso={0x0, 0x25, 0x1, 0x3, 0x8, 0xfff8}]}}, {{0x9, 0x5, 0x1, 0x2, 0x200, 0x97, 0x6, 0x2, [@generic={0x0, 0x6, "378cbc247fbf0a51466b97b649661ddb0e83dabbd6aa3c50f214bf1c06a3fe0387f9827ef4166102bf5982e8d93bfbb1b0acfee6f57b293ba7cfb4697ba0bdb3682c26f69e09127e444de710a2857389c31d2b8e4715ed6bf3570bdaa63a363b1ae7066ff827c7c02c8a15c3283dfce2f61507e93a704b1990f83b4e46ef6d9fa4472f695ed42046082bbb19e140bd8ebb45c5867af364f3b15c89cbe80c293f314d0b4ed95b7822c7041941b029dbaa629b8099d8e5e530dbbeac3af71b846fa799f4b16142fe0e00a04b7ef0"}, @generic={0x0, 0x23, "9de39f0acc2292131962d99ffb5c272e1cef9459f53de0a9c2988a8d6352cfbfa800ac0513d473c54a73609e7cc7668dbbb03bf83267850623348be775ce7e35ef937564377cf4d6f9f4f2b817c2f8bf691b8b96954feb22a2178bc68bbad0d3381823af6b6b0dd864b836eec03d5d7d50afa3d82f2e952f4c989e52eb0639498af2b21b426855791142e0b434686919da170fb2f5ed4564a7c597db6545a01ee0ff7a44d75b9b863b65563feeb3e5925fb1345d"}]}}, {{0x9, 0x5, 0x9, 0x0, 0x400, 0x2, 0xc, 0x9, [@uac_iso={0x0, 0x25, 0x1, 0x0, 0x4, 0x4}, @generic={0x0, 0x23, "263023012007d9c9d670e0ccd5df385cfa8358aabddfe2fb8b434d5350b3468398cc65a554a0f0617561135c17a513db2878da5f0d011d44115a2a09eac449b6ec01b13964d1dc061c40dd4c6bc5b507a11aaee50ed0a742ba2346a78a81434510a89dbfcb03c373187e546a79f61a4a464a2cc9caf58413adcd161708e62f96888e020f80b8bade38d9a535"}]}}, {{0x9, 0x5, 0x1, 0x0, 0x8, 0x1, 0x68, 0x81, [@generic={0x0, 0x22, "793bd66cd894014819aa7a8100cfd130329cb9"}]}}, {{0x9, 0x5, 0x14, 0x1f, 0x200, 0xf, 0x29, 0x40, [@generic={0x0, 0xe, "b064538c73c5a04ed7a58c11b9b3238f770f1f05e7ae057b397c"}]}}]}}]}}]}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000a80)={0x44, &(0x7f0000000900)={0x0, 0xe, 0x1, "9e"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_connect(0x0, 0xfffffffffffffe7f, &(0x7f0000000400)={{0x12, 0x1, 0x0, 0x6a, 0x26, 0xad, 0x10, 0x45e, 0x433, 0xd862, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x4, 0x0, 0x0, [{{0x9, 0x4, 0x8e, 0x7, 0x0, 0x11, 0x51, 0xb9, 0x4, [@cdc_ncm={{0x0, 0x24, 0x6, 0x0, 0x1, "97b0dcf2ea6b"}, {0x0, 0x24, 0x0, 0x3ff}, {0x0, 0x24, 0xf, 0x1, 0x7, 0xffff, 0x3, 0xd}, {0x0, 0x24, 0x1a, 0x0, 0x8}, [@call_mgmt={0x0, 0x24, 0x1, 0x3, 0x4}, @mbim={0x0, 0x24, 0x1b, 0x3, 0x100, 0x2, 0x28, 0xff, 0x82}, @call_mgmt={0x0, 0x24, 0x1, 0x0, 0xc}, @country_functional={0x0, 0x24, 0x7, 0x1, 0x7, [0x3ff, 0x5, 0x6b, 0x2]}, @mdlm_detail={0x0, 0x24, 0x13, 0x80, "215588a17c7656230cfeeffb3cd27b8378b6c3dc49b5e87fb85878c232fe89c02892a7c5d41f7f859ed39df595c5c440ce6f09922f868c9e604a3b7a4b"}, @mbim={0x0, 0x24, 0x1b, 0x1, 0x2952, 0x95, 0x33, 0x4, 0x9}]}, @generic={0x0, 0x23, "e0c729e3415934a812885e9ca3190edc600eb14ae5a1a6d9bf209b0efaba7bbd98ecb9960b6702b8ed39d40c563f64dd00764dedcb45aac23c36d1178a428a23030dc6a1e48b95647ee2ffd4834c10aa4dba1f409006bab78ce8"}], [{{0x9, 0x5, 0x4, 0x0, 0x20, 0x6, 0x0, 0x6}}, {{0x9, 0x5, 0x6, 0x10, 0x40, 0x2, 0xf, 0x2, [@uac_iso={0x0, 0x25, 0x1, 0x80, 0x6, 0xf9e3}, @uac_iso={0x0, 0x25, 0x1, 0x3, 0x8, 0xfff8}]}}, {{0x9, 0x5, 0x1, 0x2, 0x200, 0x97, 0x6, 0x2, [@generic={0x0, 0x6, "378cbc247fbf0a51466b97b649661ddb0e83dabbd6aa3c50f214bf1c06a3fe0387f9827ef4166102bf5982e8d93bfbb1b0acfee6f57b293ba7cfb4697ba0bdb3682c26f69e09127e444de710a2857389c31d2b8e4715ed6bf3570bdaa63a363b1ae7066ff827c7c02c8a15c3283dfce2f61507e93a704b1990f83b4e46ef6d9fa4472f695ed42046082bbb19e140bd8ebb45c5867af364f3b15c89cbe80c293f314d0b4ed95b7822c7041941b029dbaa629b8099d8e5e530dbbeac3af71b846fa799f4b16142fe0e00a04b7ef0"}, @generic={0x0, 0x23, "9de39f0acc2292131962d99ffb5c272e1cef9459f53de0a9c2988a8d6352cfbfa800ac0513d473c54a73609e7cc7668dbbb03bf83267850623348be775ce7e35ef937564377cf4d6f9f4f2b817c2f8bf691b8b96954feb22a2178bc68bbad0d3381823af6b6b0dd864b836eec03d5d7d50afa3d82f2e952f4c989e52eb0639498af2b21b426855791142e0b434686919da170fb2f5ed4564a7c597db6545a01ee0ff7a44d75b9b863b65563feeb3e5925fb1345d"}]}}, {{0x9, 0x5, 0x9, 0x0, 0x400, 0x2, 0xc, 0x9, [@uac_iso={0x0, 0x25, 0x1, 0x0, 0x4, 0x4}, @generic={0x0, 0x23, "263023012007d9c9d670e0ccd5df385cfa8358aabddfe2fb8b434d5350b3468398cc65a554a0f0617561135c17a513db2878da5f0d011d44115a2a09eac449b6ec01b13964d1dc061c40dd4c6bc5b507a11aaee50ed0a742ba2346a78a81434510a89dbfcb03c373187e546a79f61a4a464a2cc9caf58413adcd161708e62f96888e020f80b8bade38d9a535"}]}}, {{0x9, 0x5, 0x1, 0x0, 0x8, 0x1, 0x68, 0x81, [@generic={0x0, 0x22, "793bd66cd894014819aa7a8100cfd130329cb9"}]}}, {{0x9, 0x5, 0x14, 0x1f, 0x200, 0xf, 0x29, 0x40, [@generic={0x0, 0xe, "b064538c73c5a04ed7a58c11b9b3238f770f1f05e7ae057b397c"}]}}]}}]}}]}}, 0x0) (async)
syz_usb_control_io$printer(r0, 0x0, 0x0) (async)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) (async)
syz_usb_control_io$printer(r0, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) (async)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000a80)={0x44, &(0x7f0000000900)={0x0, 0xe, 0x1, "9e"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)

476.042147ms ago: executing program 2 (id=2373):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="200000000201050000000000000000000500000a0c001980040002"], 0x20}, 0x1, 0x9000000, 0x0, 0x4000cc5}, 0x20000000)

405.422718ms ago: executing program 6 (id=2374):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$SIOCAX25DELFWD(0xffffffffffffffff, 0x89eb, &(0x7f0000000600)={@null, @null})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="6c6f616420656372797074667320757365723a7472757374ea0892615400e1db3030303030303030303030303030363420001a94ba"], 0x32, 0xfffffffffffffffc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
pipe(&(0x7f0000000140)={<r2=>0xffffffffffffffff})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x9}, @NFTA_CT_DIRECTION={0x5}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc8}, 0x1, 0x0, 0x0, 0x5090}, 0x0)
flock(r2, 0x6)
r4 = socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp(r4, &(0x7f00000000c0), 0x10)
sendto$l2tp(r4, &(0x7f0000000240)="e5786a0d000000000000c83b", 0xc, 0x0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x29}}, 0x10)
recvmsg(r4, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x0)
r5 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f0000000040)={0x5, 0x7, 0x2, "957f314f698023ae48660132a0a12990f5e6710d0000001053b3df00", 0xb5315241})
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140)=0xffffffffffffffff, 0x4)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f00000003c0), 0x20000, 0x0)
ioctl$BLKALIGNOFF(r7, 0x127a, &(0x7f00000006c0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x8, &(0x7f0000000040)=@raw=[@call={0x85, 0x0, 0x0, 0x88}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @btf_id={0x18, 0x0, 0x3, 0x0, 0x4}], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, 0x25, r6, 0x8, &(0x7f00000001c0)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000200)={0x0, 0x0, 0x81}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800, @void, @value}, 0x94)
syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x0, 0x100, 0x0, 0x335, 0x0, r2}, 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101a40, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r9, 0xae60)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r9, 0xffffffffffffffff, &(0x7f000049c000/0x18000)=nil, &(0x7f0000000400)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4400ae8f, &(0x7f0000000140)=@x86={0x7f, 0x81, 0x6, 0x0, 0x3ff, 0xc, 0xfd, 0x6, 0x2, 0x49, 0x2, 0x8, 0x0, 0x2, 0x5, 0x8, 0x80, 0x1, 0x6, '\x00', 0xc5, 0x1ff})
ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x40000073, 0x0, 0x5}]})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4800000013001300000000000000000010000000", @ANYRES32=0x0, @ANYBLOB="74020400001200000000000000000000305f746f5f626f6e6400000014001680100001800c000900fafffffffa040fff"], 0x48}}, 0x0)

157.945874ms ago: executing program 2 (id=2375):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
write$tun(r0, 0x0, 0xf9)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_window_scaling\x00', 0x1, 0x0)
pwritev2(r1, &(0x7f0000000080)=[{&(0x7f0000000040)='4', 0x1}, {&(0x7f0000000200)="a9b0c50b2b74ae7770c06bb78bc74ce8ef3dd22b35e89771368423195108ce2a3610f6e490310b2d3cb190b25c2e62ee5500d3ee51fa6f7b9b7f21e1ddcb44c09659e6d44b04458ee6128eb903c1bd4fde998aad4ef2485b47dceb77556b1ef44c28067846612bd68893161c7c16f3ab6dd480f64fbda80f5bae581cb53cc29dde44c0a26ee10469fd59b42b281212", 0x8f}, {&(0x7f0000000140)="3c46138b247314ba2277e32d0ccc0822afd55018e9f49dae817fba839fc58b1df19b4629d3c97a32d07b7da5a79ebef81ac7d21a213495ab8d6a64af02fcefe366db986ea1cb769fef557fd21b42183f67fa7e95db60", 0x56}], 0x3, 0x0, 0x0, 0x0)

7.660099ms ago: executing program 6 (id=2376):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000003f00000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = syz_open_procfs(r0, &(0x7f00000000c0)='sessionid\x00')
pread64(r4, &(0x7f00000001c0)=""/204, 0xcc, 0x0)

0s ago: executing program 2 (id=2377):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00', 0x49})
write$sndseq(r1, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1001a)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000200a05000000000000000000020000000900010073797a3000000000090002"], 0x54}}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000440)={0x1, 0x20000006})
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
r3 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000080)=@encrypted_new={'new ', 'ecryptfs', 0x20, 'user:', '/dev/net/tun\x00', 0x20, 0xffff}, 0x35, r3)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x200802, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="9feb010018000000000000006c0000006c00000002000000000000000000000d020000000000400001000005"], &(0x7f0000000f40)=""/4089, 0x86, 0xff9, 0xa, 0x0, 0x0, @void, @value}, 0x20)
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0xd4, 0x0, 0x0, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x20, 0x22, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8}]}]}, @NL80211_ATTR_DFS_REGION={0x5}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}, @NL80211_ATTR_REG_RULES={0x90, 0x22, 0x0, 0x1, [{0x34, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8}, @NL80211_ATTR_FREQ_RANGE_START={0x8}, @NL80211_ATTR_FREQ_RANGE_END={0x8}, @NL80211_ATTR_FREQ_RANGE_START={0x8}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8}, @NL80211_ATTR_DFS_CAC_TIME={0x8}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8}, @NL80211_ATTR_FREQ_RANGE_START={0x8}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8}, @NL80211_ATTR_DFS_CAC_TIME={0x8}]}]}]}, 0xd4}}, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000300)={0xffffffffffffffff}, 0xc)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000180), 0xfefc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000004, 0x10012, r5, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000140)={&(0x7f0000002000/0x3000)=nil, &(0x7f0000000000/0xe000)=nil, &(0x7f000000a000/0x2000)=nil, &(0x7f0000008000/0x2000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000008000/0x3000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000002000/0x1000)=nil, &(0x7f0000000000/0x2000)=nil, &(0x7f0000008000/0x1000)=nil, &(0x7f000000c000/0x2000)=nil, 0x0}, 0x68)
dup(0xffffffffffffffff)
r6 = socket$kcm(0x10, 0x7, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003d000b08d25a802b8c7494f90224fc600b00000004000400070082c137153e3719ac018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
ioctl$TUNGETDEVNETNS(r4, 0x54e3, 0x0)
close_range(r0, 0xffffffffffffffff, 0x400000000000000)

kernel console output (not intermixed with test programs):

read-only block-device nullb0
[  422.339297][T11041] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1609'.
[  422.467896][T11045] binder: BINDER_SET_CONTEXT_MGR already set
[  422.473938][T11045] binder: 11044:11045 ioctl 4018620d 20000100 returned -16
[  422.920432][T11057] binder: BINDER_SET_CONTEXT_MGR already set
[  422.926934][T11057] binder: 11044:11057 ioctl 4018620d 200002c0 returned -16
[  425.028594][T11081] cgroup: Invalid name
[  426.024295][   T25] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  426.174805][   T25] usb 2-1: Using ep0 maxpacket: 8
[  426.185427][   T25] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF6, changing to 0x86
[  426.204419][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  426.235066][   T25] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x86 has invalid maxpacket 0
[  426.250220][T11095] x_tables: duplicate underflow at hook 2
[  426.286789][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  426.325252][   T25] usb 2-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=9b.1d
[  426.335369][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  426.343349][   T25] usb 2-1: Product: syz
[  426.382168][   T25] usb 2-1: Manufacturer: syz
[  426.385371][T11098] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1622'.
[  426.397734][   T25] usb 2-1: SerialNumber: syz
[  426.416533][   T25] usb 2-1: config 0 descriptor??
[  426.440432][   T25] port100 2-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  426.684554][   T25] usb 2-1: USB disconnect, device number 39
[  429.354532][T11124] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1630'.
[  429.374407][T11124] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1630'.
[  429.383466][T11124] netlink: 4432 bytes leftover after parsing attributes in process `syz.1.1630'.
[  429.594486][T11136] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1634'.
[  429.794302][ T5879] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  430.044781][ T5879] usb 3-1: Using ep0 maxpacket: 8
[  430.052566][ T5879] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  430.061170][ T5879] usb 3-1: config 179 has no interface number 0
[  430.067612][ T5879] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  430.079048][ T5879] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  430.090478][ T5879] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 32, changing to 9
[  430.102116][ T5879] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  430.187444][ T5879] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  430.237576][ T5879] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  430.410670][ T5879] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.986021][T11119] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  431.041586][ T5879] usb 3-1: USB disconnect, device number 33
[  431.047961][    C0] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  431.048008][    C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  431.857096][T11173] bridge_slave_0: left allmulticast mode
[  431.862800][T11173] bridge_slave_0: left promiscuous mode
[  431.880166][T11173] bridge0: port 1(bridge_slave_0) entered disabled state
[  431.918732][T11175] binder: BINDER_SET_CONTEXT_MGR already set
[  431.924927][T11175] binder: 11174:11175 ioctl 4018620d 20000100 returned -16
[  431.991627][T11173] bridge_slave_1: left allmulticast mode
[  431.998613][T11173] bridge_slave_1: left promiscuous mode
[  432.004877][T11173] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.073981][T11173] bond0: (slave bond_slave_0): Releasing backup interface
[  432.109892][T11177] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1647'.
