last executing test programs:

19.476335858s ago: executing program 0 (id=2240):
io_setup(0x2, &(0x7f0000000180)=<r0=>0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00')
socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
unshare(0x20000400)
r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x42, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r4, 0x0, 0x0}, 0x20)
sendmmsg$unix(r3, &(0x7f0000004080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r2], 0x18}}], 0x1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = dup3(r3, r2, 0x0)
connect$unix(r6, &(0x7f0000000100)=@abs={0x1}, 0x6e)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000018010000756c6c250000000000202020661af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000075fe6e509500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000e00)='percpu_alloc_percpu\x00', r7}, 0x10)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='percpu_alloc_percpu\x00', r9}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x8, 0x8, 0x8}, 0x48)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x40305829, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='inet_sock_set_state\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x8, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x27}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r11}, 0x10)
r12 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r12, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
io_submit(r0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

18.289620321s ago: executing program 0 (id=2244):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000200)={0x18, r1, 0x301, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x4}]}, 0x18}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = syz_open_dev$ndb(&(0x7f0000000180), 0x0, 0x200000)
ioctl$BLKGETSIZE64(r4, 0x80081272, &(0x7f0000001940))
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r5, &(0x7f0000005240), 0x264e33, 0x0)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, &(0x7f0000000080)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x1c, 0x0, @in6={0xa, 0x0, 0x0, @loopback}}}, 0x90)
writev(r6, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)
newfstatat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r7=>0x0}, 0x0)
setresuid(0x0, r7, 0x0)
r8 = io_uring_setup(0x30d5, &(0x7f00000000c0))
r9 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r9, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r10=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r9, 0x3ba0, &(0x7f00000003c0)={0x48, 0xc, r10})
ioctl$IOMMU_IOAS_MAP$PAGES(r9, 0x3b85, &(0x7f0000000000)={0x28, 0x0, r10, 0x0, &(0x7f0000ff7000/0x1000)=nil, 0x1000})
close_range(r8, 0xffffffffffffffff, 0x0)

18.26586155s ago: executing program 4 (id=2245):
epoll_create1(0x0)
socket$xdp(0x2c, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x7, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x1, 0xc3, &(0x7f0000000300)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x8b, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x90)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84}, 0x48)
bpf$MAP_UPDATE_BATCH(0x19, &(0x7f0000000300)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800, r2}, 0x38)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f00000002c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x5000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x48080}, 0x800)
close(r0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffe}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4000000}, 0x90)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x8800, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, &(0x7f00000004c0)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="20015d000000fac5f047651415c5ef08fa5b894dbb1c7a54a1450fd27547215c78242dbe60834a2536e8ed89fe7b62091c80de4e4fb7f9d119e8abb87805e3e75a1aed345820ff1c73fab339241cbd1f612727851c1788b6fb8ef05e401b14c671f6b6"], 0x0})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

16.832564327s ago: executing program 0 (id=2246):
io_submit(0x0, 0x1, &(0x7f0000000600)=[0x0])
close(0xffffffffffffffff)
prlimit64(0x0, 0x1515d9b6d056ea11, &(0x7f00000001c0)={0x6, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f00000003c0)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb, 0x9, 0x0, 0x1, 0xa00}, {0x65, 0x0, 0x5}}, [@printk={@llx, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0xc, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x4, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x3e, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0x30}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000001e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r5, &(0x7f000000e0c0)="f1187c2666e938b0d719606210914a175384a7d8bfa08a4ce1a6704c4c59dca5bd31c2e0daaec1bf1788b64cc764755c8227d255c9fcb56cddc8d23a8719578a528df745f0862275073dd2c88521736ffbb58e980e9803aa1406002487d226afb38483a478d98869748c28d604cd82f416f3c4f2071aac0274092945c94a4911345f1fb12c47fd864cef4bc44ad5fb5348fea8246b3604a4c9c9a827e4aae4f7677d023169ef281c43f5341372d459170f25365fa911efb58b1a0c883d98677cce26aed7f8410a54aee36c963dd8f82fe532fd73594ee6f83265b5fbf2507319d73f87cb6d2050a7b1e001ec563d4170d9ca49e019c1f34a3f6a29e4adc72fcc343bb15caaa44814a11a621d682070b253354508d7b97b1439ad827954b305797e4de400c046ff93c99fa15125daa8b53581ae5392373621d5beffde817abdd5f4feb80aef8cbec83ad2a830c773ae907c19f5385e77e3adc425fc5d8dfd53312af6cb6556f8e3d871add2dc48a37fc05c65f32149a0ac179386d1016590ed19baede89d890902306e3ca40ddf9ea5f54b51cab0b6bc1bdddea7e6a64746cef6ecebedc1c51c670b0af450099c4052caf1eb0d4137a74f41f101a604fe08ef524e12f8f831c30e15da0947f6f584ae2ad96de45e3143f5a9dbce67edbdf5904a0ca1db282fb70dbec4870f6aeba8a74b24900d7c5a0758afadc26ac6f93695eeec1611d7a1123098420302ac2ecfb31bd545695b61c9f36663cf7ce86cd7ac350670893acf0d065fab2dc2ea43505b261393d285fbceaebe30e0d1fbf8baacb9eaf9f6ca84c598c5604fd4b11412a027760671956d312a4cd2e2dd54100519a0a8f93f5b229728bac624870cefd815a6b6d1ce8b06e045c47ee2f91e3524493df21f46cdd00a60c39f49d29965dbed6f408c42b29a3f76e0f840762b273628f7834397bb37d931231ab16f6cc7bbb5caac7a83fc5ac8c67b120b19d8dbc3ef054e7490851bbf11c4cd19d8aad281fc054613050013dec6821e034f10413f96e289f81f10a52fc941992692b2c3b849d949b5c6465f335cd7876caff414d0a00ec927c2766c83249ca5e2d5dc9a524ea5142375bae891c8bcb34e8b4044964b8141841c619c6b1da249cf65b9c16506926804e4e388b60638c46128b43ab76a32659a5e3fa64c75609e31cc2738392a868434d9108c7710d72f8a34827943ded46328621b39b646cb663500467580b76cd6ee0217149dac6168499edcbff45193f49bd28fd105740f641f341ff8ded97ebea072d805062b35819f28541423b0e16ef996323f5907b0b2a0703e9fd5c6a511787cf6321a87f648170efd691aede0c178e0daf53da03829e4e7617b5b834c6b4196d926c7d7a54b9f1b3d3bc09bb7f22fb18f09150e34bec2102eafe634e13454a9d5cdc10da8e880cddaf892af35c437768b62c73f67ccd8764c34669a91f9d669fa1ebcc4159e4be7d4e589a59cb70c1ba77ef7a6a2c6fa4481c5f2c025ee26e24ea59215f971b1bd22af51af1334432d149a9574cac0d4cb145de1038fc37317b947fffb232209f8c65dce28179c950c7b23bd1052db323662512c5fb41acc84c4e42d1daa9be21e6c1d22b6bedd5f28d2241afc578e2a33e12d1b1b6427c620ce5d80c4a5ef351b2cdaa598c478b56bf79d9dcb8b8556503c66b44b27e8df8e046469a5da9390f58144b8766f9f51d39e8d5bd44e1ad024fed57ec1a3b18f04e6bb3b011f1b23031d85c498766cb10f66e3868a76ef1e388018292fdc4435e14bcf7ff6067535ee3764d8deb725cc0fe0afffe4285958ec9595ae5c5cb04834d15429435272e5b0510f246ce806895b85ba2f81912f76f6b955e28febafbd0c2e854479c4a6150b85c05bd54a1d0d37877e6fd3ae20046380dbf82bf9c8fa8a8d48f76cfc376fc9e0e4fdf0ccb785e9833c6c9ba006f7e59318ac733c3a1250f40ceb7ac3a167727bf89daea038372e212f02cf677a009cdfd224b41fc3c142b0882a53c1b9b7de6e99974d80ff8506c71ad3e063d7bc5c5366042b1cf952c6f76fad74fb16b9d9c9804589ae4f4afbc7bbaa340c1093d76a01fb254c5ea168e83b39bd3c97b8ace4f32612b63e841fd6eb304a663e4f43fcfb5f435716df89146d0ebc0c1517734ca4c90b9dd5db6820a4d730a9a7e6748d0d2b7def30a1c242fa36f52c3f685555b0828e1dd59023290ef4626d3759462cad9371d72a9c63824c91d5cc304ab43279f199811a604c164493793886b643ba6bf53d0a9ec7e304488b18bb2eedde5c128b2ef0303f85ed54875e38d4adbbfd477e8fe9a2217f084000813aecedcccb1dbe482b4856b9ceecb28d40bde5e8376eb8c29dc71b85d4b345fc411937234b318238e962f0d5dd46fdf5149685cb3c4f9c2710f4173f4ec616f7036ccf83ba228e1cc7b205cde9b57f00502d4d1c2af6dffaa37ad30fe0f5d955cfee2e00f48cb7ba02ab86748d0238914c66ca9ad9ff0e8b397c5e527c56b0d63a9b5a7b1da19424bc0c81d627b1389a42626654d901eff0f37d64e0cc894ab2c4399c67b846839a1c40033f4f9ecf8410fc63672ad471253fadd976df6510137d903a76ccf14509dd8839024608d707c4eb69cbcd5ba9cdddb7fbac1c963a99ef6e75eea8924aad62d6aea792042cb372131a83730a6ee7de386410d91697dad01d85ffcb22b3679573fea63a38c192b1b1e3a722adacaaf8e855843e1366763456c86ba9934302e0abfea2044386f31c457cb7ff445d7b00e3ed7d1dd4b2f92c845f65af3a3f68de96dd9b7bba62b7fefb52639b6796ca56d902f9dad52f42a1b79fc814c8a58033daa9f43ee3c540cfd08b0ed21941d67dc3ee37fcb855fa4a03453833714d8f8abf83256c503713adf7f8aee122cdb01d0ed27945d42633b0fc3b2fd51f8a9d403e792c9b77be56c257110669b46bd0f8bea9ec7b895b0b1bc9a9485a51e72763c3ccaf6210af7652ccd437722b359d20bc124e7055c5e41ddc5eb66f966647a3b91f1c51f3c6e340d6e203fcd30f39dd0398f0a1c9fa58f2da697033f5988cbc6e5c8e1fce7904112964b2ac5f938b9132d680f3cb0d8ec2fb65162113462ec459356bc9d28d9efdeb9983d79ed04da1a78f02ea8f5b42210a23d9c98a734dab4069dad2a532ebced93f5dad2ec9290b0016e6db7c3c9ca3ebc71d805aafc113ac93d1e68c637000879fd736cd8a42474e607da884df065a06f4d64054512a396d99cb7dfaad6a91cfce8288cf995e83a1ffd2ec83483a807c7ab3d0703e956222dbbc2fc5d57661fd186626b41a2e18144d592174cc8e45f1580593206e6d7c7f3236eeb41aa772e663834768dc21a4c216490612e6e912ad48f1d90650f1a9a29239ffa8f00747833038b75e8759c50799eba59ba58a1ddd3d9b49806e2c7ae143e88f704d0a5556429445a41ad83a95e43bf32fe2f6954ca030a3f2697014cb351c89cbd3d2792cc73371cae124e5c0055201036c7c0c73d94215214b33234f4e21071743cd553b8d96e3387151860f5143f16980020954d80b7f60955f9c09a6501e9d0eee4d8793e9ca2d04a8aa6831d2e54c0397c6c9f2486b79d06aee46f064c02e77fc4bd7bdf31b9dcf520e26ebb7a02ff3d9eef1357dbcc83877f5613c7a8c4e3a4636d2e0161a663a946f651cb5915f07762d00c62d2ecb354d09c2088c3de6b59b5ed0002a1fd5f7eb316ab62fef44af65abb81f96f495f867e128e8829a3d2693e00a5b2a14a6b76dff7c1cd80e26dca00482b3055741fcc7973e33346264f268e22ee4a74fb45066eb24cdbf71ea7c69d3fe9e9ce52dcc7e9b0645474ba2a635c36a83135cd98f892c2619a5724faff0aed7e236cad81184dd05dc5645c7e7ad52ef76d615255b2936bc40f0ea017035a8bfacc18c7bc52ec0e29d70126a6e912c6d06856a12ec2792738a9a1c2b2bd1e9b39db4fd115bc901e0d3fba472ea0182604cc9e73cc772117d49dbf41c7098076eb0867d8eeb7b927701bd5cd21bc2b32e4ee2ab86f143770b4718f7c9ebdd32fdef6170ca284d4102360242f4d007fdcdd8fcfbb90e7d9b693fb1101dec0fa152a7417f70003159ca3633299cae4035793aa7668df47b09e0fad406e278a6105bbd2b9a523c1a8fdb394b9de39d3d9e1ce9d9ba717014dbe59855a92ff2375a3a3477c8bd22cde51e5bbb738b92ef4f3781e605c24e7140b2504b59328cb8e20c5c5d19acca392bbf60194e6257f674df0f99945132d78c76f182f2eb52058a908abf568352d50a7aa4d061380cc58cea53f166a753ffc4a51e90a0f46104decd9eaa77d48300f2c7901465effda4fdb0e70f7ede3541890732d4ff10eef7745ca362eb336febc2609f50f237eac6d4950593bfefe0718ae3bbf227ddd524178b39ce4341e68e4c1e5c65b506b73965c5e6ba8e7472d3b573d41b4e458c97d1f0164376cb24fdc38bce00df871938e65f46c3df4fc20e574581d6631d759c316af7f7709e05e9dc465b87234029ae78f071d892d5e7ab7fab90cbaba55acb3e654a18a5f0bf79d6e471d53b5fca51085a65534dbfa953379c4d4a0022f03da76fce767cfe2930992935ea897fc56dc23d377004d119c9b648986e402b035b7927e567db9019c915c0ab54e6e45435336e37d974a7ea3dfad73915badda2e0c32b87391e3226ef0509ec6a33462a246e62e0fb83065db0270c6c026415dfac7be0e7b1e790631347665e789ce6be41e7ea32b987465ca6a803508a52626d92858156920f841da0532854cd5c966f02911d10a4e12f687801d7b87891e0d7a1ed0279e3cbea3d73b3886e798d39460ef71ebafd803e3d367a0c67c31d502021a796e6c351caca55865902dea97edf28ca7f4da37d62e17df5245e52510e1d5bac6851e1a2bb2228aeb6add3c07bad5798176145d1b46d5ae3169581f2286f6ca3b09ce4c44df0031d6ed077e6af6226b6e21634037079331094fd3bcd0126d5c88069d1c240eba9a4ef943552dd69a2786301a0d94ba5f4afad155583d81cae6f68e600979674d05c5593ada14dccf11745118dfb6da366a15655469cc0fe0d31cabff9a84e40896f8726bb64bb0c548b8b7a7c031967ef8a38e85063eeeb48d271aa893cda1c66204cd3b2c35e27fa7dd972bc396283e24671b9f4c1bd9a4dcf30c8887864305b3f92ec1e678f85d552d411f8c2012bc77ae55d6d8a7c31bb6a9b80a530ef2900961a5c59fa0716f5b6ac2aa5b2313b5539414b2abb7ea3f7b4044e91e463f02e9c51891458084782209323df56148ed89c83d2fc194c127e47ae5bd711f5b130e6b21775090c6156cbe9737b33865b48489f4533945c4b9491add986d3095956796c1b217bf6b09ec63958fca7a9ec6b5435bb3fdbaca8a707c37ba79098c47cd9208351b54e292509d4bc33bf40eaac6caa9f94d0918a7461e6bb8e8b259d3d90d641dec6612dc14b683ac4cbc217f6d108f666e66817867c70f3550d1ce37daf358cce35b8231fb70a4b1e302718163e5a628e8f653eeb25041290ef5f5289ec33dcec3bece209afaf2c4c8ed6145768ac945034473b01b63986f9882514722dd85df95448be18a59c5408ec8c95d203e7a4aebc68999c760d3f3929d0d28f7d8d0ea7c02a813515c5a82fc04cdcf20654c91af430aa34859a77eeca938842600afc6035605a0a9c01acdb164f2b2c3d4d7534c5292d08edb1adc446fedce1a14b7defb274851614de5157e8b5864f7ad8bf6d2f98515c07171afbb8c9d29a2202087bba880441bf68084d5bfdf3a7926ea2767a24bacdd5a6b98080b044071b3c21854333b84156771bbffe0458aed18e110ee0ec37f542b53afd04b76bbce6653d49434f0a8fe97d11cca1b211922bc48b0fa7526693889d0ae2b5a5f7746bd20803db5c57563137910efe92c6f4e0417978ac3af913d46fa9d49acf5f84de8e67f90b409bc78c30b58913f0149eab1629c1e8409190894f2591e208f3b61ed699670de4621675e9ca789cadb219013682d0655b785065dd4d2193f0a81b84f27330aa7a06fc09979239eff65b0327bd7887dd671bc4a51ca7dcca404fc24699a7703bdb1fe4b5175760f682531523ed75396e556b391b627035bbd9e323a004ec1875771b72f02af7711046a16e1df4fe22c8cc064bef1a401a430d2ed959aae3ab82db7a86b74821ed07dcf98ca76070b6e18fc749ef2ffeeec9585bd21aedaf8c05918bfd2f9ab1e1a6f023c0f2a2a418f5ecf711526525a165652eeab3ae16405ed177706844d1ca239f52641e0a66d89565d0b83cedc51d339bcf56ca21203fdadafb447c0e337496b2c5318cd5f44e6122c617387f85c3a6f76dc4d437e45f790c5f489bd56e56b8fa1e3111806429cd4ccf871b887ab9d8ee379f4cdd23bdbc476428ff912adcf7a84810c81943a778e57bbc3690911b5e046988dc85b7ccd09b7fc061f9259369601252aaeb4863d8d57796f1f4518130c911d1a331953663ef8a80fec491308297ccea77691fe14820aca10c6719c205988802791a54348222d6a34d9bf656696f396b27cfdea9d5b0e36838640d68ebe3be9ad72450232b66a5db274087e7a350a7d6abd95adf2557ee93154a966aab798b45c2fb1d5fa1f92db67a5bb2819e580dc15955249065189e4d1621c4517a67a76da14090a90b4da7272f57acc4228b49a1e5dc30002c11d03df9b60c382c026fac97ca1e389d6bb2af95494c2775b789988860478cb1e0a0e8e6a5b823fcaf6f8a031983408624a301bfad96784c9fe217e0c656cff8b65b3897a966c5ab572d269e30124ee813ac08ecec1aa40b73a3149e0647a00c612c0910878a079b5c163029435356473beced7fbc6ded2ee3e313082501fa91dc3ff05e4be525212ab350dceb9ac95c4f1db5399ea008b8609cb0c0f1a1319b9de77bbff478c197b9318005cf401a84f49499808fc403ea3ff9e1874d5ebe7997a0c03d977542c1877348da98f1d05641c9debd0dbba6b14ce8a83ac11de52ba7451cd1bb75f58ecc32676b3d00a76ce09e5695380ecc2e73f44ece11f77238d39696572e46761c7d5e638e94693591b70fffd8ab98b3294fc2614e3ce31424947d0515baeab18ca4a23d479fa0a55d2950082cb770dbc34e138e9469f218a657dcdfee84cac9131cf6ad38000630aaf3fad747cb1dfc777188bafc927e7371ae2be48772afc09b7937784c8365c0ac6caac7de7ede4202ba8d28b18e6d20a217c30776f97546dc65822ff02be3be42f6043f828927ddcd693a7b691f9312aed70b5346cab9ff0d21e8783677bd71cd1b5e4975e588e121a90cdb6b4d3219effc8a868dd110f5cdfc119c121c84c2ad04189f84cec8f7d98d71ebb1f9793af002e2d645d7cfc03e3a4f61c28ff69f08024a93b8c712df64c83859374ae6d5575048d7baa3a0fab0ec0ecc731e3523d9deaebed7de16e9c6c453093de8738f8d7f4a244a6f15432cb494855c6c9b840d514af760c73b88099a66fc926b2f05befc766729f109ea436bbbb5ce2513fe654d7e0b379b49ed555cbddb8a690132417a31f48e530449ffe71d1f851acb1bdf245ec02dd39925782511c0d8930f17a14c54906d96a2daf27144914135cef344451982b50c71c1e5bf7d63f646fbdb749e2e9ce8e84ed334fb90d9ab7c6e7b265bdff840606ec572b035877e7d18cad3fa246ed000ec243d38da351fbea47a54dbea0942fbbf3fd9b00f19c21417159eedf477eb6af4ea228cde4ed64cc2d6890db81c74e5e08720dbea0f5364c1923cef7e0a883188a99896483d2977646bc9ebe9c8667fa68b3aa9cd961ad1dcaeba799eec564d20d771390c2ea12eb8cad0575d08320515c790155dcf477952c72c536e1bb2d6bdca553b02d23992129ce65d520c9f38bd385e37b98ac6c6974bd1fce4d53a7d11666ab3c04b6ff39f93ea50790aa027062d99c1486c5c692eefb05c29737b178526c91b62595f79396d40f2558148dd72652806ffd9fb334e744a2025070780d684dedb6db564fc76a5cf6f75766806e5c644bdb58c6c2aefe02a523f676aef200a3ea928810be43ec4367ec203edae43eedecb608cc48cde469217e36002b8419ba55ce00044a6d3590ba22c77001347c1545d07486d6a5f70ad9561fee62ee4eda80953218711d68ead9b38f3ef1012a952a572b38a5c90536754717799777574874b45e0b39e938ab2d31823bb1f44f965e225be271b69a9ccb32da2df01c65401df771f5e3e195ac977e627e3c4b522928d95391c1f6869ec2e340caf3f336e246d042da8fbe9702980babbb45067d82abebdfe34e3832c123575c479b66a33e22e47a5d8f7ee3c40fb538a3bb7a08ec13017f4c58f7ef769b7597f7252c8b6d0e4bbcefe0e32b4c1c92c5da2506d2be19bb6f71e662fb81f016404c96c50e4ad61dd3ba73746ce0489136d3b0414992f506900151bfbdf118a0e2f998f893560225da2c19280238cab9a986c747a265b22c0d6473f8248f83a3e155f4ee67cbde536b3c4dce586cc8d8ea15e55f3569ede91d29f9fdbaa88d20909f3dc3450e22ddb91722ed6e42f515db47259b74e25966408f4cab33177a74a038daf0967864330fc0be9f1f2b685cfa288bf89e72fecefca841fd0564a47826e586b6d4eb8dacbbfb0808a3255d5f69a8c56ca6e17f2041eff85aaa4eac86c1008d428d91237ec5e2cedad5383703ea7ca8e7dfb483ffd8e1f2abe1a90af170660f881f6cac3025087d72b6454bbc3f8b7308a27ee8a6e8294955903b0a69f66dbb4b6d7dfa2e726ebbdf91908990b042bd09ae9a6f6cd39a4d626f62b2efd8e85c02adeb492a9c97a4e883cd2660b570d0cf5b13c60fb58d60f07ca43b2b3a21843f85801c8d824d2bee451b86db0a61b45142a397372a3deb3bc10d80bf4f9907f5f3200c65f9cb6dd6411284ad5f7b837cb121c42b99f1e517569fc12b2606cb3f45daa0597a8aec824bfd4a31e4b17d5715ec48e8b9e666a5a9f881884b5d06cad31f1830d76db5bae7ef1833b727f6a15c0f32b8e561b41d4f286c74c901201ca52b95dd2b7bc930f5c7702eb282f4dce8dbb37f5137996967a07b0131da890e27edbbf5f5bcd3885889277d6faca161a138460fd1e70ef41179389c87338eb9eae94f2b8167e7e0683836b6153b7428ce1969da01b096eea0b4e7d5d85bb96037c17ee9ca630921367f17eb83845264fec0ecc866e58f845f2f32be57ea9d5c2c595f82efa6608c4c8946f0f56f3856fdaf3b8c0f78a017604521c727a136c2ac28c16ae19da2482c199eb7930fda5198f8269c774b8b2bd769c377a6f86416c2c3579e57a329e74021597aa1ed4e6da50806bdbdee831101cfa13b97e99fd512e43fa414f7b4cf1262c16b9e30ac4c34b108355ac16b6053751fb8c2f4eb4bbf7edcfbd0184f2250344e47bbfe9ca50f0e91e65c78270c58603c20679d739b454d1ec3301fd6b884d00d7539bdd3178126aca8ae37b9d8ecfcf14e62e653864d3ee4f1fae9ffb2197ed8a2455c90359b6a09910b79c2822f04bf07b6a27e01c9f1883fbcd08b7c26d7c8c25271338914cbc157dbbd0efada31709841831c71c1aaf111d0d46845d9aaeb7249dae34fdb050047ac38fbf0b746f33d6ea0baa5d4f7ddadeacb5831b7f9d5e219e4bae55d0b8594f52f0011badef967afef02884ce212c3341c340ee8fdca78e887b7bf2a98c31d1bb8a3969b8b4c939c362cd3edc19598fae9ccd82c88aabbad4c4ae278aa1b59d2003375cc932210f4a636af6c3126f200c8a7ac82d8226f244661ac6d73aa76edb53fa5b2216f645e873de27fbf580c7148fa72f992a220d1d4f499779e25c8b996c580a1165848d23088a6369957841653e291c7f520a8665997bf958ff7da53bef74eea85e3a1a3657945513137351cd4aab8499f23718abb8f66dd7d60e9775639e32ca1e8faacdb8f6b66d0b1b714af355773f1aed034f2e4cdaa17bac308dfd889bf123762b5c894de392a3081af84195438fdfd1868e2d978bf3ec1df5e81b9f8f6afdfbe3dc344f2a6dbf550080e403690d2ca7cfc0244014939aa79a8b3a0933e2bbc226385e3e4188a1ba2b37c34e02fd28c31f2c48d1a83294da501ab012d1d5e5fd26cd41ee71b4a150cf784486f9f6b5ab510cf07cf9792dd9e4d8bf48f06464fc957885d346fc501f21a07ac7fc71b9c01519cf4d2fa766d15eaf459fc429ace3a1a61ba078da7324ac06e65d7f36271f6898e8ccd673edeb25571c44606d7bde39d5195472e727bc7e2a2d1578328cdaf90400a7843f31793ad33d0f32885bf9b1f0e56d4a3ec40a1094e0ecec32a1712b88ff3008213795ffece882254753011c6988931fc9f19b5ad0891e20887b47ccf460e303842bb4c0b62163868e805b3bae6e4937a476e7eafe9fde0d0cf62223f714c69be6833c10d06f91a78016b1c00087415ac4a5b7b5e10f98a3e19adf60d56d5bef918c1c7ebbf7cfc37130ffae2ad7a620250c7387069ecc926f34069b717b97bf2a0ef0a2bf796034e88d30aa4235744a1aa5601ba718add8cd0cf38411f4787cd22e21dbacd9e480b13af38477e70d2a4800f680fa7cc8684fd467b86555422b1a901144b03e4327b2573769cb02de90e8e30df7afd2e571e2946d23a0efe02bac8e9698d12589378e28d1c36ce328a27abff98eca7b6da95daa681700397ce62c9b50a47cedeafd51b62e953413639a9d9978fb3e1604027751da66b5e481ec1e4697d64a4477c67ec2967e2389b6f716f77c810a62a5fd78c69907f4a4dc210db30d5d4e9dd1a82c9ca1f0dbeecb33a702f4860426e7d1c26d1a00ee4c62e3d671d545b26aab8ac758c53cea2250ed929aa715bf513a5fa242b78ddbc263990c42025ba2a52e368f6a18e2cfc0a6047e7f0e7187c3e36d61905cf0cf824a08e5c240ec56b04c909390322ce24f35001e8d5a599ffadbe2a8755920cc488f40be225110310d4e9e4d4cfa34f953c6f6cc6a5f8a89373739dc5da9445947fb58bec2c8e5b7f8c349d6df29e6a87336dd7bccb036139922faf14f3eeb92ba12d0084b1da8d36a3f9656414c0f32a1b2575a5147568ad96c2125701fc67d00e9d78788bfd0188276727d568bb0800a576913dbc5c1035fbcaa5359bc9b7fca0ef528903250be1a942e59727789ec61ee1ae617c3a23d3a89044a9ec729ef0cf7ec6a3d01e06e864c2e24c38a8389826c2cd471cca5cfd18a34050f24b99dcd26d418465a5e3623d7c9dffe7e65fc25f90710f42d00fb81b33a2db18d0ff7955c8d87ba8fdfe1186b638312505c7810dd0ead9c7722fcef542d2a73f107993e3ec78d3a0b15506ebd4d13a72384f77268b44c32a957aefda0bed253e76cb09012f104bd0c1f04e96b1fc60d08eb79ce9216fe1fde6ffe65d09056c9643ada21ef080b9da75c10f71ad334e4d3b5d3a0e55bd1ffcc18259cd28f6bbdfab16575cdcce86c95f894cd001e795cdaeac95c90d1ba94806ea2fdf45906eb7a2ba0613503f7aa7397e78c964ad3251d297ea76d88b4221efccb2c", 0x2000, 0x0)

