last executing test programs:

27.825171496s ago: executing program 3 (id=1583):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = fanotify_init(0x200, 0x0)
dup(0xffffffffffffffff)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, 0x0, 0x0)
fanotify_mark(r1, 0x1, 0x48001059, 0xffffffffffffffff, 0x0)
r6 = memfd_create(0x0, 0x0)
sendfile(r6, r6, &(0x7f00000000c0)=0x2, 0x200)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x8c, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffdef}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff00)

26.651112956s ago: executing program 3 (id=1586):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_open_dev$video(&(0x7f0000000240), 0x3, 0x0)
r2 = openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, 0x0, 0x0, 0x0, 0x0)
socket$kcm(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x13, 0x24, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000055080000000000004708000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000085000000070000001860000005000000000000000100ffffffb7080000000000007b8af8ff00000000b7080000a51600007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a50000008520000002000000182b0000", @ANYRES32=r3, @ANYBLOB="00000000040000008520000002000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000001fc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12012000f1048108cd060202d4920000000109021b1901000000d40904150001da40df"], 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000009440)={0x0, 0x0, &(0x7f0000009400)={&(0x7f0000000a80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x0, 0x0, 0x0, {0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x201}, @NFT_MSG_NEWSETELEM={0x24, 0xc, 0xa, 0x0, 0x0, 0x0, {0x2}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}]}], {0x14}}, 0xa0}}, 0x20008001)
ftruncate(r4, 0x180000000)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_QUERYCTRL(r1, 0xc0445624, &(0x7f0000000280)={0xfffffffd, 0x0, "b939ee6bde127200cf8d662e0c7f1821f05bcac03dde97f3ff34eb6df3421158"})
r6 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000fbe000)={0x0, 0x0}, 0x10)
r7 = memfd_create(&(0x7f0000001800)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16T\x8b\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a\x14_\xb5U\xa1# \xbb\xe2\xd3\x1dN\xbf\xed)\xf8\xc5\xe7\xcb\xb3\xeb\xe9_\xf8I\xa0\xcc\f\xd2\xf0\x9f\x00', 0x0)
write$binfmt_elf32(r7, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c466000002ed8e4f97765ce27b90300060000000000000000b738000000000035f4c38422a3bc8220000500000004020300b300000000002a002400b3d7c52ebf31a8d5c8c3c6cb00000009e500d5ffffff05ffffff03000000110000000d60390170f74f9ef4"], 0xd8)
execveat(r3, &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x1000)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f0000000180))
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f00000000c0)={@hyper})
ioctl$IOCTL_VMCI_SET_NOTIFY(0xffffffffffffffff, 0x7cb, &(0x7f0000000080)={0x8})
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',grpuq_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
syz_fuse_handle_req(r8, &(0x7f0000004340)="b968dd31efa90481cdad877a2b3a2e8fe873aff0e6b72d29dde21521f5421f0fc9ded029840764f5ab6767a911805e4a7d3fc940fefb8ea5ed53db82602064141984b2dacd0a22fe43a1cd0426bfa76c3b4a69f2458261d15efb1a1ca397e86731dc3446a7059d985532caf333a722de457404bd2a6294cd3333f3b7c580182e27738e8ecf25b1a86a39913e3b924439bf7331bcaab15aedb707ae1db83bb2858e76633516b48a95541928344646de334fd702ecb5c63cca7ba566bd9c927ae9f6ca2484624b4601d0202f6d04450ed3b169edd55048961d3538bf86cd39380a517fd59e9bb2d266664c39906bc0aa88c9f98b0ac963fe653aeb0351ba36d048df0a4fd75e1653c3f42327b476560411d49d3b21b011653847130ee0b87dbdd58c351bb2a3b53317797b137bebcb64edc206f9a45be3e4cbad22bf5bb9c3f0407d0d2696c0a83d15c58a194f744fe127a5561a1579f4b9698d04b47cd6408d98bde7665e82b7009eb3f81d1653b1260f71552b44830f179647b2a3faf1c1e7959df05b79611f15c08a12dcc7e6dbde87cf993cb6b8af8e553afb27673ca522d38af514b76e375e0886431a2e57ffb212d438c3b935ada2cd44cc3427be8da3c3cd09cb60ce4f231f142ed1f3045719b281d5f46a9d6c3f4dee8d66b1256325a910c91f0352cb401a21f21f0ed6cb3b3a53a120046f40b402ba196d13e614dc779f04c70cd1bb3e8a6fc118c61652c22a85bc4f70ce4652ca606a16fbcdf11d496697938a3b225f1c10a05b4381e537c2a07988c9f498b480b835d5b362e00024806d0289a8636825c9fa91a9d7cd7d1585985c95705555691c40223014514b9b8f83870abf7e768616147ee0b605cf760b6cd84d15afe1de80c81a135972c0f0ee427eb04be704c2fdaf5bb47a4f0b64d566305974efc4031365953de74bf0f80b82740ac0daaed1f607004e26e3115d1ef3e85a3acf09bd04a060bec63f66e4ef087e6abfd345f8ff0ebf67cfe16be938d1c6f6c3631d575307e597731c8640251064c4904f15aa8680cca243699de41d4286cab4acb9f822cf10d74a8951c9b1b7d737b9fad5081be34eb35ac5472b4fa1f07dd30e86b930d57fb459913bb9f4aa40b1bb154822ea90d81a41dcc5cfb2546ce3d2d23f9554d026297cbaef88417618237cc7ff1acdf2c541730c69c91e0b77cceda6c8a210cc4c4bdfa8155c1fd46fbbacc3194a8c43f5998619622039caa5381b25b7be9a24f5375d74da5bab271f7c0249c75a59944306debe6083f6e8e7da9330b2b2e5bd0b15786b908972fbfdf001b205898e2db5098cc972964e2597eeff79433cd5ab83d68eb47bce4584526a123b6ebcb621b6b36fed4fd8391a4c017ad6698daba309b029b67608d9934a2715d923a76a2fcfcb7351a356da62c61c741ea44fa5aee70947653d28da32faf40113b53f3b3dfe68d7fd9c250174710ce55cc81ad54f0b0c40fd8915341a01bfccf62d9ae701c8840c7243bd8ee915de1dfb6237b05141fd7e6685d699d257bfaf13ed618874dffdf4b7f4432a627a876431c9ba343a06ac554f8408cde51849872b3138642893639da1d39b186e453d01fe8e7ab5a23fc28ba462c9b7cc54e15b7b41c75ef667771c94367bd534f11415b7c97f8f2f48a6e6dee2e1f0f9718f3dfb567bad7666e3e2f5801621ce916e46571b21cab05dca5bd865021ad62f576c76005a50548b3adb5e2a873b1dd16819f319ef85d1340f2630dd3d1ab8ca98e97f99673d06578300341b4b6f0aedbf17d9dc370dff6cb616644aaed84e6c86f722f09b57a5fc0eed59c25c1bc28d34c40bd1b9df9bfbc4a83de28b2e80df31df2b54c82894b7daedabe7c1e6fb10c422ea4e80a1cd993ba193b369cdf2ada52d32a5e9b77df384671c4ba2181f9d0c6b680b0f30984c29864680a6fb019a33823939e59d82ed60719d7bd3aabe62eb570de5610ee3ddecf4d95ac845591f00524a21780a8dbd809e5073151d24b027b39b109698851fe4310c1d78f1ed576edb14d196715570bbb34fa800ed68c55f35069e6748f9c1458bf851a0eb91893d3160a1a765bf4ae4e3bef89eccc00f4b7c23349a7f468ce9aeb6bad6af5b99d4b1e04d7383c9d713cd87b3d42501935ec99c317e25491cd0ef91bd8d476cfbee711c636a65c309f98089fa98d4703c6c003b5ec546da7c8bc2692807e06e2d9f7032c787db964f6bb1f7161ca57a82590849b9ff6b3245e09064b4c1553123269e4691b8b071990c8d44e98dcb930f21c4d2824b979f863be9a54426d412149f1f20a7464d2f002327226b821a6d0e808f4b530f35a88f2d5dfbb2b0eeab7e2fe285a8cc63d767ea5e3896e9b15a383dfcb581d1c94b8b3be724260de874e35f3aa1fc980b7782149b265047db6c75bb9fa5ce05d07801c60b385876e605b14c8b663f0290db5d5fe75e936a0f30ce8b3cbfda5649a482d6884687af6b21a16bc6beeb9391e7bea97ee5318f0aa16fae8b7a60dda2cc6fbdf1b068a4cd9791d0592018def58b2cffc56fa7df5bd8da42458c3e2d1bc38d64d1e68b156f04c8a9e20195af1ad21557e9edf06425b2d647938a224c580fa5769b8f3430d570136cd9a1b1f706c3b54615acb023cc42f03a007a7d9fb71d28b071d8f3c2dc381a0744b46dd9f094ae7394ac0160e96247d9aaf0da86e248f3a96109ad9902fa9eeeace4137ca3ec827dd945bd99abff70a11930064a9afc13097d12a164dc5f006670a19e394fbccff35832c73f2d85804ec745b02d3157a1085a1bcc4c4975a0f8f5d98a6b88bed87363870c023548f1095a70c84de66dc751394226d8c42e3121d55e38e5e307252126fc5ca4d41b495506d6548318b0cbefb59b5d237c620f4ac35d11d2321387220d9ab1550c92f6c6d7f88760d8b7d1b8f717109370e5160ca2e634a3ec66a77122ca8458d57e4f44cd169c15f6a6bbc40ea3c3a0c0bf868827e1fda515302373fd4f63593268cedd080a20d6402393a5d8d339f790c731625763e5e263c117a8396c71c83218a41b42a37ab4b46c2071dcbdb3e2ce1601b70c7178b51d32b3a5a0772553148553a63765e47eaee9cd13e18e0612cace260ee7abe9b6bb3309a14d679f6df8ec81c438f3ed36d9d5f7b9989c589c524124a06f6e8cfe5c327ac82bc69ee7b957f6304349e8bf1417ec366e1537faaeb377d48e023d2b254e58268ad02cd833fc6c2dd7572f02306f430c454d0a4419b77a83f6036f5ffa9ac5661606e3388ff11eaef09162e24a33d9935a6610975bbedf812d17fb173c3517b9178b811fc33f7052cc7c3d7e486f3c30b8aa7af07a77e91502b8aa2dfcb44f39a93f33cd422f6d120388bfa07285ed152465f330f0c33928fd21e916616d2258157fb295cf6b0976ee959001a5f125e88ec481e0ccfac2861cd8539486c9c4095ecd22d994a55d95412ebed1c4c3a84e34d4a8fac328f12c48e85ceb416430e2c091b2d255ba092689654aa1d4e3e47a7941297ba512f3c579a6ccddcb88498c659afd42fe9a1bce9149f56e4650dbdbd1d85fa1e15745a21456c58cac9794c67b2baee2fa1f549004954cd7273857d5382c3408373362ddcf76917fbe00629b3f0d8d37ca9a0641c8a731a0b79ba32082e2522cae30ea13887afdeaa022a73c1a666846df4cc839f2f565e285038750fb3e64464ef46146b0046120856d90632d144f4e0bc3ccf0ec573bc2dec7a305d50763af30517a316f145af1b3f9a7fbafd5bb00c3e68a10208581c2cd33261a6f2513227be577ab5d23397d674d6248b3131d575f1c3f8f9db9ed493b418ed2ad216ee2981b2d85773fd4d401e836a59e982ddb629106fa3768be9d0ed40908b5fa88429a861c60896f48ae62eb8b1de6ea0a5c944a2e3669f35a814aebf9264a197ccc580051274009fe12a0f9f67b53f72c742634fe7d07f9d4747679aa7554823e78b1202e3c3cee4b080b31d9a53dd8992cf5b8f79bd0bcac6a54b6bafb3897a9df79ef3a75b055a58ed23164cee620c90b84a4602d5c703911028d591552516117f95720563c2f218a30dd2a122127179743bb21389de007928fc87ad6b0375968058546c3f45bb7365da42eb90bb83ff2a14e006ac2d2f7a5258c8d0262c06c17bfa268b8281c9cbef8e5ec3ea5f144d662eb3844289ba181eca37e1af22d0497ce4931424748e7eafd8a7b3812e1efb012062e310d36df4659effd5a0b92c91e9f9bba031c217f200a302d1e88678f58aea3fd0bf51a70ee9f88d41ae268cbd75756d14b0ebc88e04a0ff557f46cf31171b6959355ffdac3d549482b4ffbf1ef9c1861466664e416d8a65b6a0707559333ba46b7a1878f20ebefab52e766543f3fe87e71419d9a77f29e431f9535daa87994becbbfa6c4ebdfad0d36a746c1aa63c946758322fce6a89653d44000345b364ee825eb890749c288b3633e55304ecaa598f1ae2f5fc693f264b9e33e6e23020bc70f6a26fb6ed201c4b09c5de4ed238b6188e5bfbd97c8ccc9a769cb064c6387dc5aae8dfe22c18036e77c0a3792cbc332e9498abb27ef7d06ab2f417c0f5a9b391d9a830bc5b1a18f503f75901f028c379d456827933f01eaac30c7928c0429acdb899ee34c53314b9c439b8a0b3e264f5b2f2e98d73b01d0872effbf2af397e56f04fc05c322d9e2a278634e8b2d9f3b0cd329d3dbab0ceee7c37dd65481a21399af2501f2eae1ae1064904aef1a501ad026e935f10c770d923df2c3e88a6e1fe8659b1ee562ecc58d39120132a8cbbbffd4bdb965e5d528602dd4bae8df62474e6e5796735f530ca8577e79e57b648a24133791137a9c2df03cd7822507c24069ad5b99b47c4ded9c518d1ee7133d81786410b4cea036d0aad16668689283b8bef91fd1bf2521e21bf9cae2ffa384de198acf172effec92570f93a17b4dedfcd0c9501d4bef6a54b7e388aa8195a15e2e7952b96869e05b9a087f68326d03f7fa6f3c0e4d1fcd034d6c9cde522f6de2d4f7255cdc323f6ff18d8872edf6776a78f6d0b0847ab91cc3b532978d7325d92db7ebe6034e9d11f584681460915bd04942b26f2dcaa867fa798d9b75f03ca62fba2e450c2317003778f4e9f893185c0fea97d7d479e092effa08c91a3f5cb92da4ed7c69f55743b9f92c2473e83e5f10feaf818fae2e00785b1fc3570141a8aeb2526e6e19babe14afac12ad9fc21c2caba3587c0226ef15579017c20e8633820648d38c52c06c82d12b35987bd108401f28fc937bae6c78f19310cc32d8f93ce0f605795678f6231c2d26194e8baac9a29219dab7b350d0ac40e26b20e6deaaff2916b03d542338f552abad8d5db0c95474c18c6a2e91f8f7ed6c8bbecf8bdcba2cd4d61ae8746d1873e842d90bc89062f5481e5c6827ecfbc51b3db02960b303b2f7a00281654b053142f229ad4374b0c2b198a4dded506a158716edc9f916b16a46ae2fb55597c10c19a09f9d172fcd9e7b993d6fb444d203ff271ee3748b3e826e13d64a68c1efba33bcb125cbbe2aaab19e42d7fabc1d48b75113244a3239d28a2d9c9c15c4f5327345fa14db58d3b3455850c8cb23a4f99c2dfdb9924315e09464f410b92c071a79a1312d6e981d252d3678184da695d35ddd6336d0ddfed88de169a40f9a4cab7cf02e79266794766964cc62214da19513a17dd8afbe0133a59376e4a48ca82f65ea2e614f8c0699dd93fd2bf074c5143abfea0ed515d9084261c33ad8625e6055ff0f778d85fb8becf9f7fc046e37fb738cc7b72453607924480aeebf36809c40692aacf92a0320fee70a563848d4b0b3d79387dbbcc66a2b1b780078f6cfd347f519e4c36853bfb8657c3302c2349f5e490d81710e55297aadd9ad6042cc45f0f69f885c6b5bef07e9cdf30d1ef48748a6e18b5283aa11adff3b54cc7f2431a849ade36d8de5a80055d503978f5191a76481a144958719c0697051ff43178df2304559c97ddaedb50e458600b335d035b8fdeb5b1386998e238dbcd247d3b947461bc347cf8c80683b10691d6bb910037d32d728d8ba02e5821f8a76d0fab443b2649a055b615ab0a8ba65fafb1cc0f2747161e356d5d92530536aadc29ffbacb590f34ff53ed59cbe1030b3caf66f2c87d709b36d7b00044272ee1f209b5d14c1177181c7e57954dbfb5bbf6b766208614f0957f85319d03c3c2d8e2e9a7f5d40344450303187f796490af86fe33c5f06c4a5c07d952796d24ef0a01b351de23754d612d4049e48d61500995b07e882a01fff3c5f1d53900a6a323f134f3679715424ff03465ca952dd29a43794ac479512a6fa1ff82b572f0a2b9b589b6b31460198d1123402b3fed82595d24617b51013bae4080048018c58ad47ef6e688de7ddc9a985bd3838d1fa8878ef8f8b0b5a6a66f580a117ad04d8262e139d2d55fe920d2ffb8c005b364beaad1bca96e1406cf6de1b3cf6bea4b973920116956223a2e0fa017c030f9e48a1114296fdd90fec61d04ececbb705631fcaff7572605b01fe7147e4e464d1a5933bc1b6aeff929ac73082fb8b0dcac09fe7689bdc4d36c39f955d9130acce672ca25442d43f484f0a592a3974e9bad1226c57d0393b6f7d512abc0881218ecf525fd716a8a9a9ee7929724d28e652c5d43719f84851ad4d19293f801c3b9a61a37b13c3030e0cf82fe1c56e727722525520740adba1617ad60f4ddfb091d3630dedd0f8fab43fc873a7273bafaf8cab38676217370e54996f2540f70732ce7f66cb3b77b60f6f72304d54966a377425c7079d2038d4b83ed7f4da28a26c82086fb580a44491d69fd6a3b6144d69cc874b2ec5a8bdc6279a3574b808f104032bb927c8d24c4e600efdf3819b0a269d5b1ae8e4fcdd44f5d233305dce3607c86f808a830f79f0923229d62b49ca67845c1c643676f961632c9f2391ddac34c730ba9b04288d51be97a6f66a36b761ff3815ef424fef8acf3b9fff9700d532f9ea84ec63c6fcc1137830bfa5bc0dc4937cee73fa352a6ac11a70410feca104e2ad8540ae7b00aaa0b6a5117d59515877c8f0d21693214343514960124d6508c12c4bc504b169e165063b53a4747583dfc4032822edda320915da47abc58486c58d44946f4a9ad72e54d5cf439487129c00be791b72f0276394723493b140bd159dcafe9c4967cee75f38f7ed067fd177ada4c851ebd68b926f70e9d7b9c74b42f11d1d75dd5ecedae17f3d74010a7e5cb172a9953060332c29b883b0b9d3dc2026d30a786f0738af5cc8b4d2757b3be0ee9e9327b06577829f6225632ca500b26f0a372fcc573acd5a0aba5f879b50ed3ac3bcb29a8ab0f39e92a7726d4656aaa14958854028fe77310cedce63b7db9519b48462d52658c311e978a48a21df6927b8b029a935bc04894af33c9af96cc48195eddc8bc9366d404b03a2ae051fc0a46b4415ead269934eaa7399863620d9e399a2953dedd95fb730f75c269603523223db3ecb978321833f4d95d4abd64b9ac55d8cb79b4725477e154f5fd02273407cd23d1e80fc20937537a3052863106abe3e0977ebc948be6e85d69e975235849b75c04ba0155306169725866854f67a587f35acecb3674a07c0357c33d8fdc27dae204c3fcfa55c760d1a1bf14701e72e712ab044c0768750a3dc75e1fe4450a31e376c413b175943183ab0967188fd9dd0e0ec937fd503cec3c3518b9f7ca6628b8ffee8eabff19213437d93e3b1c5892d5462841ed1ab626abb046a7f4b16a43894dbc5b88aede815c26ff1a53c858bee26230b98e9a4acdcd0e8cfc19d7f1d991569dd88ce1336b63a590f0558d693ad940475a2a4324e42736fb9300b5ed0fc6992fe00519077d6b36aea298041a61e106936599e91c44e3936d88d84d0da74d98c613cfdcb59fb6ea0b848eb631292655e62c34e6af38785090eea8f5c2fc2f0735951cf831113fa4b21771738acbd629b7daa2b2e4dc15da90d2ee13a0fc7cad0841b073d194a54bd8ed0d9bc3c99201073a36317910abe5bd906e5cbe6caba927f2c1faf7e3ea95c4758abe818f40a0ef8d4aa88421bd102fbd862a51b13ae3fba6e61544043c4cdcfe851ee4ff7bbef311414777542cc1659b40985cf029d5c9b337a9a5f35df36404b6de9a9cbe8f9534858ec124b41676fa31446bdbbbb7e5ed8f3f45e0b646c39bcfc603bcf33a01ad02660bba82380afbaa6a12e19edbd03edd3b1201ca52b4b4f49bfe232d18feac1113a081b60d54a545038f1d0c746253be2e98400e933a39c0f1abeb6ffa2c3ce7c49cefba974c079ec56a8287d37c7f612f8de8c0ebb29e8ce28fec400dd4cb908ff7a6e3a904f73aa3a13eb89fa1f9e2d6a7be295087f58c8a7979b7f6517aa63855369a924df0210558e79b8a10d9436d84f340fe7bee970a30af042a55bc7ea8d3554dc41af7cdc465ed840aa244cdac11f67a23a56f153bb2551bf9af222b8681476bff8a5cdaace9d7043fbbed7718b848f5ebd5d5a9c37f6fab3e11c11baca3d3caac134849b1108e1382a356aa29c054dfcd8d9f8a1b2179ea74efd33dbc2b7225df00bb5635eebcbcd1c8bdac2b873fe25b763617f30cf837c71dbd598361bdb2010ab9665edf7760e974874aef94fca8a517b86dadc2617f3d3de0fdf8ec654e9b8f4401b2db3d320dc2a91e2b3ff0855b979184f80033d2cf2da6c29603b52fcc7ec34469e256757fedd9d4980d52ed925bacfb450582454bf53be2ff2b9b4196d960429a21b7127e0a21575bc81c10a626cca6623e7f4d71b655bfe2960d53d1ed14d459f66fa639bf62a4bfca12f9ffdb8c6b48904c074bd554f7a27837c11af69382c6282ef2144b6f960d2b369334ec87f89e767be80b79e22ef029542ea37c343268201b18c320d3bc03809e798f119e06db30612ef31ffe0f2e5b7d74ff7b03b9dbcc5c5dd62bd5f881c057bef2cd85ca4b356a7bafe309f5137fb40157e6b6de64e336de017a5556ff86bfb12615b19800eb9e06f61e0a061c1459132faf58fcd9797e19551abd2033e9a2ac02275f1a157fce7733bad51f29d5b2388057320ba7d99f1fb2fdfad1d497ce07e471636f429d1f7f741c0efd7519b350324790b07a620206a7afa35a7b3f3a3e8bc0aa51ee7591b13eaaf1f5f43b82b35cadb59210e4b642c9f117754ddb66e9067069f76446466d8af55ff2ac66adbc0ef716200c8748ebb935c82baf50a1885910831e0c4fe025539ee197fb33c5c8e1350d9d418601f5f8d4cd5fb3f37a529a82134e731724456e8faf8c9f68ce528476df627cb8c46bd137dd9a1124d5912a6e904f6c30e8560cf8575c89d92c57395fa832b41239aa379d6a12bd6c75afd73d908a5dd48e64ffc285f20ad3415bc46e5f72a89f0f20aa4cc823d660e41690bf39642e4353f3093858795ba60f71accd8d94f8d23ca03fe156f0a659c81dbec66f2518a011563d60578e339249cf129de7b23eca0e08e3fb66fe9271c26877eaa53e82ebd14f34989dac46e08dc5bddfd26d2d2bb7af83e7c91d25e4c0de5afe32ada244c7757060b3ad78f2fb2357d9c4d3e9cacbb65b54d9e7f00f444007bbf25b358edc94e0e518c7474aa23861b9531d4fb3525e2f74f64d5017546befbdeb7fcbc0c383ac4e94afe5b1474c3fbf667d44d2cd6e04d1346f46a252ce2e10d22802c8c00041263f701248f5e097bdf166779b22fc916c9e6487b06c6143c15836a93ffa451429cc5a4c019b192c1b6008ba78ed5195d38e9982995cc07d62753aa319be0230a85bf68f43d5e391a47915308aa13a2edf30da39b365024f3287c8ca635dec9349e67a706a6b200475a4d4184f7e12c082c74704f3437fd4d425e8addcc10416fe017302eb84f217c0e78eb7f0f53659e1c8c185e98c8ffd1ce9f7ecfba2fb5a5906e2f2e82d51258d09da8731647a737b42984536fadfa4cb390770f93a3fd25a525ef1b36f8687986c6cbd37958434944f93f681793e091c1b4192e1749109216aea78e2cab119a54ffc6482038d74c3c3d28b5caa4dcca9a6dab38b40486354c3d0c5f46e61c54430eeaf4ba489460951eed0b3d14ef11acbfda657b0769b830499a84d895da6515e99bcbb35f329d179704db66425ab4f59e31feebe5bd135502df250fbd1374cc4e1e377759f4a1e326d1b54e4f04221e3e54618d0ae22762bbaa3660a9e61e7754beb040d9579fd5c93d6e60a425da4fff2b8a6a46de55684d22a564f07ee3446de77bd0d7b50ef21d7d3f70215a1513515d21bf3fe7eb26b1477956b394d7aa1e2ca199bd2eca159ad4ccaf5dc2794b2127a989791dacb09863a9f061d6d8c8d77d17ef22e3b3958e4c0c42bd7713cd6ef589e86ca2cc23086748447370deb89487d4a80f888c24e80df49b115bf5c42e2412c0783ee38713cc576800217818d80958f419bad3d3cc3e01a34661db7af767d7be0856e6ec0a92982fc430854381bb0f8b5efeb81c064a0fcb9790b81c12a6a703ed241be816f318502a3e511bc9eb5dd4cb33d059496d0552f19f21974d7aab387b6c5799e54a611358cae43886b706915721ab0dab37b1fd75e6fba2e1e7bd54921bf4647a8a5620f365dcdadaa6b95f84a4163f0077b8716cc7a536ef9e835bf3e23acd5a12bb9da93ba1a666590734612cdaf8c94c7dca7aa7bd5337c4627f63f1cc31bda07a7eb0a51cc78da61f8ab6814a2120e797e0eeae193653b44a273191c4cac5bd055b643a858bb8ee04dd4d0bbe593c67001044443f7d366441045db518fb54178fc9ae6a2b926ca23a5968aff20c0b673c05624cd4098fe89cfbf13f5ff9c3e774f90cc0e8a246cbe03001519bdf2c72a92b0f55f2395cafd2599bf11567c49477bbdd31e5b7e25ac7dfda3a605910cbbdbd2df5d9bec602a0625a00800e66a8b3ec6e45e22f814235f3cddc017586f18775036977a313eb330efb0f51f5a82f0f47d7dafbe53dac9a1d8630328b6956f1997ba75b7a0cd9919f1d98f9191f26867685e193f4552716dc4f95c6609f0f610ba2cc5adffbc8e61217888f96a300ad27b1991e1211e7053bd702c7966f2b011ea48af41bf2171166680be99744c64c885ed1f3871ece8522dc4083e148052d26b6794dd6e9daad44c4393170a0b6bdb3a51bef5eaad8feff3228cbb3cf20c6ed8b27b64dba152bb377145f8a6fb4579edb3a15ac86a6d8bedfa4d4ee46cf2a32701f8d5797cfb34dd2ce75a44774b71c9cee0d86c13157e2e12815fe74b82f8916d2f514dcf51a3f1ebec273256834bedfa50db2c71ef7ba1c2ed34c4c674cfa4e49bfd99659003d4ab3c80b081f214ca688adf85f2376920cb42c573fb7fba6d78ff70d8be5b08841a119497f81a71cd7ccc225666aad5dd2edf1438624787715a678e06f005f9149a72eabab0023b9d58604e09701593d34c3963bcd55fd230dad3bfff9cf3b9757cb674221c54cf4848065cfc2ac77950a7f4bea0efc37b84f0308e226a1297904170dddf404a3d6625720b430f10e0e719e31fbbc1d80375b636f26230d5861f1ff5a8853499f7792a7ef43f3daa0e135c236807207", 0x2000, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x18}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x3f8, 0x0, 0x43, 0xa0, 0x360, 0x98, 0x360, 0x178, 0x178, 0x360, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1a0, 0x1c0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@connbytes={{0x38}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x168, 0x1a0, 0x0, {}, [@common=@unspec=@connbytes={{0x38}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@multicast1, [], @ipv4=@multicast1, [], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, [], @ipv4=@multicast1}}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x458)