[  432.121885][T11173] bond_slave_0: left promiscuous mode
[  432.136249][T11173] bond0: (slave bond_slave_1): Releasing backup interface
[  432.261847][T11179] binder: BINDER_SET_CONTEXT_MGR already set
[  432.268275][T11179] binder: 11174:11179 ioctl 4018620d 200002c0 returned -16
[  432.286034][T11173] bond_slave_1: left promiscuous mode
[  432.314082][T11173] team_slave_0: left promiscuous mode
[  432.373948][T11173] team0: Port device team_slave_0 removed
[  432.400171][T11173] team_slave_1: left promiscuous mode
[  432.420302][T11173] team0: Port device team_slave_1 removed
[  432.440689][T11173] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  432.451458][T11173] batman_adv: batadv0: Removing interface: batadv_slave_0
[  432.461904][T11173] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  432.470756][T11173] batman_adv: batadv0: Removing interface: batadv_slave_1
[  432.507962][T11173] bond1: (slave batadv1): Releasing active interface
[  432.657360][T11188] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1650'.
[  433.763811][T11220] binder: 11219:11220 ioctl c0306201 0 returned -14
[  433.854383][ T5877] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  433.984287][ T5877] usb 4-1: device descriptor read/64, error -71
[  434.005532][T11229] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1662'.
[  434.507617][T11232] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1663'.
[  435.075218][ T5877] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  435.128676][T11247] ipt_rpfilter: unknown options
[  435.248665][ T5877] usb 4-1: device descriptor read/64, error -71
[  435.272664][ T5909] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  435.374733][ T5877] usb usb4-port1: attempt power cycle
[  435.444286][ T5909] usb 5-1: Using ep0 maxpacket: 32
[  435.467710][ T5909] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  435.484204][ T5909] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  435.506416][ T5909] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  435.526742][ T5909] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.746064][ T5909] usb 5-1: config 0 descriptor??
[  435.752628][ T5909] hub 5-1:0.0: USB hub found
[  435.975124][ T5909] hub 5-1:0.0: 1 port detected
[  436.275864][   T54] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  436.362243][ T5877] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  436.533453][T11266] overlay: Unknown parameter 'fd'
[  436.539027][T11261] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1668'.
[  436.684370][ T5877] usb 4-1: device not accepting address 40, error -71
[  436.764385][T11273] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1676'.
[  437.178656][T11287] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  437.203653][T11287] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  437.255613][ T5879] usb 5-1: USB disconnect, device number 42
[  438.723483][T11299] lo speed is unknown, defaulting to 1000
[  439.040062][T11309] x_tables: duplicate underflow at hook 2
[  439.194778][T11317] FAULT_INJECTION: forcing a failure.
[  439.194778][T11317] name failslab, interval 1, probability 0, space 0, times 0
[  439.215690][T11317] CPU: 1 UID: 0 PID: 11317 Comm: syz.0.1690 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0
[  439.226480][T11317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  439.236562][T11317] Call Trace:
[  439.239856][T11317]  <TASK>
[  439.242801][T11317]  dump_stack_lvl+0x241/0x360
[  439.247507][T11317]  ? __pfx_dump_stack_lvl+0x10/0x10
[  439.252715][T11317]  ? __pfx__printk+0x10/0x10
[  439.257318][T11317]  ? __kmalloc_noprof+0xb0/0x400
[  439.262262][T11317]  ? __pfx___might_resched+0x10/0x10
[  439.267559][T11317]  should_fail_ex+0x3b0/0x4e0
[  439.272259][T11317]  ? smk_write_net6addr+0x197/0x18b0
[  439.277556][T11317]  should_failslab+0xac/0x100
[  439.282240][T11317]  ? smk_write_net6addr+0x197/0x18b0
[  439.287538][T11317]  __kmalloc_noprof+0xd8/0x400
[  439.292330][T11317]  smk_write_net6addr+0x197/0x18b0
[  439.297465][T11317]  ? __pfx_lock_acquire+0x10/0x10
[  439.302514][T11317]  ? __pfx_smk_write_net6addr+0x10/0x10
[  439.308085][T11317]  ? rcu_read_lock_any_held+0xb7/0x160
[  439.313564][T11317]  ? __pfx_smk_write_net6addr+0x10/0x10
[  439.319127][T11317]  vfs_write+0x2a3/0xd30
[  439.323384][T11317]  ? fdget_pos+0x24e/0x320
[  439.327816][T11317]  ? __pfx_vfs_write+0x10/0x10
[  439.332601][T11317]  ? __fget_files+0x3f3/0x470
[  439.337305][T11317]  ? fdget_pos+0x24e/0x320
[  439.341741][T11317]  ksys_write+0x183/0x2b0
[  439.346085][T11317]  ? __pfx_ksys_write+0x10/0x10
[  439.350944][T11317]  ? do_syscall_64+0x100/0x230
[  439.355729][T11317]  ? do_syscall_64+0xb6/0x230
[  439.360422][T11317]  do_syscall_64+0xf3/0x230
[  439.364940][T11317]  ? clear_bhb_loop+0x35/0x90
[  439.369638][T11317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.375544][T11317] RIP: 0033:0x7f8afdf7e719
[  439.379973][T11317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  439.399581][T11317] RSP: 002b:00007f8afed3a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  439.407999][T11317] RAX: ffffffffffffffda RBX: 00007f8afe135f80 RCX: 00007f8afdf7e719
[  439.415978][T11317] RDX: 00000000000000b0 RSI: 0000000020000380 RDI: 0000000000000006
[  439.423945][T11317] RBP: 00007f8afed3a090 R08: 0000000000000000 R09: 0000000000000000
[  439.431922][T11317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  439.439896][T11317] R13: 0000000000000000 R14: 00007f8afe135f80 R15: 00007fff0b10bc78
[  439.447892][T11317]  </TASK>
[  439.493570][T11319] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1691'.
[  439.493736][T11320] ipt_rpfilter: unknown options
[  439.704588][ T5879] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  439.798655][T11330] siw: device registration error -23
[  439.874818][ T5879] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  439.913025][ T5879] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  439.924271][ T5879] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  439.934048][ T5879] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  439.947941][ T5879] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  439.957420][ T5879] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.967804][ T5879] usb 2-1: config 0 descriptor??
[  440.016896][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  440.076566][T11338] Cannot find set identified by id 0 to match
[  440.224757][ T5909] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  440.705934][ T5909] usb 1-1: Using ep0 maxpacket: 32
[  441.094982][ T5909] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  441.106469][ T5909] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  441.126655][ T5909] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  441.144754][ T5909] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  441.193473][ T5909] usb 1-1: config 0 descriptor??
[  441.209527][ T5909] hub 1-1:0.0: USB hub found
[  441.309876][T11355] qrtr: Invalid version 48
[  441.318920][T11355] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1688'.
[  441.363686][T11345] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1702'.
[  441.380659][   T54] Bluetooth: hci4: unexpected event for opcode 0x200f
[  441.414658][ T5909] hub 1-1:0.0: config failed, can't read hub descriptor (err -22)
[  441.455492][ T5909] usbhid 1-1:0.0: can't add hid device: -71
[  441.481925][T11345] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1702'.
[  441.489854][ T5909] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  441.801455][ T5909] usb 1-1: USB disconnect, device number 32
[  441.855384][ T5928] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  442.021297][ T5928] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  442.032747][ T5928] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  442.892357][ T5928] usb 5-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  442.902032][ T5928] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.919191][ T5928] usb 5-1: config 0 descriptor??
[  442.934276][ T5879] usbhid 2-1:0.0: can't add hid device: -71
[  442.940300][ T5879] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  442.968932][ T5879] usb 2-1: USB disconnect, device number 40
[  443.193452][T11370] FAULT_INJECTION: forcing a failure.
[  443.193452][T11370] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  443.247106][T11370] CPU: 1 UID: 0 PID: 11370 Comm: syz.3.1709 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0
[  443.257944][T11370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  443.268037][T11370] Call Trace:
[  443.271363][T11370]  <TASK>
[  443.274315][T11370]  dump_stack_lvl+0x241/0x360
[  443.279049][T11370]  ? __pfx_dump_stack_lvl+0x10/0x10
[  443.284257][T11370]  ? __pfx__printk+0x10/0x10
[  443.288862][T11370]  ? __pfx_lock_release+0x10/0x10
[  443.293901][T11370]  should_fail_ex+0x3b0/0x4e0
[  443.298606][T11370]  _copy_from_user+0x2f/0xc0
[  443.303197][T11370]  __sys_bpf+0x1a4/0x810
[  443.307452][T11370]  ? __pfx___sys_bpf+0x10/0x10
[  443.312231][T11370]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  443.318238][T11370]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  443.324584][T11370]  ? do_syscall_64+0x100/0x230
[  443.329375][T11370]  __x64_sys_bpf+0x7c/0x90
[  443.333792][T11370]  do_syscall_64+0xf3/0x230
[  443.338299][T11370]  ? clear_bhb_loop+0x35/0x90
[  443.342984][T11370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  443.348876][T11370] RIP: 0033:0x7f009497e719
[  443.353290][T11370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  443.372894][T11370] RSP: 002b:00007f009585c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  443.381321][T11370] RAX: ffffffffffffffda RBX: 00007f0094b35f80 RCX: 00007f009497e719
[  443.389295][T11370] RDX: 0000000000000020 RSI: 0000000020000380 RDI: 0000000000000012
[  443.397270][T11370] RBP: 00007f009585c090 R08: 0000000000000000 R09: 0000000000000000
[  443.405248][T11370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  443.413214][T11370] R13: 0000000000000001 R14: 00007f0094b35f80 R15: 00007ffe64da1b78
[  443.421280][T11370]  </TASK>
[  443.460787][ T5928] hid-thrustmaster 0003:044F:B65D.001F: unknown main item tag 0x0
[  443.670963][ T5928] hid-thrustmaster 0003:044F:B65D.001F: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.4-1/input0
[  443.678589][T11377] FAULT_INJECTION: forcing a failure.
[  443.678589][T11377] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  443.694287][ T5928] hid-thrustmaster 0003:044F:B65D.001F: Wrong number of endpoints?
[  443.702718][T11381] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1712'.
[  443.713953][    C1] hid-thrustmaster 0003:044F:B65D.001F: URB to get model id failed with error -71
[  443.714423][ T5879] usb 5-1: USB disconnect, device number 43
[  444.054610][T11377] CPU: 0 UID: 0 PID: 11377 Comm: syz.1.1706 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0
[  444.065413][T11377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  444.075477][T11377] Call Trace:
[  444.078859][T11377]  <TASK>
[  444.081825][T11377]  dump_stack_lvl+0x241/0x360
[  444.086567][T11377]  ? __pfx_dump_stack_lvl+0x10/0x10
[  444.091815][T11377]  ? __pfx__printk+0x10/0x10
[  444.096449][T11377]  ? snprintf+0xda/0x120
[  444.100727][T11377]  should_fail_ex+0x3b0/0x4e0
[  444.105438][T11377]  _copy_to_user+0x31/0xb0
[  444.109879][T11377]  simple_read_from_buffer+0xca/0x150
[  444.115262][T11377]  proc_fail_nth_read+0x1e9/0x250
[  444.120297][T11377]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  444.125850][T11377]  ? rw_verify_area+0x55e/0x6f0
[  444.130706][T11377]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  444.136260][T11377]  vfs_read+0x1fc/0xb70
[  444.140428][T11377]  ? fdget_pos+0x24e/0x320
[  444.144857][T11377]  ? __pfx_vfs_read+0x10/0x10
[  444.149633][T11377]  ? __fget_files+0x3f3/0x470
[  444.154335][T11377]  ? fdget_pos+0x24e/0x320
[  444.158780][T11377]  ksys_read+0x183/0x2b0
[  444.163034][T11377]  ? __pfx_ksys_read+0x10/0x10
[  444.167811][T11377]  ? do_syscall_64+0x100/0x230
[  444.172593][T11377]  ? do_syscall_64+0xb6/0x230
[  444.177287][T11377]  do_syscall_64+0xf3/0x230
[  444.181805][T11377]  ? clear_bhb_loop+0x35/0x90
[  444.186490][T11377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.192407][T11377] RIP: 0033:0x7f857937d15c
[  444.196827][T11377] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  444.216450][T11377] RSP: 002b:00007f857a15d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  444.224863][T11377] RAX: ffffffffffffffda RBX: 00007f8579536130 RCX: 00007f857937d15c
[  444.232828][T11377] RDX: 000000000000000f RSI: 00007f857a15d0a0 RDI: 0000000000000007
[  444.240792][T11377] RBP: 00007f857a15d090 R08: 0000000000000000 R09: 0000000000000000
[  444.248763][T11377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  444.256733][T11377] R13: 0000000000000000 R14: 00007f8579536130 R15: 00007fff0f088528
[  444.264716][T11377]  </TASK>
[  444.267814][    C0] vkms_vblank_simulate: vblank timer overrun
[  444.378624][T11385] tipc: Started in network mode
[  444.391379][T11385] tipc: Node identity , cluster identity 4711
[  444.403631][T11385] tipc: Failed to set node id, please configure manually
[  444.414803][T11385] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  444.442121][T11383] tipc: Started in network mode
[  444.448672][T11383] tipc: Node identity , cluster identity 4711
[  444.464754][T11383] tipc: Failed to set node id, please configure manually
[  444.471819][T11383] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  444.545067][T11393] bond0: (slave batadv0): Releasing backup interface
[  444.559993][T11393] batadv0: left promiscuous mode
[  444.586386][T11393] bridge_slave_0: left allmulticast mode
[  444.595151][T11393] bridge_slave_0: left promiscuous mode
[  444.603590][T11393] bridge0: port 1(bridge_slave_0) entered disabled state
[  444.647523][T11393] bridge_slave_1: left allmulticast mode
[  444.659646][T11393] bridge_slave_1: left promiscuous mode
[  444.666924][T11393] bridge0: port 2(bridge_slave_1) entered disabled state
[  444.699967][T11393] bond0: (slave bond_slave_0): Releasing backup interface
[  444.713561][   T29] audit: type=1326 audit(1731684582.939:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11394 comm="syz.1.1717" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f857937e719 code=0x0
[  444.740245][T11393] bond_slave_0: left promiscuous mode
[  444.763096][T11393] bond0: (slave bond_slave_1): Releasing backup interface
[  444.771909][T11393] bond_slave_1: left promiscuous mode
[  444.785979][T11393] team_slave_0: left promiscuous mode
[  444.813376][T11393] team0: Port device team_slave_0 removed
[  444.842073][T11393] team_slave_1: left promiscuous mode
[  444.889744][T11393] team0: Port device team_slave_1 removed
[  444.898671][T11393] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  444.970393][T11393] batman_adv: batadv0: Removing interface: batadv_slave_0
[  444.983741][T11393] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  444.994202][T11393] batman_adv: batadv0: Removing interface: batadv_slave_1
[  445.016192][T11393] bond0: (slave wlan1): Releasing backup interface
[  445.025067][ T5928] usb 1-1: new full-speed USB device number 33 using dummy_hcd
[  445.032793][   T25] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  445.048738][T11393] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  445.204858][   T25] usb 3-1: Using ep0 maxpacket: 8
[  445.211515][ T5928] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  445.222088][ T5928] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.232696][   T25] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  445.245411][ T5928] usb 1-1: config 0 descriptor??
[  445.250521][   T25] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  445.260096][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.273000][ T5928] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  445.289992][   T25] usb 3-1: config 0 descriptor??
[  445.300783][   T25] gspca_main: vc032x-2.14.0 probing 046d:0892
[  445.457081][   T54] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  445.466767][   T54] Bluetooth: hci4: Injecting HCI hardware error event
[  445.478254][   T54] Bluetooth: hci4: hardware error 0x00
[  445.503204][ T5928] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  445.567477][ T5928] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  445.607300][ T5928] usb 1-1: USB disconnect, device number 33
[  446.328435][T11399] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  446.338804][T11399] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  446.863253][   T25] gspca_vc032x: reg_r err -110
[  446.871927][   T25] vc032x 3-1:0.0: probe with driver vc032x failed with error -110
[  446.933002][ T5928] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  447.170815][ T5928] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  447.186289][ T5928] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  447.199666][ T5928] usb 2-1: Product: syz
[  447.216401][ T5928] usb 2-1: Manufacturer: syz
[  447.226378][ T5928] usb 2-1: SerialNumber: syz
[  447.240017][ T5928] usb 2-1: config 0 descriptor??