15.938884968s ago: executing program 3 (id=2249):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x1a}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

12.982060401s ago: executing program 3 (id=2251):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xb3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3ff, 0xfff}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
recvmsg$unix(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000040)=""/27, 0x1b}, {&(0x7f0000000400)=""/170, 0xaa}, {&(0x7f0000000180)=""/46, 0x2e}, {&(0x7f00000004c0)=""/129, 0x81}, {0x0}, {&(0x7f0000000600)=""/193, 0xc1}, {&(0x7f0000000280)=""/34, 0x22}], 0x7, &(0x7f00000007c0)=[@cred={{0x1c}}], 0x20}, 0x46cef15b77d5ff31)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r3, 0x560a, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, 0x1})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000611224000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x90)

12.769797678s ago: executing program 4 (id=2253):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x955, 0x7214, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x0, "b358c124"}]}}, 0x0}, 0x0)
r1 = fsopen(&(0x7f0000000400)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000540)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', &(0x7f0000000240)='sockfs\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000780)='\x8d\"', &(0x7f0000000440)="dc", 0x1)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='\xd1S{O', &(0x7f0000000080)='\x1e\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000880)='\xcfD\xbc\xbf\x95@\xd6j\'$\x1d\x14\xb7!\x8b\xff\xdc\x83\xc5$\xb3\xecr\x14G)\x93\xdfj\x96\x7f\x03\xe5\x94\x04[\x02\xa9[>\xf9]\xffV\xbd+\xcb\xd5\xeb@$\xff\x1f\xb1L\x83\xfe\xff\xef\x10\xf1\xe65Y\xf8\xb8\xbeSAk\xf4\x04\x00\xdf\xa0P\x18\x19\xae\x8c\x9a\x19\x80\xaf}\xe9r\x88\xa4\xab\xedJ\xf1sR\xea\xe6mm\r', &(0x7f0000000180)=';\xad~\xee', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000280)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', &(0x7f00000000c0)='dE\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000840)='{)+}@@!}\x00', &(0x7f0000000800)='dU|\xcbM\xe6\x91q\xe0', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000500)='\x00', &(0x7f0000000600)='\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000001ec0)='\\$#[\\/\x00\xd5\xd4^\xa7\xe4\xd4\x1f.yh\x18\xb8s\xe6\f\xaf*4\xe1\xa1e\x04%f\x8f\xde\x91\x04\xbb\xc8\x17\x15\xa4\xf0\x00\x15w\x00\x00\xed\xdd}\x00\x18\xf3\xde\n\xbe\x91\xc4\xc5\xe6\xd3o\xaau\xf34\t\x9d\x80rg\xbc\xee\x96p\x18\x9e(h\xeb\xd9\xde\xa6\xfc\x8e\xe3,\xae\xa8\xf0\x82y\x91\x1c{\x85 \xc7P\xa3\x9c\x06\xc1\xd3\x92\xcd\xcc\x17\xb2}\x13:\xbbh\"%;\b\x7f\x91\x8a\xa5Z\x92~<\xfe3\x19\xdcVJ\f\xd1\x89d\xf9N\xbd\x92\x86\xa2\xa8\xc0:\x1f\n\xc9\x8eUO\x8e\xea\x99\xe1\xbe%Y\x9eH#\xa4\x9d5\xa88m6\x89kE\xce\xc3\aBW\xec_\xea_\x81\xbe\x86~\x84F\xa9\xcd\xba\xfb\xd8\x8f\x01\x81~\x9c#\r\x87\xcf\x19\xb9\xbd \xcb\xff\x88io\xb0\xb1\xa0B\x8cI\x82+\xc4\xcf\xf4!+\x16v\xb6\x8a\xb7k}\x1d\xf2\x1c\x00\x8f\xd7\x84R\x12\xed){SM[\xe6g6\xfeF\x1dJ\x83', &(0x7f0000000380)='\xbd\x10\xe2\n\xc4\xa8\xa8?\a\x9e@O<\xf4s\x85~X\x85\xdc\x11\x04a\xf8\xa6f\x96nB\x02\x10+C$\f\xb3\xcc\xed\"M\xb6 V\xc5\x9a\x11o^\xda\xc8', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000040)='\x00', &(0x7f0000000140)="8d", 0x1)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000a40)='\xcfD\xbc\xbf\xff\xdc\x83\xc5$\xb3\xecr\xe4G:\x93\xdfj\x96\x7f\x03\xe5\x94\xec\xe6\x04T\xcbn\xa5\xc3\x04[\x02\xa9[=\xf9\x8b\xf7\xc1\x9c\x83@\x1e\x99\xca\xc3\x85\xb8\xbeSAk\xf4\xb6 \xdf\xa0P\x18\x19\xae\x8c\x9a\x19mm\r<|\xe8\x9e\xa0x\x84p2\xf9\xe2\xed\xb0\f\x7f;\xf6J18G\x84c\x88\x9d{\xf4~\xdby:\xd8\xc5\xccrun4\xe0\xca\xc1\x0f\xc3\x03D\xe1\f\xb3O\xa4\x1c\x04]8)}\x83:\x9e\xc0X\xdb\xd9\x89\x94\x9b(\x19\\\xf5!w\xbafo\xea\xe4\xb5Xe\x84\xbc\xcdw\x802\xb4\xb8\x1f\xc2\x97\xbfi\xe8\xf8\xbd\x1d,\xffUX\xbeA\x00{\"\xdbya#I\x03\xec\xed\x8b\x97\xff\x1eiq\xd1n\xf99\xc6\a\a\xed\x0f\x15x\x91\xdc\x05P\xf7\xf3\xad\xa3\xbc\xe4[\xa2\xc7\xfa\x9e\xad\xa2\xad\x86\xc4\aD\xc9\xdf\xf8\xf7\xc1\xc5\xc5.\x8a&:\x90\xb2\x8c\x86\xb2\\\xa8%!\x98TQ\x91\x00\x00\x00\x00$\x99\xbf', &(0x7f00000006c0)='\x01\x8dik\xc2\xed\xf9\x8a\xae\x86\xae)Dn<(\x02:cU\xa0d\xd4\x1f\xd4\x95\x93\xb7\xc1\xcc\x84\x8c\xdd\xbf^]~\xcf\xcb6w\xb3\xfa0b\x88\x04\x10\x9d_\x97\x9f\x89\xb7\xe35C\xd3\x1b\xafV\\wGU\xaf\xa4\f&\xe7m\xf0\xaa{\xb2\xe5\xe2\xeb\x9bN#\x99\xdc\x9f\"\xab&\x8f\x01a\xf7\xd4u\xdf\xf0\x9b\xb0p\v\xa1\x8a\x145\x9b\xd95\xc8U\xe4V\x81-1\xb0K\x9a\xa3+\x03\xc1\xf0\xeb\xafYI&\x9e\xd0\xe1\x148\xfe\x10\x0f\xbd\xa2\xed}\xe6\x1asT\x1f\x92\xdb\xa1&\'\xc7\xe9\xa5\xd0\x89\x8d\xf1$\"\xdc\xe5\xfcT\xad\fj\xfe\'t\x00'/180, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000001c0)='romfs\x00', &(0x7f00000004c0)='\x19\x00\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f0000000200)='\x00', 0x0, r1)
readv(r1, &(0x7f0000000680)=[{&(0x7f0000000940)=""/156, 0x9c}], 0x1)
close(r1)
syz_usb_control_io(r0, &(0x7f0000000280)={0x2c, &(0x7f00000000c0)={0x40, 0xf, 0xaa, {0xaa, 0x0, "5d7b1387328bc93eef68b9077bab1cfd8c16f0daafd5ef851464043a20578fd235407ee13fdb721b96c22cfcc0aaa1540060ecb8541001668798d93681e55ded21df1cfe7cea1ced304367a368e4067e36bd51f3814636417c2188e2316fcc048f983c1e309b378d0d74c94fccec7707fb8466399241f271077c1d92a271f70532e87920a71bc7fa9edb83c84394027b363de8f217cf9743ff2e82387c66414ad1ae4dc227960c22"}}, &(0x7f0000000180)={0x0, 0x3, 0x62, @string={0x62, 0x3, "7a683e4c2042ed3c16d288e120cfb85fbbc751bdae7091c5378a39a043cf7e283ecb00e21d70d579a00428597fbd8d9c9949daadc47a3210c394ceb93defb3afe429e693104b5bb284d0dc26201518c9a2e63485e4f752567a29f386b2403546"}}, &(0x7f0000000000)={0x0, 0xf, 0x30, {0x5, 0xf, 0x30, 0x5, [@ext_cap={0x7, 0x10, 0x2, 0xc, 0x3, 0xa, 0x6fd}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0xc, 0x3, 0x0, 0x4}, @ptm_cap={0x3}, @ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x3c, "298bae7638ff3d7e49807e903e9194cb"}]}}, &(0x7f0000000200)={0x20, 0x29, 0xf, {0xf, 0x29, 0xff, 0x4, 0x5, 0xfd, "38db0be3", "bb296431"}}, &(0x7f0000000240)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x4, 0x2, 0x4d, 0x6, 0x9, 0x2, 0x5}}}, &(0x7f00000007c0)={0x84, &(0x7f0000000380)={0x40, 0xf, 0xd6, "368b017b7b6f9af59781f06c838dd721e1515cfd13376639ee45b2080710801c79a5f99030cee01bdea760fc5f27e32657f03ac4236f42e68aa55310d93e342aebfe9a0d2a396e89f21238a4d505390349a565b22a3beefbf4d7ca0a0e0ae76e5e95f2eb05e0cce6c3f287193f17ba94496bd808be7280bbf7cdb2f388daaf763b7c7972aa4f9eeab0ba4d4c5f31f12acb5ca8947f1e8b741deb68811b5b221bf25e3eef823ed36c2dc5cfcec7d172bfc762bd6bb0ac2b8e9c089c604a88efd5f38dec10b9413cfe500216d3b5e6b004dbd8d3ce54c8"}, &(0x7f00000002c0)={0x0, 0xa, 0x1, 0x17}, &(0x7f0000000300)={0x0, 0x8, 0x1, 0x2}, &(0x7f0000000480)={0x20, 0x0, 0x4, {0x0, 0x1}}, &(0x7f00000004c0)={0x20, 0x0, 0x8, {0x164, 0x20, [0x0]}}, &(0x7f0000000500)={0x40, 0x7, 0x2, 0x8}, &(0x7f0000000540)={0x40, 0x9, 0x1, 0x8}, &(0x7f0000000580)={0x40, 0xb, 0x2, 'v\r'}, &(0x7f00000005c0)={0x40, 0xf, 0x2, 0x3}, &(0x7f0000000600)={0x40, 0x13, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, &(0x7f0000000640)={0x40, 0x17, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2b}}, &(0x7f0000000680)={0x40, 0x19, 0x2, '/j'}, &(0x7f00000006c0)={0x40, 0x1a, 0x2, 0x8920}, &(0x7f0000000700)={0x40, 0x1c, 0x1, 0xc0}, &(0x7f0000000740)={0x40, 0x1e, 0x1, 0x6f}, &(0x7f0000000780)={0x40, 0x21, 0x1, 0xf9}})

11.217588459s ago: executing program 3 (id=2254):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="740000001300"/16, @ANYRES32=0x0, @ANYBLOB="024205000000000008000c00040007003eff1a804800008014000700ff01000000000000000000000000000114000700fc01000000000000000000000000000014000700fe8000000000000000000000000000000500080065a20000"], 0x74}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(0xffffffffffffffff, 0xf502, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
socket(0x0, 0x6, 0x0)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x58, 0x2, 0x6, 0x401, 0x6c, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}]}, 0x58}}, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127c, &(0x7f0000000240))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000), 0xc, 0x0}, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0)
setsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x65, &(0x7f00000001c0)=0xfffffffc, 0x4)
bind$inet(r4, 0x0, 0x0)
getsockopt$inet_mptcp_buf(r4, 0x11c, 0x0, &(0x7f0000000000)=""/25, &(0x7f0000000040)=0x19)
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000a40)={0xa, @pix_mp})
ioctl$VIDIOC_S_CROP(r5, 0x4014563c, &(0x7f0000000000)={0xa, {0x0, 0x0, 0x800}})
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b1000f80b", 0x33fe0}], 0x1}, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007ed, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x43}}, 0x6c)
write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0xa89)

9.967957945s ago: executing program 3 (id=2256):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$printer(r0, &(0x7f00000002c0)={0x14, &(0x7f0000000040)={0x20, 0xa, 0x2, {0x2}}, 0x0}, &(0x7f0000000580)={0x34, &(0x7f0000000300)={0x0, 0x0, 0x2, "a069"}, &(0x7f0000000380)={0x0, 0xa, 0x1, 0x8}, &(0x7f00000003c0)={0x0, 0x8, 0x1, 0x3}, &(0x7f0000000400)={0x20, 0x0, 0x88, {0x86, "4e5f010d524ff372974789a41f05ffc74c0132f266dc8c9a18523c8d98da6ef86c49a6f2fd0cfdcdcbbb9f7f57d839055143d74470486faa3ebd64e303ed7eafc0095074ce0206b642ef10eda1e46baaa1ac3d9d2f8dee4d95c98e0a5842a037574013149f26ba372689d19505e123a4a4127c3ddba255a0f94a2767b3ee4078bd7592b21c69"}}, &(0x7f0000000500)={0x20, 0x1, 0x1, 0x9}, &(0x7f0000000540)={0x20, 0x0, 0x1, 0x6}})

9.239458048s ago: executing program 0 (id=2258):
epoll_create1(0x0)
socket$xdp(0x2c, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x7, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x1, 0xc3, &(0x7f0000000300)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x8b, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x90)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84}, 0x48)
bpf$MAP_UPDATE_BATCH(0x19, &(0x7f0000000300)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800, r2}, 0x38)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f00000002c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x5000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x48080}, 0x800)
close(r0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffe}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4000000}, 0x90)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x8800, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, &(0x7f00000004c0)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="20015d000000fac5f047651415c5ef08fa5b894dbb1c7a54a1450fd27547215c78242dbe60834a2536e8ed89fe7b62091c80de4e4fb7f9d119e8abb87805e3e75a1aed345820ff1c73fab339241cbd1f612727851c1788b6fb8ef05e401b14c671f6b6"], 0x0})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r7, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

8.874249934s ago: executing program 1 (id=2261):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f70000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea21056000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x1003, {0x0, 0x4}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f000000a380)="0c56bf6bb3baf02b9ab7fde676f32526c03ed51491838f438732f864b706a20873df4f29fe53dc049184abafc2bb563443641ed267b894e93a76cd0eb595a681ed40163d4319a0c1d4b2f1af412c1ad92e46192ba8f13ab88700785295acbfd5f0b7a29d66c035eb3f01570ffa6903253657c28df41f50564f9175a5bea19102876c3b9e1b30c5acfc500d6da1220831690f25857fd4d2c79229340d83b7cbba0cb5e4153fca7c66ea4b183e1dbd4c685d589a370b56a57d77b752615acd39aec11482fb74b3e4036e668df39b11e550a457e8fa7fd159dc81f3645c1c0b606d916cec0813b36b142509fcf96769331076f51dc9026cc5d5b50095fc876ba9e6350c158d3340795c03948bb00c8cd0407e67c90f125cae9050161392054026b20dcaa58896be95396a5c321e672065e49da32910e83b701f58cd776a64cfec5f26d48f5e43f451b66caeeccf3a90021611b6f006c76a40b66698b942ddec29d26a60eb01cdcc3fe8f34da7698b70d576591580e6f88b5a1f581d7835a10f598b4ade50f5a0d425d8235de898287d691cbe6770786172701a71df35331ecb2940f54e9c845fe3ef766d8ff5b89851d7ea3e2a5c9fa6ad1d387c43dc5e9c6fdcf8ceb6f2e0b2a6f8548c9c2104027c7f71692a671289a3e54562ebdc13a6230184e06e5d08685620d017ca7e870daeb3bee4fa2518dedd3db53c0e159624d7804bda3924495a0252fa5c8b04f5e493cb56551df3c36e71686c462c0259f0e49e849bd303382c1bfad5cdaf8e3fe96517c82e73145741f62b3beb95d733bdea541243b2784eb8ea008f47567ad664410d5b6e90dd050f329609713a67f3f38dfd0f6cd122a3c0b796db6d637e2f350212e91040757c855d10c71aebb15f702d784856a93f7f39d58feba303cc3bf1f8449def68b1b8ae35be5f4ff06b9e2dcefe575dd4a4b391023445cc638f775f39a557860e794475999b7677e6e28b655727c7a1e0c8c35fdb985d3ad453d7c7a09512509044e7ff02fd48e60241e0a5947f06dda5c983424f4fe19670597e36ae546a9406f4dddc3b1eb2fa4bd8013fd969bf74c91065e25b442701554d3354713fdea474702fa00080cab2afec5ec21d428d6bd81968775275d6d2d31f9d6bd63443db83cd820985f87cc9310cab4b49d2a8351b7c270aac0a5045e88f3e9df1facb07607b7bbb7dc0b58fdc5301410d274368841e1145888f9a9dfdea7480c3ce7b7635e034006f48e7f280f683705cb41fb3b6c90b3b1a967a234d0a197fd51216ec80b927baaaf4e7b91b6e300add576a717ec6f5ac00eb2b0d3bc0a52e2fe4100e4dda6c1ed2b99ade85a56c63880b10b771104611b5828fc41f4f6dfb3ace80dd22c6c04ebafbf07ab209f4e6212cdff1a186e4bb24db21a5ce9a6a5d0fb13d6e4e1d2bf5b369c1c1cca3774a5fee4ab9318a53c0ccb28b42f003705316c4a7e9d068b7120094c06addb3e9a230690e94975422d699540d66d4b4efda428fabb7d3eba20b5c98d8c2afe6c5c16d5a15b2398b36d929560f4647b81a5afe08b7a35a335b054762475f5a7eb3151e3dd4042ba9d67e0d781c4093d138950d637d605b488c82adf5d5c6a056db591e47694f796e0d4ffb45159780c0dfe88724e393c80d0a0166558210fb80c803d3e755c865ce7112ba393b3e34f1d2721838c6fb4f84d62743095d65752fb3332c3f51e130f19b23b5ad26fe5cb4da6f76711c502dee95a3217d9d7a757ec09b748224291ca10096dda69ef446edfbed2bbe1b47a35934197a842a11106cc8385b670e111301af2d2af93524504403b0efb77558327600ec5c432972247b68c87ade6687b193c893ab5dce94bdb47b8a3743b99ed87e5425d4e13a0fa7b45a835a486c5180572ef15b3d2e491b2e1d7416d8ef1ba6166872f7dc505a1f49f8f4c3bd7d80b3c016b6496f639cac8dd32455fce148755b4ad6fed72acc2df19456d79acf5679c3bfdff884c7a8e63dc1b18e6123ed1dfc789247770e47a42c0b29bb2f59ff0ff018b70cb69a6ba0391eb9fd9feeb543e089efd270c818923633e09a5ba04b1a60c95fb6dda75a50eaaf7701a7b586c264f10a6c9c9fa7f4e02536249525d3193829b03a9ca1eb858ffd95ad8b6ea4e3445caa8ac55fba6277f8d84596309a0e98053405a69166d2b69af81d6b755beb7f2082e7c4d7bbc9bca88bbcff6ee7687987b56feb0749c29177a396fbbc884e72e1828e9cd8819eb29b9db617355a25bd3a7900f58708aa12116a3597b7bb6fab4ce25a1cfffaed93787c63609120a6f9d73424831e415d909c0eb86aa74de86bd3164a0ada41509630048e6390799d9731e32a0b3dff811dccd6e58351a2421ccf1b77d147778facff2f0ca4145c7853d5a2e857bd5600be87093272d3b4336af55f195315f5ea534f3cf7d1a31a5f195e9768efb15ce9cacb414318bcfc93a6e377548ba447b12c44cdbf6bf72ff5cfb4ec4f81332067d4c9ac5b0829eee1243a8f05bdad9c6b4d92d17d0253d372555617e4c60493ab35ea11110c917f1ee4bf483e630c079586e9c6376e4da54d86a3d5300dc33470a42c1efdd9509cd6fe1da9330c667dc7822cec26ba25d92a4f08bf282d911f6e99a0c65cd25ed8b35ad7b4fd2a079874724a6dd143a8cabd1ed977db90404f3ef0446734d9b9c396a6e633784ef542bcc65817ed1ef259e1b0fe7e74199f98f5cb206847480269f7f1bd06c5651be5b3dca1261f52d4d2f9700e2a59a51a63a5ad201607fcbfba73e1c6cd7e39b1dd9ff8b34ac7aff2877449213fcf7df0c283bd78a538d91a1875a9f05d6f93bbdf4e7e20a3db136e36c05285dbfc1b348a8573ded32fe258142b6d62fc635dc9d74d73fd85dcb50738def9db4646a0284dd6890790706bb897b4fc442987adde96c9df15846db257acdfe8437626e6be5cf244feeb6eedf50f0a3e900f71cfb5b71495db50b423ac69d5ffae5845d4f7eb0cc417d977945e081d86fa938588e7f3976772e55c8c6c6d70b98fdc5b8f91d94e0f6b68d9479f9349dda1c03cb24b0a0ce77c0067a3c1223d1e5c551e7f97b7d4346aef12aaa741cbc3338c1b4d9a3d4b9169d67f7da22726316abdfb4c6dc6f8c546d6bdd60d437e4652684758a007f61d298477981c66b34a16ea509c7a0f6d3c076bb56efddbf248606c4aa9be4058b3c10708c952b7b0a78d1a68ad923dfc1b5505262db5b0528f6dfcad4493c43685a2ea77433ed168010f4b5321b3c996d47d30f7af6a3ba3d459f59a5c9612a126c6fe62138517b11393ac183809c8619520599c29aeea52c2609702ca2d6f883612bd56651ceadfbe2adf91a5f01d8bde413658dd118e8d0f8fb415f27063399e9595dccb68d15d749ede59891b9228817983f1ee0c8b523002cd406796266038d6a2d627ecec1aedb3d1ceffe6bbae380579dab73f97205ac78f6284fc5e3a002090aa3783d190d4825bb9ac6c08d7eb57c5a8de565681fde668e802e4e2394232181966a0ca6257bd2df988a8dff73a855d5d305cb30c9a7d8e3846df37d6c553f48aa7c8de8bf0c6d485e941b40c781c094f0b3249a96dad527f849345199d427457fb00af2160bac7a2c7a73871579ba9e737fdb1b22ece8e8405fe53c1491f44dfea36df84c41328728a1e19d019cbfed77c2cfbc1a170033fd41758478238fb6c0b5f6e3cd89e5db33755b3e3670942a0ae79485841bb8e3d5a7d3e9089641dec6016ef876956d5543e4047ed402f060095631dcea29d258b3820e5713e05e635489aeb7495a728b3fec4886b5e23448fcc36f72aabfc24a183b6fb518a88b99d87201497cfb30c635a70082352da98240940a1588a6708e4a0a0037049d0b451154bc70f10da41f779dc33f2a4ab0c5fb9faeaa70318f9df4492b5c6743bec001f5399d168f09c0dcffeb36b40b5669e31e893a2bf7de2221f278c45754f9b86f132587a142ba89eed4a8b0a6073ff4a653f7ef573c9012043cf9e569bdb1241039db1fcc9181e2bfe156b8fc8b4d4b3ddc52927e5305ed130ca76cd9120d3c72934dca24ebcd9b0d11113739c875e2921bcb2feaad54ba147fb8b3885528186de80e149678c0eb0f02413120db95bcd569bb9c3e05ef031eb51e16db33f911986ad1430614fb65e9501827a9197a20fe432edaed52da9f3e16e4dbf7e1c79a9abb716b5558b8eca92a142da92c0e197ae15ae232683c9ffd4bda9a7b9e7b7638dda9e15f669c191ff33c985e9cdc2a35da19df712de1aa88ea03d6bc84682334ca514d75ad5e6f8c50041edcbed15a340b673f498f853210a2e38b48cd05f9e22037967251b368e8e28ff779d3af87add48b456617c13ab83d083ce3d788c66eb2fa1d5b3a1c289c822c7d8dbf939439db6aa4c795751650a36eb31e2bd3f7b7bbb5119eebab64712e4d6efe99b6fdffa73dd4a4fa03c5d43172bb1b510df5a29d1dd12b972771349806ce3d42e39b88490330f17f61014ae43e55c315299450335207ed708d07a500421fa39b2170e46816eb6a1658e8b76ed4804b28d03ae6f536fc54d32e1e0489451b4c9c0bc2823f40f5771e4c8e947d031cb3eb0ac41ad9d9d177afcd807401babead6bfe84cc6aba840b31cf4f9b2e4a5078bd0030a3e4915339f3b92196c160c9b8e0cd64e6a43d0c0d47f766aafc151cb76858a9dc4544d43a7a55bad9113518a8e24f568dec35c04cf2dffd72f92994948528c0ec5a458c530a2738d88b6c227794ad84660d6d7a5edad80071c7de93b14c8fa58973788133c16652063bea22be7495c70640f5e1097d0dcd56f9e2a4c3f8521611152eef275f83f29a8ce228b24b55b4499a7c651dcba92bae2e7d608bee6703c56368cfc2836210f291ad3ae110606760b2c5d05af35d90144c7d2b31b0d7940422224bd737a15609c8960e48c11b7256a2152199a98d428dcd4cdd6064a479ba8043d77e38094b90d5ae33f85997d03dc67617d756a2ec35921895f2968d96efadbdc0a8f6a7a89fa345f379e2de0e73d2cf8ea61492e7387b9d68ab808b6820580f9264b634a080bf19be48c571c39b2727874c670a52f6b3bbb0a72468883437cd9536d91befe0bf81782160af6eaaf639c6aa44b4b012dc5228a6efb7d25eb75ae327ad4a646085e6bb5282a6b3a0f0b2b200b9037704f9b722ffc46e77e74de77832bcd5f6bfd6e16c78738fffeaac6a94f6e88a4c3fa2b9c6004b11b47743a7d7af39f445bdda9c0b201f82a0ef300820654799b2b46144cb66c518182325c464bc0657dece61bb7bc4e8bec73b3206c735eafd85878c83b16f56b6be0f648340b8b12ac1ea849b7a1053f03cb2cdc14556df49443fcf3b714921edf8139fce5398646e47ec87a1cc21140761ff069927d6f1ef5f077433811c4a1db4f3badf2451d42297708d96d9f4b7431d97615d76a0a134c91d83dbdd9943998c9d7508af2709e78e54b162592c95a924f2eecbd8d6f618a71e3b0ffa25319153434c4963ba53665b7183961b196454ae868bc3583b2f13e55075a29e13ab3c7308f5c4ed3c5663dc983a0260054f1afc642d0e247b02aa58efd96b75e191346c5a3028bd9f2e1162c7abc5316aaddf77b1d4be06b2774a761d9c6e4d57afb51c1457b13bf1dba9affe9e84033ffc8c1e691906ddd1b9c3aec8b1068f64170edfdc6a212e16c9dd981279a535fcc50b00488bd9a10c61ecd8e057f517688767c5901b9d83c8c8e04be5dd0a2c91b9894eaae9602956e604729459a2e37cf8b81b941142605f8857f927ad827c4227bc646708dc78ddef16b064cd5af73ea9210dadeb48cbbeb9fcc5aecbc7c4272123c753138cd005d9e62d106d5764ffaa3c98d2a0af64cf7eaeb85a542e79dd0330153612caff884d4aaec71eec41ab94cc7506862e280e6fcf94a47a33eb63957ed7aa308d014446b96a9043eab9846dc74f2431b2450d86f29b0861519cd690ffef5293f6d2f253de344f29c46c2112802e3f1cb7d5a3fcebaafbf447c0dffe63660cc719c1e4f542ae99b5b173c7ae74736c5091399ab7a07385ba2d7ef2e416f98c46ff1806a1061d3adc3fa5810e798243e06388db00a79aa37c631536fb2846f5983c02cb627ba4bd2aa860e1a9c1ac647f5e1c2faeb4c2d45fd567dc3bbfe35daae8884b5d1def75ab5ee1c308d5cbd8ea598529f8a0f144f0476b5b3ed5d3cb6f209fab07fe2c94da4d10f605293757116725446411d2b4c2298879071c2b9f6bd88666bedda62c9de54ac3fac823c005371cc3aae4cb3c6df8e0f8eeb263e6540cced93338ed287047cd3efd221c4cb2dfa41b3bc50e2bf29d175f2d92ba3de00a893b263e00d6185b86ce77f4432babf7a13668af5fb7e544edd085c106a9f264e2f4b7e23c20ae926b6c1c717c5bd1b4462858d1dae89c15c6c2e29ad8907a750c4c3510905cf1201f1037507129b5049e362813cdb8f00daa5350863b5701f725f01576c52711c9cac4ec074caeb6d43dde75027a33413dd85d6dc83ac57b5d2fc5e35d8d83dadf398eeb1b9c5d7ed90f4228e520591ae15ba6de091e57a29b65f716c181593a17afe2b2f465ef58e2f9588b53d4099ef6deca7f43d420b74abe0b48e6b63c57b5a6712122b03ce1dc281ecea7f553af0a2762806f2f3cac7e04fbea6b49888765378a19ec504f2f2fcb78d608d7b8e0446efe52c4752fd992e57e0168e57b83679cb18bb6756aed54da07d9de88650482288a0e8d2a65f69b7fee7117766ea426e0829cfac78cd82a6352c45c86a66489f5f0dae42bacd8e2f88cd1c3622ed355aa348a21cf1a42bf82833ed028f1ae9e06a01016a305208806f2145c52f78d6c3ebcd38eb5481ee79b12ebc072b97ed299c938521413b888c92321139c2ff4c50586c1d1248b56a4e7e77666d337a159c22da5d497d35c96efa048462ffc98c0726a20505d0ebb2b6666aea1750dcc5f4eab1b09fa0e2b5bbe6bd420110eb1ffe8889c2bb8537ed36a6cc01bbb0601cf81e23114705b257a27852cae1da0b290dd30384c38198631a80d9ceba039cff2b0665ffdb7bf7fbecac377029db1f5f13a64179a2b9696fed7599fd41db7a50bd093dda755d13363cb98d5800b164a4f462352225d3f9d136f2ac33c43d457852fdf3500e12b9996f3a68ba18506ee21b8e322e730de8c8cfe3451efff64cbeaa4d7d7445faf24dbfaa8b13fb6315d256c8e9463424f0cc1be6f916414383c6b3cb47dda38a7acf1dc530517f1115bda4eb63aa4bde5c80ea111f50c0c3845cb87e811aa61af0052f12cf816b3d467b079f97e170e4cd7eadd07b415ff200a3313d2e06bb75ef5d12b7bed63d896c787243ab267a8b0d2593a236e4e63524c8a5d4640c6e133a09ea94dba5daf95d54b5e6cfddd61ff2424cc406a5cf738820e47bb4956a3eaa4ec28cecf2e34ea417fe5735ab5ed00a2791746275b1c3cb8d4bbb9b7fbbae2d1450a20304610756d4b8cf1c68de447bd6b828a30dae3aa2071a1c682715ef9bda20f49961cc4db398f0f39bb8540004b551fd9af635a755b5d201bb798170a61620b0f9d475b72cc58ac208e4caf4d03fee3d4774994bab385bf6b0bcec938ea8cb03f7717d2b86f2cedd9bf456700c21054a0bf9bce55ab41db29aa664196d8c09b82e5672adf8deff00209d0b4b46e82e62ffd110862627e609a10212c2ed4deece164171d8c8c48ffe75195a3c63690f4173c502d477961405c8cc67b51399b8c5b470a7e681742111f27755247e888862fb49d8540ffa778f44195a0ce9613d504869a598ff8f468681b96655f160b52c770442c0139901b007d44c4086c60d4eb763869ce2c915d47d5704f29b63bb1da4bfb4c2244ef3dbe1636d909b1d4e0bf285e7b964b0da1ea12ba8ae52b65afac35365684cdf9f56f377344cfcf062896dc4d15506685b147a5d33eae0948bbaad3bafef07e9cfc79d7e42de2b0cf97b954726feefa09a9018d690e665c49b7837bbaec3a3d8efc22da9060f0a7c5b6d0523492bc7764350e10db44ce13c6f4fd62d4cbe6ca32b7c756698fd980593b976fb3425597cefd04fd626028f0934e7e55784f49e7c90d7dc18a4d50c812f4092f2d717921b8178af13abc436feabd81574342b4239f2a22b99914629ad9b57e366861fd016990f71b5fd288b9632b892a85ba53c31cc748c3c2f56b304187302b48daf3885dcacd6815f5966196944339d99aa65889d79e1ec6a3ffb85f896c27eb81216d935c2b8b78360d3e8e254b1c1f870d9482b8eb40b6a53fd144247eda6a20a804b37d40251473f738d65c4ff1e879ce25224f693350b60ff31368ebe0f4205c4bfb9eb2f7bc2bdb4e3349c894382c8050abc02b82ec52bc085b834d90409625c94cc8b7b82aa0ac45c79f5633bca9ee09977fec9627e5b6302ed69234ce47884f66534603f5a683d8642da2e1046e05db472a08c3c69b4aa5a0d2b5862830ae76d592bcb3288b1f611cc3b394fd831ccb0cd1b1e142c18503fb6d92e88222d0a413a124037e4d82f580f9b29f3edac46b6203b118377eb76796548f903802469cb30428ee77993c0c3458c39058904464d8ba4793d3773f31edf1db5da831a1e869990f13710e8c883e7f3df9bd2c70c8e697adb13c46cc110392abe565af80020ceac471a615bb3b241b94b3067b5a381fb3ea84e92ce0581db1d2885ba6a65f727a24d9827a6c4ba4eda4d73d16654b79a9a4f9d0c5eda02ef262270fde779df285e2d61dc18e21b807b883e6d5542fbeabf02afcea6fb26e5e7b93590d1073cadf25cfd4c5fefeebc9ba4d23cec6253be02b3a21d86743602d822540e3580f7458a761d23cf7945d244e7072527e3d62f87d5d141922d517fd15e837a9fa80f00af29d3610e55bf8e8d067b478fd036beaf79d9347dddc21185965d19462836866f11388606f4aa604aa07ef81fa0f9a20c5a33bd8515ef03d87f101c1c20c8c53ab824016e719ef7f592ea05c6541129c529837e3a9563dbca5a65baa2dea69ddb2fd93b4f03f3c9cbd31afb972acd955be97771155fcc26446ed9df9f3b7f2dd1c008a8f8e86fc60ebbc13020f20371098eb8d7232bbc5011580686e8408a7a5352d2fedf46bc57a0e81be1d62fa46ddc6997b4da2d24626d222a49eda179cfec104aef423461ebe50540d272242c324127675d4b90267d7baae6d700ab1b3fee7e765fd169a9d38c1ca51d133f3df9feb93c49e3543279ac48f16a82bbaf62aa097fdc05eea747e30d29215b391f0eca11a72ec4114229b2daebf3cb86366a1eefd4427104209d3f95dc3d77fb9bd613ac7bed316101d6b9ad2489e08dfa256e3ee3e4b397e22a3d275742e9cceee4e44fe53d52ae2878267db51710078e236afc0e5bae92a4fe04be47120159fee1af5fa7c4b2c8683cc2cf543e65625a0f2342620b31d8a5585f49f7de25edc624a70ff87b9b17c78c7ce93fdc4fa68c9462409ea09fa713b030ac2bce9276a9045666163fbfef7fe715f64313e1f7fe51b5f7cbf3688d6eddae9d8ae0ec6e9cb8783aa219f5c4107e146ac0ab386a4bce80d94f0d2106df00cbee7b4d2cb846b68e8b8ad53ad459cff5fc198c96f2689b275f96542bfed5ae02ebb647ad7da56e645ad826d82cd48e00199dfb2997e7116ac75e061eb3cdddce8416d7561f44391ec10c5ab6a807f8c094a412be6f40264d30cf4a66763446bec1d34b6cb6bd81fb408076110517b389c0a2f7eaf9cd9d0db7b0f493123db57fa1c544e846c63d9d43318c3870a42a9562d78d3b37df6ef2e7e5aeb95c29b3dc41c874df5f05676a56ffe82121dc7dd7706613ffeeb201dccb1166ed3a0ebc1f66ef053060d051bee5bfd8350382dd0a9667cead3813853330a26543b3b84bba2ff2da3eae8c593a2d68e05334b3b24c877d2a1c6c9c6e7881e29b01648b1f39d59ae19d3cdb555c39b17239de56f059d275638db6339a0861896a1cf62bf9b811deefbc3a604505bf1370814f6143d02c34a3e8274c927faf4a1b5b3a18b99441eb101f55ca2939d225aa9744314888b55b1783715f32b79421dec4607b931466b1b752fb683edf8a79b39e98f0e08faf2c55061b19688b7b1d8665b94cfbc1b3e2fe310a0897afb5e57505d63bef906b9590ca1eb0e52d7285a291590ee3c071a04f88d60ef31b6dd4170fba33e26001caa801d98573a64d3bb37f034c19a52eb34fe0edd29650c209631415b3343ad57eff0dbe833a4ecd406d6bda02879b52a96827ac19c2e4daf5542dacef7b1b0f6e583d99bdb09c9c3899b9f88d13fb4366a317e290437d70fd7eb2c9f1070878b2e98729d03d96fad951194c8f879c85a107da37ba8a001ea1495a9cde40effb24bfe7ba8b153cd1b37cfdf02d0fe05b0d201285dfc5cd22c83fdf6bb82c2455ec237a6b234b0288e047b07645fd37040287d0c927edbe42695bb21d3071902df247aaba97909e75dfa5b27446f2cb45f6d9d2ac8a7dc364a1f5b23a484d145eae0b95181c725f0ebb0328d2b30973a642ebb00f57cea63acc3c4b9951ce7864835ebec9fc5b24ebb73b8e4301f1a4334c365fbf5b80b326c34db997b7d5d947269e48ad8bdf4d01b69c7551cb32d5ff1a6745d3fc217d7f5a79de0f0597e973e0e49f071b0caaca88aeb1565fccbde3834db7420028079c8459ba9576648462576591c9e46d0f8fd7eab8c186106ef77ee249577b8e2255d30f549c2a991e03534e40edbdedbaa384e4fc13e79970e1d5636d7314c542a5b106b1b0a279965e85298caef35846afbdc9a36b8af202bf368a5f55c08084b3fa192607669ecfac68903e0363304f48ac8552dd16e8826e1daf820a009d50b2e560f413b7171fffe8de011f3f092d0d80fc2fcaf4dc8fff6fcd616041554584b85348591b3cbecfbdc65d0f420f63c818919cc72c6634291cd65a2708dbe69d9f56d47e2490a1d08852527827e7fbd0ac290606927889bb4557a850453a953376bb72b1405b9d6b90e586f5b829930222ebd2ecf3c60889c268bbadfa36797fe29869e439c0cd878b85263db6a6754250045c07ae1b9337b137526460353018f3eb006bf5c0e6edf68ba1cd92ca5c62c23eea5623c6ecc76b7bfa5ab0a2c8b0f8b290ec8e02a8de3a13fc2b23b0627b3f6aff3ec49ebdfd019c0c1df271c8432e6f929472926bb4a9beb32f92567b5d051466b58e032470b442c8f88e644ef1920621311e06e4a72e04690e203c6e032ee351222298722c20fa63e0e40c2bf54c5f68e8f618327b22e93985ab44dd25cc68c98d565340c1578e8f84fd0151cc23cbaecc38bd942771c691f2b7a651c54351ca1a71efd597aa5bffdcf6ea4b9dc65e634e54a6d737c7db6fc4c3a54951379e8e26bbb402e05641f4dec45e63603f6e8523bb6b2a8ce88032b7091e2230ba70db6bd6def319beea4482be6acc398f099b14dc8863b9d5fae5de44ae36e6b5693ccb9ecbc000543b5e9def0f49b6dba04eefee0d3accab0b8216665a6d505fa909f0b84ce62b2bf255fc532a4de7d4faff75a3480014629366f08b02009f2ee63118a5", 0x2000, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x18}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1, 0x0)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x7ffff000}], 0x1)
syz_fuse_handle_req(r0, 0x0, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x18, 0x0, 0x0, {0x99}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$packet(0x11, 0x3, 0x300)
openat$yama_ptrace_scope(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000a000000080000000200000fffffffff0e000000000000000380000007000000030000ca75ffffff00000000000000002e00"], 0x0, 0x46, 0x0, 0x6}, 0x20)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
dup3(r3, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x3, &(0x7f0000000300)=[{0x200000000006}, {0x1, 0x20, 0x4, 0x200}, {0x6, 0x0, 0x15}]})
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x16)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)