22.999543342s ago: executing program 3 (id=1600):
r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x14, 0x0, 0x10, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20044050}, 0x20008010)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r2, 0x0, 0x1, &(0x7f0000000000)=0xb, 0x4)
keyctl$search(0xa, r0, 0x0, &(0x7f0000000640)={'syz', 0x1}, 0xfffffffffffffffb)
r3 = syz_clone(0x40100000, &(0x7f0000000440)="383131bb83a76fd55646703008f6c5dd71d236739ea014e7d6baa30af163367d4a34860907db4d822cf57d4da13ccf6a1aa2d8cf9ed850b1a18ca98211a56b0d6516e8f04b33c24876b66a091c951118cab968db090d078c5cdacd756b9ec5d400fe39bb41bbaa2499a3fed515e4bf8758f935f1feb65d02f28f4941c236401f282a443e9320f590616a78f07535ec1a817d02ad087c274daae60b6eb7ff8e656475f4173f9b02f1596cc94255091d22a13d2cf9122223f42d973201d3", 0xbd, &(0x7f0000000140), 0x0, 0x0)
sched_getscheduler(r3)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x2c}}, 0x0)

19.559146219s ago: executing program 3 (id=1612):
syz_open_dev$vim2m(&(0x7f0000000080), 0x8, 0x2)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x7}, {0x0, 0x10}}}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0x8, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)=@newqdisc={0x2c, 0x24, 0x1, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, r1, {0xfff1, 0xd}, {0x8, 0xfff1}, {0xe, 0xffe0}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x5}]}, 0x2c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0)
r4 = inotify_init()
inotify_add_watch(r4, &(0x7f0000000180)='./file0\x00', 0x80000108)
ioctl$FS_IOC_SETFLAGS(r3, 0xc0189436, &(0x7f0000000140))
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
r5 = inotify_init()
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$VIDIOC_ENUMAUDOUT(0xffffffffffffffff, 0xc0345642, &(0x7f00000001c0)={0xfffffffd, "f9510700004b11a58e70a71dde983800deeb30d978c57ca0040beb0ade89e4b7", 0x0, 0x1})
inotify_add_watch(r5, &(0x7f00000000c0)='./file0\x00', 0x20000002)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="1400000003067657db749e7414b418f4d6172540"], 0x14}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x6f, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000b98cad95850000000300000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000000000000c50000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))

17.817412421s ago: executing program 3 (id=1619):
r0 = socket(0x23, 0x80805, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff})
close(r2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close(r2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r4}, 0x0, 0x0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r4, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r5}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)
unshare(0x22020400)
poll(&(0x7f0000000000)=[{r0, 0x9081}], 0x1, 0x2)

17.745080289s ago: executing program 2 (id=1620):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
syz_usb_connect(0x0, 0x2d, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000fd9e1a40f30c74933bbc0000000109021b0001040000000904000065d4695e000905", @ANYBLOB="e1ce74"], 0x0)
clock_nanosleep(0x9, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000280)='netlink_extack\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='sched_switch\x00'}, 0x10)
semget$private(0x0, 0x2, 0x0)
semtimedop(0x0, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(0x0, 0x7)
syz_emit_vhci(0x0, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x9, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="720aacff0000000071102b00"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$DMA_BUF_IOCTL_SYNC(0xffffffffffffffff, 0x40086200, &(0x7f0000000480)=0x2)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)

17.492522887s ago: executing program 3 (id=1623):
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x8, @mcast1}, 0x1c)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
ioctl(0xffffffffffffffff, 0x8b2c, &(0x7f0000000040))

14.560749496s ago: executing program 2 (id=1630):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="12010000abbe6740e9174e8b089c00000001090212000110655ca67392a6000000"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000700)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa6, 0xa6, 0x7, [@ptr={0xf, 0x0, 0x0, 0x2, 0x3}, @datasec={0x3, 0x1, 0x0, 0xf, 0x2, [{0x2, 0x401, 0x81}], "d05a"}, @enum={0x6, 0x5, 0x0, 0x6, 0x4, [{0x3}, {0x2, 0x87}, {0x3, 0x80000001}, {0xa}, {0xe, 0x8}]}, @var={0x10, 0x0, 0x0, 0xe, 0x2, 0x1}, @restrict={0x1, 0x0, 0x0, 0xb, 0x2}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2, 0x20}}, @struct={0x6, 0x1, 0x0, 0x4, 0x0, 0x7, [{0x0, 0x0, 0x1}]}]}, {0x0, [0x2e, 0x30, 0x30, 0x61, 0x61]}}, &(0x7f0000000940)=""/243, 0xc7, 0xf3, 0x0, 0x400, 0x0, @void, @value}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001080)={0xffffffffffffffff, 0x20, &(0x7f0000000bc0)={&(0x7f0000000a40)=""/169, 0xa9, <r1=>0x0, &(0x7f0000000b00)=""/172, 0xac}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(&(0x7f0000000380)='rpc_pipefs\x00', 0x0)
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)
execveat(0xffffffffffffffff, &(0x7f0000001240)='./file0/file0\x00', &(0x7f0000001340), &(0x7f0000001400), 0x100)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x7, 0x4, 0x18, 0xa042, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000440)={r4, 0x0, 0x0}, 0x20)
eventfd2(0x8001, 0x1)

11.783298153s ago: executing program 4 (id=1633):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="200000006a0083b0cbe05f0000000000000000000000000008000e0004"], 0x20}}, 0x0) (fail_nth: 5)

9.013947259s ago: executing program 2 (id=1638):
r0 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000440), 0x80000)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x204202, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='oom_adj\x00')
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0x5c}}, 0x0)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000140)='15', 0x2}], 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001440), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f00000017c0)={'wpan1\x00', <r6=>0x0})
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r7, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001b00)={&(0x7f0000001a40)=ANY=[@ANYBLOB='@\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000002100000008000300", @ANYRES32=r6, @ANYBLOB="24002d8005000100000000000500040000000000080002"], 0x40}}, 0x0)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x3c, r8, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0xff}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5}]}, 0x3c}}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0x1, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
r10 = socket(0x10, 0x803, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x28048094}, 0x20004000)
getsockname$packet(r10, &(0x7f0000000000)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYRES32=r12, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x6c, r8, 0x0, 0x70bd2a, 0x25dfdbfd, {}, [@ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x1}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20040014}, 0x864)
r13 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000004000000000000000000850000002300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='sched_switch\x00', r13}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r14 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r14, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)

8.9569659s ago: executing program 0 (id=1639):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
syz_usb_connect(0x0, 0x2d, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000fd9e1a40f30c74933bbc0000000109021b0001040000000904000065d4695e000905", @ANYBLOB="e1ce74"], 0x0)
clock_nanosleep(0x9, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000280)='netlink_extack\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='sched_switch\x00'}, 0x10)
semget$private(0x0, 0x2, 0x0)
semtimedop(0x0, &(0x7f0000000000), 0x0, 0x0)
syz_emit_vhci(0x0, 0x7)
syz_emit_vhci(0x0, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x9, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="720aacff0000000071102b00"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$DMA_BUF_IOCTL_SYNC(0xffffffffffffffff, 0x40086200, &(0x7f0000000480)=0x2)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)

7.961019228s ago: executing program 4 (id=1640):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="12010000abbe6740e9174e8b089c00000001090212000110655ca67392a6000000"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000700)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa6, 0xa6, 0x7, [@ptr={0xf, 0x0, 0x0, 0x2, 0x3}, @datasec={0x3, 0x1, 0x0, 0xf, 0x2, [{0x2, 0x401, 0x81}], "d05a"}, @enum={0x6, 0x5, 0x0, 0x6, 0x4, [{0x3}, {0x2, 0x87}, {0x3, 0x80000001}, {0xa}, {0xe, 0x8}]}, @var={0x10, 0x0, 0x0, 0xe, 0x2, 0x1}, @restrict={0x1, 0x0, 0x0, 0xb, 0x2}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2, 0x20}}, @struct={0x6, 0x1, 0x0, 0x4, 0x0, 0x7, [{0x0, 0x0, 0x1}]}]}, {0x0, [0x2e, 0x30, 0x30, 0x61, 0x61]}}, &(0x7f0000000940)=""/243, 0xc7, 0xf3, 0x0, 0x400, 0x0, @void, @value}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001080)={0xffffffffffffffff, 0x20, &(0x7f0000000bc0)={&(0x7f0000000a40)=""/169, 0xa9, <r1=>0x0, &(0x7f0000000b00)=""/172, 0xac}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000240)=0x9, 0x4)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000380)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x402, 0x23)
execveat(r4, &(0x7f0000001240)='./file0/file0\x00', &(0x7f0000001340), &(0x7f0000001400), 0x100)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x7, 0x4, 0x18, 0xa042, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000440)={r5, 0x0, 0x0}, 0x20)

6.912933562s ago: executing program 2 (id=1641):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000073014300000000009500000000000000241fb68125cdae1cb857134a4d49bcceb808523d83"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0xe80, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40) (async)
r1 = socket$inet(0x2, 0x80001, 0x84)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4)
bind$inet(r1, &(0x7f0000000180)={0x2, 0xce20, @remote}, 0x10) (async)
listen(r1, 0x3)
socket$inet(0x2, 0x80001, 0x84) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x2a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0) (async)
sched_setscheduler(0x0, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) (async)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000003c0)='net/igmp6\x00')
timer_create(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r6 = socket(0x10, 0x3, 0x0)
write(r6, &(0x7f0000000240)="aefc00001a0025f00385bc04fef7681d020b49ff708800008003280008021000ac0a1410bc71176a36ede498534108e58342fa94a235a2a441f9", 0xfcae)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r7, 0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x74}], 0x1, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$devlink(&(0x7f0000001840), 0xffffffffffffffff)

6.472135259s ago: executing program 2 (id=1643):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x42, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r3 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0xfecc)
ioctl$USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f0000000080)={0x1, 0x9, 0xb63a, 0x4, 0x25, 0x6, &(0x7f0000000000)="489a0b673391829e1a04c7f5a3617478807190d2999361a8ac6594ceb2138d20dd7de57084"})
r5 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000580)={'veth1_virt_wifi\x00', <r6=>0x0})
bind$packet(r5, &(0x7f0000000080)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @link_local}, 0x14)
sendmmsg$sock(r5, &(0x7f000000fd40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000008d00)="be97f7b9a3d1b79efe444f7fb0f0", 0xe}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x41}}, @mark={{0x14, 0x1, 0x24, 0x1f}}, @timestamping={{0x14, 0x1, 0x25, 0x2}}, @txtime={{0x18, 0x1, 0x3d, 0x1f}}], 0x60}}], 0x2, 0x0)
pwritev(r3, &(0x7f0000000600)=[{&(0x7f0000000180)="10", 0x1}], 0x1, 0x800000, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
fadvise64(r7, 0x6, 0xffffffffffffffff, 0x2)
ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3)
sendfile(r2, r2, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000300)={0x0, {}, 0x0, {}, 0x9, 0x9, 0x8, 0x10, "522530d6e597ca54b72437f1295d5713b017ddc8f03f7f943138fae1b43b3983d7433f8f9a2df4e1857ad78ca88090d709b29ee7c21514bb85393764aaa5f78a", "012a519a6f0231ce4623c52b637a4b34dcce6a392e161f8e3010abda97c64ba2", [0x7, 0xb]})
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0xa, 0x300)
syz_emit_ethernet(0x1f, 0x0, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(r2, 0x4c09, 0x800)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r1, &(0x7f00000077c0)={0x2020, 0x0, <r8=>0x0, <r9=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, r8, {0x7, 0x1f, 0x0, 0x207611a}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f0000002140)="4627563e95d073e9c44031e486c6c3c887234dab29bb5d4444d206b6ed7b2b3001b6ed59a692ab0f0251ebf104d3747ab90777b96df4449e5275f86a62902df16f5fba75e202cbdf6fe7cc018a76b412f6485398037d6cb464f1dcf7fda3c76e43cdf64a53f6182a0b7e6476035e8bce74d0582b1ccf32dc8b0cc3b610b143afb4d3c163308a66f2dedd0d45f392d7899f5c4d2ded35c1602f7338dea29e0dff356a32c9e921eeebf8b9845ec2a40b68a8bdcb88009c910e110de23a02648667d740186ee2a3f4a59672477230c4a3a62a1417659b1978cf2b671f836d49fd361ad0af9157916d29cb4fcc1e873a336660b639383485a5322faca6694c74f58fa428582950bd136778dff61da52778dade8b2c3331b31a89259469b0900ab4173202f6256b2d23d3feb8517556292de52662192eca03da5744515c4a92cd3f0f296209bacb28a0267776c9797a784cfd95a52f9de496a5ed70459d55041b663a70d7d471da4f86cd187fd53e667422a0fdfe5eb34e2f2b8c133f2271fe5b1e71533b698169ac8107187533e37765fbd69c327ec608249c44018e3496b2f66fb8bb942f4bd26ed687ee1f7d2a53d7233fbde91cd03f4b4db0c23ed56ff9a61e0d5a1bf6ed50c308e8af0c32b2e0b15df009046ed88d60b772e0cdbfb3d765251aae01b01660df364dce51971ea2034b316a0b0071cb1d28bb86279de377ccb5a18ce981241b5d566e248866f280d71c6775e14fad44342945663bd56ad056f79e49f8071153391f8de78b05496a5f174e812ee0b102e0421c632e4a9f8ffd87ea68df1d7e85af4b30024b2a3cf0e1106871b3427eedfe857f3bc2a021d42fc09224ece3c56e57806a2da229231cc8e3ed5dbd82fd2d3894cba01e36c2ba91a42456eb570446fa3e2eddfe30264572d5d778cbf5d676ad4bd37d11e09573a5566b3656a760c9d3030b2bcd90be0d670866010e2d33c93f223a79ca167bce1a46670db33470c75776582f26b5d9ce847493ddb34612bc829f93f473c24263246011c4ca689f62f4539550ee13b246aeeec477fb2e9e4b223f66c006303abdb003809b9cd4e993b90821750b86608882355e5f587182c1ac6c677b07c26956073ff3a78d4f325139d9c0b8aead052e73fd21b3615ea22acc084bf5060f72936796311e31c038426f0a0e6c304cd2d9c363e7a1a21752032be17adca8b476b0e571b591c9dd923b0066fd5e32e045494c0a9e1e511f147988e0a5fe9652b92ed0e015ef54e3ed2a510b9383f1938dece777ca866f1a21082052827f3a48c2f38482fe3a8286c0ff17d4c24a468a5a0ec0a2eb1165f48cf76fc07450c82294d973a1793dd58008834f0d3aba4e097ceff0ba44656c67839ff3e489975297b334ecf6c7ce4634afbe3d8ab70827563aa75ffafc43429170c3fe3854238485c5a9b567a959a746010c22a92e863e318312e0efc06ab86d1435e06aca5f4b7b7f06a78f90795545c145c9941b74adb9a31ab4f749f81665dd9308acba8d7861856b548eab226377be82611ad79c8d25b176de98003c1ea28b556a2b90360913c39f8f64f0d122c732af5a990603429b354ecd4de797e17722c66546cc38349cb09c40ea54972562734e9816c83103e0bd19451e6144d005e6ce6d6d6fc1ce90238b73d1e0aaa4ee9fd0545054cea97639a404edf3b27c0073be84961084ea685e8ace53c7d7f52b62e378d9ee167aec3e5cbd60ff36c0d3ad40181bad59f111c30e9414112fbc71ad7ede21c288c878dd2509c36f93c31dab5d091107c8e8bdcadffdcb3053eba35b44c70a6421b343922cb11c69b886db0f412e5c23f89dbaff9e5847fd749e28356cab3999f1142449047a3a6c43bf670244e55d888f36ef1dc87bc5bb1460b6c8d1e69efca9a02ba834591906a65102c3e1c1c7dbdeccc7e261795f349d110836445d8ba19cbc699c46d4edc34942a488de1cc1140dc6acf23c8ec1f475e613c85ba025ff7ae639cb2499629eb5f5c88c4057e30bcf41767424af763c9204084856d87cd99f0da06ae6ee5b7382c1f6f2cbb2cf2dfd8320271f16ba7ebd8f0e3c742482f5426530b1ab946c7118f70aa4eac41dd78569341a0f3dd250531aaefdff4cab9e9eed7efdaa865f9b804ade79ced061a1fcd18a6c61a708fdf119841dc232cc5c4e5343cb8a82e9dd9647779bca053b5a2c43481c06ce2a593e388f5f5f4e681771021aaaf0589dac69db22c7285035d1eb89c75935fa4208b3786f2640ce9d65b0e671967dc27808fea5d17ac70a3ac2802f65d45d9c0372aeed530ee58bf04e190f50dac25139caec0b253d17af28eaed173c7043d66567188f04ea51733835c1c66ac7a634d7b90bdac4a6d1075bb277dc6ca420b24485012db44aed5a2e8099f4f3ed53bdb0b35b35905db28169b3e3b3d13ff94bdf2c9549f4a54c64b8d27098b86ff46cfd515f35b1d5a1bbf1bb29df16cdf296e804977a6b583d018c4fdb66264d5f2d9e162059017d6b6cbc6d6c2f1009717c67093f6feaafce1f242f4b730a2e714e9bba79f18c42a158425147b7b2cd9add4ac1d2c1a95b13a4f352d51982a5d967cd611911e6d0777afbc10883c6293f056acc69da89a0a64913be996466ed63f969d5ccd124cd3052d6654e6db0519449f3cbf3a2011541d26e5b76c3c192857905bcf989fd943d42aee9ebd40fee33094eae69154092e9514819ff126040ea7d43a927809149cfaffcc76cb1e332426bf0eb1ac1a3968c70030453a284a0fe39b9ebd704f0950cb5350d4c60d65566b3f24ec4636cd5bb3e23066f4d4f1814e60f286f3ad2d3c10e79c5991c8bf5fdb561723873fe0c75c7bb6ba262aa3a6655349df95f07abb0200d5b9152da4bfdd66a311b29a15755e8465b7b0d99f7f8ccefe9cb3561b5619d4c21b36c9b29442ccd5949882d0167244d84b677685d62074f63b8dc66941f317c78bb093491e2acb7207cc80fe51c22199aae878170af9fa1eb164854587007eb108f23d1c7946bf75aee50eee6fffdae24b992393bd37d268a136b3dcb1b7d2c9b9fbfe0c860b0d344f488e85de2a65a20eb057f0047d0b6b8898bdd68e21f2234a2c66b963a2d86f62297a7d1176c14acaddd4861f5bb74ee91eb3b6ba0c7328433b977e23c02ab67d82a12d620fc034f1c9c3a99a6a07ddf59eaa18384e429101dacbd93ee794e27b774242446fa433a8c03e4312ad56f6c4dfd1ad014d07932480e07caedabda36caaeaaf405dfa1a650843f2e09ae89c666ab8754d9bf9b290f4c4c9242d8f98533bfdbae191a6fbcba6bdb9096427d2d8efb5dcfbd58df7763cc445bf44a0be6de2335a395ab8157dee25794be81c3d87a7d457b52d88f86cabf91f2ec16a8e05a00f72277943737839a5242163025704c7b938f3f424ef5db6b60d3181e3ef94cbdc6516f0ecf01b52164b92f2e12ed55db595fd8de6862a3b12ebe06b19d1f93132b83b2f5ddbc9808b3ce8fa40352c84664d824edd2631a5e2fddaae887689092007d3d0f22a948f54bfd5c42bea5f0d6bf5018cee5ef232c8b6ea3f54ee6f4997c8ad5ccfd28227eeca811312375a849bdf4d343c1b0ec7035279d1bc0892ef193a74018d5ccd5ccaf0503a697b23abb44b7aa3beced0626daa5e1fbfc4d29d2804292fcc60b775f656179510168bf05929dbc92e009d94561d946f7b4b5a18c08d29678c482d90e07abb029e80546e5cee6c4a30712a9b92d556a29b2de021bd49b6398340a9363b689bedc007416bcb659c0c4b6eaa31ec4976ee4896ff87a7dfab48dc7046d44c9c2db6881f7d6b252e582eb878b0be9b24666e74e8eb565c07582f17817ea2422de5da79cb367e76b9b8a9d056de06ad0483986fef2a3b62d64d5d2128cf55499025ad0739ad3ce5e1bfa6aaac16828bdacad2f86b32ed933a2f672efd1f4a32dd23e59aed872d1015eaaf701a0ef8e1427d59728450c4f1bd561e7ef6f8e34d12ae2120a51746a5c346e739c09854caeec07af0d70dd4d9164b3ae8a098a41c081465fdb5537cb560426bc0de4b735f253dbc779b9dce429d99700cd6c0cbd778caeb56401b2bb5c1ca310ab0c91e1d9f4578b5fb3b4f0dad4c565495797e8e83603f3ef188a896fad5bfec24457e0f6f962b8613434f16acf74308171567eae5ad9ec11186a56493a5394042bd1b29fbe0ce64e5f1b0b56e8910343666d627d71c729c0c90bfae0134e117842d67b160ff50688f7b45f0ae330c2d4890732ace7795ff74b6e36466da623c8eef75528b22199c9bf589a1fcd2aca6c5fe3cce2eddabf1ddc8e87380b815ed5928222613383db7941eb9d55b45487b399a9a35ca4cbd9eaf08c71273fc3334b0acdbd117b13697a9ae475e79a44911ce4fed1490a2ec654fe469c9ea933999dae3616b063769446cfefb4562bd124e42f62a3dd0385fe3d21029ad8fd1c58b0badd42e415a76e3e92f246629d3579dd80d940e6dd9bee3d9a6ef8a7840fb253507e718eca32ff4119eb0bcc02aa210939a3bc41704a63202139c68e276254395ab6b858f4528ea2b3a57328e0b31816de3ad85e50e7f4ec9445eaf21a8b9916ed209bb7e79a7a08c2e4e09644ab831c0ba68d05d5ebf57a9eb36bb9caa8e7ac78a8ccca1bcb03cef0c5eb31fafa6e283632c117031aa3919f72aa80a2b9b2557749951348d5294ed2414ffcbafdf976bfb7a401bedb208fe1285738df515af493047aec962bcacb8ea7bad5fc12d5bf415e66c06c4c87044e694291e104ef53850cbc7ef73ab57982d77a3f941c226a915163e8eebd256cb8a1f0130023d2c5d3be77cab39bae4449711d6f39e50cc83eefaf6cc727b1c0b3fc4f7bd110d18262cd872cee8ca95f1be8005d5b339abbde923ef2d4290d5579e4420ff2beb705c16e96101c38c31cfd05639f252730c145182e4406aab68f556e0290ccf05e25a7bf13cdb5db47a8a0841fbeb880d4f0add608d1badb8992924b548ef1426ec774ec9d86678d4c2aae8f1e3b2dfb295802f75727a308dd1b39460f26858eff99fae8d27f24ea6902adabc89311a5fd18c3d9c606db7295f25acd22624bcc753c4c3acdb3f6c563174441333b69a126e4fcc6b06165f6221539c5ed277c20dac4b7978619e10616475de88810bbac714f3651efaa59b75791080a1086c0f3f1b5edb4b3976cc936665855f6a56788d76c6e771b1c968c859fd1ba995d336d301695fc012b8031a14ca529e3e9bf622db6813417925bb4e1a7a5b786aa90f4d048f1f442a2696970dd442d3a6ee117a3e768644c99951b75e51e98de61bc7ed8eb9e87fd43ec75e948829bd19fc545cddefee7a6f068a419e216982ca4ce6ad3256f1e64d203ba1da27e9e175738124ca86a312d0dd0caae6d64751d459d8134830ebb4f4c7931aa90c1ad6fefd99ea4ded3d246236719d6fd48979ee31eaabbea385e91aea0557a58d73a63660ecee981e3da40a39fec3f01caaffafee3504e9f8dc990cc2d69c513db25f6e722ea4811f778af8a338498b6b908682aca6e02e898cb65377f820529d35707cb83ba69b16c92b571728c58188fb08ed6f6c27d6b70e963b147605714468b90966f082d7175fcbc6e770835efb6e7bac5eeaeb5b2c23eb30ecc102e647f1ff71bc6b35f629a55dd305f8ed5287e35403a91b4dc77a6df2fff354460bf563c071846c84617da4df4c46a9e359c45d217a2b096c830ac8614947d110334ca17f587d86825b2b7ae1039fc11109687c1ad0a16f0180d1700414a4694e7ab73c715436dce437a9b3dff55f62fc1ffffc33d3be037c34c9ee7a0fcfeaec1778268565663f39b69c141304c892ae80da42cc854a87c955e6d8060a731eb16ee91e8ea27f90da85196e4f034d40b85ff59eb4b7c76218342f9c9f8d3749c874562829b7ad0c786c5c25ed240aa14755ff7f5ba5298f9f6b6ec3a46ac36d6a39c59c2ecf7781da77931214ac9a8697691d933b20cb64acde409fc159d748e4f92d83ff7767260fdec04b2e80cc524a2366e8fa5b70eb8684d164dec49fa95f42e7e75daa8c268204beec1fbc58cbbe3317af0993a8676dfdb13db7875f50cebdbc629bcd605dd4c4a65c31870495fb9a9ec51c1867ca8b117a6f9507aa26cee54c4c12f8f22b9d88072639ad765bb7906435128d1c146b9e2029880eccbdf78449bd0630381ad16c13444d709a11890d80fae0d24c037180a8726143306a7cd67abbc830167f524008f9a8e3172df597a63af2e87a92e90b70ce53069657f9b46acc9da241a1b00571540ec5fed4a9acfdd0066ba248cb2bf24540d7296256d4c9a5a5bc821817ada912cdde59876d86d4c53c1d047c6bc3442c2ee78326d7c51b6d01bd4f7ff5bc45db88649220d44099b406ac2e4744996b869ea688ecb4e758e755b29717869d5dfccbf5fd553ad83de0c4cd16b3fd4913451734226e4cf29bc0a860943b3e854d8cf49f07d2bfba1c280efaa85bb8f0f8818d1e58178c338c9e46c873adc0a4b6c832aaf0878956d8a04fcc043ff307f60a263cf1bc57ad0434b6a6f99075d932ff75deb8b017cbd16b272139a4addc24749d9551ba44d5bef0536e58de5e9d0b8985f1044163d542859c699f27f033b01d1e5d4c5598bcc4279f29c56eca82cf40c3b2799277e9b0aea04ba5cdd679e3eb63ceb0eafc21c373356caadc0f5730054a0979d7e32117962af0444b7e0e75bf1d30fd1af656956367bbbddf018531833f6c383b76cd63d014c91f67b41548e558cfae6a953a78c36ba3a896b3a0bf48aaa947d042a456a48c8f323682f560f2679f53578f00746cb04c4ef12b905b37f1b1bac9c75a85d6f173d531198f150ee6dbe7fcdbed4e0baf7610b82a793c17124970924ae32c86f9b7b40a229219958cd2445fca613e264adbf29644b1f405c68ef8afff7f4c1dc86f0e578e3716fa86c53f776dc42e7d28978f1e694428560b923b5d44e3aacb18cb38d3efd90ca0812027d336b011557e9e953cbff769e9ba84b903f5fcf1e6b4ab3e210ceaac574f80607116b196b6ded8668729f9be216bfdd049e88d1cb45581701c6ca7c991488a73e6ae5decdfc6416fa69b76f82e92246ee2b29c91885be24e96ea72438499c5c421ffd199f172667adf7d257947bb47945817930a7f2f0dfc73c2a5f6002fd40b9ea51c4a0c610e9759d43c082ed0c126c0de63c5a079b4c8bac46fcc8a1f74d8929ee2b7878430e3caed5f5aad7378fcbc4d659144a7cdbd654185ffdabd9b36257993ca823990df4aa7809ee58b7a278f38085202f3618fefef67f71b39f8ed35a28b3ff47e6caa3cecdbb41b899ea7ef3179ec3d67d0e3380f61d5a57453b9b790d171e1838c68f988a6914f4b81a7a12a0f50612182de8844a5f18026bc4110a10a31a88dae4bb40a3fea22360830784cf82ccde8187d04635e7e5bc6cda8252fa77d7022ae5fdeb978315f925cdbe7cbe0e3894965795fda4b94068bee89f79f86c420b211411929b9b3074703583c0ba0703a4d282441495110dd167c228079db163febc9ea0bcb02ab400999abfecfbca274fca55a055859eb256fcddc1d1773d72d5c3793ca3ff5f2fbe647b04f5ff2b2dc50a3a897e03634a36d21e391e6b6290cf85064711600de9a74057b78d9c04857017bc762300872f674eed1b68fac65025f3252bb803a9ff8ccf4b2b49028622168439db3bc01ea9ae7618b73dc7f858ba388891da14b88f7fee4f5f49abd687ba947969b8b923c2e119fe172126835ab4d1429133a38bbb80f1f6c308ffd180a179c05d9fb112a70e7658f9e3c7b6545556726e6589ba479edf21afd08da62963b5b724fa7b618c27fba201297dd465217de92395734355e9b34e27ff4916d78dbe0424df3d6110297a7847efda2675f12a3bf5e4b07827cdae6c61b0d969f6bb15be656b394a3f3ca8d705a4cac9c78c66c4be58c40888d49ceb08eb9a90c230faace7e4c837a8cb1aa69b020f9f43532cb7315cd698dfffb0179fb24e135480af4c437170c010e6e8f94108523dca95598c59b9e483753b79bafb02a455ceec727fd271b4cb4af7d958751a747afe6625c1e8b0316af5e13e42dc8d97dc42d5960edcaa391164693250a6f98653fa20c78823e1c1a77b798491f197a647b291cdd04087b3143e5b0fc550ecbbff19666b1c8e2a5bf2cb40f9f54c11828a8dd16489f36583e3128cda7a9abde8abbf61294450af638f56444176b5a11f84e67e4e666d6df58c45c0adc45938a2639fb1717a44c8dedf8471ac82fc1771a704f778fb812acb953493a831be5b28b16b20a112aafcee4e44640a6653c4b3035d5de4fcc16312057046bc3c650057dd9be4450b3e837ff8ac19019e67550a124416d671ccc76de36946c2d91f3d63b212111f4f09f39c24c1a981a7e63dd37a8d94ebfae1df5796d971193a8c723f172a9266af23d1d0e48aae73de4e7545a13f09a1ae3feb147ba1c700776148f027abc7dbdd1f3cb823b9a4c0e9dd43fd0bc411dc3eac2369f10fc9669ffaec5ef76da6b7f8884430b3a00da63a0e5272de159ea047584f4804a14159b1321309db45c55af563081d126300dc3ac446936f6653db92fc09d225716f425997dc247939b8c1e09a11f8b10c36b671cc590922051871ce19f6db85eefac9a666c3cec6fd5a69e7610ae5123413b458024b02521420d8c50c265d7b763f070b8fd1981824da47079135a667ee2395e43cae172e6a5ae96aeb7ce490212792498e427b80036f52cc557d3f94b118b2248af9a75a6d27d084ba423edc616981864cb0069a06f359a953a6e7df6b765d222626030248253e4e93eb0979b0a5550ee15d1489f56cc1d30b1584f37b51dfa029af5b45a85b141f4f8ffdc809a19e01f22f80c8a11e9d35f790a6de2d898462a19f412de4df26896a3d107baa7a661b5482cd71453b5f88f889b93ee6df84363ecaf04cb0dcd4369f9d1a827b955182334a998e8f2edbfe74beb14e9ff50134f03d24d70b068801684e25370c1cfc065d88582389713500f974e8a6c6e7f015b8e84e5b9861e45d4ce4eef79f0e8d4f15eaf7c1b33e64287470b5b3c0b8b6bdadae567f977341b57486c1eb279be8ee1cdf11b6e0dbd42d32c95b6801cea98e6000ea80777c6ad3f62012732859497080b3aa127a0f3a7b80a99182406ccfd54affb463f8eaf01b0c65ab582628b3c2237d039ee68d307dd113e4b593b243bd64eb6f58a0ccdd8e9a78f9ed393e2affde8d616d57c7aa1d12ebb4be718b49843ec6a90d5d8c197f154f27805046c410d4e1b66cbf4a8e495a3a229a2a1d58b4909a240d7ae6ea9e740c055b06e756e57e2ff19c148cbaf37357c0d3273b7f2ec631565e9f6c6c8722ddb0c1180695fb204f35917dc2fe11469801c545b2560a59d0666ec129b88e4f427989e820982329c2c39321f25648666af651f87b495195a95a5d158fd161324796272303114d99d22890385853dbc66d37ce22de0db447260217cf51aaed240e4f4963ca7510522fc6e7dbe164ccdedc334787ddb24bbc8205bf3353d447a1de2407c248775fa7e318d83e3ff18150b3cd9a7cbb0df0703aab6ef8d0f71bf9b5a305dc25fbd200e06b73c7f298320bd90dab05ec62b5f885e7cf95274c656051c71628f31196354460b001b6366c26fd2e92f6ad68ea37d7e3fe91fe98223563b4d23f802b3911a5241a793cb9f5b4f80081ace5877f95da7499f728ab09837120ca75c63d725e46f9f77c3da16318c9bcdd4a9d68379b627c1a71a34b684e5614ab3fabceab8d2741aca921b1b018098060686c56d7ed190e7470f529f6e680ed72e749fe7c9c2f37ea8cf08d4520e496361d2437018bbda93396c05abb2aeba443ea1ee56a3da04a8b880452a3610cb4163154e02df8a08a5e48c03fb0b0cdd4d355142cc736b344b9fd987b49b85791e5bf7805250dfe63b04c7ff56608129ef43664aa2acf82f18b49cdfd2ae5551ea4d486b35cd2ea60e3f032c58f531d4d36054f5ce268a29862ded0a3cc0ff1d30882f7c85b95e9a8599bf1d143d2d25555bbaa6f8b673b76ca8cc17b693519194784833d902581fec4e656ca546eade53abfd7e4650df648cb61a146bef5382f9255bf4a7c380854568495bdb7b33f490d240ead3d1851ce3b6400eda5a370f13ec998605f46b234bc9293c026bd1d648647bf52d506deb522012ae89c4ea75414ae6677c4aef28dd756f877af23d1a5ae3cb2205850c14f27f595d1a1542bb1eaf641293e3ba40e0bb54193a1e5db969d37c97709efbc34ab509f08a51ba71ecc4f9f66c27190115948cffaae914e7eb4e8d0c59ef7368e9b08a05bbbd340e1c1d34319f150d299c0ddf3bb2138359e826f4997068b99d13cc454fea46b8664d413b79b19656d62cbb5b31744aa33f99651fa56703eaec2e6998c7321f69f6cd110c89ae0c612a96f9a84dd751fd81ff66c80563e7091f5c5b67f89d52e7c58eb26218cddeaf5c6def3ad07a610bd4e5785675580c199b8550cbb02e3b4e1d240bb8df8e514fb505f39fd222209584331bef5d271056accaef84c88741ebd9f116cce3fe7b07b78ac4bad346c0d6e71c9daecd8d60aa8ea0914f85c9078dfaff04ba5e9bbbacddbc0cb40fe20f869d7f196c5edb6657c50b82c67f1abab663bff0a8da16422fe31a4a17995ee25081a06154d1c03f1a87a9d4ad5141a9227849bd920d2515ca16a245b635c85a77884cce0b8ae56929b5e22c52f971c2eed4ccfd64f7790a616f719fc0305af71405abae9407ed1cdaa26606331fdcf9b3c19b90e561f646ea15e0e668ef37b349594a335baf26962b89ef33c98aec3ca3e7df47c20dc2928d074e5f87c0edcf37cb25d3b8304f57f8257a5ae96791697e3c6d04f4ec2eb6a69f25346defed5b509368dea2b1960218bc6dd21b567583c229fc7b5fc85f7f2032eb304c3a1f72204f75ee950344cdef846d94e916b29a43d00c789256810de5fff6f9fd1af0fcfc2edd3fff9e2010d88083fc0b9e6a291e9a7a08af62433689a39e34bed8dafc90fec82be5c63a843d82132ce8916e395791dc86c8d11caf57f7fd096c28537ec38d6c14df9782312abc85fba2d04b0b159637b0e09f7e9faa1a6136359d17cf7c58b83994d58674ddbc248b804a82156900ca95a5002ef62de046e2f5ddf8e1e19f00189d4f5169bfc3c67afc149c6bc155767e64eac433cfb787be7f7bae7f869c0ec3d142668c2f90d383af7207a635850c515d69c6a62e24e0d58c5da244a917a17caa6be01992c4f8be0b9fff57522db4756840bdf72cafa6061ff2b86305c180c470b3af589e7c9e5328d98cf737bf01d80762e1e41a4d63a8655387be7f295862fdea629aa97b40c2ba1b563f1a103a860f7dff7fd5ee8423ce3dbf0fad41b66965c67299e35483130d461ac6c68215850fd441323bb856cdf03f624520743f7b445641c72e08994c8f252fe179b29226637b533f0ed6c94a0b84efc1a884af940fbc05c654b59d37a54047de233c496103bb27b657e7f63c24ef3ce29709622f67653f398dc7c4e44", 0x2000, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x1a0, 0x0, 0x0, [{{0xffffffffffffffff}, {0x0, 0x0, 0x8, 0x0, 'group_id'}}, {{0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r9}}, {0x0, 0x0, 0x51, 0x0, '.v\x91O\x05\x81\x96\xf5Fl\fZ\xffdp\xbe\x9b\x9e\xce\xe3\xb8\xf4\x84\x87.\x8dUF+Pp\x98x\xdea\xb3\xe9\rek\x82\xd0\xc5Ry}\xae\xe5\x85\xe7\xc7z\xabZ\x99]L\xcf\x13\xfa\xfe\xcf\"\xce\x85\xda\x02\xde\xd19TV\xdft\xe3\x8f*\xe8\x8ei\x88'}}]}, 0x0, 0x0})