[  447.467074][ T5928] usb 2-1: USB disconnect, device number 41
[  447.470433][T11460] sp0: Synchronizing with TNC
[  447.534286][   T54] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  447.989877][T11465] netlink: 'syz.3.1742': attribute type 2 has an invalid length.
[  448.375203][ T5909] usb 3-1: USB disconnect, device number 34
[  448.946198][T11488] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1751'.
[  448.975469][T11486] Cannot find add_set index 0 as target
[  448.984510][T11488] netlink: 38 bytes leftover after parsing attributes in process `syz.4.1751'.
[  449.314429][ T5909] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  449.474685][ T5909] usb 4-1: Using ep0 maxpacket: 32
[  449.484749][ T5909] usb 4-1: unable to get BOS descriptor or descriptor too short
[  449.501118][ T5909] usb 4-1: config 128 has an invalid interface number: 127 but max is 3
[  449.515476][ T5909] usb 4-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[  449.526351][ T5909] usb 4-1: config 128 has 1 interface, different from the descriptor's value: 4
[  449.535913][ T5909] usb 4-1: config 128 has no interface number 0
[  449.542610][ T5909] usb 4-1: config 128 interface 127 has no altsetting 0
[  449.553432][ T5909] usb 4-1: language id specifier not provided by device, defaulting to English
[  449.571096][ T5909] usb 4-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55
[  449.675163][ T5909] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  449.701360][ T5909] usb 4-1: Product: syz
[  449.712505][ T5909] usb 4-1: Manufacturer: syz
[  449.724411][ T5909] usb 4-1: SerialNumber: syz
[  450.325533][ T5909] usb 4-1: USB disconnect, device number 42
[  451.133526][T11531] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1764'.
[  451.321933][T11540] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1767'.
[  451.683067][T11560] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1774'.
[  451.703477][T11560] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1774'.
[  451.718290][T11560] netlink: 4432 bytes leftover after parsing attributes in process `syz.2.1774'.
[  451.926712][ T5909] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  452.009521][ T5877] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  452.564218][ T5909] usb 5-1: Using ep0 maxpacket: 32
[  452.576916][ T5909] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  452.593009][ T5909] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  452.610582][ T5909] usb 5-1: New USB device found, idVendor=413c, idProduct=819b, bcdDevice=a7.c0
[  452.620048][ T5909] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  452.632926][ T5909] usb 5-1: Product: syz
[  452.637613][ T5909] usb 5-1: Manufacturer: syz
[  452.643125][ T5909] usb 5-1: SerialNumber: syz
[  452.656537][ T5877] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  452.658895][ T5909] usb 5-1: config 0 descriptor??
[  452.676851][ T5909] qmi_wwan 5-1:0.0: bogus CDC Union: master=31, slave=0
[  452.682133][ T5877] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  452.693915][ T5909] qmi_wwan 5-1:0.0: probe with driver qmi_wwan failed with error -22
[  452.706578][ T5877] usb 4-1: New USB device found, idVendor=056a, idProduct=00bc, bcdDevice= 0.00
[  452.706609][ T5877] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  452.708670][ T5877] usb 4-1: config 0 descriptor??
[  453.214698][ T5909] usb 5-1: USB disconnect, device number 44
[  453.940119][ T5877] usbhid 4-1:0.0: can't add hid device: -71
[  454.182838][ T5877] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  454.192641][ T5877] usb 4-1: USB disconnect, device number 43
[  455.528224][T11616] tipc: Started in network mode
[  455.533135][T11616] tipc: Node identity , cluster identity 4711
[  455.539444][T11616] tipc: Failed to set node id, please configure manually
[  455.554455][T11616] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  455.974016][T11626] set match dimension is over the limit!
[  458.107463][T11636] netlink: 'syz.1.1795': attribute type 1 has an invalid length.
[  458.288176][T11640] 8021q: adding VLAN 0 to HW filter on device batadv2
[  458.325040][T11640] bond3: (slave batadv2): Enslaving as a backup interface with an up link
[  458.359505][T11643] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1797'.
[  458.389097][T11643] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1797'.
[  458.422741][T11643] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1797'.
[  458.481170][T11636] bond3 (unregistering): (slave batadv2): Releasing backup interface
[  458.544426][T11636] bond3 (unregistering): Released all slaves
[  458.986403][T11662] set match dimension is over the limit!
[  459.168079][T11668] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1806'.
[  459.199213][T11668] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for erspan1
[  459.211829][T11668] erspan1: entered promiscuous mode
[  459.217413][T11668] erspan1: entered allmulticast mode
[  459.519209][ T5877] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  459.804318][ T5877] usb 4-1: Using ep0 maxpacket: 8
[  459.859813][ T5877] usb 4-1: config index 0 descriptor too short (expected 6427, got 27)
[  459.874200][ T5877] usb 4-1: config 0 has an invalid interface number: 21 but max is 0
[  459.892565][ T5877] usb 4-1: config 0 has no interface number 0
[  459.910717][ T5877] usb 4-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  459.943028][ T5877] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  459.985282][ T5877] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  460.001103][ T5877] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  460.010449][ T5877] usb 4-1: New USB device strings: Mfr=31, Product=1, SerialNumber=0
[  460.027906][ T5877] usb 4-1: Product: syz
[  460.037276][ T5877] usb 4-1: Manufacturer: syz
[  460.051272][ T5877] usb 4-1: config 0 descriptor??
[  460.089021][T11679] program syz.2.1810 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  460.151436][T11683] FAULT_INJECTION: forcing a failure.
[  460.151436][T11683] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  460.166105][T11683] CPU: 1 UID: 0 PID: 11683 Comm: syz.2.1812 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0
[  460.176926][T11683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  460.187003][T11683] Call Trace:
[  460.190284][T11683]  <TASK>
[  460.193215][T11683]  dump_stack_lvl+0x241/0x360
[  460.197910][T11683]  ? __pfx_dump_stack_lvl+0x10/0x10
[  460.203127][T11683]  ? __pfx__printk+0x10/0x10
[  460.207732][T11683]  ? __pfx_lock_release+0x10/0x10
[  460.212788][T11683]  should_fail_ex+0x3b0/0x4e0
[  460.217479][T11683]  _copy_from_user+0x2f/0xc0
[  460.222077][T11683]  copy_msghdr_from_user+0xae/0x680
[  460.227314][T11683]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  460.233145][T11683]  __sys_sendmsg+0x22d/0x380
[  460.237755][T11683]  ? __pfx___sys_sendmsg+0x10/0x10
[  460.242892][T11683]  ? __pfx_vfs_write+0x10/0x10
[  460.247691][T11683]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  460.254045][T11683]  ? do_syscall_64+0x100/0x230
[  460.258821][T11683]  ? do_syscall_64+0xb6/0x230
[  460.263506][T11683]  do_syscall_64+0xf3/0x230
[  460.268032][T11683]  ? clear_bhb_loop+0x35/0x90
[  460.272714][T11683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.278614][T11683] RIP: 0033:0x7f4977d7e719
[  460.283035][T11683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  460.302645][T11683] RSP: 002b:00007f4978c14038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  460.311069][T11683] RAX: ffffffffffffffda RBX: 00007f4977f35f80 RCX: 00007f4977d7e719
[  460.319037][T11683] RDX: 0000000000040004 RSI: 00000000200001c0 RDI: 0000000000000003
[  460.327014][T11683] RBP: 00007f4978c14090 R08: 0000000000000000 R09: 0000000000000000
[  460.334998][T11683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  460.342966][T11683] R13: 0000000000000000 R14: 00007f4977f35f80 R15: 00007ffc4a8ae0b8
[  460.350952][T11683]  </TASK>
[  460.788446][T11655] lo speed is unknown, defaulting to 1000
[  460.985396][T11688] netlink: 'syz.2.1813': attribute type 12 has an invalid length.
[  461.210551][ T5877] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.21/input/input32
[  461.261619][ T5877] input: failed to attach handler kbd to device input32, error: -5
[  461.710193][T11700] autofs: Bad value for 'fd'
[  461.781265][T11702] netlink: 'syz.2.1817': attribute type 4 has an invalid length.
[  461.793605][T11702] rdma_rxe: rxe_newlink: failed to add lo
[  461.838234][   T29] audit: type=1326 audit(1731684600.069:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11705 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4977d7e719 code=0x7ffc0000
[  461.864449][   T29] audit: type=1326 audit(1731684600.099:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11705 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4977d7e719 code=0x7ffc0000
[  461.911189][   T29] audit: type=1326 audit(1731684600.119:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11705 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4977d7e719 code=0x7ffc0000
[  461.987015][   T29] audit: type=1326 audit(1731684600.119:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11705 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4977d7e719 code=0x7ffc0000
[  462.021509][   T29] audit: type=1326 audit(1731684600.119:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11705 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4977d7e719 code=0x7ffc0000
[  462.043137][    C0] vkms_vblank_simulate: vblank timer overrun
[  462.049443][   T29] audit: type=1326 audit(1731684600.119:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11705 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4977d7e719 code=0x7ffc0000
[  462.095072][   T29] audit: type=1326 audit(1731684600.119:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11705 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4977d7e719 code=0x7ffc0000
[  462.118670][   T29] audit: type=1326 audit(1731684600.119:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11705 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4977d7e719 code=0x7ffc0000
[  462.523085][T11709] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1818'.
[  462.532158][   T29] audit: type=1326 audit(1731684600.119:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11705 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f4977d7e719 code=0x7ffc0000
[  462.532161][T11709] all: renamed from ip6tnl0 (while UP)
[  462.532196][   T29] audit: type=1326 audit(1731684600.119:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11705 comm="syz.2.1819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4977d7e719 code=0x7ffc0000
[  463.056915][T11726] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  463.075840][   T25] usb 4-1: USB disconnect, device number 44
[  464.081621][T11746] lo speed is unknown, defaulting to 1000
[  464.585503][T11750] netlink: 'syz.4.1832': attribute type 32 has an invalid length.
[  466.106549][T11760] netlink: 'syz.1.1834': attribute type 32 has an invalid length.
[  466.212064][T11761] openvswitch: netlink: Actions may not be safe on all matching packets
[  466.474702][T11763] set match dimension is over the limit!
[  467.608060][   T29] kauditd_printk_skb: 12 callbacks suppressed
[  467.608081][   T29] audit: type=1326 audit(1731684605.839:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11784 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  467.647983][   T29] audit: type=1326 audit(1731684605.879:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11784 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  467.670178][   T29] audit: type=1326 audit(1731684605.879:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11784 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  467.691633][    C0] vkms_vblank_simulate: vblank timer overrun
[  467.698939][   T29] audit: type=1326 audit(1731684605.879:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11784 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  467.721076][   T29] audit: type=1326 audit(1731684605.879:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11784 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  467.742527][    C0] vkms_vblank_simulate: vblank timer overrun
[  467.760753][   T29] audit: type=1326 audit(1731684605.879:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11784 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  467.782966][   T29] audit: type=1326 audit(1731684605.879:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11784 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  467.810288][   T29] audit: type=1326 audit(1731684605.879:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11784 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  467.834097][   T29] audit: type=1326 audit(1731684605.879:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11784 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  467.856390][   T29] audit: type=1326 audit(1731684605.879:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11784 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  467.877883][    C0] vkms_vblank_simulate: vblank timer overrun
[  468.032663][   T25] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  468.195325][   T25] usb 4-1: device descriptor read/64, error -71
[  468.974348][   T25] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  469.124484][   T25] usb 4-1: device descriptor read/64, error -71
[  469.271021][   T25] usb usb4-port1: attempt power cycle
[  469.500798][T11413] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  469.511747][T11413] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  469.522637][T11413] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  469.531442][T11413] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  469.542708][T11413] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  469.558617][T11413] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  469.624474][   T25] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  469.644917][   T25] usb 4-1: device descriptor read/8, error -71
[  469.675342][   T62] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  469.772937][T11808] lo speed is unknown, defaulting to 1000
[  469.827465][   T62] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  469.884825][   T25] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  469.925150][   T25] usb 4-1: device descriptor read/8, error -71
[  469.941002][   T62] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  470.044836][   T25] usb usb4-port1: unable to enumerate USB device
[  470.058715][   T62] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  470.177154][T11808] chnl_net:caif_netlink_parms(): no params data found
[  470.330270][T11808] bridge0: port 1(bridge_slave_0) entered blocking state
[  470.344599][T11808] bridge0: port 1(bridge_slave_0) entered disabled state
[  470.351838][T11808] bridge_slave_0: entered allmulticast mode
[  470.361747][T11808] bridge_slave_0: entered promiscuous mode
[  470.370549][T11808] bridge0: port 2(bridge_slave_1) entered blocking state
[  470.378290][T11808] bridge0: port 2(bridge_slave_1) entered disabled state
[  470.385576][T11808] bridge_slave_1: entered allmulticast mode
[  470.392660][T11808] bridge_slave_1: entered promiscuous mode
[  470.406134][   T62] bridge_slave_1: left allmulticast mode
[  470.412221][   T62] bridge_slave_1: left promiscuous mode
[  470.420352][   T62] bridge0: port 2(bridge_slave_1) entered disabled state
[  470.441602][   T62] bridge_slave_0: left allmulticast mode
[  470.451630][   T62] bridge_slave_0: left promiscuous mode
[  470.462125][   T62] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.666247][   T54] Bluetooth: hci0: command tx timeout
[  473.060238][ T5942] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  473.214410][ T5942] usb 3-1: Using ep0 maxpacket: 8
[  473.269153][ T5942] usb 3-1: config 0 interface 0 altsetting 112 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  473.284648][ T5942] usb 3-1: config 0 interface 0 altsetting 112 endpoint 0x81 has invalid wMaxPacketSize 0
[  473.302464][ T5942] usb 3-1: config 0 interface 0 has no altsetting 0
[  473.318626][ T5942] usb 3-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00
[  473.329545][ T5942] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  473.453152][ T5942] usb 3-1: config 0 descriptor??
[  473.572999][   T62] bond0 (unregistering): left promiscuous mode
[  473.579431][   T62] bond_slave_0: left promiscuous mode
[  473.689643][   T62] bond_slave_1: left promiscuous mode
[  473.704304][   T54] Bluetooth: hci0: command tx timeout
[  473.796630][   T62] mac80211_hwsim hwsim5 wlan1: left promiscuous mode
[  473.839769][   T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  473.899511][   T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  474.019785][   T62] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  474.313401][ T5942] kye 0003:0458:0153.0020: hidraw0: USB HID v0.00 Device [HID 0458:0153] on usb-dummy_hcd.2-1/input0
[  474.350764][   T62] bond0 (unregistering): Released all slaves
[  474.376642][   T62] bond1 (unregistering): Released all slaves
[  474.398732][   T62] bond2 (unregistering): Released all slaves
[  474.541823][ T5942] usb 3-1: USB disconnect, device number 35
[  474.640453][   T62] bond3 (unregistering): (slave batadv1): Releasing active interface
[  474.652092][   T62] bond3 (unregistering): Released all slaves
[  475.351614][   T62] bond4 (unregistering): (slave batadv2): Releasing active interface
[  475.377293][   T62] bond4 (unregistering): Released all slaves
[  475.405086][   T62] bond5 (unregistering): (slave batadv3): Releasing backup interface
[  475.666646][   T62] bond5 (unregistering): Released all slaves
[  476.424395][   T54] Bluetooth: hci0: command tx timeout
[  476.645327][   T62] bond6 (unregistering): (slave batadv4): Releasing backup interface
[  476.661549][   T62] bond6 (unregistering): Released all slaves
[  476.760078][T11808] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  476.771914][T11808] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  476.985615][T11859] netem: change failed
[  477.068792][   T29] kauditd_printk_skb: 11 callbacks suppressed
[  477.068812][   T29] audit: type=1326 audit(1731684615.299:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11886 comm="syz.4.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  477.137423][T11808] team0: Port device team_slave_0 added
[  477.154290][   T29] audit: type=1326 audit(1731684615.299:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11886 comm="syz.4.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  477.177738][T11808] team0: Port device team_slave_1 added
[  477.236518][   T29] audit: type=1326 audit(1731684615.299:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11886 comm="syz.4.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  477.258990][   T29] audit: type=1326 audit(1731684615.299:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11886 comm="syz.4.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  477.281359][   T29] audit: type=1326 audit(1731684615.299:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11886 comm="syz.4.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  477.303710][   T29] audit: type=1326 audit(1731684615.299:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11886 comm="syz.4.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  477.397002][T11808] batman_adv: batadv0: Adding interface: batadv_slave_0
[  477.402964][   T29] audit: type=1326 audit(1731684615.299:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11886 comm="syz.4.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  477.424161][T11808] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  477.442614][   T29] audit: type=1326 audit(1731684615.309:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11886 comm="syz.4.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  477.491676][T11808] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  477.530606][ T6786] Bluetooth: hci5: Frame reassembly failed (-84)
[  477.558790][   T29] audit: type=1326 audit(1731684615.309:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11886 comm="syz.4.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  477.563140][T11898] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1873'.