7.701021872s ago: executing program 4 (id=2263):
syz_usb_connect(0x1, 0x52, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x3a, 0xca, 0x5d, 0x8, 0x509, 0x812, 0x294c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xc0, 0x0, 0x0, 0x66, 0x53, 0xdb, 0x0, [@generic={0x13, 0x2, "21f6783b809d30f463c5d38e087cd5f731"}, @uac_as={[@format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0x2, 0x1, 0x2, 0x38, "", "7af5"}, @format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0x40, 0x4, 0x0, 0x29, "21cd"}, @as_header={0x7, 0x24, 0x1, 0x0, 0x81, 0x2}]}]}}]}}]}}, 0x0)
syz_emit_vhci(0x0, 0x22)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="043b0afffffffffbff00000000"], 0xd)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB], 0xd)
syz_emit_vhci(0x0, 0x0)
ioctl$MON_IOCX_GET(0xffffffffffffffff, 0x40189206, &(0x7f00000002c0)={0x0, &(0x7f00000003c0)=""/122, 0xffffffffffffff61})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x85, 0x0, 0x0)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000080)={'bridge0\x00', &(0x7f0000000040)=@ethtool_rxfh_indir={0x38}})
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x0, 0xc9, 0x9}}}, 0x7)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000000)='reno\x00', 0x5)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r2, &(0x7f00000000c0)={'#! ', '', [{}, {0x20, '/dev/hwrng\x00'}, {0x20, '/dev/hwrng\x00'}]}, 0x1d)
syz_emit_vhci(&(0x7f0000000440)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1, 0xf9}, @l2cap_cid_signaling={{0xf5}, [@l2cap_move_chan_rsp={{0xf, 0x3, 0x4}, {0x8, 0x842}}, @l2cap_conf_req={{0x4, 0x6, 0x50}, {0x7ed, 0x4, [@l2cap_conf_ews={0x7, 0x2, 0x2}, @l2cap_conf_ews={0x7, 0x2, 0x7}, @l2cap_conf_efs={0x6, 0x10, {0x0, 0x1, 0xfff7, 0x6, 0x2, 0x4}}, @l2cap_conf_efs={0x6, 0x10, {0xb2, 0x1, 0x5, 0xcfb}}, @l2cap_conf_mtu={0x1, 0x2, 0x800}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_efs={0x6, 0x10, {0x2, 0x0, 0xfff8, 0x3, 0x0, 0x3}}, @l2cap_conf_mtu={0x1, 0x2, 0x1}]}}, @l2cap_move_chan_cfm_rsp={{0x11, 0x7, 0x2}, {0xde}}, @l2cap_move_chan_req={{0xe, 0xe2, 0x3}, {0x0, 0x6f}}, @l2cap_move_chan_rsp={{0xf, 0x22, 0x4}, {0x0, 0x8001}}, @l2cap_conf_req={{0x4, 0x9, 0x28}, {0x9, 0x9, [@l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x4, 0x3, 0x7, 0x1be7, 0x4}}, @l2cap_conf_rfc={0x4, 0x9, {0x1, 0x4, 0x5, 0x9, 0xfffd}}, @l2cap_conf_rfc={0x4, 0x9, {0x3, 0x0, 0xe, 0x4, 0x800, 0x2}}]}}, @l2cap_conf_rsp={{0x5, 0xd5, 0x6}, {0x1, 0x7ff, 0x205}}, @l2cap_move_chan_rsp={{0xf, 0x9f, 0x4}, {0x10, 0xc}}, @l2cap_info_rsp={{0xb, 0x54, 0x42}, {0xfffc, 0x432b, "c539e10560808bbc0e0246e17fd073505c42805f8f44b5df31834eff32a2f0a98a33c2725661f85cbfd43c12e8440ca1842b24de8d721a6bd1a98ae49610"}}]}}, 0xfe)
syz_emit_vhci(0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)={0x38, r4, 0x1, 0x0, 0x0, {{}, {}, {0x1c, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'macvlan1\x00'}}}}}, 0x38}}, 0x0)

6.840678031s ago: executing program 1 (id=2264):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xb3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3ff, 0xfff}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
recvmsg$unix(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000040)=""/27, 0x1b}, {&(0x7f0000000400)=""/170, 0xaa}, {&(0x7f0000000180)=""/46, 0x2e}, {&(0x7f00000004c0)=""/129, 0x81}, {0x0}, {&(0x7f0000000600)=""/193, 0xc1}, {&(0x7f0000000280)=""/34, 0x22}], 0x7, &(0x7f00000007c0)=[@cred={{0x1c}}], 0x20}, 0x46cef15b77d5ff31)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r3, 0x560a, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, 0x1})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000611224000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x90)

6.76027657s ago: executing program 3 (id=2265):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x7, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000000007110a8000000000006000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc9, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x5}, 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)

5.704907542s ago: executing program 1 (id=2266):
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000640), 0xaa80, 0x0)
ioctl$CAPI_MANUFACTURER_CMD(r0, 0xc0404309, &(0x7f0000000040)={0x43, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000b40), 0x2b842ac, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_DEV_CREATE(r5, 0x541b)
sendto$inet6(r4, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$sock_int(r6, 0x1, 0x1, &(0x7f0000000180)=0x8001, 0x4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)={0x5c, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x5c}}, 0x8000)
sendmsg$IPSET_CMD_DESTROY(r7, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000700)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}}, @NFT_MSG_DELTABLE={0x10c, 0x2, 0xa, 0x401, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_USERDATA={0xa3, 0x6, "51c139cfcdc9566d001ddc358bd5c1a37d87fa4d122109c92a34e3c6ee1b47a3efe60622ba06e8c0d86bf461b40fb24d7025ed302bf5bfc5b731d9796e17fb9b35bd39e4e323722f91b3826b233d3e3730e36d733c5555ae5726ca90df40b51b27a63b26e705523b7e644554786e66988b84c71587af9a76c4f908123886ba5226d9c49790674fe5c8ed7fb8a15c708fe065980744fb5dc1e09afc5c940a50"}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_USERDATA={0x25, 0x6, "d2ea6d0e89bd3821240d47652ab57f9425a6bab703412c8b182fdc540f78081c7c"}]}, @NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x5}]}], {0x14}}, 0x178}}, 0x0)
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/fscaps', 0x10001, 0x90)
syz_genetlink_get_family_id$nl80211(0x0, r10)
setsockopt$packet_int(r10, 0x107, 0xb, &(0x7f00000000c0), 0x4)
r11 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0xc22b01)
write$evdev(r11, &(0x7f0000000540)=[{{0x77359400}, 0x11, 0xf}], 0x18)

5.703825576s ago: executing program 0 (id=2267):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
syz_open_dev$vim2m(&(0x7f0000000140), 0x10001, 0x2)
r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
add_key(&(0x7f00000003c0)='dns_resolver\x00', &(0x7f0000000400)={'syz', 0x3}, &(0x7f0000000080)="00000200", 0xfffff, r4)