6.03986166s ago: executing program 1 (id=1644):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
prlimit64(r1, 0x6, &(0x7f0000000100)={0x1, 0x7}, &(0x7f0000000180))
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="5c00000012006bab9e3fe3d86e6c1d0000147ea64e21160af36504b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f4080003000601000008000300110000", 0x5b}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pipe2$9p(0x0, 0x4000)
write$P9_RLOPEN(0xffffffffffffffff, &(0x7f0000000140)={0x18, 0xd, 0x1, {{0x40, 0x4, 0x4}, 0x80}}, 0x18)
ioctl$SNDCTL_TMR_START(r6, 0x5402)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r7=>0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @dev, 0x34}]}, &(0x7f0000002100)=0x10)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000280)={0x2, 0xb, 0x201, 0x3, 0x0, 0x3, 0xffffffff, 0x4, r7}, 0x20)

5.815957281s ago: executing program 0 (id=1645):
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x9000000}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x6}, 0x75)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x91}}], 0x400000000000172, 0x4001c00)

5.368120851s ago: executing program 4 (id=1646):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1a, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x1c}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

4.681126182s ago: executing program 0 (id=1647):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', 0x0})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

4.212209935s ago: executing program 4 (id=1648):
r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140), &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, {0x0, r3}})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d01020301090212"], 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0xb00, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000000000000014d564b00000000af"])
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
prctl$PR_CAP_AMBIENT(0x2f, 0x1, 0xf)

2.744218718s ago: executing program 1 (id=1649):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xa, 0x4, 0xac, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000080), &(0x7f0000000200)='%pI4   \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x4, 0x14, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x38}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

2.582499061s ago: executing program 0 (id=1650):
r0 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000440), 0x80000)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x204202, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='oom_adj\x00')
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0x5c}}, 0x0)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000140)='15', 0x2}], 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001440), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f00000017c0)={'wpan1\x00', <r6=>0x0})
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r7, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001b00)={&(0x7f0000001a40)=ANY=[@ANYBLOB='@\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000002100000008000300", @ANYRES32=r6, @ANYBLOB="24002d8005000100000000000500040000000000080002"], 0x40}}, 0x0)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x3c, r8, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0xff}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5}]}, 0x3c}}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0x1, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
r10 = socket(0x10, 0x803, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x28048094}, 0x20004000)
getsockname$packet(r10, &(0x7f0000000000)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYRES32=r12, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x6c, r8, 0x0, 0x70bd2a, 0x25dfdbfd, {}, [@ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x1}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20040014}, 0x864)
r13 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000004000000000000000000850000002300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='sched_switch\x00', r13}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r14 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r14, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)

2.581156091s ago: executing program 2 (id=1651):
r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x14, 0x0, 0x10, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20044050}, 0x20008010)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r2, 0x0, 0x1, &(0x7f0000000000)=0xb, 0x4)
keyctl$search(0xa, r0, &(0x7f0000000400)='syzkaller\x00', 0x0, 0xfffffffffffffffb)
r3 = syz_clone(0x40100000, &(0x7f0000000440)="383131bb83a76fd55646703008f6c5dd71d236739ea014e7d6baa30af163367d4a34860907db4d822cf57d4da13ccf6a1aa2d8cf9ed850b1a18ca98211a56b0d6516e8f04b33c24876b66a091c951118cab968db090d078c5cdacd756b9ec5d400fe39bb41bbaa2499a3fed515e4bf8758f935f1feb65d02f28f4941c236401f282a443e9320f590616a78f07535ec1a817d02ad087c274daae60b6eb7ff8e656475f4173f9b02f1596cc94255091d22a13d2cf9122223f42d973201d3", 0xbd, &(0x7f0000000140), 0x0, 0x0)
sched_getscheduler(r3)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x2c}}, 0x0)

2.420954576s ago: executing program 1 (id=1652):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="163e6cce65ffff000000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0180"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r2, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x30)
write$binfmt_elf64(r2, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000036c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_any}, {@nodevmap}], [], 0x6b}})
readv(r0, &(0x7f0000000100)=[{&(0x7f0000000340)=""/4096, 0x1000}], 0x1)
chdir(&(0x7f0000000200)='./file0\x00')
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xffffff19)

2.228324467s ago: executing program 0 (id=1653):
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x383, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/ip6_tables_matches\x00')
r1 = fanotify_init(0x8, 0x1802)
r2 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
readv(r1, &(0x7f0000002cc0)=[{&(0x7f0000002880)=""/204, 0x90}, {&(0x7f0000002980)=""/248, 0xf8}, {&(0x7f0000002a80)=""/254, 0xfe}, {&(0x7f00000001c0)=""/33, 0x1a}, {&(0x7f0000000700)=""/113, 0x71}, {&(0x7f0000000680)}, {&(0x7f0000000780)=""/6, 0x6}, {&(0x7f0000002b80)=""/46, 0x2e}, {&(0x7f0000002d80)=""/212, 0xd4}], 0x9)
fanotify_mark(r1, 0x1, 0x40001019, r2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
vmsplice(r2, &(0x7f0000000600)=[{&(0x7f00000003c0)="f8b6b902227e7b6c42f33e373f8cd2d32616afb5b9e4f2a660aa4e8f2f8b7199156af8de408139529d7a089dee4a33705bb3feea55bad905fe8efb30d191d30c6f65d685fc6503cb79f4cdfd9d5cfd960738c6532b6a65", 0x57}, {&(0x7f00000002c0)="fee7d1d54cc32cc651ac718cb4420158fbe87c1c1bd6d1f49fe29bf689", 0x1d}, {&(0x7f0000000480)="c9fde1f7ee561df9f323af3eef080927efbc7692e14d71ec771e70a63b60142ccc54cecbd864e696cb5268", 0x2b}, {&(0x7f00000004c0)="b92e9140450a3aa9a975c0f56b3cb18b6fcfbf2423d6642436b80795130dfeb854eb6bb54c03fae21a4ee420afc43479f26a818a54c7580fea3518d6acdfe08bab01e65ed82f383aa5fbfc17637b962f4056859de7123d226eaed02778", 0x5d}, {&(0x7f0000000540)="0ef84652a24c4de0788246006b723dce29996efa96a52e90cf7d4aef83cd54f9d85df193a9acb1a833ca8e4e5bd3a96e6ba4f77420732194ec71fd1d9bbbd441d4ae0d86e8af232ec5fe5d1ed2bce631bf304faf67497c6e01cc85e71d93a92a2dba72b6aa89c3467ed1de32953c84503d5fa900d5bf678d96082cecba3e00edbf640d761a4c84e540f34ae7f0ead4ea3018a01af36554e99bb0c7cce4755803ec0155b3435d56678366", 0xaa}], 0x5, 0x8cceaa7250145bc5)
r3 = syz_io_uring_setup(0x238, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f00000006c0)=<r4=>0x0, &(0x7f0000000300)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x1a})
io_uring_enter(r3, 0x2def, 0x0, 0x0, 0x0, 0x0)
read$midi(0xffffffffffffffff, 0x0, 0x49)
pselect6(0x40, &(0x7f00000007c0), &(0x7f0000000800)={0x7f}, 0x0, 0x0, 0x0)

2.191527289s ago: executing program 1 (id=1654):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x21, 0x2, 0x2)
setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000000)=0x97bb, 0x4)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000080)={0xe017be01})
r4 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000040)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r4, 0x567, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x50, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad, 0x28}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_FWMARK={0x8, 0x14, 0x6}]}}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'gretap0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x4009850}, 0x40408c4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="180800000000000000000000000000008510000003000000180000000000000000000000000000009500000000000000bfa000000000000095"], &(0x7f0000000000)='GPL\x00', 0x8, 0xfa, &(0x7f00000007c0)=""/250, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, 0xffffffffffffffff, 0x0)
mlock(&(0x7f0000000000/0x3000)=nil, 0x3000)

1.948690697s ago: executing program 1 (id=1655):
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x383, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/ip6_tables_matches\x00')
r1 = fanotify_init(0x8, 0x1802)
r2 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
readv(r1, &(0x7f0000002cc0)=[{&(0x7f0000002880)=""/204, 0x90}, {&(0x7f0000002980)=""/248, 0xf8}, {&(0x7f0000002a80)=""/254, 0xfe}, {&(0x7f00000001c0)=""/33, 0x1a}, {&(0x7f0000000700)=""/113, 0x71}, {&(0x7f0000000680)}, {&(0x7f0000000780)=""/6, 0x6}, {&(0x7f0000002b80)=""/46, 0x2e}, {&(0x7f0000002d80)=""/212, 0xd4}], 0x9)
fanotify_mark(r1, 0x1, 0x40001019, r2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
vmsplice(r2, &(0x7f0000000600)=[{&(0x7f00000003c0)="f8b6b902227e7b6c42f33e373f8cd2d32616afb5b9e4f2a660aa4e8f2f8b7199156af8de408139529d7a089dee4a33705bb3feea55bad905fe8efb30d191d30c6f65d685fc6503cb79f4cdfd9d5cfd960738c6532b6a65", 0x57}, {&(0x7f00000002c0)="fee7d1d54cc32cc651ac718cb4420158fbe87c1c1bd6d1f49fe29bf689", 0x1d}, {&(0x7f0000000480)="c9fde1f7ee561df9f323af3eef080927efbc7692e14d71ec771e70a63b60142ccc54cecbd864e696cb5268", 0x2b}, {&(0x7f00000004c0)="b92e9140450a3aa9a975c0f56b3cb18b6fcfbf2423d6642436b80795130dfeb854eb6bb54c03fae21a4ee420afc43479f26a818a54c7580fea3518d6acdfe08bab01e65ed82f383aa5fbfc17637b962f4056859de7123d226eaed02778", 0x5d}, {&(0x7f0000000540)="0ef84652a24c4de0788246006b723dce29996efa96a52e90cf7d4aef83cd54f9d85df193a9acb1a833ca8e4e5bd3a96e6ba4f77420732194ec71fd1d9bbbd441d4ae0d86e8af232ec5fe5d1ed2bce631bf304faf67497c6e01cc85e71d93a92a2dba72b6aa89c3467ed1de32953c84503d5fa900d5bf678d96082cecba3e00edbf640d761a4c84e540f34ae7f0ead4ea3018a01af36554e99bb0c7cce4755803ec0155b3435d56678366", 0xaa}], 0x5, 0x8cceaa7250145bc5)
r3 = syz_io_uring_setup(0x238, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f00000006c0)=<r4=>0x0, &(0x7f0000000300)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x1a})
io_uring_enter(r3, 0x2def, 0x0, 0x0, 0x0, 0x0)
read$midi(0xffffffffffffffff, 0x0, 0x49)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f00000007c0), &(0x7f0000000800)={0x7f}, 0x0, 0x0, 0x0)

1.892938208s ago: executing program 0 (id=1656):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000080)='H', 0x1}], 0x1}, 0x0)
tkill(0x0, 0x31)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$setsig(0x4203, r2, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x1})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x34, r3, 0x1, 0x0, 0x0, {{0xa}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY={0x18, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_DEFAULT_TYPES={0x8, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0xfffffffffffffe2b}]}, @NL80211_KEY_IDX={0x5}]}]}, 0x34}}, 0x0)
write$bt_hci(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x6)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000100)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010102, @local, {[@generic={0x7, 0x9, "0441b613a31ed7"}, @timestamp_addr={0x44, 0x4, 0x6}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505"], 0x0)
syz_usb_control_io(r5, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}]}, @NFT_MSG_NEWSETELEM={0x38, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0xc, 0x3, 0x0, 0x1, [{0x8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x2}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xdc}}, 0x0)

1.65381282s ago: executing program 1 (id=1657):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02008200020309006000000002000020d3"])
capset(&(0x7f0000000300)={0x19980330}, &(0x7f0000000440))
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000140)=""/142, 0x8e)
ioctl$IMADDTIMER(r3, 0x80044940, &(0x7f0000000000))
sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="142b623a000000", @ANYRES16=r1, @ANYBLOB="3104000000000300000016000000"], 0x14}}, 0x0)
r4 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000580)=ANY=[@ANYBLOB="1201000083667d1040206402d14e0102030109021b000100000000090400000190f19c00090584"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$printer(r4, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='pipefs\x00', 0x48000, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, <r6=>0x0}, &(0x7f0000000280)=0x5)
setuid(r6)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000003c0)=ANY=[@ANYRES64=r1, @ANYRES32=r1, @ANYBLOB="000000000000000000000000002013c7d8000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYRESOCT=r7], 0x28}}, 0x4000)
r8 = add_key(&(0x7f0000000140)='cifs.spnego\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000180)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r8, r9, 0x0)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r10, 0x5761, &(0x7f00000001c0)=ANY=[@ANYBLOB='\a'])
keyctl$KEYCTL_WATCH_KEY(0x15, r8, 0xffffffffffffffff, 0x3d)
r11 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r11, &(0x7f00000010c0)="a7", 0x1, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private2}, 0x1c)
shutdown(r11, 0x1)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r11, 0x84, 0x71, &(0x7f0000000300), 0x8)

1.050635878s ago: executing program 4 (id=1658):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
syz_open_dev$vim2m(0x0, 0x0, 0x2)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000711205000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0x2c, r6, 0x1, 0x0, 0x0, {0x2}, [@GTPA_LINK={0x8}, @GTPA_NET_NS_FD={0x8, 0xd}, @GTPA_VERSION={0x8}]}, 0x2c}}, 0x0)