[  477.580741][   T29] audit: type=1326 audit(1731684615.309:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11886 comm="syz.4.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff47f17e719 code=0x7ffc0000
[  477.626864][T11898] Process accounting resumed
[  477.645388][T11894] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  477.659261][T11894] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  477.686684][T11808] batman_adv: batadv0: Adding interface: batadv_slave_1
[  477.709981][T11808] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  477.741671][T11808] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  477.763334][T11902] tipc: Started in network mode
[  477.769382][T11902] tipc: Node identity , cluster identity 4711
[  477.776406][T11902] tipc: Failed to set node id, please configure manually
[  477.783670][T11902] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  477.885238][T11808] hsr_slave_0: entered promiscuous mode
[  477.910725][T11808] hsr_slave_1: entered promiscuous mode
[  477.949556][T11808] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  477.964849][T11808] Cannot create hsr debugfs directory
[  478.159961][   T62] team0: left promiscuous mode
[  478.167329][   T62] team_slave_0: left promiscuous mode
[  478.173662][   T62] team_slave_1: left promiscuous mode
[  478.204297][   T62] hsr_slave_0: left promiscuous mode
[  478.215617][   T62] hsr_slave_1: left promiscuous mode
[  478.221775][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  478.235645][   T62] batman_adv: batadv0: Removing interface: batadv_slave_0
[  478.249309][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  478.259406][   T62] batman_adv: batadv0: Removing interface: batadv_slave_1
[  478.290318][   T62] net veth1_virt_wifi virt_wifi0: left promiscuous mode
[  478.298131][   T62] veth1_macvtap: left promiscuous mode
[  478.321165][   T62] veth0_macvtap: left promiscuous mode
[  478.331396][   T62] veth1_vlan: left promiscuous mode
[  478.343467][   T62] veth0_vlan: left promiscuous mode
[  478.684324][T11413] Bluetooth: hci0: command tx timeout
[  479.167277][   T62] infiniband syz2: set down
[  479.451823][T11925] Cannot find set identified by id 0 to match
[  479.537062][T11413] Bluetooth: hci5: command 0x1003 tx timeout
[  479.543489][   T54] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  480.732803][   T62] team0 (unregistering): Port device team_slave_1 removed
[  480.778933][   T62] team0 (unregistering): Port device team_slave_0 removed
[  481.233009][ T6786] smc: removing ib device syz2
[  481.254494][T11917] dummy0: entered promiscuous mode
[  481.276424][T11917] macvtap1: entered promiscuous mode
[  481.294424][T11917] macvtap1: entered allmulticast mode
[  481.305646][T11917] dummy0: entered allmulticast mode
[  481.326417][T11917] team0: Device macvtap1 is up. Set it down before adding it as a team port
[  481.386659][T11917] dummy0: left allmulticast mode
[  481.394695][T11917] dummy0: left promiscuous mode
[  481.748857][T11943] ipt_rpfilter: unknown options
[  481.870012][ T5879] lo speed is unknown, defaulting to 1000
[  481.889394][T11932] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1881'.
[  481.910399][T11932] bond0: option ad_select: unable to set because the bond device is up
[  481.930084][T11938] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1882'.
[  481.944207][T11938] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1882'.
[  481.973732][T11938] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1882'.
[  482.394233][T11808] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  482.414752][T11808] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  482.435865][T11808] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  482.461743][T11808] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  482.584446][ T5879] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  482.721102][T11808] 8021q: adding VLAN 0 to HW filter on device bond0
[  482.740290][T11808] 8021q: adding VLAN 0 to HW filter on device team0
[  482.747622][ T5879] usb 3-1: Using ep0 maxpacket: 8
[  482.764350][ T5877] usb 4-1: new full-speed USB device number 49 using dummy_hcd
[  482.773489][ T5879] usb 3-1: unable to read config index 0 descriptor/start: -61
[  482.781179][ T5879] usb 3-1: can't read configurations, error -61
[  482.808028][ T2976] bridge0: port 1(bridge_slave_0) entered blocking state
[  482.815342][ T2976] bridge0: port 1(bridge_slave_0) entered forwarding state
[  482.851353][ T2976] bridge0: port 2(bridge_slave_1) entered blocking state
[  482.858545][ T2976] bridge0: port 2(bridge_slave_1) entered forwarding state
[  482.920072][ T5877] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  482.937862][ T5877] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.962721][ T5877] usb 4-1: config 0 descriptor??
[  483.696606][ T5879] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  483.718258][ T5877] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  483.821997][T11808] 8021q: adding VLAN 0 to HW filter on device batadv0
[  483.994681][ T5879] usb 3-1: Using ep0 maxpacket: 8
[  484.000290][ T5877] gp8psk: usb in 128 operation failed.
[  484.055462][ T5877] gp8psk: usb in 137 operation failed.
[  484.061012][ T5877] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  484.084421][ T5877] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  484.111384][ T5877] usb 4-1: USB disconnect, device number 49
[  484.148254][ T5879] usb 3-1: unable to read config index 0 descriptor/start: -61
[  484.156811][ T5879] usb 3-1: can't read configurations, error -61
[  484.174951][ T5879] usb usb3-port1: attempt power cycle
[  484.266001][T11808] veth0_vlan: entered promiscuous mode
[  484.279895][T11808] veth1_vlan: entered promiscuous mode
[  484.309443][T11808] veth0_macvtap: entered promiscuous mode
[  484.321201][T11808] veth1_macvtap: entered promiscuous mode
[  484.363203][T11808] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  484.377519][T11808] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.393521][T11808] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  484.413177][T11808] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.437100][T11808] batman_adv: batadv0: Interface activated: batadv_slave_0
[  484.482920][T11808] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  484.521770][T11808] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.531988][ T5879] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  484.580540][T11808] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  484.600196][T11808] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.990122][T11808] batman_adv: batadv0: Interface activated: batadv_slave_1
[  485.303708][ T5879] usb 3-1: Using ep0 maxpacket: 8
[  485.318497][T11808] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  485.364368][T11808] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  485.373177][T11808] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  485.430663][T11808] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  485.458654][ T5879] usb 3-1: unable to read config index 0 descriptor/start: -71
[  485.484823][ T5879] usb 3-1: can't read configurations, error -71
[  485.785773][ T9814] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  485.794022][ T9814] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  487.339128][ T8048] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  487.358473][ T8048] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  488.069899][ T5879] usb 3-1: new low-speed USB device number 39 using dummy_hcd
[  488.119114][T12019] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1901'.
[  488.155697][ T5879] usb 3-1: Invalid ep0 maxpacket: 32
[  488.162324][ T5879] usb usb3-port1: unable to enumerate USB device
[  488.368623][T12029] erofs: (device nbd5): erofs_read_superblock: cannot find valid erofs superblock
[  489.584391][ T5877] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  490.474275][ T5877] usb 6-1: Using ep0 maxpacket: 8
[  490.486024][ T5877] usb 6-1: New USB device found, idVendor=09d8, idProduct=0320, bcdDevice=8c.41
[  490.495905][ T5877] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  490.509430][ T5877] usb 6-1: config 0 descriptor??
[  490.866315][T11809] usb 6-1: USB disconnect, device number 2
[  491.161793][T12068] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1916'.
[  491.172400][  T973] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  491.744550][  T973] usb 3-1: Using ep0 maxpacket: 16
[  491.767395][  T973] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[  491.775743][  T973] usb 3-1: config 0 has no interface number 0
[  491.804520][  T973] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  491.826105][  T973] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  492.030793][T12078] x_tables: ip_tables: osf match: only valid for protocol 6
[  492.258963][  T973] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  492.271946][  T973] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  492.283657][  T973] usb 3-1: Product: syz
[  492.289062][  T973] usb 3-1: SerialNumber: syz
[  492.492007][  T973] usb 3-1: config 0 descriptor??
[  492.510065][  T973] usbhid 3-1:0.8: couldn't find an input interrupt endpoint
[  492.787331][  T973] usb 3-1: USB disconnect, device number 40
[  493.003946][T12087] 9pnet_fd: Insufficient options for proto=fd
[  495.748738][T12152] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1939'.
[  495.774029][T12153] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1938'.
[  495.787163][T12152] netlink: 38 bytes leftover after parsing attributes in process `syz.2.1939'.
[  495.968688][T12163] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  496.045424][T12156] x_tables: duplicate underflow at hook 2
[  496.394166][ T5877] kernel write not supported for file bpf-prog (pid: 5877 comm: kworker/0:4)
[  496.472200][T12178] ipt_rpfilter: unknown options
[  496.755415][ T5942] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  498.031878][ T5942] usb 5-1: New USB device found, idVendor=0547, idProduct=0080, bcdDevice=67.51
[  498.041204][ T5942] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.049348][ T5942] usb 5-1: Product: syz
[  498.053721][ T5942] usb 5-1: Manufacturer: syz
[  498.058862][ T5942] usb 5-1: SerialNumber: syz
[  498.169929][ T5942] usb 5-1: config 0 descriptor??
[  498.179407][ T5942] usbtest 5-1:0.0: EZ-USB device
[  498.213744][ T5942] usbtest 5-1:0.0: high-speed {control bulk-in bulk-out} tests (+alt)
[  498.403645][T12170] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  498.412471][T12170] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  499.175522][   T25] usb 5-1: USB disconnect, device number 45
[  499.299430][T12198] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1953'.
[  499.308543][T12198] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1953'.
[  499.317557][T12198] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1953'.
[  499.909264][ T5879] usb 4-1: new full-speed USB device number 50 using dummy_hcd
[  500.455128][ T5879] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  500.474775][ T5879] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.487668][ T5879] usb 4-1: config 0 descriptor??
[  500.538492][ T5879] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  500.801743][ T5879] gp8psk: usb in 128 operation failed.
[  500.807918][ T5879] gp8psk: usb in 137 operation failed.
[  500.813415][ T5879] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  500.866226][ T5879] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  500.885616][ T5879] usb 4-1: USB disconnect, device number 50
[  500.913374][T12227] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input33
[  501.476384][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  501.771885][T12235] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input34
[  501.837474][T12245] ipt_rpfilter: unknown options
[  502.894083][T12266] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input35
[  503.045887][   T25] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  503.405997][   T25] usb 5-1: Using ep0 maxpacket: 8
[  503.591255][   T25] usb 5-1: New USB device found, idVendor=10d2, idProduct=2865, bcdDevice=a4.c9
[  503.824454][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.027020][   T25] usb 5-1: config 0 descriptor??
[  504.057964][   T25] usblcd 5-1:0.0: USBLCD model not supported.
[  504.144406][T12289] 9pnet_fd: Insufficient options for proto=fd
[  504.172987][T12299] FAULT_INJECTION: forcing a failure.
[  504.172987][T12299] name failslab, interval 1, probability 0, space 0, times 0
[  504.197774][T12299] CPU: 1 UID: 0 PID: 12299 Comm: syz.5.1987 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0
[  504.208586][T12299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  504.218661][T12299] Call Trace:
[  504.221937][T12299]  <TASK>
[  504.224872][T12299]  dump_stack_lvl+0x241/0x360
[  504.229671][T12299]  ? __pfx_dump_stack_lvl+0x10/0x10
[  504.234878][T12299]  ? __pfx__printk+0x10/0x10
[  504.239470][T12299]  ? fs_reclaim_acquire+0x93/0x130
[  504.244582][T12299]  ? __pfx___might_resched+0x10/0x10
[  504.249881][T12299]  should_fail_ex+0x3b0/0x4e0
[  504.254582][T12299]  should_failslab+0xac/0x100
[  504.259288][T12299]  __kmalloc_node_track_caller_noprof+0xda/0x440
[  504.265643][T12299]  ? smk_import_entry+0x18d/0x610
[  504.270702][T12299]  kstrndup+0x41/0xb0
[  504.274717][T12299]  smk_import_entry+0x18d/0x610
[  504.279599][T12299]  smk_write_net6addr+0x700/0x18b0
[  504.284746][T12299]  ? __pfx_smk_write_net6addr+0x10/0x10
[  504.290297][T12299]  ? rcu_read_lock_any_held+0xb7/0x160
[  504.295761][T12299]  ? __pfx_smk_write_net6addr+0x10/0x10
[  504.301327][T12299]  vfs_write+0x2a3/0xd30
[  504.305606][T12299]  ? fdget_pos+0x24e/0x320
[  504.310027][T12299]  ? __pfx_vfs_write+0x10/0x10
[  504.314796][T12299]  ? __fget_files+0x3f3/0x470
[  504.319483][T12299]  ? fdget_pos+0x24e/0x320
[  504.323903][T12299]  ksys_write+0x183/0x2b0
[  504.328243][T12299]  ? __pfx_ksys_write+0x10/0x10
[  504.333094][T12299]  ? do_syscall_64+0x100/0x230
[  504.337868][T12299]  ? do_syscall_64+0xb6/0x230
[  504.342557][T12299]  do_syscall_64+0xf3/0x230
[  504.347069][T12299]  ? clear_bhb_loop+0x35/0x90
[  504.351750][T12299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.357661][T12299] RIP: 0033:0x7fc6bfb7e719
[  504.362141][T12299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  504.381864][T12299] RSP: 002b:00007fc6c0959038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  504.390298][T12299] RAX: ffffffffffffffda RBX: 00007fc6bfd35f80 RCX: 00007fc6bfb7e719
[  504.398277][T12299] RDX: 00000000000000b0 RSI: 0000000020000380 RDI: 0000000000000003
[  504.406255][T12299] RBP: 00007fc6c0959090 R08: 0000000000000000 R09: 0000000000000000
[  504.414231][T12299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  504.422207][T12299] R13: 0000000000000000 R14: 00007fc6bfd35f80 R15: 00007fffec5bb2a8
[  504.430194][T12299]  </TASK>
[  504.451290][ T5942] usb 5-1: USB disconnect, device number 46
[  504.470950][T12307] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input36
[  504.586054][   T25] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  504.746236][   T25] usb 4-1: Using ep0 maxpacket: 16
[  504.759687][   T25] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  504.774257][   T25] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  504.794808][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.804842][   T25] usb 4-1: config 0 descriptor??
[  504.814695][   T25] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input37
[  506.543665][T12341] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2000'.
[  507.072904][T12349] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input38
[  507.106449][ T5188] bcm5974 4-1:0.0: could not read from device
[  507.159807][   T25] bcm5974 4-1:0.0: could not read from device
[  507.212415][ T5188] bcm5974 4-1:0.0: could not read from device
[  507.303607][   T25] input: failed to attach handler mousedev to device input37, error: -5
[  507.350165][   T25] usb 4-1: USB disconnect, device number 51
[  507.553253][T12358] netlink: 'syz.2.2001': attribute type 32 has an invalid length.
[  508.993600][T12370] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2009'.
[  509.200785][T12377] netlink: 'syz.1.2012': attribute type 16 has an invalid length.
[  509.229287][T12377] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.2012'.
[  510.026813][T12397] netlink: 'syz.3.2018': attribute type 2 has an invalid length.
[  510.057175][T12401] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2020'.
[  510.129870][T12397] Invalid option length (1048127) for dns_resolver key
[  511.896965][   T25] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  511.904748][ T5942] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  512.068954][T12433] netlink: 108 bytes leftover after parsing attributes in process `syz.3.2025'.
[  512.070385][   T25] usb 3-1: Using ep0 maxpacket: 8
[  512.079214][T12432] trusted_key: syz.5.2026 sent an empty control message without MSG_MORE.
[  512.083220][ T5942] usb 5-1: Using ep0 maxpacket: 8
[  512.094346][   T25] usb 3-1: config 0 has an invalid interface number: 176 but max is 2
[  512.105884][   T25] usb 3-1: config 0 has an invalid interface number: 49 but max is 2
[  512.114228][   T25] usb 3-1: config 0 has no interface number 1
[  512.120677][   T25] usb 3-1: config 0 has no interface number 2
[  512.126802][   T25] usb 3-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac
[  512.136728][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  512.137717][ T5942] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  512.137758][ T5942] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  512.137790][ T5942] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  512.137819][ T5942] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  512.137847][ T5942] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  512.139508][   T25] usb 3-1: config 0 descriptor??