5.573530208s ago: executing program 3 (id=2268):
io_submit(0x0, 0x1, &(0x7f0000000600)=[0x0])
close(0xffffffffffffffff)
prlimit64(0x0, 0x1515d9b6d056ea11, &(0x7f00000001c0)={0x6, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f00000003c0)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb, 0x9, 0x0, 0x1, 0xa00}, {0x65, 0x0, 0x5}}, [@printk={@llx, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0xc, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x4, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x3e, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0x30}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000001e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r6, &(0x7f000000e0c0)="f1187c2666e938b0d719606210914a175384a7d8bfa08a4ce1a6704c4c59dca5bd31c2e0daaec1bf1788b64cc764755c8227d255c9fcb56cddc8d23a8719578a528df745f0862275073dd2c88521736ffbb58e980e9803aa1406002487d226afb38483a478d98869748c28d604cd82f416f3c4f2071aac0274092945c94a4911345f1fb12c47fd864cef4bc44ad5fb5348fea8246b3604a4c9c9a827e4aae4f7677d023169ef281c43f5341372d459170f25365fa911efb58b1a0c883d98677cce26aed7f8410a54aee36c963dd8f82fe532fd73594ee6f83265b5fbf2507319d73f87cb6d2050a7b1e001ec563d4170d9ca49e019c1f34a3f6a29e4adc72fcc343bb15caaa44814a11a621d682070b253354508d7b97b1439ad827954b305797e4de400c046ff93c99fa15125daa8b53581ae5392373621d5beffde817abdd5f4feb80aef8cbec83ad2a830c773ae907c19f5385e77e3adc425fc5d8dfd53312af6cb6556f8e3d871add2dc48a37fc05c65f32149a0ac179386d1016590ed19baede89d890902306e3ca40ddf9ea5f54b51cab0b6bc1bdddea7e6a64746cef6ecebedc1c51c670b0af450099c4052caf1eb0d4137a74f41f101a604fe08ef524e12f8f831c30e15da0947f6f584ae2ad96de45e3143f5a9dbce67edbdf5904a0ca1db282fb70dbec4870f6aeba8a74b24900d7c5a0758afadc26ac6f93695eeec1611d7a1123098420302ac2ecfb31bd545695b61c9f36663cf7ce86cd7ac350670893acf0d065fab2dc2ea43505b261393d285fbceaebe30e0d1fbf8baacb9eaf9f6ca84c598c5604fd4b11412a027760671956d312a4cd2e2dd54100519a0a8f93f5b229728bac624870cefd815a6b6d1ce8b06e045c47ee2f91e3524493df21f46cdd00a60c39f49d29965dbed6f408c42b29a3f76e0f840762b273628f7834397bb37d931231ab16f6cc7bbb5caac7a83fc5ac8c67b120b19d8dbc3ef054e7490851bbf11c4cd19d8aad281fc054613050013dec6821e034f10413f96e289f81f10a52fc941992692b2c3b849d949b5c6465f335cd7876caff414d0a00ec927c2766c83249ca5e2d5dc9a524ea5142375bae891c8bcb34e8b4044964b8141841c619c6b1da249cf65b9c16506926804e4e388b60638c46128b43ab76a32659a5e3fa64c75609e31cc2738392a868434d9108c7710d72f8a34827943ded46328621b39b646cb663500467580b76cd6ee0217149dac6168499edcbff45193f49bd28fd105740f641f341ff8ded97ebea072d805062b35819f28541423b0e16ef996323f5907b0b2a0703e9fd5c6a511787cf6321a87f648170efd691aede0c178e0daf53da03829e4e7617b5b834c6b4196d926c7d7a54b9f1b3d3bc09bb7f22fb18f09150e34bec2102eafe634e13454a9d5cdc10da8e880cddaf892af35c437768b62c73f67ccd8764c34669a91f9d669fa1ebcc4159e4be7d4e589a59cb70c1ba77ef7a6a2c6fa4481c5f2c025ee26e24ea59215f971b1bd22af51af1334432d149a9574cac0d4cb145de1038fc37317b947fffb232209f8c65dce28179c950c7b23bd1052db323662512c5fb41acc84c4e42d1daa9be21e6c1d22b6bedd5f28d2241afc578e2a33e12d1b1b6427c620ce5d80c4a5ef351b2cdaa598c478b56bf79d9dcb8b8556503c66b44b27e8df8e046469a5da9390f58144b8766f9f51d39e8d5bd44e1ad024fed57ec1a3b18f04e6bb3b011f1b23031d85c498766cb10f66e3868a76ef1e388018292fdc4435e14bcf7ff6067535ee3764d8deb725cc0fe0afffe4285958ec9595ae5c5cb04834d15429435272e5b0510f246ce806895b85ba2f81912f76f6b955e28febafbd0c2e854479c4a6150b85c05bd54a1d0d37877e6fd3ae20046380dbf82bf9c8fa8a8d48f76cfc376fc9e0e4fdf0ccb785e9833c6c9ba006f7e59318ac733c3a1250f40ceb7ac3a167727bf89daea038372e212f02cf677a009cdfd224b41fc3c142b0882a53c1b9b7de6e99974d80ff8506c71ad3e063d7bc5c5366042b1cf952c6f76fad74fb16b9d9c9804589ae4f4afbc7bbaa340c1093d76a01fb254c5ea168e83b39bd3c97b8ace4f32612b63e841fd6eb304a663e4f43fcfb5f435716df89146d0ebc0c1517734ca4c90b9dd5db6820a4d730a9a7e6748d0d2b7def30a1c242fa36f52c3f685555b0828e1dd59023290ef4626d3759462cad9371d72a9c63824c91d5cc304ab43279f199811a604c164493793886b643ba6bf53d0a9ec7e304488b18bb2eedde5c128b2ef0303f85ed54875e38d4adbbfd477e8fe9a2217f084000813aecedcccb1dbe482b4856b9ceecb28d40bde5e8376eb8c29dc71b85d4b345fc411937234b318238e962f0d5dd46fdf5149685cb3c4f9c2710f4173f4ec616f7036ccf83ba228e1cc7b205cde9b57f00502d4d1c2af6dffaa37ad30fe0f5d955cfee2e00f48cb7ba02ab86748d0238914c66ca9ad9ff0e8b397c5e527c56b0d63a9b5a7b1da19424bc0c81d627b1389a42626654d901eff0f37d64e0cc894ab2c4399c67b846839a1c40033f4f9ecf8410fc63672ad471253fadd976df6510137d903a76ccf14509dd8839024608d707c4eb69cbcd5ba9cdddb7fbac1c963a99ef6e75eea8924aad62d6aea792042cb372131a83730a6ee7de386410d91697dad01d85ffcb22b3679573fea63a38c192b1b1e3a722adacaaf8e855843e1366763456c86ba9934302e0abfea2044386f31c457cb7ff445d7b00e3ed7d1dd4b2f92c845f65af3a3f68de96dd9b7bba62b7fefb52639b6796ca56d902f9dad52f42a1b79fc814c8a58033daa9f43ee3c540cfd08b0ed21941d67dc3ee37fcb855fa4a03453833714d8f8abf83256c503713adf7f8aee122cdb01d0ed27945d42633b0fc3b2fd51f8a9d403e792c9b77be56c257110669b46bd0f8bea9ec7b895b0b1bc9a9485a51e72763c3ccaf6210af7652ccd437722b359d20bc124e7055c5e41ddc5eb66f966647a3b91f1c51f3c6e340d6e203fcd30f39dd0398f0a1c9fa58f2da697033f5988cbc6e5c8e1fce7904112964b2ac5f938b9132d680f3cb0d8ec2fb65162113462ec459356bc9d28d9efdeb9983d79ed04da1a78f02ea8f5b42210a23d9c98a734dab4069dad2a532ebced93f5dad2ec9290b0016e6db7c3c9ca3ebc71d805aafc113ac93d1e68c637000879fd736cd8a42474e607da884df065a06f4d64054512a396d99cb7dfaad6a91cfce8288cf995e83a1ffd2ec83483a807c7ab3d0703e956222dbbc2fc5d57661fd186626b41a2e18144d592174cc8e45f1580593206e6d7c7f3236eeb41aa772e663834768dc21a4c216490612e6e912ad48f1d90650f1a9a29239ffa8f00747833038b75e8759c50799eba59ba58a1ddd3d9b49806e2c7ae143e88f704d0a5556429445a41ad83a95e43bf32fe2f6954ca030a3f2697014cb351c89cbd3d2792cc73371cae124e5c0055201036c7c0c73d94215214b33234f4e21071743cd553b8d96e3387151860f5143f16980020954d80b7f60955f9c09a6501e9d0eee4d8793e9ca2d04a8aa6831d2e54c0397c6c9f2486b79d06aee46f064c02e77fc4bd7bdf31b9dcf520e26ebb7a02ff3d9eef1357dbcc83877f5613c7a8c4e3a4636d2e0161a663a946f651cb5915f07762d00c62d2ecb354d09c2088c3de6b59b5ed0002a1fd5f7eb316ab62fef44af65abb81f96f495f867e128e8829a3d2693e00a5b2a14a6b76dff7c1cd80e26dca00482b3055741fcc7973e33346264f268e22ee4a74fb45066eb24cdbf71ea7c69d3fe9e9ce52dcc7e9b0645474ba2a635c36a83135cd98f892c2619a5724faff0aed7e236cad81184dd05dc5645c7e7ad52ef76d615255b2936bc40f0ea017035a8bfacc18c7bc52ec0e29d70126a6e912c6d06856a12ec2792738a9a1c2b2bd1e9b39db4fd115bc901e0d3fba472ea0182604cc9e73cc772117d49dbf41c7098076eb0867d8eeb7b927701bd5cd21bc2b32e4ee2ab86f143770b4718f7c9ebdd32fdef6170ca284d4102360242f4d007fdcdd8fcfbb90e7d9b693fb1101dec0fa152a7417f70003159ca3633299cae4035793aa7668df47b09e0fad406e278a6105bbd2b9a523c1a8fdb394b9de39d3d9e1ce9d9ba717014dbe59855a92ff2375a3a3477c8bd22cde51e5bbb738b92ef4f3781e605c24e7140b2504b59328cb8e20c5c5d19acca392bbf60194e6257f674df0f99945132d78c76f182f2eb52058a908abf568352d50a7aa4d061380cc58cea53f166a753ffc4a51e90a0f46104decd9eaa77d48300f2c7901465effda4fdb0e70f7ede3541890732d4ff10eef7745ca362eb336febc2609f50f237eac6d4950593bfefe0718ae3bbf227ddd524178b39ce4341e68e4c1e5c65b506b73965c5e6ba8e7472d3b573d41b4e458c97d1f0164376cb24fdc38bce00df871938e65f46c3df4fc20e574581d6631d759c316af7f7709e05e9dc465b87234029ae78f071d892d5e7ab7fab90cbaba55acb3e654a18a5f0bf79d6e471d53b5fca51085a65534dbfa953379c4d4a0022f03da76fce767cfe2930992935ea897fc56dc23d377004d119c9b648986e402b035b7927e567db9019c915c0ab54e6e45435336e37d974a7ea3dfad73915badda2e0c32b87391e3226ef0509ec6a33462a246e62e0fb83065db0270c6c026415dfac7be0e7b1e790631347665e789ce6be41e7ea32b987465ca6a803508a52626d92858156920f841da0532854cd5c966f02911d10a4e12f687801d7b87891e0d7a1ed0279e3cbea3d73b3886e798d39460ef71ebafd803e3d367a0c67c31d502021a796e6c351caca55865902dea97edf28ca7f4da37d62e17df5245e52510e1d5bac6851e1a2bb2228aeb6add3c07bad5798176145d1b46d5ae3169581f2286f6ca3b09ce4c44df0031d6ed077e6af6226b6e21634037079331094fd3bcd0126d5c88069d1c240eba9a4ef943552dd69a2786301a0d94ba5f4afad155583d81cae6f68e600979674d05c5593ada14dccf11745118dfb6da366a15655469cc0fe0d31cabff9a84e40896f8726bb64bb0c548b8b7a7c031967ef8a38e85063eeeb48d271aa893cda1c66204cd3b2c35e27fa7dd972bc396283e24671b9f4c1bd9a4dcf30c8887864305b3f92ec1e678f85d552d411f8c2012bc77ae55d6d8a7c31bb6a9b80a530ef2900961a5c59fa0716f5b6ac2aa5b2313b5539414b2abb7ea3f7b4044e91e463f02e9c51891458084782209323df56148ed89c83d2fc194c127e47ae5bd711f5b130e6b21775090c6156cbe9737b33865b48489f4533945c4b9491add986d3095956796c1b217bf6b09ec63958fca7a9ec6b5435bb3fdbaca8a707c37ba79098c47cd9208351b54e292509d4bc33bf40eaac6caa9f94d0918a7461e6bb8e8b259d3d90d641dec6612dc14b683ac4cbc217f6d108f666e66817867c70f3550d1ce37daf358cce35b8231fb70a4b1e302718163e5a628e8f653eeb25041290ef5f5289ec33dcec3bece209afaf2c4c8ed6145768ac945034473b01b63986f9882514722dd85df95448be18a59c5408ec8c95d203e7a4aebc68999c760d3f3929d0d28f7d8d0ea7c02a813515c5a82fc04cdcf20654c91af430aa34859a77eeca938842600afc6035605a0a9c01acdb164f2b2c3d4d7534c5292d08edb1adc446fedce1a14b7defb274851614de5157e8b5864f7ad8bf6d2f98515c07171afbb8c9d29a2202087bba880441bf68084d5bfdf3a7926ea2767a24bacdd5a6b98080b044071b3c21854333b84156771bbffe0458aed18e110ee0ec37f542b53afd04b76bbce6653d49434f0a8fe97d11cca1b211922bc48b0fa7526693889d0ae2b5a5f7746bd20803db5c57563137910efe92c6f4e0417978ac3af913d46fa9d49acf5f84de8e67f90b409bc78c30b58913f0149eab1629c1e8409190894f2591e208f3b61ed699670de4621675e9ca789cadb219013682d0655b785065dd4d2193f0a81b84f27330aa7a06fc09979239eff65b0327bd7887dd671bc4a51ca7dcca404fc24699a7703bdb1fe4b5175760f682531523ed75396e556b391b627035bbd9e323a004ec1875771b72f02af7711046a16e1df4fe22c8cc064bef1a401a430d2ed959aae3ab82db7a86b74821ed07dcf98ca76070b6e18fc749ef2ffeeec9585bd21aedaf8c05918bfd2f9ab1e1a6f023c0f2a2a418f5ecf711526525a165652eeab3ae16405ed177706844d1ca239f52641e0a66d89565d0b83cedc51d339bcf56ca21203fdadafb447c0e337496b2c5318cd5f44e6122c617387f85c3a6f76dc4d437e45f790c5f489bd56e56b8fa1e3111806429cd4ccf871b887ab9d8ee379f4cdd23bdbc476428ff912adcf7a84810c81943a778e57bbc3690911b5e046988dc85b7ccd09b7fc061f9259369601252aaeb4863d8d57796f1f4518130c911d1a331953663ef8a80fec491308297ccea77691fe14820aca10c6719c205988802791a54348222d6a34d9bf656696f396b27cfdea9d5b0e36838640d68ebe3be9ad72450232b66a5db274087e7a350a7d6abd95adf2557ee93154a966aab798b45c2fb1d5fa1f92db67a5bb2819e580dc15955249065189e4d1621c4517a67a76da14090a90b4da7272f57acc4228b49a1e5dc30002c11d03df9b60c382c026fac97ca1e389d6bb2af95494c2775b789988860478cb1e0a0e8e6a5b823fcaf6f8a031983408624a301bfad96784c9fe217e0c656cff8b65b3897a966c5ab572d269e30124ee813ac08ecec1aa40b73a3149e0647a00c612c0910878a079b5c163029435356473beced7fbc6ded2ee3e313082501fa91dc3ff05e4be525212ab350dceb9ac95c4f1db5399ea008b8609cb0c0f1a1319b9de77bbff478c197b9318005cf401a84f49499808fc403ea3ff9e1874d5ebe7997a0c03d977542c1877348da98f1d05641c9debd0dbba6b14ce8a83ac11de52ba7451cd1bb75f58ecc32676b3d00a76ce09e5695380ecc2e73f44ece11f77238d39696572e46761c7d5e638e94693591b70fffd8ab98b3294fc2614e3ce31424947d0515baeab18ca4a23d479fa0a55d2950082cb770dbc34e138e9469f218a657dcdfee84cac9131cf6ad38000630aaf3fad747cb1dfc777188bafc927e7371ae2be48772afc09b7937784c8365c0ac6caac7de7ede4202ba8d28b18e6d20a217c30776f97546dc65822ff02be3be42f6043f828927ddcd693a7b691f9312aed70b5346cab9ff0d21e8783677bd71cd1b5e4975e588e121a90cdb6b4d3219effc8a868dd110f5cdfc119c121c84c2ad04189f84cec8f7d98d71ebb1f9793af002e2d645d7cfc03e3a4f61c28ff69f08024a93b8c712df64c83859374ae6d5575048d7baa3a0fab0ec0ecc731e3523d9deaebed7de16e9c6c453093de8738f8d7f4a244a6f15432cb494855c6c9b840d514af760c73b88099a66fc926b2f05befc766729f109ea436bbbb5ce2513fe654d7e0b379b49ed555cbddb8a690132417a31f48e530449ffe71d1f851acb1bdf245ec02dd39925782511c0d8930f17a14c54906d96a2daf27144914135cef344451982b50c71c1e5bf7d63f646fbdb749e2e9ce8e84ed334fb90d9ab7c6e7b265bdff840606ec572b035877e7d18cad3fa246ed000ec243d38da351fbea47a54dbea0942fbbf3fd9b00f19c21417159eedf477eb6af4ea228cde4ed64cc2d6890db81c74e5e08720dbea0f5364c1923cef7e0a883188a99896483d2977646bc9ebe9c8667fa68b3aa9cd961ad1dcaeba799eec564d20d771390c2ea12eb8cad0575d08320515c790155dcf477952c72c536e1bb2d6bdca553b02d23992129ce65d520c9f38bd385e37b98ac6c6974bd1fce4d53a7d11666ab3c04b6ff39f93ea50790aa027062d99c1486c5c692eefb05c29737b178526c91b62595f79396d40f2558148dd72652806ffd9fb334e744a2025070780d684dedb6db564fc76a5cf6f75766806e5c644bdb58c6c2aefe02a523f676aef200a3ea928810be43ec4367ec203edae43eedecb608cc48cde469217e36002b8419ba55ce00044a6d3590ba22c77001347c1545d07486d6a5f70ad9561fee62ee4eda80953218711d68ead9b38f3ef1012a952a572b38a5c90536754717799777574874b45e0b39e938ab2d31823bb1f44f965e225be271b69a9ccb32da2df01c65401df771f5e3e195ac977e627e3c4b522928d95391c1f6869ec2e340caf3f336e246d042da8fbe9702980babbb45067d82abebdfe34e3832c123575c479b66a33e22e47a5d8f7ee3c40fb538a3bb7a08ec13017f4c58f7ef769b7597f7252c8b6d0e4bbcefe0e32b4c1c92c5da2506d2be19bb6f71e662fb81f016404c96c50e4ad61dd3ba73746ce0489136d3b0414992f506900151bfbdf118a0e2f998f893560225da2c19280238cab9a986c747a265b22c0d6473f8248f83a3e155f4ee67cbde536b3c4dce586cc8d8ea15e55f3569ede91d29f9fdbaa88d20909f3dc3450e22ddb91722ed6e42f515db47259b74e25966408f4cab33177a74a038daf0967864330fc0be9f1f2b685cfa288bf89e72fecefca841fd0564a47826e586b6d4eb8dacbbfb0808a3255d5f69a8c56ca6e17f2041eff85aaa4eac86c1008d428d91237ec5e2cedad5383703ea7ca8e7dfb483ffd8e1f2abe1a90af170660f881f6cac3025087d72b6454bbc3f8b7308a27ee8a6e8294955903b0a69f66dbb4b6d7dfa2e726ebbdf91908990b042bd09ae9a6f6cd39a4d626f62b2efd8e85c02adeb492a9c97a4e883cd2660b570d0cf5b13c60fb58d60f07ca43b2b3a21843f85801c8d824d2bee451b86db0a61b45142a397372a3deb3bc10d80bf4f9907f5f3200c65f9cb6dd6411284ad5f7b837cb121c42b99f1e517569fc12b2606cb3f45daa0597a8aec824bfd4a31e4b17d5715ec48e8b9e666a5a9f881884b5d06cad31f1830d76db5bae7ef1833b727f6a15c0f32b8e561b41d4f286c74c901201ca52b95dd2b7bc930f5c7702eb282f4dce8dbb37f5137996967a07b0131da890e27edbbf5f5bcd3885889277d6faca161a138460fd1e70ef41179389c87338eb9eae94f2b8167e7e0683836b6153b7428ce1969da01b096eea0b4e7d5d85bb96037c17ee9ca630921367f17eb83845264fec0ecc866e58f845f2f32be57ea9d5c2c595f82efa6608c4c8946f0f56f3856fdaf3b8c0f78a017604521c727a136c2ac28c16ae19da2482c199eb7930fda5198f8269c774b8b2bd769c377a6f86416c2c3579e57a329e74021597aa1ed4e6da50806bdbdee831101cfa13b97e99fd512e43fa414f7b4cf1262c16b9e30ac4c34b108355ac16b6053751fb8c2f4eb4bbf7edcfbd0184f2250344e47bbfe9ca50f0e91e65c78270c58603c20679d739b454d1ec3301fd6b884d00d7539bdd3178126aca8ae37b9d8ecfcf14e62e653864d3ee4f1fae9ffb2197ed8a2455c90359b6a09910b79c2822f04bf07b6a27e01c9f1883fbcd08b7c26d7c8c25271338914cbc157dbbd0efada31709841831c71c1aaf111d0d46845d9aaeb7249dae34fdb050047ac38fbf0b746f33d6ea0baa5d4f7ddadeacb5831b7f9d5e219e4bae55d0b8594f52f0011badef967afef02884ce212c3341c340ee8fdca78e887b7bf2a98c31d1bb8a3969b8b4c939c362cd3edc19598fae9ccd82c88aabbad4c4ae278aa1b59d2003375cc932210f4a636af6c3126f200c8a7ac82d8226f244661ac6d73aa76edb53fa5b2216f645e873de27fbf580c7148fa72f992a220d1d4f499779e25c8b996c580a1165848d23088a6369957841653e291c7f520a8665997bf958ff7da53bef74eea85e3a1a3657945513137351cd4aab8499f23718abb8f66dd7d60e9775639e32ca1e8faacdb8f6b66d0b1b714af355773f1aed034f2e4cdaa17bac308dfd889bf123762b5c894de392a3081af84195438fdfd1868e2d978bf3ec1df5e81b9f8f6afdfbe3dc344f2a6dbf550080e403690d2ca7cfc0244014939aa79a8b3a0933e2bbc226385e3e4188a1ba2b37c34e02fd28c31f2c48d1a83294da501ab012d1d5e5fd26cd41ee71b4a150cf784486f9f6b5ab510cf07cf9792dd9e4d8bf48f06464fc957885d346fc501f21a07ac7fc71b9c01519cf4d2fa766d15eaf459fc429ace3a1a61ba078da7324ac06e65d7f36271f6898e8ccd673edeb25571c44606d7bde39d5195472e727bc7e2a2d1578328cdaf90400a7843f31793ad33d0f32885bf9b1f0e56d4a3ec40a1094e0ecec32a1712b88ff3008213795ffece882254753011c6988931fc9f19b5ad0891e20887b47ccf460e303842bb4c0b62163868e805b3bae6e4937a476e7eafe9fde0d0cf62223f714c69be6833c10d06f91a78016b1c00087415ac4a5b7b5e10f98a3e19adf60d56d5bef918c1c7ebbf7cfc37130ffae2ad7a620250c7387069ecc926f34069b717b97bf2a0ef0a2bf796034e88d30aa4235744a1aa5601ba718add8cd0cf38411f4787cd22e21dbacd9e480b13af38477e70d2a4800f680fa7cc8684fd467b86555422b1a901144b03e4327b2573769cb02de90e8e30df7afd2e571e2946d23a0efe02bac8e9698d12589378e28d1c36ce328a27abff98eca7b6da95daa681700397ce62c9b50a47cedeafd51b62e953413639a9d9978fb3e1604027751da66b5e481ec1e4697d64a4477c67ec2967e2389b6f716f77c810a62a5fd78c69907f4a4dc210db30d5d4e9dd1a82c9ca1f0dbeecb33a702f4860426e7d1c26d1a00ee4c62e3d671d545b26aab8ac758c53cea2250ed929aa715bf513a5fa242b78ddbc263990c42025ba2a52e368f6a18e2cfc0a6047e7f0e7187c3e36d61905cf0cf824a08e5c240ec56b04c909390322ce24f35001e8d5a599ffadbe2a8755920cc488f40be225110310d4e9e4d4cfa34f953c6f6cc6a5f8a89373739dc5da9445947fb58bec2c8e5b7f8c349d6df29e6a87336dd7bccb036139922faf14f3eeb92ba12d0084b1da8d36a3f9656414c0f32a1b2575a5147568ad96c2125701fc67d00e9d78788bfd0188276727d568bb0800a576913dbc5c1035fbcaa5359bc9b7fca0ef528903250be1a942e59727789ec61ee1ae617c3a23d3a89044a9ec729ef0cf7ec6a3d01e06e864c2e24c38a8389826c2cd471cca5cfd18a34050f24b99dcd26d418465a5e3623d7c9dffe7e65fc25f90710f42d00fb81b33a2db18d0ff7955c8d87ba8fdfe1186b638312505c7810dd0ead9c7722fcef542d2a73f107993e3ec78d3a0b15506ebd4d13a72384f77268b44c32a957aefda0bed253e76cb09012f104bd0c1f04e96b1fc60d08eb79ce9216fe1fde6ffe65d09056c9643ada21ef080b9da75c10f71ad334e4d3b5d3a0e55bd1ffcc18259cd28f6bbdfab16575cdcce86c95f894cd001e795cdaeac95c90d1ba94806ea2fdf45906eb7a2ba0613503f7aa7397e78c964ad3251d297ea76d88b4221efccb2c", 0x2000, 0x0)

5.556610877s ago: executing program 2 (id=2269):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200))
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs, 0x6e)
sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840), 0x0, 0x0, 0x0, 0x4001}, 0x0)
ioctl$HIDIOCGRAWNAME(r0, 0x80404804, &(0x7f0000000000))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sched_setscheduler(0x0, 0x0, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x80001)
r4 = creat(&(0x7f0000000300)='./file0\x00', 0x20)
mount$nfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYRES64=r4, @ANYRESHEX, @ANYBLOB="11fe8dcb928a75ca31f3310adde1c9"])
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000380)=[@in6={0xa, 0x4e24, 0x2, @remote, 0x7}, @in={0x2, 0x4e20, @remote}, @in6={0xa, 0x4e24, 0x3, @rand_addr=' \x01\x00', 0x40000000}, @in6={0xa, 0x4e22, 0x6, @mcast1, 0x302}, @in6={0xa, 0x4e20, 0xaddd, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4}], 0x80)
inotify_init1(0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, &(0x7f00000001c0)="e6", 0x1, 0x0, 0x0, 0x0)

2.207880961s ago: executing program 1 (id=2270):
ioctl$DRM_IOCTL_GET_UNIQUE(0xffffffffffffffff, 0xc0106401, &(0x7f0000000140)={0xa3, &(0x7f0000000080)=""/163})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_io_uring_setup(0x22e, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000440)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000009c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0})
io_uring_enter(r3, 0x7a98, 0x0, 0x0, 0x0, 0x0)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)

2.145638368s ago: executing program 2 (id=2271):
socket$nl_generic(0x10, 0x3, 0x10)
getpid()
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000140)={0x5, 0xb32e, {}, {}, 0x6e})
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300))
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r1)
sendmsg$NFC_CMD_GET_TARGET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0x1}, 0x14}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0xb, &(0x7f0000000000)=0x40b, 0x4)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000600)={0x14, 0x0, 0x1, 0x0, 0x0, {0x23}}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r1)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r1)
sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000003000000080001"], 0x28}}, 0x0)

2.119435318s ago: executing program 4 (id=2272):
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000640), 0xaa80, 0x0)
ioctl$CAPI_MANUFACTURER_CMD(r0, 0xc0404309, &(0x7f0000000040)={0x43, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000b40), 0x2b842ac, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_DEV_CREATE(r5, 0x541b)
sendto$inet6(r4, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$sock_int(r6, 0x1, 0x1, &(0x7f0000000180)=0x8001, 0x4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)={0x5c, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x5c}}, 0x8000)
sendmsg$IPSET_CMD_DESTROY(r7, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000700)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}}, @NFT_MSG_DELTABLE={0x10c, 0x2, 0xa, 0x401, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_USERDATA={0xa3, 0x6, "51c139cfcdc9566d001ddc358bd5c1a37d87fa4d122109c92a34e3c6ee1b47a3efe60622ba06e8c0d86bf461b40fb24d7025ed302bf5bfc5b731d9796e17fb9b35bd39e4e323722f91b3826b233d3e3730e36d733c5555ae5726ca90df40b51b27a63b26e705523b7e644554786e66988b84c71587af9a76c4f908123886ba5226d9c49790674fe5c8ed7fb8a15c708fe065980744fb5dc1e09afc5c940a50"}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_USERDATA={0x25, 0x6, "d2ea6d0e89bd3821240d47652ab57f9425a6bab703412c8b182fdc540f78081c7c"}]}, @NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x5}]}], {0x14}}, 0x178}}, 0x0)
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/fscaps', 0x10001, 0x90)
syz_genetlink_get_family_id$nl80211(0x0, r10)
setsockopt$packet_int(r10, 0x107, 0xb, &(0x7f00000000c0), 0x4)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r10, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c0000000008000c0000000000000000000000072c000480080001400000006908000140000000d40800014080000001080001400000caf708000140000000040900010073397a3000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x440c4}, 0x48000)
write$evdev(0xffffffffffffffff, &(0x7f0000000540)=[{{0x77359400}, 0x11, 0xf}], 0x18)

2.101173368s ago: executing program 0 (id=2273):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r0, 0x4b6a, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "37cfe2edb9060d66a400"}) (fail_nth: 2)

1.838972188s ago: executing program 2 (id=2274):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = io_uring_setup(0x2655, &(0x7f0000000340))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000500)=""/4095, 0xfff}], 0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6)

1.058455506s ago: executing program 2 (id=2275):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef641ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17cf9e68ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000669b2c57f96aefff7549bb498c8e5b0c0081f386a64d3a628c88e554fc70e6fb21639f7e680b0ffb52b222a6971cdb790688"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x0, 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000002b00)=ANY=[@ANYBLOB], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = dup2(r0, r0)
write$P9_RREADLINK(r4, 0x0, 0x0)

1.056577755s ago: executing program 1 (id=2276):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000140)={0x0, 0x21, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000008000300", @ANYRES32=r2, @ANYBLOB="0600eb"], 0x30}}, 0x0)

1.034828177s ago: executing program 4 (id=2277):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000680)="d8000000180081034e81f783db4cb9040a1d020006007c09e8f655a10a0015000402142603600e1208001e0000000441a800050004001040040000000c5c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300"/215, 0xd7}, {&(0x7f00000001c0)=']', 0x1}], 0x2}, 0x0) (fail_nth: 6)

817.4499ms ago: executing program 1 (id=2278):
epoll_create1(0x0)
socket$xdp(0x2c, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x7, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x1, 0xc3, &(0x7f0000000300)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x8b, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x90)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84}, 0x48)
bpf$MAP_UPDATE_BATCH(0x19, &(0x7f0000000300)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800, r2}, 0x38)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f00000002c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x5000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x48080}, 0x800)
close(r0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffe}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4000000}, 0x90)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x8800, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, &(0x7f00000004c0)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="20015d000000fac5f047651415c5ef08fa5b894dbb1c7a54a1450fd27547215c78242dbe60834a2536e8ed89fe7b62091c80de4e4fb7f9d119e8abb87805e3e75a1aed345820ff1c73fab339241cbd1f612727851c1788b6fb8ef05e401b14c671f6b6"], 0x0})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r7, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

816.91377ms ago: executing program 4 (id=2279):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x200000, 0x200000})
r3 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={@cgroup=r4, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
socket$inet6_udp(0xa, 0x2, 0x0)
r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x10000, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'bond0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_INITIAL_QUANTUM={0x8}, @TCA_FQ_QUANTUM={0x8}]}}]}, 0x40}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x18}}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000000b80)=ANY=[@ANYBLOB="850000004f000000350000000000000085000000230000009500000000000000f4670880271e3503200ffa95a2c8c037c5a142dfa8ba6287066c5197fabd5f7010e89ae0b737126ea6d40dfeceed29d0608d38665cb6e22ff5dde54704d27779949c23e2e6979df3a2350ea7c09cc28de194f44842a5f0a8320e13822c8707f8612c10b100000000b0d3712c7e93363af3c075ff1e23160000000000000000f3d576090c4867a7b6393e366c6386d5ec7209d031cb30f6b7f40f3000e9576e51a7f550afc852003b2f7846c744ae6af3c037102124d85cec074c6949e1d76d067a97000247fe5f17fd32aaab800f4104dbaba46aac3a815b1e5c6d1d224b64be6c4d7f47ef6d02ba536cdacecf7eb6baaa4a9779f8555eaea768c1f2c221c110ef050000000ee282ab76f593d928cf95846be6277c04b8c5324812696a623cd8a4f8dc8dcba00b1b2d2547c45b0c52087b5efabf8496b9a951667dd58ea0327b56c0ebfb19a34268335648e1f844ce328c10752a42dca52fb98c1452b651ebf942f7297f7b2744419a2f238f173d0cd46dafc663373d700b9096bf701fe95500f53e5309ec91d83cf4fbd775d9c07d8d591a4dac60ff00e629b3b20000000000000000000000000000000000000000000000614fc97bff9cfa139a35a8b7d58e334ee5ee82a334dddd39459185ca47f48f3f897ba1d21c33f2b14910616aa9cb3e42b6b5e57ba3a20ef511e52e2d36ebd098379f9f7cbd9cf2860bc5e874e8a0ccce67f185b43c516d3f8bfd8b1bba365d29cba56e92d6860d96c16324fa6933dc2443325a7e2d8145fe00eb8f3859d56a4707c0512d03e6096a5806920bf2af3707814fc5b8d18734aa915cc7e182642a4fbdab97eaf408786d07464d69246055c18da4ce055e4b94042aed861c98012b535193fc5c30e3dfff1c3fe8154444f649b6cde6b9d954b4cd03ec91ef97f7d7ffe6fdf0ff0a5fa5eaca3ac8ebf45ff7d77880cdda3ade4ee2000ec7e7efeea3d87a7a73e010f1bd6c3aec07ef0dee2d3314398fb708303947d5346e443f7db380d49d7f1f40b3c165152dd643767af4ff2b656e984537fc0ab38dffaac0b30c3adb92b415c75eec0cd5d0b9c2541466db05000000f87d97fb6c327c0fe7902ff943bbf51516408257a379635ee2483acd024bddd5470d9f824b37f2b17529513336a79503799523cccf646451cb3cae91755075f42f57a799b254b3d92260aa4c974465ca4793c00c841760fb6457147688ffdd3ad2c51d92955eb50d39b965b9a4c25c1f2b43e3a2e5b2691c9ca21ade26568c7fd4c5750d971ec61811ca2e10b46c69b143b8d6ed638abc60eb29feee7a9b45adf3f032675b918d6c5470ae962083419a4462dbfa263db8bfdf1e827114d2c9808c968b4722d2df5115e247c9cff176070b67bba09d9911a75496c310794ed868fb959aa9790010310fa60eee856ef40625c47b01cc97e98773e8a1ee4d2bc9759f32adb9f8666c71f7f52679b72da4d5507971ff735431c4b497c38050987e88594fa57360f6dfd6324ed0a0f946635ff18a20ffc1fe5b725a26bf422703bfc5e8ea413e0383119e3052adbbaac9207ceece962a1a5dce7b45e769f29e89b381adc85f62efb1ce64c277e2a09017642df9a615241bb732614be1017c8070de02d7caed82b33cb284f2d4340839c3137e92f16b3983924195cae21a193ab1e227a318b612ba5ab7ede79e42b6e47162c7f92f"], &(0x7f0000000140)='GPL\x00', 0x0, 0xe0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffc1a}, 0x15)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r7, 0xfffff000, 0xe, 0x12, &(0x7f00000000c0)="61df712bc884fed5722780b605a7", 0x0, 0x1bd0}, 0x28)
getsockname$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
bpf$ENABLE_STATS(0x20, &(0x7f0000000340), 0x4)
r9 = socket$nl_route(0x10, 0x3, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x100200, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r8, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r9], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=@newtfilter={0x24, 0x10, 0xc27, 0x0, 0x0, {0x0, 0x0, 0x74, r8, {0xc}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r10, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r13=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r10, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000000)={0x44, r12, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r13}, @val={0xc}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f00000005c0)=@deltaction={0x1d0, 0x31, 0x2, 0x70bd28, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x69}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}, @TCA_ACT_TAB={0x90, 0x1, [{0x10, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0x10, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0x10, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0x10, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0x10, 0x16, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1ff}}]}, @TCA_ACT_TAB={0x80, 0x1, [{0xc, 0xc, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8000}}, {0x10, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0x10, 0x6, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x212}}, {0x10, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}]}, @TCA_ACT_TAB={0x68, 0x1, [{0x10, 0x1f, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0x10, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0x10, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3363}}, {0x10, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}]}, @TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffffc}}]}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x80}, 0x8891)