0s ago: executing program 4 (id=1659):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000080)={0x34, r2, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x1}]}, 0x34}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000300)={'syztnl0\x00', &(0x7f0000001f40)={'gretap0\x00', <r3=>0x0, 0xf808, 0x80, 0x9, 0x4, {{0x49, 0x4, 0x0, 0x3e, 0x124, 0x68, 0x0, 0x1, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x43}, @loopback, {[@lsrr={0x83, 0x3, 0xa8}, @end, @noop, @rr={0x7, 0x27, 0xa6, [@rand_addr=0x64010100, @multicast2, @multicast1, @multicast2, @loopback, @rand_addr=0x64010102, @multicast1, @loopback, @private=0xa010101]}, @timestamp={0x44, 0x1c, 0x99, 0x0, 0x8, [0x7f, 0xa, 0x6f0ba486, 0x0, 0x13, 0x831]}, @ssrr={0x89, 0x1b, 0xa8, [@rand_addr=0x64010102, @remote, @remote, @loopback, @remote, @broadcast]}, @timestamp={0x44, 0x2c, 0x4f, 0x0, 0x4, [0x80, 0x6, 0x7fff, 0x40, 0x6, 0x4, 0x2, 0x0, 0xf, 0x9]}, @cipso={0x86, 0x6f, 0x2, [{0x5, 0x12, "0231740d80f4a27b876b2e54c31018c3"}, {0x1, 0xd, "f1b2ccef2f984b8d22be19"}, {0x4, 0x12, '\x00'/16}, {0x2, 0x10, "eeb731709fe362c55b7d12384683"}, {0x6, 0xc, "4da0c7dfac605a73d577"}, {0x6, 0x2}, {0x7, 0xa, "ea2fe4edfaf49d9f"}, {0x6, 0x7, "51e20280a9"}, {0x2, 0x9, "49095a7b0a02ac"}]}, @generic={0x44, 0x10, "f28c6fb2b5351a41ac351b8686d5"}]}}}}})
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000480)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000340)={0xdc, r2, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [@HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0xfffffffffffffe9c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0xdc}, 0x1, 0x0, 0x0, 0x80bed249d9f85ca2}, 0x4004000)
socket(0x1, 0x803, 0x0)
r4 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xe7, 0xcc, 0x61, 0x20, 0x10c4, 0x818a, 0x7d8f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0xc0, 0x5, [{{0x9, 0x4, 0x23, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, [], [{{0x9, 0x5, 0x85, 0x3, 0x200, 0x2, 0x5, 0x1}}]}}]}}]}}, 0x0)
r5 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r5, &(0x7f0000000440)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @dev}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)="896c0500", 0xfe0e}, {&(0x7f0000000340)="27ca500974dfb0a46b0444a76942c6ebdea65655e875790500"/36, 0x24}], 0x2, 0x0, 0x0, 0x900}, 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
r6 = socket$nl_crypto(0x10, 0x3, 0x15)
r7 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000080)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x10, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}})
sendmsg$nl_crypto(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@upd={0xe0, 0x12, 0x1, 0x0, 0x0, {{'sha384\x00'}, '\x00', '\x00', 0x0, 0x2000}}, 0xe0}}, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f0000000a00)={0x24, &(0x7f00000008c0)={0x40, 0x30, 0x3d, {0x3d, 0x11, "0ccd7ff4e0f3337d570d098226883d2fd22ba890e35d5544e394c5aac67d79cbb8fbba08582d8559fbb99aa6093f26fb514e1f49d3c8eeb41ec33a"}}, &(0x7f0000000bc0)=ANY=[@ANYBLOB="00beaa48d837a7620e0480f227f035f5cf81931753728cdc347393d7ca1fc2150d1d74378710c38cb1cb94b078bf64d44c1f06cecc4c2446aebc4b08310798c514197b3dfa5f6ded793cb75727e705991cc36d26195bf7a63e9ccb6880fbe3d9552be9b76f5dfe1d4e25b9bca1366b2279b358ec9dd29bd16dad083403960b8114f63a02584cf51ed2817d930b05276f4e151c3e2584cea55266532b83f9376d551687ce7e124c4890fa9151b3ec125ecbc3759f40a400cc3998d0f226729c1be8baed0c26c94958693f7620f68a0871d87b0465aef62906f1be8a78025f6c89c779992cc5f9e714364671bce5875a47714b48c0bdc7493fbfe7813f99680fd47000c5908540f63602c47e5783c4754524c465cef0e21f7b96e975f7d24643ac4fd85797eb56dbd59e5811f408a8eb3172afe62c5ae8e4d5e5145d5f64427b2085cb9644805ab0576f97b6062e0ecb231c6291fb4277e713a96a5838dbd6979c5b29cb79c562f968ab4f51329ba532c23ec7bea9514bde007c8030f0155141cddec914844dcdf2f50ab17a7b77ce3a183915444e6a9f633c88f84dbc5971298d0b9f43052af57d2aa659f0ecdba7c565871db9314d85d39fdfd1550ff65ce72404a78dd5f84fa160f04bbabcf55ba43aa41318c8ab3275b8ffce13f2523067e6c4deea57c180d7f69020afe1252ebf6dcd388c3ba6dc946582c795516e03501d47c10deb5b744b"], &(0x7f0000000980)={0x0, 0x22, 0x5, {[@local=@item_012={0x1, 0x2, 0xa, "0e"}, @main=@item_012={0x2, 0x0, 0xa, "66e7"}]}}, &(0x7f00000009c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0x8, 0x1, 0x1, {0x22, 0x8b7}}}}, &(0x7f0000000b80)={0x2c, &(0x7f0000000a40)={0x20, 0xf, 0x1c, "eb38b85d5d645ab5f910f878fb115205e15f6a491cc20acd082e4469"}, &(0x7f0000000a80)={0x0, 0xa, 0x1, 0x9}, &(0x7f0000000ac0)={0x0, 0x8, 0x1, 0x7}, &(0x7f0000000b00)={0x20, 0x1, 0x3a, "74bbd1283ec0007558f9a890ac89c4d8b84547596d26f230d0f745475c76e8424b6b9644a1128fd1771980b99bd96a9eaa96a03d494459516531"}, &(0x7f0000000b40)={0x20, 0x3, 0x1, 0x3}})

kernel console output (not intermixed with test programs):