[  512.141839][   T25] qmi_wwan 3-1:0.0: probe with driver qmi_wwan failed with error -22
[  512.149472][ T5942] usb 5-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  512.235151][ T5942] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  512.244149][ T5942] usb 5-1: Product: syz
[  512.248966][ T5942] usb 5-1: Manufacturer: syz
[  512.253590][ T5942] usb 5-1: SerialNumber: syz
[  512.261308][ T5942] usb 5-1: config 0 descriptor??
[  512.475833][ T5942] radio-si470x 5-1:0.0: si470x_get_report: usb_control_msg returned -71
[  512.495728][ T5942] radio-si470x 5-1:0.0: probe with driver radio-si470x failed with error -5
[  512.511298][ T5942] usb 5-1: USB disconnect, device number 47
[  512.674100][   T25] usb 3-1: Could not set interface, error -71
[  512.683606][   T25] usb 3-1: USB disconnect, device number 41
[  513.806273][T12454] =======================================================
[  513.806273][T12454] WARNING: The mand mount option has been deprecated and
[  513.806273][T12454]          and is ignored by this kernel. Remove the mand
[  513.806273][T12454]          option from the mount to silence this warning.
[  513.806273][T12454] =======================================================
[  513.850426][T12454] autofs: Bad value for 'fd'
[  513.929267][T12457] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2034'.
[  513.977294][ T5942] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  514.064608][T12463] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2035'.
[  514.067884][T12462] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2030'.
[  514.127530][T12464] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2033'.
[  514.127634][T12464] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2033'.
[  514.384428][T12465] tipc: Started in network mode
[  514.384448][T12465] tipc: Node identity , cluster identity 4711
[  514.384464][T12465] tipc: Failed to set node id, please configure manually
[  514.384491][T12465] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  514.423677][ T5942] usb 5-1: config index 0 descriptor too short (expected 65119, got 100)
[  514.423709][ T5942] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  514.423746][ T5942] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  514.423781][ T5942] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1023
[  514.433722][ T5942] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  514.433751][ T5942] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  514.433771][ T5942] usb 5-1: Product: syz
[  514.433785][ T5942] usb 5-1: Manufacturer: syz
[  514.433801][ T5942] usb 5-1: SerialNumber: syz
[  514.735410][T12448] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  514.771767][T12471] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2037'.
[  514.817548][T12471] vlan2: entered promiscuous mode
[  514.823015][T12471] macvlan0: entered promiscuous mode
[  515.363895][T12471] macvlan0: left promiscuous mode
[  515.540678][   T29] kauditd_printk_skb: 27 callbacks suppressed
[  515.540697][   T29] audit: type=1326 audit(1731684653.756:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12481 comm="syz.1.2040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f857937e719 code=0x7ffc0000
[  515.570254][T12448] netlink: 'syz.4.2029': attribute type 5 has an invalid length.
[  515.582778][T12448] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2029'.
[  515.623498][   T29] audit: type=1326 audit(1731684653.756:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12481 comm="syz.1.2040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f857937e719 code=0x7ffc0000
[  515.777901][   T29] audit: type=1326 audit(1731684653.756:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12481 comm="syz.1.2040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f857937e719 code=0x7ffc0000
[  515.837476][   T29] audit: type=1326 audit(1731684653.756:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12481 comm="syz.1.2040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f857937e719 code=0x7ffc0000
[  515.874114][   T29] audit: type=1326 audit(1731684653.756:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12481 comm="syz.1.2040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f857937e719 code=0x7ffc0000
[  515.927906][T11809] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  516.932995][   T29] audit: type=1326 audit(1731684653.756:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12481 comm="syz.1.2040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f857937e719 code=0x7ffc0000
[  516.933066][   T29] audit: type=1326 audit(1731684653.756:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12481 comm="syz.1.2040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f857937e719 code=0x7ffc0000
[  516.933102][   T29] audit: type=1326 audit(1731684653.756:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12481 comm="syz.1.2040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f857937e719 code=0x7ffc0000
[  516.933134][   T29] audit: type=1326 audit(1731684653.756:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12481 comm="syz.1.2040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f857937e719 code=0x7ffc0000
[  516.933167][   T29] audit: type=1326 audit(1731684653.756:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12481 comm="syz.1.2040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f857937e719 code=0x7ffc0000
[  517.023578][    C1] vkms_vblank_simulate: vblank timer overrun
[  517.974271][T11809] usb 4-1: Using ep0 maxpacket: 8
[  519.131489][ T5942] cdc_ncm 5-1:1.0: failed GET_NTB_PARAMETERS
[  519.138108][ T5942] cdc_ncm 5-1:1.0: bind() failure
[  519.146740][ T5942] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  519.154145][ T5942] cdc_ncm 5-1:1.1: bind() failure
[  519.163304][ T5942] usb 5-1: USB disconnect, device number 48
[  519.246589][T11809] usb 4-1: unable to read config index 0 descriptor/start: -71
[  519.254680][T11809] usb 4-1: can't read configurations, error -71
[  519.261538][T12514] UBIFS error (pid: 12514): cannot open "/dev/sg0", error -22
[  519.602348][ T5942] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  519.610392][T12517] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2050'.
[  519.825841][T12520] binder: BINDER_SET_CONTEXT_MGR already set
[  519.835852][T12520] binder: 12519:12520 ioctl 4018620d 20000100 returned -16
[  519.848767][T12521] tipc: Started in network mode
[  519.853686][T12521] tipc: Node identity , cluster identity 4711
[  519.859972][T12521] tipc: Failed to set node id, please configure manually
[  519.867044][T12521] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  520.029618][ T5942] usb 5-1: New USB device found, idVendor=187f, idProduct=0202, bcdDevice=39.91
[  520.040481][ T5942] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  520.054099][ T5942] usb 5-1: Product: syz
[  520.065337][ T5942] usb 5-1: Manufacturer: syz
[  520.078096][ T5942] usb 5-1: SerialNumber: syz
[  520.144681][T12525] binder: BINDER_SET_CONTEXT_MGR already set
[  520.151012][T12525] binder: 12519:12525 ioctl 4018620d 200002c0 returned -16
[  520.730227][ T5942] usb 5-1: config 0 descriptor??
[  520.738447][ T5942] smsusb:smsusb_probe: board id=11, interface number 0
[  520.746263][ T5942] smsusb:smsusb_probe: Device initialized with return code -19
[  520.955171][T12535] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2056'.
[  520.964408][T12535] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2056'.
[  520.974067][T12535] netlink: 332 bytes leftover after parsing attributes in process `syz.1.2056'.
[  521.109356][T12514] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2048'.
[  522.191046][T12554] x_tables: ip_tables: osf match: only valid for protocol 6
[  523.078594][  T973] usb 5-1: USB disconnect, device number 49
[  523.108919][T12559] veth0_to_team: entered promiscuous mode
[  523.121491][T12559] veth0_to_team: entered allmulticast mode
[  523.233791][T12564] FAULT_INJECTION: forcing a failure.
[  523.233791][T12564] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  523.268651][T12564] CPU: 0 UID: 0 PID: 12564 Comm: syz.4.2062 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0
[  523.279455][T12564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  523.289533][T12564] Call Trace:
[  523.292825][T12564]  <TASK>
[  523.295767][T12564]  dump_stack_lvl+0x241/0x360
[  523.300491][T12564]  ? __pfx_dump_stack_lvl+0x10/0x10
[  523.305739][T12564]  ? __pfx__printk+0x10/0x10
[  523.310354][T12564]  ? __pfx_lock_release+0x10/0x10
[  523.315411][T12564]  should_fail_ex+0x3b0/0x4e0
[  523.320114][T12564]  _copy_from_user+0x2f/0xc0
[  523.324727][T12564]  copy_msghdr_from_user+0xae/0x680
[  523.329953][T12564]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  523.335798][T12564]  __sys_sendmsg+0x22d/0x380
[  523.340423][T12564]  ? __pfx___sys_sendmsg+0x10/0x10
[  523.345589][T12564]  ? __pfx_vfs_write+0x10/0x10
[  523.350408][T12564]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  523.356775][T12564]  ? do_syscall_64+0x100/0x230
[  523.361609][T12564]  ? do_syscall_64+0xb6/0x230
[  523.366335][T12564]  do_syscall_64+0xf3/0x230
[  523.370877][T12564]  ? clear_bhb_loop+0x35/0x90
[  523.375590][T12564]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.381506][T12564] RIP: 0033:0x7ff47f17e719
[  523.385935][T12564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  523.405564][T12564] RSP: 002b:00007ff48005a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  523.414101][T12564] RAX: ffffffffffffffda RBX: 00007ff47f335f80 RCX: 00007ff47f17e719
[  523.422110][T12564] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[  523.430110][T12564] RBP: 00007ff48005a090 R08: 0000000000000000 R09: 0000000000000000
[  523.438136][T12564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  523.446138][T12564] R13: 0000000000000000 R14: 00007ff47f335f80 R15: 00007ffe084238e8
[  523.454232][T12564]  </TASK>
[  523.809371][T12570] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  527.349016][T12612] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2075'.
[  527.688681][T12616] netlink: 108 bytes leftover after parsing attributes in process `syz.4.2076'.
[  528.147161][   T29] kauditd_printk_skb: 3 callbacks suppressed
[  528.147183][   T29] audit: type=1804 audit(1731684666.354:205): pid=12627 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.5.2080" name="/newroot/30/file0" dev="fuse" ino=1 res=1 errno=0
[  528.528432][T12633] block device autoloading is deprecated and will be removed.
[  530.009505][ T5942] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  530.179295][ T5942] usb 5-1: Using ep0 maxpacket: 32
[  530.186174][ T5942] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  530.206183][ T5942] usb 5-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00
[  530.225558][ T5942] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  530.247699][ T5942] usb 5-1: config 0 descriptor??
[  530.494591][T12659] x_tables: duplicate underflow at hook 2
[  530.724177][T12663] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2090'.
[  531.781454][ T5942] waterforce 0003:1044:7A4D.0021: unknown main item tag 0x0
[  531.788832][ T5942] waterforce 0003:1044:7A4D.0021: unknown main item tag 0x0
[  531.796771][ T5942] waterforce 0003:1044:7A4D.0021: unknown main item tag 0x0
[  531.796882][T12672] xt_CT: You must specify a L4 protocol and not use inversions on it
[  531.807502][ T5942] waterforce 0003:1044:7A4D.0021: hidraw0: USB HID v0.00 Device [HID 1044:7a4d] on usb-dummy_hcd.4-1/input0
[  531.889956][ T5942] waterforce 0003:1044:7A4D.0021: fw version request failed with -38
[  531.911375][T12675] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2092'.
[  531.930866][T12675] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2092'.
[  531.959487][T12675] netlink: 4432 bytes leftover after parsing attributes in process `syz.5.2092'.
[  532.931705][ T5879] usb 5-1: USB disconnect, device number 50
[  533.086894][T12692] netlink: 'syz.2.2097': attribute type 1 has an invalid length.
[  533.249606][ T5877] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  533.258658][T12692] bond2: entered promiscuous mode
[  533.284168][T12692] 8021q: adding VLAN 0 to HW filter on device bond2
[  533.321505][T12699] netlink: 3 bytes leftover after parsing attributes in process `syz.2.2097'.
[  533.373843][T12699] batadv2: entered promiscuous mode
[  533.379090][T12699] batadv2: entered allmulticast mode
[  533.386181][T12699] 8021q: adding VLAN 0 to HW filter on device batadv2
[  533.394257][T12699] bond2: (slave batadv2): making interface the new active one
[  533.402773][T12699] bond2: (slave batadv2): Enslaving as an active interface with an up link
[  533.440156][ T5877] usb 4-1: Using ep0 maxpacket: 16
[  533.468280][ T5877] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  533.497616][ T5877] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  533.518758][ T5877] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  533.600923][ T5877] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  533.633353][ T5877] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  533.672024][ T5877] usb 4-1: config 0 descriptor??
[  535.212863][ T5877] microsoft 0003:045E:07DA.0022: unknown main item tag 0x0
[  535.225877][ T5877] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0022/input/input39
[  535.264954][ T5877] microsoft 0003:045E:07DA.0022: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  535.462690][ T5877] usb 4-1: USB disconnect, device number 54
[  536.000003][ T5879] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  536.675136][ T5879] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  536.697374][ T5879] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  536.708972][ T5879] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  536.738804][ T5879] usb 6-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  536.753799][ T5879] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  536.766992][ T5879] usb 6-1: config 0 descriptor??
[  537.984578][ T5879] usbhid 6-1:0.0: can't add hid device: -71
[  538.003682][ T5879] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  538.022425][ T5879] usb 6-1: USB disconnect, device number 3
[  538.082389][T12749] mac80211_hwsim hwsim10 wlan1: entered allmulticast mode
[  538.516996][T12760] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2116'.
[  538.548181][T12760] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2116'.
[  538.607917][T12760] netlink: 332 bytes leftover after parsing attributes in process `syz.3.2116'.
[  538.801407][T12766] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2118'.
[  538.821178][T12765] ipvlan2: entered promiscuous mode
[  539.141661][T12775] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2121'.