261.138394ms ago: executing program 2 (id=2280):
symlinkat(&(0x7f00000001c0)='.\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000240)={{0x1, 0x1, 0x5f, <r1=>0xffffffffffffffff}, './file0\x00'})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r1, 0x3ba0, &(0x7f00000000c0)={0x48, 0x8, r1, 0x0, 0x4, 0x45, &(0x7f0000000040)="2fec81c12c6e9d5e92800d130083c00117b20529e6c5d1a80634afa1c31e802043ae158d7d1487da5b8caa360f5d4ea6c761a871d955a1ee04fe71920011be00a7e0329d16", 0x5})

0s ago: executing program 2 (id=2281):
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000640), 0xaa80, 0x0)
ioctl$CAPI_MANUFACTURER_CMD(r0, 0xc0404309, &(0x7f0000000040)={0x43, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000b40), 0x2b842ac, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_DEV_CREATE(r5, 0x541b)
sendto$inet6(r4, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$sock_int(r6, 0x1, 0x1, &(0x7f0000000180)=0x8001, 0x4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)={0x5c, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x5c}}, 0x8000)
sendmsg$IPSET_CMD_DESTROY(r7, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000700)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}}, @NFT_MSG_DELTABLE={0x10c, 0x2, 0xa, 0x401, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_USERDATA={0xa3, 0x6, "51c139cfcdc9566d001ddc358bd5c1a37d87fa4d122109c92a34e3c6ee1b47a3efe60622ba06e8c0d86bf461b40fb24d7025ed302bf5bfc5b731d9796e17fb9b35bd39e4e323722f91b3826b233d3e3730e36d733c5555ae5726ca90df40b51b27a63b26e705523b7e644554786e66988b84c71587af9a76c4f908123886ba5226d9c49790674fe5c8ed7fb8a15c708fe065980744fb5dc1e09afc5c940a50"}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_USERDATA={0x25, 0x6, "d2ea6d0e89bd3821240d47652ab57f9425a6bab703412c8b182fdc540f78081c7c"}]}, @NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x5}]}], {0x14}}, 0x178}}, 0x0)
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/fscaps', 0x10001, 0x90)
syz_genetlink_get_family_id$nl80211(0x0, r10)
setsockopt$packet_int(r10, 0x107, 0xb, &(0x7f00000000c0), 0x4)
r11 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0xc22b01)
write$evdev(r11, &(0x7f0000000540)=[{{0x77359400}, 0x11, 0xf}], 0x18)

kernel console output (not intermixed with test programs):