onnect, device number 35
[  718.879519][ T5308] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  718.892408][ T5308] cp210x 4-1:0.1: device disconnected
[  719.959557][ T5275] usb 1-1: string descriptor 0 read error: -71
[  720.320363][T11144] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1337'.
[  720.338178][T11147] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1336'.
[  720.349839][ T5275] usb 1-1: USB disconnect, device number 40
[  721.696017][T11160] netlink: 'syz.2.1342': attribute type 4 has an invalid length.
[  722.073498][ T8558] Buffer I/O error on dev loop7, logical block 4095, async page read
[  722.762233][T11186] FAULT_INJECTION: forcing a failure.
[  722.762233][T11186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  722.775593][T11186] CPU: 1 UID: 0 PID: 11186 Comm: syz.0.1350 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  722.786132][T11186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  722.796225][T11186] Call Trace:
[  722.799526][T11186]  <TASK>
[  722.802555][T11186]  dump_stack_lvl+0x241/0x360
[  722.807261][T11186]  ? __pfx_dump_stack_lvl+0x10/0x10
[  722.812483][T11186]  ? __pfx__printk+0x10/0x10
[  722.817101][T11186]  ? __pfx_lock_release+0x10/0x10
[  722.822154][T11186]  should_fail_ex+0x3b0/0x4e0
[  722.826854][T11186]  _copy_from_user+0x2f/0xe0
[  722.831461][T11186]  btf_new_fd+0x324/0xd30
[  722.835816][T11186]  ? __pfx_btf_new_fd+0x10/0x10
[  722.840684][T11186]  ? bpf_btf_load+0xcf/0x1a0
[  722.845291][T11186]  __sys_bpf+0x6ef/0x810
[  722.849550][T11186]  ? __pfx___sys_bpf+0x10/0x10
[  722.854336][T11186]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  722.860338][T11186]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  722.866689][T11186]  ? do_syscall_64+0x100/0x230
[  722.871503][T11186]  __x64_sys_bpf+0x7c/0x90
[  722.875934][T11186]  do_syscall_64+0xf3/0x230
[  722.880462][T11186]  ? clear_bhb_loop+0x35/0x90
[  722.885161][T11186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  722.891079][T11186] RIP: 0033:0x7feca137def9
[  722.895518][T11186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  722.915582][T11186] RSP: 002b:00007feca2218038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  722.924045][T11186] RAX: ffffffffffffffda RBX: 00007feca1535f80 RCX: 00007feca137def9
[  722.932145][T11186] RDX: 0000000000000020 RSI: 0000000020000000 RDI: 0000000000000012
[  722.940564][T11186] RBP: 00007feca2218090 R08: 0000000000000000 R09: 0000000000000000
[  722.948546][T11186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  722.956643][T11186] R13: 0000000000000001 R14: 00007feca1535f80 R15: 00007ffe07214998
[  722.964734][T11186]  </TASK>
[  723.248947][T11197] fuse: Bad value for 'fd'
[  724.844183][   T51] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  724.995765][   T51] usb 5-1: config 16 has an invalid descriptor of length 115, skipping remainder of the config
[  725.014041][   T51] usb 5-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  725.034442][   T51] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  725.043667][   T51] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  725.583204][   T51] usb 5-1: string descriptor 0 read error: -71
[  725.605875][   T51] usb 5-1: USB disconnect, device number 47
[  725.802660][T11239] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1366'.
[  726.074152][ T1166] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  727.340173][ T1166] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  727.403398][ T1166] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  727.455683][ T1166] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  727.474685][ T1166] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  727.483900][ T1166] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  727.496462][ T1166] usb 3-1: config 0 descriptor??
[  727.605473][T11261] lo speed is unknown, defaulting to 1000
[  727.634189][ T5308] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  727.824107][ T5308] usb 1-1: Using ep0 maxpacket: 16
[  727.844980][ T5308] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  727.864050][ T5308] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  727.872205][ T5308] usb 1-1: Product: syz
[  727.884098][ T5308] usb 1-1: Manufacturer: syz
[  727.888802][ T5308] usb 1-1: SerialNumber: syz
[  727.913295][ T5308] r8152-cfgselector 1-1: Unknown version 0x0000
[  727.919709][ T5308] r8152-cfgselector 1-1: config 0 descriptor??
[  727.936306][ T1166] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  727.958271][ T1166] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  727.984185][ T4866] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  728.012005][ T1166] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  728.254616][ T1166] usb 3-1: USB disconnect, device number 36
[  728.316403][ T4866] usb 2-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[  728.327384][ T4866] usb 2-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xE1, changing to 0x81
[  728.339325][ T4866] usb 2-1: config 4 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 116
[  728.349369][ T4866] usb 2-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[  728.376221][ T4866] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  728.398210][ T4866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  728.573476][ T1166] r8152-cfgselector 1-1: USB disconnect, device number 41
[  728.651249][T11266] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  730.615771][ T4866] ath6kl: Failed to submit usb control message: -110
[  730.622661][ T4866] ath6kl: unable to send the bmi data to the device: -110
[  730.630901][ T4866] ath6kl: Unable to send get target info: -110
[  730.649263][T11282] FAULT_INJECTION: forcing a failure.
[  730.649263][T11282] name failslab, interval 1, probability 0, space 0, times 0
[  730.676777][ T4866] ath6kl: Failed to init ath6kl core: -110
[  730.683423][ T4866] ath6kl_usb 2-1:4.0: probe with driver ath6kl_usb failed with error -110
[  730.739234][T11282] CPU: 0 UID: 0 PID: 11282 Comm: syz.3.1378 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  730.749854][T11282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  730.759959][T11282] Call Trace:
[  730.763279][T11282]  <TASK>
[  730.766252][T11282]  dump_stack_lvl+0x241/0x360
[  730.770995][T11282]  ? __pfx_dump_stack_lvl+0x10/0x10
[  730.776250][T11282]  ? __pfx__printk+0x10/0x10
[  730.780901][T11282]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  730.786939][T11282]  ? __pfx___might_resched+0x10/0x10
[  730.792376][T11282]  should_fail_ex+0x3b0/0x4e0
[  730.797109][T11282]  should_failslab+0xac/0x100
[  730.801842][T11282]  ? __alloc_skb+0x1c3/0x440
[  730.806501][T11282]  kmem_cache_alloc_node_noprof+0x71/0x320
[  730.812382][T11282]  __alloc_skb+0x1c3/0x440
[  730.816955][T11282]  ? __pfx___alloc_skb+0x10/0x10
[  730.821967][T11282]  ? netlink_ack_tlv_len+0x6e/0x200
[  730.827229][T11282]  netlink_ack+0x13f/0xa30
[  730.831700][T11282]  ? __pfx_lock_acquire+0x10/0x10
[  730.836825][T11282]  netlink_rcv_skb+0x262/0x430
[  730.841651][T11282]  ? __pfx_genl_rcv_msg+0x10/0x10
[  730.846731][T11282]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  730.852107][T11282]  genl_rcv+0x28/0x40
[  730.856236][T11282]  netlink_unicast+0x7f6/0x990
[  730.861075][T11282]  ? __pfx_netlink_unicast+0x10/0x10
[  730.866416][T11282]  ? __virt_addr_valid+0x183/0x530
[  730.871663][T11282]  ? __check_object_size+0x49c/0x900
[  730.877347][T11282]  netlink_sendmsg+0x8e4/0xcb0
[  730.882199][T11282]  ? __pfx_netlink_sendmsg+0x10/0x10
[  730.887644][T11282]  ? __pfx_netlink_sendmsg+0x10/0x10
[  730.892989][T11282]  __sock_sendmsg+0x221/0x270
[  730.897739][T11282]  ____sys_sendmsg+0x52a/0x7e0
[  730.902589][T11282]  ? __pfx_____sys_sendmsg+0x10/0x10
[  730.907935][T11282]  __sys_sendmsg+0x2aa/0x390
[  730.912569][T11282]  ? __pfx___sys_sendmsg+0x10/0x10
[  730.917726][T11282]  ? vfs_write+0x7bf/0xc90
[  730.922233][T11282]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  730.928611][T11282]  ? do_syscall_64+0x100/0x230
[  730.933432][T11282]  ? do_syscall_64+0xb6/0x230
[  730.938165][T11282]  do_syscall_64+0xf3/0x230
[  730.942723][T11282]  ? clear_bhb_loop+0x35/0x90
[  730.947452][T11282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  730.953391][T11282] RIP: 0033:0x7f2f25b7def9
[  730.957832][T11282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  730.977451][T11282] RSP: 002b:00007f2f2690d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  730.985981][T11282] RAX: ffffffffffffffda RBX: 00007f2f25d35f80 RCX: 00007f2f25b7def9
[  730.993970][T11282] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 000000000000000b
[  731.001965][T11282] RBP: 00007f2f2690d090 R08: 0000000000000000 R09: 0000000000000000
[  731.009947][T11282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  731.017937][T11282] R13: 0000000000000000 R14: 00007f2f25d35f80 R15: 00007ffdd4b826e8
[  731.025936][T11282]  </TASK>
[  731.096310][ T1166] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  731.278690][ T1166] usb 3-1: config 16 has an invalid descriptor of length 115, skipping remainder of the config
[  731.308664][ T1166] usb 3-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  731.332392][ T1166] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  731.375464][ T1166] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  731.541500][T11300] FAULT_INJECTION: forcing a failure.
[  731.541500][T11300] name failslab, interval 1, probability 0, space 0, times 0
[  731.566645][T11300] CPU: 0 UID: 0 PID: 11300 Comm: syz.0.1384 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  731.577145][T11300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  731.587252][T11300] Call Trace:
[  731.590571][T11300]  <TASK>
[  731.593549][T11300]  dump_stack_lvl+0x241/0x360
[  731.598294][T11300]  ? __pfx_dump_stack_lvl+0x10/0x10
[  731.603559][T11300]  ? __pfx__printk+0x10/0x10
[  731.608479][T11300]  ? __kmalloc_node_noprof+0xb7/0x440
[  731.613922][T11300]  ? __pfx___might_resched+0x10/0x10
[  731.619283][T11300]  should_fail_ex+0x3b0/0x4e0
[  731.624026][T11300]  should_failslab+0xac/0x100
[  731.628768][T11300]  __kmalloc_node_noprof+0xdf/0x440
[  731.634380][T11300]  ? __kvmalloc_node_noprof+0x72/0x190
[  731.639902][T11300]  __kvmalloc_node_noprof+0x72/0x190
[  731.645333][T11300]  __kvm_mmu_topup_memory_cache+0x4d9/0x6b0
[  731.651283][T11300]  ? __pfx_lock_release+0x10/0x10
[  731.656381][T11300]  ? rcu_is_watching+0x15/0xb0
[  731.661202][T11300]  kvm_mmu_load+0x115/0x26e0
[  731.665870][T11300]  ? __mutex_unlock_slowpath+0x21d/0x750
[  731.671577][T11300]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  731.677629][T11300]  ? __pfx_kvm_mmu_load+0x10/0x10
[  731.682725][T11300]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  731.688778][T11300]  ? __asan_memset+0x23/0x50
[  731.693444][T11300]  ? vmx_flush_tlb_guest+0x1e5/0x310
[  731.698793][T11300]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  731.704492][T11300]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  731.710551][T11300]  ? kvm_apic_has_interrupt+0x9d4/0xa70
[  731.716172][T11300]  vcpu_run+0x6c3d/0x88b0
[  731.720655][T11300]  ? __pfx_vcpu_run+0x10/0x10
[  731.725406][T11300]  ? __local_bh_enable_ip+0x168/0x200
[  731.730828][T11300]  ? lockdep_hardirqs_on+0x99/0x150
[  731.736080][T11300]  ? __pfx_lock_acquire+0x10/0x10
[  731.741149][T11300]  ? fpu_swap_kvm_fpstate+0x82/0x460
[  731.746522][T11300]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  731.752301][T11300]  ? xfd_validate_state+0x6e/0x150
[  731.757473][T11300]  ? rcu_is_watching+0x15/0xb0
[  731.762298][T11300]  ? rcu_is_watching+0x15/0xb0
[  731.767112][T11300]  kvm_arch_vcpu_ioctl_run+0xa73/0x19d0
[  731.772824][T11300]  ? mark_lock+0x9a/0x360
[  731.777210][T11300]  ? kvm_arch_vcpu_ioctl_run+0x1c9/0x19d0
[  731.782985][T11300]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  731.789046][T11300]  ? __pfx_lock_acquire+0x10/0x10
[  731.794132][T11300]  ? get_task_pid+0x23/0x310
[  731.798774][T11300]  ? __pfx_lock_release+0x10/0x10
[  731.803856][T11300]  ? kvm_vcpu_ioctl+0x1da/0xea0
[  731.808777][T11300]  ? get_task_pid+0x23/0x310
[  731.813419][T11300]  kvm_vcpu_ioctl+0x91a/0xea0
[  731.818162][T11300]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  731.823426][T11300]  ? smack_file_ioctl+0x353/0x3a0
[  731.828542][T11300]  ? __pfx_smack_file_ioctl+0x10/0x10
[  731.833989][T11300]  ? __fget_files+0x29/0x470
[  731.838650][T11300]  ? __fget_files+0x3f3/0x470
[  731.843397][T11300]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  731.848656][T11300]  __se_sys_ioctl+0xf9/0x170
[  731.853322][T11300]  do_syscall_64+0xf3/0x230
[  731.857891][T11300]  ? clear_bhb_loop+0x35/0x90
[  731.862654][T11300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  731.868705][T11300] RIP: 0033:0x7feca137def9
[  731.873168][T11300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  731.892830][T11300] RSP: 002b:00007feca2218038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  731.901333][T11300] RAX: ffffffffffffffda RBX: 00007feca1535f80 RCX: 00007feca137def9
[  731.909358][T11300] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  731.917387][T11300] RBP: 00007feca2218090 R08: 0000000000000000 R09: 0000000000000000
[  731.925755][T11300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  731.933780][T11300] R13: 0000000000000000 R14: 00007feca1535f80 R15: 00007ffe07214998
[  731.941823][T11300]  </TASK>
[  732.124588][ T5307] usb 2-1: USB disconnect, device number 53
[  732.281104][ T1166] usb 3-1: string descriptor 0 read error: -71
[  732.320418][ T1166] usb 3-1: USB disconnect, device number 37
[  732.658983][T11316] syz.3.1387 uses obsolete (PF_INET,SOCK_PACKET)
[  734.249820][T11270] coredump: 163(syz.3.1371): written to core: VMAs: 34, size 97419264; core: 60019654 bytes, pos 97427456
[  734.404136][ T5307] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  734.523189][T11336] FAULT_INJECTION: forcing a failure.
[  734.523189][T11336] name failslab, interval 1, probability 0, space 0, times 0
[  734.537223][T11336] CPU: 0 UID: 0 PID: 11336 Comm: syz.1.1396 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  734.547695][T11336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  734.557786][T11336] Call Trace:
[  734.561094][T11336]  <TASK>
[  734.564062][T11336]  dump_stack_lvl+0x241/0x360
[  734.568822][T11336]  ? __pfx_dump_stack_lvl+0x10/0x10
[  734.574064][T11336]  ? __pfx__printk+0x10/0x10
[  734.578714][T11336]  ? __kmalloc_noprof+0xb0/0x400
[  734.583690][T11336]  ? __pfx___might_resched+0x10/0x10
[  734.589040][T11336]  should_fail_ex+0x3b0/0x4e0
[  734.593767][T11336]  ? security_sk_alloc+0x53/0x360
[  734.598944][T11336]  should_failslab+0xac/0x100
[  734.603755][T11336]  ? security_sk_alloc+0x53/0x360
[  734.608846][T11336]  __kmalloc_noprof+0xd8/0x400
[  734.613654][T11336]  ? sk_prot_alloc+0xe0/0x210
[  734.618370][T11336]  ? rcu_is_watching+0x15/0xb0
[  734.623175][T11336]  security_sk_alloc+0x53/0x360
[  734.628089][T11336]  sk_prot_alloc+0xfa/0x210
[  734.632626][T11336]  ? sk_alloc+0x26/0x370
[  734.636905][T11336]  sk_alloc+0x38/0x370
[  734.641005][T11336]  ? bpf_test_init+0x15a/0x180
[  734.645900][T11336]  ? bpf_ctx_init+0x162/0x1b0
[  734.650618][T11336]  bpf_prog_test_run_skb+0x3bd/0x1820
[  734.656045][T11336]  ? __pfx_lock_release+0x10/0x10
[  734.661133][T11336]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  734.667005][T11336]  ? fput+0x1a8/0x230
[  734.671021][T11336]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  734.676871][T11336]  bpf_prog_test_run+0x334/0x3b0
[  734.681849][T11336]  __sys_bpf+0x48d/0x810
[  734.686131][T11336]  ? __pfx___sys_bpf+0x10/0x10
[  734.690980][T11336]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  734.697015][T11336]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  734.703429][T11336]  ? do_syscall_64+0x100/0x230
[  734.708264][T11336]  __x64_sys_bpf+0x7c/0x90
[  734.712726][T11336]  do_syscall_64+0xf3/0x230
[  734.717280][T11336]  ? clear_bhb_loop+0x35/0x90
[  734.722026][T11336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.727964][T11336] RIP: 0033:0x7f394197def9
[  734.732399][T11336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  734.752566][T11336] RSP: 002b:00007f3942818038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  734.761357][T11336] RAX: ffffffffffffffda RBX: 00007f3941b35f80 RCX: 00007f394197def9
[  734.769524][T11336] RDX: 0000000000000050 RSI: 0000000020000080 RDI: 000000000000000a
[  734.777505][T11336] RBP: 00007f3942818090 R08: 0000000000000000 R09: 0000000000000000
[  734.785573][T11336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  734.793556][T11336] R13: 0000000000000000 R14: 00007f3941b35f80 R15: 00007ffd6c9958d8
[  734.801569][T11336]  </TASK>
[  734.829541][ T5307] usb 1-1: config 16 has an invalid descriptor of length 115, skipping remainder of the config
[  734.841529][ T5307] usb 1-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  734.852774][ T5307] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  734.966469][ T5307] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  735.654119][ T5275] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  735.724166][ T4866] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  735.815078][ T5275] usb 4-1: Using ep0 maxpacket: 8
[  735.827033][ T5275] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  735.888867][ T4866] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  735.907075][ T5275] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  736.629603][ T4866] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  736.640666][ T5275] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  736.650752][ T4866] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  736.660653][ T5275] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  736.670736][ T4866] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  736.683782][ T5275] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  736.696901][ T4866] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  736.706114][ T5275] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  736.725946][ T4866] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  736.754453][ T5275] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  736.817114][ T4866] usb 3-1: config 0 descriptor??
[  737.144318][ T5275] usb 4-1: GET_CAPABILITIES returned 0
[  737.157538][ T5275] usbtmc 4-1:16.0: can't read capabilities
[  737.210757][T11356] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1401'.
[  737.272637][ T4866] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  737.289023][ T4866] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  737.310222][ T4866] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  737.342229][ T4866] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  737.342600][ T1166] usb 4-1: USB disconnect, device number 37
[  737.362509][ T4866] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  737.394462][ T4866] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  737.413068][ T4866] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  737.422794][ T4866] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  737.455451][ T4866] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  737.463320][ T4866] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  737.476927][ T4866] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  737.491002][ T4866] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  737.501697][ T4866] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  737.511621][ T4866] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  737.523361][ T4866] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  737.524132][ T5274] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  737.538376][ T4866] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  737.554851][ T4866] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  737.610145][ T4866] usb 3-1: USB disconnect, device number 38
[  737.692394][ T5307] usb 1-1: string descriptor 0 read error: -71
[  737.757768][ T5307] usb 1-1: USB disconnect, device number 42
[  737.769990][ T5274] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  737.787371][ T5274] usb 2-1: New USB device found, idVendor=05ac, idProduct=027a, bcdDevice= 0.00
[  737.797712][ T5274] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  737.814077][ T5308] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  737.828536][ T5274] usb 2-1: config 0 descriptor??
[  737.986918][ T5308] usb 5-1: config 16 has an invalid descriptor of length 115, skipping remainder of the config
[  738.017668][ T5308] usb 5-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  738.050439][ T5308] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  738.091024][ T5308] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  738.261036][ T5274] apple 0003:05AC:027A.0004: hidraw0: USB HID v0.00 Device [HID 05ac:027a] on usb-dummy_hcd.1-1/input0
[  738.334120][ T5275] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  738.506955][ T5275] usb 1-1: Using ep0 maxpacket: 8
[  738.522438][ T5275] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  738.558773][ T5275] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  738.588907][ T5275] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  738.614575][ T4866] usb 2-1: USB disconnect, device number 54
[  738.632926][ T5308] usb 5-1: string descriptor 0 read error: -71
[  738.643151][ T5275] usb 1-1: New USB device found, idVendor=058f, idProduct=9410, bcdDevice= 0.00
[  738.644175][ T5308] usb 5-1: USB disconnect, device number 48
[  738.696515][ T5275] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  738.718104][ T5275] usb 1-1: config 0 descriptor??
[  739.256068][ T5275] usbhid 1-1:0.0: can't add hid device: -71
[  739.265301][ T5275] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  739.275717][ T5275] usb 1-1: USB disconnect, device number 43
[  739.364779][ T5307] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  739.604336][ T5277] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  739.675423][ T5307] usb 4-1: Using ep0 maxpacket: 8
[  739.686481][ T5307] usb 4-1: unable to get BOS descriptor or descriptor too short
[  739.698267][ T5307] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  739.710895][ T5307] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  739.721144][ T5307] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  739.756572][ T5307] usb 4-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  739.757487][ T5277] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  739.774319][ T5307] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  739.788374][ T5277] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  739.797213][ T5307] usb 4-1: Product: syz
[  739.802456][ T5307] usb 4-1: Manufacturer: syz
[  739.809102][ T5277] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  739.810920][ T5307] usb 4-1: SerialNumber: syz
[  739.835626][ T5277] usb 5-1: New USB device found, idVendor=056e, idProduct=010c, bcdDevice= 0.00
[  739.842801][ T5307] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input41
[  739.915241][T11393] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1414'.
[  739.973460][ T5277] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  740.003127][ T5277] usb 5-1: config 0 descriptor??
[  740.044499][T11397] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1415'.
[  740.234506][T11384] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  740.391294][T11384] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  740.457042][ T4659] bcm5974 4-1:1.0: could not read from device
[  740.457379][ T5308] usb 4-1: USB disconnect, device number 38
[  740.491134][ T8766] bcm5974 4-1:1.0: could not read from device
[  740.734111][ T5307] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  740.895589][ T5277] usbhid 5-1:0.0: can't add hid device: -71
[  740.917377][ T5277] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  740.927911][ T5307] usb 2-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[  740.944823][ T5277] usb 5-1: USB disconnect, device number 49
[  740.951364][ T5307] usb 2-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xE1, changing to 0x81
[  740.984755][ T5307] usb 2-1: config 4 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 116
[  741.014404][ T5307] usb 2-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[  741.045453][ T5307] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  741.076304][ T5307] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  741.134349][T11403] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  744.630129][T11416] atomic_op ffff88804f51f198 conn xmit_atomic 0000000000000000
[  746.754353][ T5307] ath6kl: Failed to submit usb control message: -71
[  746.824229][ T5307] ath6kl: unable to send the bmi data to the device: -71
[  746.887534][ T5307] ath6kl: Unable to send get target info: -71
[  747.016616][ T5307] ath6kl: Failed to init ath6kl core: -71
[  747.023453][ T5307] ath6kl_usb 2-1:4.0: probe with driver ath6kl_usb failed with error -71
[  747.199351][ T5307] usb 2-1: USB disconnect, device number 55
[  747.366249][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[  747.373205][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[  747.455438][T11434] process 'syz.1.1425' launched './file0' with NULL argv: empty string added
[  747.645290][ T5275] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  747.916159][T11445] 9pnet_fd: Insufficient options for proto=fd
[  748.065157][ T5307] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  748.727219][ T5275] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  748.763143][ T5275] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  748.825177][ T5275] usb 4-1: config 0 descriptor??
[  748.836326][ T5307] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  748.852499][ T5275] cp210x 4-1:0.0: cp210x converter detected
[  748.871885][ T5307] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  748.910258][ T5307] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  748.950646][ T5307] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  748.984300][ T5307] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  749.001638][ T5307] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  749.034067][ T5308] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  749.052403][ T5307] usb 5-1: config 0 descriptor??
[  749.064117][ T5274] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  749.131931][T11432] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  749.143022][T11455] FAULT_INJECTION: forcing a failure.
[  749.143022][T11455] name failslab, interval 1, probability 0, space 0, times 0
[  749.150406][T11432] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  749.163321][T11455] CPU: 0 UID: 0 PID: 11455 Comm: syz.2.1432 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  749.173898][T11455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  749.184078][T11455] Call Trace:
[  749.187393][T11455]  <TASK>
[  749.190351][T11455]  dump_stack_lvl+0x241/0x360
[  749.195098][T11455]  ? __pfx_dump_stack_lvl+0x10/0x10
[  749.200398][T11455]  ? __pfx__printk+0x10/0x10
[  749.205041][T11455]  ? fs_reclaim_acquire+0x93/0x140
[  749.210181][T11455]  ? __pfx___might_resched+0x10/0x10
[  749.215501][T11455]  should_fail_ex+0x3b0/0x4e0
[  749.220208][T11455]  ? tomoyo_encode+0x26f/0x540
[  749.224988][T11455]  should_failslab+0xac/0x100
[  749.229706][T11455]  ? tomoyo_encode+0x26f/0x540
[  749.234497][T11455]  __kmalloc_noprof+0xd8/0x400
[  749.239302][T11455]  tomoyo_encode+0x26f/0x540
[  749.243960][T11455]  tomoyo_realpath_from_path+0x59e/0x5e0
[  749.249644][T11455]  tomoyo_path_number_perm+0x23a/0x880
[  749.255150][T11455]  ? tomoyo_path_number_perm+0x208/0x880
[  749.257965][ T5308] usb 2-1: Using ep0 maxpacket: 8
[  749.260812][T11455]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  749.260891][T11455]  ? __fget_files+0x29/0x470
[  749.276533][T11455]  ? __fget_files+0x3f3/0x470
[  749.277728][ T5308] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[  749.281286][T11455]  security_file_ioctl+0xc6/0x2a0
[  749.294894][ T5308] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  749.297783][T11455]  __se_sys_ioctl+0x47/0x170
[  749.308143][ T5274] usb 1-1: Using ep0 maxpacket: 32
[  749.312136][T11455]  do_syscall_64+0xf3/0x230
[  749.321956][T11455]  ? clear_bhb_loop+0x35/0x90
[  749.322798][ T5308] usb 2-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  749.326854][T11455]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  749.326892][T11455] RIP: 0033:0x7f0614d7def9
[  749.326914][T11455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  749.326934][T11455] RSP: 002b:00007f0615aba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  749.338177][ T5274] usb 1-1: config 0 has an invalid interface number: 35 but max is 0
[  749.341851][T11455] RAX: ffffffffffffffda RBX: 00007f0614f35f80 RCX: 00007f0614d7def9
[  749.341881][T11455] RDX: 0000000020000040 RSI: 00000000c0405602 RDI: 0000000000000003
[  749.346625][ T5308] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  749.366250][T11455] RBP: 00007f0615aba090 R08: 0000000000000000 R09: 0000000000000000
[  749.366276][T11455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  749.366291][T11455] R13: 0000000000000000 R14: 00007f0614f35f80 R15: 00007ffdc9e0c668
[  749.366323][T11455]  </TASK>
[  749.427244][T11455] ERROR: Out of memory at tomoyo_realpath_from_path.
[  749.432636][ T5274] usb 1-1: config 0 has no interface number 0
[  749.440129][ T5308] usb 2-1: Product: syz
[  749.448175][ T5275] cp210x 4-1:0.0: failed to get vendor val 0x370b size 1: -121
[  749.450213][ T5308] usb 2-1: Manufacturer: syz
[  749.450372][ T5274] usb 1-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  749.475730][ T5275] cp210x 4-1:0.0: querying part number failed
[  749.479614][ T5274] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  749.490645][ T5308] usb 2-1: SerialNumber: syz
[  749.498549][ T5308] usb 2-1: config 0 descriptor??
[  749.504903][ T5274] usb 1-1: Product: syz
[  749.509152][ T5274] usb 1-1: Manufacturer: syz
[  749.512122][ T5275] usb 4-1: cp210x converter now attached to ttyUSB0
[  749.517055][ T5274] usb 1-1: SerialNumber: syz
[  749.528656][ T5308] streamzap 2-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0204
[  749.542957][ T5274] usb 1-1: config 0 descriptor??
[  749.695441][ T5307] usbhid 5-1:0.0: can't add hid device: -71
[  749.701563][ T5307] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  749.712348][ T5307] usb 5-1: USB disconnect, device number 50
[  749.784547][ T5274] radio-si470x 1-1:0.35: this is not a si470x device.
[  749.824770][ T5274] radio-raremono 1-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  749.844087][ T5308] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  749.906119][T11432] capability: warning: `syz.3.1423' uses 32-bit capabilities (legacy support in use)
[  750.016581][ T5308] usb 3-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[  750.033126][ T5308] usb 3-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xE1, changing to 0x81
[  750.045093][ T5274] radio-raremono 1-1:0.35: V4L2 device registered as radio32
[  750.060964][ T5308] usb 3-1: config 4 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 116
[  750.072578][ T5308] usb 3-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[  750.078990][T11460] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1430'.
[  750.093228][ T5308] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  750.108175][ T5308] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  750.128315][T11458] raw-gadget.5 gadget.2: fail, usb_ep_enable returned -22
[  750.256324][ T5274] usb 1-1: USB disconnect, device number 44
[  750.269394][ T5274] radio-raremono 1-1:0.35: Thanko's Raremono disconnected
[  751.216850][ T5308] ath6kl: Failed to submit usb control message: -110
[  751.375984][ T5308] ath6kl: unable to send the bmi data to the device: -110
[  751.417087][ T5308] ath6kl: Unable to send get target info: -110
[  751.429053][ T5275] usb 4-1: USB disconnect, device number 39