[  539.171892][T12775] openvswitch: netlink: Tunnel attr 0 has unexpected len 2 expected 8
[  541.406521][   T54] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  541.774692][T12735] syz.4.2109: vmalloc error: size 3874816, failed to allocated page array size 7568, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  542.107669][T12735] CPU: 1 UID: 0 PID: 12735 Comm: syz.4.2109 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0
[  542.118497][T12735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  542.128555][T12735] Call Trace:
[  542.131834][T12735]  <TASK>
[  542.134764][T12735]  dump_stack_lvl+0x241/0x360
[  542.139471][T12735]  ? __pfx_dump_stack_lvl+0x10/0x10
[  542.144690][T12735]  ? __pfx__printk+0x10/0x10
[  542.149296][T12735]  ? __rcu_read_unlock+0xa1/0x110
[  542.154334][T12735]  warn_alloc+0x278/0x410
[  542.158675][T12735]  ? __pfx_warn_alloc+0x10/0x10
[  542.163532][T12735]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  542.169694][T12735]  ? __get_vm_area_node+0x23d/0x270
[  542.174903][T12735]  __vmalloc_node_range_noprof+0x691/0x13f0
[  542.180820][T12735]  ? __kmalloc_cache_node_noprof+0x1d3/0x300
[  542.186799][T12735]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  542.193130][T12735]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  542.199300][T12735]  ? __get_vm_area_node+0x23d/0x270
[  542.204522][T12735]  __vmalloc_node_range_noprof+0x59c/0x13f0
[  542.210427][T12735]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  542.216592][T12735]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  542.222331][T12735]  ? rcu_is_watching+0x15/0xb0
[  542.227100][T12735]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  542.233439][T12735]  ? rcu_is_watching+0x15/0xb0
[  542.238204][T12735]  ? trace_kmalloc+0x1f/0xd0
[  542.242795][T12735]  ? __kmalloc_node_noprof+0x247/0x440
[  542.248256][T12735]  ? __kvmalloc_node_noprof+0x72/0x190
[  542.253736][T12735]  __kvmalloc_node_noprof+0x142/0x190
[  542.259129][T12735]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  542.265299][T12735]  __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  542.271294][T12735]  ? tpg_update_mv_step+0x361/0x4f0
[  542.276501][T12735]  vivid_update_format_cap+0x133c/0x2090
[  542.282153][T12735]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  542.288145][T12735]  vivid_vid_cap_s_dv_timings+0x535/0x1230
[  542.293987][T12735]  __video_do_ioctl+0xc23/0xdd0
[  542.298849][T12735]  ? __pfx___video_do_ioctl+0x10/0x10
[  542.304257][T12735]  ? __might_fault+0xc6/0x120
[  542.308964][T12735]  video_usercopy+0x89b/0x1180
[  542.313746][T12735]  ? __pfx___video_do_ioctl+0x10/0x10
[  542.319130][T12735]  ? __pfx_video_usercopy+0x10/0x10
[  542.324340][T12735]  ? smack_file_ioctl+0x2f7/0x3a0
[  542.329388][T12735]  ? __fget_files+0x3f3/0x470
[  542.334085][T12735]  v4l2_ioctl+0x189/0x1e0
[  542.338419][T12735]  ? __pfx_v4l2_ioctl+0x10/0x10
[  542.343274][T12735]  __se_sys_ioctl+0xf9/0x170
[  542.347879][T12735]  do_syscall_64+0xf3/0x230
[  542.352405][T12735]  ? clear_bhb_loop+0x35/0x90
[  542.357126][T12735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.363038][T12735] RIP: 0033:0x7ff47f17e719
[  542.367461][T12735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  542.387089][T12735] RSP: 002b:00007ff48005a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  542.395522][T12735] RAX: ffffffffffffffda RBX: 00007ff47f335f80 RCX: 00007ff47f17e719
[  542.403497][T12735] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000005
[  542.411480][T12735] RBP: 00007ff47f1f175e R08: 0000000000000000 R09: 0000000000000000
[  542.419462][T12735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  542.427438][T12735] R13: 0000000000000000 R14: 00007ff47f335f80 R15: 00007ffe084238e8
[  542.435431][T12735]  </TASK>
[  542.438615][    C1] vkms_vblank_simulate: vblank timer overrun
[  542.491808][T12735] Mem-Info:
[  542.495080][T12735] active_anon:2779 inactive_anon:3315 isolated_anon:0
[  542.495080][T12735]  active_file:17136 inactive_file:36086 isolated_file:0
[  542.495080][T12735]  unevictable:768 dirty:214 writeback:0
[  542.495080][T12735]  slab_reclaimable:6110 slab_unreclaimable:102993
[  542.495080][T12735]  mapped:21325 shmem:3870 pagetables:670
[  542.495080][T12735]  sec_pagetables:0 bounce:0
[  542.495080][T12735]  kernel_misc_reclaimable:0
[  542.495080][T12735]  free:1276642 free_pcp:802 free_cma:0
[  542.715311][T12735] Node 0 active_anon:1316kB inactive_anon:13060kB active_file:68452kB inactive_file:144344kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:85184kB dirty:856kB writeback:0kB shmem:4244kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10732kB pagetables:2580kB sec_pagetables:0kB all_unreclaimable? no
[  542.748908][T12735] Node 1 active_anon:0kB inactive_anon:0kB active_file:92kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  542.784355][T12735] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  542.811490][T12735] lowmem_reserve[]: 0 2465 2466 0 0
[  542.816790][T12735] Node 0 DMA32 free:1195068kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:1312kB inactive_anon:13024kB active_file:67684kB inactive_file:144292kB unevictable:1536kB writepending:756kB present:3129332kB managed:2552500kB mlocked:0kB bounce:0kB free_pcp:1080kB local_pcp:304kB free_cma:0kB
[  542.847574][T12735] lowmem_reserve[]: 0 0 0 0 0
[  542.852346][T12735] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:768kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  542.879417][T12735] lowmem_reserve[]: 0 0 0 0 0
[  542.890596][T12735] Node 1 Normal free:3908740kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:92kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  542.924900][T12735] lowmem_reserve[]: 0 0 0 0 0
[  542.929620][T12735] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  542.942428][T12735] Node 0 DMA32: 600*4kB (UME) 596*8kB (UME) 407*16kB (UME) 255*32kB (UME) 289*64kB (UME) 67*128kB (UME) 32*256kB (UME) 27*512kB (UME) 13*1024kB (UME) 8*2048kB (UM) 267*4096kB (M) = 1194256kB
[  542.961432][T12735] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  542.973792][T12735] Node 1 Normal: 241*4kB (UME) 56*8kB (UE) 46*16kB (UME) 217*32kB (UME) 108*64kB (UME) 26*128kB (UE) 19*256kB (UME) 11*512kB (UME) 2*1024kB (UM) 3*2048kB (UE) 945*4096kB (M) = 3908740kB
[  542.993058][T12735] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  543.002728][T12735] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  543.012027][T12735] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  543.021595][T12735] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  543.030921][T12735] 54668 total pagecache pages
[  543.035597][T12735] 1 pages in swap cache
[  543.039740][T12735] Free swap  = 124528kB
[  543.043909][T12735] Total swap = 124996kB
[  543.048053][T12735] 2097051 pages RAM
[  543.051935][T12735] 0 pages HighMem/MovableOnly
[  543.056632][T12735] 427074 pages reserved
[  543.061313][T12735] 0 pages cma reserved
[  545.212261][T12808] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2130'.
[  545.242732][T12808] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2130'.
[  545.280011][T12808] erspan1: entered promiscuous mode
[  545.296480][T12808] erspan1: entered allmulticast mode
[  546.645084][T12815] tipc: Started in network mode
[  546.650225][T12815] tipc: Node identity , cluster identity 4711
[  546.656486][T12815] tipc: Failed to set node id, please configure manually
[  546.663611][T12815] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  546.881499][T12821] netlink: 'syz.4.2135': attribute type 7 has an invalid length.
[  546.889291][T12821] netlink: 'syz.4.2135': attribute type 8 has an invalid length.
[  546.897224][T12821] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2135'.
[  546.999711][T12826] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  548.110367][T12848] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2144'.
[  548.569831][T12833] binder: 12832:12833 ioctl c0306201 0 returned -14
[  551.801918][    T8] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  551.985842][    T8] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  552.001744][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  552.011847][ T5942] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  552.020295][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  552.030957][    T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  552.058818][    T8] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  552.064296][T12900] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input40
[  552.070124][    T8] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  552.088497][    T8] usb 4-1: Manufacturer: syz
[  552.127588][    T8] usb 4-1: config 0 descriptor??
[  552.791825][ T5942] usb 5-1: Using ep0 maxpacket: 16
[  552.799192][ T5942] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  552.811921][ T5942] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  552.822901][ T5942] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  552.846358][ T5942] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  552.856773][T12909] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  552.874572][T12909] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  552.899531][ T5942] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  552.922015][T12911] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2166'.
[  552.926256][ T5942] usb 5-1: config 0 descriptor??
[  552.939831][    T8] appleir 0003:05AC:8243.0023: unknown main item tag 0x0
[  552.952840][T12911] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2166'.
[  552.964211][    T8] appleir 0003:05AC:8243.0023: No inputs registered, leaving
[  552.968580][T12911] gtp0: entered promiscuous mode
[  552.977443][T12911] gtp0: entered allmulticast mode
[  553.008422][    T8] appleir 0003:05AC:8243.0023: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  553.595455][T12875] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  553.604234][ T5942] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0024/input/input41
[  553.619477][T12875] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  553.713665][ T5942] microsoft 0003:045E:07DA.0024: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  553.722959][    T8] usb 4-1: USB disconnect, device number 55
[  553.758337][ T5942] usb 5-1: USB disconnect, device number 51
[  553.831725][T12929] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2171'.
[  553.843367][T12929] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2171'.
[  553.852472][T12929] netlink: 332 bytes leftover after parsing attributes in process `syz.4.2171'.
[  554.056177][T12943] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input42
[  554.210960][T12950] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  554.221158][T12950] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  554.860579][ T5879] usb 4-1: new full-speed USB device number 56 using dummy_hcd
[  555.074010][ T5879] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xDF, changing to 0x8F
[  555.086304][ T5879] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  555.111850][ T5879] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  555.115276][T12966] FAULT_INJECTION: forcing a failure.
[  555.115276][T12966] name failslab, interval 1, probability 0, space 0, times 0
[  555.134610][ T5879] usb 4-1: New USB device found, idVendor=077d, idProduct=0410, bcdDevice=ec.c1
[  555.144399][ T5879] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  555.155069][ T5879] usb 4-1: Product: syz
[  555.159653][T12966] CPU: 1 UID: 0 PID: 12966 Comm: syz.5.2183 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0
[  555.163642][ T5879] usb 4-1: Manufacturer: syz
[  555.170428][T12966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  555.170445][T12966] Call Trace:
[  555.170454][T12966]  <TASK>
[  555.170463][T12966]  dump_stack_lvl+0x241/0x360
[  555.170500][T12966]  ? __pfx_dump_stack_lvl+0x10/0x10
[  555.189676][ T5879] usb 4-1: SerialNumber: syz
[  555.191308][T12966]  ? __pfx__printk+0x10/0x10
[  555.210386][T12966]  ? __kmalloc_noprof+0xb0/0x400
[  555.215347][T12966]  ? __pfx___might_resched+0x10/0x10
[  555.220666][T12966]  should_fail_ex+0x3b0/0x4e0
[  555.225370][T12966]  ? smk_write_net6addr+0x197/0x18b0
[  555.230683][T12966]  should_failslab+0xac/0x100
[  555.235372][T12966]  ? smk_write_net6addr+0x197/0x18b0
[  555.240657][T12966]  __kmalloc_noprof+0xd8/0x400
[  555.245417][T12966]  smk_write_net6addr+0x197/0x18b0
[  555.250534][T12966]  ? __pfx_lock_acquire+0x10/0x10
[  555.255573][T12966]  ? __pfx_smk_write_net6addr+0x10/0x10
[  555.261125][T12966]  ? rcu_read_lock_any_held+0xb7/0x160
[  555.266596][T12966]  ? __pfx_smk_write_net6addr+0x10/0x10
[  555.272145][T12966]  vfs_write+0x2a3/0xd30
[  555.276400][T12966]  ? fdget_pos+0x24e/0x320
[  555.280821][T12966]  ? __pfx_vfs_write+0x10/0x10
[  555.285607][T12966]  ? __fget_files+0x3f3/0x470
[  555.290295][T12966]  ? fdget_pos+0x24e/0x320
[  555.294715][T12966]  ksys_write+0x183/0x2b0
[  555.299048][T12966]  ? __pfx_ksys_write+0x10/0x10
[  555.303900][T12966]  ? do_syscall_64+0x100/0x230
[  555.308681][T12966]  ? do_syscall_64+0xb6/0x230
[  555.313364][T12966]  do_syscall_64+0xf3/0x230
[  555.317872][T12966]  ? clear_bhb_loop+0x35/0x90
[  555.322560][T12966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  555.328453][T12966] RIP: 0033:0x7fc6bfb7e719
[  555.332867][T12966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  555.352473][T12966] RSP: 002b:00007fc6c0959038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  555.360894][T12966] RAX: ffffffffffffffda RBX: 00007fc6bfd35f80 RCX: 00007fc6bfb7e719
[  555.368871][T12966] RDX: 00000000000000b0 RSI: 0000000020000380 RDI: 0000000000000003
[  555.376838][T12966] RBP: 00007fc6c0959090 R08: 0000000000000000 R09: 0000000000000000
[  555.384810][T12966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  555.392776][T12966] R13: 0000000000000000 R14: 00007fc6bfd35f80 R15: 00007fffec5bb2a8
[  555.400850][T12966]  </TASK>
[  555.403885][    C1] vkms_vblank_simulate: vblank timer overrun
[  555.410017][ T5879] usb 4-1: config 0 descriptor??
[  555.538687][T12976] netlink: 'syz.4.2189': attribute type 4 has an invalid length.
[  555.560818][T12979] workqueue: name exceeds WQ_NAME_LEN. Truncating to: †<)Ù2¼”›U7‘Åä‹¡ô¾ÐËÝ;&!éi‡¼
[  555.571020][T12976] netlink: 'syz.4.2189': attribute type 4 has an invalid length.
[  555.596222][T12978] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input43
[  555.597811][T12976] netlink: 'syz.4.2189': attribute type 4 has an invalid length.
[  555.655657][T12976] netlink: 'syz.4.2189': attribute type 4 has an invalid length.
[  555.733068][ T5879] powermate: Expected payload of 3--6 bytes, found 0 bytes!
[  555.740746][ T5879] powermate 4-1:0.0: probe with driver powermate failed with error -5
[  555.754278][T12976] netlink: 'syz.4.2189': attribute type 4 has an invalid length.
[  555.765954][ T5879] usb 4-1: USB disconnect, device number 56
[  555.773593][T12976] netlink: 'syz.4.2189': attribute type 4 has an invalid length.
[  555.791788][T12976] netlink: 'syz.4.2189': attribute type 4 has an invalid length.
[  555.800119][T12976] netlink: 'syz.4.2189': attribute type 4 has an invalid length.
[  555.808575][T12976] netlink: 'syz.4.2189': attribute type 4 has an invalid length.
[  555.817032][T12976] netlink: 'syz.4.2189': attribute type 4 has an invalid length.
[  556.670641][T13003] openvswitch: netlink: Actions may not be safe on all matching packets
[  557.181186][T13014] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2198'.
[  557.942035][T13020] set match dimension is over the limit!
[  558.122869][T13024] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input45
[  558.956464][T13021] ALSA: mixer_oss: invalid OSS volume '01777777777777777777777'
[  559.732440][T13037] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2206'.
[  559.769832][T13040] Cannot find set identified by id 0 to match
[  562.026525][T13051] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2212'.
[  562.183809][T13061] netlink: 112 bytes leftover after parsing attributes in process `syz.3.2213'.
[  562.253079][T13061] nbd: must specify at least one socket
[  562.925810][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  562.975645][ T5942] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  563.007616][ T5942] hid-generic 0000:0000:0000.0025: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  563.453326][ T5879] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  563.522351][T13080] Cannot find set identified by id 0 to match
[  563.688078][ T5879] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[  563.704555][ T5879] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  563.716682][ T5879] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  564.343661][ T5879] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  564.382802][ T5879] usb 3-1: Manufacturer: syz
[  564.389365][ T5879] usb 3-1: config 0 descriptor??
[  564.514218][ T5879] rc_core: IR keymap rc-hauppauge not found
[  564.525122][ T5879] Registered IR keymap rc-empty
[  564.530522][ T5879] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  564.549295][ T5879] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input46
[  566.404089][  T973] usb 3-1: USB disconnect, device number 42
[  566.893947][T13110] validate_nla: 55 callbacks suppressed
[  566.893963][T13110] netlink: 'syz.2.2228': attribute type 1 has an invalid length.
[  567.291657][T13115] bond3 (unregistering): Released all slaves
[  567.706180][T13122] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2231'.
[  567.740423][T13122] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2231'.
[  567.827813][T13117] kvm: pic: non byte write
[  568.478354][T13134] netlink: 'syz.2.2234': attribute type 3 has an invalid length.
[  568.486650][T13134] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.2234'.
[  568.550534][T13138] syz.3.2235 (13138): drop_caches: 2
[  568.556866][T13138] syz.3.2235 (13138): drop_caches: 2
[  568.657396][T13140] netlink: 'syz.5.2236': attribute type 10 has an invalid length.
[  568.927830][T13140] team0: Port device netdevsim0 added
[  568.954529][T13141] netlink: 'syz.5.2236': attribute type 10 has an invalid length.
[  569.137572][T13141] team0: Port device netdevsim0 removed
[  569.247474][T13141] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  570.713974][ T5877] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  570.824302][T13164] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2245'.
[  570.839653][T13164] (unnamed net_device) (uninitialized): option primary_reselect: invalid value (252)
[  570.915526][T13163] xt_connbytes: Forcing CT accounting to be enabled
[  570.922431][T13163] Cannot find set identified by id 0 to match
[  571.057909][ T5877] usb 4-1: Using ep0 maxpacket: 8
[  571.800283][ T5877] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  571.904318][ T5877] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  571.974102][ T5877] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  571.994147][ T5877] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  572.013000][T13173] ipvlan2: entered promiscuous mode
[  572.018348][ T5877] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  572.553662][ T5877] usb 4-1: string descriptor 0 read error: -71
[  572.569542][ T5877] usb 4-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  572.586449][ T5877] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  572.611658][ T5877] usb 4-1: config 0 descriptor??
[  572.631144][ T5877] usb 4-1: can't set config #0, error -71
[  572.654025][ T5877] usb 4-1: USB disconnect, device number 57
[  572.856769][T13190] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2254'.
[  573.317653][  T973] usb 3-1: new full-speed USB device number 43 using dummy_hcd
[  573.524310][  T973] usb 3-1: device descriptor read/64, error -71
[  573.573205][T13203] Cannot find set identified by id 0 to match
[  573.623598][T13207] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2258'.
[  573.649316][T13207] netlink: 38 bytes leftover after parsing attributes in process `syz.3.2258'.
[  573.774725][  T973] usb 3-1: new full-speed USB device number 44 using dummy_hcd
[  574.194863][ T5880] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  574.354540][ T5880] usb 4-1: Using ep0 maxpacket: 16
[  574.368407][ T5880] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  574.494616][  T973] usb 3-1: device descriptor read/64, error -71
[  574.539211][ T5880] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  574.550928][ T5880] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  574.560729][ T5880] usb 4-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0
[  574.569242][ T5880] usb 4-1: Product: syz
[  574.573442][ T5880] usb 4-1: Manufacturer: syz
[  574.581480][ T5880] usb 4-1: config 0 descriptor??
[  574.600875][T13217] netlink: 'syz.5.2261': attribute type 1 has an invalid length.