b 1-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  655.105579][T10494] hub 5-1:0.0: USB hub found
[  655.111210][ T5289] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  655.139072][ T5289] usb 1-1: config 0 descriptor??
[  655.168716][ T5289] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  655.379242][T12510] netlink: 'syz.3.1835': attribute type 4 has an invalid length.
[  655.390357][T10494] hub 5-1:0.0: 2 ports detected
[  655.491752][ T5261] usb 3-1: USB disconnect, device number 88
[  656.562176][T12527] No such timeout policy "syz0"
[  656.730437][T10494] usb 5-1: reset high-speed USB device number 78 using dummy_hcd
[  656.922414][T10494] usb 5-1: device descriptor read/64, error -32
[  657.365773][  T943] usb 1-1: USB disconnect, device number 80
[  657.620694][T12524] ntfs3: nullb0: Primary boot signature is not NTFS.
[  657.632073][T12524] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00
[  657.829805][T12543] xt_CONNSECMARK: invalid mode: 0
[  658.049198][T12545] netlink: 'syz.0.1841': attribute type 29 has an invalid length.
[  658.058017][T10494] hub 5-1:0.0: set hub depth failed
[  658.091547][ T5259] usb 5-1: USB disconnect, device number 78
[  658.103947][T12524] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1837'.
[  658.129159][T12548] netlink: 'syz.0.1841': attribute type 29 has an invalid length.
[  659.694708][   T29] audit: type=1326 audit(1721991293.580:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12561 comm="syz.4.1848" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a1f777299 code=0x0
[  661.056590][T12581] RDS: rds_bind could not find a transport for ::ffff:172.30.0.4, load rds_tcp or rds_rdma?
[  661.901771][T12571] netlink: 'syz.2.1849': attribute type 4 has an invalid length.
[  661.961977][   T29] audit: type=1326 audit(1721991295.840:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12583 comm="syz.3.1852" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f72c8d77299 code=0x0
[  662.083330][ T5216] Bluetooth: hci5: command 0x0405 tx timeout
[  662.132601][ T2534] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  662.431869][ T2534] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  663.579625][ T2534] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.140059][ T5216] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  665.154062][ T5216] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  665.162661][ T5216] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  665.178295][ T2534] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.375046][T12615] xt_CONNSECMARK: invalid mode: 0
[  665.566211][ T5216] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  665.573925][ T5216] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  665.581229][ T5216] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  666.273954][ T5260] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[  666.414513][ T2534] bridge_slave_1: left allmulticast mode
[  666.438379][ T2534] bridge_slave_1: left promiscuous mode
[  666.501087][ T5260] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  666.512054][ T2534] bridge0: port 2(bridge_slave_1) entered disabled state
[  666.533641][ T5260] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  666.560298][ T2534] bridge_slave_0: left allmulticast mode
[  666.580040][ T5260] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  666.600060][ T2534] bridge_slave_0: left promiscuous mode
[  666.625644][ T5260] usb 2-1: config 0 descriptor??
[  666.631017][ T2534] bridge0: port 1(bridge_slave_0) entered disabled state
[  666.672374][ T5260] pwc: Askey VC010 type 2 USB webcam detected.
[  667.314423][T12641] RDS: rds_bind could not find a transport for ::ffff:172.30.0.4, load rds_tcp or rds_rdma?
[  667.690766][T12223] Bluetooth: hci0: command tx timeout
[  667.988621][ T5260] pwc: send_video_command error -71
[  668.003674][ T5260] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  668.011296][ T5260] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71
[  668.034684][ T5260] usb 2-1: USB disconnect, device number 82
[  668.508892][ T5260] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[  668.742692][ T5260] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  668.782740][ T5260] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  668.824130][ T5260] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  668.841429][ T5260] usb 2-1: config 0 descriptor??
[  668.866162][ T5260] pwc: Askey VC010 type 2 USB webcam detected.
[  669.112139][ T2534] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  669.142748][ T2534] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  669.185305][ T2534] bond0 (unregistering): Released all slaves
[  669.240147][ T2534] bond1 (unregistering): Released all slaves
[  669.297391][ T5260] pwc: recv_control_msg error -32 req 02 val 2b00
[  669.307056][ T5260] pwc: recv_control_msg error -32 req 02 val 2700
[  669.360761][T12644] netlink: 'syz.3.1867': attribute type 4 has an invalid length.
[  669.455968][ T2534] batman_adv: batadv0: Interface deactivated: wlan1
[  669.520192][ T5260] pwc: recv_control_msg error -71 req 04 val 1000
[  669.529701][ T5260] pwc: recv_control_msg error -71 req 04 val 1300
[  669.541040][ T5260] pwc: recv_control_msg error -71 req 04 val 1400
[  669.554155][ T5260] pwc: recv_control_msg error -71 req 02 val 2000
[  669.561057][ T5260] pwc: recv_control_msg error -71 req 02 val 2100
[  669.568001][ T5260] pwc: recv_control_msg error -71 req 04 val 1500
[  669.574907][ T5260] pwc: recv_control_msg error -71 req 02 val 2500
[  669.581763][ T5260] pwc: recv_control_msg error -71 req 02 val 2400
[  669.598376][ T5260] pwc: recv_control_msg error -71 req 02 val 2600
[  669.621153][ T5260] pwc: recv_control_msg error -71 req 02 val 2900
[  669.640743][ T5260] pwc: recv_control_msg error -71 req 02 val 2800
[  669.680120][ T5260] pwc: recv_control_msg error -71 req 04 val 1100
[  669.701131][ T5260] pwc: recv_control_msg error -71 req 04 val 1200
[  669.712376][ T5260] pwc: Registered as video71.
[  669.720523][ T2534] batman_adv: batadv0: Removing interface: wlan1
[  669.732447][ T5260] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input77
[  669.756874][ T5260] usb 2-1: USB disconnect, device number 83
[  669.763860][T12223] Bluetooth: hci0: command 0x041b tx timeout
[  670.545108][ T2534] hsr_slave_0: left promiscuous mode
[  670.590739][ T2534] hsr_slave_1: left promiscuous mode
[  670.683480][ T2534] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  670.726594][ T2534] batman_adv: batadv0: Removing interface: batadv_slave_0
[  670.763868][ T2534] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  670.771340][ T2534] batman_adv: batadv0: Removing interface: batadv_slave_1
[  670.820278][   T29] audit: type=1326 audit(1721991304.700:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12678 comm="syz.1.1872" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4d6a177299 code=0x0
[  670.879505][ T2534] team_slave_0: left promiscuous mode
[  670.885045][ T2534] team_slave_1: left promiscuous mode
[  670.901139][ T2534] veth1_macvtap: left promiscuous mode
[  670.922483][ T2534] veth0_macvtap: left promiscuous mode
[  670.941686][ T2534] veth1_vlan: left promiscuous mode
[  670.969023][ T2534] veth0_vlan: left promiscuous mode
[  671.441596][ T5289] usb 4-1: new high-speed USB device number 96 using dummy_hcd
[  671.673982][ T5289] usb 4-1: Using ep0 maxpacket: 32
[  671.697218][ T5289] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  671.718720][ T5289] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  671.745985][ T5289] usb 4-1: Product: syz
[  671.750615][ T5289] usb 4-1: Manufacturer: syz
[  671.760939][ T5289] usb 4-1: SerialNumber: syz
[  671.815037][ T5289] usb 4-1: config 0 descriptor??
[  671.843294][ T5216] Bluetooth: hci0: command 0x041b tx timeout
[  672.704314][ T5289] rtl8150 4-1:0.0: couldn't reset the device
[  672.722673][ T5289] rtl8150 4-1:0.0: probe with driver rtl8150 failed with error -5
[  672.757792][ T5289] usb 4-1: USB disconnect, device number 96
[  673.092198][ T2534] team0 (unregistering): Port device team_slave_1 removed
[  673.199985][ T2534] team0 (unregistering): Port device team_slave_0 removed
[  673.340624][T12709] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1880'.
[  673.848561][ T5289] usb 4-1: new high-speed USB device number 97 using dummy_hcd
[  673.927795][T12223] Bluetooth: hci0: command 0x041b tx timeout
[  673.987455][T12612] chnl_net:caif_netlink_parms(): no params data found
[  674.063226][ T5289] usb 4-1: Using ep0 maxpacket: 32
[  674.075026][ T5289] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  674.093578][ T5289] usb 4-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  674.102793][T12681] netlink: 'syz.0.1873': attribute type 4 has an invalid length.
[  674.111511][ T5289] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  674.138676][ T5289] usb 4-1: config 0 descriptor??
[  674.281619][ T5289] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  674.651744][T12612] bridge0: port 1(bridge_slave_0) entered blocking state
[  674.711135][T12612] bridge0: port 1(bridge_slave_0) entered disabled state
[  674.801804][T12612] bridge_slave_0: entered allmulticast mode
[  674.894334][T12612] bridge_slave_0: entered promiscuous mode
[  674.950291][T12612] bridge0: port 2(bridge_slave_1) entered blocking state
[  675.001296][T12612] bridge0: port 2(bridge_slave_1) entered disabled state
[  675.052857][T12612] bridge_slave_1: entered allmulticast mode
[  675.111187][T12612] bridge_slave_1: entered promiscuous mode
[  675.237276][T12731] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1883'.
[  675.617402][T12612] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  675.747302][T12751] netlink: 'syz.1.1885': attribute type 4 has an invalid length.
[  675.818650][T12612] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  675.943648][ T5289] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[  676.014026][T12223] Bluetooth: hci0: command 0x041b tx timeout
[  676.153229][ T5289] usb 3-1: Using ep0 maxpacket: 8
[  676.165323][ T5289] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  676.187890][T12612] team0: Port device team_slave_0 added
[  676.203757][ T5289] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  676.231714][T12612] team0: Port device team_slave_1 added
[  676.238951][ T5289] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  676.258915][   T29] audit: type=1326 audit(1721991310.110:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12760 comm="syz.0.1888" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8296577299 code=0x0
[  676.280254][ T5289] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  676.318962][ T5289] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  676.357066][ T5289] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  676.436358][ T5257] usb 4-1: USB disconnect, device number 97
[  676.457724][T12612] batman_adv: batadv0: Adding interface: batadv_slave_0
[  676.466840][T12612] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  676.506043][T12612] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  676.613722][ T5289] usb 3-1: GET_CAPABILITIES returned 0
[  676.619562][T12612] batman_adv: batadv0: Adding interface: batadv_slave_1
[  676.627220][ T5289] usbtmc 3-1:16.0: can't read capabilities
[  676.633874][T12612] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  676.667409][T12612] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  676.882878][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  676.892004][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  676.901093][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  676.910198][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  676.959840][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  676.968946][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  676.977973][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  676.997636][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  677.006783][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  677.015873][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  677.024955][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  677.094672][T12612] hsr_slave_0: entered promiscuous mode
[  677.136563][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  677.145769][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  677.154859][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  677.163945][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  677.175230][T12612] hsr_slave_1: entered promiscuous mode
[  677.189283][T12612] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  677.198246][T12612] Cannot create hsr debugfs directory
[  677.208023][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2
[  677.355995][ T5289] usb 3-1: USB disconnect, device number 89
[  678.018754][T12793] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1892'.
[  678.094049][T12223] Bluetooth: hci0: command 0x041b tx timeout
[  678.253251][ T5257] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[  679.226298][ T5257] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  679.280880][ T5257] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  679.341181][ T5257] usb 2-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00
[  679.403307][ T5257] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  679.451415][ T5257] usb 2-1: config 0 descriptor??
[  679.820838][T12612] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  679.859808][T12612] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  679.930723][T12818] RDS: rds_bind could not find a transport for ::ffff:172.30.0.4, load rds_tcp or rds_rdma?
[  680.574819][T12612] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  680.642409][T12612] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  680.671981][ T5257] usbhid 2-1:0.0: can't add hid device: -71
[  680.693551][ T5257] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  680.723535][ T5216] Bluetooth: hci0: command 0x041b tx timeout
[  680.739121][ T5257] usb 2-1: USB disconnect, device number 84
[  681.036216][T12612] 8021q: adding VLAN 0 to HW filter on device bond0
[  681.262233][T12612] 8021q: adding VLAN 0 to HW filter on device team0
[  681.263251][ T5289] usb 4-1: new high-speed USB device number 98 using dummy_hcd
[  681.463328][T12837] xt_CONNSECMARK: invalid mode: 0
[  681.974391][ T5289] usb 4-1: Using ep0 maxpacket: 32
[  682.028541][ T5289] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  682.049722][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[  682.056913][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[  682.065406][ T5289] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  682.077774][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[  682.084985][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[  682.093737][ T5289] usb 4-1: Product: syz
[  682.097956][ T5289] usb 4-1: Manufacturer: syz
[  682.102573][ T5289] usb 4-1: SerialNumber: syz
[  682.150502][ T5289] usb 4-1: config 0 descriptor??
[  682.538184][T12854] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=536872384 (1073744768 ns) > initial count (16 ns). Using initial count to start timer.
[  682.615472][T12854] kvm: pic: non byte write
[  682.683840][ T5289] rtl8150 4-1:0.0: couldn't reset the device
[  682.692169][ T5289] rtl8150 4-1:0.0: probe with driver rtl8150 failed with error -5
[  682.708143][T12612] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  682.739883][ T5289] usb 4-1: USB disconnect, device number 98
[  682.765113][T12845] netlink: 'syz.2.1902': attribute type 4 has an invalid length.
[  683.346731][T12612] 8021q: adding VLAN 0 to HW filter on device batadv0
[  684.251896][T12888] RDS: rds_bind could not find a transport for ::ffff:172.30.0.1, load rds_tcp or rds_rdma?
[  684.886268][T12880] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1907'.
[  684.899686][T12880] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1907'.
[  686.124810][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  686.318830][T12612] veth0_vlan: entered promiscuous mode
[  686.405978][T12910] can: request_module (can-proto-0) failed.
[  686.445256][T12612] veth1_vlan: entered promiscuous mode
[  686.551911][T12612] veth0_macvtap: entered promiscuous mode
[  686.572122][T12612] veth1_macvtap: entered promiscuous mode
[  686.611974][T12612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  686.622680][T12612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  686.633902][T12612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  686.647698][T12612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  686.658754][T12612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  686.683174][T12612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  686.704651][ T5257] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[  686.714531][T12612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  686.728070][T12932] FAULT_INJECTION: forcing a failure.
[  686.728070][T12932] name failslab, interval 1, probability 0, space 0, times 0
[  686.752688][T12612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  686.775759][T12612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  686.788569][T12932] CPU: 0 UID: 0 PID: 12932 Comm: syz.3.1916 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[  686.799037][T12932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  686.809123][T12932] Call Trace:
[  686.812427][T12932]  <TASK>
[  686.815383][T12932]  dump_stack_lvl+0x241/0x360
[  686.820098][T12932]  ? __pfx_dump_stack_lvl+0x10/0x10
[  686.825332][T12932]  ? __pfx__printk+0x10/0x10
[  686.829967][T12932]  ? ref_tracker_alloc+0x332/0x490
[  686.835113][T12932]  should_fail_ex+0x3b0/0x4e0
[  686.839833][T12932]  ? skb_clone+0x20c/0x390
[  686.844279][T12932]  should_failslab+0xac/0x100
[  686.848993][T12932]  ? skb_clone+0x20c/0x390
[  686.853438][T12932]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  686.858851][T12932]  skb_clone+0x20c/0x390
[  686.863121][T12932]  __netlink_deliver_tap+0x3cc/0x7c0
[  686.868451][T12932]  ? netlink_deliver_tap+0x2e/0x1b0
[  686.873680][T12932]  netlink_deliver_tap+0x19d/0x1b0
[  686.878828][T12932]  netlink_unicast+0x7be/0x990
[  686.883632][T12932]  ? __pfx_netlink_unicast+0x10/0x10
[  686.888946][T12932]  ? __virt_addr_valid+0x183/0x530
[  686.894087][T12932]  ? __check_object_size+0x49c/0x900
[  686.899390][T12932]  ? bpf_lsm_netlink_send+0x9/0x10
[  686.904506][T12932]  netlink_sendmsg+0x8e4/0xcb0
[  686.909276][T12932]  ? __pfx_netlink_sendmsg+0x10/0x10
[  686.914556][T12932]  ? __import_iovec+0x536/0x820
[  686.919403][T12932]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  686.924684][T12932]  ? security_socket_sendmsg+0x87/0xb0
[  686.930137][T12932]  ? __pfx_netlink_sendmsg+0x10/0x10
[  686.935415][T12932]  __sock_sendmsg+0x221/0x270
[  686.940089][T12932]  ____sys_sendmsg+0x525/0x7d0
[  686.944859][T12932]  ? __pfx_____sys_sendmsg+0x10/0x10
[  686.950154][T12932]  __sys_sendmsg+0x2b0/0x3a0
[  686.954748][T12932]  ? __pfx___sys_sendmsg+0x10/0x10
[  686.959859][T12932]  ? vfs_write+0x7c4/0xc90
[  686.964311][T12932]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  686.970639][T12932]  ? do_syscall_64+0x100/0x230
[  686.975400][T12932]  ? do_syscall_64+0xb6/0x230
[  686.980072][T12932]  do_syscall_64+0xf3/0x230
[  686.984575][T12932]  ? clear_bhb_loop+0x35/0x90
[  686.989252][T12932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  686.995142][T12932] RIP: 0033:0x7f72c8d77299
[  686.999551][T12932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  687.019170][T12932] RSP: 002b:00007f72c9b89048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  687.027587][T12932] RAX: ffffffffffffffda RBX: 00007f72c8f05f80 RCX: 00007f72c8d77299
[  687.035552][T12932] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  687.043521][T12932] RBP: 00007f72c9b890a0 R08: 0000000000000000 R09: 0000000000000000
[  687.051486][T12932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  687.059451][T12932] R13: 000000000000000b R14: 00007f72c8f05f80 R15: 00007ffc1f80b6d8
[  687.067436][T12932]  </TASK>
[  687.073193][T12612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.099329][T12612] batman_adv: batadv0: Interface activated: batadv_slave_0
[  687.142325][T12612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  687.171067][T12612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.189665][T12612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  687.212897][T12612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.228788][ T5257] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  687.250995][T12612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  687.261737][ T5257] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  687.279248][ T5257] usb 2-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00
[  687.294987][T12612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.318513][ T5257] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  687.326813][T12612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  687.349159][T12612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.349186][ T5257] usb 2-1: config 0 descriptor??
[  687.371435][T12612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  687.386918][T12612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.399622][T12612] batman_adv: batadv0: Interface activated: batadv_slave_1
[  687.458144][T12612] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  687.467776][T12612] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  687.481345][T12612] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  687.490680][T12612] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  687.523757][T12223] Bluetooth: hci0: command 0x041b tx timeout
[  687.946655][T12959] RDS: rds_bind could not find a transport for ::ffff:172.30.0.3, load rds_tcp or rds_rdma?
[  688.888626][ T4490] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  688.935494][ T4490] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  688.964186][ T5257] usbhid 2-1:0.0: can't add hid device: -71
[  688.971882][ T5257] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  688.984753][ T5257] usb 2-1: USB disconnect, device number 85
[  689.320638][ T2534] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  689.726658][T12964] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  689.781807][ T2534] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  689.951623][ T5223] usb 4-1: new high-speed USB device number 99 using dummy_hcd
[  690.113575][T12983] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1925'.
[  690.182627][ T5223] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  690.212038][ T5223] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  690.288107][ T5223] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  690.323882][ T5223] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  690.358897][ T5223] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  690.384934][ T5223] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  690.450603][ T5216] Bluetooth: hci5: Received unexpected HCI Event 0x00
[  690.460881][ T5223] usb 4-1: Product: syz
[  690.624071][ T5223] usb 4-1: Manufacturer: syz
[  690.774952][ T5223] cdc_wdm 4-1:1.0: skipping garbage
[  690.780607][ T5223] cdc_wdm 4-1:1.0: skipping garbage
[  691.029370][ T5223] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  691.036072][ T5223] cdc_wdm 4-1:1.0: Unknown control protocol
[  691.497115][T12966] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  691.553590][T12966] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  691.669900][T13003] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1929'.
[  691.946630][T13009] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1930'.
[  691.988806][T13009] block nbd0: not configured, cannot reconfigure
[  692.769355][T13024] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[  693.483758][ T5289] usb 4-1: USB disconnect, device number 99
[  693.638368][T13029] FAULT_INJECTION: forcing a failure.
[  693.638368][T13029] name failslab, interval 1, probability 0, space 0, times 0
[  693.819887][T13029] CPU: 0 UID: 0 PID: 13029 Comm: syz.3.1934 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[  693.830377][T13029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  693.840453][T13029] Call Trace:
[  693.843744][T13029]  <TASK>
[  693.846682][T13029]  dump_stack_lvl+0x241/0x360
[  693.851383][T13029]  ? __pfx_dump_stack_lvl+0x10/0x10
[  693.856603][T13029]  ? __pfx__printk+0x10/0x10
[  693.861215][T13029]  ? ref_tracker_alloc+0x332/0x490
[  693.866343][T13029]  should_fail_ex+0x3b0/0x4e0
[  693.871042][T13029]  ? skb_clone+0x20c/0x390
[  693.875472][T13029]  should_failslab+0xac/0x100
[  693.880165][T13029]  ? skb_clone+0x20c/0x390
[  693.884591][T13029]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  693.889988][T13029]  skb_clone+0x20c/0x390
[  693.894247][T13029]  __netlink_deliver_tap+0x3cc/0x7c0
[  693.899558][T13029]  ? netlink_deliver_tap+0x2e/0x1b0
[  693.904770][T13029]  netlink_deliver_tap+0x19d/0x1b0
[  693.909894][T13029]  netlink_unicast+0x7be/0x990
[  693.914680][T13029]  ? __pfx_netlink_unicast+0x10/0x10
[  693.919979][T13029]  ? __virt_addr_valid+0x183/0x530
[  693.925105][T13029]  ? __check_object_size+0x49c/0x900
[  693.930404][T13029]  ? bpf_lsm_netlink_send+0x9/0x10
[  693.935534][T13029]  netlink_sendmsg+0x8e4/0xcb0
[  693.940323][T13029]  ? __pfx_netlink_sendmsg+0x10/0x10
[  693.945622][T13029]  ? __import_iovec+0x536/0x820
[  693.950484][T13029]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  693.955792][T13029]  ? security_socket_sendmsg+0x87/0xb0
[  693.961261][T13029]  ? __pfx_netlink_sendmsg+0x10/0x10
[  693.966558][T13029]  __sock_sendmsg+0x221/0x270
[  693.971262][T13029]  ____sys_sendmsg+0x525/0x7d0
[  693.976036][T13029]  ? __pfx_____sys_sendmsg+0x10/0x10
[  693.981320][T13029]  __sys_sendmsg+0x2b0/0x3a0
[  693.985901][T13029]  ? __pfx___sys_sendmsg+0x10/0x10
[  693.990996][T13029]  ? vfs_write+0x7c4/0xc90
[  693.995420][T13029]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  694.001731][T13029]  ? do_syscall_64+0x100/0x230
[  694.006480][T13029]  ? do_syscall_64+0xb6/0x230
[  694.011141][T13029]  do_syscall_64+0xf3/0x230
[  694.015639][T13029]  ? clear_bhb_loop+0x35/0x90
[  694.020304][T13029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  694.026183][T13029] RIP: 0033:0x7f72c8d77299
[  694.030580][T13029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  694.050174][T13029] RSP: 002b:00007f72c9b89048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  694.058573][T13029] RAX: ffffffffffffffda RBX: 00007f72c8f05f80 RCX: 00007f72c8d77299
[  694.066549][T13029] RDX: 0000000000000000 RSI: 0000000020001080 RDI: 0000000000000003
[  694.074515][T13029] RBP: 00007f72c9b890a0 R08: 0000000000000000 R09: 0000000000000000
[  694.082474][T13029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  694.090429][T13029] R13: 000000000000000b R14: 00007f72c8f05f80 R15: 00007ffc1f80b6d8
[  694.098398][T13029]  </TASK>
[  695.161650][T13050] Invalid/unusable pipe
[  695.753791][T12194] usb 4-1: new high-speed USB device number 100 using dummy_hcd
[  695.937031][T13075] kvm: vcpu 0: requested 88 ns lapic timer period limited to 200000 ns
[  695.949332][T12194] usb 4-1: Using ep0 maxpacket: 8
[  695.994069][T12194] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  696.017504][T13075] kvm: pic: non byte write
[  696.021567][T12194] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  696.043709][T12194] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  696.100506][T12194] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  696.135990][T12194] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  696.153993][T13084] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1945'.
[  696.166334][T12194] usb 4-1: Product: syz
[  696.177767][T12194] usb 4-1: Manufacturer: syz
[  696.182562][T12194] usb 4-1: SerialNumber: syz
[  696.212276][T13084] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1945'.
[  696.232384][T12194] cdc_ncm 4-1:1.0: skipping garbage
[  696.295918][T12194] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found
[  696.331358][T12194] cdc_ncm 4-1:1.0: bind() failure
[  696.446520][T12194] usb 4-1: USB disconnect, device number 100
[  696.561151][T13072] RDS: rds_bind could not find a transport for ::ffff:172.30.0.1, load rds_tcp or rds_rdma?
[  696.813388][ T5257] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[  697.223546][T13095] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  697.230452][T13095] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  697.283288][ T5257] usb 5-1: Using ep0 maxpacket: 32
[  697.284525][T13095] vhci_hcd vhci_hcd.0: Device attached
[  697.314908][ T5257] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  697.356885][T13097] vhci_hcd: connection closed
[  697.379730][ T4490] vhci_hcd: stop threads
[  697.389656][ T5257] usb 5-1: config 0 has no interfaces?
[  697.409305][ T5257] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  697.419037][ T4490] vhci_hcd: release socket
[  697.440330][ T4490] vhci_hcd: disconnect device
[  697.450085][ T5257] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  697.481164][ T5257] usb 5-1: config 0 descriptor??
[  697.753295][T13105] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1950'.
[  697.954323][ T5257] usb 5-1: USB disconnect, device number 79
[  698.255824][ T5289] usb 3-1: new high-speed USB device number 90 using dummy_hcd
[  698.430997][T13121] capability: warning: `syz.1.1952' uses deprecated v2 capabilities in a way that may be insecure
[  698.446047][T13121] tipc: Started in network mode
[  698.450963][T13121] tipc: Node identity f0, cluster identity 4711
[  698.457466][T13121] tipc: Node number set to 240
[  698.465133][ T5289] usb 3-1: Using ep0 maxpacket: 8
[  698.476269][ T5289] usb 3-1: config index 0 descriptor too short (expected 5924, got 36)
[  698.489944][ T5289] usb 3-1: config 250 has an invalid interface number: 228 but max is -1
[  698.500884][ T5289] usb 3-1: config 250 has 1 interface, different from the descriptor's value: 0
[  698.512932][ T5289] usb 3-1: config 250 has no interface number 0
[  698.519713][ T5289] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  698.531992][ T5289] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  698.543236][ T5289] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 3
[  698.573138][ T5289] usb 3-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  698.647748][T13123] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1953'.
[  698.666566][ T5289] usb 3-1: config 250 interface 228 has no altsetting 0
[  698.748689][ T5289] usb 3-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  698.919130][ T5289] usb 3-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  698.928164][ T5289] usb 3-1: Product: syz
[  698.934362][ T5289] usb 3-1: SerialNumber: syz
[  698.946842][ T5289] hub 3-1:250.228: bad descriptor, ignoring hub
[  698.954384][ T5289] hub 3-1:250.228: probe with driver hub failed with error -5
[  699.196900][ T5289] usblp 3-1:250.228: usblp0: USB Bidirectional printer dev 90 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  699.264731][ T5289] usb 3-1: USB disconnect, device number 90
[  699.277524][ T5289] usblp0: removed
[  699.406169][T13135] netlink: 'syz.1.1956': attribute type 46 has an invalid length.
[  699.772100][T13133] xt_CONNSECMARK: invalid mode: 0
[  699.859855][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  700.148902][T13146] xt_CONNSECMARK: invalid mode: 0
[  700.848624][    C1] eth0: bad gso: type: 1, size: 1408
[  701.187302][T12194] usb 3-1: new low-speed USB device number 91 using dummy_hcd
[  701.309417][T13164] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[  702.981838][T13174] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  703.884266][ T5216] Bluetooth: hci5: ACL packet for unknown connection handle 203
[  703.958797][T13153] tipc: Started in network mode
[  703.966735][T13153] tipc: Node identity aaaaaaaaaa35, cluster identity 4711
[  703.974819][T13153] tipc: Enabled bearer <eth:macvlan1>, priority 0
[  705.196772][T13193] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  705.227608][ T5257] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[  705.673575][ T5289] tipc: Node number set to 10463914
[  705.760381][T12194] usb 3-1: unable to get BOS descriptor or descriptor too short
[  705.795518][T12194] usb 3-1: unable to read config index 0 descriptor/start: -71
[  705.803242][ T5257] usb 5-1: Using ep0 maxpacket: 32
[  705.833226][ T5257] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  705.847673][T12194] usb 3-1: can't read configurations, error -71
[  705.861071][ T5257] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  705.891996][ T5257] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  705.915697][ T5257] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  705.943340][ T5257] usb 5-1: Product: syz
[  705.954428][ T5257] usb 5-1: Manufacturer: syz
[  706.088160][T13204] xt_CONNSECMARK: invalid mode: 0
[  706.774998][ T5257] usb 5-1: SerialNumber: syz
[  706.792416][T13206] dlm: no locking on control device
[  706.944905][ T5289] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[  707.033353][ T5257] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 80 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  707.048524][    C1] eth0: bad gso: type: 1, size: 1408
[  707.153233][ T5289] usb 2-1: Using ep0 maxpacket: 32
[  707.234523][T13187] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  707.310870][T13216] RDS: rds_bind could not find a transport for ::ffff:172.30.0.3, load rds_tcp or rds_rdma?
[  708.084652][T13187] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  708.097340][ T5289] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  708.122786][ T5289] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  708.156930][ T5289] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  708.193626][ T5289] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  708.227104][ T5289] usb 2-1: config 0 descriptor??
[  708.381959][ T5289] hub 2-1:0.0: USB hub found
[  708.406281][T12194] usb 5-1: USB disconnect, device number 80
[  709.218096][T13187] usblp0: removed
[  709.247670][ T5289] hub 2-1:0.0: 1 port detected
[  709.293752][T13214] netlink: 'syz.3.1976': attribute type 4 has an invalid length.
[  709.483631][ T5289] hub 2-1:0.0: hub_hub_status failed (err = -71)
[  709.503231][ T5289] hub 2-1:0.0: config failed, can't get hub status (err -71)
[  709.536486][ T5289] usbhid 2-1:0.0: can't add hid device: -71
[  709.550749][ T5289] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  709.615518][ T5289] usb 2-1: USB disconnect, device number 86
[  709.683778][   T58] usb 3-1: new high-speed USB device number 93 using dummy_hcd
[  709.896582][   T58] usb 3-1: Using ep0 maxpacket: 8
[  709.914762][   T58] usb 3-1: config 0 has an invalid interface number: 84 but max is 0
[  709.922879][   T58] usb 3-1: config 0 has no interface number 0
[  709.930484][   T58] usb 3-1: config 0 interface 84 altsetting 11 endpoint 0x7 has invalid wMaxPacketSize 0
[  709.943940][   T58] usb 3-1: config 0 interface 84 has no altsetting 0
[  709.966644][   T58] usb 3-1: New USB device found, idVendor=0c44, idProduct=03a2, bcdDevice=be.1f
[  709.982440][   T58] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  710.017004][   T58] usb 3-1: Product: syz
[  710.021296][   T58] usb 3-1: Manufacturer: syz
[  710.039232][   T58] usb 3-1: SerialNumber: syz
[  710.062736][   T58] usb 3-1: config 0 descriptor??
[  710.322927][T10494] usb 3-1: USB disconnect, device number 93
[  710.691358][T13239] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  711.300094][T13249] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1986'.
[  711.522845][T13257] dlm: no locking on control device
[  711.606743][   T29] audit: type=1326 audit(1721991345.490:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13253 comm="syz.2.1987" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fae65577299 code=0x0
[  712.789257][T13267] netlink: 'syz.3.1990': attribute type 4 has an invalid length.
[  713.213509][T12194] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[  713.414601][T12194] usb 5-1: Using ep0 maxpacket: 32
[  713.431453][T12194] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  713.483121][T12194] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  713.532349][T12194] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  713.541898][T12194] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  713.550047][T12194] usb 5-1: Product: syz
[  713.554614][T12194] usb 5-1: Manufacturer: syz
[  713.559271][T12194] usb 5-1: SerialNumber: syz
[  713.743354][T10494] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[  713.801850][T12194] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 81 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  713.953297][T10494] usb 1-1: Using ep0 maxpacket: 32
[  713.967663][T10494] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  713.993500][T10494] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  714.009102][T13271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  714.031840][T13271] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  714.045198][T10494] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  714.062677][T10494] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  714.077451][T10494] usb 1-1: Product: syz
[  714.083727][T10494] usb 1-1: Manufacturer: syz
[  714.088363][T10494] usb 1-1: SerialNumber: syz
[  714.100438][T12194] usb 5-1: USB disconnect, device number 81
[  714.110545][T13271] usblp0: removed
[  714.310035][T10494] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 81 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  714.323857][  T943] usb 2-1: new high-speed USB device number 87 using dummy_hcd
[  714.523240][  T943] usb 2-1: Using ep0 maxpacket: 8
[  714.571402][T13275] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  714.589075][T13275] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  714.647819][  T943] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  714.686057][  T943] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  714.867615][  T943] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  715.108052][  T943] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  715.268780][    C1] eth0: bad gso: type: 1, size: 1408
[  715.314540][  T943] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  715.347472][T12194] usb 1-1: USB disconnect, device number 81
[  715.369621][  T943] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  715.396481][T13275] usblp0: removed
[  715.398674][T13289] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1998'.
[  715.567557][T13294] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1999'.
[  715.625562][    T8] usb 4-1: new high-speed USB device number 101 using dummy_hcd
[  715.643682][T13295] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2000'.
[  715.652889][  T943] usb 2-1: GET_CAPABILITIES returned 0
[  715.676880][  T943] usbtmc 2-1:16.0: can't read capabilities
[  715.835490][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  715.859347][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  715.877546][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  715.877632][    T8] usb 4-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00
[  715.886627][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  715.905491][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  715.914535][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  715.923576][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  715.932682][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  715.933242][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  715.941838][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  715.941880][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  716.029274][    T8] usb 4-1: config 0 descriptor??
[  716.052271][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  716.061379][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  716.070462][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  716.079618][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  716.166143][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  716.175261][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  716.184316][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  716.193386][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  716.266047][T12194] usb 2-1: USB disconnect, device number 87
[  716.478777][    T8] usbhid 4-1:0.0: can't add hid device: -71
[  716.503702][    T8] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  716.556565][    T8] usb 4-1: USB disconnect, device number 101
[  716.634579][T13304] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2004'.
[  716.736506][T13302] kvm: vcpu 0: requested 88 ns lapic timer period limited to 200000 ns
[  716.754372][T13302] kvm: pic: non byte write