[  751.434992][ T5308] ath6kl: Failed to init ath6kl core: -110
[  751.435768][ T5308] ath6kl_usb 3-1:4.0: probe with driver ath6kl_usb failed with error -110
[  751.483740][ T5275] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  751.517590][ T5275] cp210x 4-1:0.0: device disconnected
[  751.564588][T11473] FAULT_INJECTION: forcing a failure.
[  751.564588][T11473] name failslab, interval 1, probability 0, space 0, times 0
[  751.716014][T11473] CPU: 0 UID: 0 PID: 11473 Comm: syz.4.1437 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  751.726518][T11473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  751.736612][T11473] Call Trace:
[  751.739922][T11473]  <TASK>
[  751.742886][T11473]  dump_stack_lvl+0x241/0x360
[  751.747621][T11473]  ? __pfx_dump_stack_lvl+0x10/0x10
[  751.752871][T11473]  ? __pfx__printk+0x10/0x10
[  751.757544][T11473]  ? ref_tracker_alloc+0x332/0x490
[  751.762704][T11473]  should_fail_ex+0x3b0/0x4e0
[  751.767423][T11473]  ? skb_clone+0x20c/0x390
[  751.771877][T11473]  should_failslab+0xac/0x100
[  751.776600][T11473]  ? skb_clone+0x20c/0x390
[  751.781063][T11473]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  751.786486][T11473]  skb_clone+0x20c/0x390
[  751.790815][T11473]  __netlink_deliver_tap+0x3cc/0x7c0
[  751.796256][T11473]  ? netlink_deliver_tap+0x2e/0x1b0
[  751.801507][T11473]  netlink_deliver_tap+0x19d/0x1b0
[  751.806677][T11473]  netlink_unicast+0x7c4/0x990
[  751.811501][T11473]  ? __pfx_netlink_unicast+0x10/0x10
[  751.816839][T11473]  ? __virt_addr_valid+0x183/0x530
[  751.822048][T11473]  ? __check_object_size+0x49c/0x900
[  751.827380][T11473]  netlink_sendmsg+0x8e4/0xcb0
[  751.832205][T11473]  ? __pfx_netlink_sendmsg+0x10/0x10
[  751.837547][T11473]  ? __pfx_netlink_sendmsg+0x10/0x10
[  751.842876][T11473]  __sock_sendmsg+0x221/0x270
[  751.847611][T11473]  ____sys_sendmsg+0x52a/0x7e0
[  751.852420][T11473]  ? __pfx_____sys_sendmsg+0x10/0x10
[  751.857768][T11473]  __sys_sendmsg+0x2aa/0x390
[  751.862400][T11473]  ? __pfx___sys_sendmsg+0x10/0x10
[  751.867542][T11473]  ? vfs_write+0x7bf/0xc90
[  751.872047][T11473]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  751.878422][T11473]  ? do_syscall_64+0x100/0x230
[  751.883244][T11473]  ? do_syscall_64+0xb6/0x230
[  751.887966][T11473]  do_syscall_64+0xf3/0x230
[  751.892515][T11473]  ? clear_bhb_loop+0x35/0x90
[  751.897238][T11473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  751.903171][T11473] RIP: 0033:0x7fb2ec97def9
[  751.907623][T11473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  751.927359][T11473] RSP: 002b:00007fb2ed740038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  751.935833][T11473] RAX: ffffffffffffffda RBX: 00007fb2ecb35f80 RCX: 00007fb2ec97def9
[  751.943950][T11473] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  751.951969][T11473] RBP: 00007fb2ed740090 R08: 0000000000000000 R09: 0000000000000000
[  751.959993][T11473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  751.968009][T11473] R13: 0000000000000000 R14: 00007fb2ecb35f80 R15: 00007fffdaef05a8
[  751.976039][T11473]  </TASK>
[  752.012313][T11477] netlink: 'syz.3.1438': attribute type 8 has an invalid length.
[  752.981593][ T5274] usb 3-1: USB disconnect, device number 39
[  753.378761][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  753.390909][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  753.400882][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  753.409803][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  753.418845][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  753.427777][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  753.445603][T11497] 9pnet_fd: Insufficient options for proto=fd
[  753.465688][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  753.473530][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  753.495190][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  753.620528][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  753.644338][ T5274] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  753.824708][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.005133][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.012602][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.081914][ T5274] usb 1-1: config 0 has no interfaces?
[  754.090775][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.098923][ T5274] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  754.130712][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.144090][ T5274] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  754.163052][ T5274] usb 1-1: config 0 descriptor??
[  754.171503][ T5273] usb 2-1: USB disconnect, device number 56
[  754.177713][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.225044][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.248351][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.256333][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.263776][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.271466][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.302921][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.333291][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.363668][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.427094][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.448180][ T5273] usb 1-1: USB disconnect, device number 45
[  754.464051][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.475576][ T5274] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  754.493004][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.527059][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.537937][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.547616][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.556026][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.569658][ T5308] hid-generic 0000:04AD:0000.0005: unknown main item tag 0x0
[  754.573902][T11506] FAULT_INJECTION: forcing a failure.
[  754.573902][T11506] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  754.589795][ T5308] hid-generic 0000:04AD:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  754.615297][T11506] CPU: 0 UID: 0 PID: 11506 Comm: syz.2.1445 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  754.626135][T11506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  754.636238][T11506] Call Trace:
[  754.639555][T11506]  <TASK>
[  754.642530][T11506]  dump_stack_lvl+0x241/0x360
[  754.647271][T11506]  ? __pfx_dump_stack_lvl+0x10/0x10
[  754.652531][T11506]  ? __pfx__printk+0x10/0x10
[  754.657173][T11506]  ? get_sigframe+0x5e2/0x800
[  754.661895][T11506]  ? __pfx_lock_release+0x10/0x10
[  754.667077][T11506]  should_fail_ex+0x3b0/0x4e0
[  754.671807][T11506]  _copy_to_user+0x2f/0xb0
[  754.676277][T11506]  copy_siginfo_to_user+0x24/0xa0
[  754.681358][T11506]  x64_setup_rt_frame+0x75d/0xcc0
[  754.686435][T11506]  ? _raw_spin_unlock_irq+0x2e/0x50
[  754.691702][T11506]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  754.697304][T11506]  ? timespec64_add_safe+0x1be/0x220
[  754.702659][T11506]  arch_do_signal_or_restart+0x458/0x860
[  754.708434][T11506]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  754.714655][T11506]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  754.720674][T11506]  ? syscall_exit_to_user_mode+0xa3/0x370
[  754.726034][ T5274] usb 4-1: Using ep0 maxpacket: 8
[  754.726428][T11506]  syscall_exit_to_user_mode+0xc9/0x370
[  754.737150][T11506]  do_syscall_64+0x100/0x230
[  754.740486][ T5274] usb 4-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  754.741770][T11506]  ? clear_bhb_loop+0x35/0x90
[  754.755520][T11506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  754.756144][ T5274] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  754.761441][T11506] RIP: 0033:0x7f0614d7def9
[  754.761471][T11506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  754.770384][ T5274] usb 4-1: Product: syz
[  754.773938][T11506] RSP: 002b:00007f0615aba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000119
[  754.773970][T11506] RAX: fffffffffffffff2 RBX: 00007f0614f35f80 RCX: 00007f0614d7def9
[  754.773987][T11506] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  754.774003][T11506] RBP: 00007f0615aba090 R08: 0000000020000000 R09: 0000000000000008
[  754.774019][T11506] R10: 000000000000b327 R11: 0000000000000246 R12: 0000000000000001
[  754.774033][T11506] R13: 0000000000000000 R14: 00007f0614f35f80 R15: 00007ffdc9e0c668
[  754.774065][T11506]  </TASK>
[  754.855029][ T5274] usb 4-1: Manufacturer: syz
[  754.859854][ T5274] usb 4-1: SerialNumber: syz
[  754.868193][ T5274] usb 4-1: config 0 descriptor??
[  754.881388][ T5274] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  754.914126][ T5308] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  755.109612][T11510] lo speed is unknown, defaulting to 1000
[  755.109700][T11513] tmpfs: Bad value for 'mpol'
[  755.154071][ T5308] usb 2-1: Using ep0 maxpacket: 32
[  755.161566][ T5308] usb 2-1: config 0 has an invalid interface number: 35 but max is 0
[  755.173989][ T5308] usb 2-1: config 0 has no interface number 0
[  755.196017][ T5308] usb 2-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  755.224017][ T5308] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  755.232118][ T5308] usb 2-1: Product: syz
[  755.254135][ T5308] usb 2-1: Manufacturer: syz
[  755.258833][ T5308] usb 2-1: SerialNumber: syz
[  755.276800][ T5308] usb 2-1: config 0 descriptor??
[  755.280522][T11515] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1450'.
[  755.453753][T11521] FAULT_INJECTION: forcing a failure.
[  755.453753][T11521] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  755.469197][T11521] CPU: 0 UID: 0 PID: 11521 Comm: syz.4.1452 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  755.479673][T11521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  755.488444][ T5308] radio-si470x 2-1:0.35: this is not a si470x device.
[  755.489746][T11521] Call Trace:
[  755.489759][T11521]  <TASK>
[  755.489771][T11521]  dump_stack_lvl+0x241/0x360
[  755.507493][T11521]  ? __pfx_dump_stack_lvl+0x10/0x10
[  755.512764][T11521]  ? __pfx__printk+0x10/0x10
[  755.517411][T11521]  ? __pfx_lock_release+0x10/0x10
[  755.522499][T11521]  should_fail_ex+0x3b0/0x4e0
[  755.527221][ T5308] radio-raremono 2-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  755.527238][T11521]  _copy_from_iter+0x1ed/0x1d60
[  755.540135][T11521]  ? __virt_addr_valid+0x183/0x530
[  755.545292][T11521]  ? skb_set_owner_w+0x238/0x3e0
[  755.550278][T11521]  ? __pfx_lock_release+0x10/0x10
[  755.555368][T11521]  ? __pfx__copy_from_iter+0x10/0x10
[  755.560719][T11521]  ? __virt_addr_valid+0x183/0x530
[  755.565963][T11521]  ? __virt_addr_valid+0x183/0x530
[  755.571120][T11521]  ? __virt_addr_valid+0x45f/0x530
[  755.576280][T11521]  ? __phys_addr_symbol+0x2f/0x70
[  755.581441][T11521]  ? __check_object_size+0x49c/0x900
[  755.586771][T11521]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  755.592552][T11521]  skb_copy_datagram_from_iter+0xf2/0x6a0
[  755.598333][T11521]  ? skb_put+0x114/0x1f0
[  755.602634][T11521]  tun_get_user+0xec3/0x47e0
[  755.607287][T11521]  ? __lock_acquire+0x1384/0x2050
[  755.612374][T11521]  ? __pfx_tun_get_user+0x10/0x10
[  755.617462][T11521]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  755.622979][T11521]  ? tun_get+0x1e/0x2f0
[  755.627179][T11521]  ? __pfx_lock_release+0x10/0x10
[  755.632271][T11521]  ? tun_get+0x1e/0x2f0
[  755.636467][T11521]  ? tun_get+0x27d/0x2f0
[  755.640759][T11521]  tun_chr_write_iter+0x10d/0x1f0
[  755.645829][T11521]  vfs_write+0xa6d/0xc90
[  755.650124][T11521]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  755.655711][T11521]  ? __pfx_vfs_write+0x10/0x10
[  755.660546][T11521]  ? __fdget_pos+0x19a/0x320
[  755.665180][T11521]  ksys_write+0x1a0/0x2c0
[  755.669564][T11521]  ? __pfx_ksys_write+0x10/0x10
[  755.674459][T11521]  ? do_syscall_64+0x100/0x230
[  755.679292][T11521]  ? do_syscall_64+0xb6/0x230
[  755.684022][T11521]  do_syscall_64+0xf3/0x230
[  755.688577][T11521]  ? clear_bhb_loop+0x35/0x90
[  755.693306][T11521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.699334][T11521] RIP: 0033:0x7fb2ec97def9
[  755.703787][T11521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  755.723441][T11521] RSP: 002b:00007fb2ed740038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  755.732346][T11521] RAX: ffffffffffffffda RBX: 00007fb2ecb35f80 RCX: 00007fb2ec97def9
[  755.734456][ T5308] radio-raremono 2-1:0.35: V4L2 device registered as radio32
[  755.740337][T11521] RDX: 0000000000000066 RSI: 0000000020000240 RDI: 0000000000000004
[  755.740361][T11521] RBP: 00007fb2ed740090 R08: 0000000000000000 R09: 0000000000000000
[  755.740377][T11521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  755.740392][T11521] R13: 0000000000000000 R14: 00007fb2ecb35f80 R15: 00007fffdaef05a8
[  755.740424][T11521]  </TASK>
[  755.901080][T11526] FAULT_INJECTION: forcing a failure.
[  755.901080][T11526] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  755.921005][T11526] CPU: 0 UID: 0 PID: 11526 Comm: syz.2.1453 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  755.931505][T11526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  755.941608][T11526] Call Trace:
[  755.944925][T11526]  <TASK>
[  755.947891][T11526]  dump_stack_lvl+0x241/0x360
[  755.952634][T11526]  ? __pfx_dump_stack_lvl+0x10/0x10
[  755.957753][ T5308] usb 2-1: USB disconnect, device number 57
[  755.957874][T11526]  ? __pfx__printk+0x10/0x10
[  755.967896][ T5308] radio-raremono 2-1:0.35: Thanko's Raremono disconnected
[  755.968463][T11526]  ? __pfx_lock_release+0x10/0x10
[  755.980682][T11526]  ? vfs_write+0x7bf/0xc90
[  755.985167][T11526]  should_fail_ex+0x3b0/0x4e0
[  755.989986][T11526]  _copy_from_user+0x2f/0xe0
[  755.994627][T11526]  __sys_bpf+0x1a4/0x810
[  755.998920][T11526]  ? __pfx___sys_bpf+0x10/0x10
[  756.003741][T11526]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  756.009787][T11526]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  756.016266][T11526]  ? do_syscall_64+0x100/0x230
[  756.021104][T11526]  __x64_sys_bpf+0x7c/0x90
[  756.025578][T11526]  do_syscall_64+0xf3/0x230
[  756.030145][T11526]  ? clear_bhb_loop+0x35/0x90
[  756.034972][T11526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  756.040926][T11526] RIP: 0033:0x7f0614d7def9
[  756.045384][T11526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  756.065037][T11526] RSP: 002b:00007f0615aba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  756.073506][T11526] RAX: ffffffffffffffda RBX: 00007f0614f35f80 RCX: 00007f0614d7def9
[  756.081536][T11526] RDX: 0000000000000004 RSI: 0000000020000540 RDI: 000000000000000d
[  756.089640][T11526] RBP: 00007f0615aba090 R08: 0000000000000000 R09: 0000000000000000
[  756.097654][T11526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  756.105668][T11526] R13: 0000000000000001 R14: 00007f0614f35f80 R15: 00007ffdc9e0c668
[  756.113702][T11526]  </TASK>
[  756.118998][T10686] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  756.286657][T10686] usb 1-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[  756.297932][T10686] usb 1-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xE1, changing to 0x81
[  756.319988][T10686] usb 1-1: config 4 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 116
[  756.351322][T10686] usb 1-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[  756.377254][ T5274] gspca_sonixj: i2c_w8 err -71
[  756.404673][T10686] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  756.434997][T10686] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  756.459038][T11519] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  756.474294][ T5274] sonixj 4-1:0.0: probe with driver sonixj failed with error -71
[  756.505613][ T5274] usb 4-1: USB disconnect, device number 40
[  757.004944][ T4866] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  757.527684][T10686] ath6kl: Failed to submit usb control message: -110
[  757.535220][ T4866] usb 5-1: Using ep0 maxpacket: 32
[  757.720662][T10686] ath6kl: unable to send the bmi data to the device: -110
[  757.731555][ T4866] usb 5-1: config 0 has an invalid interface number: 35 but max is 0
[  757.777359][T10686] ath6kl: Unable to send get target info: -110
[  757.784427][ T4866] usb 5-1: config 0 has no interface number 0
[  757.856680][ T4866] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  757.868139][T10686] ath6kl: Failed to init ath6kl core: -110
[  757.889875][T10686] ath6kl_usb 1-1:4.0: probe with driver ath6kl_usb failed with error -110
[  757.898801][ T4866] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  757.929426][ T4866] usb 5-1: Product: syz
[  757.961926][ T4866] usb 5-1: Manufacturer: syz
[  757.987820][ T4866] usb 5-1: SerialNumber: syz
[  758.017926][ T4866] usb 5-1: config 0 descriptor??
[  758.204664][T11565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  758.246192][ T4866] radio-si470x 5-1:0.35: this is not a si470x device.
[  758.256463][T11565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  758.295273][ T4866] radio-raremono 5-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  758.361783][T11565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  758.408627][T11565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  758.459357][T11565] netlink: 'syz.3.1464': attribute type 3 has an invalid length.
[  758.516042][ T4866] radio-raremono 5-1:0.35: V4L2 device registered as radio32
[  758.532598][T11565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  758.735023][T11579] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1466'.
[  758.779374][T11579] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1466'.
[  758.831703][ T4866] usb 1-1: USB disconnect, device number 46
[  758.883183][ T5307] usb 5-1: USB disconnect, device number 51
[  758.895391][T11579] macvlan0: entered promiscuous mode
[  758.928585][ T5307] radio-raremono 5-1:0.35: Thanko's Raremono disconnected
[  758.956826][T11579] batadv_slave_0: entered promiscuous mode
[  759.244129][ T4866] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  759.407612][ T4866] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  759.422053][ T4866] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  759.445454][ T4866] usb 1-1: config 0 descriptor??
[  759.679698][T11583] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  759.707780][T11583] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  760.002269][T11523] coredump: 484(syz.2.1448): written to core: VMAs: 34, size 99516416; core: 62116806 bytes, pos 99524608
[  760.844258][ T5273] usb 2-1: new full-speed USB device number 58 using dummy_hcd
[  761.451899][ T5273] usb 2-1: config 0 has an invalid interface number: 20 but max is 0
[  761.753215][ T5273] usb 2-1: config 0 has no interface number 0
[  761.769390][ T5273] usb 2-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  761.795241][ T5273] usb 2-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  761.808509][ T5273] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  761.821760][ T5273] usb 2-1: Product: syz
[  761.828950][ T5273] usb 2-1: Manufacturer: syz
[  761.836875][ T5273] usb 2-1: SerialNumber: syz
[  761.983751][ T5273] usb 2-1: config 0 descriptor??
[  762.005932][T11602] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  762.064188][ T5273] usb-storage 2-1:0.20: USB Mass Storage device detected
[  762.147906][ T5273] usb-storage 2-1:0.20: Quirks match for vid 04e6 pid 000b: 4
[  762.312220][ T4866] [drm:udl_init] *ERROR* Selecting channel failed
[  762.429042][ T4866] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2
[  762.464109][ T4866] [drm] Initialized udl on minor 2
[  762.508830][ T4866] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  762.584799][ T5273] usb 2-1: USB disconnect, device number 58
[  762.615378][ T4866] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  762.714497][ T5277] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  762.735240][ T4866] usb 1-1: USB disconnect, device number 47
[  762.808556][ T5277] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  762.864919][ T8672] Buffer I/O error on dev loop7, logical block 4095, async page read
[  763.724273][ T5274] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  763.792712][ T5327] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  763.944134][ T5274] usb 5-1: Using ep0 maxpacket: 8
[  764.064605][ T5327] usb 3-1: Using ep0 maxpacket: 32
[  764.141963][ T5327] usb 3-1: config index 0 descriptor too short (expected 156, got 27)
[  764.313564][ T5327] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  764.555066][ T5327] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  764.655935][T11627] FAULT_INJECTION: forcing a failure.
[  764.655935][T11627] name failslab, interval 1, probability 0, space 0, times 0
[  764.732938][ T5327] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  764.769543][T11627] CPU: 1 UID: 0 PID: 11627 Comm: syz.1.1480 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  764.780131][T11627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  764.790226][T11627] Call Trace:
[  764.793519][T11627]  <TASK>
[  764.796549][T11627]  dump_stack_lvl+0x241/0x360
[  764.801263][T11627]  ? __pfx_dump_stack_lvl+0x10/0x10
[  764.806491][T11627]  ? __pfx__printk+0x10/0x10
[  764.811107][T11627]  ? __kmalloc_noprof+0xb0/0x400
[  764.816114][T11627]  ? __pfx___might_resched+0x10/0x10
[  764.821509][T11627]  ? __mutex_lock+0x303/0xd70
[  764.826209][T11627]  should_fail_ex+0x3b0/0x4e0
[  764.830903][T11627]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  764.837165][T11627]  should_failslab+0xac/0x100
[  764.841886][T11627]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  764.848166][T11627]  __kmalloc_noprof+0xd8/0x400
[  764.852979][T11627]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  764.859071][T11627]  genl_rcv_msg+0x802/0xec0
[  764.863591][T11627]  ? mark_lock+0x9a/0x360
[  764.867992][T11627]  ? __pfx_genl_rcv_msg+0x10/0x10
[  764.873050][T11627]  ? __pfx_lock_acquire+0x10/0x10
[  764.878181][T11627]  ? __pfx_macsec_upd_rxsa+0x10/0x10
[  764.883480][T11627]  ? __pfx___might_resched+0x10/0x10
[  764.888794][T11627]  netlink_rcv_skb+0x1e3/0x430
[  764.893580][T11627]  ? __pfx_genl_rcv_msg+0x10/0x10
[  764.898619][T11627]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  764.903964][T11627]  genl_rcv+0x28/0x40
[  764.907971][T11627]  netlink_unicast+0x7f6/0x990
[  764.912763][T11627]  ? __pfx_netlink_unicast+0x10/0x10
[  764.918153][T11627]  ? __check_object_size+0x49c/0x900
[  764.923466][T11627]  netlink_sendmsg+0x8e4/0xcb0
[  764.928262][T11627]  ? __pfx_netlink_sendmsg+0x10/0x10
[  764.933581][T11627]  ? __pfx_netlink_sendmsg+0x10/0x10
[  764.938893][T11627]  __sock_sendmsg+0x221/0x270
[  764.943590][T11627]  ____sys_sendmsg+0x52a/0x7e0
[  764.948721][T11627]  ? __pfx_____sys_sendmsg+0x10/0x10
[  764.954035][T11627]  __sys_sendmsg+0x2aa/0x390
[  764.958644][T11627]  ? __pfx___sys_sendmsg+0x10/0x10
[  764.963769][T11627]  ? vfs_write+0x7bf/0xc90
[  764.968238][T11627]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  764.974593][T11627]  ? do_syscall_64+0x100/0x230
[  764.979407][T11627]  ? do_syscall_64+0xb6/0x230
[  764.984126][T11627]  do_syscall_64+0xf3/0x230
[  764.988674][T11627]  ? clear_bhb_loop+0x35/0x90
[  764.993392][T11627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  764.999311][T11627] RIP: 0033:0x7f394197def9
[  765.003744][T11627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  765.023398][T11627] RSP: 002b:00007f3942818038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  765.031923][T11627] RAX: ffffffffffffffda RBX: 00007f3941b35f80 RCX: 00007f394197def9
[  765.039904][T11627] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004
[  765.047908][T11627] RBP: 00007f3942818090 R08: 0000000000000000 R09: 0000000000000000
[  765.056064][T11627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  765.064045][T11627] R13: 0000000000000000 R14: 00007f3941b35f80 R15: 00007ffd6c9958d8
[  765.072068][T11627]  </TASK>
[  765.077129][ T5327] usb 3-1: config 0 interface 0 has no altsetting 0
[  765.098837][ T5274] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  765.124029][ T5274] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  765.126501][ T5327] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  765.144048][ T5274] usb 5-1: New USB device found, idVendor=0810, idProduct=0001, bcdDevice= 0.00
[  765.153490][ T5274] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  765.174985][ T5274] usb 5-1: config 0 descriptor??
[  765.199687][ T5327] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  765.242912][ T5327] usb 3-1: Product: syz
[  765.258768][ T5327] usb 3-1: Manufacturer: syz
[  765.283514][ T5327] usb 3-1: SerialNumber: syz
[  765.300993][ T5327] usb 3-1: config 0 descriptor??
[  765.332197][ T5327] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  765.391681][ T5327] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  765.640000][T11615] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1476'.
[  765.688579][ T5274] pantherlord 0003:0810:0001.0006: unknown main item tag 0x0
[  765.708766][ T5327] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  765.709014][ T5274] pantherlord 0003:0810:0001.0006: hidraw0: USB HID v0.00 Device [HID 0810:0001] on usb-dummy_hcd.4-1/input0
[  765.733998][ T5274] pantherlord 0003:0810:0001.0006: Force feedback for PantherLord/GreenAsia devices by Anssi Hannula <anssi.hannula@gmail.com>
[  765.940750][ T5327] usb 1-1: Using ep0 maxpacket: 32
[  765.962017][ T4866] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  766.119749][ T5327] usb 1-1: config 0 has an invalid interface number: 35 but max is 0
[  766.341083][ T5327] usb 1-1: config 0 has no interface number 0
[  766.372208][ T5327] usb 1-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  766.391011][ T4866] usb 2-1: config 16 has an invalid descriptor of length 115, skipping remainder of the config
[  766.407968][ T5327] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  766.424158][ T4866] usb 2-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  766.441117][ T5327] usb 1-1: Product: syz
[  766.446196][ T5327] usb 1-1: Manufacturer: syz
[  766.450990][ T4866] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  766.484656][ T5308] usb 5-1: USB disconnect, device number 52
[  766.485060][ T5327] usb 1-1: SerialNumber: syz
[  766.514414][ T4866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  766.547011][ T5327] usb 1-1: config 0 descriptor??
[  766.796382][ T5327] radio-si470x 1-1:0.35: this is not a si470x device.
[  767.164659][ T5327] radio-raremono 1-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  767.192395][ T5327] radio-raremono 1-1:0.35: V4L2 device registered as radio32
[  767.857332][ T5274] usb 1-1: USB disconnect, device number 48
[  767.864722][ T5274] radio-raremono 1-1:0.35: Thanko's Raremono disconnected
[  767.981788][T11666] FAULT_INJECTION: forcing a failure.
[  767.981788][T11666] name failslab, interval 1, probability 0, space 0, times 0
[  768.010454][ T8557] Buffer I/O error on dev loop7, logical block 4095, async page read
[  768.026099][T11666] CPU: 1 UID: 0 PID: 11666 Comm: syz.4.1490 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  768.036592][T11666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  768.046697][T11666] Call Trace:
[  768.050011][T11666]  <TASK>
[  768.052976][T11666]  dump_stack_lvl+0x241/0x360
[  768.057849][T11666]  ? __pfx_dump_stack_lvl+0x10/0x10
[  768.063198][T11666]  ? __pfx__printk+0x10/0x10
[  768.067938][T11666]  ? ref_tracker_alloc+0x332/0x490
[  768.073112][T11666]  should_fail_ex+0x3b0/0x4e0
[  768.077848][T11666]  ? skb_clone+0x20c/0x390
[  768.082313][T11666]  should_failslab+0xac/0x100
[  768.087042][T11666]  ? skb_clone+0x20c/0x390
[  768.091512][T11666]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  768.096939][T11666]  skb_clone+0x20c/0x390
[  768.101216][T11666]  __netlink_deliver_tap+0x3cc/0x7c0
[  768.106543][T11666]  ? netlink_deliver_tap+0x2e/0x1b0
[  768.111773][T11666]  netlink_deliver_tap+0x19d/0x1b0
[  768.116931][T11666]  netlink_unicast+0x7c4/0x990
[  768.121736][T11666]  ? __pfx_netlink_unicast+0x10/0x10
[  768.127489][T11666]  ? __virt_addr_valid+0x183/0x530
[  768.132630][T11666]  ? __check_object_size+0x49c/0x900
[  768.137976][T11666]  netlink_sendmsg+0x8e4/0xcb0
[  768.142790][T11666]  ? __pfx_netlink_sendmsg+0x10/0x10
[  768.148127][T11666]  ? __pfx_netlink_sendmsg+0x10/0x10
[  768.153441][T11666]  __sock_sendmsg+0x221/0x270
[  768.158145][T11666]  ____sys_sendmsg+0x52a/0x7e0
[  768.162938][T11666]  ? __pfx_____sys_sendmsg+0x10/0x10
[  768.168288][T11666]  __sys_sendmsg+0x2aa/0x390
[  768.172917][T11666]  ? __pfx___sys_sendmsg+0x10/0x10
[  768.178094][T11666]  ? vfs_write+0x7bf/0xc90
[  768.182620][T11666]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  768.188990][T11666]  ? do_syscall_64+0x100/0x230
[  768.193802][T11666]  ? do_syscall_64+0xb6/0x230
[  768.198520][T11666]  do_syscall_64+0xf3/0x230
[  768.203055][T11666]  ? clear_bhb_loop+0x35/0x90
[  768.207776][T11666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  768.213694][T11666] RIP: 0033:0x7fb2ec97def9
[  768.218124][T11666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  768.237783][T11666] RSP: 002b:00007fb2ed740038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  768.246228][T11666] RAX: ffffffffffffffda RBX: 00007fb2ecb35f80 RCX: 00007fb2ec97def9
[  768.254218][T11666] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  768.262269][T11666] RBP: 00007fb2ed740090 R08: 0000000000000000 R09: 0000000000000000
[  768.270363][T11666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  768.278370][T11666] R13: 0000000000000000 R14: 00007fb2ecb35f80 R15: 00007fffdaef05a8
[  768.286390][T11666]  </TASK>
[  768.433070][T11666] netlink: 'syz.4.1490': attribute type 11 has an invalid length.
[  768.902073][ T4866] usb 2-1: string descriptor 0 read error: -71
[  768.940793][ T4866] usb 2-1: USB disconnect, device number 59
[  768.991043][T11677] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1495'.
[  769.344265][T10686] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  769.548596][T10686] usb 1-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[  769.594556][ T4866] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  769.716612][T10686] usb 1-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xE1, changing to 0x81
[  770.169520][ T4866] usb 2-1: Using ep0 maxpacket: 16
[  770.175864][T10686] usb 1-1: config 4 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 116
[  770.189381][T10686] usb 1-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[  770.204368][T10686] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  770.215665][ T4866] usb 2-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  770.224926][ T4866] usb 2-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  770.644319][T11613] ldusb 3-1:0.0: Couldn't submit HID_REQ_SET_REPORT -110
[  770.694223][ T5308] usb 3-1: USB disconnect, device number 40
[  770.798629][ T5308] ldusb 3-1:0.0: LD USB Device #0 now disconnected
[  770.882786][T11694] lo speed is unknown, defaulting to 1000
[  770.928249][ T4866] usb 2-1: Product: syz
[  770.932865][ T4866] usb 2-1: Manufacturer: syz
[  770.939075][T10686] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  770.947289][ T4866] usb 2-1: SerialNumber: syz
[  770.967744][ T4866] usb 2-1: config 0 descriptor??
[  770.983639][T11673] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  772.084629][T10686] ath6kl: Failed to submit usb control message: -110
[  772.085142][T10686] ath6kl: unable to send the bmi data to the device: -110
[  772.085242][T10686] ath6kl: Unable to send get target info: -110
[  772.100810][T10686] ath6kl: Failed to init ath6kl core: -110
[  772.353172][T10686] ath6kl_usb 1-1:4.0: probe with driver ath6kl_usb failed with error -110
[  772.475920][ T5308] usb 2-1: USB disconnect, device number 60
[  772.748845][T10686] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  772.916376][T10686] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  772.945923][T10686] usb 4-1: New USB device found, idVendor=05ac, idProduct=025b, bcdDevice= 0.40