[  574.614907][  T973] usb usb3-port1: attempt power cycle
[  574.643162][T13217] 8021q: adding VLAN 0 to HW filter on device batadv2
[  574.654687][T13217] bond1: (slave batadv2): Enslaving as a backup interface with an up link
[  574.675965][T13217] bond1 (unregistering): (slave batadv2): Releasing backup interface
[  574.689812][T13217] bond1 (unregistering): Released all slaves
[  574.828817][ T5880] usbhid 4-1:0.0: can't add hid device: -71
[  574.837330][ T5880] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  574.847327][ T5880] usb 4-1: USB disconnect, device number 58
[  575.064785][  T973] usb 3-1: new full-speed USB device number 45 using dummy_hcd
[  575.086898][  T973] usb 3-1: device descriptor read/8, error -71
[  575.354790][  T973] usb 3-1: new full-speed USB device number 46 using dummy_hcd
[  575.488584][  T973] usb 3-1: device descriptor read/8, error -71
[  575.670662][  T973] usb usb3-port1: unable to enumerate USB device
[  576.213621][T13238] FAULT_INJECTION: forcing a failure.
[  576.213621][T13238] name failslab, interval 1, probability 0, space 0, times 0
[  576.226830][T13238] CPU: 0 UID: 0 PID: 13238 Comm: syz.2.2264 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0
[  576.237627][T13238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  576.247711][T13238] Call Trace:
[  576.251102][T13238]  <TASK>
[  576.254047][T13238]  dump_stack_lvl+0x241/0x360
[  576.258751][T13238]  ? __pfx_dump_stack_lvl+0x10/0x10
[  576.263970][T13238]  ? __pfx__printk+0x10/0x10
[  576.268582][T13238]  ? fs_reclaim_acquire+0x93/0x130
[  576.273717][T13238]  ? __pfx___might_resched+0x10/0x10
[  576.279031][T13238]  should_fail_ex+0x3b0/0x4e0
[  576.283729][T13238]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  576.289473][T13238]  should_failslab+0xac/0x100
[  576.294171][T13238]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  576.299918][T13238]  __kmalloc_noprof+0xd8/0x400
[  576.304703][T13238]  tomoyo_realpath_from_path+0xcf/0x5e0
[  576.310291][T13238]  tomoyo_path_number_perm+0x23a/0x880
[  576.315777][T13238]  ? tomoyo_path_number_perm+0x208/0x880
[  576.321433][T13238]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  576.327486][T13238]  ? __fget_files+0x29/0x470
[  576.332120][T13238]  ? __fget_files+0x3f3/0x470
[  576.332811][T13240] netlink: 108 bytes leftover after parsing attributes in process `syz.3.2266'.
[  576.336822][T13238]  security_file_ioctl+0xc6/0x2a0
[  576.336857][T13238]  __se_sys_ioctl+0x47/0x170
[  576.355500][T13238]  do_syscall_64+0xf3/0x230
[  576.360028][T13238]  ? clear_bhb_loop+0x35/0x90
[  576.364731][T13238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  576.370641][T13238] RIP: 0033:0x7f4977d7e719
[  576.375077][T13238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  576.394700][T13238] RSP: 002b:00007f4978bd2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  576.403134][T13238] RAX: ffffffffffffffda RBX: 00007f4977f36130 RCX: 00007f4977d7e719
[  576.411133][T13238] RDX: 0000000000000000 RSI: 0000000000007003 RDI: 0000000000000005
[  576.419153][T13238] RBP: 00007f4978bd2090 R08: 0000000000000000 R09: 0000000000000000
[  576.427159][T13238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  576.435163][T13238] R13: 0000000000000000 R14: 00007f4977f36130 R15: 00007ffc4a8ae0b8
[  576.443175][T13238]  </TASK>
[  576.446310][    C0] vkms_vblank_simulate: vblank timer overrun
[  576.457631][T13238] ERROR: Out of memory at tomoyo_realpath_from_path.
[  578.904593][T13276] pimreg: entered allmulticast mode
[  578.987900][T13276] pimreg: left allmulticast mode
[  579.369548][T13286] batadv0: entered promiscuous mode
[  579.379915][T13286] macvtap1: entered promiscuous mode
[  579.386247][T11413] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  579.395906][T11413] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  579.402281][T13286] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  579.423836][T11413] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  579.431780][T11413] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  579.440500][T13286] batadv0: left promiscuous mode
[  579.446458][T11413] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  579.453894][T11413] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  579.615137][ T5880] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  579.776478][ T5880] usb 4-1: Using ep0 maxpacket: 32
[  579.975114][ T5880] usb 4-1: New USB device found, idVendor=046d, idProduct=0960, bcdDevice=a5.af
[  580.037859][ T5880] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  580.093989][ T5880] usb 4-1: Product: syz
[  580.131433][ T5880] usb 4-1: Manufacturer: syz
[  580.153029][ T5880] usb 4-1: SerialNumber: syz
[  580.219850][ T5880] usb 4-1: config 0 descriptor??
[  580.237938][ T5880] gspca_main: sunplus-2.14.0 probing 046d:0960
[  580.287892][T13290] chnl_net:caif_netlink_parms(): no params data found
[  580.773590][ T5880] gspca_sunplus: reg_w_riv err -110
[  580.850676][ T5880] sunplus 4-1:0.0: probe with driver sunplus failed with error -110
[  581.057620][T13290] bridge0: port 1(bridge_slave_0) entered blocking state
[  581.072379][T13290] bridge0: port 1(bridge_slave_0) entered disabled state
[  581.093479][T13290] bridge_slave_0: entered allmulticast mode
[  581.119319][T13290] bridge_slave_0: entered promiscuous mode
[  581.168877][T13290] bridge0: port 2(bridge_slave_1) entered blocking state
[  581.179957][ T5942] usb 4-1: USB disconnect, device number 59
[  581.185721][T13290] bridge0: port 2(bridge_slave_1) entered disabled state
[  581.203384][T13290] bridge_slave_1: entered allmulticast mode
[  581.214773][T13290] bridge_slave_1: entered promiscuous mode
[  581.335970][T13290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  581.352018][T13323] xt_CT: No such helper "syz0"
[  581.377027][T13290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  581.521211][T13290] team0: Port device team_slave_0 added
[  581.544885][T13290] team0: Port device team_slave_1 added
[  581.546430][T11413] Bluetooth: hci5: command tx timeout
[  581.618216][T13290] batman_adv: batadv0: Adding interface: batadv_slave_0
[  581.628285][T13339] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2297'.
[  581.655225][T13290] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  581.681149][    C0] vkms_vblank_simulate: vblank timer overrun
[  581.761265][T13290] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  581.802281][T13290] batman_adv: batadv0: Adding interface: batadv_slave_1
[  581.829608][T13290] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  581.905402][T13290] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  582.412905][T13290] hsr_slave_0: entered promiscuous mode
[  582.562079][T13290] hsr_slave_1: entered promiscuous mode
[  582.711281][T13290] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  582.723062][T13359] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  582.742302][T13290] Cannot create hsr debugfs directory
[  582.765834][T13359] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  582.896373][T13367] FAULT_INJECTION: forcing a failure.
[  582.896373][T13367] name failslab, interval 1, probability 0, space 0, times 0
[  582.955387][T13367] CPU: 0 UID: 0 PID: 13367 Comm: syz.3.2307 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0
[  582.956029][ T5942] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  582.966224][T13367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  582.966268][T13367] Call Trace:
[  582.966278][T13367]  <TASK>
[  582.966287][T13367]  dump_stack_lvl+0x241/0x360
[  582.966323][T13367]  ? __pfx_dump_stack_lvl+0x10/0x10
[  582.966349][T13367]  ? __pfx__printk+0x10/0x10
[  582.966377][T13367]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  583.010079][T13367]  ? __pfx___might_resched+0x10/0x10
[  583.015383][T13367]  should_fail_ex+0x3b0/0x4e0
[  583.020086][T13367]  should_failslab+0xac/0x100
[  583.024761][T13367]  ? smk_write_net6addr+0xe64/0x18b0
[  583.030052][T13367]  __kmalloc_cache_noprof+0x6c/0x2c0
[  583.035335][T13367]  ? smk_import_entry+0x50c/0x610
[  583.040371][T13367]  smk_write_net6addr+0xe64/0x18b0
[  583.045516][T13367]  ? __pfx_smk_write_net6addr+0x10/0x10
[  583.051072][T13367]  ? rcu_read_lock_any_held+0xb7/0x160
[  583.056545][T13367]  ? __pfx_smk_write_net6addr+0x10/0x10
[  583.062099][T13367]  vfs_write+0x2a3/0xd30
[  583.066346][T13367]  ? fdget_pos+0x24e/0x320
[  583.070771][T13367]  ? __pfx_vfs_write+0x10/0x10
[  583.075559][T13367]  ? __fget_files+0x3f3/0x470
[  583.080267][T13367]  ? fdget_pos+0x24e/0x320
[  583.084688][T13367]  ksys_write+0x183/0x2b0
[  583.089025][T13367]  ? __pfx_ksys_write+0x10/0x10
[  583.093888][T13367]  ? do_syscall_64+0x100/0x230
[  583.098670][T13367]  ? do_syscall_64+0xb6/0x230
[  583.103358][T13367]  do_syscall_64+0xf3/0x230
[  583.107874][T13367]  ? clear_bhb_loop+0x35/0x90
[  583.112572][T13367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.118470][T13367] RIP: 0033:0x7f009497e719
[  583.122889][T13367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  583.142498][T13367] RSP: 002b:00007f009585c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  583.150918][T13367] RAX: ffffffffffffffda RBX: 00007f0094b35f80 RCX: 00007f009497e719
[  583.158887][T13367] RDX: 00000000000000b0 RSI: 0000000020000380 RDI: 0000000000000003
[  583.166878][T13367] RBP: 00007f009585c090 R08: 0000000000000000 R09: 0000000000000000
[  583.174848][T13367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  583.182821][T13367] R13: 0000000000000000 R14: 00007f0094b35f80 R15: 00007ffe64da1b78
[  583.190809][T13367]  </TASK>
[  583.193843][    C0] vkms_vblank_simulate: vblank timer overrun
[  583.270951][T13369] ɶƣ0GC¦!: entered promiscuous mode
[  583.626633][T11413] Bluetooth: hci5: command tx timeout
[  583.806450][T13384] FAULT_INJECTION: forcing a failure.
[  583.806450][T13384] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  583.806483][T13384] CPU: 0 UID: 0 PID: 13384 Comm: syz.5.2314 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0
[  583.806506][T13384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  583.806518][T13384] Call Trace:
[  583.806527][T13384]  <TASK>
[  583.806536][T13384]  dump_stack_lvl+0x241/0x360
[  583.806570][T13384]  ? __pfx_dump_stack_lvl+0x10/0x10
[  583.806598][T13384]  ? __pfx__printk+0x10/0x10
[  583.806628][T13384]  ? btf_check_sec_info+0x379/0x4f0
[  583.806659][T13384]  should_fail_ex+0x3b0/0x4e0
[  583.806686][T13384]  _copy_to_user+0x31/0xb0
[  583.806707][T13384]  btf_new_fd+0x515/0xd30
[  583.806743][T13384]  ? __pfx_btf_new_fd+0x10/0x10
[  583.806781][T13384]  ? bpf_btf_load+0xcf/0x1a0
[  583.806810][T13384]  __sys_bpf+0x6ef/0x810
[  583.806835][T13384]  ? __pfx___sys_bpf+0x10/0x10
[  583.806870][T13384]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  583.806907][T13384]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  583.806969][T13384]  ? do_syscall_64+0x100/0x230
[  583.807004][T13384]  __x64_sys_bpf+0x7c/0x90
[  583.807031][T13384]  do_syscall_64+0xf3/0x230
[  583.807063][T13384]  ? clear_bhb_loop+0x35/0x90
[  583.807095][T13384]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.807122][T13384] RIP: 0033:0x7fc6bfb7e719
[  583.807144][T13384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  583.807165][T13384] RSP: 002b:00007fc6c0959038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  583.807193][T13384] RAX: ffffffffffffffda RBX: 00007fc6bfd35f80 RCX: 00007fc6bfb7e719
[  583.807211][T13384] RDX: 0000000000000020 RSI: 0000000020000380 RDI: 0000000000000012
[  583.807227][T13384] RBP: 00007fc6c0959090 R08: 0000000000000000 R09: 0000000000000000
[  583.807243][T13384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  583.807259][T13384] R13: 0000000000000001 R14: 00007fc6bfd35f80 R15: 00007fffec5bb2a8
[  583.807293][T13384]  </TASK>
[  583.831987][T13290] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  583.983389][T13383] fuse: Bad value for 'user_id'
[  583.983406][T13383] fuse: Bad value for 'user_id'
[  583.993129][T13290] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  584.060890][T13290] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  584.141324][T13290] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  584.428279][T13290] 8021q: adding VLAN 0 to HW filter on device bond0
[  584.601711][T13290] 8021q: adding VLAN 0 to HW filter on device team0
[  584.634926][T13290] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  584.634952][T13290] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  584.657003][ T6786] bridge0: port 1(bridge_slave_0) entered blocking state
[  584.657116][ T6786] bridge0: port 1(bridge_slave_0) entered forwarding state
[  584.659307][ T6786] bridge0: port 2(bridge_slave_1) entered blocking state
[  584.659378][ T6786] bridge0: port 2(bridge_slave_1) entered forwarding state
[  584.871046][T13395] ipt_rpfilter: unknown options
[  585.341268][T13290] 8021q: adding VLAN 0 to HW filter on device batadv0
[  585.499166][T13402] openvswitch: netlink: Actions may not be safe on all matching packets
[  585.706292][T11413] Bluetooth: hci5: command tx timeout
[  586.163234][T13290] veth0_vlan: entered promiscuous mode
[  586.259039][T13290] veth1_vlan: entered promiscuous mode
[  586.767410][T13437] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2328'.
[  586.822228][T13290] veth0_macvtap: entered promiscuous mode
[  586.857811][T13290] veth1_macvtap: entered promiscuous mode
[  586.902021][T13290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  586.913406][T13290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  586.923967][T13290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  586.939091][T13290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  586.949428][T13290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  586.965429][T13290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.798810][T13447] Cannot find set identified by id 0 to match
[  587.808917][T11413] Bluetooth: hci5: command tx timeout
[  588.342741][T13290] batman_adv: batadv0: Interface activated: batadv_slave_0
[  588.362719][T13290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  588.373400][T13290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  588.383415][T13290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  588.394275][T13290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  588.404283][T13290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  588.425569][T13290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  588.608442][ T5942] usb 3-1: device descriptor read/64, error -110
[  588.697041][T13290] batman_adv: batadv0: Interface activated: batadv_slave_1
[  588.738587][T13290] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  588.760594][T13290] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  588.806438][T13290] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  588.806517][T13290] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  588.839525][T13457] netlink: 'syz.1.2334': attribute type 21 has an invalid length.
[  588.839611][T13457] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2334'.
[  588.846291][ T5942] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  588.976344][ T5942] usb 3-1: device descriptor read/64, error -32
[  589.012837][T12407] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  589.030828][T12407] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  589.074791][ T6786] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  589.092786][ T6786] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  589.322422][ T5942] usb usb3-port1: attempt power cycle
[  589.407582][T13471] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  589.416736][T13471] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  589.696523][ T5942] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  589.781771][ T5942] usb 3-1: device descriptor read/8, error -32
[  589.993280][ T5942] raw-gadget.0 gadget.2: failed to queue reset event
[  590.221561][ T5942] raw-gadget.0 gadget.2: failed to queue resume event
[  590.406407][ T5942] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  590.449843][    C1] raw-gadget.0 gadget.2: ignoring, device is not running
[  590.475161][ T5942] usb 3-1: device descriptor read/8, error -32
[  590.604942][ T5942] raw-gadget.0 gadget.2: failed to queue suspend event
[  590.716483][ T5942] usb usb3-port1: unable to enumerate USB device
[  591.576729][ T5879] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  591.749145][ T5879] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  591.779930][ T5879] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  591.829880][ T5879] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  591.847857][T13493] Cannot find set identified by id 0 to match
[  591.851062][ T5879] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  591.873247][ T5879] usb 4-1: config 0 descriptor??
[  591.890166][ T5879] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  592.780867][T13502] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2346'.
[  592.789740][ T5877] usb 4-1: USB disconnect, device number 60
[  592.816221][T13502] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2346'.
[  592.841510][T13502] netlink: 4432 bytes leftover after parsing attributes in process `syz.2.2346'.
[  593.025899][T13508] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  593.033117][T13512] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2350'.