[  717.343843][T13316] xt_CONNSECMARK: invalid mode: 0
[  717.997355][   T29] audit: type=1326 audit(1721991351.860:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13309 comm="syz.2.2006" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fae65577299 code=0x0
[  718.253312][ T5289] usb 4-1: new high-speed USB device number 102 using dummy_hcd
[  718.643472][ T5289] usb 4-1: Using ep0 maxpacket: 32
[  718.675559][ T5289] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  718.703428][ T5289] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  718.726680][ T5289] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  718.756348][ T5289] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  718.787308][ T5289] usb 4-1: Product: syz
[  718.791531][ T5289] usb 4-1: Manufacturer: syz
[  718.824012][ T5289] usb 4-1: SerialNumber: syz
[  719.084623][ T5289] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 102 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  719.163236][   T58] usb 1-1: new high-speed USB device number 82 using dummy_hcd
[  719.289966][T13322] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  719.313513][T13322] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  719.385231][   T58] usb 1-1: Using ep0 maxpacket: 32
[  719.409218][   T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  719.429190][ T5260] usb 4-1: USB disconnect, device number 102
[  719.436216][   T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  719.442420][T13322] usblp0: removed
[  719.471917][   T58] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  719.497208][   T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  719.522822][   T58] usb 1-1: config 0 descriptor??
[  719.543745][   T58] hub 1-1:0.0: USB hub found
[  719.548471][ T5289] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[  719.764196][ T5289] usb 5-1: Using ep0 maxpacket: 16
[  719.784016][   T58] hub 1-1:0.0: 1 port detected
[  719.790103][ T5289] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  719.801472][ T5289] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  719.822455][ T5289] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  719.841145][ T5289] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  719.854752][ T5289] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  719.873253][ T5289] usb 5-1: Manufacturer: syz
[  719.890718][ T5289] usb 5-1: config 0 descriptor??
[  719.988324][   T58] hub 1-1:0.0: hub_hub_status failed (err = -71)
[  719.998457][   T58] hub 1-1:0.0: config failed, can't get hub status (err -71)
[  720.052059][   T58] usbhid 1-1:0.0: can't add hid device: -71
[  720.066171][   T58] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  720.112763][T13334] fuse: Bad value for 'fd'
[  720.119036][   T58] usb 1-1: USB disconnect, device number 82
[  720.533336][ T5259] usb 4-1: new high-speed USB device number 103 using dummy_hcd
[  720.745072][ T5259] usb 4-1: Using ep0 maxpacket: 8
[  720.765762][ T5259] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  720.794314][ T5259] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  720.837130][ T5259] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  720.882373][ T5259] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  720.945124][ T5259] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  721.008477][ T5259] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  721.019370][T13350] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2017'.
[  721.106325][T13346] netlink: 'syz.2.2016': attribute type 4 has an invalid length.
[  721.305457][ T5259] usb 4-1: GET_CAPABILITIES returned 0
[  721.328000][ T5259] usbtmc 4-1:16.0: can't read capabilities
[  721.512509][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.521610][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.530640][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.627401][    C0] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.706657][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.730645][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.739764][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.748845][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.831616][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.856512][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.868107][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.879112][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.892094][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.902427][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.938022][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.955378][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  721.999501][T12194] usb 4-1: USB disconnect, device number 103
[  722.179613][ T5289] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  722.240696][ T5289] usb 5-1: USB disconnect, device number 82
[  722.303362][ T5303] usb 1-1: new high-speed USB device number 83 using dummy_hcd
[  722.706496][ T5303] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  722.777751][ T5303] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  722.812092][T13356] xt_CONNSECMARK: invalid mode: 0
[  723.260237][ T5303] usb 1-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00
[  723.293374][ T5303] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  723.566077][ T5303] usb 1-1: config 0 descriptor??
[  723.775042][T13367] xt_CONNSECMARK: invalid mode: 0
[  723.933558][    T8] usb 3-1: new high-speed USB device number 94 using dummy_hcd
[  724.153333][    T8] usb 3-1: Using ep0 maxpacket: 32
[  724.242778][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  724.273863][ T5303] usbhid 1-1:0.0: can't add hid device: -71
[  724.293590][   T29] audit: type=1326 audit(1721991358.170:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13375 comm="syz.4.2024" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0eba177299 code=0x0
[  724.301042][ T5303] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  724.321124][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  724.357107][    T8] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  724.385614][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  724.404071][ T5303] usb 1-1: USB disconnect, device number 83
[  724.438481][    T8] usb 3-1: config 0 descriptor??
[  724.457499][    T8] hub 3-1:0.0: USB hub found
[  724.509226][ T5216] Bluetooth: hci4: unknown advertising packet type: 0x63
[  724.671856][    T8] hub 3-1:0.0: 1 port detected
[  724.916011][ T5260] usb 4-1: new high-speed USB device number 104 using dummy_hcd
[  725.125929][ T5260] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  725.171889][ T5260] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  725.221915][ T5260] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  725.261479][ T5260] usb 4-1: config 0 descriptor??
[  725.294898][ T5260] pwc: Askey VC010 type 2 USB webcam detected.
[  725.317574][T13394] netlink: 'syz.0.2029': attribute type 4 has an invalid length.
[  725.515784][ T5260] pwc: send_video_command error -71
[  725.532542][ T5260] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  725.540707][ T5260] Philips webcam 4-1:0.0: probe with driver Philips webcam failed with error -71
[  725.569639][ T5260] usb 4-1: USB disconnect, device number 104
[  725.696105][ T5303] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[  725.893384][ T5303] usb 5-1: Using ep0 maxpacket: 8
[  725.908291][ T5303] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  725.924131][    T8] hub 3-1:0.0: hub_hub_status failed (err = -32)
[  725.940933][    T8] hub 3-1:0.0: config failed, can't get hub status (err -32)
[  725.941583][ T5303] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  725.957836][    T8] usbhid 3-1:0.0: can't add hid device: -32
[  725.964640][ T5303] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  725.975026][    T8] usbhid 3-1:0.0: probe with driver usbhid failed with error -32
[  726.020430][ T5303] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  726.028668][    T8] usb 3-1: USB disconnect, device number 94
[  726.057912][ T5303] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  726.070345][ T5303] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  726.133284][ T5260] usb 4-1: new high-speed USB device number 105 using dummy_hcd
[  726.233268][ T5259] usb 2-1: new high-speed USB device number 88 using dummy_hcd
[  726.307611][ T5303] usb 5-1: GET_CAPABILITIES returned 0
[  726.313619][ T5303] usbtmc 5-1:16.0: can't read capabilities
[  726.330402][ T5260] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  726.343286][ T5260] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  726.352514][ T5260] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  726.364196][ T5260] usb 4-1: config 0 descriptor??
[  726.374281][ T5260] pwc: Askey VC010 type 2 USB webcam detected.
[  726.433277][ T5259] usb 2-1: Using ep0 maxpacket: 8
[  726.440686][ T5259] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  726.450640][ T5259] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  726.460508][ T5259] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  726.470609][ T5259] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  726.483865][ T5259] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  726.492958][ T5259] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  726.527497][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  726.536623][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  726.545705][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  726.567572][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  726.576691][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  726.585771][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  726.594817][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  726.607098][    T8] usb 1-1: new high-speed USB device number 84 using dummy_hcd
[  726.616043][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  726.625147][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  726.655829][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  726.673388][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  726.682471][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  726.692317][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  726.701415][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  726.710503][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  726.721071][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2
[  726.833751][ T5260] pwc: recv_control_msg error -32 req 02 val 2b00
[  726.842964][ T5260] pwc: recv_control_msg error -32 req 02 val 2700
[  726.853844][    T8] usb 1-1: config 0 has an invalid interface number: 255 but max is 0
[  726.862754][ T5259] usb 2-1: GET_CAPABILITIES returned 0
[  726.862921][    T8] usb 1-1: config 0 has no interface number 0
[  726.868712][ T5261] usb 5-1: USB disconnect, device number 83
[  726.886987][ T5259] usbtmc 2-1:16.0: can't read capabilities
[  726.893307][    T8] usb 1-1: config 0 interface 255 has no altsetting 0
[  726.917126][    T8] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  727.046263][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  727.055805][ T5260] pwc: recv_control_msg error -71 req 04 val 1000
[  727.067288][    T8] usb 1-1: config 0 descriptor??
[  727.072619][ T5260] pwc: recv_control_msg error -71 req 04 val 1300
[  727.094595][T13413] xt_CONNSECMARK: invalid mode: 0
[  727.148868][ T5260] pwc: recv_control_msg error -71 req 04 val 1400
[  727.182124][ T5260] pwc: recv_control_msg error -71 req 02 val 2000
[  727.205090][    T8] cp210x 1-1:0.255: cp210x converter detected
[  727.226754][ T5260] pwc: recv_control_msg error -71 req 02 val 2100
[  727.249136][ T5260] pwc: recv_control_msg error -71 req 04 val 1500
[  727.263399][ T5260] pwc: recv_control_msg error -71 req 02 val 2500
[  727.287182][ T5260] pwc: recv_control_msg error -71 req 02 val 2400
[  727.309988][ T5260] pwc: recv_control_msg error -71 req 02 val 2600
[  727.333199][ T5260] pwc: recv_control_msg error -71 req 02 val 2900
[  727.363182][ T5260] pwc: recv_control_msg error -71 req 02 val 2800
[  727.411742][ T5260] pwc: recv_control_msg error -71 req 04 val 1100
[  727.419413][ T5260] pwc: recv_control_msg error -71 req 04 val 1200
[  727.436930][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  727.446060][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  727.455158][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  727.464248][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  727.480013][ T5260] pwc: Registered as video71.
[  727.494017][ T5260] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input78
[  727.522067][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  727.531188][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  727.540286][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  727.549375][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  727.584278][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  727.593406][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  727.602822][ T5260] usb 4-1: USB disconnect, device number 105
[  727.632242][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  727.641365][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  727.650457][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  727.659543][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  727.679494][T13420] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2035'.
[  727.704582][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  727.713710][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2
[  727.744275][ T5257] usb 2-1: USB disconnect, device number 88
[  728.533414][ T5289] usb 3-1: new high-speed USB device number 95 using dummy_hcd
[  728.963365][ T5289] usb 3-1: Using ep0 maxpacket: 32
[  729.024860][ T5289] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  729.035265][ T5289] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  729.187615][ T5289] usb 3-1: Product: syz
[  729.206569][ T5289] usb 3-1: Manufacturer: syz
[  729.222199][ T5289] usb 3-1: SerialNumber: syz
[  729.246972][ T5289] usb 3-1: config 0 descriptor??
[  729.338919][    T8] cp210x 1-1:0.255: failed to get vendor val 0x370b size 1: -71
[  729.376400][    T8] cp210x 1-1:0.255: querying part number failed
[  729.415777][    T8] usb 1-1: cp210x converter now attached to ttyUSB0
[  729.450637][    T8] usb 1-1: USB disconnect, device number 84
[  729.467421][ T5261] usb 4-1: new high-speed USB device number 106 using dummy_hcd
[  729.525299][    T8] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  729.547087][T13455] netlink: 'syz.4.2044': attribute type 4 has an invalid length.
[  729.573968][    T8] cp210x 1-1:0.255: device disconnected
[  729.751388][ T5261] usb 4-1: Using ep0 maxpacket: 32
[  730.034940][T13462] xt_CONNSECMARK: invalid mode: 0
[  730.233753][ T5261] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  730.437981][T13467] xt_CONNSECMARK: invalid mode: 0
[  730.614491][ T5261] usb 4-1: config 0 has no interfaces?
[  730.642212][ T5261] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  730.675725][ T5261] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  730.751569][ T5261] usb 4-1: config 0 descriptor??
[  730.772816][ T5289] rtl8150 3-1:0.0: couldn't reset the device
[  730.783704][ T5289] rtl8150 3-1:0.0: probe with driver rtl8150 failed with error -5
[  730.850780][ T5289] usb 3-1: USB disconnect, device number 95
[  731.708097][T12194] usb 4-1: USB disconnect, device number 106
[  732.438102][ T5289] usb 1-1: new high-speed USB device number 85 using dummy_hcd
[  734.175846][ T5216] Bluetooth: hci5: command 0x0405 tx timeout
[  735.049490][T13499] FAULT_INJECTION: forcing a failure.
[  735.049490][T13499] name failslab, interval 1, probability 0, space 0, times 0
[  735.097229][T13499] CPU: 1 UID: 0 PID: 13499 Comm: syz.1.2054 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[  735.107694][T13499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  735.117772][T13499] Call Trace:
[  735.121076][T13499]  <TASK>
[  735.124030][T13499]  dump_stack_lvl+0x241/0x360
[  735.128734][T13499]  ? __pfx_dump_stack_lvl+0x10/0x10
[  735.133928][T13499]  ? __pfx__printk+0x10/0x10
[  735.138512][T13499]  ? ref_tracker_alloc+0x332/0x490
[  735.143609][T13499]  should_fail_ex+0x3b0/0x4e0
[  735.148290][T13499]  ? skb_clone+0x20c/0x390
[  735.152710][T13499]  should_failslab+0xac/0x100
[  735.157396][T13499]  ? skb_clone+0x20c/0x390
[  735.161830][T13499]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  735.167205][T13499]  skb_clone+0x20c/0x390
[  735.171446][T13499]  __netlink_deliver_tap+0x3cc/0x7c0
[  735.176756][T13499]  ? netlink_deliver_tap+0x2e/0x1b0
[  735.181981][T13499]  netlink_deliver_tap+0x19d/0x1b0
[  735.187110][T13499]  netlink_unicast+0x7be/0x990
[  735.191887][T13499]  ? __pfx_netlink_unicast+0x10/0x10
[  735.197171][T13499]  ? __virt_addr_valid+0x183/0x530
[  735.202276][T13499]  ? __check_object_size+0x49c/0x900
[  735.207558][T13499]  ? bpf_lsm_netlink_send+0x9/0x10
[  735.212672][T13499]  netlink_sendmsg+0x8e4/0xcb0
[  735.217440][T13499]  ? __pfx_netlink_sendmsg+0x10/0x10
[  735.222721][T13499]  ? __import_iovec+0x536/0x820
[  735.227572][T13499]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  735.232855][T13499]  ? security_socket_sendmsg+0x87/0xb0
[  735.238315][T13499]  ? __pfx_netlink_sendmsg+0x10/0x10
[  735.243600][T13499]  __sock_sendmsg+0x221/0x270
[  735.248275][T13499]  ____sys_sendmsg+0x525/0x7d0
[  735.253045][T13499]  ? __pfx_____sys_sendmsg+0x10/0x10
[  735.258349][T13499]  __sys_sendmsg+0x2b0/0x3a0
[  735.262940][T13499]  ? __pfx___sys_sendmsg+0x10/0x10
[  735.268048][T13499]  ? vfs_write+0x7c4/0xc90
[  735.272487][T13499]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  735.278812][T13499]  ? do_syscall_64+0x100/0x230
[  735.283573][T13499]  ? do_syscall_64+0xb6/0x230
[  735.288245][T13499]  do_syscall_64+0xf3/0x230
[  735.292741][T13499]  ? clear_bhb_loop+0x35/0x90
[  735.297416][T13499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  735.303310][T13499] RIP: 0033:0x7f4d6a177299
[  735.307724][T13499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  735.327334][T13499] RSP: 002b:00007f4d6ae88048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  735.335758][T13499] RAX: ffffffffffffffda RBX: 00007f4d6a305f80 RCX: 00007f4d6a177299
[  735.343726][T13499] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  735.351691][T13499] RBP: 00007f4d6ae880a0 R08: 0000000000000000 R09: 0000000000000000
[  735.359654][T13499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  735.367620][T13499] R13: 000000000000000b R14: 00007f4d6a305f80 R15: 00007ffd51cd8498
[  735.375598][T13499]  </TASK>
[  735.566578][ T5260] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[  735.593740][T13516] xt_CONNSECMARK: invalid mode: 0
[  735.787959][ T5260] usb 5-1: Using ep0 maxpacket: 8
[  735.976300][ T5260] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  735.987335][ T5260] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  735.997271][ T5260] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  736.138158][ T5260] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  736.253436][ T5260] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  736.273150][ T5260] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  736.500893][ T5260] usb 5-1: usb_control_msg returned -71
[  736.527352][T13522] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2058'.
[  736.536479][ T5260] usbtmc 5-1:16.0: can't read capabilities
[  736.549642][T13522] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2058'.
[  736.576413][ T5260] usb 5-1: USB disconnect, device number 84
[  736.791610][T13528] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2055'.
[  738.363958][T13550] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2065'.
[  738.973337][ T5257] usb 3-1: new high-speed USB device number 96 using dummy_hcd
[  740.405662][ T5257] usb 3-1: Using ep0 maxpacket: 32
[  740.542250][ T5257] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  740.571006][ T5257] usb 3-1: config 0 has no interfaces?
[  740.582812][ T5257] usb 3-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  740.599078][T13571] xt_CONNSECMARK: invalid mode: 0
[  740.680788][ T5257] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  741.236175][ T5257] usb 3-1: config 0 descriptor??
[  741.688354][ T5303] usb 3-1: USB disconnect, device number 96
[  741.923674][T13598] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2073'.
[  741.950794][T13598] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2073'.
[  742.212512][T13610] kvm: vcpu 0: requested 88 ns lapic timer period limited to 200000 ns
[  742.375552][T13610] kvm: pic: non byte write
[  743.156118][T13625] xt_CONNSECMARK: invalid mode: 0
[  744.423232][ T5303] usb 3-1: new high-speed USB device number 97 using dummy_hcd
[  744.623242][ T5303] usb 3-1: Using ep0 maxpacket: 32
[  744.634184][T13641] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2085'.
[  744.677614][ T5303] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  744.707767][ T5303] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  744.731592][ T5303] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  744.759402][ T5303] usb 3-1: config 0 descriptor??
[  744.784128][ T5303] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  745.698727][   T29] audit: type=1326 audit(1721991379.580:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13651 comm="syz.4.2089" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0eba177299 code=0x0
[  745.903935][   T58] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[  746.114782][   T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  746.143805][   T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  746.172062][   T58] usb 1-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00
[  746.192848][   T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  746.210405][   T58] usb 1-1: config 0 descriptor??
[  746.233200][ T5260] usb 2-1: new high-speed USB device number 89 using dummy_hcd
[  746.241071][ T5261] usb 3-1: USB disconnect, device number 97
[  746.330298][T13665] FAULT_INJECTION: forcing a failure.
[  746.330298][T13665] name failslab, interval 1, probability 0, space 0, times 0
[  746.350059][T13665] CPU: 0 UID: 0 PID: 13665 Comm: syz.2.2093 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[  746.360527][T13665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  746.370610][T13665] Call Trace:
[  746.373912][T13665]  <TASK>
[  746.376858][T13665]  dump_stack_lvl+0x241/0x360
[  746.381564][T13665]  ? __pfx_dump_stack_lvl+0x10/0x10
[  746.386795][T13665]  ? __pfx__printk+0x10/0x10
[  746.391416][T13665]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  746.396913][T13665]  ? __pfx___might_resched+0x10/0x10
[  746.402234][T13665]  should_fail_ex+0x3b0/0x4e0
[  746.406951][T13665]  should_failslab+0xac/0x100
[  746.411663][T13665]  ? __se_sys_mount+0x15a/0x3c0
[  746.416543][T13665]  __kmalloc_cache_noprof+0x6c/0x2c0
[  746.421856][T13665]  ? memdup_user+0x9f/0xc0
[  746.426303][T13665]  __se_sys_mount+0x15a/0x3c0
[  746.431011][T13665]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  746.437026][T13665]  ? __pfx___se_sys_mount+0x10/0x10
[  746.442244][T13665]  ? do_syscall_64+0x100/0x230
[  746.447029][T13665]  ? __x64_sys_mount+0x20/0xc0
[  746.451822][T13665]  do_syscall_64+0xf3/0x230
[  746.456356][T13665]  ? clear_bhb_loop+0x35/0x90
[  746.461066][T13665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  746.466986][T13665] RIP: 0033:0x7fae65577299
[  746.471429][T13665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  746.491073][T13665] RSP: 002b:00007fae662b3048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  746.499526][T13665] RAX: ffffffffffffffda RBX: 00007fae65705f80 RCX: 00007fae65577299
[  746.507524][T13665] RDX: 0000000020000000 RSI: 00000000200002c0 RDI: 0000000020000100
[  746.515523][T13665] RBP: 00007fae662b30a0 R08: 0000000020000340 R09: 0000000000000000
[  746.523517][T13665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  746.531511][T13665] R13: 000000000000000b R14: 00007fae65705f80 R15: 00007ffda8243248
[  746.539527][T13665]  </TASK>
[  746.542695][    C0] vkms_vblank_simulate: vblank timer overrun
[  746.583157][ T5260] usb 2-1: Using ep0 maxpacket: 8
[  746.589910][ T5260] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  746.629316][ T5260] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  746.632328][   T58] zeroplus 0003:0C12:0030.000F: item fetching failed at offset 5/7
[  746.643138][ T5260] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  746.656498][   T58] zeroplus 0003:0C12:0030.000F: parse failed
[  746.690278][   T58] zeroplus 0003:0C12:0030.000F: probe with driver zeroplus failed with error -22
[  746.695256][ T5260] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  746.849155][ T5260] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  746.860283][ T5260] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  746.886156][T13674] xt_CONNSECMARK: invalid mode: 0
[  747.225336][   T58] usb 1-1: USB disconnect, device number 86
[  747.522893][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  747.529609][ T5260] usb 2-1: GET_CAPABILITIES returned 0
[  747.537099][ T5260] usbtmc 2-1:16.0: can't read capabilities
[  747.813054][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  747.822175][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  747.831266][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  747.924053][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  747.933171][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  747.942254][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  747.966204][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  747.975331][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  747.984425][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  747.993531][    C0] vkms_vblank_simulate: vblank timer overrun
[  748.075972][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  748.085094][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  748.094184][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  748.103271][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  748.170554][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  748.179670][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  748.188716][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  748.197746][    C0] vkms_vblank_simulate: vblank timer overrun
[  748.257388][ T5260] usb 2-1: USB disconnect, device number 89
[  748.364560][T13679] netlink: 'syz.4.2097': attribute type 4 has an invalid length.
[  748.843178][ T5260] usb 4-1: new high-speed USB device number 107 using dummy_hcd
[  749.083169][ T5260] usb 4-1: Using ep0 maxpacket: 32
[  749.093275][ T5261] usb 1-1: new high-speed USB device number 87 using dummy_hcd
[  749.110822][ T5260] usb 4-1: New USB device found, idVendor=05ac, idProduct=023f, bcdDevice=e0.d8
[  749.143224][ T5260] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  749.165341][ T5260] usb 4-1: config 0 descriptor??
[  749.185238][ T5260] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input81
[  749.296855][ T5261] usb 1-1: Using ep0 maxpacket: 8
[  749.314468][ T5261] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  749.334830][ T5261] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  749.343928][   T29] audit: type=1326 audit(1721991383.220:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13709 comm="syz.2.2105" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fae65577299 code=0x0
[  749.367708][ T5261] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  749.367752][ T5261] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  749.367781][ T5261] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  749.368961][ T5261] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  749.412863][ T5261] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  749.430289][ T5261] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  749.481573][ T5261] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  749.492959][ T5261] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  749.889364][ T5261] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  750.014134][ T5261] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  750.209013][ T5261] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  750.241419][ T5261] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  750.261308][ T5261] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  750.292243][ T5261] usb 1-1: string descriptor 0 read error: -22
[  750.542860][T13727] xt_CONNSECMARK: invalid mode: 0
[  750.890372][ T4653] bcm5974 4-1:0.0: could not read from device
[  751.225746][ T5261] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  751.257132][ T5261] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  751.266881][ T5260] usb 4-1: USB disconnect, device number 107
[  751.304636][ T5261] adutux 1-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  751.566821][  T943] usb 1-1: USB disconnect, device number 87
[  752.264837][   T58] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[  752.479525][   T58] usb 5-1: Using ep0 maxpacket: 8
[  752.496486][   T58] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  752.518633][   T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  752.546387][   T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  752.590371][   T58] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  752.626657][   T58] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  752.665921][   T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  752.905709][   T58] usb 5-1: GET_CAPABILITIES returned 0
[  752.921477][   T58] usbtmc 5-1:16.0: can't read capabilities
[  753.111116][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.120248][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.129340][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.200308][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.209442][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.218539][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.227640][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.343115][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.352241][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.457056][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.466180][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.475267][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.484348][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.563404][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.572519][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.648159][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  753.688038][ T5260] usb 5-1: USB disconnect, device number 85
[  754.661224][   T29] audit: type=1326 audit(1721991388.540:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13774 comm="syz.2.2125" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fae65577299 code=0x0
[  756.115563][T13784] Invalid/unusable pipe
[  759.143266][T13806] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  760.733967][T12194] usb 3-1: new high-speed USB device number 98 using dummy_hcd
[  761.604000][T12194] usb 3-1: Using ep0 maxpacket: 8
[  761.618606][T12194] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  761.647220][T12194] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  761.677454][T12194] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  761.699373][T12194] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  761.720435][T12194] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  761.730079][T12194] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  761.969779][T12194] usb 3-1: GET_CAPABILITIES returned 0
[  762.080649][T13846] hub 6-0:1.0: USB hub found
[  762.090090][T13846] hub 6-0:1.0: 1 port detected
[  762.615244][T12194] usbtmc 3-1:16.0: can't read capabilities
[  762.636322][T12194] usb 3-1: USB disconnect, device number 98
[  762.797089][ T5261] usb 4-1: new high-speed USB device number 108 using dummy_hcd
[  762.993334][ T5261] usb 4-1: Using ep0 maxpacket: 16
[  763.005134][ T5261] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  763.018507][ T5261] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  763.029844][ T5261] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  763.044294][ T5261] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  763.053812][ T5261] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  763.068132][ T5261] usb 4-1: config 0 descriptor??
[  763.356154][   T58] usb 2-1: new high-speed USB device number 90 using dummy_hcd
[  763.433619][ T5303] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[  763.555340][   T58] usb 2-1: Using ep0 maxpacket: 32
[  763.734815][   T58] usb 2-1: New USB device found, idVendor=05ac, idProduct=023f, bcdDevice=e0.d8
[  763.749811][ T5303] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  763.888223][   T58] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  763.907187][ T5303] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  763.955633][ T5303] usb 5-1: Product: syz
[  763.968011][   T58] usb 2-1: config 0 descriptor??
[  763.978759][ T5303] usb 5-1: Manufacturer: syz
[  764.024088][ T5303] usb 5-1: SerialNumber: syz
[  764.044318][   T58] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input82
[  764.062247][ T5303] usb 5-1: config 0 descriptor??
[  764.323226][ T5257] usb 1-1: new high-speed USB device number 88 using dummy_hcd
[  764.644512][ T5303] usb 5-1: Firmware: major: 202, minor: 255, hardware type: RZUSB (3)
[  764.683169][ T5257] usb 1-1: Using ep0 maxpacket: 32
[  764.690881][ T5257] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  764.703287][ T5257] usb 1-1: config 0 has no interfaces?
[  764.854943][ T5261] usbhid 4-1:0.0: can't add hid device: -71
[  764.861118][ T5261] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  766.740059][T13881] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  768.140917][ T5257] usb 1-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  768.161096][ T5257] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  768.171521][ T4653] bcm5974 2-1:0.0: could not read from device
[  768.274632][ T5257] usb 1-1: config 0 descriptor??
[  768.433266][ T4653] bcm5974 2-1:0.0: could not read from device
[  768.461589][ T5257] usb 1-1: can't set config #0, error -71
[  768.506482][ T5303] usb 5-1: failed to fetch extended address, random address set
[  768.523315][ T5261] usb 4-1: USB disconnect, device number 108
[  768.552407][ T5257] usb 1-1: USB disconnect, device number 88
[  768.553192][   T58] usb 2-1: USB disconnect, device number 90
[  768.566315][   T29] audit: type=1326 audit(1721991402.430:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13884 comm="syz.3.2153" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f72c8d77299 code=0x0
[  768.583624][ T4653] bcm5974 2-1:0.0: could not read from device
[  768.644660][ T4653] bcm5974 2-1:0.0: could not read from device
[  768.686639][ T5303] usb 5-1: USB disconnect, device number 86
[  768.725588][   T29] audit: type=1326 audit(1721991402.600:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13894 comm="syz.0.2155" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8296577299 code=0x0
[  769.430853][T13909] netlink: 'syz.2.2159': attribute type 4 has an invalid length.
[  770.377737][T13926] hub 6-0:1.0: USB hub found
[  770.384909][T13926] hub 6-0:1.0: 1 port detected
[  771.063791][   T58] usb 3-1: new high-speed USB device number 99 using dummy_hcd
[  771.273264][   T58] usb 3-1: Using ep0 maxpacket: 16
[  771.293553][   T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  771.327678][   T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  771.373347][   T58] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  771.393244][   T58] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  771.402334][   T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  771.428436][   T58] usb 3-1: config 0 descriptor??
[  771.454411][T13935] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2167'.
[  771.587616][  T943] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[  771.603219][ T5260] usb 4-1: new high-speed USB device number 109 using dummy_hcd
[  771.721421][T13941] kvm: vcpu 0: requested 88 ns lapic timer period limited to 200000 ns
[  771.741478][T13941] kvm: pic: non byte write
[  771.793270][ T5260] usb 4-1: Using ep0 maxpacket: 32
[  771.798541][  T943] usb 5-1: Using ep0 maxpacket: 32
[  771.808758][ T5260] usb 4-1: New USB device found, idVendor=05ac, idProduct=023f, bcdDevice=e0.d8
[  771.826181][  T943] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  771.837731][ T5260] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  771.855581][  T943] usb 5-1: config 0 has no interfaces?
[  771.863520][ T5260] usb 4-1: config 0 descriptor??
[  771.870264][  T943] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  771.879757][  T943] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  771.895142][ T5260] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input83
[  771.907995][  T943] usb 5-1: config 0 descriptor??
[  771.933372][ T5257] usb 1-1: new high-speed USB device number 89 using dummy_hcd
[  772.083342][ T5257] usb 1-1: device descriptor read/64, error -71
[  772.261449][  T943] usb 5-1: USB disconnect, device number 87
[  772.363189][ T5257] usb 1-1: new high-speed USB device number 90 using dummy_hcd
[  772.523178][ T5257] usb 1-1: device descriptor read/64, error -71
[  772.656006][ T5257] usb usb1-port1: attempt power cycle
[  772.849472][   T29] audit: type=1326 audit(1721991406.730:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13948 comm="syz.4.2171" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0eba177299 code=0x0
[  773.083421][ T5257] usb 1-1: new high-speed USB device number 91 using dummy_hcd
[  773.108150][   T58] usbhid 3-1:0.0: can't add hid device: -71
[  773.121296][   T58] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  773.134147][   T58] usb 3-1: USB disconnect, device number 99
[  773.142609][ T5257] usb 1-1: device descriptor read/8, error -71
[  773.295252][ T4653] bcm5974 4-1:0.0: could not read from device
[  773.311989][ T4653] bcm5974 4-1:0.0: could not read from device
[  773.325397][ T5260] usb 4-1: USB disconnect, device number 109
[  773.342643][ T4653] bcm5974 4-1:0.0: could not read from device
[  773.443490][T13954] kvm: vcpu 0: requested 88 ns lapic timer period limited to 200000 ns
[  773.443516][ T5257] usb 1-1: new high-speed USB device number 92 using dummy_hcd
[  773.468159][T13954] kvm: pic: non byte write
[  773.513904][ T5257] usb 1-1: device descriptor read/8, error -71
[  773.595922][T13960] netlink: 'syz.2.2174': attribute type 4 has an invalid length.
[  773.648049][ T5257] usb usb1-port1: unable to enumerate USB device
[  774.462820][T13970] netlink: 'syz.4.2177': attribute type 4 has an invalid length.
[  775.231541][   T29] audit: type=1326 audit(1721991409.110:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13983 comm="syz.2.2181" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fae65577299 code=0x0
[  775.359720][T13986] netlink: 'syz.0.2179': attribute type 4 has an invalid length.
[  776.480989][T13996] FAULT_INJECTION: forcing a failure.
[  776.480989][T13996] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  776.558596][T13996] CPU: 1 UID: 0 PID: 13996 Comm: syz.3.2183 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[  776.569065][T13996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  776.579138][T13996] Call Trace:
[  776.582409][T13996]  <TASK>
[  776.585347][T13996]  dump_stack_lvl+0x241/0x360
[  776.590062][T13996]  ? __pfx_dump_stack_lvl+0x10/0x10
[  776.595292][T13996]  ? __pfx__printk+0x10/0x10
[  776.599916][T13996]  ? snprintf+0xda/0x120
[  776.604188][T13996]  should_fail_ex+0x3b0/0x4e0
[  776.608889][T13996]  _copy_to_user+0x2f/0xb0
[  776.613330][T13996]  simple_read_from_buffer+0xca/0x150
[  776.618747][T13996]  proc_fail_nth_read+0x1e9/0x250
[  776.623798][T13996]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  776.629344][T13996]  ? rw_verify_area+0x52a/0x6b0
[  776.634189][T13996]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  776.639752][T13996]  vfs_read+0x204/0xbc0
[  776.643900][T13996]  ? __pfx_lock_release+0x10/0x10
[  776.648916][T13996]  ? __pfx_vfs_read+0x10/0x10
[  776.653590][T13996]  ? __fget_files+0x29/0x470
[  776.658205][T13996]  ? __fget_files+0x3f6/0x470
[  776.662921][T13996]  ksys_read+0x1a0/0x2c0
[  776.667184][T13996]  ? __pfx_ksys_read+0x10/0x10
[  776.671945][T13996]  ? do_syscall_64+0x100/0x230
[  776.676709][T13996]  ? do_syscall_64+0xb6/0x230
[  776.681383][T13996]  do_syscall_64+0xf3/0x230
[  776.685883][T13996]  ? clear_bhb_loop+0x35/0x90
[  776.690566][T13996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  776.696551][T13996] RIP: 0033:0x7f72c8d75d7c