[  772.955705][T10686] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  772.972892][T10686] usb 4-1: Product: syz
[  772.980198][T10686] usb 4-1: Manufacturer: syz
[  772.985245][T10686] usb 4-1: SerialNumber: syz
[  773.002771][T10686] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input42
[  773.216134][T11714] Buffer I/O error on dev loop7, logical block 4095, async page read
[  773.229614][T11714] Buffer I/O error on dev loop7, logical block 4095, async page read
[  773.474747][ T5308] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  773.488941][ T5273] usb 1-1: USB disconnect, device number 49
[  773.494696][ T5275] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  773.600712][ T8766] Buffer I/O error on dev loop7, logical block 4095, async page read
[  773.664164][ T5308] usb 2-1: Using ep0 maxpacket: 32
[  773.676488][ T5275] usb 3-1: config 16 has an invalid descriptor of length 115, skipping remainder of the config
[  773.696452][ T5275] usb 3-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  773.716154][ T5275] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  773.717826][ T5308] usb 2-1: config 0 has an invalid interface number: 35 but max is 0
[  773.745846][ T5275] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  773.784126][ T5308] usb 2-1: config 0 has no interface number 0
[  773.820530][ T5308] usb 2-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  773.874723][ T5308] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  773.882862][ T5308] usb 2-1: Product: syz
[  773.945303][ T5308] usb 2-1: Manufacturer: syz
[  773.960628][ T5308] usb 2-1: SerialNumber: syz
[  773.968122][ T5308] usb 2-1: config 0 descriptor??
[  774.199074][ T5308] radio-si470x 2-1:0.35: this is not a si470x device.
[  774.254940][ T5308] radio-raremono 2-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  775.336714][ T5308] radio-raremono 2-1:0.35: V4L2 device registered as radio32
[  775.366528][ T5308] usb 2-1: USB disconnect, device number 61
[  775.373562][ T5308] radio-raremono 2-1:0.35: Thanko's Raremono disconnected
[  775.402193][ T4659] bcm5974 4-1:1.0: could not read from device
[  775.446706][ T4659] bcm5974 4-1:1.0: could not read from device
[  775.470245][ T4659] bcm5974 4-1:1.0: could not read from device
[  775.484618][T10686] usb 4-1: USB disconnect, device number 41
[  776.184349][T10686] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  776.622628][ T5275] usb 3-1: string descriptor 0 read error: -71
[  776.644362][ T5275] usb 3-1: USB disconnect, device number 41
[  776.659227][T11748] FAULT_INJECTION: forcing a failure.
[  776.659227][T11748] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  776.672560][T11748] CPU: 0 UID: 0 PID: 11748 Comm: syz.0.1514 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  776.683018][T11748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  776.693281][T11748] Call Trace:
[  776.696585][T11748]  <TASK>
[  776.699558][T11748]  dump_stack_lvl+0x241/0x360
[  776.704298][T11748]  ? __pfx_dump_stack_lvl+0x10/0x10
[  776.709539][T11748]  ? __pfx__printk+0x10/0x10
[  776.714180][T11748]  ? snprintf+0xda/0x120
[  776.718458][T11748]  should_fail_ex+0x3b0/0x4e0
[  776.723170][T11748]  _copy_to_user+0x2f/0xb0
[  776.727647][T11748]  simple_read_from_buffer+0xca/0x150
[  776.733060][T11748]  proc_fail_nth_read+0x1e9/0x250
[  776.738124][T11748]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  776.743710][T11748]  ? rw_verify_area+0x55e/0x6f0
[  776.748592][T11748]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  776.754181][T11748]  vfs_read+0x201/0xbc0
[  776.758373][T11748]  ? __pfx_lock_release+0x10/0x10
[  776.763440][T11748]  ? __pfx_vfs_read+0x10/0x10
[  776.768228][T11748]  ? __fget_files+0x3f3/0x470
[  776.773020][T11748]  ? __fdget_pos+0x24e/0x320
[  776.777629][T11748]  ksys_read+0x1a0/0x2c0
[  776.781977][T11748]  ? __pfx_ksys_read+0x10/0x10
[  776.786759][T11748]  ? __secure_computing+0x125/0x370
[  776.791983][T11748]  do_syscall_64+0xf3/0x230
[  776.796508][T11748]  ? clear_bhb_loop+0x35/0x90
[  776.801203][T11748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  776.807109][T11748] RIP: 0033:0x7feca137c93c
[  776.811531][T11748] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  776.831151][T11748] RSP: 002b:00007feca2218030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  776.839582][T11748] RAX: ffffffffffffffda RBX: 00007feca1535f80 RCX: 00007feca137c93c
[  776.847567][T11748] RDX: 000000000000000f RSI: 00007feca22180a0 RDI: 0000000000000003
[  776.855553][T11748] RBP: 00007feca2218090 R08: 0000000000000000 R09: 0000000000000000
[  776.863538][T11748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  776.871515][T11748] R13: 0000000000000000 R14: 00007feca1535f80 R15: 00007ffe07214998
[  776.879507][T11748]  </TASK>
[  777.064160][T10686] usb 5-1: Using ep0 maxpacket: 8
[  777.085437][T10686] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[  778.113561][T10686] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  778.151618][T10686] usb 5-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  778.184267][T10686] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  778.227759][T10686] usb 5-1: Product: syz
[  778.232007][T10686] usb 5-1: Manufacturer: syz
[  778.268309][T10686] usb 5-1: SerialNumber: syz
[  778.285563][T11765] netlink: 'syz.1.1519': attribute type 21 has an invalid length.
[  778.290148][T10686] usb 5-1: config 0 descriptor??
[  778.293627][T11765] netlink: 120 bytes leftover after parsing attributes in process `syz.1.1519'.
[  778.329641][T10686] streamzap 5-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0204
[  778.424156][ T4866] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  778.601333][ T4866] usb 3-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[  778.630209][ T4866] usb 3-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xE1, changing to 0x81
[  778.671784][ T4866] usb 3-1: config 4 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 116
[  778.699942][ T4866] usb 3-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[  778.730425][ T4866] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  778.750054][ T4866] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  778.784300][T10686] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  778.803444][T11759] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  780.643819][ T4866] ath6kl: Failed to submit usb control message: -110
[  780.654067][T10686] usb 1-1: Using ep0 maxpacket: 32
[  780.659384][ T4866] ath6kl: unable to send the bmi data to the device: -110
[  780.681225][ T4866] ath6kl: Unable to send get target info: -110
[  780.700228][T10686] usb 1-1: config 0 has an invalid interface number: 35 but max is 0
[  780.709682][ T4866] ath6kl: Failed to init ath6kl core: -110
[  780.732840][ T8558] Buffer I/O error on dev loop7, logical block 4095, async page read
[  780.743751][T10686] usb 1-1: config 0 has no interface number 0
[  780.752829][ T4866] ath6kl_usb 3-1:4.0: probe with driver ath6kl_usb failed with error -110
[  780.764375][T10686] usb 1-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  780.784057][T10686] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  780.794250][T10686] usb 1-1: Product: syz
[  780.798554][T10686] usb 1-1: Manufacturer: syz
[  780.803261][T10686] usb 1-1: SerialNumber: syz
[  780.818463][T10686] usb 1-1: config 0 descriptor??
[  780.883508][ T4866] usb 5-1: USB disconnect, device number 53
[  781.123665][T10686] radio-si470x 1-1:0.35: this is not a si470x device.
[  781.373833][T10686] radio-raremono 1-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  781.578048][T10686] radio-raremono 1-1:0.35: V4L2 device registered as radio32
[  781.725362][ T5277] usb 3-1: USB disconnect, device number 42
[  781.848530][ T5327] usb 1-1: USB disconnect, device number 50
[  781.855663][ T5327] radio-raremono 1-1:0.35: Thanko's Raremono disconnected
[  782.017817][T11794] FAULT_INJECTION: forcing a failure.
[  782.017817][T11794] name failslab, interval 1, probability 0, space 0, times 0
[  782.031513][T11794] CPU: 0 UID: 0 PID: 11794 Comm: syz.2.1528 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  782.041994][T11794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  782.052173][T11794] Call Trace:
[  782.055506][T11794]  <TASK>
[  782.058464][T11794]  dump_stack_lvl+0x241/0x360
[  782.063193][T11794]  ? __pfx_dump_stack_lvl+0x10/0x10
[  782.068442][T11794]  ? __pfx__printk+0x10/0x10
[  782.073164][T11794]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  782.079187][T11794]  ? __pfx___might_resched+0x10/0x10
[  782.084527][T11794]  should_fail_ex+0x3b0/0x4e0
[  782.089246][T11794]  should_failslab+0xac/0x100
[  782.093961][T11794]  ? __alloc_skb+0x1c3/0x440
[  782.098599][T11794]  kmem_cache_alloc_node_noprof+0x71/0x320
[  782.104454][T11794]  __alloc_skb+0x1c3/0x440
[  782.108916][T11794]  ? __pfx___alloc_skb+0x10/0x10
[  782.113917][T11794]  alloc_skb_with_frags+0xc3/0x820
[  782.119066][T11794]  ? __might_fault+0xaa/0x120
[  782.123784][T11794]  ? __pfx_lock_release+0x10/0x10
[  782.128857][T11794]  sock_alloc_send_pskb+0x91a/0xa60
[  782.134093][T11794]  ? __might_fault+0xaa/0x120
[  782.138823][T11794]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  782.144589][T11794]  ? __pfx__copy_from_iter+0x10/0x10
[  782.149921][T11794]  ? __virt_addr_valid+0x183/0x530
[  782.155068][T11794]  ? __virt_addr_valid+0x183/0x530
[  782.160212][T11794]  nfc_alloc_send_skb+0x97/0x1c0
[  782.165167][T11794]  nfc_llcp_send_ui_frame+0x2ac/0x670
[  782.170575][T11794]  ? __pfx_nfc_llcp_send_ui_frame+0x10/0x10
[  782.176599][T11794]  ? llcp_sock_sendmsg+0x237/0x3b0
[  782.181818][T11794]  ? __pfx_llcp_sock_sendmsg+0x10/0x10
[  782.187298][T11794]  __sock_sendmsg+0x221/0x270
[  782.192013][T11794]  ____sys_sendmsg+0x52a/0x7e0
[  782.196843][T11794]  ? __pfx_____sys_sendmsg+0x10/0x10
[  782.202151][T11794]  __sys_sendmmsg+0x3ac/0x730
[  782.206929][T11794]  ? __pfx___sys_sendmmsg+0x10/0x10
[  782.212158][T11794]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  782.218061][T11794]  ? ksys_write+0x23e/0x2c0
[  782.222572][T11794]  ? __pfx_lock_release+0x10/0x10
[  782.227609][T11794]  ? vfs_write+0x7bf/0xc90
[  782.232036][T11794]  ? __mutex_unlock_slowpath+0x21d/0x750
[  782.237697][T11794]  ? __pfx_vfs_write+0x10/0x10
[  782.242537][T11794]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  782.248552][T11794]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  782.254894][T11794]  ? do_syscall_64+0x100/0x230
[  782.259672][T11794]  __x64_sys_sendmmsg+0xa0/0xb0
[  782.264528][T11794]  do_syscall_64+0xf3/0x230
[  782.269037][T11794]  ? clear_bhb_loop+0x35/0x90
[  782.273721][T11794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  782.279621][T11794] RIP: 0033:0x7f0614d7def9
[  782.284048][T11794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  782.284249][ T1166] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  782.303694][T11794] RSP: 002b:00007f0615aba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  782.303727][T11794] RAX: ffffffffffffffda RBX: 00007f0614f35f80 RCX: 00007f0614d7def9
[  782.303745][T11794] RDX: 0000000000000001 RSI: 0000000020003440 RDI: 0000000000000005
[  782.303760][T11794] RBP: 00007f0615aba090 R08: 0000000000000000 R09: 0000000000000000
[  782.303775][T11794] R10: 0000000000000910 R11: 0000000000000246 R12: 0000000000000001
[  782.303790][T11794] R13: 0000000000000000 R14: 00007f0614f35f80 R15: 00007ffdc9e0c668
[  782.303828][T11794]  </TASK>
[  782.371574][T11794] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-105)
[  782.598249][ T5308] kernel write not supported for file /snd/seq (pid: 5308 comm: kworker/1:6)
[  782.671402][ T1166] usb 2-1: config 16 has an invalid descriptor of length 115, skipping remainder of the config
[  782.705552][ T1166] usb 2-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  782.744117][ T1166] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  782.787288][ T1166] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  782.844043][ T4866] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  783.026227][ T4866] usb 3-1: Using ep0 maxpacket: 32
[  783.030747][T11817] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1536'.
[  783.033224][ T4866] usb 3-1: config 0 has an invalid interface number: 35 but max is 0
[  783.283824][ T4866] usb 3-1: config 0 has no interface number 0
[  783.293516][ T4866] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  783.304176][ T4866] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  783.312218][ T4866] usb 3-1: Product: syz
[  783.322066][ T4866] usb 3-1: Manufacturer: syz
[  783.326804][ T4866] usb 3-1: SerialNumber: syz
[  783.333702][ T4866] usb 3-1: config 0 descriptor??
[  783.703703][ T4866] radio-si470x 3-1:0.35: this is not a si470x device.
[  783.876420][ T4866] radio-raremono 3-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  784.270183][ T4866] radio-raremono 3-1:0.35: V4L2 device registered as radio32
[  784.387830][ T4674] udevd[4674]: worker [8558] terminated by signal 33 (Unknown signal 33)
[  784.399415][ T4674] udevd[4674]: worker [8558] failed while handling '/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.35/video4linux/radio32'
[  784.493344][ T5273] usb 3-1: USB disconnect, device number 43
[  784.505063][ T5273] radio-raremono 3-1:0.35: Thanko's Raremono disconnected
[  784.624303][ T5308] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  784.644378][ T5274] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  784.801029][ T5308] usb 4-1: Using ep0 maxpacket: 8
[  784.837810][ T5308] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[  784.926387][ T5308] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  785.012866][ T5308] usb 4-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  785.068035][ T5274] usb 1-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[  785.134408][ T5308] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  785.401991][ T1166] usb 2-1: string descriptor 0 read error: -71
[  785.415993][ T5274] usb 1-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xE1, changing to 0x81
[  785.428051][ T5308] usb 4-1: Product: syz
[  785.432268][ T5308] usb 4-1: Manufacturer: syz
[  785.452570][ T1166] usb 2-1: USB disconnect, device number 62
[  785.461594][ T5308] usb 4-1: SerialNumber: syz
[  785.466946][ T5274] usb 1-1: config 4 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 116
[  785.575314][ T5274] usb 1-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[  785.590045][ T5308] usb 4-1: config 0 descriptor??
[  785.595489][ T5274] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  785.606204][ T5274] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  785.629530][ T5308] streamzap 4-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0204
[  785.644342][T11833] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[  787.513049][ T5277] usb 4-1: USB disconnect, device number 42
[  787.618957][T11859] lo speed is unknown, defaulting to 1000
[  788.711688][ T5274] ath6kl: Failed to submit usb control message: -71
[  788.729425][ T5274] ath6kl: unable to send the bmi data to the device: -71
[  788.813461][ T5274] ath6kl: Unable to send get target info: -71
[  788.819814][T11860] libceph: resolve '.
[  788.819814][T11860] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  788.819814][T11860] ' (ret=-3): failed
[  788.863518][ T5274] ath6kl: Failed to init ath6kl core: -71
[  788.895958][ T5274] ath6kl_usb 1-1:4.0: probe with driver ath6kl_usb failed with error -71
[  788.920184][T11876] FAULT_INJECTION: forcing a failure.
[  788.920184][T11876] name failslab, interval 1, probability 0, space 0, times 0
[  788.931644][ T5274] usb 1-1: USB disconnect, device number 51
[  789.006739][T11876] CPU: 0 UID: 0 PID: 11876 Comm: syz.3.1550 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  789.017225][T11876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  789.027314][T11876] Call Trace:
[  789.030603][T11876]  <TASK>
[  789.033543][T11876]  dump_stack_lvl+0x241/0x360
[  789.038249][T11876]  ? __pfx_dump_stack_lvl+0x10/0x10
[  789.043472][T11876]  ? __pfx__printk+0x10/0x10
[  789.048616][T11876]  ? ref_tracker_alloc+0x332/0x490
[  789.053757][T11876]  should_fail_ex+0x3b0/0x4e0
[  789.058495][T11876]  ? skb_clone+0x20c/0x390
[  789.062921][T11876]  should_failslab+0xac/0x100
[  789.067615][T11876]  ? skb_clone+0x20c/0x390
[  789.072054][T11876]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  789.077791][T11876]  skb_clone+0x20c/0x390
[  789.082048][T11876]  __netlink_deliver_tap+0x3cc/0x7c0
[  789.087355][T11876]  ? netlink_deliver_tap+0x2e/0x1b0
[  789.092677][T11876]  netlink_deliver_tap+0x19d/0x1b0
[  789.097805][T11876]  netlink_unicast+0x7c4/0x990
[  789.102590][T11876]  ? __pfx_netlink_unicast+0x10/0x10
[  789.107974][T11876]  ? __virt_addr_valid+0x183/0x530
[  789.113183][T11876]  ? __check_object_size+0x49c/0x900
[  789.118486][T11876]  netlink_sendmsg+0x8e4/0xcb0
[  789.123275][T11876]  ? __pfx_netlink_sendmsg+0x10/0x10
[  789.128587][T11876]  ? __pfx_netlink_sendmsg+0x10/0x10
[  789.133886][T11876]  __sock_sendmsg+0x221/0x270
[  789.138587][T11876]  ____sys_sendmsg+0x52a/0x7e0
[  789.143368][T11876]  ? __pfx_____sys_sendmsg+0x10/0x10
[  789.148677][T11876]  __sys_sendmsg+0x2aa/0x390
[  789.153296][T11876]  ? __pfx___sys_sendmsg+0x10/0x10
[  789.158413][T11876]  ? vfs_write+0x7bf/0xc90
[  789.162880][T11876]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  789.169242][T11876]  ? do_syscall_64+0x100/0x230
[  789.174038][T11876]  ? do_syscall_64+0xb6/0x230
[  789.178838][T11876]  do_syscall_64+0xf3/0x230
[  789.183373][T11876]  ? clear_bhb_loop+0x35/0x90
[  789.188088][T11876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.194003][T11876] RIP: 0033:0x7f2f25b7def9
[  789.198429][T11876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  789.218135][T11876] RSP: 002b:00007f2f2690d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  789.226561][T11876] RAX: ffffffffffffffda RBX: 00007f2f25d35f80 RCX: 00007f2f25b7def9
[  789.234538][T11876] RDX: 0000000000000800 RSI: 0000000020002180 RDI: 0000000000000003
[  789.242531][T11876] RBP: 00007f2f2690d090 R08: 0000000000000000 R09: 0000000000000000
[  789.250520][T11876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  789.258502][T11876] R13: 0000000000000000 R14: 00007f2f25d35f80 R15: 00007ffdd4b826e8
[  789.266499][T11876]  </TASK>
[  789.854115][ T5277] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  790.734033][ T5277] usb 4-1: Using ep0 maxpacket: 8
[  790.762760][ T5277] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  790.794210][ T5277] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  790.830349][ T5277] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  790.872140][ T5277] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  790.891054][ T5277] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  790.902359][ T5277] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  791.107486][ T5327] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  791.196716][ T5277] usb 4-1: GET_CAPABILITIES returned 0
[  791.223042][ T5277] usbtmc 4-1:16.0: can't read capabilities
[  792.149160][ T5327] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  792.177832][ T5327] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  792.197411][ T5327] usb 3-1: config 0 descriptor??
[  793.325426][T11897] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1556'.
[  793.372365][ T5327] usb 3-1: Cannot set MAC address
[  793.399542][ T5327] MOSCHIP usb-ethernet driver 3-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  793.506362][ T5277] usb 4-1: USB disconnect, device number 43
[  793.582551][ T5327] usb 3-1: USB disconnect, device number 44
[  794.406915][ T5327] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  794.540892][T11925] 9pnet: Could not find request transport: fd0x0000000000000004
[  794.584841][ T5327] usb 1-1: Using ep0 maxpacket: 8
[  794.606620][ T5327] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[  794.652954][ T5327] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  794.701368][ T5327] usb 1-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  794.742044][ T5327] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  794.787790][ T5327] usb 1-1: Product: syz
[  794.816791][ T5327] usb 1-1: Manufacturer: syz
[  794.840454][ T5327] usb 1-1: SerialNumber: syz
[  794.874147][ T5327] usb 1-1: config 0 descriptor??
[  794.890206][ T5327] streamzap 1-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0204
[  795.057341][T11922] Buffer I/O error on dev loop7, logical block 4095, async page read
[  795.081211][T11922] Buffer I/O error on dev loop7, logical block 4095, async page read
[  795.187611][ T8766] Buffer I/O error on dev loop7, logical block 4095, async page read
[  795.354752][T11932] lo speed is unknown, defaulting to 1000
[  796.380226][T11948] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1563'.
[  796.785327][ T1166] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  796.828662][T11958] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1573'.
[  796.944110][ T1166] usb 3-1: Using ep0 maxpacket: 32
[  796.951234][ T1166] usb 3-1: config 0 has an invalid interface number: 35 but max is 0
[  796.962273][ T1166] usb 3-1: config 0 has no interface number 0
[  796.976646][ T1166] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  796.990190][ T1166] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.005174][ T1166] usb 3-1: Product: syz
[  797.015840][ T1166] usb 3-1: Manufacturer: syz
[  797.027014][ T1166] usb 3-1: SerialNumber: syz
[  797.049076][ T1166] usb 3-1: config 0 descriptor??
[  797.164693][   T29] kauditd_printk_skb: 18 callbacks suppressed
[  797.164712][   T29] audit: type=1326 audit(1726786722.416:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11961 comm="syz.3.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f25b7def9 code=0x7ffc0000
[  797.220102][   T29] audit: type=1326 audit(1726786722.446:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11961 comm="syz.3.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f25b7def9 code=0x7ffc0000
[  797.260125][   T29] audit: type=1326 audit(1726786722.456:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11961 comm="syz.3.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f2f25b7def9 code=0x7ffc0000
[  797.270839][ T1166] radio-si470x 3-1:0.35: this is not a si470x device.
[  797.330039][   T29] audit: type=1326 audit(1726786722.456:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11961 comm="syz.3.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f25b7def9 code=0x7ffc0000
[  797.400779][   T29] audit: type=1326 audit(1726786722.456:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11961 comm="syz.3.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f2f25b7def9 code=0x7ffc0000
[  797.427789][ T1166] radio-raremono 3-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  797.428053][   T29] audit: type=1326 audit(1726786722.456:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11961 comm="syz.3.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f25b7def9 code=0x7ffc0000
[  797.634695][ T1166] radio-raremono 3-1:0.35: V4L2 device registered as radio32
[  797.652849][   T29] audit: type=1326 audit(1726786722.456:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11961 comm="syz.3.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f25b7def9 code=0x7ffc0000
[  797.720472][T11972] 9pnet_fd: Insufficient options for proto=fd
[  798.497116][ T1166] usb 3-1: USB disconnect, device number 45
[  798.504877][ T1166] radio-raremono 3-1:0.35: Thanko's Raremono disconnected
[  798.697661][T11975] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  798.785001][T11981] FAULT_INJECTION: forcing a failure.
[  798.785001][T11981] name failslab, interval 1, probability 0, space 0, times 0
[  798.863218][T11981] CPU: 1 UID: 0 PID: 11981 Comm: syz.3.1580 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  798.874489][T11981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  798.884760][T11981] Call Trace:
[  798.888071][T11981]  <TASK>
[  798.891034][T11981]  dump_stack_lvl+0x241/0x360
[  798.895767][T11981]  ? __pfx_dump_stack_lvl+0x10/0x10
[  798.901016][T11981]  ? __pfx__printk+0x10/0x10
[  798.905656][T11981]  ? ref_tracker_alloc+0x332/0x490
[  798.910839][T11981]  should_fail_ex+0x3b0/0x4e0
[  798.915557][T11981]  ? skb_clone+0x20c/0x390
[  798.920010][T11981]  should_failslab+0xac/0x100
[  798.924726][T11981]  ? skb_clone+0x20c/0x390
[  798.929177][T11981]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  798.934603][T11981]  skb_clone+0x20c/0x390
[  798.938892][T11981]  __netlink_deliver_tap+0x3cc/0x7c0
[  798.944233][T11981]  ? netlink_deliver_tap+0x2e/0x1b0
[  798.949478][T11981]  netlink_deliver_tap+0x19d/0x1b0
[  798.954632][T11981]  netlink_unicast+0x7c4/0x990
[  798.959447][T11981]  ? __pfx_netlink_unicast+0x10/0x10
[  798.964778][T11981]  ? __virt_addr_valid+0x183/0x530
[  798.969929][T11981]  ? __check_object_size+0x49c/0x900
[  798.975253][T11981]  netlink_sendmsg+0x8e4/0xcb0
[  798.980086][T11981]  ? __pfx_netlink_sendmsg+0x10/0x10
[  798.985425][T11981]  ? __pfx_netlink_sendmsg+0x10/0x10
[  798.990753][T11981]  __sock_sendmsg+0x221/0x270
[  798.995474][T11981]  ____sys_sendmsg+0x52a/0x7e0
[  799.000280][T11981]  ? __pfx_____sys_sendmsg+0x10/0x10
[  799.005620][T11981]  __sys_sendmsg+0x2aa/0x390
[  799.010245][T11981]  ? __pfx___sys_sendmsg+0x10/0x10
[  799.015392][T11981]  ? vfs_write+0x7bf/0xc90
[  799.019893][T11981]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  799.026272][T11981]  ? do_syscall_64+0x100/0x230
[  799.031096][T11981]  ? do_syscall_64+0xb6/0x230
[  799.035826][T11981]  do_syscall_64+0xf3/0x230
[  799.040373][T11981]  ? clear_bhb_loop+0x35/0x90
[  799.045183][T11981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  799.051115][T11981] RIP: 0033:0x7f2f25b7def9
[  799.055562][T11981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  799.075305][T11981] RSP: 002b:00007f2f2690d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  799.083760][T11981] RAX: ffffffffffffffda RBX: 00007f2f25d35f80 RCX: 00007f2f25b7def9
[  799.091779][T11981] RDX: 0000000000000000 RSI: 0000000020001200 RDI: 0000000000000003
[  799.099792][T11981] RBP: 00007f2f2690d090 R08: 0000000000000000 R09: 0000000000000000
[  799.107798][T11981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  799.115816][T11981] R13: 0000000000000000 R14: 00007f2f25d35f80 R15: 00007ffdd4b826e8
[  799.123836][T11981]  </TASK>
[  799.185349][T11984] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16)
[  799.193487][T11984] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  799.210785][T11984] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1582'.
[  800.182128][ T5327] usb 1-1: USB disconnect, device number 52
[  800.567071][T11998] lo speed is unknown, defaulting to 1000
[  800.679735][ T8766] Buffer I/O error on dev loop7, logical block 4095, async page read
[  801.014231][ T5327] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  801.058967][T12012] 9pnet_fd: Insufficient options for proto=fd
[  802.104512][ T5327] usb 4-1: Using ep0 maxpacket: 8
[  802.115526][ T5327] usb 4-1: config index 0 descriptor too short (expected 6427, got 27)
[  802.123841][ T5327] usb 4-1: config 0 has an invalid interface number: 21 but max is 0
[  802.148139][ T5327] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  802.181913][ T5327] usb 4-1: config 0 has no interface number 0
[  802.190293][ T5327] usb 4-1: config 0 interface 21 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  802.234159][ T5327] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  802.254120][ T5327] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  802.285754][ T5327] usb 4-1: config 0 descriptor??
[  802.344087][ T5308] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  802.654077][ T5308] usb 5-1: Using ep0 maxpacket: 32
[  802.671578][ T5308] usb 5-1: config 0 has an invalid interface number: 35 but max is 0
[  803.431469][ T5308] usb 5-1: config 0 has no interface number 0
[  803.446489][ T5308] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  803.480884][ T5308] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  803.493807][ T5308] usb 5-1: Product: syz
[  803.513772][T12003] xt_connbytes: Forcing CT accounting to be enabled
[  803.514170][ T5308] usb 5-1: Manufacturer: syz
[  803.547689][ T5308] usb 5-1: SerialNumber: syz
[  803.563568][T12003] Cannot find add_set index 0 as target
[  803.571434][ T5308] usb 5-1: config 0 descriptor??
[  803.597420][ T5664] usb 4-1: USB disconnect, device number 44
[  803.803791][ T5308] radio-si470x 5-1:0.35: this is not a si470x device.
[  803.804022][ T5327] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  803.845089][ T5308] radio-raremono 5-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  804.014276][ T5327] usb 3-1: Using ep0 maxpacket: 8
[  804.023831][ T5327] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[  804.043447][ T5327] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  804.057714][ T5308] radio-raremono 5-1:0.35: V4L2 device registered as radio32
[  804.065182][ T5327] usb 3-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  804.065215][ T5327] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  804.065238][ T5327] usb 3-1: Product: syz
[  804.065256][ T5327] usb 3-1: Manufacturer: syz
[  804.065274][ T5327] usb 3-1: SerialNumber: syz
[  804.067728][ T5327] usb 3-1: config 0 descriptor??
[  804.151273][ T5327] streamzap 3-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0204
[  804.261023][ T5327] usb 5-1: USB disconnect, device number 54
[  804.275510][ T5327] radio-raremono 5-1:0.35: Thanko's Raremono disconnected
[  804.396405][T12050] lo speed is unknown, defaulting to 1000
[  804.473678][T12044] Buffer I/O error on dev loop7, logical block 4095, async page read
[  804.506428][T12044] Buffer I/O error on dev loop7, logical block 4095, async page read
[  804.601308][ T8766] Buffer I/O error on dev loop7, logical block 4095, async page read
[  805.368709][T12059] 9pnet_fd: Insufficient options for proto=fd
[  807.055546][ T5277] usb 3-1: USB disconnect, device number 46
[  807.664065][ T5307] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  807.767325][T12090] FAULT_INJECTION: forcing a failure.
[  807.767325][T12090] name failslab, interval 1, probability 0, space 0, times 0
[  807.775470][T12089] loop9: detected capacity change from 0 to 7
[  807.780837][T12090] CPU: 0 UID: 0 PID: 12090 Comm: syz.4.1616 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  807.796489][T12090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  807.806581][T12090] Call Trace:
[  807.809843][T12089]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  807.815155][T12090]  <TASK>
[  807.815170][T12090]  dump_stack_lvl+0x241/0x360
[  807.815213][T12090]  ? __pfx_dump_stack_lvl+0x10/0x10
[  807.815248][T12090]  ? __pfx__printk+0x10/0x10
[  807.815285][T12090]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  807.820562][T12089] loop9: partition table partially beyond EOD, 
[  807.823078][T12090]  ? __pfx___might_resched+0x10/0x10
[  807.831619][T12089] truncated
[  807.832844][T12090]  ? __up_read+0x2c2/0x6b0
[  807.840761][ T5307] usb 3-1: Using ep0 maxpacket: 8
[  807.844531][T12090]  should_fail_ex+0x3b0/0x4e0
[  807.844569][T12090]  should_failslab+0xac/0x100
[  807.844597][T12090]  ? crypto_alg_mod_lookup+0x1b3/0x760
[  807.844622][T12090]  __kmalloc_cache_noprof+0x6c/0x2c0
[  807.873212][ T5307] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  807.877435][T12090]  crypto_alg_mod_lookup+0x1b3/0x760
[  807.877473][T12090]  crypto_add_alg+0x1c0/0x310
[  807.877497][T12090]  ? __pfx_crypto_add_alg+0x10/0x10
[  807.877524][T12090]  crypto_user_rcv_msg+0x4f5/0x670
[  807.877552][T12090]  ? __pfx_crypto_user_rcv_msg+0x10/0x10
[  807.877604][T12090]  ? __mutex_trylock_common+0x183/0x2e0
[  807.889062][T12089] loop9: p1 size 1139518251 extends beyond EOD, 
[  807.892927][T12090]  ? __pfx___might_resched+0x10/0x10
[  807.900550][ T5307] usb 3-1: New USB device found, idVendor=0421, idProduct=798f, bcdDevice=86.54