[  593.044279][T13508] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  594.193299][T13530] xt_connbytes: Forcing CT accounting to be enabled
[  594.200034][T13530] Cannot find set identified by id 0 to match
[  597.125248][T13547] netlink: 'syz.2.2360': attribute type 29 has an invalid length.
[  597.174788][T13547] netlink: 'syz.2.2360': attribute type 29 has an invalid length.
[  599.192283][T13568] Cannot find add_set index 0 as target
[  599.349666][T13567] bridge_slave_0: left allmulticast mode
[  599.407075][T13567] bridge_slave_0: left promiscuous mode
[  599.427014][T13567] bridge0: port 1(bridge_slave_0) entered disabled state
[  599.452962][T13567] bridge_slave_1: left allmulticast mode
[  599.459269][T13567] bridge_slave_1: left promiscuous mode
[  599.465956][T13567] bridge0: port 2(bridge_slave_1) entered disabled state
[  599.520220][T13567] bond0: (slave bond_slave_0): Releasing backup interface
[  599.539800][T13567] bond0: (slave bond_slave_1): Releasing backup interface
[  599.621337][T13567] team0: Port device team_slave_0 removed
[  599.653436][T13567] team0: Port device team_slave_1 removed
[  599.666663][T13567] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  599.675014][T13567] batman_adv: batadv0: Removing interface: batadv_slave_0
[  599.688857][T13567] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  599.696794][T13567] batman_adv: batadv0: Removing interface: batadv_slave_1
[  599.745658][T13567] bond0: (slave netdevsim0): Releasing backup interface
[  600.336657][T13589] netlink: 'syz.2.2373': attribute type 2 has an invalid length.
[  600.392950][T13588] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2374'.
[  600.675656][   T30] INFO: task kworker/1:6:5928 blocked for more than 143 seconds.
[  601.407615][   T30]       Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0
[  601.423826][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  601.469828][   T30] task:kworker/1:6     state:D stack:18192 pid:5928  tgid:5928  ppid:2      flags:0x00004000
[  601.507634][   T30] Workqueue: usb_hub_wq hub_event
[  601.516297][   T30] Call Trace:
[  601.527586][   T30]  <TASK>
[  601.537380][   T30]  __schedule+0x17fa/0x4bd0
[  601.568288][   T30]  ? do_raw_spin_lock+0x14f/0x370
[  601.587792][   T30]  ? __pfx___schedule+0x10/0x10
[  601.597407][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  601.611032][   T30]  ? __pfx_lock_release+0x10/0x10
[  601.634068][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  601.654156][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  601.667463][   T30]  ? schedule+0x90/0x320
[  601.677024][   T30]  schedule+0x14b/0x320
[  601.685542][   T30]  schedule_timeout+0xb0/0x310
[  601.696290][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  601.733626][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  601.748425][   T30]  ? wait_for_completion+0x2fe/0x620
[  601.759966][   T30]  ? wait_for_completion+0x2fe/0x620
[  601.771636][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  601.782652][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  601.794090][   T30]  ? wait_for_completion+0x2fe/0x620
[  601.806363][   T30]  wait_for_completion+0x355/0x620
[  601.819954][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  601.832816][   T30]  ? __init_swait_queue_head+0xae/0x150
[  601.849945][   T30]  snd_card_free+0x12a/0x190
[  601.860221][   T30]  ? __pfx_snd_card_free+0x10/0x10
[  601.871303][   T30]  ? __wake_up_common_lock+0x18c/0x1e0
[  601.883925][   T30]  usb_unbind_interface+0x25e/0x940
[  601.906272][   T30]  ? kernfs_remove_by_name_ns+0x11b/0x160
[  601.938018][   T30]  ? __pfx_usb_unbind_interface+0x10/0x10
[  601.944343][   T30]  device_release_driver_internal+0x503/0x7c0
[  601.953616][   T30]  bus_remove_device+0x34f/0x420
[  601.959374][   T30]  device_del+0x57a/0x9b0
[  601.963979][   T30]  ? __pfx_device_del+0x10/0x10
[  601.969591][   T30]  ? usb_disconnect+0x103/0x950
[  601.974625][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  601.981501][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  601.986710][   T30]  usb_disable_device+0x3bf/0x850
[  601.992781][   T30]  usb_disconnect+0x340/0x950
[  601.997733][   T30]  hub_event+0x1ebc/0x5150
[  602.003063][   T30]  ? debug_object_deactivate+0x2d5/0x390
[  602.009269][   T30]  ? __pfx_hub_event+0x10/0x10
[  602.014406][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  602.019979][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  602.026328][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  602.033113][   T30]  ? process_scheduled_works+0x976/0x1850
[  602.039327][   T30]  process_scheduled_works+0xa63/0x1850
[  602.045205][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  602.052170][   T30]  ? assign_work+0x364/0x3d0
[  602.057558][   T30]  worker_thread+0x870/0xd30
[  602.062626][   T30]  ? __kthread_parkme+0x169/0x1d0
[  602.068003][   T30]  ? __pfx_worker_thread+0x10/0x10
[  602.073407][   T30]  kthread+0x2f0/0x390
[  602.078534][   T30]  ? __pfx_worker_thread+0x10/0x10
[  602.083970][   T30]  ? __pfx_kthread+0x10/0x10
[  602.088849][   T30]  ret_from_fork+0x4b/0x80
[  602.093408][   T30]  ? __pfx_kthread+0x10/0x10
[  602.098415][   T30]  ret_from_fork_asm+0x1a/0x30
[  602.103386][   T30]  </TASK>
[  602.106843][   T30] 
[  602.106843][   T30] Showing all locks held in the system:
[  602.115301][   T30] 3 locks held by kworker/u8:1/12:
[  602.120694][   T30] 1 lock held by rcu_tasks_trace/15:
[  602.126438][   T30]  #0: ffffffff8e938370 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0xaed/0xe10
[  602.142640][   T30] 1 lock held by khungtaskd/30:
[  602.147714][   T30]  #0: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  602.158991][   T30] 3 locks held by kworker/u8:5/793:
[  602.164312][   T30]  #0: ffff8880b863ea58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140
[  602.175326][   T30]  #1: ffff8880b8628948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x41d/0x7a0
[  602.188902][   T30]  #2: ffff888030630768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: cfg80211_wiphy_work+0xd9/0x490
[  602.199948][   T30] 2 locks held by getty/5585:
[  602.204861][   T30]  #0: ffff88803528a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  602.215394][   T30]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  602.226192][   T30] 5 locks held by kworker/1:6/5928:
[  602.231958][   T30]  #0: ffff888021696d48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  602.243899][   T30]  #1: ffffc900049ffd00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  602.256761][   T30]  #2: ffff888028b6d190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150
[  602.267423][   T30]  #3: ffff888065b5b190 (&dev->mutex){....}-{3:3}, at: usb_disconnect+0x103/0x950
[  602.364280][   T30]  #4: ffff888062f3f160 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0
[  602.384616][   T30] 3 locks held by kworker/u8:13/12406:
[  602.391027][   T30] 1 lock held by syz.4.2217/13069:
[  602.396255][   T30]  #0: ffff888028b6d190 (&dev->mutex){....}-{3:3}, at: usbdev_open+0x156/0x770
[  602.405919][   T30] 1 lock held by syz.5.2371/13591:
[  602.411620][   T30] 4 locks held by kvm-nx-lpage-re/13585:
[  602.417346][   T30]  #0: ffffffff8e96c528 (cgroup_mutex){+.+.}-{3:3}, at: cgroup_attach_task_all+0x27/0xe0
[  602.428432][   T30]  #1: ffffffff8e7d1d90 (cpu_hotplug_lock){++++}-{0:0}, at: cgroup_attach_lock+0x11/0x40
[  602.439390][   T30]  #2: ffffffff8e96c710 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: cgroup_attach_task_all+0x31/0xe0
[  602.451147][   T30]  #3: ffffffff8e93d338 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  602.462657][   T30] 1 lock held by syz.2.2377/13601:
[  602.469476][   T30]  #0: ffff8880334ba0c8 (&nft_net->commit_mutex){+.+.}-{3:3}, at: nf_tables_valid_genid+0x32/0x100
[  602.481015][   T30] 
[  602.483435][   T30] =============================================
[  602.483435][   T30] 
[  602.494035][   T30] NMI backtrace for cpu 1
[  602.498398][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0
[  602.508910][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  602.518964][   T30] Call Trace:
[  602.522241][   T30]  <TASK>
[  602.525168][   T30]  dump_stack_lvl+0x241/0x360
[  602.529856][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  602.535056][   T30]  ? __pfx__printk+0x10/0x10
[  602.539654][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  602.544627][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  602.550118][   T30]  ? _printk+0xd5/0x120
[  602.554285][   T30]  ? __pfx__printk+0x10/0x10
[  602.558876][   T30]  ? __wake_up_klogd+0xcc/0x110
[  602.563733][   T30]  ? __pfx__printk+0x10/0x10
[  602.568343][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  602.573378][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  602.579380][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  602.585389][   T30]  watchdog+0xff4/0x1040
[  602.589648][   T30]  ? watchdog+0x1ea/0x1040
[  602.594111][   T30]  ? __pfx_watchdog+0x10/0x10
[  602.598809][   T30]  kthread+0x2f0/0x390
[  602.602899][   T30]  ? __pfx_watchdog+0x10/0x10
[  602.607607][   T30]  ? __pfx_kthread+0x10/0x10
[  602.612216][   T30]  ret_from_fork+0x4b/0x80
[  602.616646][   T30]  ? __pfx_kthread+0x10/0x10
[  602.621236][   T30]  ret_from_fork_asm+0x1a/0x30
[  602.626018][   T30]  </TASK>
[  602.630582][   T30] Sending NMI from CPU 1 to CPUs 0:
[  602.636521][    C0] NMI backtrace for cpu 0
[  602.636534][    C0] CPU: 0 UID: 0 PID: 5879 Comm: kworker/0:5 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0
[  602.636553][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  602.636563][    C0] Workqueue: events free_obj_work
[  602.636583][    C0] RIP: 0010:unwind_next_frame+0xb5d/0x22d0
[  602.636610][    C0] Code: 7c 24 28 49 8d 6d 08 48 89 e8 48 c1 e8 03 48 89 84 24 88 00 00 00 42 80 3c 20 00 74 08 48 89 ef e8 98 31 ba 00 48 89 6c 24 60 <48> 89 5c 24 40 49 8b 6d 08 49 8d 5d 10 49 89 df 49 c1 ef 03 43 80
[  602.636624][    C0] RSP: 0018:ffffc900046ef590 EFLAGS: 00000246
[  602.636637][    C0] RAX: 1ffff920008ddecd RBX: 1ffffffff21461c3 RCX: ffffffff902d5c7c
[  602.636650][    C0] RDX: ffffffff90a30e14 RSI: 0000000000000002 RDI: ffffffff814166e0
[  602.636661][    C0] RBP: ffffc900046ef668 R08: 0000000000000004 R09: ffffc900046ef750
[  602.636672][    C0] R10: ffffc900046ef6b0 R11: ffffffff8180a210 R12: dffffc0000000000
[  602.636684][    C0] R13: ffffc900046ef660 R14: ffffc900046ef698 R15: ffffffff90a30e18
[  602.636696][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  602.636709][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  602.636721][    C0] CR2: 000055555d5da5c8 CR3: 000000007f704000 CR4: 00000000003526f0
[  602.636734][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  602.636743][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  602.636754][    C0] Call Trace:
[  602.636759][    C0]  <NMI>
[  602.636766][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  602.636790][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  602.636814][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  602.636836][    C0]  ? nmi_handle+0x2a/0x5a0
[  602.636859][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  602.636879][    C0]  ? nmi_handle+0x14f/0x5a0
[  602.636895][    C0]  ? nmi_handle+0x2a/0x5a0
[  602.636911][    C0]  ? unwind_next_frame+0xb5d/0x22d0
[  602.636959][    C0]  ? default_do_nmi+0x63/0x160
[  602.636994][    C0]  ? exc_nmi+0x123/0x1f0
[  602.637011][    C0]  ? end_repeat_nmi+0xf/0x53
[  602.637038][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  602.637068][    C0]  ? unwind_next_frame+0xb0/0x22d0
[  602.637095][    C0]  ? unwind_next_frame+0xb5d/0x22d0
[  602.637122][    C0]  ? unwind_next_frame+0xb5d/0x22d0
[  602.637151][    C0]  ? unwind_next_frame+0xb5d/0x22d0
[  602.637180][    C0]  </NMI>
[  602.637186][    C0]  <TASK>
[  602.637198][    C0]  ? kthread+0x2f0/0x390
[  602.637216][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  602.637239][    C0]  arch_stack_walk+0x11c/0x150
[  602.637261][    C0]  ? kthread+0x2f0/0x390
[  602.637280][    C0]  stack_trace_save+0x118/0x1d0
[  602.637302][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  602.637325][    C0]  ? stack_depot_save_flags+0x29/0x830
[  602.637349][    C0]  kasan_save_track+0x3f/0x80
[  602.637372][    C0]  ? kasan_save_track+0x3f/0x80
[  602.637395][    C0]  ? kasan_save_free_info+0x40/0x50
[  602.637415][    C0]  ? __kasan_slab_free+0x59/0x70
[  602.637439][    C0]  ? kmem_cache_free+0x1a2/0x420
[  602.637457][    C0]  ? free_obj_work+0x4ff/0x6d0
[  602.637475][    C0]  ? process_scheduled_works+0xa63/0x1850
[  602.637499][    C0]  ? worker_thread+0x870/0xd30
[  602.637523][    C0]  ? kthread+0x2f0/0x390
[  602.637563][    C0]  kasan_save_free_info+0x40/0x50
[  602.637583][    C0]  __kasan_slab_free+0x59/0x70
[  602.637608][    C0]  ? free_obj_work+0x4ff/0x6d0
[  602.637625][    C0]  kmem_cache_free+0x1a2/0x420
[  602.637644][    C0]  ? free_obj_work+0x4ff/0x6d0
[  602.637665][    C0]  free_obj_work+0x4ff/0x6d0
[  602.637688][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  602.637719][    C0]  ? __pfx_free_obj_work+0x10/0x10
[  602.637740][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  602.637773][    C0]  ? process_scheduled_works+0x976/0x1850
[  602.637797][    C0]  process_scheduled_works+0xa63/0x1850
[  602.637836][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  602.637865][    C0]  ? assign_work+0x364/0x3d0
[  602.637891][    C0]  worker_thread+0x870/0xd30
[  602.637926][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  602.637949][    C0]  ? __kthread_parkme+0x169/0x1d0
[  602.637976][    C0]  ? __pfx_worker_thread+0x10/0x10
[  602.638001][    C0]  kthread+0x2f0/0x390
[  602.638017][    C0]  ? __pfx_worker_thread+0x10/0x10
[  602.638041][    C0]  ? __pfx_kthread+0x10/0x10
[  602.638059][    C0]  ret_from_fork+0x4b/0x80
[  602.638084][    C0]  ? __pfx_kthread+0x10/0x10
[  602.638101][    C0]  ret_from_fork_asm+0x1a/0x30
[  602.638147][    C0]  </TASK>
[  602.837162][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  602.837187][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0
[  602.837216][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  602.837231][   T30] Call Trace:
[  602.837242][   T30]  <TASK>
[  602.837252][   T30]  dump_stack_lvl+0x241/0x360
[  602.837294][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  602.837326][   T30]  ? __pfx__printk+0x10/0x10
[  602.837354][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  602.837398][   T30]  ? vscnprintf+0x5d/0x90
[  602.837436][   T30]  panic+0x349/0x880
[  602.837468][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  602.837507][   T30]  ? __pfx_panic+0x10/0x10
[  602.837533][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  602.837560][   T30]  ? __irq_work_queue_local+0x137/0x410
[  602.837594][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  602.837620][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  602.837656][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  602.837700][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  602.837742][   T30]  watchdog+0x1033/0x1040
[  602.837775][   T30]  ? watchdog+0x1ea/0x1040
[  602.837812][   T30]  ? __pfx_watchdog+0x10/0x10
[  602.837843][   T30]  kthread+0x2f0/0x390
[  602.837866][   T30]  ? __pfx_watchdog+0x10/0x10
[  602.837897][   T30]  ? __pfx_kthread+0x10/0x10
[  602.837921][   T30]  ret_from_fork+0x4b/0x80
[  602.837954][   T30]  ? __pfx_kthread+0x10/0x10
[  602.837978][   T30]  ret_from_fork_asm+0x1a/0x30
[  602.838025][   T30]  </TASK>
[  603.219147][   T30] Kernel Offset: disabled
[  603.223468][   T30] Rebooting in 86400 seconds..