[  776.700983][T13996] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  776.720596][T13996] RSP: 002b:00007f72c9b68040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  776.729010][T13996] RAX: ffffffffffffffda RBX: 00007f72c8f06058 RCX: 00007f72c8d75d7c
[  776.736976][T13996] RDX: 000000000000000f RSI: 00007f72c9b680b0 RDI: 0000000000000004
[  776.745027][T13996] RBP: 00007f72c9b680a0 R08: 0000000000000000 R09: 0000000000000000
[  776.752991][T13996] R10: 0000000020000640 R11: 0000000000000246 R12: 0000000000000001
[  776.760960][T13996] R13: 000000000000006e R14: 00007f72c8f06058 R15: 00007ffc1f80b6d8
[  776.768942][T13996]  </TASK>
[  776.953350][  T943] usb 3-1: new high-speed USB device number 100 using dummy_hcd
[  777.146143][  T943] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  777.192103][  T943] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  777.205177][  T943] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  777.221536][  T943] usb 3-1: config 0 descriptor??
[  777.231171][  T943] pwc: Askey VC010 type 2 USB webcam detected.
[  777.334748][T14014] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  777.445217][  T943] pwc: send_video_command error -71
[  777.493337][  T943] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  777.501116][  T943] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71
[  777.524215][  T943] usb 3-1: USB disconnect, device number 100
[  777.590015][T14010] netlink: 'syz.1.2186': attribute type 4 has an invalid length.
[  779.283182][  T943] usb 3-1: new high-speed USB device number 101 using dummy_hcd
[  779.353690][T14012] netlink: 'syz.4.2188': attribute type 4 has an invalid length.
[  779.576421][  T943] usb 3-1: device descriptor read/all, error -71
[  779.913331][T14034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  780.095395][T14034] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  780.101961][T14034] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  782.352520][T14041] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  782.873890][ T5216] Bluetooth: hci0: command 0x041b tx timeout
[  782.983389][T14034] vhci_hcd vhci_hcd.0: Device attached
[  783.323512][   T58] usb 18-1: SetAddress Request (2) to port 0
[  783.351661][   T58] usb 18-1: new SuperSpeed USB device number 2 using vhci_hcd
[  783.481540][T14054] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2197'.
[  783.490879][T14054] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2197'.
[  783.598476][T14051] xt_CONNSECMARK: invalid mode: 0
[  783.773215][  T943] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[  783.791885][T14060] kvm: vcpu 0: requested 88 ns lapic timer period limited to 200000 ns
[  783.890569][T14056] kvm: pic: non byte write
[  783.963408][T14063] RDS: rds_bind could not find a transport for ::ffff:172.30.0.3, load rds_tcp or rds_rdma?
[  784.285045][  T943] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1280, setting to 1024
[  784.334816][  T943] usb 5-1: New USB device found, idVendor=05ac, idProduct=0262, bcdDevice= 0.00
[  784.358584][  T943] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  784.395626][  T943] usb 5-1: config 0 descriptor??
[  784.406953][T14034] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  784.640638][  T943] usbhid 5-1:0.0: can't add hid device: -71
[  784.659024][T14037] vhci_hcd: connection reset by peer
[  784.680558][  T943] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  784.689565][ T1102] vhci_hcd: stop threads
[  784.717587][ T1102] vhci_hcd: release socket
[  784.728709][  T943] usb 5-1: USB disconnect, device number 88
[  784.735650][ T1102] vhci_hcd: disconnect device
[  784.815032][T14072] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2201'.
[  784.827250][T14072] openvswitch: netlink: Tunnel attr 0 has unexpected len 3060 expected 8
[  784.883277][ T5216] Bluetooth: hci0: command 0x041b tx timeout
[  784.909092][   T29] audit: type=1326 audit(1721991418.790:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14073 comm="syz.2.2202" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fae65577299 code=0x0
[  785.262801][T14080] FAULT_INJECTION: forcing a failure.
[  785.262801][T14080] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  785.321418][T14080] CPU: 0 UID: 0 PID: 14080 Comm: syz.0.2204 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[  785.331875][T14080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  785.341926][T14080] Call Trace:
[  785.345197][T14080]  <TASK>
[  785.348115][T14080]  dump_stack_lvl+0x241/0x360
[  785.352784][T14080]  ? __pfx_dump_stack_lvl+0x10/0x10
[  785.357973][T14080]  ? __pfx__printk+0x10/0x10
[  785.362550][T14080]  ? snprintf+0xda/0x120
[  785.366785][T14080]  should_fail_ex+0x3b0/0x4e0
[  785.371454][T14080]  _copy_to_user+0x2f/0xb0
[  785.375866][T14080]  simple_read_from_buffer+0xca/0x150
[  785.381230][T14080]  proc_fail_nth_read+0x1e9/0x250
[  785.386250][T14080]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  785.391784][T14080]  ? rw_verify_area+0x52a/0x6b0
[  785.396619][T14080]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  785.402174][T14080]  vfs_read+0x204/0xbc0
[  785.406340][T14080]  ? __pfx_lock_release+0x10/0x10
[  785.411354][T14080]  ? __pfx_vfs_read+0x10/0x10
[  785.416021][T14080]  ? __fget_files+0x29/0x470
[  785.420596][T14080]  ? __fget_files+0x3f6/0x470
[  785.425269][T14080]  ksys_read+0x1a0/0x2c0
[  785.429496][T14080]  ? __pfx_ksys_read+0x10/0x10
[  785.434245][T14080]  ? do_syscall_64+0x100/0x230
[  785.438998][T14080]  ? do_syscall_64+0xb6/0x230
[  785.443665][T14080]  do_syscall_64+0xf3/0x230
[  785.448155][T14080]  ? clear_bhb_loop+0x35/0x90
[  785.452816][T14080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  785.458698][T14080] RIP: 0033:0x7f8296575d7c
[  785.463108][T14080] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  785.482714][T14080] RSP: 002b:00007f82973fd040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  785.491116][T14080] RAX: ffffffffffffffda RBX: 00007f8296705f80 RCX: 00007f8296575d7c
[  785.499076][T14080] RDX: 000000000000000f RSI: 00007f82973fd0b0 RDI: 0000000000000004
[  785.507046][T14080] RBP: 00007f82973fd0a0 R08: 0000000000000000 R09: 0000000000000000
[  785.515007][T14080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  785.522962][T14080] R13: 000000000000000b R14: 00007f8296705f80 R15: 00007ffee65d8c18
[  785.530932][T14080]  </TASK>
[  786.107982][T14089] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  786.499533][T14090] netlink: 'syz.3.2205': attribute type 4 has an invalid length.
[  787.169804][T14100] netlink: 'syz.2.2210': attribute type 4 has an invalid length.
[  787.365170][T14115] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2211'.
[  787.423297][ T5289] usb 1-1: new high-speed USB device number 93 using dummy_hcd
[  787.434228][T14115] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2211'.
[  787.535935][T14119] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[  787.603301][ T5289] usb 1-1: Using ep0 maxpacket: 32
[  787.642546][ T5289] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  787.687663][ T5289] usb 1-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  787.717071][ T5289] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  787.746992][ T5289] usb 1-1: config 0 descriptor??
[  787.762326][ T5289] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  788.796616][T14126] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  788.871423][   T58] usb 18-1: device descriptor read/8, error -110
[  789.474356][ T5257] usb 1-1: USB disconnect, device number 93
[  789.551095][T14131] dns_resolver: Unsupported server list version (2)
[  789.770649][   T58] usb usb18-port1: attempt power cycle
[  790.215781][T14145] netlink: 'syz.0.2217': attribute type 4 has an invalid length.
[  790.504675][   T58] usb usb18-port1: unable to enumerate USB device
[  790.896764][ T5216] Bluetooth: hci0: command 0x041b tx timeout
[  790.916405][T14150] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2218'.
[  790.952518][T14150] openvswitch: netlink: Tunnel attr 0 has unexpected len 3060 expected 8
[  791.415803][T14152] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  794.757671][T14160] FAULT_INJECTION: forcing a failure.
[  794.757671][T14160] name failslab, interval 1, probability 0, space 0, times 0
[  794.812926][T14160] CPU: 1 UID: 0 PID: 14160 Comm: syz.1.2221 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[  794.823409][T14160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  794.833489][T14160] Call Trace:
[  794.836792][T14160]  <TASK>
[  794.839749][T14160]  dump_stack_lvl+0x241/0x360
[  794.844458][T14160]  ? __pfx_dump_stack_lvl+0x10/0x10
[  794.849684][T14160]  ? __pfx__printk+0x10/0x10
[  794.854301][T14160]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  794.859784][T14160]  ? __pfx___might_resched+0x10/0x10
[  794.865123][T14160]  should_fail_ex+0x3b0/0x4e0
[  794.869837][T14160]  should_failslab+0xac/0x100
[  794.874543][T14160]  ? tcf_action_init_1+0x1d6/0x890
[  794.879671][T14160]  __kmalloc_cache_noprof+0x6c/0x2c0
[  794.884989][T14160]  tcf_action_init_1+0x1d6/0x890
[  794.889949][T14160]  ? nla_strscpy+0x100/0x180
[  794.894580][T14160]  ? __pfx_tcf_action_init_1+0x10/0x10
[  794.900061][T14160]  ? _raw_read_unlock+0x28/0x50
[  794.904928][T14160]  ? tc_action_load_ops+0x26d/0x590
[  794.910177][T14160]  ? __nla_parse+0x40/0x60
[  794.914612][T14160]  tcf_action_init+0x2e4/0x940
[  794.919384][T14160]  ? __pfx_tcf_action_init+0x10/0x10
[  794.924707][T14160]  ? cap_capable+0x1b4/0x250
[  794.929295][T14160]  ? safesetid_security_capable+0xb2/0x1d0
[  794.935107][T14160]  tc_ctl_action+0x47d/0xcf0
[  794.939702][T14160]  ? __pfx_tc_ctl_action+0x10/0x10
[  794.944830][T14160]  ? trace_contention_end+0x3c/0x120
[  794.950134][T14160]  ? __mutex_lock+0x2ef/0xd70
[  794.954831][T14160]  ? __pfx___mutex_lock+0x10/0x10
[  794.959869][T14160]  ? __pfx_tc_ctl_action+0x10/0x10
[  794.964984][T14160]  rtnetlink_rcv_msg+0x73f/0xcf0
[  794.969917][T14160]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  794.975028][T14160]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  794.980486][T14160]  ? ref_tracker_free+0x643/0x7e0
[  794.985508][T14160]  netlink_rcv_skb+0x1e3/0x430
[  794.990279][T14160]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  794.995733][T14160]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  795.001026][T14160]  ? netlink_deliver_tap+0x2e/0x1b0
[  795.006231][T14160]  netlink_unicast+0x7f0/0x990
[  795.010997][T14160]  ? __pfx_netlink_unicast+0x10/0x10
[  795.016277][T14160]  ? __virt_addr_valid+0x183/0x530
[  795.021386][T14160]  ? __check_object_size+0x49c/0x900
[  795.026669][T14160]  ? bpf_lsm_netlink_send+0x9/0x10
[  795.031870][T14160]  netlink_sendmsg+0x8e4/0xcb0
[  795.036644][T14160]  ? __pfx_netlink_sendmsg+0x10/0x10
[  795.041929][T14160]  ? __import_iovec+0x536/0x820
[  795.046785][T14160]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  795.052065][T14160]  ? security_socket_sendmsg+0x87/0xb0
[  795.057518][T14160]  ? __pfx_netlink_sendmsg+0x10/0x10
[  795.062797][T14160]  __sock_sendmsg+0x221/0x270
[  795.067475][T14160]  ____sys_sendmsg+0x525/0x7d0
[  795.072251][T14160]  ? __pfx_____sys_sendmsg+0x10/0x10
[  795.077550][T14160]  __sys_sendmsg+0x2b0/0x3a0
[  795.082141][T14160]  ? __pfx___sys_sendmsg+0x10/0x10
[  795.087248][T14160]  ? vfs_write+0x7c4/0xc90
[  795.091687][T14160]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  795.098013][T14160]  ? do_syscall_64+0x100/0x230
[  795.102773][T14160]  ? do_syscall_64+0xb6/0x230
[  795.107448][T14160]  do_syscall_64+0xf3/0x230
[  795.112033][T14160]  ? clear_bhb_loop+0x35/0x90
[  795.116709][T14160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  795.122596][T14160] RIP: 0033:0x7f4d6a177299
[  795.127143][T14160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  795.146761][T14160] RSP: 002b:00007f4d6ae88048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  795.155185][T14160] RAX: ffffffffffffffda RBX: 00007f4d6a305f80 RCX: 00007f4d6a177299
[  795.163156][T14160] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  795.171126][T14160] RBP: 00007f4d6ae880a0 R08: 0000000000000000 R09: 0000000000000000
[  795.179089][T14160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  795.187055][T14160] R13: 000000000000000b R14: 00007f4d6a305f80 R15: 00007ffd51cd8498
[  795.195033][T14160]  </TASK>
[  795.280379][T14164] netlink: 'syz.3.2222': attribute type 4 has an invalid length.
[  795.572265][T14180] kvm: vcpu 0: requested 88 ns lapic timer period limited to 200000 ns
[  795.678203][T12223] Bluetooth: hci4: unexpected event 0x2f length: 1017 > 260
[  795.744212][  T943] usb 2-1: new high-speed USB device number 91 using dummy_hcd
[  795.994172][  T943] usb 2-1: Using ep0 maxpacket: 32
[  796.027728][  T943] usb 2-1: New USB device found, idVendor=05ac, idProduct=023f, bcdDevice=e0.d8
[  796.048128][  T943] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  796.074525][  T943] usb 2-1: config 0 descriptor??
[  796.116590][  T943] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input85
[  796.413313][ T5260] usb 4-1: new high-speed USB device number 110 using dummy_hcd
[  796.590430][T14197] xt_CONNSECMARK: invalid mode: 0
[  796.623518][ T5260] usb 4-1: Using ep0 maxpacket: 32
[  796.646078][ T5260] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  796.718827][ T5260] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  796.742244][ T5260] usb 4-1: config 0 descriptor??
[  796.774278][ T5260] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  796.890058][T14202] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  797.057296][T14206] dns_resolver: Unsupported server list version (2)
[  797.403336][  T943] usb 3-1: new high-speed USB device number 103 using dummy_hcd
[  797.411389][ T5260] gspca_vc032x: reg_w err -71
[  797.426450][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.442150][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.453553][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.456995][ T5303] usb 2-1: USB disconnect, device number 91
[  797.459106][ T4653] bcm5974 2-1:0.0: could not read from device
[  797.475605][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.501496][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.510686][ T4653] bcm5974 2-1:0.0: could not read from device
[  797.518035][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.527109][T14161] bcm5974 2-1:0.0: could not read from device
[  797.542725][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.553790][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.560290][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.566052][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.572812][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.579555][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.587509][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.592855][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.607233][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.613598][  T943] usb 3-1: Using ep0 maxpacket: 16
[  797.621117][  T943] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  797.636798][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.642137][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.651819][  T943] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  797.668509][ T5260] gspca_vc032x: I2c Bus Busy Wait 00
[  797.674321][  T943] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  797.693127][ T5260] gspca_vc032x: Unknown sensor...
[  797.703233][ T5260] vc032x 4-1:0.0: probe with driver vc032x failed with error -22
[  797.717689][  T943] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice= 0.00
[  797.737190][ T5260] usb 4-1: USB disconnect, device number 110
[  797.752095][  T943] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  797.781784][  T943] usb 3-1: config 0 descriptor??
[  798.240113][  T943] shield 0003:0955:7214.0010: unknown main item tag 0x0
[  798.299377][  T943] input: HID 0955:7214 Haptics as /devices/virtual/input/input86
[  798.377753][T14225] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[  798.600050][  T943] shield 0003:0955:7214.0010: Registered Thunderstrike controller
[  799.366547][  T943] shield 0003:0955:7214.0010: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.2-1/input0
[  799.934659][ T5303] usb 3-1: USB disconnect, device number 103
[  799.935943][T12194] shield 0003:0955:7214.0010: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  800.051794][T12194] shield 0003:0955:7214.0010: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  800.067994][T14224] netlink: 'syz.1.2237': attribute type 4 has an invalid length.
[  800.095055][T12194] shield 0003:0955:7214.0010: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  800.392614][T12223] Bluetooth: hci4: unexpected event 0x2f length: 1017 > 260
[  800.972438][T14250] kvm: vcpu 0: requested 88 ns lapic timer period limited to 200000 ns
[  800.995552][ T5303] usb 3-1: new low-speed USB device number 104 using dummy_hcd
[  801.067299][T14250] kvm: pic: non byte write
[  801.815756][T14258] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  802.687273][T12223] Bluetooth: hci5: ACL packet for unknown connection handle 200
[  802.739616][T14261] tipc: Enabling of bearer <eth:macvlan1> rejected, already enabled
[  802.960684][T14265] kvm: vcpu 0: requested 88 ns lapic timer period limited to 200000 ns
[  803.144025][T14265] kvm: pic: non byte write
[  806.307324][ T5303] usb 3-1: unable to get BOS descriptor or descriptor too short
[  806.347985][ T5303] usb 3-1: unable to read config index 0 descriptor/start: -71
[  806.356156][ T5303] usb 3-1: can't read configurations, error -71
[  806.443409][T14283] dns_resolver: Unsupported server list version (2)
[  807.788234][T14290] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  808.423264][   T58] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[  808.528757][T14295] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2254'.
[  808.643194][   T58] usb 5-1: Using ep0 maxpacket: 16
[  808.679479][T14295] openvswitch: netlink: Tunnel attr 0 has unexpected len 3060 expected 8
[  808.702836][   T58] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  808.733616][   T58] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  808.796740][   T58] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  808.847796][T14301] RDS: rds_bind could not find a transport for ::ffff:172.30.0.3, load rds_tcp or rds_rdma?
[  808.872522][   T58] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice= 0.00
[  808.888727][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  808.948586][   T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  809.021259][   T58] usb 5-1: config 0 descriptor??
[  809.510328][   T58] shield 0003:0955:7214.0011: unknown main item tag 0x0
[  809.538309][   T58] input: HID 0955:7214 Haptics as /devices/virtual/input/input88
[  809.617968][   T58] shield 0003:0955:7214.0011: Registered Thunderstrike controller
[  809.646743][   T58] shield 0003:0955:7214.0011: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.4-1/input0
[  809.683186][  T943] usb 4-1: new high-speed USB device number 111 using dummy_hcd
[  809.905243][  T943] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  809.943275][  T943] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  809.983157][  T943] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  810.015615][  T943] usb 4-1: config 0 descriptor??
[  810.037514][  T943] pwc: Askey VC010 type 2 USB webcam detected.
[  810.085656][ T5259] usb 5-1: USB disconnect, device number 89
[  810.093417][ T5261] shield 0003:0955:7214.0011: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  810.127384][ T5261] shield 0003:0955:7214.0011: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  810.152436][ T5261] shield 0003:0955:7214.0011: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  810.166954][T14306] netlink: 'syz.1.2257': attribute type 21 has an invalid length.
[  810.230012][  T943] pwc: send_video_command error -71
[  810.241214][  T943] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  810.273352][  T943] Philips webcam 4-1:0.0: probe with driver Philips webcam failed with error -71
[  810.305409][  T943] usb 4-1: USB disconnect, device number 111
[  810.322499][T14310] kvm: vcpu 0: requested 88 ns lapic timer period limited to 200000 ns
[  810.356752][T14310] kvm: pic: non byte write
[  811.673199][  T943] usb 4-1: new high-speed USB device number 112 using dummy_hcd
[  811.722700][   T29] audit: type=1326 audit(1721991445.600:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14315 comm="syz.1.2261" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4d6a177299 code=0x0
[  811.828483][T14328] netlink: 144 bytes leftover after parsing attributes in process `syz.2.2262'.
[  811.842879][T14328] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2262'.
[  811.924166][ T5259] usb 5-1: new low-speed USB device number 90 using dummy_hcd
[  811.993809][  T943] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  812.202258][  T943] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  812.245824][T14328] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2262'.
[  812.483405][  T943] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  812.763251][  T943] usb 4-1: config 0 descriptor??
[  812.805639][T12223] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  812.806800][  T943] usb 4-1: can't set config #0, error -71
[  813.604940][  T943] usb 4-1: USB disconnect, device number 112
[  813.686441][T14335] tipc: Started in network mode
[  813.691505][T14335] tipc: Node identity aaaaaaaaaa35, cluster identity 4711
[  813.699739][T14335] tipc: Enabled bearer <eth:macvlan1>, priority 0
[  816.873491][ T5261] tipc: Node number set to 10463914
[  817.140227][ T5259] usb 5-1: unable to get BOS descriptor or descriptor too short
[  817.181112][T14355] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2271'.
[  817.204145][ T5259] usb 5-1: unable to read config index 0 descriptor/start: -71
[  817.216914][ T5259] usb 5-1: can't read configurations, error -71
[  817.461782][T14365] FAULT_INJECTION: forcing a failure.
[  817.461782][T14365] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  817.461917][T14365] CPU: 1 UID: 0 PID: 14365 Comm: syz.0.2273 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[  817.461941][T14365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  817.461954][T14365] Call Trace:
[  817.461963][T14365]  <TASK>
[  817.461993][T14365]  dump_stack_lvl+0x241/0x360
[  817.462022][T14365]  ? __pfx_dump_stack_lvl+0x10/0x10
[  817.462047][T14365]  ? __pfx__printk+0x10/0x10
[  817.462070][T14365]  ? __pfx_lock_release+0x10/0x10
[  817.462095][T14365]  ? __lock_acquire+0x137a/0x2040
[  817.462125][T14365]  should_fail_ex+0x3b0/0x4e0
[  817.462157][T14365]  _copy_from_user+0x2f/0xe0
[  817.462182][T14365]  kstrtouint_from_user+0xc6/0x190
[  817.462212][T14365]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  817.462242][T14365]  ? __pfx_lock_acquire+0x10/0x10
[  817.462288][T14365]  proc_fail_nth_write+0xaa/0x2d0
[  817.462315][T14365]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  817.462344][T14365]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  817.462377][T14365]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  817.462406][T14365]  vfs_write+0x2a2/0xc90
[  817.462435][T14365]  ? __pfx_vfs_write+0x10/0x10
[  817.462457][T14365]  ? __fget_files+0x29/0x470
[  817.462481][T14365]  ? __fget_files+0x3f6/0x470
[  817.462516][T14365]  ksys_write+0x1a0/0x2c0
[  817.462542][T14365]  ? __pfx_ksys_write+0x10/0x10
[  817.462563][T14365]  ? do_syscall_64+0x100/0x230
[  817.462589][T14365]  ? do_syscall_64+0xb6/0x230
[  817.462614][T14365]  do_syscall_64+0xf3/0x230
[  817.462636][T14365]  ? clear_bhb_loop+0x35/0x90
[  817.462664][T14365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.462687][T14365] RIP: 0033:0x7f8296575e1f
[  817.462705][T14365] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  817.462723][T14365] RSP: 002b:00007f82973dc040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  817.462747][T14365] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8296575e1f
[  817.462762][T14365] RDX: 0000000000000001 RSI: 00007f82973dc0b0 RDI: 0000000000000004
[  817.462776][T14365] RBP: 00007f82973dc0a0 R08: 0000000000000000 R09: 0000000000000000
[  817.462790][T14365] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  817.462803][T14365] R13: 000000000000006e R14: 00007f8296706058 R15: 00007ffee65d8c18
[  817.462835][T14365]  </TASK>
[  818.101610][T14368] FAULT_INJECTION: forcing a failure.
[  818.101610][T14368] name failslab, interval 1, probability 0, space 0, times 0
[  818.102762][T14368] CPU: 1 UID: 0 PID: 14368 Comm: syz.2.2274 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[  818.102788][T14368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  818.102801][T14368] Call Trace:
[  818.102811][T14368]  <TASK>
[  818.102821][T14368]  dump_stack_lvl+0x241/0x360
[  818.102852][T14368]  ? __pfx_dump_stack_lvl+0x10/0x10
[  818.102876][T14368]  ? __pfx__printk+0x10/0x10
[  818.102900][T14368]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  818.102933][T14368]  ? __pfx___might_resched+0x10/0x10
[  818.102962][T14368]  should_fail_ex+0x3b0/0x4e0
[  818.102994][T14368]  should_failslab+0xac/0x100
[  818.103019][T14368]  ? alloc_fdtable+0xa1/0x280
[  818.103039][T14368]  __kmalloc_cache_noprof+0x6c/0x2c0
[  818.103069][T14368]  alloc_fdtable+0xa1/0x280
[  818.103085][T14368]  ? dup_fd+0x888/0xce0
[  818.103104][T14368]  dup_fd+0x893/0xce0
[  818.103134][T14368]  copy_files+0x150/0x2a0
[  818.103154][T14368]  ? security_task_alloc+0x43/0x130
[  818.103174][T14368]  ? security_task_alloc+0x43/0x130
[  818.103192][T14368]  ? rcu_is_watching+0x15/0xb0
[  818.103216][T14368]  ? __pfx_copy_files+0x10/0x10
[  818.103241][T14368]  ? tomoyo_task_alloc+0xb3/0xf0
[  818.103267][T14368]  ? copy_semundo+0x42/0x240
[  818.103293][T14368]  copy_process+0x171b/0x3dc0
[  818.103317][T14368]  ? __pfx_lock_acquire+0x10/0x10
[  818.103356][T14368]  ? copy_process+0xa03/0x3dc0
[  818.103388][T14368]  ? __pfx_copy_process+0x10/0x10
[  818.103416][T14368]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  818.103445][T14368]  ? ksys_write+0x23e/0x2c0
[  818.103471][T14368]  kernel_clone+0x223/0x870
[  818.103497][T14368]  ? vfs_write+0x7c4/0xc90
[  818.103519][T14368]  ? __pfx_kernel_clone+0x10/0x10
[  818.103554][T14368]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  818.103585][T14368]  __x64_sys_clone+0x258/0x2a0
[  818.103613][T14368]  ? __pfx___x64_sys_clone+0x10/0x10
[  818.103652][T14368]  ? do_syscall_64+0x100/0x230
[  818.103678][T14368]  ? do_syscall_64+0xb6/0x230
[  818.103702][T14368]  do_syscall_64+0xf3/0x230
[  818.103724][T14368]  ? clear_bhb_loop+0x35/0x90
[  818.103751][T14368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  818.103774][T14368] RIP: 0033:0x7fae65577299
[  818.103792][T14368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  818.103810][T14368] RSP: 002b:00007fae662b2ff8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  818.103834][T14368] RAX: ffffffffffffffda RBX: 00007fae65705f80 RCX: 00007fae65577299
[  818.103849][T14368] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  818.103863][T14368] RBP: 00007fae662b30a0 R08: 0000000000000000 R09: 0000000000000000
[  818.103877][T14368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  818.103890][T14368] R13: 000000000000000b R14: 00007fae65705f80 R15: 00007ffda8243248
[  818.103930][T14368]  </TASK>
[  818.363862][T14374] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2276'.
[  818.381074][T14377] FAULT_INJECTION: forcing a failure.
[  818.381074][T14377] name failslab, interval 1, probability 0, space 0, times 0
[  818.381109][T14377] CPU: 0 UID: 0 PID: 14377 Comm: syz.4.2277 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[  818.381133][T14377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  818.381145][T14377] Call Trace:
[  818.381154][T14377]  <TASK>
[  818.381164][T14377]  dump_stack_lvl+0x241/0x360
[  818.381195][T14377]  ? __pfx_dump_stack_lvl+0x10/0x10
[  818.381219][T14377]  ? __pfx__printk+0x10/0x10
[  818.381248][T14377]  ? ref_tracker_alloc+0x332/0x490
[  818.381272][T14377]  should_fail_ex+0x3b0/0x4e0
[  818.381303][T14377]  ? skb_clone+0x20c/0x390
[  818.381321][T14377]  should_failslab+0xac/0x100
[  818.381346][T14377]  ? skb_clone+0x20c/0x390
[  818.381364][T14377]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  818.381395][T14377]  skb_clone+0x20c/0x390
[  818.381418][T14377]  __netlink_deliver_tap+0x3cc/0x7c0
[  818.381454][T14377]  ? netlink_deliver_tap+0x2e/0x1b0
[  818.381476][T14377]  netlink_deliver_tap+0x19d/0x1b0
[  818.381501][T14377]  netlink_unicast+0x7be/0x990
[  818.381532][T14377]  ? __pfx_netlink_unicast+0x10/0x10
[  818.381552][T14377]  ? __virt_addr_valid+0x183/0x530
[  818.381576][T14377]  ? __check_object_size+0x49c/0x900
[  818.381599][T14377]  ? bpf_lsm_netlink_send+0x9/0x10
[  818.381627][T14377]  netlink_sendmsg+0x8e4/0xcb0
[  818.381662][T14377]  ? __pfx_netlink_sendmsg+0x10/0x10
[  818.381691][T14377]  ? __import_iovec+0x361/0x820
[  818.381717][T14377]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  818.381741][T14377]  ? security_socket_sendmsg+0x87/0xb0
[  818.381764][T14377]  ? __pfx_netlink_sendmsg+0x10/0x10
[  818.381785][T14377]  __sock_sendmsg+0x221/0x270
[  818.381812][T14377]  ____sys_sendmsg+0x525/0x7d0
[  818.381848][T14377]  ? __pfx_____sys_sendmsg+0x10/0x10
[  818.381917][T14377]  __sys_sendmsg+0x2b0/0x3a0
[  818.381947][T14377]  ? __pfx___sys_sendmsg+0x10/0x10
[  818.381972][T14377]  ? vfs_write+0x7c4/0xc90
[  818.382036][T14377]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  818.382064][T14377]  ? do_syscall_64+0x100/0x230
[  818.382089][T14377]  ? do_syscall_64+0xb6/0x230
[  818.382114][T14377]  do_syscall_64+0xf3/0x230
[  818.382137][T14377]  ? clear_bhb_loop+0x35/0x90
[  818.382165][T14377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  818.382188][T14377] RIP: 0033:0x7f0eba177299
[  818.382206][T14377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  818.382224][T14377] RSP: 002b:00007f0ebae6f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  818.382247][T14377] RAX: ffffffffffffffda RBX: 00007f0eba305f80 RCX: 00007f0eba177299
[  818.382263][T14377] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  818.382278][T14377] RBP: 00007f0ebae6f0a0 R08: 0000000000000000 R09: 0000000000000000
[  818.382291][T14377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  818.382305][T14377] R13: 000000000000000b R14: 00007f0eba305f80 R15: 00007ffcf1906c48
[  818.382337][T14377]  </TASK>
[  818.389421][T14377] netlink: 'syz.4.2277': attribute type 21 has an invalid length.
[  818.739164][T14380] kvm: vcpu 0: requested 88 ns lapic timer period limited to 200000 ns
[  818.774959][T14380] kvm: pic: non byte write
[  820.607477][  T943] ==================================================================
[  820.607495][  T943] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x8b/0x270
[  820.607528][  T943] Write of size 4 at addr ffff88802cd5d080 by task kworker/0:2/943
[  820.607544][  T943] 
[  820.607553][  T943] CPU: 0 UID: 0 PID: 943 Comm: kworker/0:2 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[  820.607576][  T943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  820.607589][  T943] Workqueue: events sco_sock_timeout
[  820.607613][  T943] Call Trace:
[  820.607621][  T943]  <TASK>
[  820.607630][  T943]  dump_stack_lvl+0x241/0x360
[  820.607653][  T943]  ? __pfx_dump_stack_lvl+0x10/0x10
[  820.607672][  T943]  ? __pfx__printk+0x10/0x10
[  820.607691][  T943]  ? _printk+0xd5/0x120
[  820.607709][  T943]  ? __virt_addr_valid+0x183/0x530
[  820.607732][  T943]  ? __virt_addr_valid+0x183/0x530
[  820.607750][  T943]  print_report+0x169/0x550
[  820.607777][  T943]  ? __virt_addr_valid+0x183/0x530
[  820.607794][  T943]  ? __virt_addr_valid+0x183/0x530
[  820.607810][  T943]  ? __virt_addr_valid+0x45f/0x530
[  820.607826][  T943]  ? __phys_addr+0xba/0x170
[  820.607842][  T943]  ? sco_sock_timeout+0x8b/0x270
[  820.607863][  T943]  kasan_report+0x143/0x180
[  820.607882][  T943]  ? __pfx_lock_acquire+0x10/0x10
[  820.607905][  T943]  ? sco_sock_timeout+0x8b/0x270
[  820.607930][  T943]  kasan_check_range+0x282/0x290
[  820.607951][  T943]  sco_sock_timeout+0x8b/0x270
[  820.607974][  T943]  ? process_scheduled_works+0x945/0x1830
[  820.607996][  T943]  process_scheduled_works+0xa2c/0x1830
[  820.608028][  T943]  ? __pfx_process_scheduled_works+0x10/0x10
[  820.608053][  T943]  ? assign_work+0x364/0x3d0
[  820.608076][  T943]  worker_thread+0x86d/0xd40
[  820.608105][  T943]  ? __kthread_parkme+0x169/0x1d0
[  820.608129][  T943]  ? __pfx_worker_thread+0x10/0x10
[  820.608151][  T943]  kthread+0x2f0/0x390
[  820.608167][  T943]  ? __pfx_worker_thread+0x10/0x10
[  820.608188][  T943]  ? __pfx_kthread+0x10/0x10
[  820.608205][  T943]  ret_from_fork+0x4b/0x80
[  820.608226][  T943]  ? __pfx_kthread+0x10/0x10
[  820.608243][  T943]  ret_from_fork_asm+0x1a/0x30
[  820.608271][  T943]  </TASK>
[  820.608278][  T943] 
[  820.608283][  T943] Allocated by task 14025:
[  820.608297][  T943]  kasan_save_track+0x3f/0x80
[  820.608314][  T943]  __kasan_kmalloc+0x98/0xb0
[  820.608329][  T943]  __kmalloc_noprof+0x1fc/0x400
[  820.608349][  T943]  sk_prot_alloc+0xe0/0x210
[  820.608369][  T943]  sk_alloc+0x38/0x370
[  820.608387][  T943]  bt_sock_alloc+0x3c/0x340
[  820.608401][  T943]  sco_sock_create+0xbb/0x390
[  820.608419][  T943]  bt_sock_create+0x161/0x230
[  820.608434][  T943]  __sock_create+0x490/0x920
[  820.608451][  T943]  __sys_socket+0x150/0x3c0
[  820.608467][  T943]  __x64_sys_socket+0x7a/0x90
[  820.608485][  T943]  do_syscall_64+0xf3/0x230
[  820.608501][  T943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  820.608519][  T943] 
[  820.608523][  T943] Freed by task 14024:
[  820.608532][  T943]  kasan_save_track+0x3f/0x80
[  820.608548][  T943]  kasan_save_free_info+0x40/0x50
[  820.608567][  T943]  poison_slab_object+0xe0/0x150
[  820.608584][  T943]  __kasan_slab_free+0x37/0x60
[  820.608600][  T943]  kfree+0x149/0x360
[  820.608617][  T943]  __sk_destruct+0x476/0x5f0
[  820.608637][  T943]  sco_sock_release+0x25e/0x320
[  820.608655][  T943]  sock_close+0xbc/0x240
[  820.608670][  T943]  __fput+0x24a/0x8a0
[  820.608691][  T943]  task_work_run+0x24f/0x310
[  820.608706][  T943]  do_exit+0xa2f/0x27f0
[  820.608722][  T943]  do_group_exit+0x207/0x2c0
[  820.608737][  T943]  get_signal+0x1695/0x1730
[  820.608755][  T943]  arch_do_signal_or_restart+0x96/0x860
[  820.608783][  T943]  syscall_exit_to_user_mode+0xc9/0x370
[  820.608802][  T943]  do_syscall_64+0x100/0x230
[  820.608819][  T943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  820.608839][  T943] 
[  820.608844][  T943] The buggy address belongs to the object at ffff88802cd5d000
[  820.608844][  T943]  which belongs to the cache kmalloc-2k of size 2048
[  820.608860][  T943] The buggy address is located 128 bytes inside of
[  820.608860][  T943]  freed 2048-byte region [ffff88802cd5d000, ffff88802cd5d800)
[  820.608880][  T943] 
[  820.608886][  T943] The buggy address belongs to the physical page:
[  820.608898][  T943] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88802cd5c000 pfn:0x2cd58
[  820.608917][  T943] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  820.608931][  T943] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  820.608947][  T943] page_type: 0xfdffffff(slab)
[  820.608965][  T943] raw: 00fff00000000240 ffff888015442000 ffffea0001e78210 ffffea0001900210
[  820.608981][  T943] raw: ffff88802cd5c000 0000000000080002 00000001fdffffff 0000000000000000
[  820.608997][  T943] head: 00fff00000000240 ffff888015442000 ffffea0001e78210 ffffea0001900210
[  820.609014][  T943] head: ffff88802cd5c000 0000000000080002 00000001fdffffff 0000000000000000
[  820.609029][  T943] head: 00fff00000000003 ffffea0000b35601 ffffffffffffffff 0000000000000000
[  820.609045][  T943] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  820.609055][  T943] page dumped because: kasan: bad access detected
[  820.609069][  T943] page_owner tracks the page as allocated
[  820.609077][  T943] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5219, tgid 5219 (syz-executor), ts 61340401373, free_ts 61273027055
[  820.609109][  T943]  post_alloc_hook+0x1f3/0x230
[  820.609126][  T943]  get_page_from_freelist+0x2e4c/0x2f10
[  820.609145][  T943]  __alloc_pages_noprof+0x256/0x6c0
[  820.609163][  T943]  alloc_slab_page+0x5f/0x120
[  820.609180][  T943]  allocate_slab+0x5a/0x2f0
[  820.609196][  T943]  ___slab_alloc+0xcd1/0x14b0
[  820.609218][  T943]  __slab_alloc+0x58/0xa0
[  820.609240][  T943]  __kmalloc_node_track_caller_noprof+0x281/0x440
[  820.609263][  T943]  kmalloc_reserve+0x111/0x2a0
[  820.609284][  T943]  pskb_expand_head+0x202/0x1390
[  820.609299][  T943]  netlink_trim+0x183/0x220
[  820.609316][  T943]  netlink_broadcast_filtered+0x76/0x1290
[  820.609334][  T943]  nlmsg_notify+0xfb/0x1c0
[  820.609351][  T943]  rtnetlink_event+0x21d/0x260
[  820.609369][  T943]  notifier_call_chain+0x19f/0x3e0
[  820.609390][  T943]  dev_change_name+0x5df/0x920
[  820.609406][  T943] page last free pid 5222 tgid 5222 stack trace:
[  820.609417][  T943]  free_unref_page+0xd19/0xea0
[  820.609433][  T943]  __slab_free+0x31b/0x3d0
[  820.609450][  T943]  qlist_free_all+0x9e/0x140
[  820.609466][  T943]  kasan_quarantine_reduce+0x14f/0x170
[  820.609483][  T943]  __kasan_slab_alloc+0x23/0x80
[  820.609501][  T943]  __kmalloc_node_track_caller_noprof+0x1cd/0x440
[  820.609524][  T943]  kstrdup+0x3a/0x80
[  820.609541][  T943]  kobject_set_name_vargs+0x61/0x120
[  820.609559][  T943]  dev_set_name+0xd5/0x120
[  820.609576][  T943]  netdev_register_kobject+0xb7/0x320
[  820.609595][  T943]  register_netdevice+0x12c5/0x1b00
[  820.609616][  T943]  geneve_configure+0x6dd/0xa60
[  820.609639][  T943]  geneve_newlink+0x109/0x1b0
[  820.609661][  T943]  rtnl_newlink+0x1591/0x20a0
[  820.609683][  T943]  rtnetlink_rcv_msg+0x73f/0xcf0
[  820.609701][  T943]  netlink_rcv_skb+0x1e3/0x430
[  820.609719][  T943] 
[  820.609724][  T943] Memory state around the buggy address:
[  820.609734][  T943]  ffff88802cd5cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  820.609747][  T943]  ffff88802cd5d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  820.609759][  T943] >ffff88802cd5d080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  820.609808][  T943]                    ^
[  820.609818][  T943]  ffff88802cd5d100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  820.609831][  T943]  ffff88802cd5d180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  820.609840][  T943] ==================================================================
[  820.609897][  T943] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  820.609909][  T943] CPU: 0 UID: 0 PID: 943 Comm: kworker/0:2 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[  820.609931][  T943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  820.609943][  T943] Workqueue: events sco_sock_timeout
[  820.609972][  T943] Call Trace:
[  820.609980][  T943]  <TASK>
[  820.609988][  T943]  dump_stack_lvl+0x241/0x360
[  820.610012][  T943]  ? __pfx_dump_stack_lvl+0x10/0x10
[  820.610031][  T943]  ? __pfx__printk+0x10/0x10
[  820.610049][  T943]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  820.610076][  T943]  ? vscnprintf+0x5d/0x90
[  820.610099][  T943]  panic+0x349/0x860
[  820.610117][  T943]  ? check_panic_on_warn+0x21/0xb0
[  820.610136][  T943]  ? __pfx_panic+0x10/0x10
[  820.610157][  T943]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  820.610183][  T943]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  820.610207][  T943]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  820.610234][  T943]  check_panic_on_warn+0x86/0xb0
[  820.610252][  T943]  ? sco_sock_timeout+0x8b/0x270
[  820.610274][  T943]  end_report+0x77/0x160
[  820.610295][  T943]  kasan_report+0x154/0x180
[  820.610313][  T943]  ? __pfx_lock_acquire+0x10/0x10
[  820.610335][  T943]  ? sco_sock_timeout+0x8b/0x270
[  820.610361][  T943]  kasan_check_range+0x282/0x290
[  820.610383][  T943]  sco_sock_timeout+0x8b/0x270
[  820.610405][  T943]  ? process_scheduled_works+0x945/0x1830
[  820.610426][  T943]  process_scheduled_works+0xa2c/0x1830
[  820.610461][  T943]  ? __pfx_process_scheduled_works+0x10/0x10
[  820.610487][  T943]  ? assign_work+0x364/0x3d0
[  820.610509][  T943]  worker_thread+0x86d/0xd40
[  820.610537][  T943]  ? __kthread_parkme+0x169/0x1d0
[  820.610561][  T943]  ? __pfx_worker_thread+0x10/0x10
[  820.610583][  T943]  kthread+0x2f0/0x390
[  820.610598][  T943]  ? __pfx_worker_thread+0x10/0x10
[  820.610621][  T943]  ? __pfx_kthread+0x10/0x10
[  820.610636][  T943]  ret_from_fork+0x4b/0x80
[  820.610659][  T943]  ? __pfx_kthread+0x10/0x10
[  820.610674][  T943]  ret_from_fork_asm+0x1a/0x30
[  820.610703][  T943]  </TASK>
[  820.610962][  T943] Kernel Offset: disabled