[  807.902977][T12090]  netlink_rcv_skb+0x1e3/0x430
[  807.914053][ T5307] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  807.918929][T12090]  ? __pfx_crypto_user_rcv_msg+0x10/0x10
[  807.928551][ T1166] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  807.930788][T12090]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  807.943507][T12089] truncated
[  807.945093][T12090]  crypto_netlink_rcv+0x2a/0x40
[  807.945125][T12090]  netlink_unicast+0x7f6/0x990
[  807.945166][T12090]  ? __pfx_netlink_unicast+0x10/0x10
[  807.950782][ T5307] usb 3-1: Product: syz
[  807.957969][T12090]  ? __virt_addr_valid+0x183/0x530
[  807.958005][T12090]  ? __check_object_size+0x49c/0x900
[  807.958035][T12090]  netlink_sendmsg+0x8e4/0xcb0
[  807.958081][T12090]  ? __pfx_netlink_sendmsg+0x10/0x10
[  807.958126][T12090]  ? __pfx_netlink_sendmsg+0x10/0x10
[  807.958159][T12090]  __sock_sendmsg+0x221/0x270
[  807.958192][T12090]  ____sys_sendmsg+0x52a/0x7e0
[  807.958226][T12090]  ? __pfx_____sys_sendmsg+0x10/0x10
[  807.958265][T12090]  __sys_sendmsg+0x2aa/0x390
[  807.976662][ T5307] usb 3-1: Manufacturer: syz
[  807.976733][T12090]  ? __pfx___sys_sendmsg+0x10/0x10
[  807.979835][ T5307] usb 3-1: SerialNumber: syz
[  807.984764][T12090]  ? vfs_write+0x7bf/0xc90
[  807.984846][T12090]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  807.984882][T12090]  ? do_syscall_64+0x100/0x230
[  807.984918][T12090]  ? do_syscall_64+0xb6/0x230
[  807.984954][T12090]  do_syscall_64+0xf3/0x230
[  807.984987][T12090]  ? clear_bhb_loop+0x35/0x90
[  807.985021][T12090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  808.004474][T12093] capability: warning: `syz.0.1615' uses deprecated v2 capabilities in a way that may be insecure
[  808.009820][T12090] RIP: 0033:0x7fb2ec97def9
[  808.109550][T12090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  808.129174][T12090] RSP: 002b:00007fb2ed740038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  808.137617][T12090] RAX: ffffffffffffffda RBX: 00007fb2ecb35f80 RCX: 00007fb2ec97def9
[  808.145601][T12090] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000003
[  808.153668][T12090] RBP: 00007fb2ed740090 R08: 0000000000000000 R09: 0000000000000000
[  808.161649][T12090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  808.169722][T12090] R13: 0000000000000000 R14: 00007fb2ecb35f80 R15: 00007fffdaef05a8
[  808.177741][T12090]  </TASK>
[  808.196533][ T5307] usb 3-1: config 0 descriptor??
[  808.208422][ T5307] cdc_phonet 3-1:0.0: skipping garbage
[  808.221565][ T5307] cdc_phonet 3-1:0.0: probe with driver cdc_phonet failed with error -22
[  808.238857][ T8766] udevd[8766]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory
[  808.264213][ T1166] usb 4-1: Using ep0 maxpacket: 16
[  808.271876][ T1166] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  808.299629][ T1166] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  808.314123][ T5327] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  808.319246][ T1166] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  808.341605][ T1166] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  808.352126][ T5664] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  808.361853][ T1166] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  808.373715][ T1166] usb 4-1: config 0 descriptor??
[  808.444535][ T5327] usb 2-1: device descriptor read/64, error -71
[  808.692547][ T5327] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  808.694120][ T5664] usb 1-1: device descriptor read/64, error -71
[  808.774750][ T1166] usbhid 4-1:0.0: can't add hid device: -71
[  808.798234][ T5308] usb 3-1: USB disconnect, device number 47
[  808.808750][ T1166] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  808.825609][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[  808.839327][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[  808.843148][ T1166] usb 4-1: USB disconnect, device number 45
[  808.846094][ T5327] usb 2-1: device descriptor read/64, error -71
[  808.902099][T12095] Buffer I/O error on dev loop7, logical block 4095, async page read
[  808.912141][T12095] Buffer I/O error on dev loop7, logical block 4095, async page read
[  808.954130][ T5664] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  808.984522][ T5327] usb usb2-port1: attempt power cycle
[  809.114077][ T5664] usb 1-1: Using ep0 maxpacket: 8
[  809.120726][ T5664] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[  809.133066][ T5664] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  809.145846][ T5664] usb 1-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  809.164092][ T5664] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  809.172248][ T5664] usb 1-1: Product: syz
[  809.197241][ T8766] Buffer I/O error on dev loop7, logical block 4095, async page read
[  809.206083][ T5664] usb 1-1: Manufacturer: syz
[  809.210717][ T5664] usb 1-1: SerialNumber: syz
[  809.260774][ T5664] usb 1-1: config 0 descriptor??
[  809.290764][ T5664] streamzap 1-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0204
[  809.335979][ T5327] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[  809.384814][ T5327] usb 2-1: device descriptor read/8, error -71
[  809.624146][ T5327] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  809.694146][ T5327] usb 2-1: device descriptor read/8, error -71
[  809.724088][ T4866] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  809.732760][ T2946] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  809.770877][T12105] lo speed is unknown, defaulting to 1000
[  809.804342][ T5327] usb usb2-port1: unable to enumerate USB device
[  809.873112][ T2946] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  809.915957][ T4866] usb 3-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[  809.929416][ T4866] usb 3-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xE1, changing to 0x81
[  809.950057][ T4866] usb 3-1: config 4 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 116
[  809.966653][ T4866] usb 3-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[  809.980412][ T4866] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  809.996023][ T4866] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  810.010950][T12101] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  810.075460][ T2946] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  810.076931][T12110] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1618'.
[  810.230635][ T2946] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  810.261312][ T8555] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  810.322327][ T8555] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  810.334512][ T8555] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  810.344563][ T8555] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  810.353646][ T8555] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  810.361887][ T8555] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  810.443167][ T5230] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  810.482839][ T5230] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  810.500657][ T5230] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  810.511409][ T5230] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  810.520033][ T5230] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  810.530724][ T8555] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  811.447910][ T4866] ath6kl: Failed to submit usb control message: -110
[  811.455685][ T4866] ath6kl: unable to send the bmi data to the device: -110
[  811.462861][ T4866] ath6kl: Unable to send get target info: -110
[  811.470959][ T4866] ath6kl: Failed to init ath6kl core: -110
[  811.477882][ T4866] ath6kl_usb 3-1:4.0: probe with driver ath6kl_usb failed with error -110
[  811.643897][ T2946] bridge_slave_1: left allmulticast mode
[  811.654252][ T2946] bridge_slave_1: left promiscuous mode
[  811.660077][ T2946] bridge0: port 2(bridge_slave_1) entered disabled state
[  811.687856][ T2946] bridge_slave_0: left allmulticast mode
[  811.704951][ T2946] bridge_slave_0: left promiscuous mode
[  811.711354][ T2946] bridge0: port 1(bridge_slave_0) entered disabled state
[  812.424493][T10686] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  812.518946][ T5273] usb 3-1: USB disconnect, device number 48
[  812.609973][T10686] usb 5-1: config 16 has an invalid descriptor of length 115, skipping remainder of the config
[  812.644106][T10686] usb 5-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  812.689766][T10686] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  812.720056][T10686] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  812.798985][ T5327] usb 1-1: USB disconnect, device number 54
[  812.804197][ T5230] Bluetooth: hci2: command tx timeout
[  812.888765][ T2946] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  812.934963][ T2946] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  813.027163][ T2946] bond0 (unregistering): Released all slaves
[  813.074117][ T5273] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  813.092161][T12112] lo speed is unknown, defaulting to 1000
[  813.294315][ T5273] usb 3-1: config 16 has an invalid descriptor of length 115, skipping remainder of the config
[  814.049511][ T5273] usb 3-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  814.068565][ T5273] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  814.330100][ T5273] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  814.854188][T12117] coredump: 451(syz.4.1622): written to core: VMAs: 34, size 97419264; core: 60023750 bytes, pos 97427456
[  814.884291][ T5230] Bluetooth: hci2: command tx timeout
[  815.254405][T10686] usb 5-1: string descriptor 0 read error: -71
[  815.354283][T10686] usb 5-1: USB disconnect, device number 55
[  815.679473][ T8672] Buffer I/O error on dev loop7, logical block 4095, async page read
[  815.708076][ T2946] hsr_slave_0: left promiscuous mode
[  815.720137][ T2946] hsr_slave_1: left promiscuous mode
[  815.741340][T12154] FAULT_INJECTION: forcing a failure.
[  815.741340][T12154] name failslab, interval 1, probability 0, space 0, times 0
[  815.853826][T12154] CPU: 1 UID: 0 PID: 12154 Comm: syz.4.1633 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  815.864338][T12154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  815.874874][T12154] Call Trace:
[  815.878164][T12154]  <TASK>
[  815.881109][T12154]  dump_stack_lvl+0x241/0x360
[  815.885809][T12154]  ? __pfx_dump_stack_lvl+0x10/0x10
[  815.891024][T12154]  ? __pfx__printk+0x10/0x10
[  815.895651][T12154]  ? ref_tracker_alloc+0x332/0x490
[  815.900800][T12154]  should_fail_ex+0x3b0/0x4e0
[  815.905503][T12154]  ? skb_clone+0x20c/0x390
[  815.910024][T12154]  should_failslab+0xac/0x100
[  815.914720][T12154]  ? skb_clone+0x20c/0x390
[  815.919148][T12154]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  815.924556][T12154]  skb_clone+0x20c/0x390
[  815.928839][T12154]  __netlink_deliver_tap+0x3cc/0x7c0
[  815.934160][T12154]  ? netlink_deliver_tap+0x2e/0x1b0
[  815.939384][T12154]  netlink_deliver_tap+0x19d/0x1b0
[  815.944521][T12154]  netlink_unicast+0x7c4/0x990
[  815.949319][T12154]  ? __pfx_netlink_unicast+0x10/0x10
[  815.954631][T12154]  ? __virt_addr_valid+0x183/0x530
[  815.959758][T12154]  ? __check_object_size+0x49c/0x900
[  815.965061][T12154]  netlink_sendmsg+0x8e4/0xcb0
[  815.969855][T12154]  ? __pfx_netlink_sendmsg+0x10/0x10
[  815.975271][T12154]  ? __pfx_netlink_sendmsg+0x10/0x10
[  815.980593][T12154]  __sock_sendmsg+0x221/0x270
[  815.985392][T12154]  ____sys_sendmsg+0x52a/0x7e0
[  815.990192][T12154]  ? __pfx_____sys_sendmsg+0x10/0x10
[  815.995529][T12154]  __sys_sendmsg+0x2aa/0x390
[  816.000145][T12154]  ? __pfx___sys_sendmsg+0x10/0x10
[  816.005271][T12154]  ? vfs_write+0x7bf/0xc90
[  816.009915][T12154]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  816.016266][T12154]  ? do_syscall_64+0x100/0x230
[  816.021053][T12154]  ? do_syscall_64+0xb6/0x230
[  816.025764][T12154]  do_syscall_64+0xf3/0x230
[  816.030287][T12154]  ? clear_bhb_loop+0x35/0x90
[  816.034987][T12154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.040903][T12154] RIP: 0033:0x7fb2ec97def9
[  816.045336][T12154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  816.064959][T12154] RSP: 002b:00007fb2ed740038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  816.073391][T12154] RAX: ffffffffffffffda RBX: 00007fb2ecb35f80 RCX: 00007fb2ec97def9
[  816.081380][T12154] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  816.089369][T12154] RBP: 00007fb2ed740090 R08: 0000000000000000 R09: 0000000000000000
[  816.097384][T12154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  816.105381][T12154] R13: 0000000000000000 R14: 00007fb2ecb35f80 R15: 00007fffdaef05a8
[  816.113472][T12154]  </TASK>
[  816.402851][ T2946] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  816.434588][T12161] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1634'.
[  816.458677][ T2946] batman_adv: batadv0: Removing interface: batadv_slave_0
[  816.536204][ T2946] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  816.597595][ T2946] batman_adv: batadv0: Removing interface: batadv_slave_1
[  816.817588][ T2946] veth1_macvtap: left promiscuous mode
[  816.823509][ T2946] veth0_macvtap: left promiscuous mode
[  816.838501][ T2946] veth1_vlan: left promiscuous mode
[  816.849283][ T2946] veth0_vlan: left promiscuous mode
[  816.964160][ T5230] Bluetooth: hci2: command tx timeout
[  817.962458][ T5273] usb 3-1: string descriptor 0 read error: -71
[  817.976722][ T5273] usb 3-1: USB disconnect, device number 49
[  818.359056][ T2946] team0 (unregistering): Port device team_slave_1 removed
[  818.415979][ T2946] team0 (unregistering): Port device team_slave_0 removed
[  818.444145][ T5273] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  818.638013][ T5273] usb 1-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[  818.649324][ T5273] usb 1-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xE1, changing to 0x81
[  818.662653][ T5273] usb 1-1: config 4 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 116
[  818.673758][ T5273] usb 1-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[  818.686931][ T5273] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  818.696312][ T5273] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  818.718316][T12177] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  819.064208][ T5230] Bluetooth: hci2: command tx timeout
[  819.200717][T12112] chnl_net:caif_netlink_parms(): no params data found
[  819.766202][ T5273] ath6kl: Failed to submit usb control message: -110
[  819.935714][ T5273] ath6kl: unable to send the bmi data to the device: -110
[  820.003804][T12180] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  820.042967][ T5273] ath6kl: Unable to send get target info: -110
[  820.049382][T12180] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  820.071751][ T5273] ath6kl: Failed to init ath6kl core: -110
[  820.095120][ T5273] ath6kl_usb 1-1:4.0: probe with driver ath6kl_usb failed with error -110
[  820.114157][T10686] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  820.276054][T10686] usb 5-1: config 16 has an invalid descriptor of length 115, skipping remainder of the config
[  820.297037][T10686] usb 5-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  820.317027][T10686] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  820.327991][T12112] bridge0: port 1(bridge_slave_0) entered blocking state
[  820.334344][T10686] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  820.380647][T12112] bridge0: port 1(bridge_slave_0) entered disabled state
[  820.400686][T12112] bridge_slave_0: entered allmulticast mode
[  820.428062][T12112] bridge_slave_0: entered promiscuous mode
[  820.466063][T12112] bridge0: port 2(bridge_slave_1) entered blocking state
[  820.503182][T12112] bridge0: port 2(bridge_slave_1) entered disabled state
[  820.541680][T12112] bridge_slave_1: entered allmulticast mode
[  820.567053][T12112] bridge_slave_1: entered promiscuous mode
[  820.798369][T12112] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  820.898173][T10686] usb 5-1: string descriptor 0 read error: -71
[  820.912390][T10686] usb 5-1: USB disconnect, device number 56
[  820.913709][T12112] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  821.070135][T12112] team0: Port device team_slave_0 added
[  821.087189][T12112] team0: Port device team_slave_1 added
[  821.235013][ T5327] usb 1-1: USB disconnect, device number 55
[  821.881118][T12112] batman_adv: batadv0: Adding interface: batadv_slave_0
[  821.982074][T12112] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  822.385674][T12112] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  822.671042][T12112] batman_adv: batadv0: Adding interface: batadv_slave_1
[  822.729613][ T8766] Buffer I/O error on dev loop7, logical block 4095, async page read
[  822.802089][T12112] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  822.895043][T12112] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  824.446164][T12112] hsr_slave_0: entered promiscuous mode
[  824.475346][T12112] hsr_slave_1: entered promiscuous mode
[  824.524074][T12112] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  824.539546][T12112] Cannot create hsr debugfs directory
[  824.564434][ T5307] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  824.754124][ T5307] usb 5-1: Using ep0 maxpacket: 8
[  824.762888][ T5307] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  824.785678][ T5307] usb 5-1: config 0 has no interfaces?
[  824.809399][ T5307] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  824.829114][ T5307] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  824.861702][ T5307] usb 5-1: Product: syz
[  824.872896][ T5307] usb 5-1: Manufacturer: syz
[  824.897090][ T5307] usb 5-1: SerialNumber: syz
[  824.912419][ T5307] usb 5-1: config 0 descriptor??
[  825.009396][T12239] lo speed is unknown, defaulting to 1000
[  825.505817][ T5275] usb 5-1: USB disconnect, device number 57
[  825.688806][ T5327] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  825.831938][T12112] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  825.844846][T12112] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  825.860396][T12112] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  825.867055][ T1166] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  825.884341][ T5327] usb 1-1: Using ep0 maxpacket: 16
[  825.896313][ T5327] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  825.916252][T12112] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  825.934141][ T5327] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  825.946586][ T5327] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  826.003806][ T5327] usb 1-1: config 0 descriptor??
[  826.054184][ T1166] usb 2-1: Using ep0 maxpacket: 16
[  826.063406][ T1166] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  826.103500][ T1166] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  826.153998][ T1166] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  826.183874][ T1166] usb 2-1: Product: syz
[  826.188245][ T1166] usb 2-1: Manufacturer: syz
[  826.192885][ T1166] usb 2-1: SerialNumber: syz
[  826.272604][T12282] netlink: 'syz.4.1658': attribute type 13 has an invalid length.
[  826.299091][ T1166] usb 2-1: config 0 descriptor??
[  826.460246][T12112] 8021q: adding VLAN 0 to HW filter on device bond0
[  826.518078][ T1166] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  826.770061][T12262] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  826.809998][ T1166] em28xx 2-1:0.0: DVB interface 0 found: bulk
[  827.064469][T12262] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  827.090225][T12112] 8021q: adding VLAN 0 to HW filter on device team0
[  827.150993][ T5327] hid (null): nested delimiters
[  827.160153][ T2946] bridge0: port 1(bridge_slave_0) entered blocking state
[  827.164085][ T5327] hid (null): nested delimiters
[  827.167384][ T2946] bridge0: port 1(bridge_slave_0) entered forwarding state
[  827.172077][ T5327] hid (null): nested delimiters
[  827.172474][ T5327] hid (null): report_id 2838798905 is invalid
[  827.191432][ T5327] hid (null): unknown global tag 0xc
[  827.196881][ T5327] hid (null): unknown global tag 0xa5
[  827.202322][ T5327] hid (null): unknown global tag 0xd
[  827.218323][ T5327] hid (null): unknown global tag 0xc
[  827.236831][ T5327] hid-generic 0003:0158:0100.0007: unknown main item tag 0x1
[  827.244959][ T1166] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  827.265844][T12271] ==================================================================
[  827.273972][T12271] BUG: KASAN: slab-use-after-free in smk_access+0xae/0x4e0
[  827.276795][ T3057] bridge0: port 2(bridge_slave_1) entered blocking state
[  827.281215][T12271] Read of size 8 at addr ffff88804f806f60 by task syz.1.1657/12271
[  827.288469][ T3057] bridge0: port 2(bridge_slave_1) entered forwarding state
[  827.296237][T12271] 
[  827.296252][T12271] CPU: 0 UID: 0 PID: 12271 Comm: syz.1.1657 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  827.296293][T12271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  827.296310][T12271] Call Trace:
[  827.329746][T12271]  <TASK>
[  827.332691][T12271]  dump_stack_lvl+0x241/0x360
[  827.337396][T12271]  ? __pfx_dump_stack_lvl+0x10/0x10
[  827.342623][T12271]  ? __pfx__printk+0x10/0x10
[  827.347243][T12271]  ? _printk+0xd5/0x120
[  827.351418][T12271]  ? __virt_addr_valid+0x183/0x530
[  827.356544][T12271]  ? __virt_addr_valid+0x183/0x530
[  827.361753][T12271]  print_report+0x169/0x550
[  827.366275][T12271]  ? __virt_addr_valid+0x183/0x530
[  827.371401][T12271]  ? __virt_addr_valid+0x183/0x530
[  827.376522][T12271]  ? __virt_addr_valid+0x45f/0x530
[  827.381654][T12271]  ? __phys_addr+0xba/0x170
[  827.386169][T12271]  ? smk_access+0xae/0x4e0
[  827.390602][T12271]  kasan_report+0x143/0x180
[  827.395121][T12271]  ? smk_access+0xae/0x4e0
[  827.399554][T12271]  smk_access+0xae/0x4e0
[  827.403813][T12271]  smack_watch_key+0x2f4/0x3a0
[  827.408589][T12271]  ? __pfx_smack_watch_key+0x10/0x10
[  827.413983][T12271]  ? __kasan_kmalloc+0x98/0xb0
[  827.418756][T12271]  security_watch_key+0x86/0x250
[  827.423706][T12271]  keyctl_watch_key+0x2b7/0x480
[  827.428574][T12271]  __se_sys_keyctl+0x106/0xa50
[  827.433359][T12271]  ? do_futex+0x33b/0x560
[  827.437718][T12271]  ? __pfx___se_sys_keyctl+0x10/0x10
[  827.443014][T12271]  ? __pfx_do_futex+0x10/0x10
[  827.447708][T12271]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  827.453720][T12271]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  827.460065][T12271]  ? do_syscall_64+0x100/0x230
[  827.464853][T12271]  ? __x64_sys_keyctl+0x20/0xc0
[  827.469762][T12271]  do_syscall_64+0xf3/0x230
[  827.474297][T12271]  ? clear_bhb_loop+0x35/0x90
[  827.478994][T12271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.484906][T12271] RIP: 0033:0x7f394197def9
[  827.489331][T12271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  827.508962][T12271] RSP: 002b:00007f3942818038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  827.517393][T12271] RAX: ffffffffffffffda RBX: 00007f3941b35f80 RCX: 00007f394197def9
[  827.525550][T12271] RDX: 0000000000000009 RSI: 000000002995cac5 RDI: 0000000000000020
[  827.533542][T12271] RBP: 00007f39419f0b76 R08: 0000000000000000 R09: 0000000000000000
[  827.541610][T12271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  827.549592][T12271] R13: 0000000000000000 R14: 00007f3941b35f80 R15: 00007ffd6c9958d8
[  827.557588][T12271]  </TASK>
[  827.560613][T12271] 
[  827.562943][T12271] Allocated by task 12239:
[  827.567362][T12271]  kasan_save_track+0x3f/0x80
[  827.572054][T12271]  __kasan_kmalloc+0x98/0xb0
[  827.576656][T12271]  __kmalloc_node_track_caller_noprof+0x225/0x440
[  827.583083][T12271]  kstrdup+0x3a/0x80
[  827.586997][T12271]  __kernfs_new_node+0x9d/0x870
[  827.591866][T12271]  kernfs_new_node+0x137/0x240
[  827.596937][T12271]  __kernfs_create_file+0x49/0x2e0
[  827.602086][T12271]  sysfs_add_file_mode_ns+0x24a/0x310
[  827.607473][T12271]  internal_create_group+0x7a7/0x11d0
[  827.612862][T12271]  sysfs_create_groups+0x56/0x120
[  827.617901][T12271]  ib_setup_port_attrs+0x16a4/0x2440
[  827.623207][T12271]  add_one_compat_dev+0x51a/0x710
[  827.628249][T12271]  rdma_dev_init_net+0x1f1/0x280
[  827.633195][T12271]  ops_init+0x31e/0x590
[  827.637369][T12271]  setup_net+0x287/0x9e0
[  827.641622][T12271]  copy_net_ns+0x33f/0x570
[  827.646052][T12271]  create_new_namespaces+0x425/0x7b0
[  827.651355][T12271]  copy_namespaces+0x41a/0x490
[  827.656132][T12271]  copy_process+0x1938/0x3d80
[  827.660826][T12271]  kernel_clone+0x223/0x880
[  827.665345][T12271]  __x64_sys_clone+0x258/0x2a0
[  827.670123][T12271]  do_syscall_64+0xf3/0x230
[  827.674648][T12271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.680557][T12271] 
[  827.682881][T12271] Freed by task 24:
[  827.686686][T12271]  kasan_save_track+0x3f/0x80
[  827.691370][T12271]  kasan_save_free_info+0x40/0x50
[  827.696501][T12271]  __kasan_slab_free+0x59/0x70
[  827.701276][T12271]  kfree+0x1a1/0x440
[  827.705196][T12271]  kernfs_free_rcu+0x3f/0x100
[  827.709890][T12271]  rcu_core+0xaaa/0x17a0
[  827.714143][T12271]  handle_softirqs+0x2c5/0x980
[  827.718922][T12271]  run_ksoftirqd+0xca/0x130
[  827.723449][T12271]  smpboot_thread_fn+0x544/0xa30
[  827.728399][T12271]  kthread+0x2f0/0x390
[  827.732474][T12271]  ret_from_fork+0x4b/0x80
[  827.736928][T12271]  ret_from_fork_asm+0x1a/0x30
[  827.741711][T12271] 
[  827.744038][T12271] The buggy address belongs to the object at ffff88804f806f60
[  827.744038][T12271]  which belongs to the cache kmalloc-8 of size 8
[  827.757754][T12271] The buggy address is located 0 bytes inside of
[  827.757754][T12271]  freed 8-byte region [ffff88804f806f60, ffff88804f806f68)
[  827.771214][T12271] 
[  827.773550][T12271] The buggy address belongs to the physical page:
[  827.779973][T12271] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4f806
[  827.788746][T12271] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  827.796300][T12271] page_type: 0xfdffffff(slab)
[  827.800985][T12271] raw: 00fff00000000000 ffff88801ac41500 0000000000000000 dead000000000001
[  827.809620][T12271] raw: 0000000000000000 0000000080800080 00000001fdffffff 0000000000000000
[  827.818203][T12271] page dumped because: kasan: bad access detected
[  827.824634][T12271] page_owner tracks the page as allocated
[  827.830438][T12271] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 8351, tgid 8345 (syz.0.675), ts 402287381338, free_ts 396618283394
[  827.849645][T12271]  post_alloc_hook+0x1f3/0x230
[  827.854431][T12271]  get_page_from_freelist+0x2e4c/0x2f10
[  827.859988][T12271]  __alloc_pages_noprof+0x256/0x6c0
[  827.865205][T12271]  alloc_pages_mpol_noprof+0x3e8/0x680
[  827.870680][T12271]  alloc_slab_page+0x6a/0x130
[  827.875366][T12271]  allocate_slab+0x5a/0x2f0
[  827.879876][T12271]  ___slab_alloc+0xcd1/0x14b0
[  827.884572][T12271]  __slab_alloc+0x58/0xa0
[  827.889270][T12271]  __kmalloc_node_track_caller_noprof+0x281/0x440
[  827.895704][T12271]  kstrdup+0x3a/0x80
[  827.899609][T12271]  __kernfs_new_node+0x9d/0x870
[  827.904477][T12271]  kernfs_new_node+0x137/0x240
[  827.909255][T12271]  __kernfs_create_file+0x49/0x2e0
[  827.914379][T12271]  sysfs_add_file_mode_ns+0x24a/0x310
[  827.919762][T12271]  internal_create_group+0x7a7/0x11d0
[  827.925149][T12271]  sysfs_create_groups+0x56/0x120
[  827.930185][T12271] page last free pid 141 tgid 141 stack trace:
[  827.936343][T12271]  free_unref_page+0xd19/0xea0
[  827.941134][T12271]  __slab_free+0x31b/0x3d0
[  827.945556][T12271]  qlist_free_all+0x9e/0x140
[  827.950172][T12271]  kasan_quarantine_reduce+0x14f/0x170
[  827.955667][T12271]  __kasan_slab_alloc+0x23/0x80
[  827.960540][T12271]  __kmalloc_cache_noprof+0x132/0x2c0
[  827.965927][T12271]  ref_tracker_alloc+0x14b/0x490
[  827.970884][T12271]  netlink_release+0x1614/0x1b10
[  827.975840][T12271]  sock_release+0x82/0x150
[  827.980276][T12271]  uevent_net_exit+0xc4/0x1e0
[  827.984993][T12271]  cleanup_net+0x802/0xcc0
[  827.989432][T12271]  process_scheduled_works+0xa63/0x1850
[  827.994993][T12271]  worker_thread+0x870/0xd30
[  827.999600][T12271]  kthread+0x2f0/0x390
[  828.003676][T12271]  ret_from_fork+0x4b/0x80
[  828.008111][T12271]  ret_from_fork_asm+0x1a/0x30
[  828.012917][T12271] 
[  828.015281][T12271] Memory state around the buggy address:
[  828.020926][T12271]  ffff88804f806e00: fa fc fc fc fa fc fc fc 05 fc fc fc 05 fc fc fc
[  828.029009][T12271]  ffff88804f806e80: fa fc fc fc 05 fc fc fc fa fc fc fc fa fc fc fc
[  828.037085][T12271] >ffff88804f806f00: fa fc fc fc fa fc fc fc 00 fc fc fc fa fc fc fc
[  828.045150][T12271]                                                        ^
[  828.052349][T12271]  ffff88804f806f80: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc
[  828.060419][T12271]  ffff88804f807000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  828.068606][T12271] ==================================================================
[  828.090923][ T5327] hid-generic 0003:0158:0100.0007: unknown main item tag 0x0
[  828.118175][ T5327] hid-generic 0003:0158:0100.0007: unknown main item tag 0x0
[  828.125816][ T5327] hid-generic 0003:0158:0100.0007: unknown main item tag 0x0
[  828.133417][ T5327] hid-generic 0003:0158:0100.0007: unknown main item tag 0x0
[  828.139760][T12271] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  828.139785][T12271] CPU: 1 UID: 0 PID: 12271 Comm: syz.1.1657 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0
[  828.139820][T12271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  828.139837][T12271] Call Trace:
[  828.139847][T12271]  <TASK>
[  828.139858][T12271]  dump_stack_lvl+0x241/0x360
[  828.139904][T12271]  ? __pfx_dump_stack_lvl+0x10/0x10
[  828.139940][T12271]  ? __pfx__printk+0x10/0x10
[  828.139971][T12271]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  828.140012][T12271]  ? vscnprintf+0x5d/0x90
[  828.140040][T12271]  panic+0x349/0x880
[  828.140075][T12271]  ? check_panic_on_warn+0x21/0xb0
[  828.140101][T12271]  ? __pfx_panic+0x10/0x10
[  828.140139][T12271]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  828.140173][T12271]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  828.140209][T12271]  check_panic_on_warn+0x86/0xb0
[  828.140234][T12271]  ? smk_access+0xae/0x4e0
[  828.140264][T12271]  end_report+0x77/0x160
[  828.140291][T12271]  kasan_report+0x154/0x180
[  828.140319][T12271]  ? smk_access+0xae/0x4e0
[  828.140352][T12271]  smk_access+0xae/0x4e0
[  828.140384][T12271]  smack_watch_key+0x2f4/0x3a0
[  828.140411][T12271]  ? __pfx_smack_watch_key+0x10/0x10
[  828.140443][T12271]  ? __kasan_kmalloc+0x98/0xb0
[  828.140534][T12271]  security_watch_key+0x86/0x250
[  828.140568][T12271]  keyctl_watch_key+0x2b7/0x480
[  828.140598][T12271]  __se_sys_keyctl+0x106/0xa50
[  828.140623][T12271]  ? do_futex+0x33b/0x560
[  828.140650][T12271]  ? __pfx___se_sys_keyctl+0x10/0x10
[  828.140678][T12271]  ? __pfx_do_futex+0x10/0x10
[  828.140712][T12271]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  828.140748][T12271]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  828.140785][T12271]  ? do_syscall_64+0x100/0x230
[  828.140819][T12271]  ? __x64_sys_keyctl+0x20/0xc0
[  828.140842][T12271]  do_syscall_64+0xf3/0x230
[  828.140875][T12271]  ? clear_bhb_loop+0x35/0x90
[  828.140909][T12271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  828.140938][T12271] RIP: 0033:0x7f394197def9
[  828.140957][T12271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  828.140977][T12271] RSP: 002b:00007f3942818038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  828.141003][T12271] RAX: ffffffffffffffda RBX: 00007f3941b35f80 RCX: 00007f394197def9
[  828.141021][T12271] RDX: 0000000000000009 RSI: 000000002995cac5 RDI: 0000000000000020
[  828.141037][T12271] RBP: 00007f39419f0b76 R08: 0000000000000000 R09: 0000000000000000
[  828.141054][T12271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  828.141070][T12271] R13: 0000000000000000 R14: 00007f3941b35f80 R15: 00007ffd6c9958d8
[  828.141095][T12271]  </TASK>
[  828.141324][T12271] Kernel Offset: disabled